AnonymousController.java
11.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
package com.tianbo.warehouse.controller;
import com.alibaba.fastjson.JSON;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.gson.Gson;
import com.thoughtworks.xstream.core.util.Base64Encoder;
import com.tianbo.warehouse.bean.AuthSuccessResponse;
import com.tianbo.warehouse.controller.response.ResultJson;
import com.tianbo.warehouse.controller.response.ResultMessage;
import com.tianbo.warehouse.dao.KakoUserMapper;
import com.tianbo.warehouse.model.KakoUser;
import com.tianbo.warehouse.model.ROLE;
import com.tianbo.warehouse.model.resource.UserDate;
import com.tianbo.warehouse.security.filter.JwtTokenUtil;
import com.tianbo.warehouse.service.PermissionService;
import com.tianbo.warehouse.service.RoleService;
import com.tianbo.warehouse.service.kakoImp.KakoUserService;
import com.tianbo.warehouse.util.JsonUtil;
import com.tianbo.warehouse.util.KIAM.HttpClientUtil;
import com.tianbo.warehouse.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import javax.imageio.ImageIO;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.*;
@Slf4j
@RestController()
@RequestMapping("/anonymous")
public class AnonymousController {
@Value("${jwt.max-alive}")
protected Integer jwtMaxAlive;
@Value("${ger.req-url}")
private String requestUrl;
@Value("${ger.res-url}")
private String responseUrl;
@Autowired
RoleService roleService;
@Autowired
RedisUtils redisUtils;
@Autowired
KakoUserMapper kakoUserMapperl;
@Autowired
private DefaultKaptcha captchaProducer;
@Autowired
private PermissionService permissionService;
@Autowired
private KakoUserMapper kakoUserMapper;
@Autowired
private KakoUserService kakoUserService;
/**
* 验证服务票据响应属性名
*/
private static final String SERVICE_RESPONESE = "serviceResponse";
private static final String AUTHENTICATION_SUCCESS = "authenticationSuccess";
private static final String LOGIN_NAME = "LOGIN_NAME";
private static final String ATTRIBUTES = "attributes";
private static final String USER_ID = "USER_ID";
/**
* 配置匿名者可以访问的路由,并更新到redis,匿名者默认可以访问的role_name =ROLE_anonymous
* 此方法会将所有符合权限组名=ROLE_anonymous的权限更新到redis中,供gateway调用判断权限
* @return
*/
@PostMapping("initAnonymousRoute")
public ResultJson initAnonymousRoute(){
List<ROLE> list = roleService.getROLE_anonymousPermList();
String json = JSON.toJSONString(list);
boolean result= redisUtils.set("ROLE_anonymous_routers", json,0);
return result ? new ResultJson("200","匿名者权限配置成功") :new ResultJson("500","匿名者权限配置失败");
}
/**
* 生成验证码
*/
@RequestMapping(value = "/randCode")
public ResultJson getRandCode(){
// 获取验证码上的文字
String capText = captchaProducer.createText();
// 将文件渲染到图片上
BufferedImage bi = captchaProducer.createImage(capText);
ByteArrayOutputStream outputStream = null;
outputStream = new ByteArrayOutputStream();
Base64Encoder encoder = new Base64Encoder();
Map<String,Object> map = new HashMap<>();
String verifyToken = "";
try {
verifyToken = UUID.randomUUID().toString();
redisUtils.set("verifyToken_" + verifyToken,capText,120);
ImageIO.write(bi, "jpeg", outputStream);
map.put("verifyImg","data:image/jpeg;base64,"+encoder.encode(outputStream.toByteArray()));
} catch (IOException e) {
e.printStackTrace();
return new ResultJson("500","verify get error");
}
return new ResultJson("200","verify get ok",map,verifyToken);
}
/**
* 验证票据
* @param ticket
* @return
* @throws Exception
*/
@RequestMapping (value = "/ssoLogin")
@ResponseBody
public AuthSuccessResponse ssoLogin(String ticket) throws Exception {
try {
log.info("票据接受:{}", ticket);
if (!StringUtils.isEmpty(ticket)){
log.info("开始验证票据");
String result = HttpClientUtil.httpGet(requestUrl+responseUrl+"&ticket="+ticket, "UTF-8");
log.info("验证票据返回值:{}", result);
Map<String, Object> userInfo = resolveUserInfo(result);
if (userInfo != null){
log.info("userInfo:{}", userInfo);
// KakoUser user = kakoUserMapper.findLonginName(userInfo.get("loginName").toString(), userInfo.get("userId").toString());
KakoUser user = kakoUserService.loadByUsername(userInfo.get("loginName").toString());
log.info("查询用户信息:{}", user);
if (user != null){
//返回前端登陆成功后的用户信息
KakoUser loginedUser = new KakoUser();
