1.

王通
1 parent e132a64f
Showing 9 changed files with 119 additions and 41 deletions
src/main/java/com/bsth/controller/realcontrol/AdminUtilsController.java
src/main/java/com/bsth/controller/sys/UserController.java
src/main/java/com/bsth/security/SsoConfig.java
src/main/java/com/bsth/security/handler/CustomLogoutSuccessHandler.java
src/main/java/com/bsth/service/realcontrol/impl/ScheduleRealInfoServiceImpl.java
src/main/java/com/bsth/util/HttpClientUtils.java
src/main/resources/application-cloud.properties
src/main/resources/application-test.properties
src/main/resources/application.properties
@@ -347,7 +347,6 @@ public class AdminUtilsController {
             gatewayHttpLoader.afterPropertiesSet();
             gatewayHttpUtils.afterPropertiesSet();
             rfidHttpLoader.afterPropertiesSet();
-            ssoConfig.afterPropertiesSet();
  
             return "success";
         } catch (Exception e) {
@@ -366,7 +365,6 @@ public class AdminUtilsController {
             gatewayHttpLoader.afterPropertiesSet();
             gatewayHttpUtils.afterPropertiesSet();
             rfidHttpLoader.afterPropertiesSet();
-            ssoConfig.afterPropertiesSet();
  
             return "success";
         } catch (Exception e) {
@@ -76,37 +76,38 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
     public static Map<String, Long> USER_LOCKTIME = new HashMap<>();
  
     @RequestMapping(value = "/login/token")
-    public void login(@RequestParam String token, @RequestParam String account, @RequestParam Long time, HttpServletRequest request, HttpServletResponse response) throws Exception {
+    public void login(@RequestParam String token, HttpServletRequest request, HttpServletResponse response) throws Exception {
         response.addHeader("Content-Type", "text/html;charset=UTF-8");
         if (!ssoConfig.isSsoEnabled()) {
             response.getWriter().write("系统未开启统一登录配置，请联系管理员");
             return;
         }
-        if (token == null || account == null || time == null) {
+        if (token == null) {
             throw new IllegalArgumentException("请检查参数");
         }
  
         Map<String, Object> param = new HashMap<>(), user = new HashMap<>();
         param.put("token", token);
-        param.put("systemCode", ssoConfig.getSystemCode());
-        StringBuilder sb = HttpClientUtils.post(ssoConfig.getSsoAuthUrl(), mapper.writeValueAsString(param));
+        param.put("sysCode", ssoConfig.getSystemCode());
+        StringBuilder sb = HttpClientUtils.post(ssoConfig.getSsoAuthUrl(), HttpClientUtils.createFormEntity(param), HttpClientUtils.createFormHeader());
  
         Assert.notNull(sb, "统一登录平台验证数据不为空");
         logger.info(String.format("统一登录平台：%s", sb.toString()));
-        param = mapper.readValue(mapper.writeValueAsString(mapper.readValue(sb.toString(), Map.class).get("data")), Map.class);
-        String jobCode = (String) param.get("account"), realName = (String) param.get("userName");
-        if (!account.equals(jobCode)) {
-            response.getWriter().write("token与用户不匹配");
-            return;
-        }
-
-        if (jobCode == null || realName == null) {
-            response.getWriter().write("token数据异常");
+        param = mapper.readValue(sb.toString(), Map.class);
+        if (200 == (int) param.get("code")) {
+            param = mapper.readValue(mapper.writeValueAsString(param.get("data")), Map.class);
+            if ("9999".equals(param.get("code")) || "9998".equals(param.get("code"))) {
+                response.getWriter().write(param.get("msg").toString());
+                return;
+            } else {
+                param = mapper.readValue(mapper.writeValueAsString(param.get("data")), Map.class);
+            }
+        } else {
+            response.getWriter().write(param.get("msg").toString());
             return;
         }
-
-        user.put("jobCode_eq", jobCode);
-        user.put("realName_eq", realName);
+        String userName = (String) param.get("userName");
+        user.put("userName_eq", userName);
         user.put("enabled", true);
  
         Iterator<SysUser> userIterator = sysUserService.list(user).iterator();
@@ -124,7 +125,7 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
             //session里写入用户名，webSocket连接时标识身份用
             session.setAttribute(Constants.SSO_TOKEN, token);
             session.setAttribute(Constants.SESSION_USERNAME, sysUser.getUserName());
-            session.setAttribute(Constants.RESOURCE_AUTHORITYS, sysUser.getLinks());
+            //session.setAttribute(Constants.RESOURCE_AUTHORITYS, sysUser.getLinks());
             //获取公司权限数据
             List<CompanyAuthority> cmyAuths = companyAuthorityService.findByUser(sysUser);
             session.setAttribute(Constants.COMPANY_AUTHORITYS, cmyAuths);
@@ -186,8 +187,19 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
  
