From ea9c33ab8ef00dd1611f2ed1ed9d331909e53a9f Mon Sep 17 00:00:00 2001
From: 陈昶聿 <chychen@nbjetron.com>
Date: 星期三, 01 四月 2026 17:39:00 +0800
Subject: [PATCH] 【丽水】单点登录
---
ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java | 172 ++++++++++++++++++++++++++++++++++++++++++++-------------
1 files changed, 133 insertions(+), 39 deletions(-)
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
index e174e25..1338a84 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/sso/SSOController.java
@@ -5,8 +5,10 @@
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.exception.base.BaseException;
import com.ruoyi.common.utils.HttpUtil;
+import com.ruoyi.common.utils.OkHttpExample;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.http.HttpUtils;
+import com.ruoyi.framework.web.service.SysLoginService;
import com.ruoyi.framework.web.service.TokenService;
import com.ruoyi.system.service.ISysConfigService;
import com.ruoyi.system.service.ISysUserService;
@@ -19,18 +21,21 @@
import org.springframework.http.client.SimpleClientHttpRequestFactory;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
+import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.view.RedirectView;
+import org.springframework.web.util.UriComponentsBuilder;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.HashMap;
+import java.util.LinkedHashMap;
import java.util.Map;
/**
@@ -84,6 +89,9 @@
private TokenService tokenService;
@Autowired
+ private SysLoginService loginService;
+
+ @Autowired
private ISysConfigService sysConfigService;
private final RestTemplate restTemplate;
@@ -100,24 +108,14 @@
* SSO鐧诲綍鍏ュ彛 - 淇¢�氶櫌浼氳皟鐢ㄨ繖涓湴鍧�
* 璁块棶璺緞锛歨ttp://鍩熷悕:8095/sso/login
*/
- @GetMapping("ssoLogin")
- public RedirectView ssoLogin() {
+ @GetMapping("")
+ public void ssoLogin() {
log.info("鏀跺埌SSO鐧诲綍璇锋眰锛屽紑濮嬮噸瀹氬悜鍒版巿鏉冩湇鍔″櫒");
- String id = clientId;
- String redirectUri = internalRedirectUri;
- String scope = "openid";
- id = "1553548571532333056";
- redirectUri = URLEncoder.encode(internalRedirectUri);
- // 閲嶅畾鍚戝湴鍧�瀵硅薄(閲嶅畾鍚戝湴鍧�
- RedirectView redirectView = new RedirectView();
// Authorize閴存潈鎺ュ彛
- String param = "client_id=" + id + "&redirect_uri=" + redirectUri + "&response_type=code" +
- "&state=" + state + "&scope=" + scope;
+ String param = "client_id=" + clientId + "&redirect_uri=" + internalRedirectUri + "&response_type=code" + "&state=" + state + "&scope=" + scope;
log.info("銆怉uthorize閴存潈鎺ュ彛銆戝叆鍙備负锛歿}", param);
- String url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/authorize";
-// String url = internalAuthorizeUrl;
- String s = HttpUtils.sendGet(url, param);
+ String s = HttpUtils.sendGet(internalAuthorizeUrl, param);
Map<String, String> result = getResult(s);
String code = result.get("code");
try {
@@ -126,21 +124,71 @@
createLocalSession(userInfo);
- String path = sysConfigService.selectConfigByKey("sys.qddz");
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ /**
+ * SSO鐧诲綍鍏ュ彛 - 淇¢�氶櫌浼氳皟鐢ㄨ繖涓湴鍧�
+ * 璁块棶璺緞锛歨ttp://鍩熷悕:8095/sso/ssoLoginLyra
+ */
+ @GetMapping("ssoLoginLyra")
+ public RedirectView ssoLoginLyra(@RequestParam(value = "code", required = false) String code) {
+ log.info("鏀跺埌SSOLyra鐧诲綍璇锋眰锛屽紑濮嬮噸瀹氬悜鍒版巿鏉冩湇鍔″櫒,code = {}",code);
+ String path = sysConfigService.selectConfigByKey("sys.qddz");
+ String redirectUri = "https://9.208.2.190:8092/prod-api/sso/ssoLoginLyra";
+ String lyraPath = "https://9.0.124.104:13021";
+ String clientId = "1553588321874087936";
+ String clientSecret = "suifangxt";
+ String scope = "openid";
+
+// String authorizeUrl = lyraPath + "/mediinfo-lyra-authserver/connect/authorize";
+ String accessTokenUrl = lyraPath + "/mediinfo-lyra-authserver/connect/token";
+ String userInfoUrl = lyraPath + "/mediinfo-lyra-authserver/connect/userinfo";
+ // 閲嶅畾鍚戝湴鍧�瀵硅薄(閲嶅畾鍚戝湴鍧�
+ RedirectView redirectView = new RedirectView();
+ try {
+ SSOTokenResponse accessToken = getAccessTokenLyra(code, accessTokenUrl, clientId, clientSecret, redirectUri,true);
+ log.info("鑾峰彇鍒扮殑token锛�" + accessToken);
+ SSOUserInfo userInfo = getUserInfoLyra(accessToken.getAccess_token(), userInfoUrl,true);
+ log.info("鑾峰彇鍒扮殑鐢ㄦ埛淇℃伅锛�" + userInfo);
+// createLocalSession(userInfo);
if (StringUtils.isEmpty(path)) {
throw new BaseException("璇烽厤缃墠绔湴鍧�");
}
- String reviewUrl = path + "/loginSSO?token=" + accessToken.getAccess_token() + "&orgid=" +
- userInfo.getZuZhiJGID() + "&orgname=" + userInfo.getZuZhiJGMC() +
- "&ZuHuID="+ userInfo.getYongHuID() +"&deptCode=null";
- log.info("鍗曠偣鐧婚檰閲嶅畾鍚戝湴鍧�涓猴細{}", reviewUrl);
- redirectView.setUrl(reviewUrl);
- redirectView.setStatusCode(HttpStatus.MOVED_PERMANENTLY);
- } catch (Exception e) {
- e.printStackTrace();
- return new RedirectView();
- }
+ String userName = userInfo.getZhiGongID();
+ String orgid = userInfo.getZuZhiJGID();
+ String campusid = "1";
+ String deptId = null;
+ String token = null;
+ log.info("銆怱SO鐧诲綍銆戣幏鍙栫敤鎴稵oken鍙傛暟锛�" + userInfo);
+ String loginToken = loginService.ssoLogin(userName, orgid, deptId, campusid, token);
+ if (StringUtils.isEmpty(loginToken)) {
+ log.error("銆怱SO鐧诲綍銆戠櫥褰曞け璐ワ紝userName={}, orgid={}", userName, orgid);
+ return buildRedirect(path + "/login");
+ }
+
+ String redirectUrl = path + "/loginSSO?token=" + loginToken + "&orgid=" + orgid + "&orgname=null&ZuHuID=null&deptCode=null";
+ log.info("銆怱SO鐧诲綍銆戦噸瀹氬悜鍦板潃锛歿}", redirectUrl);
+ return buildRedirect(redirectUrl);
+
+ } catch (Exception e) {
+ log.error("SSO鐧诲綍澶辫触", e);
+ redirectView.setUrl(path + "/login?error=sso_failed");
+ return redirectView;
+
+ }
+ }
+
+ /**
+ * 鏋勫缓閲嶅畾鍚戣鍥�
+ */
+ private RedirectView buildRedirect(String url) {
+ RedirectView redirectView = new RedirectView();
+ redirectView.setUrl(url);
+ redirectView.setStatusCode(HttpStatus.MOVED_PERMANENTLY);
return redirectView;
}
@@ -172,22 +220,15 @@
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
- String id = clientId;
- String secret = clientSecret;
- String url = getTokenUrl(isInternal);
- String redirectUri = getRedirectUri(isInternal);
- id = "1553548571532333056";
- secret = "suifangxt";
- url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/token";
- params.add("client_id", id);
- params.add("client_secret", secret);
+ params.add("client_id", clientId);
+ params.add("client_secret", clientSecret);
params.add("code", code);
params.add("grant_type", "authorization_code");
- params.add("redirect_uri", redirectUri);
+ params.add("redirect_uri", getRedirectUri(isInternal));
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(params, headers);
- ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.POST, request, String.class);
+ ResponseEntity<String> response = restTemplate.exchange(getTokenUrl(isInternal), HttpMethod.POST, request, String.class);
log.info("Token鍝嶅簲: {}", response.getBody());
@@ -212,9 +253,8 @@
headers.set("Authorization", "Bearer " + accessToken);
HttpEntity<String> entity = new HttpEntity<>(headers);
- String url = getUserinfoUrl(isInternal);
- url = "https://9.208.39.29:13021" + "/mediinfo-lyra-authserver/connect/userinfo";
- ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, entity, String.class);
+
+ ResponseEntity<String> response = restTemplate.exchange(getUserinfoUrl(isInternal), HttpMethod.GET, entity, String.class);
log.info("鐢ㄦ埛淇℃伅鍝嶅簲: {}", response.getBody());
@@ -232,6 +272,60 @@
}
/**
+ * 鑾峰彇璁块棶浠ょ墝
+ */
+ private SSOTokenResponse getAccessTokenLyra(String code, String accessTokenUrl, String clientId, String clientSecret, String redirectUri, boolean isInternal) throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+
+ Map<String, String> params = new HashMap<>();
+ params.put("client_id", clientId);
+ params.put("client_secret", clientSecret);
+ params.put("code", code);
+ params.put("grant_type", "authorization_code");
+ params.put("redirect_uri", redirectUri);
+
+ log.info("getAccessTokenLyra: url = {}, params = {}" , accessTokenUrl, params);
+ String result = OkHttpExample.postFormUnsafe(accessTokenUrl, params);
+ log.info("Token鍝嶅簲: {}", result);
+
+ if (result == null || result.trim().isEmpty()) {
+ throw new RuntimeException("Token鍝嶅簲涓虹┖");
+ }
+
+ SSOTokenResponse tokenResponse = JSON.parseObject(result, SSOTokenResponse.class);
+
+ if (tokenResponse == null || StringUtils.isEmpty(tokenResponse.getAccess_token())) {
+ throw new RuntimeException("鑾峰彇access_token澶辫触");
+ }
+
+ return tokenResponse;
+ }
+
+ /**
+ * 鑾峰彇鐢ㄦ埛淇℃伅
+ */
+ private SSOUserInfo getUserInfoLyra(String accessToken, String userInfoUrl, boolean isInternal) throws Exception {
+ HttpHeaders headers = new HttpHeaders();
+ headers.set("Authorization", "Bearer " + accessToken);
+ log.info("getUserInfoLyra: url = {}, accessToken = {}" , userInfoUrl, accessToken);
+ String result = OkHttpExample.getUnsafe(userInfoUrl,accessToken);
+ log.info("鐢ㄦ埛淇℃伅鍝嶅簲: {}", result);
+
+ if (result == null || result.trim().isEmpty()) {
+ throw new RuntimeException("鐢ㄦ埛淇℃伅鍝嶅簲涓虹┖");
+ }
+
+ SSOUserInfo userInfo = JSON.parseObject(result, SSOUserInfo.class);
+
+ if (userInfo == null || StringUtils.isEmpty(userInfo.getName())) {
+ throw new RuntimeException("鑾峰彇鐢ㄦ埛淇℃伅澶辫触鎴栫敤鎴峰悕涓虹┖");
+ }
+
+ return userInfo;
+ }
+
+ /**
* 鍒涘缓鏈湴浼氳瘽
*/
private String createLocalSession(SSOUserInfo userInfo) {
--
Gitblit v1.9.3