单点登陆

9 months ago · 916c55fc65
parent fcc1c4f7af
commit 916c55fc65
4 changed files with 171 additions and 1 deletions
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/controller/SingleLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/controller/SingleLoginController.java
@ -0,0 +1,131 @@
 package com.ruoyi.jjh.declaration.controller;
 /**
 * @author dong
 * @since 2024/5/22 15:50
 */
 import cn.hutool.http.HttpUtil;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.jjh.declaration.util.AESEncryptor;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
 /**
 * 单点登陆
 */
@Api(tags = "单点登陆")
@RestController
@RequestMapping("/system/singlelogin")
 public class SingleLoginController {
    @Value("${url}")
    private String url;
    @Value("${tokenUrl}")
    private String tokenUrl;
    @Value("${infoUrl}")
    private String infoUrl;
    /**
     * 统一登陆
     *
     * @return
     */
    @ApiOperation("统一登陆")
    @GetMapping("/login")
    public void login(HttpServletResponse response) throws IOException {
        String appMark = "jjhxdfw";
        String returnUrl ="http://192.168.0.113:9040/system/singlelogin/getToken";
        String gotoUrl="https://www.baidu.com";
        String responseUrl = url+"?appMark="+appMark+"&returnUrl="+returnUrl+"&gotoUrl="+gotoUrl;
        response.sendRedirect(responseUrl);
    }
    /**
     * 获取令牌（token）
     *
     * @return
     */
    @ApiOperation("获取令牌")
    @GetMapping("/getToken")
    public AjaxResult getToken() throws Exception {
        String APPMARK = "jjhxdfw";
        String APPWORD = "vvoTza3RZh23hXiG";
        String timeStamp = String.valueOf(System.currentTimeMillis());
        // 获取sign
        String sign = APPMARK + APPWORD + timeStamp;
        sign = AESEncryptor.encrypt(sign);
        ObjectMapper objectMapper = new ObjectMapper();
        // 创建 ObjectNode 对象
        ObjectNode jsonNode = objectMapper.createObjectNode();
        // 设置 JSON 对象的各个属性
        jsonNode.put("appmark", APPMARK);
        jsonNode.put("time", timeStamp);
        jsonNode.put("sign", sign);
        jsonNode.put("servicename", "ticketValidate");
        // 创建 params 属性的 JSON 对象
        ObjectNode paramsNode = objectMapper.createObjectNode();
        paramsNode.put("ticket", "");
        jsonNode.set("params", paramsNode);
        String jsonString = jsonNode.toString();
        String response = HttpUtil.createPost(infoUrl)
                .body(jsonString, "application/json")
                .execute()
                .body();
        return AjaxResult.success(response);
    }
    /**
     * 获取用户信息
     *
     * @return
     */
    @ApiOperation("获取用户信息")
    @GetMapping("/getInfo")
    public AjaxResult getInfo(@RequestParam("token") String token) throws Exception {
        String APPMARK = "jjhxdfw";
        String APPWORD = "";
        String timeStamp = String.valueOf(System.currentTimeMillis());
        // 获取sign
        String sign = APPMARK + APPWORD + timeStamp;
        sign = AESEncryptor.encrypt(sign);
        ObjectMapper objectMapper = new ObjectMapper();
        // 创建 ObjectNode 对象
        ObjectNode jsonNode = objectMapper.createObjectNode();
        // 设置 JSON 对象的各个属性
        jsonNode.put("appmark", APPMARK);
        jsonNode.put("time", timeStamp);
        jsonNode.put("sign", sign);
        jsonNode.put("servicename", "findOutsideUserByToken");
        // 创建 params 属性的 JSON 对象
        ObjectNode paramsNode = objectMapper.createObjectNode();
        paramsNode.put("token", token);
        jsonNode.set("params", paramsNode);
        // 将 JSON 对象转换为字符串
        String jsonString = jsonNode.toString();
        String response = HttpUtil.createPost(infoUrl)
                .body(jsonString, "application/json")
                .execute()
                .body();
        return AjaxResult.success(response);
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/util/AESEncryptor.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/jjh/declaration/util/AESEncryptor.java
@ -0,0 +1,32 @@
 package com.ruoyi.jjh.declaration.util;
 import javax.crypto.Cipher;
 import javax.crypto.spec.SecretKeySpec;
 import java.util.Base64;
 /**
 * @author dong
 * @since 2024/5/23 13:32
 */
 public class AESEncryptor {
    private static final String ALGORITHM = "AES";
    private static final String SECRET_KEY = "2a20f065d22978998af65de11beeac5cad00cccf0a5d45abcff12eec0cd9311c"; // 密钥需要16个字符
    public static String encrypt(String data) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(SECRET_KEY.getBytes(), ALGORITHM);
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec);
        byte[] encryptedBytes = cipher.doFinal(data.getBytes());
        return Base64.getEncoder().encodeToString(encryptedBytes);
    }
    public static String decrypt(String encryptedData) throws Exception {
        SecretKeySpec secretKeySpec = new SecretKeySpec(SECRET_KEY.getBytes(), ALGORITHM);
        Cipher cipher = Cipher.getInstance(ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, secretKeySpec);
        byte[] decryptedBytes = cipher.doFinal(Base64.getDecoder().decode(encryptedData));
        return new String(decryptedBytes);
    }
 }
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -125,3 +125,10 @@ xss:
  excludes: /system/notice
  # 匹配链接
  urlPatterns: /system/*,/monitor/*,/tool/*
 #单点登陆url
 url: https://user.sipac.gov.cn/yhzx/login/login_show.do
 #用户信息url
 infoUrl: https://zwyyone.sipac.gov.cn/ebus/ywtbsfrz/usercenter/interfaces/jissso_packaging.do
 #获取tokenurl
 tokenUrl: https://zwyyone.sipac.gov.cn/ebus/ywtbsfrz/usercenter/interfaces/jissso_packaging.do
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@ -111,7 +111,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                // 过滤请求
                .authorizeRequests()
                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage").permitAll()
+                .antMatchers("/login", "/register", "/captchaImage","/system/singlelogin/**").permitAll()
                // 静态资源，可匿名访问
                .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()