             // 校验密码
             boolean matchStatus = new BCryptPasswordEncoder(4).matches(password, user.getPassword());
-            if (!matchStatus) {
-                userOrPasswordInvalid(rs, userName);
+            if (null == user || !matchStatus) {
+                rs.put("msg", "密码有误");
+
+                Integer errTimes = USER_ERRTIMES.get(userName);
+                if (null == errTimes) {
+                    errTimes = 0;
+                }
+                USER_ERRTIMES.put(userName, ++errTimes);
+                if (errTimes > 3) {
+                    USER_LOCKTIME.put(userName, System.currentTimeMillis() + 600000);
+                    USER_ERRTIMES.put(userName, 0);
+                    put(rs, "msg", "密码错误4次，账户将被锁定10分钟");
+                }
  
                 return rs;
             }
@@ -222,7 +234,7 @@ public class UserController extends BaseController&lt;SysUser, Integer&gt; {
             sysUserService.recordLoginDate(userName);
             //session里写入用户名，webSocket连接时标识身份用
             session.setAttribute(Constants.SESSION_USERNAME, user.getUserName());
-            session.setAttribute(Constants.RESOURCE_AUTHORITYS, user.getLinks());
+            //session.setAttribute(Constants.RESOURCE_AUTHORITYS, user.getLinks());
  
             //获取公司权限数据
             List<CompanyAuthority> cmyAuths = companyAuthorityService.findByUser(user);
@@ -11,7 +11,7 @@ import org.springframework.stereotype.Component;
  * @author Hill
  */
 @Component
-public class SsoConfig implements InitializingBean {
+public class SsoConfig {
  
     /**
      * 是否开启sso登录
@@ -57,6 +57,7 @@ public class SsoConfig implements InitializingBean {
         return systemCode;
     }
  
+    @Value("${sso.systemcode}")
     public void setSystemCode(String systemCode) {
         this.systemCode = systemCode;
     }
@@ -86,13 +87,8 @@ public class SsoConfig implements InitializingBean {
         return ssoAuthUrl;
     }
  
+    @Value("${sso.http.url.auth}")
     public void setSsoAuthUrl(String ssoAuthUrl) {
         this.ssoAuthUrl = ssoAuthUrl;
     }
-
-    @Override
-    public void afterPropertiesSet() throws Exception {
-        setSystemCode(SystemParamCache.getSsoSystemCode());
-        setSsoAuthUrl(SystemParamCache.getUrlHttpSsoAuth());
-    }
 }
@@ -43,7 +43,7 @@ public class CustomLogoutSuccessHandler implements LogoutSuccessHandler {
         param.put("Authorization", String.format("Bearer %s", token));
         try {
             request.getSession().invalidate();
-            StringBuilder sb = HttpClientUtils.post(ssoLogoutUrl, null, param);
+            StringBuilder sb = HttpClientUtils.post(ssoLogoutUrl, HttpClientUtils.createFormEntity(new HashMap<>()), param);
             log.error(String.format("注销token:%s,返回结果:%s", token, sb.toString()));
         } catch (Exception e) {
             log.error("注销token异常", e);
@@ -6515,7 +6515,7 @@ public class ScheduleRealInfoServiceImpl extends BaseServiceImpl&lt;ScheduleRealInf
         Map<String, Object> res = new HashMap<>();
         res.put("status", ResponseCode.SUCCESS);
 		try {
-            StringBuilder sb = HttpClientUtils.post(url, null);
+            StringBuilder sb = HttpClientUtils.post(url, HttpClientUtils.createFormEntity(new HashMap<>()));
             if (sb != null) {
                 Map<String, Object> response = new ObjectMapper().readValue(sb.toString(), Map.class);
                 if (!"报修成功".equals(response.get("msg"))) {
 package com.bsth.util;
  
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.http.HttpEntity;
+import org.apache.http.NameValuePair;
 import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.entity.EntityBuilder;
+import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.CloseableHttpResponse;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
@@ -10,6 +14,7 @@ import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
+import org.apache.http.message.BasicNameValuePair;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
  
@@ -17,9 +22,12 @@ import javax.net.ssl.*;
 import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.io.UnsupportedEncodingException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.util.ArrayList;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
  
 /**
@@ -29,6 +37,8 @@ public class HttpClientUtils {
  
     static Logger logger = LoggerFactory.getLogger(HttpClientUtils.class);
  
