From 44d70e42817bfb518f29240d396ee3f53297e9fc Mon Sep 17 00:00:00 2001
From: liusheng <337615773@qq.com>
Date: 星期六, 09 八月 2025 13:20:28 +0800
Subject: [PATCH] SSO代码提交
---
ruoyi-admin/src/main/resources/application-xh.yml | 20 ++
smartor/src/main/java/com/smartor/domain/SSOUserInfo.java | 26 ++
ruoyi-admin/src/main/resources/application-hn.yml | 21 ++
ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java | 362 ++++++++++++++++++++++++++++++++++++++++
smartor/src/main/java/com/smartor/domain/SSOTokenResponse.java | 50 +++++
ruoyi-admin/src/main/resources/application-druid.yml | 20 ++
ruoyi-admin/src/main/resources/logback.xml | 2
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 2
ruoyi-admin/src/main/resources/application.yml | 2
ruoyi-admin/src/main/resources/application-ls.yml | 20 ++
10 files changed, 522 insertions(+), 3 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
new file mode 100644
index 0000000..0df2993
--- /dev/null
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
@@ -0,0 +1,362 @@
+package com.ruoyi.web.controller.sso;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.web.service.TokenService;
+import com.ruoyi.system.service.ISysUserService;
+import com.smartor.domain.SSOTokenResponse;
+import com.smartor.domain.SSOUserInfo;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.*;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.client.RestTemplate;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URLEncoder;
+
+/**
+ * SSO鍗曠偣鐧诲綍鎺у埗鍣�
+ */
+@RestController
+@RequestMapping("/sso")
+@Slf4j
+public class SSOController {
+
+ @Value("${sso.client_id}")
+ private String clientId;
+
+ @Value("${sso.client_secret}")
+ private String clientSecret;
+
+ @Value("${sso.internal.authorize_url}")
+ private String internalAuthorizeUrl;
+
+ @Value("${sso.internal.token_url}")
+ private String internalTokenUrl;
+
+ @Value("${sso.internal.userinfo_url}")
+ private String internalUserinfoUrl;
+
+ @Value("${sso.internal.redirect_uri}")
+ private String internalRedirectUri;
+
+ @Value("${sso.external.authorize_url}")
+ private String externalAuthorizeUrl;
+
+ @Value("${sso.external.token_url}")
+ private String externalTokenUrl;
+
+ @Value("${sso.external.userinfo_url}")
+ private String externalUserinfoUrl;
+
+ @Value("${sso.external.redirect_uri}")
+ private String externalRedirectUri;
+
+ @Value("${sso.state}")
+ private String state;
+
+ @Value("${sso.scope}")
+ private String scope;
+
+ @Autowired
+ private ISysUserService userService;
+
+ @Autowired
+ private TokenService tokenService;
+
+ private final RestTemplate restTemplate;
+
+ public SSOController() {
+ // 閰嶇疆RestTemplate瓒呮椂
+ SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory();
+ factory.setConnectTimeout(10000); // 杩炴帴瓒呮椂10绉�
+ factory.setReadTimeout(30000); // 璇诲彇瓒呮椂30绉�
+ this.restTemplate = new RestTemplate(factory);
+ }
+
+ /**
