From 55e853b4cf6a00bf5f1bccdd5208c9b5d53289c3 Mon Sep 17 00:00:00 2001
From: java110 <928255095@qq.com>
Date: 星期三, 17 六月 2020 09:08:14 +0800
Subject: [PATCH] 鉴权登录问题
---
service-front/src/main/java/com/java110/front/smo/ownerLogin/impl/OwnerAppLoginSMOImpl.java | 374 ++++++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 327 insertions(+), 47 deletions(-)
diff --git a/service-front/src/main/java/com/java110/front/smo/ownerLogin/impl/OwnerAppLoginSMOImpl.java b/service-front/src/main/java/com/java110/front/smo/ownerLogin/impl/OwnerAppLoginSMOImpl.java
index da82b90..8f937df 100644
--- a/service-front/src/main/java/com/java110/front/smo/ownerLogin/impl/OwnerAppLoginSMOImpl.java
+++ b/service-front/src/main/java/com/java110/front/smo/ownerLogin/impl/OwnerAppLoginSMOImpl.java
@@ -2,16 +2,24 @@
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
+import com.java110.core.base.smo.front.AbstractFrontServiceSMO;
import com.java110.core.context.IPageData;
import com.java110.core.context.PageData;
import com.java110.core.factory.AuthenticationFactory;
+import com.java110.dto.owner.OwnerAppUserDto;
+import com.java110.dto.user.UserDto;
import com.java110.front.properties.WechatAuthProperties;
-import com.java110.front.smo.AppAbstractComponentSMO;
import com.java110.front.smo.ownerLogin.IOwnerAppLoginSMO;
+import com.java110.utils.cache.CommonCache;
+import com.java110.utils.constant.CommonConstant;
+import com.java110.utils.constant.ResponseConstant;
+import com.java110.utils.constant.ServiceCodeConstant;
import com.java110.utils.constant.ServiceConstant;
+import com.java110.utils.constant.WechatConstant;
import com.java110.utils.exception.SMOException;
import com.java110.utils.util.Assert;
import com.java110.utils.util.StringUtil;
+import com.java110.vo.ResultVo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -21,13 +29,24 @@
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+
/**
* wx鐧诲綍
*/
@Service("ownerAppLoginSMOImpl")
-public class OwnerAppLoginSMOImpl extends AppAbstractComponentSMO implements IOwnerAppLoginSMO {
+public class OwnerAppLoginSMOImpl extends AbstractFrontServiceSMO implements IOwnerAppLoginSMO {
private final static Logger logger = LoggerFactory.getLogger(OwnerAppLoginSMOImpl.class);
+
+ private final static int expireTime = 7200;
@Autowired
private RestTemplate restTemplate;
@@ -39,82 +58,315 @@
private WechatAuthProperties wechatAuthProperties;
@Override
- public ResponseEntity<String>
- doLogin(IPageData pd) throws SMOException {
- return businessProcess(pd);
- }
-
- @Override
- protected void validate(IPageData pd, JSONObject paramIn) {
-
- //super.validatePageInfo(pd);
-
+ public ResponseEntity<String> doLogin(IPageData pd) throws SMOException {
+ JSONObject paramIn = JSONObject.parseObject(pd.getReqData());
Assert.hasKeyAndValue(paramIn, "username", "璇锋眰鎶ユ枃涓湭鍖呭惈鐢ㄦ埛鍚�");
Assert.hasKeyAndValue(paramIn, "password", "璇锋眰鎶ユ枃涓湭鍖呭惈瀵嗙爜");
