From 26b18b6170b54d4da3cb7f19fac1e0a0627d17f8 Mon Sep 17 00:00:00 2001
From: 陈昶聿 <chychen@nbjetron.com>
Date: 星期四, 15 一月 2026 14:04:40 +0800
Subject: [PATCH] 【景宁】SSO单点登录接口
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java | 172 ++++++++++++++++++++++++++-------------------------------
1 files changed, 79 insertions(+), 93 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
index 0df2993..e174e25 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
@@ -3,8 +3,12 @@
import com.alibaba.fastjson.JSON;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.exception.base.BaseException;
+import com.ruoyi.common.utils.HttpUtil;
import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.http.HttpUtils;
import com.ruoyi.framework.web.service.TokenService;
+import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
import com.smartor.domain.SSOTokenResponse;
import com.smartor.domain.SSOUserInfo;
@@ -20,11 +24,14 @@
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
+import org.springframework.web.servlet.view.RedirectView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.Map;
/**
* SSO鍗曠偣鐧诲綍鎺у埗鍣�
@@ -76,6 +83,9 @@
@Autowired
private TokenService tokenService;
+ @Autowired
+ private ISysConfigService sysConfigService;
+
private final RestTemplate restTemplate;
public SSOController() {
@@ -90,100 +100,68 @@
* SSO鐧诲綍鍏ュ彛 - 淇¢�氶櫌浼氳皟鐢ㄨ繖涓湴鍧�
* 璁块棶璺緞锛歨ttp://鍩熷悕:8095/sso/login
*/
- @GetMapping("")
- public void ssoLogin(HttpServletResponse response, HttpServletRequest request) throws IOException {
+ @GetMapping("ssoLogin")
+ public RedirectView ssoLogin() {
log.info("鏀跺埌SSO鐧诲綍璇锋眰锛屽紑濮嬮噸瀹氬悜鍒版巿鏉冩湇鍔″櫒");
+ String id = clientId;
+ String redirectUri = internalRedirectUri;
+ String scope = "openid";
+ id = "1553548571532333056";
+ redirectUri = URLEncoder.encode(internalRedirectUri);
+ // 閲嶅畾鍚戝湴鍧�瀵硅薄(閲嶅畾鍚戝湴鍧�
+ RedirectView redirectView = new RedirectView();
- // 鑾峰彇瀹㈡埛绔疘P
- String clientIp = getClientIp(request);
- boolean isInternal = isInternalNetwork(clientIp);
+ // Authorize閴存潈鎺ュ彛
+ String param = "client_id=" + id + "&redirect_uri=" + redirectUri + "&response_type=code" +
+ "&state=" + state + "&scope=" + scope;
+ log.info("銆怉uthorize閴存潈鎺ュ彛銆戝叆鍙備负锛歿}", param);
+ String url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/authorize";
+// String url = internalAuthorizeUrl;
+ String s = HttpUtils.sendGet(url, param);
+ Map<String, String> result = getResult(s);
+ String code = result.get("code");
+ try {
+ SSOTokenResponse accessToken = getAccessToken(code, true);
+ SSOUserInfo userInfo = getUserInfo(accessToken.getAccess_token(), true);
- // 鏋勫缓鎺堟潈URL
- String authUrl = buildAuthorizationUrl(isInternal);
- log.info("閲嶅畾鍚戝埌鎺堟潈URL: {}", authUrl);
+ createLocalSession(userInfo);
- response.sendRedirect(authUrl);
+ String path = sysConfigService.selectConfigByKey("sys.qddz");
+ if (StringUtils.isEmpty(path)) {
+ throw new BaseException("璇烽厤缃墠绔湴鍧�");
+ }
+ String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +
+ userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +
+ "&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";
+ log.info("鍗曠偣鐧婚檰閲嶅畾鍚戝湴鍧�涓猴細{}", reviewUrl);
+ redirectView.setUrl(reviewUrl);
+ redirectView.setStatusCode(HttpStatus.MOVED_PERMANENTLY);
+ } catch (Exception e) {
+ e.printStackTrace();
+ return new RedirectView();
+ }
+
+ return redirectView;
}
- /**
- * SSO鍥炶皟澶勭悊
- */
- @GetMapping("/callback")
- public void ssoCallback(@RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @RequestParam(required = false) String error,
- HttpServletResponse response,
- HttpServletRequest request) throws IOException {
+ private Map<String, String> getResult(String param) {
+ Map<String, String> paramMap = new HashMap<>();
- log.info("鏀跺埌SSO鍥炶皟锛宑ode: {}, state: {}, error: {}", code, state, error);
-
- if (error != null) {
- log.error("SSO鎺堟潈澶辫触: {}", error);
- try {
- response.sendRedirect("/login?sso_error=" + URLEncoder.encode(error, "UTF-8"));
- } catch (Exception e) {