+ * SSO鐧诲綍鍏ュ彛 - 淇¢�氶櫌浼氳皟鐢ㄨ繖涓湴鍧�
+ * 璁块棶璺緞锛歨ttp://鍩熷悕:8095/sso/login
+ */
+ @GetMapping("")
+ public void ssoLogin(HttpServletResponse response, HttpServletRequest request) throws IOException {
+ log.info("鏀跺埌SSO鐧诲綍璇锋眰锛屽紑濮嬮噸瀹氬悜鍒版巿鏉冩湇鍔″櫒");
+
+ // 鑾峰彇瀹㈡埛绔疘P
+ String clientIp = getClientIp(request);
+ boolean isInternal = isInternalNetwork(clientIp);
+
+ // 鏋勫缓鎺堟潈URL
+ String authUrl = buildAuthorizationUrl(isInternal);
+ log.info("閲嶅畾鍚戝埌鎺堟潈URL: {}", authUrl);
+
+ response.sendRedirect(authUrl);
+ }
+
+ /**
+ * SSO鍥炶皟澶勭悊
+ */
+ @GetMapping("/callback")
+ public void ssoCallback(@RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ @RequestParam(required = false) String error,
+ HttpServletResponse response,
+ HttpServletRequest request) throws IOException {
+
+ log.info("鏀跺埌SSO鍥炶皟锛宑ode: {}, state: {}, error: {}", code, state, error);
+
+ if (error != null) {
+ log.error("SSO鎺堟潈澶辫触: {}", error);
+ try {
+ response.sendRedirect("/login?sso_error=" + URLEncoder.encode(error, "UTF-8"));
+ } catch (Exception e) {
+ log.error("閲嶅畾鍚戝け璐�", e);
+ response.sendRedirect("/login?sso_error=unknown_error");
+ }
+ return;
+ }
+
+ if (code == null || !this.state.equals(state)) {
+ log.error("SSO鍥炶皟鍙傛暟閿欒锛宑ode: {}, state: {}", code, state);
+ response.sendRedirect("/login?sso_error=invalid_callback");
+ return;
+ }
+
+ try {
+ // 鑾峰彇瀹㈡埛绔疘P
+ String clientIp = getClientIp(request);
+ boolean isInternal = isInternalNetwork(clientIp);
+
+ // 1. 鐢╟ode鎹㈠彇access_token
+ SSOTokenResponse tokenResponse = getAccessToken(code, isInternal);
+ log.info("鑾峰彇鍒癮ccess_token: {}", tokenResponse.getAccess_token());
+
+ // 2. 鐢╝ccess_token鑾峰彇鐢ㄦ埛淇℃伅
+ SSOUserInfo userInfo = getUserInfo(tokenResponse.getAccess_token(), isInternal);
+ log.info("鑾峰彇鍒扮敤鎴蜂俊鎭�: {}", userInfo);
+
+ // 3. 鏍规嵁鐢ㄦ埛淇℃伅鍒涘缓鏈湴浼氳瘽
+ String token = createLocalSession(userInfo);
+
+ // 4. 閲嶅畾鍚戝埌鍓嶇棣栭〉锛屾惡甯oken
+ String frontendUrl = "/#/index?token=" + token;
+ response.sendRedirect(frontendUrl);
+
+ } catch (RuntimeException e) {
+ log.error("SSO涓氬姟澶勭悊澶辫触: {}", e.getMessage(), e);
+ try {
+ response.sendRedirect("/login?sso_error=" + URLEncoder.encode(e.getMessage(), "UTF-8"));
+ } catch (Exception ex) {
+ log.error("閲嶅畾鍚戝け璐�", ex);
+ response.sendRedirect("/login?sso_error=system_error");
+ }
+ } catch (Exception e) {
+ log.error("SSO鐧诲綍澶勭悊澶辫触", e);
+ response.sendRedirect("/login?sso_error=login_failed");
+ }
+ }
+
+ /**
+ * 鏋勫缓鎺堟潈URL
+ */
+ private String buildAuthorizationUrl(boolean isInternal) {
+ try {
+ String redirectUri = getRedirectUri(isInternal);
+ return getAuthorizeUrl(isInternal) + "?" +
+ "client_id=" + clientId +
+ "&redirect_uri=" + URLEncoder.encode(redirectUri, "UTF-8") +
+ "&response_type=code" +
+ "&state=" + state +
+ "&scope=" + URLEncoder.encode(scope, "UTF-8");
+ } catch (Exception e) {
+ log.error("鏋勫缓鎺堟潈URL澶辫触", e);
+ throw new RuntimeException("鏋勫缓鎺堟潈URL澶辫触", e);
+ }
+ }
+
+ /**
+ * 鑾峰彇璁块棶浠ょ墝
+ */
+ private SSOTokenResponse getAccessToken(String code, boolean isInternal) throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+ MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
+ params.add("client_id", clientId);
+ params.add("client_secret", clientSecret);
+ params.add("code", code);
+ params.add("grant_type", "authorization_code");
+ params.add("redirect_uri", getRedirectUri(isInternal));
+
+ HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);
+
+ ResponseEntity<String> response = restTemplate.exchange(
+ getTokenUrl(isInternal), HttpMethod.POST, request, String.class);
+
+ log.info("Token鍝嶅簲: {}", response.getBody());
+
+ if (response.getBody() == null || response.getBody().trim().isEmpty()) {
+ throw new RuntimeException("Token鍝嶅簲涓虹┖");
+ }
+
+ SSOTokenResponse tokenResponse = JSON.parseObject(response.getBody(), SSOTokenResponse.class);
+
+ if (tokenResponse == null || StringUtils.isEmpty(tokenResponse.getAccess_token())) {
+ throw new RuntimeException("鑾峰彇access_token澶辫触");
+ }
+
+ return tokenResponse;
+ }
+
+ /**
+ * 鑾峰彇鐢ㄦ埛淇℃伅
+ */
+ private SSOUserInfo getUserInfo(String accessToken, boolean isInternal) throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.set("Authorization", "Bearer " + accessToken);
+
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+
+ ResponseEntity<String> response = restTemplate.exchange(
+ getUserinfoUrl(isInternal), HttpMethod.GET, entity, String.class);
+
+ log.info("鐢ㄦ埛淇℃伅鍝嶅簲: {}", response.getBody());
+
+ if (response.getBody() == null || response.getBody().trim().isEmpty()) {
+ throw new RuntimeException("鐢ㄦ埛淇℃伅鍝嶅簲涓虹┖");
+ }
+
+ SSOUserInfo userInfo = JSON.parseObject(response.getBody(), SSOUserInfo.class);
+
+ if (userInfo == null || StringUtils.isEmpty(userInfo.getName())) {
+ throw new RuntimeException("鑾峰彇鐢ㄦ埛淇℃伅澶辫触鎴栫敤鎴峰悕涓虹┖");
+ }
+
+ return userInfo;
+ }
+
+ /**
+ * 鍒涘缓鏈湴浼氳瘽
+ */
+ private String createLocalSession(SSOUserInfo userInfo) {
+ // 鏍规嵁SSO鐢ㄦ埛淇℃伅鏌ユ壘鏈湴鐢ㄦ埛锛堟牴鎹伐鍙峰尮閰嶏級
+ SysUser localUser = findLocalUserByName(userInfo.getName());
+
+ if (localUser == null) {
+ throw new RuntimeException("鐢ㄦ埛涓嶅瓨鍦ㄦ垨鏈紑閫氱郴缁熸潈闄愶細" + userInfo.getName());
+ }
+
+ // 鍒涘缓鐧诲綍鐢ㄦ埛瀵硅薄
+ LoginUser loginUser = new LoginUser(localUser.getUserId(), localUser.getDeptId(), localUser, null);
+
+ // 鐢熸垚token
+ return tokenService.createToken(loginUser);
+ }
+
+ /**
+ * 鏍规嵁宸ュ彿鏌ユ壘鏈湴鐢ㄦ埛
+ */
+ private SysUser findLocalUserByName(String workNumber) {
+ if (StringUtils.isEmpty(workNumber)) {
+ log.error("宸ュ彿涓虹┖锛屾棤娉曟煡鎵剧敤鎴�");
+ return null;
+ }
+
+ try {
+ SysUser user = userService.selectUserByUserName(workNumber);
+ if (user != null) {
+ log.info("鎵惧埌鐢ㄦ埛: {} - {}", workNumber, user.getNickName());
+ } else {
+ log.warn("鏈壘鍒扮敤鎴�: {}", workNumber);
+ }
+ return user;
+ } catch (Exception e) {
+ log.error("鏌ヨ鐢ㄦ埛澶辫触: {}", workNumber, e);
+ return null;
+ }
+ }
+
+ /**
+ * 鏍规嵁瀹㈡埛绔疘P鍒ゆ柇鏄惁涓哄唴缃�
+ */
+ private boolean isInternalNetwork(String clientIp) {
+ if (clientIp == null || clientIp.isEmpty()) {
+ return false;
+ }
+
+ // 鍒ゆ柇鏄惁涓哄唴缃戠綉娈� 10.10.13.*
+ return clientIp.startsWith("10.10.13.");
+ }
+
+ /**
+ * 鑾峰彇瀹㈡埛绔湡瀹濱P
+ */
+ private String getClientIp(HttpServletRequest request) {
+ String ip = request.getHeader("X-Forwarded-For");
+ if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("Proxy-Client-IP");
+ }
+ if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("WL-Proxy-Client-IP");
+ }
+ if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_CLIENT_IP");
+ }
+ if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+ }
+ if (ip == null || ip.isEmpty() || "unknown".equalsIgnoreCase(ip)) {
+ ip = request.getRemoteAddr();
+ }
+
+ // 濡傛灉鏈夊涓狪P锛屽彇绗竴涓�
+ if (ip != null && ip.contains(",")) {
+ ip = ip.split(",")[0].trim();
+ }
+
+ log.info("瀹㈡埛绔疘P: {}", ip);
+ return ip;
+ }
+
+ /**
+ * 鏍规嵁缃戠粶鐜鑾峰彇鎺堟潈URL
+ */
+ private String getAuthorizeUrl(boolean isInternal) {
+ return isInternal ? internalAuthorizeUrl : externalAuthorizeUrl;
+ }
+
+ /**
+ * 鏍规嵁缃戠粶鐜鑾峰彇Token URL
+ */
+ private String getTokenUrl(boolean isInternal) {
+ return isInternal ? internalTokenUrl : externalTokenUrl;
+ }
+
+ /**
+ * 鏍规嵁缃戠粶鐜鑾峰彇鐢ㄦ埛淇℃伅URL
+ */
+ private String getUserinfoUrl(boolean isInternal) {
+ return isInternal ? internalUserinfoUrl : externalUserinfoUrl;
+ }
+
+ /**
+ * 鏍规嵁缃戠粶鐜鑾峰彇鍥炶皟URI
+ */
+ private String getRedirectUri(boolean isInternal) {
+ return isInternal ? internalRedirectUri : externalRedirectUri;
+ }
+
+
+}
diff --git a/ruoyi-admin/src/main/resources/application-druid.yml b/ruoyi-admin/src/main/resources/application-druid.yml
index 1759df4..4f19050 100644
--- a/ruoyi-admin/src/main/resources/application-druid.yml
+++ b/ruoyi-admin/src/main/resources/application-druid.yml
@@ -149,6 +149,26 @@
dingAppid: dingn8iip5ubj7clrrsv
dingAppSecret: qlEK8D3oOVwGPOTiBQIBYTqQVlAfy9S_qQizEQFjJdSScwemWFryg4gbneu-NqWD
+# 娌冲崡SSO閰嶇疆锛堜附姘寸敤涓嶅埌锛�
+sso:
+ enabled: true
+ client_id: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ client_secret: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ # 鍐呯綉閰嶇疆
+ internal:
+ authorize_url: "http://10.10.13.112:37727/connect/authorize"
+ token_url: "http://10.10.13.112:37727/connect/token"
+ userinfo_url: "http://10.10.13.112:37727/connect/userinfo"
+ redirect_uri: "http://10.10.13.142:8096/sso/callback"
+ # 澶栫綉閰嶇疆
+ external:
+ authorize_url: "http://172.20.111.142:37727/connect/authorize"
+ token_url: "http://172.20.111.142:37727/connect/token"
+ userinfo_url: "http://172.20.111.142:37727/connect/userinfo"
+ redirect_uri: "http://172.20.111.142:8096/sso/callback"
+ state: "smartor" # 浣犱滑绯荤粺鏍囪瘑
+ scope: "openid roles profile"
+
# websocket瓒呮椂鏃堕棿
server:
websocket:
diff --git a/ruoyi-admin/src/main/resources/application-hn.yml b/ruoyi-admin/src/main/resources/application-hn.yml
index 2bba942..824f290 100644
