Skip to content

S
sv-springboot
Commit 2b6551e2 by 289446646@qq.com
Options

单点登录

parent 11487053
Showing with 214 additions and 89 deletions
hs-api/src/main/java/com/hs/api/common/Constants.java
......@@ -2,6 +2,4 @@ package com.hs.api.common;
public interface Constants {
String TOKEN_KEY = "Authorization";
String SYS_TOKEM_PRIFIX = "DGR_";
}
hs-api/src/main/java/com/hs/api/common/utils/SsoUtil.java deleted 100644 → 0
package com.hs.api.common.utils;
import com.alibaba.fastjson.JSONObject;
import com.hs.common.utils.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
public class SsoUtil {
static final Logger log = LoggerFactory.getLogger(SsoUtil.class);
/**
* 校验token
* @param token
* @return
*/
public static boolean checkSsoToken(String uri,String token) {
JSONObject jsonObject = null;
if (StringUtil.isNullOrEmpty(token)) {
return false;
}
String url = uri + "?token=" + token;
String result = "" ;
try{
result = SsoUtil.doGet(url);
log.info("checkSsoToken result={}",result);
jsonObject = JSONObject.parseObject(result);
}catch (Exception e){
e.printStackTrace();
}
if(jsonObject==null){
return false;
}
return true;
}
//发送http的get请求
public static String doGet(String url) {
String result = "";
BufferedReader in = null;
try {
String urlstring = url;
URL realurl = new URL(urlstring);
System.out.println("请求的服务器主机域名:" + realurl.getHost().toString());
//打开与此URL的连接
URLConnection connection = realurl.openConnection();
//设置请求连接时间和读取数据时间
connection.setConnectTimeout(3000);
connection.setReadTimeout(7000);
//建立实际的连接
connection.connect();
//读取获取的数据
in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
} catch (Exception e) {
System.out.println("发送GET请求出现异常!" + e);
e.printStackTrace();
} finally {
try {
if (in != null) {
in.close();
}
} catch (Exception e2) {
System.out.println("关闭请求流出现异常!" + e2);
e2.printStackTrace();
}
}
return result;
}
}
hs-api/src/main/java/com/hs/api/common/utils/TokenUtil.java
......@@ -21,7 +21,7 @@ public class TokenUtil {
*/
public static String getToken(String secret,SysUser user) {
String time = String.valueOf(System.currentTimeMillis());
String token = Constants.SYS_TOKEM_PRIFIX +JWTUtil.create(secret,time,String.valueOf(user.getId()));
String token = JWTUtil.create(secret,time,String.valueOf(user.getId()));
RedisUtil.set(token,user,TOKEN_TIME_OUT);
return token;
}
......@@ -64,7 +64,7 @@ public class TokenUtil {
*/
public static boolean checkToken(String token) {
SysUser user = (SysUser)RedisUtil.get(token);
boolean result = user != null && JWTUtil.verifier(token.replaceAll(Constants.SYS_TOKEM_PRIFIX,""),user.getPassword());
boolean result = user != null && JWTUtil.verifier(token,user.getPassword());
if(result){
RedisUtil.expire(token,TOKEN_TIME_OUT);
}
......
hs-api/src/main/java/com/hs/api/controller/SsoController.java
package com.hs.api.controller;
import com.hs.api.common.utils.SsoUtil;
import com.alibaba.fastjson.JSONObject;
import com.hs.api.model.SysUser;
import com.hs.api.model.respmodel.LoginInfo;
import com.hs.api.service.LoginService;
import com.hs.api.service.UserService;
import com.hs.common.utils.HttpUtil;
import com.hs.common.utils.StringUtil;
import io.swagger.annotations.Api;
import io.swagger.models.Model;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
......@@ -12,13 +20,19 @@ import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
@RestController
@RequestMapping("/page")
@Api(tags = {"登录"})
public class SsoController {
static final Logger log = LoggerFactory.getLogger(SsoController.class);
@Value("${indexUri}")
private String indexUri;
......@@ -28,6 +42,11 @@ public class SsoController {
@Value("${sso.loginUri}")
private String ssoLoginUri;
@Autowired
private LoginService loginService;
@Autowired
private UserService userService;
@GetMapping("/index")
public String Login(Model model, HttpServletRequest request, HttpServletResponse response) throws IOException {
String token = request.getParameter("Token");
......@@ -36,14 +55,94 @@ public class SsoController {
}
//验证token是否有效,有效,则跳转至首页
HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(response);
if(SsoUtil.checkSsoToken(ssoCheckUri,token)){//验证通过,跳转首页
wrapper.sendRedirect(indexUri + "?Token=" + token);
}else{//不通过,跳转sso登录页,并且传参首页地址
JSONObject jsonObject = checkSsoToken(ssoCheckUri,token);
if(jsonObject==null){ //不通过,Token无效,跳转sso登录页,并且传参首页地址
wrapper.sendRedirect(ssoLoginUri + "?URL=" + URLEncoder.encode( indexUri, "UTF-8" ));
}else{
//sso的token验证通过,则去匹配系统用户
String Identity = jsonObject.getString("Identity");
String UserCode = jsonObject.getString("UserCode");
Long useId = 0L;
if(!StringUtil.isNullOrEmpty(Identity)){
useId = userService.findUserIdFromDicUser(Identity);
if(useId==null||useId==0){
useId = userService.findUserIdFromDicUser(UserCode);
}
}
SysUser sysUser = userService.findById(useId);
if(sysUser==null){//未开通权限
wrapper.sendRedirect("/ind/error.html");
}else{//通过,则调登陆接口,将本系统的token传给前端
String ip = HttpUtil.getIP(request);
LoginInfo loginInfo = loginService.login(sysUser.getUserCode(), sysUser.getPassword(), sysUser.getMacAddress(), ip);
