后管-成渝单点登录接口开发

blade-gateway/src/main/java/org/springblade/gateway/provider/AuthProvider.java

@@ -63,6 +63,10 @@ public class AuthProvider {
         DEFAULT_SKIP_URL.add("/appVersion/page");
         DEFAULT_SKIP_URL.add("/appVersionDetail/**");
         DEFAULT_SKIP_URL.add("/websocket/**");
+        DEFAULT_SKIP_URL.add("/getPk"); //成渝第三方登录获取公钥
+        DEFAULT_SKIP_URL.add("/getQualityTestingToken"); //成渝第三方登录获取质检系统tokne
+        DEFAULT_SKIP_URL.add("/getArchiveToken"); //成渝第三方登录获取档案系统tokne
+
     }
 
     /**

blade-service/blade-user/src/main/java/org/springblade/system/user/bean/CyGetToken.java

@@ -0,0 +1,23 @@
+package org.springblade.system.user.bean;
+
+import lombok.Data;
+
+/**
+ * 成渝单点登录获取token请求参数
+ * @author LHB
+ */
+@Data
+public class CyGetToken {
+    /**
+     * 获取公钥接口中返回的随机字符
+     */
+    private String uuid;
+    /**
+     * 使用公钥接口中返回的公钥对身份证进行加密，第三方系统需要使用公钥对应的私钥进行解密。
+     */
+    private String idcard;
+    /**
+     * 使用公钥接口中返回的公钥对身份证进行加密，第三方系统需要使用公钥对应的私钥进行解密。
+     */
+    private String mobile;
+}

blade-service/blade-user/src/main/java/org/springblade/system/user/bean/ResultCYData.java

@@ -0,0 +1,35 @@
+package org.springblade.system.user.bean;
+
+import lombok.Data;
+
+/**
+ * @author LHB
+ */
+@Data
+public class ResultCYData<T> {
+    private Integer code;
+    private T data;
+    private String msg;
+
+    public static <T> ResultCYData<T> data(T data){
+        ResultCYData resultCYKey = new ResultCYData();
+        resultCYKey.setCode(200);
+        resultCYKey.setData(data);
+        resultCYKey.setMsg("");
+        return resultCYKey;
+    }
+
+    public static ResultCYData fail(String msg){
+        ResultCYData resultCYKey = new ResultCYData();
+        resultCYKey.setCode(400);
+        resultCYKey.setMsg(msg);
+        return resultCYKey;
+    }
+
+    public static ResultCYData fail(Integer code,String msg){
+        ResultCYData resultCYKey = new ResultCYData();
+        resultCYKey.setCode(code);
+        resultCYKey.setMsg(msg);
+        return resultCYKey;
+    }
+}

blade-service/blade-user/src/main/java/org/springblade/system/user/bean/ResultCYKey.java

@@ -0,0 +1,37 @@
+package org.springblade.system.user.bean;
+
+import lombok.Data;
+
+/**
+ * @author LHB
+ */
+@Data
+public class ResultCYKey {
+    private Integer code;
+    /**
+     * 随机字符
+     */
+    private String uuid;
+    /**
+     * 公钥
+     */
+    private String pk;
+    private String msg;
+
+
+    public static ResultCYKey success(String uuid,String pk){
+        ResultCYKey resultCYKey = new ResultCYKey();
+        resultCYKey.setCode(200);
+        resultCYKey.setUuid(uuid);
+        resultCYKey.setPk(pk);
+        resultCYKey.setMsg("公钥有效期为5分组，请尽快通过公钥获取token");
+        return resultCYKey;
+    }
+
+    public static ResultCYKey fail(String msg){
+        ResultCYKey resultCYKey = new ResultCYKey();
+        resultCYKey.setCode(400);
+        resultCYKey.setMsg(msg);
+        return resultCYKey;
+    }
+}

blade-service/blade-user/src/main/java/org/springblade/system/user/controller/UserController.java

@@ -17,22 +17,16 @@
 package org.springblade.system.user.controller;
 
 
-import cn.hutool.jwt.JWT;
-import cn.hutool.jwt.JWTUtil;
 import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import com.alibaba.nacos.common.utils.MD5Utils;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
-import feign.Request;
-import io.jsonwebtoken.Claims;
 import io.swagger.annotations.*;
 import lombok.AllArgsConstructor;
 import org.apache.http.Consts;
-import org.apache.http.HttpRequest;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
 import org.apache.http.client.HttpClient;
@@ -43,7 +37,6 @@ import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.message.BasicNameValuePair;
 import org.springblade.common.cache.CacheNames;
 import org.springblade.common.constant.CommonConstant;
-import org.springblade.common.utils.SnowFlakeUtil;
 import org.springblade.core.cache.utils.CacheUtil;
 import org.springblade.core.excel.util.ExcelUtil;
 import org.springblade.core.mp.support.Condition;
@@ -58,26 +51,21 @@ import org.springblade.core.tool.constant.BladeConstant;
 import org.springblade.core.tool.constant.RoleConstant;
 import org.springblade.core.tool.utils.*;
 import org.springblade.manager.dto.SaveUserInfoByProjectDTO;
-import org.springblade.manager.entity.ContractInfo;
-import org.springblade.manager.entity.TextdictInfo;
-import org.springblade.manager.entity.WbsTreeContract;
-import org.springblade.manager.entity.WbsTreePrivate;
 import org.springblade.manager.feign.SaveUserInfoByProjectClient;
 import org.springblade.system.cache.ParamCache;
+import org.springblade.system.user.bean.CyGetToken;
+import org.springblade.system.user.bean.ResultCYData;
+import org.springblade.system.user.bean.ResultCYKey;
 import org.springblade.system.user.dto.UserDTO;
 import org.springblade.system.user.entity.User;
 import org.springblade.system.user.excel.UserExcel;
 import org.springblade.system.user.excel.UserExcel2;
 import org.springblade.system.user.excel.UserImporter;
 import org.springblade.system.user.service.IUserService;
-import org.springblade.system.user.util.AesInfoUtil;
-import org.springblade.system.user.vo.DeptUserVO;
+import org.springblade.system.user.util.RsaUtils;
 import org.springblade.system.user.vo.UserVO;
 import org.springblade.system.user.wrapper.UserWrapper;
-import org.springframework.jdbc.core.BeanPropertyRowMapper;
 import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.jdbc.core.RowMapper;
-import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import springfox.documentation.annotations.ApiIgnore;
@@ -88,9 +76,6 @@ import javax.validation.Valid;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-import java.net.URLDecoder;
-import java.text.ParseException;
 import java.util.*;
 
 import static org.springblade.core.cache.constant.CacheConstant.USER_CACHE;
@@ -586,7 +571,7 @@ public class UserController {
         System.out.println("密码" + md5Pass);
 
         HttpClient httpClient = HttpClientBuilder.create().build();
-        String url = "http://user.hcxxy.com:8090/blade-auth/oauth/token";
+        String url = "http://localhost:8090/blade-auth/oauth/token";
         String sys_isonline = ParamCache.getValue(CommonConstant.SYS_ISONLINE);
         if("20".equals(sys_isonline)){
             url = "http://152.168.2.11:8090/blade-auth/oauth/token";
@@ -620,4 +605,147 @@ public class UserController {
         return R.fail("获取token失败");
     }
 