--- a/ruoyi-admin/src/main/resources/application-hn.yml
+++ b/ruoyi-admin/src/main/resources/application-hn.yml
@@ -120,6 +120,27 @@
default-page: 1
default-size: 10
+# SSO閰嶇疆
+sso:
+ enabled: true
+ client_id: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ client_secret: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ # 鍐呯綉閰嶇疆
+ internal:
+ authorize_url: "http://10.10.13.112:37727/connect/authorize"
+ token_url: "http://10.10.13.112:37727/connect/token"
+ userinfo_url: "http://10.10.13.112:37727/connect/userinfo"
+ redirect_uri: "http://10.10.13.142:8096/sso/callback"
+ # 澶栫綉閰嶇疆
+ external:
+ authorize_url: "http://172.20.111.142:37727/connect/authorize"
+ token_url: "http://172.20.111.142:37727/connect/token"
+ userinfo_url: "http://172.20.111.142:37727/connect/userinfo"
+ redirect_uri: "http://172.20.111.142:8096/sso/callback"
+ state: "smartor" # 浣犱滑绯荤粺鏍囪瘑
+ scope: "openid roles profile"
+
+
#閽夐拤鐨勫瘑閽�
dingAppid: dingn8iip5ubj7clrrsv
dingAppSecret: qlEK8D3oOVwGPOTiBQIBYTqQVlAfy9S_qQizEQFjJdSScwemWFryg4gbneu-NqWD
diff --git a/ruoyi-admin/src/main/resources/application-ls.yml b/ruoyi-admin/src/main/resources/application-ls.yml
index b4bbab7..2e48598 100644
--- a/ruoyi-admin/src/main/resources/application-ls.yml
+++ b/ruoyi-admin/src/main/resources/application-ls.yml
@@ -124,6 +124,26 @@
default-page: 1
default-size: 10
+# 娌冲崡SSO閰嶇疆锛堜附姘寸敤涓嶅埌锛�
+sso:
+ enabled: true
+ client_id: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ client_secret: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ # 鍐呯綉閰嶇疆
+ internal:
+ authorize_url: "http://10.10.13.112:37727/connect/authorize"
+ token_url: "http://10.10.13.112:37727/connect/token"
+ userinfo_url: "http://10.10.13.112:37727/connect/userinfo"
+ redirect_uri: "http://10.10.13.142:8096/sso/callback"
+ # 澶栫綉閰嶇疆
+ external:
+ authorize_url: "http://172.20.111.142:37727/connect/authorize"
+ token_url: "http://172.20.111.142:37727/connect/token"
+ userinfo_url: "http://172.20.111.142:37727/connect/userinfo"
+ redirect_uri: "http://172.20.111.142:8096/sso/callback"
+ state: "smartor" # 浣犱滑绯荤粺鏍囪瘑
+ scope: "openid roles profile"
+
#閽夐拤鐨勫瘑閽�
dingAppid: dingn8iip5ubj7clrrsv
dingAppSecret: qlEK8D3oOVwGPOTiBQIBYTqQVlAfy9S_qQizEQFjJdSScwemWFryg4gbneu-NqWD
diff --git a/ruoyi-admin/src/main/resources/application-xh.yml b/ruoyi-admin/src/main/resources/application-xh.yml
index e03b553..b88efa8 100644
--- a/ruoyi-admin/src/main/resources/application-xh.yml
+++ b/ruoyi-admin/src/main/resources/application-xh.yml
@@ -117,6 +117,26 @@
supportMethodsArguments: true
params: count=countSql
+# 娌冲崡SSO閰嶇疆锛堟柊鍗庣敤涓嶅埌锛�
+sso:
+ enabled: true
+ client_id: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ client_secret: "mbglxt" # 淇¢�氶櫌鎻愪緵
+ # 鍐呯綉閰嶇疆
+ internal:
+ authorize_url: "http://10.10.13.112:37727/connect/authorize"
+ token_url: "http://10.10.13.112:37727/connect/token"
