政务端对接修改

8 months ago · 74a75572b7
parent 84a979b1df
commit 74a75572b7
9 changed files with 163 additions and 32 deletions
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/controller/ChiefController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/controller/ChiefController.java
@ -1,23 +1,28 @@
 package com.ruoyi.jjh.declaration.single.controller;

+import cn.hutool.core.codec.Base64;
+import cn.hutool.http.HttpRequest;
 import cn.hutool.http.HttpResponse;
-import cn.hutool.http.HttpUtil;
 import cn.hutool.json.JSONObject;
 import cn.hutool.json.JSONUtil;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.exception.ServiceException;
+import com.ruoyi.jjh.declaration.single.dto.request.UserInfoRequestDTO;
 import com.ruoyi.jjh.declaration.single.dto.response.ChiefResponse;
+import com.ruoyi.jjh.declaration.single.dto.response.ThirdUserInfoResponse;
 import com.ruoyi.jjh.declaration.single.service.SingleLoginService;
+import com.ruoyi.jjh.declaration.single.util.HMAC256Config;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.util.DigestUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;

 import javax.annotation.Resource;
+import java.net.URLEncoder;
+import java.util.HashMap;

 /**
 * 政务端登录
@ -30,45 +35,65 @@ import javax.annotation.Resource;
@RestController
 public class ChiefController {

+    @Value("${clientId}")
+    private String clientId;
+
+    @Value("${clientSecret}")
+    private String clientSecret;
+
+
    @Value("${appkey}")
    private String appkey;

-    @Value("${zwUrl}")
-    private String zwUrl;
-
    @Resource
    private SingleLoginService singleLoginService;