loginedUser.setLoginName(user.getUsername());
loginedUser.setId(user.getId());
loginedUser.setName(user.getName());
loginedUser.setRoles(user.getRoles());
//设置用户的TOKEN的有效时间,时间配置在配置文件中设置
String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), jwtMaxAlive);
log.info("设置用户token:{}", jwtToken);
loginedUser.setToken(jwtToken);
//这里将登录成功的[user]对象数据写入redis缓存,KEY为token value为user的JSON对象
String json = JSON.toJSONString(user);
boolean set = redisUtils.set(jwtToken, json, 3600 * 24 * 7);
log.info("用户信息存入redis:{}", set);
Map<String,Object> menuMap = permissionService.getUserMenusKako(user.getId());
//返回用户信息和用户可访问的目录列表
return new AuthSuccessResponse(loginedUser,menuMap);
}
return null;
}
return null;
}else {
return null;
}
}catch (Exception e){
e.printStackTrace();
return null;
}
}
public Map<String, Object> resolveUserInfo(String result){
//认证成功,解析用户信息
Gson gson = new Gson();
Map resultMap = gson.fromJson(result, Map.class);
Object serviceResponse = resultMap.get(SERVICE_RESPONESE);
if(serviceResponse != null && serviceResponse instanceof Map){
Object authenticationSuccess = ((Map) serviceResponse).get(AUTHENTICATION_SUCCESS);
if(authenticationSuccess != null && authenticationSuccess instanceof Map){
Map<String, Object> userInfo = new HashMap<>();
userInfo.put("attributes", ((Map) authenticationSuccess).get(ATTRIBUTES));
Object attributes = ((Map) authenticationSuccess).get("attributes");
userInfo.put("loginName", ((Map) attributes).get(LOGIN_NAME));
userInfo.put("userId", ((Map) attributes).get(USER_ID));
return userInfo;
}
}
return null;
}
/**
* 资源同步
* @param map
* @return
* @throws Exception
*/
@PostMapping(value = "/userSynchronization")
@ResponseBody
public ResultMessage userSynchronization(@RequestBody Map<String, Object> map) throws Exception {
if ("user".equals(map.get("resType").toString())){
JsonUtil jsonUtil = new JsonUtil();
List<UserDate> list = jsonUtil.mapToList(map, UserDate.class, "data");
// 判断该用户是否存在
int i = 0;
for (UserDate userDate: list){
log.info("用户信息:{}", userDate);
if (kakoUserMapperl.findLonginName(userDate.getLOGIN_NAME(), "") != null){
KakoUser kakoUser = new KakoUser();
kakoUser.setLoginName(userDate.getLOGIN_NAME());
kakoUser.setPassword(userDate.getPWD());
kakoUser.setUserSyncId(userDate.getUSER_ID());
kakoUser.setMobile(userDate.getMOBILE());
kakoUser.setEmail(userDate.getEMAIL());
kakoUser.setDelFlag("0");
kakoUser.setName(userDate.getUSER_NAME());
kakoUser.setCompanyId("1");
kakoUser.setOfficeId("5e95a0f081c64fce9f85d59e18cfdc5f");
kakoUser.setUpdateBy("tyrz");
kakoUser.setLoginFlag("1");
kakoUser.setUpdateDate(new Date());
log.info("通过账号为条件更新");
i = kakoUserMapperl.updateSyncUserLoginName(kakoUser);
}else {
if (kakoUserMapperl.findLonginName("", userDate.getUSER_ID()) != null){
KakoUser kakoUser = new KakoUser();
kakoUser.setLoginName(userDate.getLOGIN_NAME());
kakoUser.setPassword(userDate.getPWD());
kakoUser.setUserSyncId(userDate.getUSER_ID());
kakoUser.setMobile(userDate.getMOBILE());
kakoUser.setEmail(userDate.getEMAIL());
kakoUser.setDelFlag("0");
kakoUser.setName(userDate.getUSER_NAME());
kakoUser.setCompanyId("1");
kakoUser.setOfficeId("5e95a0f081c64fce9f85d59e18cfdc5f");
kakoUser.setUpdateBy("tyrz");
kakoUser.setLoginFlag("1");
kakoUser.setUpdateDate(new Date());
log.info("账号不存在用过统一认证id更新");
i = kakoUserMapperl.updateSyncUserId(kakoUser);
}else {
KakoUser kakoUser = new KakoUser();
kakoUser.setId(UUID.randomUUID().toString());
kakoUser.setLoginName(userDate.getLOGIN_NAME());
kakoUser.setPassword(userDate.getPWD());
kakoUser.setUserSyncId(userDate.getUSER_ID());
kakoUser.setMobile(userDate.getMOBILE());
kakoUser.setEmail(userDate.getEMAIL());
kakoUser.setName(userDate.getUSER_NAME());
kakoUser.setCompanyId("1");
kakoUser.setOfficeId("5e95a0f081c64fce9f85d59e18cfdc5f");
kakoUser.setLoginFlag("1");
kakoUser.setCreateBy("tyrz");
kakoUser.setUpdateBy("tyrz");
kakoUser.setCreateDate(new Date());
kakoUser.setUpdateDate(new Date());
log.info("账号统一认证id都不在 新增");
i = kakoUserMapperl.insertSelective(kakoUser);
}
}
}
return i > 0 ? new ResultMessage("200","资源同步成功"):new ResultMessage("202", "资源同步失败");
}
return new ResultMessage("201","不是用户信息");
}
}