+ userinfo_url: "http://10.10.13.112:37727/connect/userinfo"
+ redirect_uri: "http://10.10.13.142:8096/sso/callback"
+ # 澶栫綉閰嶇疆
+ external:
+ authorize_url: "http://172.20.111.142:37727/connect/authorize"
+ token_url: "http://172.20.111.142:37727/connect/token"
+ userinfo_url: "http://172.20.111.142:37727/connect/userinfo"
+ redirect_uri: "http://172.20.111.142:8096/sso/callback"
+ state: "smartor" # 浣犱滑绯荤粺鏍囪瘑
+ scope: "openid roles profile"
+
#閽夐拤鐨勫瘑閽�
dingAppid: dingn8iip5ubj7clrrsv
dingAppSecret: qlEK8D3oOVwGPOTiBQIBYTqQVlAfy9S_qQizEQFjJdSScwemWFryg4gbneu-NqWD
diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml
index a4507db..caa85ae 100644
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@@ -74,7 +74,7 @@
# 鍥介檯鍖栬祫婧愭枃浠惰矾寰�
basename: i18n/messages
profiles:
- active: druid
+ active: ls
# 鏂囦欢涓婁紶
servlet:
multipart:
diff --git a/ruoyi-admin/src/main/resources/logback.xml b/ruoyi-admin/src/main/resources/logback.xml
index ab17872..07456aa 100644
--- a/ruoyi-admin/src/main/resources/logback.xml
+++ b/ruoyi-admin/src/main/resources/logback.xml
@@ -3,7 +3,7 @@
<!-- 鏃ュ織瀛樻斁璺緞 8095-->
<property name="log.path" value="D:/health/logs"/>
<!-- 鏃ュ織瀛樻斁璺緞 8096-->
- <!-- <property name="log.path" value="D:/lihu/logs"/>-->
+<!-- <property name="log.path" value="D:/lihu/logs"/>-->
<!-- 涓芥按鏃ュ織瀛樻斁璺緞 -->
<!-- <property name="log.path" value="/home/software/smartor-logs" />-->
<!-- 鏃ュ織杈撳嚭鏍煎紡 -->
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 59d613b..e7fb845 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -108,7 +108,7 @@
// 杩囨护璇锋眰
.authorizeRequests()
// 瀵逛簬鐧诲綍login 娉ㄥ唽register 楠岃瘉鐮乧aptchaImage 鍏佽鍖垮悕璁块棶
- .antMatchers("/login", "/register", "/captchaImage", "/qrcode/generateStaticHtml", "/qrcode/getQRcode", "/qrcode/getFormDate", "/chat", "/system/file/admin/uploadFile", "/smartor/dingtalk/sendNotification", "/patient/read/patientInfo", "/socket", "/API_ESB_Service", "/API_ESB_Service/Run", "/magic/web/**", "/smartor/serviceSubtask/phoneCallBack", "/smartor/serviceSubtask/taskPull", "/smartor/serviceSubtask/phoneCallBackYQ", "/smartor/robot/callstatus", "/smartor/robot/aidialog", "/smartor/robot/cdrinfo", "/getToken", "/smartor/subtaskAnswer/getQuestionCache", "/smartor/subtaskAnswer/saveQuestionCache", "/smartor/servicetask/getScriptInfoByCondition", "/smartor/subtaskAnswer/saveQuestionAnswer", "/smartor/import/download", "/smartor/serviceSubtask/recordAccept", "/smartor/outPath/getInfoByParam", "/smartor/serviceExternal/addDeptInfo", "/smartor/serviceExternal/**").permitAll()