- log.error("閲嶅畾鍚戝け璐�", e);
- response.sendRedirect("/login?sso_error=unknown_error");
- }
- return;
+ if (param == null || !param.contains("?")) {
+ return paramMap;
}
- if (code == null || !this.state.equals(state)) {
- log.error("SSO鍥炶皟鍙傛暟閿欒锛宑ode: {}, state: {}", code, state);
- response.sendRedirect("/login?sso_error=invalid_callback");
- return;
+ String query = param.substring(param.indexOf('?') + 1);
+
+ String[] pairs = query.split("&");
+
+ for (String pair : pairs) {
+ String[] kv = pair.split("=", 2);
+ String key = kv[0];
+ String value = kv.length > 1 ? kv[1] : "";
+ paramMap.put(key, value);
}
-
- try {
- // 鑾峰彇瀹㈡埛绔疘P
- String clientIp = getClientIp(request);
- boolean isInternal = isInternalNetwork(clientIp);
-
- // 1. 鐢╟ode鎹㈠彇access_token
- SSOTokenResponse tokenResponse = getAccessToken(code, isInternal);
- log.info("鑾峰彇鍒癮ccess_token: {}", tokenResponse.getAccess_token());
-
- // 2. 鐢╝ccess_token鑾峰彇鐢ㄦ埛淇℃伅
- SSOUserInfo userInfo = getUserInfo(tokenResponse.getAccess_token(), isInternal);
- log.info("鑾峰彇鍒扮敤鎴蜂俊鎭�: {}", userInfo);
-
- // 3. 鏍规嵁鐢ㄦ埛淇℃伅鍒涘缓鏈湴浼氳瘽
- String token = createLocalSession(userInfo);
-
- // 4. 閲嶅畾鍚戝埌鍓嶇棣栭〉锛屾惡甯oken
- String frontendUrl = "/#/index?token=" + token;
- response.sendRedirect(frontendUrl);
-
- } catch (RuntimeException e) {
- log.error("SSO涓氬姟澶勭悊澶辫触: {}", e.getMessage(), e);
- try {
- response.sendRedirect("/login?sso_error=" + URLEncoder.encode(e.getMessage(), "UTF-8"));
- } catch (Exception ex) {
- log.error("閲嶅畾鍚戝け璐�", ex);
- response.sendRedirect("/login?sso_error=system_error");
- }
- } catch (Exception e) {
- log.error("SSO鐧诲綍澶勭悊澶辫触", e);
- response.sendRedirect("/login?sso_error=login_failed");
- }
- }
-
- /**
- * 鏋勫缓鎺堟潈URL
- */
- private String buildAuthorizationUrl(boolean isInternal) {
- try {
- String redirectUri = getRedirectUri(isInternal);
- return getAuthorizeUrl(isInternal) + "?" +
- "client_id=" + clientId +
- "&redirect_uri=" + URLEncoder.encode(redirectUri, "UTF-8") +
- "&response_type=code" +
- "&state=" + state +
- "&scope=" + URLEncoder.encode(scope, "UTF-8");
- } catch (Exception e) {
- log.error("鏋勫缓鎺堟潈URL澶辫触", e);
- throw new RuntimeException("鏋勫缓鎺堟潈URL澶辫触", e);
- }
+ return paramMap;
}
/**
@@ -194,16 +172,22 @@
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
- params.add("client_id", clientId);
- params.add("client_secret", clientSecret);
+ String id = clientId;
+ String secret = clientSecret;
+ String url = getTokenUrl(isInternal);
+ String redirectUri = getRedirectUri(isInternal);
+ id = "1553548571532333056";
+ secret = "suifangxt";
+ url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/token";
+ params.add("client_id", id);
+ params.add("client_secret", secret);
params.add("code", code);
params.add("grant_type", "authorization_code");
- params.add("redirect_uri", getRedirectUri(isInternal));
+ params.add("redirect_uri", redirectUri);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);
- ResponseEntity<String> response = restTemplate.exchange(
- getTokenUrl(isInternal), HttpMethod.POST, request, String.class);
+ ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, request, String.class);
log.info("Token鍝嶅簲: {}", response.getBody());
@@ -228,9 +212,9 @@
headers.set("Authorization", "Bearer " + accessToken);
HttpEntity<String> entity = new HttpEntity<>(headers);
-
- ResponseEntity<String> response = restTemplate.exchange(
- getUserinfoUrl(isInternal), HttpMethod.GET, entity, String.class);
+ String url = getUserinfoUrl(isInternal);
+ url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/userinfo";
+ ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, entity, String.class);
log.info("鐢ㄦ埛淇℃伅鍝嶅簲: {}", response.getBody());
@@ -262,7 +246,9 @@
LoginUser loginUser = new LoginUser(localUser.getUserId(), localUser.getDeptId(), localUser, null);
// 鐢熸垚token
- return tokenService.createToken(loginUser);
+ String token = tokenService.createToken(loginUser);
+ log.info("鐢熸垚鐨則oken涓猴細{}", token);
+ return token;
}
/**
--
Gitblit v1.9.3