+    /**
+     * 成渝第三方登录接口 获取私钥
+     */
+    /**
+     * 获取公钥key
+     * @return
+     */
+    @GetMapping("/getPk")
+    public ResultCYKey getPublicKey(String appKey){
+        //后管配置appKey
+        String localAppKey = jdbcTemplate.queryForObject("select * from blade_param where param_key = 'appKey' and is_deleted = 0 order by create_time DESC limit 1", String.class);
+        if(StringUtil.isBlank(localAppKey)){
+            return ResultCYKey.fail("第三方系统为配置appKey");
+        }
+        //判断appKey是否为指定值
+        if(StringUtil.isNotBlank(localAppKey) && StringUtil.equals(localAppKey, appKey)){
+            String uuid = UUID.randomUUID().toString().trim().replaceAll("-", "");
+            //生成rsa公钥私钥
+            Map<String, String> keyPair = RsaUtils.createKeyPair();
+            bladeRedis.setEx("cy_public_key:"+uuid, keyPair, 300L);
+            return ResultCYKey.success(uuid,keyPair.get("pk"));
+        }
+        return ResultCYKey.fail("appKey未知");
+    }
+    /**
+     * 成渝 获取质检 token
+     * @return
+     */
+    @PostMapping("/getQualityTestingToken")
+    public ResultCYData getQualityTestingToken(@RequestBody CyGetToken cyGetToken, HttpServletRequest request){
+        if(cyGetToken == null){
+            return ResultCYData.fail("参数不能为空");
+        }
+        if(StringUtil.isBlank(cyGetToken.getUuid())){
+            return ResultCYData.fail("随机字符不能为空");
+        }
+        if(StringUtil.isBlank(cyGetToken.getIdcard())){
+            return ResultCYData.fail("身份证号码（密文）不能为空");
+        }
+        if(StringUtil.isBlank(cyGetToken.getMobile())){
+            return ResultCYData.fail("手机号码（密文）不能为空");
+        }
+
+        Map<String, String> keyPair = bladeRedis.get("cy_public_key:" + cyGetToken.getUuid());
+        if(keyPair == null){
+            return ResultCYData.fail("uuid 未知/已过期");
+        }
+        //私钥
+        String sk = keyPair.get("sk");
+
+        //手机号
+        String mobile = RsaUtils.decryptWithSk(cyGetToken.getMobile(), sk);
+
+        //掉用获取token接口
+        R r = loginByToken3(mobile, 1, request);
+        if(r.isSuccess()){
+            return ResultCYData.data(r.getData());
+        } else {
+            if(r.getMsg().equals("用户名或密码错误")){
+                return ResultCYData.fail(451,"用户不存在");
+            }
+            return ResultCYData.fail(r.getMsg());
+        }
+    }
+
+    /**
+     * 成渝 获取档案 token
+     * @return
+     */
+    @PostMapping("/getArchiveToken")
+    public ResultCYData getArchiveToken(@RequestBody CyGetToken cyGetToken, HttpServletRequest request){
+        if(cyGetToken == null){
+            return ResultCYData.fail("参数不能为空");
+        }
+        if(StringUtil.isBlank(cyGetToken.getUuid())){
+            return ResultCYData.fail("随机字符不能为空");
+        }
+        if(StringUtil.isBlank(cyGetToken.getMobile())){
+            return ResultCYData.fail("手机号码（密文）不能为空");
+        }
+
+        Map<String, String> keyPair = bladeRedis.get("cy_public_key:" + cyGetToken.getUuid());
+        if(keyPair == null){
+            return ResultCYData.fail("uuid 未知/已过期");
+        }
+        //私钥
+        String sk = keyPair.get("sk");
+
+        //手机号
+        String mobile = RsaUtils.decryptWithSk(cyGetToken.getMobile(), sk);
+
+        //掉用获取token接口
+        R r = loginByToken3(mobile, 3, request);
+        if(r.isSuccess()){
+            return ResultCYData.data(r.getData());
+        } else {
+            if(r.getMsg().equals("用户名或密码错误")){
+                return ResultCYData.fail(451,"用户不存在");
+            }
+            return ResultCYData.fail(r.getMsg());
+        }
+    }
+
+
+
+    /**
+     * 成渝获取token接口
+     * @param account
+     * @param userType 1-质检，3-档案
+     * @param request
+     * @return
+     */
+    public R loginByToken3(String account, Integer userType, HttpServletRequest request) {
+        if(account==null || Func.isNull(account) || Func.isEmpty(account)){
+            return R.fail("account值不能为空");
+        }
+        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("account", account);
+        queryWrapper.eq("sys_type", 2);
+        User userInfo = userService.getOne(queryWrapper);
+        if (userInfo == null) {
+            return R.fail("用户名或密码错误");
+        }
+
+        String Authorization = request.getHeader("Authorization");
+
+        if (Authorization == null || StringUtil.isEmpty(Authorization)) {
+            String dataInfo = "";
+            if(userType == 1){ //质量/试验平台
+                dataInfo ="client:client_secret";
+            }else if(userType == 3){ //档案平台"
+                dataInfo ="archives:archives_secret";
+            }
+            Authorization = "Basic "+Func.encodeBase64(dataInfo);
+            //Basic bWVhc3VyZTptZWFzdXJlX3NlY3JldA==
+            //Basic bWVhc3VyZTptZWFzdXJlX3NlY3JldA==
+            R loginInfo = this.getLoginInfo(Authorization, userInfo);
+            if(loginInfo.getCode()==200){
+                return loginInfo;
+            }
+        }
+        return this.getLoginInfo(Authorization, userInfo);
+    }
 }

blade-service/blade-user/src/main/java/org/springblade/system/user/util/RsaUtils.java

@@ -1,5 +1,7 @@
 package org.springblade.system.user.util;
 
+import sun.misc.BASE64Encoder;
+
 import javax.crypto.Cipher;
 import java.nio.charset.StandardCharsets;
 import java.security.KeyFactory;
@@ -13,6 +15,7 @@ import java.security.spec.X509EncodedKeySpec;
 import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.UUID;
 
 public final class RsaUtils {
     /**
@@ -159,51 +162,65 @@ public final class RsaUtils {
         }
     }
 