+ .antMatchers("/login", "/register", "/captchaImage", "/qrcode/generateStaticHtml", "/qrcode/getQRcode", "/qrcode/getFormDate", "/chat", "/system/file/admin/uploadFile", "/smartor/dingtalk/sendNotification", "/patient/read/patientInfo", "/socket", "/API_ESB_Service", "/API_ESB_Service/Run", "/magic/web/**", "/smartor/serviceSubtask/phoneCallBack", "/smartor/serviceSubtask/taskPull", "/smartor/serviceSubtask/phoneCallBackYQ", "/smartor/robot/callstatus", "/smartor/robot/aidialog", "/smartor/robot/cdrinfo", "/getToken", "/smartor/subtaskAnswer/getQuestionCache", "/smartor/subtaskAnswer/saveQuestionCache", "/smartor/servicetask/getScriptInfoByCondition", "/smartor/subtaskAnswer/saveQuestionAnswer", "/smartor/import/download", "/smartor/serviceSubtask/recordAccept", "/smartor/outPath/getInfoByParam", "/smartor/serviceExternal/addDeptInfo", "/smartor/serviceExternal/**", "/sso/**").permitAll()
// 闈欐�佽祫婧愶紝鍙尶鍚嶈闂�
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll().antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
// 闄や笂闈㈠鐨勬墍鏈夎姹傚叏閮ㄩ渶瑕侀壌鏉冭璇�
diff --git a/smartor/src/main/java/com/smartor/domain/SSOTokenResponse.java b/smartor/src/main/java/com/smartor/domain/SSOTokenResponse.java
new file mode 100644
index 0000000..0491b8f
--- /dev/null
+++ b/smartor/src/main/java/com/smartor/domain/SSOTokenResponse.java
@@ -0,0 +1,50 @@
+package com.smartor.domain;
+
+public class SSOTokenResponse {
+ private String id_token;
+ private String access_token;
+ private Integer expires_in;
+ private String token_type;
+ private String scope;
+
+ // getter鍜宻etter鏂规硶
+ public String getId_token() {
+ return id_token;
+ }
+
+ public void setId_token(String id_token) {
+ this.id_token = id_token;
+ }
+
+ public String getAccess_token() {
+ return access_token;
+ }
+
+ public void setAccess_token(String access_token) {
+ this.access_token = access_token;
+ }
+
+ public Integer getExpires_in() {
+ return expires_in;
+ }
+
+ public void setExpires_in(Integer expires_in) {
+ this.expires_in = expires_in;
+ }
+
+ public String getToken_type() {
+ return token_type;
+ }
+
+ public void setToken_type(String token_type) {
+ this.token_type = token_type;
+ }
+
+ public String getScope() {
+ return scope;
+ }
+
+ public void setScope(String scope) {
+ this.scope = scope;
+ }
+}
diff --git a/smartor/src/main/java/com/smartor/domain/SSOUserInfo.java b/smartor/src/main/java/com/smartor/domain/SSOUserInfo.java
new file mode 100644
index 0000000..88574e3
--- /dev/null
+++ b/smartor/src/main/java/com/smartor/domain/SSOUserInfo.java
@@ -0,0 +1,26 @@
+package com.smartor.domain;
+
+public class SSOUserInfo {
+ private String sub; // 鐢ㄦ埛ID
+ private String name; // 鐢ㄦ埛鍚�/宸ュ彿
+ private String nickname; // 鏄剧ず鍚�
+
+ // getter鍜宻etter鏂规硶
+ public String getSub() { return sub; }
+ public void setSub(String sub) { this.sub = sub; }
+
+ public String getName() { return name; }
+ public void setName(String name) { this.name = name; }
+
+ public String getNickname() { return nickname; }
+ public void setNickname(String nickname) { this.nickname = nickname; }
+
+ @Override
+ public String toString() {
+ return "SSOUserInfo{" +
+ "sub='" + sub + '\'' +
+ ", name='" + name + '\'' +
+ ", nickname='" + nickname + '\'' +
+ '}';
+ }
+}
--
Gitblit v1.9.3