- //super.checkUserHasPrivilege(pd, restTemplate, PrivilegeCodeConstant.LIST_ORG);
- }
-
- @Override
- protected ResponseEntity<String> doBusinessProcess(IPageData pd, JSONObject paramIn) {
-
logger.debug("doLogin鍏ュ弬锛�" + paramIn.toJSONString());
ResponseEntity<String> responseEntity;
JSONObject loginInfo = JSONObject.parseObject(pd.getReqData());
loginInfo.put("passwd", AuthenticationFactory.passwdMd5(loginInfo.getString("password")));
- responseEntity = this.callCenterService(restTemplate, pd, loginInfo.toJSONString(), ServiceConstant.SERVICE_API_URL + "/api/user.service.login", HttpMethod.POST);
- if (responseEntity.getStatusCode() != HttpStatus.OK) {
+// responseEntity = this.callCenterService(restTemplate, pd, loginInfo.toJSONString(), ServiceConstant.SERVICE_API_URL + "/api/user.service.login", HttpMethod.POST);
+// if (responseEntity.getStatusCode() != HttpStatus.OK) {
+// return responseEntity;
+// }
+
+ // JSONObject userInfo = JSONObject.parseObject(responseEntity.getBody());
+ UserDto userDto = new UserDto();
+ userDto.setUserName(loginInfo.getString("userName"));
+ userDto.setPassword(loginInfo.getString("password"));
+ userDto = super.getForApi(pd,userDto,ServiceCodeConstant.SERVICE_CODE_USER_LOGIN,UserDto.class);
+
+ if(userDto == null){
+ responseEntity = new ResponseEntity<>("鐢ㄦ埛鍚嶆垨瀵嗙爜閿欒", HttpStatus.BAD_REQUEST);
return responseEntity;
}
- JSONObject userInfo = JSONObject.parseObject(responseEntity.getBody());
-
//鏍规嵁鐢ㄦ埛鏌ヨ鍟嗘埛淇℃伅
- String userId = userInfo.getString("userId");
+ String userId = userDto.getUserId();
pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
"", "", "", "",
pd.getAppId());
- responseEntity = this.callCenterService(restTemplate, pd, "", ServiceConstant.SERVICE_API_URL + "/api/owner.listAppUserBindingOwners?userid=" + userId, HttpMethod.GET);
+ OwnerAppUserDto ownerAppUserDto = new OwnerAppUserDto();
+ ownerAppUserDto.setUserId(userId);
+ List<OwnerAppUserDto> ownerAppUserDtos = super.getForApis(pd, ownerAppUserDto, ServiceCodeConstant.LIST_APPUSERBINDINGOWNERS, OwnerAppUserDto.class);
- if (responseEntity.getStatusCode() != HttpStatus.OK) {
- return responseEntity;
- }
- JSONObject ownerInfo = JSONObject.parseObject(responseEntity.getBody().toString());
-
- if (ownerInfo.getInteger("total") != 1) {
+ if (ownerAppUserDtos == null || ownerAppUserDtos.size() < 1) {
responseEntity = new ResponseEntity<>("鐢ㄦ埛鏈粦瀹氫笟涓�", HttpStatus.BAD_REQUEST);
return responseEntity;
}
- JSONObject appUser = ownerInfo.getJSONArray("auditAppUserBindingOwners").getJSONObject(0);
+ JSONObject appUser = JSONObject.parseObject(JSONObject.toJSONString(ownerAppUserDtos.get(0)));
appUser.put("userId", userId);
appUser.put("userName", paramIn.getString("username"));
JSONObject paramOut = new JSONObject();
paramOut.put("result", 0);
paramOut.put("owner", appUser);
- paramOut.put("token", userInfo.getString("token"));
- //鍙兘鏄痑pp 鐧诲綍 鐩存帴杩斿洖
- if (!paramIn.containsKey("code") || StringUtil.isEmpty(paramIn.getString("code"))) {
+ paramOut.put("token", userDto.getToken());
+
+ userDto = new UserDto();
+ userDto.setUserId(ownerAppUserDtos.get(0).getUserId());
+ UserDto tmpUserDto = super.getForApi(pd, userDto, ServiceCodeConstant.QUERY_USER_SECRET, UserDto.class);
+ paramOut.put("key", tmpUserDto.getKey());
+
+ String appId = pd.getAppId();
+
+ if ("992020061452450002".equals(appId)) { //鍏紬鍙�
+ return wechat(pd, paramIn, paramOut, userId, ownerAppUserDtos);
+ } else if ("992019111758490006".equals(appId)) { //灏忕▼搴�
+ return mina(pd, paramIn, paramOut, userId, ownerAppUserDtos);
+ } else {//app
return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
}
- //濡傛灉code涓嶄负绌鸿皟鐢ㄥ井淇℃帴鍙h幏鍙杘penId 鍒峰叆鍒板綋鍓嶇敤鎴峰睘鎬ц〃
+ }
+ @Override
+ public ResponseEntity<String> doLoginByKey(IPageData pd) throws SMOException {
+ JSONObject paramIn = JSONObject.parseObject(pd.getReqData());
+ Assert.hasKeyAndValue(paramIn, "key", "璇锋眰鎶ユ枃涓湭鍖呭惈涓存椂绉橀挜");
+ logger.debug("doLogin鍏ュ弬锛�" + paramIn.toJSONString());
+ ResponseEntity<String> responseEntity;
+
+ JSONObject loginInfo = JSONObject.parseObject(pd.getReqData());
+
+ UserDto userDto = new UserDto();
+ userDto.setKey(paramIn.getString("key"));
+ userDto = super.postForApi(pd, userDto, ServiceCodeConstant.SERVICE_CODE_USER_LOGIN, UserDto.class);
+
+
+ //鏍规嵁鐢ㄦ埛鏌ヨ鍟嗘埛淇℃伅
+ String userId = userDto.getUserId();
+
+ pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
+ "", "", "", "",
+ pd.getAppId());
+ OwnerAppUserDto ownerAppUserDto = new OwnerAppUserDto();
+ ownerAppUserDto.setUserId(userId);
+ List<OwnerAppUserDto> ownerAppUserDtos = super.getForApis(pd, ownerAppUserDto, ServiceCodeConstant.LIST_APPUSERBINDINGOWNERS, OwnerAppUserDto.class);
+
+
+ if (ownerAppUserDtos == null || ownerAppUserDtos.size() < 1) {
+ responseEntity = new ResponseEntity<>("鐢ㄦ埛鏈粦瀹氫笟涓�", HttpStatus.BAD_REQUEST);
+ return responseEntity;
+ }
+
+ JSONObject appUser = JSONObject.parseObject(JSONObject.toJSONString(ownerAppUserDtos.get(0)));
+ appUser.put("userId", userId);
+ appUser.put("userName", paramIn.getString("username"));
+ JSONObject paramOut = new JSONObject();
+ paramOut.put("code", 0);
+ paramOut.put("msg", "鎴愬姛");
+ paramOut.put("owner", appUser);
+ paramOut.put("token", userDto.getToken());
+ paramOut.put("key", userDto.getKey());
+ return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
+
+ }
+
+ @Override
+ public ResponseEntity<String> getPageAccessToken(IPageData pd) throws SMOException {
+ JSONObject paramIn = JSONObject.parseObject(pd.getReqData());
+ String authCode = paramIn.getString("code");
+ String state = paramIn.getString("state");
+ String paramStr = CommonCache.getAndRemoveValue(paramIn.getString("urlCode"));
+
+ if (StringUtil.isEmpty(paramStr)) {
+ return ResultVo.redirectPage("/");
+ }
+
+ JSONObject param = JSONObject.parseObject(paramStr);
+ String redirectUrl = param.getString("redirectUrl");