wrapper.sendRedirect(indexUri + "?token=" + loginInfo.getToken());
}
}
return "";
}
@GetMapping("/403")
public String to403() {
return "error";
}
/**
* 校验token
* @param token
* @return
*/
public JSONObject checkSsoToken(String uri, String token) {
JSONObject jsonObject = null;
if (StringUtil.isNullOrEmpty(token)) {
return null;
}
String url = uri + "?token=" + token;
String result = "" ;
try{
result = doGet(url);
log.info("checkSsoToken result={}",result);
jsonObject = JSONObject.parseObject(result);
}catch (Exception e){
e.printStackTrace();
}
return jsonObject;
}
//发送http的get请求
public static String doGet(String url) {
String result = "";
BufferedReader in = null;
try {
String urlstring = url;
URL realurl = new URL(urlstring);
System.out.println("请求的服务器主机域名:" + realurl.getHost().toString());
//打开与此URL的连接
URLConnection connection = realurl.openConnection();
//设置请求连接时间和读取数据时间
connection.setConnectTimeout(3000);
connection.setReadTimeout(7000);
//建立实际的连接
connection.connect();
//读取获取的数据
in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String line;
while ((line = in.readLine()) != null) {
result += line;
}
} catch (Exception e) {
System.out.println("发送GET请求出现异常!" + e);
e.printStackTrace();
} finally {
try {
if (in != null) {
in.close();
}
} catch (Exception e2) {
System.out.println("关闭请求流出现异常!" + e2);
e2.printStackTrace();
}
}
return result;
}
}
hs-api/src/main/java/com/hs/api/controller/UserController.java
package com.hs.api.controller;
import com.hs.api.common.Constants;
import com.hs.api.common.Result;
import com.hs.api.common.annotations.CurrentUser;
import com.hs.api.common.annotations.Token;
......@@ -12,12 +13,14 @@ import com.hs.api.model.respmodel.SysMenuList;
import com.hs.api.service.SysMenuService;
import com.hs.api.service.SysUserOrgRsService;
import com.hs.api.service.SysUserRoleRsService;
import com.hs.common.utils.RedisUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import springfox.documentation.annotations.ApiIgnore;
import javax.servlet.http.HttpServletRequest;
import java.util.List;
......@@ -32,6 +35,17 @@ public class UserController {
@Autowired
private SysUserOrgRsService sysUserOrgRsService;
/**
* 根据token获取用户信息
* @return
*/
@GetMapping("/getByToken")
@ApiIgnore
public Object getByToken(HttpServletRequest request) {
String token = request.getHeader(Constants.TOKEN_KEY);
SysUser user = (SysUser) RedisUtil.get(token);
return Result.success(user);
}
@GetMapping()
@ApiIgnore
......
hs-api/src/main/java/com/hs/api/mapper/DicUserMapper.java 0 → 100644
package com.hs.api.mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
public interface DicUserMapper {
@Select(" select user_id from dic_user where state=1 and YY_USER_ID=#{yyUserId}")
public Long selectUserId(@Param("yyUserId") String yyUserId);
}
hs-api/src/main/java/com/hs/api/service/Impl/UserServiceImpl.java
package com.hs.api.service.Impl;
import com.hs.api.mapper.DicUserMapper;
import com.hs.api.mapper.SysUserMapper;
import com.hs.api.model.SysUser;
import com.hs.api.service.UserService;
......@@ -12,9 +13,21 @@ public class UserServiceImpl implements UserService {
@Resource
private SysUserMapper sysUserMapper;
@Resource
private DicUserMapper dicUserMapper;
@Override
public SysUser findByLoginName(String loginName) {
return sysUserMapper.selectByCode(loginName);
}
@Override
public Long findUserIdFromDicUser(String yyUserId) {
return dicUserMapper.selectUserId(yyUserId);
}
@Override
public SysUser findById(Long id) {
return sysUserMapper.selectByPrimaryKey(id);
}
}
hs-api/src/main/java/com/hs/api/service/UserService.java
......@@ -4,4 +4,10 @@ import com.hs.api.model.SysUser;
public interface UserService {
SysUser findByLoginName(String loginName);
Long findUserIdFromDicUser(String yyUserId);
SysUser findById(Long id);
}
hs-api/src/main/resources/application.properties
......@@ -31,6 +31,3 @@ indexUri=http://www.baidu.com/
# 验证平台单点登录token的地址和登录地址
sso.checkUri=
sso.loginUri=http://yihang.work/wdzx/index.html
spring.mvc.view.prefix=/WEB-INF/pages/
spring.mvc.view.suffix=.html
\ No newline at end of file
hs-api/src/main/resources/static/ind/error.html 0 → 100644
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<title>403</title>
</head>
<body>
<!-- 正文开始 -->
<div class="error-page">
<div class="error-page-info">
<!--<h1>403</h1>-->
<p>抱歉,你无权访问此页面!</p>
</div>
</div>
<style>
.error-page {
position: absolute;
top: 50%;
width: 100%;
text-align: center;
-o-transform: translateY(-50%);
-ms-transform: translateY(-50%);
-moz-transform: translateY(-50%);
-webkit-transform: translateY(-50%);
transform: translateY(-50%);
}
.error-page .error-page-img {
display: inline-block;
height: 260px;
margin: 10px 15px;
}
.error-page .error-page-info {
vertical-align: middle;
display: inline-block;
margin: 10px 15px;
}
.error-page .error-page-info > h1 {
color: #434e59;
font-size: 72px;
font-weight: 600;
}
.error-page .error-page-info > p {
color: #777;
font-size: 20px;
margin-top: 5px;
}
.error-page .error-page-info > div {
margin-top: 30px;
}
</style>
<script>
</script>
</body>
</html>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment