1.加入统一平台登录验证方式

王通
1 parent c00bf49d
Showing 4 changed files with 94 additions and 21 deletions
src/main/java/com/bsth/controller/sys/UserController.java
src/main/java/com/bsth/security/handler/CustomLogoutSuccessHandler.java
src/main/java/com/bsth/service/realcontrol/impl/ScheduleRealInfoServiceImpl.java
src/main/java/com/bsth/util/HttpClientUtils.java
@@ -76,37 +76,38 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
     public static Map<String, Long> USER_LOCKTIME = new HashMap<>();
  
     @RequestMapping(value = "/login/token")
-    public void login(@RequestParam String token, @RequestParam String account, @RequestParam Long time, HttpServletRequest request, HttpServletResponse response) throws Exception {
+    public void login(@RequestParam String token, HttpServletRequest request, HttpServletResponse response) throws Exception {
         response.addHeader("Content-Type", "text/html;charset=UTF-8");
         if (!ssoConfig.isSsoEnabled()) {
             response.getWriter().write("系统未开启统一登录配置，请联系管理员");
             return;
         }
-        if (token == null || account == null || time == null) {
+        if (token == null) {
             throw new IllegalArgumentException("请检查参数");
         }
  
         Map<String, Object> param = new HashMap<>(), user = new HashMap<>();
         param.put("token", token);
-        param.put("systemCode", ssoConfig.getSystemCode());
-        StringBuilder sb = HttpClientUtils.post(ssoConfig.getSsoAuthUrl(), mapper.writeValueAsString(param));
+        param.put("sysCode", ssoConfig.getSystemCode());
+        StringBuilder sb = HttpClientUtils.post(ssoConfig.getSsoAuthUrl(), HttpClientUtils.createFormEntity(param), HttpClientUtils.createFormHeader());
  
         Assert.notNull(sb, "统一登录平台验证数据不为空");
         logger.info(String.format("统一登录平台：%s", sb.toString()));
-        param = mapper.readValue(mapper.writeValueAsString(mapper.readValue(sb.toString(), Map.class).get("data")), Map.class);
-        String jobCode = (String) param.get("account"), realName = (String) param.get("userName");
-        if (!account.equals(jobCode)) {
-            response.getWriter().write("token与用户不匹配");
-            return;
-        }
-
-        if (jobCode == null || realName == null) {
-            response.getWriter().write("token数据异常");
+        param = mapper.readValue(sb.toString(), Map.class);
+        if (200 == (int) param.get("code")) {
+            param = mapper.readValue(mapper.writeValueAsString(param.get("data")), Map.class);
+            if ("9999".equals(param.get("code")) || "9998".equals(param.get("code"))) {
+                response.getWriter().write(param.get("msg").toString());
+                return;
+            } else {
+                param = mapper.readValue(mapper.writeValueAsString(param.get("data")), Map.class);
+            }
+        } else {
+            response.getWriter().write(param.get("msg").toString());
             return;
         }
-
-        user.put("jobCode_eq", jobCode);
-        user.put("realName_eq", realName);
+        String userName = (String) param.get("userName");
+        user.put("userName_eq", userName);
         user.put("enabled", true);
  
         Iterator<SysUser> userIterator = sysUserService.list(user).iterator();
@@ -124,7 +125,7 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
             //session里写入用户名，webSocket连接时标识身份用
             session.setAttribute(Constants.SSO_TOKEN, token);
             session.setAttribute(Constants.SESSION_USERNAME, sysUser.getUserName());
-            session.setAttribute(Constants.RESOURCE_AUTHORITYS, sysUser.getLinks());
+            //session.setAttribute(Constants.RESOURCE_AUTHORITYS, sysUser.getLinks());
             //获取公司权限数据
             List<CompanyAuthority> cmyAuths = companyAuthorityService.findByUser(sysUser);
             session.setAttribute(Constants.COMPANY_AUTHORITYS, cmyAuths);
@@ -43,7 +43,7 @@ public class CustomLogoutSuccessHandler implements LogoutSuccessHandler {
         param.put("Authorization", String.format("Bearer %s", token));
         try {
             request.getSession().invalidate();
-            StringBuilder sb = HttpClientUtils.post(ssoLogoutUrl, null, param);
+            StringBuilder sb = HttpClientUtils.post(ssoLogoutUrl, "", param);
             log.error(String.format("注销token:%s,返回结果:%s", token, sb.toString()));
         } catch (Exception e) {
             log.error("注销token异常", e);
@@ -6515,7 +6515,7 @@ public class ScheduleRealInfoServiceImpl extends BaseServiceImpl&lt;ScheduleRealInf
         Map<String, Object> res = new HashMap<>();
         res.put("status", ResponseCode.SUCCESS);
 		try {
-            StringBuilder sb = HttpClientUtils.post(url, null);
+            StringBuilder sb = HttpClientUtils.post(url, "");
             if (sb != null) {
                 Map<String, Object> response = new ObjectMapper().readValue(sb.toString(), Map.class);
                 if (!"报修成功".equals(response.get("msg"))) {
 package com.bsth.util;
  