+ String errorUrl = param.getString("errorUrl");
+
+
+ String url = WechatConstant.APP_GET_ACCESS_TOKEN_URL.replace("APPID", wechatAuthProperties.getWechatAppId())
+ .replace("SECRET", wechatAuthProperties.getWechatAppSecret())
+ .replace("CODE", authCode);
+
+ ResponseEntity<String> paramOut = outRestTemplate.getForEntity(url, String.class);
+
+ logger.debug("璋冪敤寰俊鎹㈠幓openId ", paramOut);
+ if (paramOut.getStatusCode() != HttpStatus.OK) {
+ return ResultVo.redirectPage(errorUrl);
+
+ }
+
+ JSONObject paramObj = JSONObject.parseObject(paramOut.getBody());
+
+ //鑾峰彇 openId
+ String openId = paramObj.getString("openid");
+ //鍒ゆ柇褰撳墠openId 鏄惁缁戝畾浜嗕笟涓�
+
+ pd = PageData.newInstance().builder("-1", "", "", pd.getReqData(),
+ "", "", "", "",
+ pd.getAppId());
+ OwnerAppUserDto ownerAppUserDto = new OwnerAppUserDto();
+ ownerAppUserDto.setOpenId(openId);
+ List<OwnerAppUserDto> ownerAppUserDtos = super.getForApis(pd, ownerAppUserDto, ServiceCodeConstant.LIST_APPUSERBINDINGOWNERS, OwnerAppUserDto.class);
+
+ if (ownerAppUserDtos == null || ownerAppUserDtos.size() < 1) {
+ //灏唎penId鏀惧埌redis 缂撳瓨锛岀粰鍓嶆涓嬪彂涓存椂绁ㄦ嵁
+ String code = UUID.randomUUID().toString();
+ CommonCache.setValue(code, openId, expireTime);
+ return ResultVo.redirectPage(errorUrl + "?code=" + code);
+ }
+
+ // String accessToken = paramObj.getString("access_token");//鏆傛椂涓嶇敤
+ Map userMap = new HashMap();
+ userMap.put(CommonConstant.LOGIN_USER_ID, ownerAppUserDtos.get(0).getUserId());
+ userMap.put(CommonConstant.LOGIN_USER_NAME, ownerAppUserDtos.get(0).getAppUserName());
+ String token = "";
+ try {
+ token = AuthenticationFactory.createAndSaveToken(userMap);
+ pd.setToken(token);
+ } catch (Exception e) {
+ logger.error("鍒涘缓token澶辫触");
+ }
+ //鏌ヨ鐢ㄦ埛key
+ UserDto userDto = new UserDto();
+ userDto.setUserId(ownerAppUserDtos.get(0).getUserId());
+ UserDto tmpUserDto = super.getForApi(pd, userDto, ServiceCodeConstant.QUERY_USER_SECRET, UserDto.class);
+
+// if(StringUtil.isEmpty(tmpUserDto.getKey())){
+// tmpUserDto = super.postForApi(pd, tmpUserDto, ServiceCodeConstant.SERVICE_CODE_USER_LOGIN, UserDto.class);
+// }
+ redirectUrl = redirectUrl + (redirectUrl.indexOf("?") > 0 ? "&key=" + tmpUserDto.getKey() : "?key=" + tmpUserDto.getKey());
+ return ResultVo.redirectPage(redirectUrl);
+
+ }
+
+ /**
+ * 鍒锋柊token
+ *
+ * @param pd
+ * @param redirectUrl
+ * @param request
+ * @param response
+ * @return
+ * @throws SMOException
+ */
+ @Override
+ public ResponseEntity<String> refreshToken(IPageData pd, String redirectUrl,
+ String errorUrl,
+ HttpServletRequest request, HttpServletResponse response) throws SMOException {
+ //鍒嗛厤urlCode
+ String urlCode = UUID.randomUUID().toString();
+ JSONObject param = new JSONObject();
+ param.put("redirectUrl", redirectUrl);
+ param.put("errorUrl", errorUrl);
+ CommonCache.setValue(urlCode, param.toJSONString(), expireTime);
+
+ URL url = null;
+ String openUrl = "";