-    /*private static void testCreateKeyPair() {
-        //生成公钥和私钥
-        Map<String, String> keyMap = createKeyPair();
-        //加密字符串
-        long temp = System.currentTimeMillis();
-        System.out.println("公钥:" + keyMap.get("pk"));
-        System.out.println("私钥:" + keyMap.get("sk"));
-        System.out.println("生成密钥消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
-
-        String message = "RSA测试aaa";
-        System.out.println("原文:" + message);
-        System.out.println("--------------------------------------");
-        temp = System.currentTimeMillis();
-        String messagePEn = encryptWithPk(message, keyMap.get("pk"));
-        System.out.println("密文:" + messagePEn);
-        System.out.println("加密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
-
-        temp = System.currentTimeMillis();
-        String messageSDe = decryptWithSk(messagePEn, keyMap.get("sk"));
-        System.out.println("解密:" + messageSDe);
-        System.out.println("解密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
-        System.out.println("--------------------------------------");
-
-        temp = System.currentTimeMillis();
-        String messageSEn = encryptWithSk(message, keyMap.get("sk"));
-        System.out.println("密文:" + messageSEn);
-        System.out.println("加密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
-
-        temp = System.currentTimeMillis();
-        String messagePDe = decryptWithPk(messageSEn, keyMap.get("pk"));
-        System.out.println("解密:" + messagePDe);
-        System.out.println("解密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
-    }
+//    private static void testCreateKeyPair() {
+//        //生成公钥和私钥
+//        Map<String, String> keyMap = createKeyPair();
+//        //加密字符串
+//        long temp = System.currentTimeMillis();
+//        System.out.println("公钥:" + keyMap.get("pk"));
+//        System.out.println("私钥:" + keyMap.get("sk"));
+//        System.out.println("生成密钥消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
+//
+//        String message = "lihb";
+//        System.out.println("原文:" + message);
+//        System.out.println("--------------------------------------");
+//        temp = System.currentTimeMillis();
+//        String messagePEn = encryptWithPk(message, keyMap.get("pk"));
+//        System.out.println("密文:" + messagePEn);
+//        System.out.println("加密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
+//
+//        temp = System.currentTimeMillis();
+//        String messageSDe = decryptWithSk(messagePEn, keyMap.get("sk"));
+//        System.out.println("解密:" + messageSDe);
+//        System.out.println("解密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
+//        System.out.println("--------------------------------------");
+//
+//        temp = System.currentTimeMillis();
+//        String messageSEn = encryptWithSk(message, keyMap.get("sk"));
+//        System.out.println("密文:" + messageSEn);
+//        System.out.println("加密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
+//
+//        temp = System.currentTimeMillis();
+//        String messagePDe = decryptWithPk(messageSEn, keyMap.get("pk"));
+//        System.out.println("解密:" + messagePDe);
+//        System.out.println("解密消耗时间:" + (System.currentTimeMillis() - temp) / 1000.0 + "秒");
+//    }
+
+    // 定义授权码字符集（62个字符：0-9, A-Z, a-z）
+    private static final String CHAR_SET =
+        "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+    // 线程安全的SecureRandom实例
+    private static final SecureRandom random = new SecureRandom();
+
+    public static String generateAuthCode() {
+        StringBuilder sb = new StringBuilder(16);
+
+        // 生成8位随机字符
+        for (int i = 0; i < 16; i++) {
+            // 从字符集中随机选取一个字符
+            int randomIndex = random.nextInt(CHAR_SET.length());
+            char randomChar = CHAR_SET.charAt(randomIndex);
+            sb.append(randomChar);
+        }
 
+        return sb.toString();
+    }
     public static void main(String[] args) throws Exception {
-        testCreateKeyPair();
-        String pk = "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALZL9pOjNpDs1wu15o8xmoeNg4YGCUO5zoLrKiGlmFl7\\r\\nCKXKwJ83pDmu/bE4Szf2RAyzwr33bViqoNH45/EaCrECAwEAAQ==\\r\\n";
-        System.out.println(encryptWithPk("admin", pk));
-        System.out.println(encryptWithPk("admin123", pk));
-
-        String str1 = Base64.getEncoder().encodeToString(pk.getBytes());
-        String str2 = (new BASE64Encoder()).encodeBuffer(pk.getBytes());
-        System.out.println("# " + str1);
-        System.out.println("# " + str2);
-        System.out.println(str1.equals(str2));
-    }*/
+        System.out.println("授权码示例: " + generateAuthCode());
+        String uuid = UUID.randomUUID().toString().trim().replaceAll("-", "");
+        System.out.println(uuid);
+        String s = encryptWithPk("13709467119", "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAI0Uny+3+OS9ZeO0jERNhnztulQC1tgbJS2+mYk3c8BjG2yi3sDl+JbJ7VgfVV86xZ/BJwTQk07soFBe4RfLhs0CAwEAAQ==");
+        System.out.println(s);
+    }
 
 }