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.http.HttpEntity;
+import org.apache.http.NameValuePair;
 import org.apache.http.client.config.RequestConfig;
-import org.apache.http.client.entity.EntityBuilder;
+import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
@@ -10,16 +13,21 @@ import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicNameValuePair;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.util.StringUtils;
  
 import javax.net.ssl.*;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.io.UnsupportedEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.util.HashMap;
+import java.util.List;
+import java.util.ArrayList;
 import java.util.Map;
  
 /**
@@ -29,6 +37,8 @@ public class HttpClientUtils {
  
     static Logger logger = LoggerFactory.getLogger(HttpClientUtils.class);
  
+    private static ObjectMapper mapper = new ObjectMapper();
+
     private final static String HTTPS = "https://";
  
     private static SSLConnectionSocketFactory sslConnectionSocketFactory;
@@ -129,7 +139,7 @@ public class HttpClientUtils {
                     .setConnectTimeout(15000).setConnectionRequestTimeout(15000)
                     .setSocketTimeout(15000).build();
             post.setConfig(requestConfig);
-            if (data != null) {
+            if (!StringUtils.isEmpty(data)) {
                 post.setEntity((new StringEntity(data, "UTF-8")));
             }
  
@@ -146,6 +156,68 @@ public class HttpClientUtils {
         return stringBuffer;
     }
  
+    public static StringBuilder post(String url, HttpEntity entity) throws Exception {
+        return post(url, entity, new HashMap<>());
+    }
+
+    public static StringBuilder post(String url, HttpEntity entity, Map<String, Object> headers) throws Exception {
+        CloseableHttpClient httpClient = null;
+        CloseableHttpResponse response = null;
+        StringBuilder stringBuffer = null;
+        try {
+            httpClient = defaultHttpClient(url);
+            HttpPost post = new HttpPost(url);
+
+            post.setHeader("Accept", "application/json");
+            post.setHeader("Content-Type", "application/json;charset=UTF-8");
+            if (headers.size() > 0) {
+                for (Map.Entry<String, Object> header : headers.entrySet()) {
+                    post.setHeader(header.getKey(), String.valueOf(header.getValue()));
+                }
+            }
+            //超时时间
+            RequestConfig requestConfig = RequestConfig.custom()
+                    .setConnectTimeout(5000).setConnectionRequestTimeout(5000)
+                    .setSocketTimeout(5000).build();
+            post.setConfig(requestConfig);
+            if (entity != null) {
+                post.setEntity(entity);
+            }
+
+            response = httpClient.execute(post);
+            stringBuffer = getResult(response.getEntity());
+        } catch (Exception e) {
+            logger.error("", e);
+        } finally {
+            if (null != httpClient)
+                httpClient.close();
+            if (null != response)
+                response.close();
+        }
+        return stringBuffer;
+    }
+
+    public static StringEntity createJsonEntity(Object data) throws JsonProcessingException, UnsupportedEncodingException {
+        return new StringEntity(mapper.writeValueAsString(data));
+    }
+
+    public static UrlEncodedFormEntity createFormEntity(Map<String, Object> data) throws UnsupportedEncodingException {
+        List<NameValuePair> pairs = new ArrayList<>();
+        for (Map.Entry<String, Object> entry : data.entrySet()) {
+            pairs.add(new BasicNameValuePair(entry.getKey(), String.valueOf(entry.getValue())));
+        }
+
+        return new UrlEncodedFormEntity(pairs);
+    }
+
+    public static Map<String, Object> createFormHeader() throws UnsupportedEncodingException {
+        Map<String, Object> headers = new HashMap<>();
+        headers.put("Accept", "*/*");
+        headers.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
+
+        return headers;
+    }
+
     private static StringBuilder getResult(HttpEntity entity) throws IOException {
         StringBuilder stringBuffer = null;
         if (null != entity) {