smartor.git - Gitblit

			@@ -25,6 +25,7 @@
			import org.springframework.web.bind.annotation.RestController;
			import org.springframework.web.client.RestTemplate;
			import org.springframework.web.servlet.view.RedirectView;
			import org.springframework.web.util.UriComponentsBuilder;

			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			@@ -123,47 +124,67 @@

			/**
			* SSO登录入口 - 信通院会调用这个地址
			* 访问路径：http://域名:8095/sso/login
			* 访问路径：http://域名:8095/sso/ssoLoginLyra
			*/
			@GetMapping("ssoLoginLyra")
			public RedirectView ssoLoginLyra() {
			log.info("收到SSO登录请求，开始重定向到授权服务器");
			String id = clientId;
			String redirectUri = internalRedirectUri;
			String scope = "openid";
			id = "1553548571532333056";
			redirectUri = URLEncoder.encode(internalRedirectUri);
			String path = sysConfigService.selectConfigByKey("sys.qddz");
			String lyraPath = "https://9.208.39.29:13021";
			String clientId = "1553548571532333056";
			String clientSecret = "suifangxt";
			String scope = "openid";

			String authorizeUrl = lyraPath + "/mediinfo-lyra-authserver/connect/authorize";
			String accessTokenUrl = lyraPath + "/mediinfo-lyra-authserver/connect/token";
			String userInfoUrl = lyraPath + "/mediinfo-lyra-authserver/connect/userinfo";
			// 重定向地址对象(重定向地址
			RedirectView redirectView = new RedirectView();

			// Authorize鉴权接口
			String param = "client_id=" + id + "&redirect_uri=" + redirectUri + "&response_type=code" +
			String param = "client_id=" + clientId + "&redirect_uri=" + redirectUri + "&response_type=code" +
			"&state=" + state + "&scope=" + scope;
			log.info("【Authorize鉴权接口】入参为：{}", param);
			String url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/authorize";
			// String url = internalAuthorizeUrl;
			String s = HttpUtils.sendGet(url, param);
			String s = HttpUtils.sendGet(authorizeUrl, param);
			Map<String, String> result = getResult(s);
			String code = result.get("code");
			if (StringUtils.isEmpty(code)) {
			log.error("未获取到授权码");
			throw new BaseException("SSO授权失败");
			}
			try {
			SSOTokenResponse accessToken = getAccessTokenLyra(code, true);
			SSOUserInfo userInfo = getUserInfoLyra(accessToken.getAccess_token(), true);
			SSOTokenResponse accessToken = getAccessTokenLyra(code, accessTokenUrl, clientId, clientSecret,true);
			SSOUserInfo userInfo = getUserInfoLyra(accessToken.getAccess_token(), userInfoUrl,true);

			createLocalSession(userInfo);

			String path = sysConfigService.selectConfigByKey("sys.qddz");
			if (StringUtils.isEmpty(path)) {
			throw new BaseException("请配置前端地址");
			}
			String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +
			userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +
			"&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";
			// String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +
			// userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +
			// "&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";
			String reviewUrl = "";
			reviewUrl = UriComponentsBuilder.fromHttpUrl(path)
			.path("/loginSSO")
			.queryParam("token", accessToken.getAccess_token())
			.queryParam("orgid", userInfo.getZuZhiJGID())
			.queryParam("orgname", userInfo.getZuZhiJGMC())
			.queryParam("ZuHuID", userInfo.getYongHuID())
			.queryParam("deptCode", "null")
			.build()
			.toUriString();

			log.info("单点登陆重定向地址为：{}", reviewUrl);
			redirectView.setUrl(reviewUrl);
			redirectView.setStatusCode(HttpStatus.MOVED_PERMANENTLY);
			redirectView.setStatusCode(HttpStatus.FOUND);
			} catch (Exception e) {
			e.printStackTrace();
			return new RedirectView();
			log.error("SSO登录失败", e);
			redirectView.setUrl(path + "/login?error=sso_failed");
			return redirectView;

			}

			return redirectView;
			@@ -251,27 +272,21 @@
			/**
			* 获取访问令牌
			*/
			private SSOTokenResponse getAccessTokenLyra(String code, boolean isInternal) throws Exception {
			private SSOTokenResponse getAccessTokenLyra(String code, String accessTokenUrl, String clientId, String clientSecret, boolean isInternal) throws Exception {
			HttpHeaders headers = new HttpHeaders();
			headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);

			MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
			String id = clientId;
			String secret = clientSecret;
			String url = getTokenUrl(isInternal);
			String redirectUri = getRedirectUri(isInternal);
			id = "1553548571532333056";
			secret = "suifangxt";
			url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/token";
			params.add("client_id", id);
			params.add("client_secret", secret);
			params.add("client_id", clientId);
			params.add("client_secret", clientSecret);
			params.add("code", code);
			params.add("grant_type", "authorization_code");
			params.add("redirect_uri", redirectUri);

			HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);

			ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, request, String.class);
			ResponseEntity<String> response = restTemplate.exchange(accessTokenUrl, HttpMethod.POST, request, String.class);

			log.info("Token响应: {}", response.getBody());

			@@ -291,14 +306,13 @@
			/**
			* 获取用户信息
			*/
			private SSOUserInfo getUserInfoLyra(String accessToken, boolean isInternal) throws Exception {
			private SSOUserInfo getUserInfoLyra(String accessToken, String userInfoUrl, boolean isInternal) throws Exception {
			HttpHeaders headers = new HttpHeaders();
			headers.set("Authorization", "Bearer " + accessToken);

			HttpEntity<String> entity = new HttpEntity<>(headers);
			String url = getUserinfoUrl(isInternal);
			url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/userinfo";
			ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, entity, String.class);

			ResponseEntity<String> response = restTemplate.exchange(userInfoUrl, HttpMethod.GET, entity, String.class);

			log.info("用户信息响应: {}", response.getBody());