+ try {
+ url = new URL(redirectUrl);
+
+ String newUrl = url.getProtocol() + "://" + url.getHost();
+ if (url.getPort() > 0) {
+ newUrl += (":" + url.getPort());
+ }
+
+ openUrl = WechatConstant.OPEN_AUTH
+ .replace("APPID", wechatAuthProperties.getWechatAppId())
+ .replace("SCOPE", "snsapi_base")
+ .replace(
+ "REDIRECT_URL",
+ URLEncoder
+ .encode(
+ (newUrl
+ + "/app/loginOwnerWechatAuth?appId=992020061452450002&urlCode=" + urlCode),
+ "UTF-8")).replace("STATE", "1");
+
+ } catch (Exception e) {
+ logger.error("寰俊鍏紬鍙烽壌鏉� redirectUrl 閿欒 " + redirectUrl, e);
+ throw new SMOException(ResponseConstant.RESULT_CODE_ERROR, e.getLocalizedMessage());
+ }
+
+ JSONObject urlObj = new JSONObject();
+ urlObj.put("openUrl", openUrl);
+
+ return ResultVo.createResponseEntity(ResultVo.CODE_MACHINE_OK, ResultVo.MSG_OK, urlObj);
+ }
+
+ /**
+ * 鍏紬鍙风櫥褰�
+ *
+ * @param pd
+ * @param paramIn
+ * @param paramOut
+ * @param userId
+ * @param ownerAppUserDtos
+ * @return
+ */
+ private ResponseEntity<String> wechat(IPageData pd, JSONObject paramIn, JSONObject paramOut, String userId,
+ List<OwnerAppUserDto> ownerAppUserDtos) {
+
+ ResponseEntity<String> responseEntity = null;
+ //鏌ヨ寰俊淇℃伅
+ pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
+ "", "", "", "",
+ pd.getAppId());
+
+
+ String code = paramIn.getString("code");
+
+ String openId = CommonCache.getValue(code);
+
+ if (StringUtil.isEmpty(openId)) {
+ responseEntity = new ResponseEntity<>("椤甸潰澶辨晥锛岃鍒锋柊鍚庨噸璇�", HttpStatus.UNAUTHORIZED);
+ return responseEntity;
+ }
+
+ OwnerAppUserDto curOwnerApp = judgeCurrentOwnerBind(ownerAppUserDtos, OwnerAppUserDto.APP_TYPE_WECHAT);
+
+ //璇存槑 褰撳墠鐨刼penId 灏辨槸鏈�鏂扮殑
+ if (curOwnerApp != null && openId.equals(curOwnerApp.getOpenId())) {
+ return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
+ }
+
+ JSONObject userOwnerInfo = new JSONObject();
+ OwnerAppUserDto ownerAppUserDto = new OwnerAppUserDto();
+ ownerAppUserDto.setOpenId(openId);
+ ownerAppUserDto.setAppType(OwnerAppUserDto.APP_TYPE_WECHAT);
+ if (curOwnerApp != null) {
+ ownerAppUserDto.setAppUserId(curOwnerApp.getAppUserId());
+ ownerAppUserDto.setCommunityId(curOwnerApp.getCommunityId());
+ } else {
+ ownerAppUserDto.setOldAppUserId(ownerAppUserDtos.get(0).getAppUserId());
+ ownerAppUserDto.setAppUserId("-1");
+ ownerAppUserDto.setCommunityId(ownerAppUserDtos.get(0).getCommunityId());
+ }
+
+ //鏌ヨ寰俊淇℃伅
+ pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
+ "", "", "", "",
+ pd.getAppId());
+
+ super.postForApi(pd, ownerAppUserDto, ServiceCodeConstant.REFRESH_APP_USER_BINDING_OWNER_OPEN_ID,
+ OwnerAppUserDto.class);
+ return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
+ }
+
+ private ResponseEntity<String> mina(IPageData pd, JSONObject paramIn, JSONObject paramOut, String userId, List<OwnerAppUserDto> ownerAppUserDtos) {
+
+ ResponseEntity<String> responseEntity = null;
//鏌ヨ寰俊淇℃伅
pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
"", "", "", "",
pd.getAppId());
responseEntity = this.callCenterService(restTemplate, pd, "",
ServiceConstant.SERVICE_API_URL + "/api/smallWeChat.listSmallWeChats?appId="
- + paramIn.getString("appId")+"&page=1&row=1", HttpMethod.GET);
+ + paramIn.getString("appId") + "&page=1&row=1", HttpMethod.GET);
if (responseEntity.getStatusCode() != HttpStatus.OK) {
return responseEntity;
}
-
- JSONArray smallWeChats = ownerInfo.getJSONArray("smallWeChats");
+ JSONObject smallWechatObj = JSONObject.parseObject(responseEntity.getBody().toString());
+ JSONArray smallWeChats = smallWechatObj.getJSONArray("smallWeChats");
String appId = wechatAuthProperties.getAppId();
String secret = wechatAuthProperties.getSecret();
if (smallWeChats.size() > 0) {
@@ -144,23 +396,51 @@
String openId = responseObj.getString("openid");
- JSONObject userAttrInfo = new JSONObject();
- userAttrInfo.put("userId", userId);
- userAttrInfo.put("specCd", "100201911001");//寰俊openId
- userAttrInfo.put("value", openId);
+ OwnerAppUserDto ownerAppUserDto = judgeCurrentOwnerBind(ownerAppUserDtos, OwnerAppUserDto.APP_TYPE_WECHAT_MINA);
+ //璇存槑 褰撳墠鐨刼penId 灏辨槸鏈�鏂扮殑
+ if (ownerAppUserDto != null && openId.equals(ownerAppUserDto.getOpenId())) {
+ return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
+ }
+
+ OwnerAppUserDto tmpOwnerAppUserDto = new OwnerAppUserDto();
+ tmpOwnerAppUserDto.setOpenId(openId);
+ tmpOwnerAppUserDto.setAppType(OwnerAppUserDto.APP_TYPE_WECHAT_MINA);
+ if (ownerAppUserDto != null) {
+ tmpOwnerAppUserDto.setAppUserId(ownerAppUserDto.getAppUserId());
+ tmpOwnerAppUserDto.setCommunityId(ownerAppUserDto.getCommunityId());
+ } else {
+ tmpOwnerAppUserDto.setOldAppUserId(ownerAppUserDtos.get(0).getAppUserId());
+ tmpOwnerAppUserDto.setAppUserId("-1");
+ tmpOwnerAppUserDto.setCommunityId(ownerAppUserDtos.get(0).getCommunityId());
+ }
//鏌ヨ寰俊淇℃伅
pd = PageData.newInstance().builder(userId, "", "", pd.getReqData(),
"", "", "", "",
pd.getAppId());
- responseEntity = this.callCenterService(restTemplate, pd, userAttrInfo.toJSONString(),
- ServiceConstant.SERVICE_API_URL + "/api/user.saveOrUpdateUserAttr", HttpMethod.POST);
- if(responseEntity.getStatusCode() != HttpStatus.OK){
- return responseEntity;
- }
+
+ super.postForApi(pd, tmpOwnerAppUserDto, ServiceCodeConstant.REFRESH_APP_USER_BINDING_OWNER_OPEN_ID,
+ OwnerAppUserDto.class);
return new ResponseEntity<>(paramOut.toJSONString(), HttpStatus.OK);
}
+ /**
+ * 鍒ゆ柇 缁戝畾琛ㄩ噷鏄惁瀛樺湪褰撳墠 绔� 缁戝畾淇℃伅
+ *
+ * @param ownerAppUserDtos
+ * @param appType
+ * @return
+ */
+ private OwnerAppUserDto judgeCurrentOwnerBind(List<OwnerAppUserDto> ownerAppUserDtos, String appType) {
+
+ for (OwnerAppUserDto ownerAppUserDto : ownerAppUserDtos) {
+ if (appType.equals(ownerAppUserDto.getAppType())) {
+ return ownerAppUserDto;
+ }
+ }
+ return null;
+ }
+
public RestTemplate getRestTemplate() {
return restTemplate;
}
--
Gitblit v1.8.0