+    private static ObjectMapper mapper = new ObjectMapper();
+
     private final static String HTTPS = "https://";
  
     private static SSLConnectionSocketFactory sslConnectionSocketFactory;
@@ -146,6 +156,68 @@ public class HttpClientUtils {
         return stringBuffer;
     }
  
+    public static StringBuilder post(String url, HttpEntity entity) throws Exception {
+        return post(url, entity, new HashMap<>());
+    }
+
+    public static StringBuilder post(String url, HttpEntity entity, Map<String, Object> headers) throws Exception {
+        CloseableHttpClient httpClient = null;
+        CloseableHttpResponse response = null;
+        StringBuilder stringBuffer = null;
+        try {
+            httpClient = defaultHttpClient(url);
+            HttpPost post = new HttpPost(url);
+
+            post.setHeader("Accept", "application/json");
+            post.setHeader("Content-Type", "application/json;charset=UTF-8");
+            if (headers.size() > 0) {
+                for (Map.Entry<String, Object> header : headers.entrySet()) {
+                    post.setHeader(header.getKey(), String.valueOf(header.getValue()));
+                }
+            }
+            //超时时间
+            RequestConfig requestConfig = RequestConfig.custom()
+                    .setConnectTimeout(5000).setConnectionRequestTimeout(5000)
+                    .setSocketTimeout(5000).build();
+            post.setConfig(requestConfig);
+            if (entity != null) {
+                post.setEntity(entity);
+            }
+
+            response = httpClient.execute(post);
+            stringBuffer = getResult(response.getEntity());
+        } catch (Exception e) {
+            logger.error("", e);
+        } finally {
+            if (null != httpClient)
+                httpClient.close();
+            if (null != response)
+                response.close();
+        }
+        return stringBuffer;
+    }
+
+    public static StringEntity createJsonEntity(Object data) throws JsonProcessingException, UnsupportedEncodingException {
+        return new StringEntity(mapper.writeValueAsString(data));
+    }
+
+    public static UrlEncodedFormEntity createFormEntity(Map<String, Object> data) throws UnsupportedEncodingException {
+        List<NameValuePair> pairs = new ArrayList<>();
+        for (Map.Entry<String, Object> entry : data.entrySet()) {
+            pairs.add(new BasicNameValuePair(entry.getKey(), String.valueOf(entry.getValue())));
+        }
+
+        return new UrlEncodedFormEntity(pairs);
+    }
+
+    public static Map<String, Object> createFormHeader() throws UnsupportedEncodingException {
+        Map<String, Object> headers = new HashMap<>();
+        headers.put("Accept", "*/*");
+        headers.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
+
+        return headers;
+    }
+
     private static StringBuilder getResult(HttpEntity entity) throws IOException {
         StringBuilder stringBuffer = null;
         if (null != entity) {
@@ -41,7 +41,7 @@ spring.kafka.consumer.group-id= schedule-system
 spring.kafka.consumer.auto-offset-reset= latest
  
 sso.enabled= true
-sso.systemcode = SYS0023
-sso.http.url.login= http://47.92.212.107:9102/portal/index.html#/login
-sso.http.url.logout= http://47.92.212.107:9102/information/api/v1/logout
-sso.http.url.auth= http://47.92.212.107:9102/information/authenticate/authorityAuthentication
 \ No newline at end of file
+sso.systemcode = SYSUS0023
+sso.http.url.login= http://47.92.212.107:9102/login?redirect=%2Findex
+sso.http.url.logout= http://47.92.212.107:9102/login?redirect=%2Findex
+sso.http.url.auth= http://47.92.212.107:9102/prod-api/system/utilitySystem/checkToken
 \ No newline at end of file
@@ -38,8 +38,8 @@ spring.kafka.consumer.auto-offset-reset= latest
 spring.kafka.consumer.key-deserializer= org.apache.kafka.common.serialization.StringDeserializer
 spring.kafka.consumer.value-deserializer= org.apache.kafka.common.serialization.StringDeserializer
  
-sso.enabled= false
-sso.systemcode = SYS0023
-sso.http.url.login= https://127.0.0.1/portal/index.html#/login
-sso.http.url.logout= https://127.0.0.1/information/api/v1/logout
-sso.http.url.auth= https://127.0.0.1/information/authenticate/authorityAuthentication
 \ No newline at end of file
+sso.enabled= true
+sso.systemcode = SYSUS0023
+sso.http.url.login= http://47.92.212.107:9102/login?redirect=%2Findex
+sso.http.url.logout= http://47.92.212.107:9102/login?redirect=%2Findex
+sso.http.url.auth= http://47.92.212.107:9102/prod-api/system/utilitySystem/checkToken
 \ No newline at end of file
-spring.profiles.active = cloud
+spring.profiles.active = test
  
 spring.view.suffix=.html
 server.session-timeout=-1