    @ApiOperation("政务端登录")
    @GetMapping
    public AjaxResult login(
-            @RequestParam("accountName") String accountName,
-            @RequestParam("timestamp") String timestamp,
-            @RequestParam("sign") String sign,
-            @RequestParam("loginType") String loginType
-    ) {
-        String md5 = accountName + timestamp;
-        String md5Password = DigestUtils.md5DigestAsHex(md5.getBytes());
-        if (md5Password.equals(sign.toLowerCase())) {
-            //政务端获取用户信息
-            String url = zwUrl + "?accountName=" + accountName + "&appkey" + appkey;
-            HttpResponse response = HttpUtil.createGet(url).execute();
+            @RequestParam("userToken") String userToken,
+            @RequestParam("timespan") String timespan,
+            @RequestParam("signature") String signature
+    ) throws Exception {
+        String encode = URLEncoder.encode(Base64.encode((HMAC256Config.HmacSHA256(clientId + timespan + userToken, clientSecret))), "UTF-8");
+        if (encode.equals(signature)) {
+            //经济大脑（政务端）获取用户信息接口
+            String url = "https://qyt.sipac.gov.cn/enterprise-gateway/sipsg-enterprise/sys/third/userInfo";
+            UserInfoRequestDTO req = new UserInfoRequestDTO();
+            req.setClientId(clientId);
+            req.setUserToken(userToken);
+            //请求头
+            HashMap<String, String> headers = new HashMap<>();//存放请求头，可以存放多个请求头
+            headers.put("signature", Base64.encode(HMAC256Config.HmacSHA256(JSONUtil.parse(req).toString() + timespan, clientSecret)));
+            headers.put("timespan", timespan);
+            //请求体
+            JSONObject jsonObject = new JSONObject();//存放参数
+            jsonObject.set("clientId", clientId);
+            jsonObject.set("userToken", userToken);
+            HttpResponse response = HttpRequest.post(url)
+                    .addHeaders(headers)
+                    .body(jsonObject.toString())
+                    .execute();
            // 获取响应状态码
-            int statusCode = response.getStatus();
-            if (statusCode == 200) {
-                String responseBody = response.body();
-                JSONObject jsonObj = JSONUtil.parseObj(responseBody);
-                JSONObject dataObj = jsonObj.getJSONObject("data");
-                ChiefResponse req = JSONUtil.toBean(dataObj, ChiefResponse.class);
-                System.out.println(req);
-                // req.setToken(singleLoginService.singleLogin("1","2",null,"02"));
-                //判断几个政务端用户
-                return AjaxResult.success(req);
+            if (response.getStatus() == 200) {
+                //经济大脑（政务端）获取用户信息接口
+                JSONObject jsonObj = JSONUtil.parseObj(response.body());
+                ThirdUserInfoResponse res = JSONUtil.toBean(jsonObj.get("data").toString(), ThirdUserInfoResponse.class);
+                String getInfo = "http://uid.sipac.gov.cn/open/api/identity/data/FindUserById?id=" + res.getUserId() + "&appkey=" + appkey;
+                HttpResponse getMain = HttpRequest.get(getInfo).execute();
+                if (getMain.getStatus() == 200) {
+                    JSONObject dataJson = JSONUtil.parseObj(getMain.body());
+                    ChiefResponse bean = JSONUtil.toBean(dataJson, ChiefResponse.class);
+                    //判断几个政务端用户,等待商量结果
+                    bean.setToken(singleLoginService.singleLogin(bean.getId(),bean.getName(),null,"02"));
+                    return AjaxResult.success(bean);
+                } else {
+                    throw new ServiceException("登陆失败");
+                }
            }
        } else {
            throw new ServiceException("登陆失败");
        }
        throw new ServiceException("登陆失败");
    }
-
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/request/UserInfoRequestDTO.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/request/UserInfoRequestDTO.java
@ -0,0 +1,14 @@
+package com.ruoyi.jjh.declaration.single.dto.request;
+
+import lombok.Data;
+
+/**
+ * 获取用户信息请求类
+ * @author du
+ * @since 2024/6/20 11:20
+ */
+@Data
+public class UserInfoRequestDTO {
+    private String clientId;
+    private String userToken;
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/response/ChiefResponse.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/response/ChiefResponse.java
@ -36,6 +36,7 @@ public class ChiefResponse {
    private String workAddress;
    private String state;
    private String description;
+//    private String post;
    private String secondaryEmail;
    private String hasDomainAccount;
    private SettingsResponse settings;
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/response/ThirdUserInfoResponse.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/dto/response/ThirdUserInfoResponse.java
@ -0,0 +1,17 @@
+package com.ruoyi.jjh.declaration.single.dto.response;
+
+import lombok.Data;
+
+/**
+ * 经济大脑（政务端）获取用户信息接口返回类
+ * @author du
+ * @since 2024/6/20 13:38
+ */
+@Data
+public class ThirdUserInfoResponse {
+
+    private String userId;
+    private String name;
+    private String userType;
+
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/service/impl/SingleLoginServiceImpl.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/service/impl/SingleLoginServiceImpl.java
@ -51,7 +51,7 @@ public class SingleLoginServiceImpl implements SingleLoginService {
            if("01".equals(userType)){
                roles[0]=101L;
            }else if("02".equals(userType)){
-                roles[0]=101L;
+                roles[0]=100L;
            }
            user.setRoleIds(roles);
            user.setStatus("0");
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/util/HMAC256Config.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/single/util/HMAC256Config.java
@ -0,0 +1,72 @@
+package com.ruoyi.jjh.declaration.single.util;
+
+import org.apache.commons.codec.binary.Base64;
+
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * 签名验证
+ * @author du
+ * @since 2024/6/20 10:15
+ */
+public class HMAC256Config {
+
+    /**
+     * 加解密统一编码方式
+     */
+    private final static String ENCODING = "utf-8";
+
+    /**
+     * 加解密方式
+     */
+    private final static String ALGORITHM  = "AES";
+
+    /**
+     *加密模式及填充方式
+     */
+    private final static String PATTERN = "AES/CBC/pkcs5padding";
+
+    //AES解密
+    /**
+     * @param content 密文
+     * @param key     aes密钥
+     * @return 原文
+     * @throws Exception
+     */
+    public static String decrypt(String content, String key) throws Exception {
+
+        //反序列化AES密钥
+        SecretKeySpec keySpec = new SecretKeySpec(Base64.decodeBase64(key.getBytes()), ALGORITHM);
+
+        //128bit全零的IV向量
+        byte[] iv = new byte[16];
+        for (int i = 0; i < iv.length; i++) {
+            iv[i] = 0;
+        }
+        IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
+
+        //初始化加密器并加密
+        Cipher deCipher = Cipher.getInstance(PATTERN);
+        deCipher.init(Cipher.DECRYPT_MODE, keySpec, ivParameterSpec);
+        byte[] encryptedBytes = Base64.decodeBase64(content.getBytes(ENCODING));
+        byte[] bytes = deCipher.doFinal(encryptedBytes);
+        return new String(bytes);
+    }
+
+    public static byte[] HmacSHA256(String data,String key) throws Exception {
+        Mac sha256_HMAC = Mac.getInstance("HmacSHA256");
+        SecretKeySpec secret_key = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
+        sha256_HMAC.init(secret_key);
+        byte[] array = sha256_HMAC.doFinal(data.getBytes(StandardCharsets.UTF_8));
+        return array;
+    }
+}
+
+
+
+
+
--- a/ruoyi-admin/src/main/resources/application-druid.yml
+++ b/ruoyi-admin/src/main/resources/application-druid.yml
@ -62,5 +62,4 @@ spring:
                    config:
                        multi-statement-allow: true
 #自己客户端地址
-#returnUrl: http://39.101.188.84:9999/demo/JinJiHu
-returnUrl: http://192.168.0.108:80
+returnUrl: http://39.101.188.84:9999/demo/JinJiHu
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -132,10 +132,12 @@ url: https://qytt.sipac.gov.cn/api/usercenter/User/ssoLogin
 infoUrl: https://qytt.sipac.gov.cn/api/usercenter/User/getInfo
 #退出登录url
 logoutUrl: https://qytt.sipac.gov.cn/api/usercenter/User/ssoLogOut
+#政务端clientId
+clientId: 987d5975437043ff85c0522a0a282a6b
 #政务端key
 appkey: db90cb33-6551-4d1f-875e-236d66af4fcc
-#政务内网获取用户信息
-zwUrl: http://uid.sipac.gov.cn/open/api/identity/data/FindUserByAccountName
+#政务端clientSecret
+clientSecret: Q5ym8T9XIEZAn+DSQl+aXA==



--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@ -116,6 +116,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
 //                .antMatchers("/common/**").permitAll()
+                .antMatchers("/system/**").permitAll()


                // 除上面外的所有请求全部需要鉴权认证