添加单点登录相关

2026-05-20 16:10:46 +08:00
parent 3bfd80bee9
commit 131f1461ce
6 changed files with 342 additions and 7 deletions
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -111,7 +111,7 @@ public class SecurityConfig
            .authorizeHttpRequests((requests) -> {
                permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
                // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                requests.antMatchers("/login","/loginoss", "/register", "/captchaImage","/app/login","/websocket/**","/ws/**","/speech-recognition","/speech-synthesis",
+                requests.antMatchers("/sso/login","/login","/loginoss", "/register", "/captchaImage","/app/login","/websocket/**","/ws/**","/speech-recognition","/speech-synthesis",
                                "/cms/company/listPage","/cms/appUser/noTmlist","/getTjmhToken","/getWwTjmhToken","/getWwTjmHlwToken",
                                "/cms/notice/noticTotal","/cms/jobApply/zphApply","/cms/jobApply/zphApplyAgree").permitAll()
                    // 静态资源，可匿名访问
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SsoService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SsoService.java
@@ -0,0 +1,215 @@
+package com.ruoyi.framework.web.service;
+
+import com.alibaba.fastjson2.JSONObject;
+import com.ruoyi.cms.service.impl.AppUserServiceImpl;
+import com.ruoyi.cms.util.StringUtil;
+import com.ruoyi.common.core.domain.entity.AppUser;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.core.redis.RedisCache;
+import com.ruoyi.common.utils.encrypt.EncryptUtil;
+import com.ruoyi.common.utils.ip.IpUtils;
+import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpPost;
+import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.util.EntityUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * @Author: chenyanchang
+ * @Date: 2026/5/19 下午6:03
+ */
+
+@Service
+public class SsoService {
+
+    @Autowired
+    RedisCache redisCache;
+
+    @Autowired
+    AppUserServiceImpl appUserService;
+
+    @Autowired
+    TokenService tokenService;
+
+    @Value("${lc_web_auth.appId}")
+    String webAppId;
+    @Value("${lc_web_auth.appSecret}")
+    String webAppSecret;
+    @Value("${lc_web_auth.getTokenUrl}")
+    String WEB_GET_TOKEN_URL;
+    @Value("${lc_web_auth.getUserInfoUrl}")
+    String WEB_GET_USER_INFO;
+
+    final String APP_USER_TOKEN_KEY = "app:user:token:";
+
+    public JSONObject ssoCheck(JSONObject param) {
+        if (ObjectUtils.isEmpty(param)) {
+            throw new RuntimeException("请求参数不能为空");
+        }
+
+        String code = param.getString("code");
+        //String userType = param.getString("userType");
+        //通过code获取token
+        JSONObject json = new JSONObject();
+        json.put("code", code);
+        String lcToken = getToken(WEB_GET_TOKEN_URL, null, json.toJSONString());
+        if (StringUtils.isEmpty(lcToken)) {
+            throw new RuntimeException("获取token失败");
+        }
+        //获取用户信息
+        JSONObject pJson = new JSONObject();
+        pJson.put("appId", webAppId);
+        pJson.put("appSecret", webAppSecret);
+        JSONObject userJson = getUserInfo(WEB_GET_USER_INFO, lcToken, pJson.toJSONString());
+        if (ObjectUtils.isEmpty(userJson)) {
+            throw new RuntimeException("获取用户信息失败");
+        }
+        //获取身份证号
+        String personCardNo = null;
+        JSONObject info = null;
+        if (userJson.containsKey("info")) {
+            info = userJson.getJSONObject("info");
+            if (ObjectUtils.isNotEmpty(info) && info.containsKey("personCardNo")) {
+                personCardNo = info.getString("personCardNo");
+                //解密处理
+                if (StringUtils.isEmpty(personCardNo)) {
+                    throw new RuntimeException("获取用户证件信息失败");
+                }
+                personCardNo = EncryptUtil.decryptByAppIdAndSecret(personCardNo, webAppId, webAppSecret);
+            }
+        }
+
+        //用身份证号查询用户
+        AppUser appUser = appUserService.selectAppuserByIdcard(personCardNo);
+        if (appUser == null) {
+            //用户不存在，则先保存用户
+            saveAppUser(userJson);
+        }
+        //用户存在，生成本系统用户的token
+        LoginUser loginUser = new LoginUser();
+        SysUser user = new SysUser();
+        user.setUserName(info.getString("userName"));
+        loginUser.setUser(user);
+        String token = tokenService.createToken(loginUser);
+        //缓存token
+        String userKey = APP_USER_TOKEN_KEY + userJson.getString("userId");
+        redisCache.setCacheObject(userKey, token, 2, TimeUnit.HOURS);
+        JSONObject backJson = new JSONObject();
+        backJson.put("token", token);
+        backJson.put("lcToken", lcToken);
+        return backJson;
+    }
+
+    //1.获取token
+    private String getToken(String url, String token, String params) {
+        try {
+            String result = sendHttpPost(url, token, params);
+            if (StringUtils.isEmpty(result)) {
+                throw new RuntimeException("获取token失败");
+            }
+            JSONObject json = JSONObject.parseObject(result);
+            if (json.getInteger("code") == 200) {
+                return json.getString("token");
+            } else if (json.getInteger("code") == 401) {
+                throw new RuntimeException("认证过期");
+            } else {
+                throw new RuntimeException("获取token失败");
+            }
+        } catch (Exception e) {
+            throw new RuntimeException(e.getMessage());
+        }
+    }
+
+    //2.获取用户信息
+    private JSONObject getUserInfo(String url, String token, String params) {
+        try {
+            String result = sendHttpPost(url, token, params);
+            if (StringUtils.isEmpty(result)) {
+                throw new RuntimeException("获取用户信息失败");
+            }
+            JSONObject json = JSONObject.parseObject(result);
+            if (json.getInteger("code") == 200) {
+                return json.getJSONObject("sysUser");
+            } else if (json.getInteger("code") == 401) {
+                throw new RuntimeException("认证过期");
+            } else {
+                throw new RuntimeException("获取用户信息失败");
+            }
+        } catch (Exception e) {
+            throw new RuntimeException(e.getMessage());
+        }
+    }
+
+
+    //保存用户
+    private void saveAppUser(JSONObject userJson) {
+        JSONObject info = userJson.getJSONObject("info");
+        AppUser appUser = new AppUser();
+        //app角色：0企业，1求职者，2网格员 3内部政府人员 4其他（浪潮用）
+        appUser.setIsCompanyUser("1");
+        appUser.setUserId(userJson.getLong("userId"));
+        appUser.setName(info.getString("personName"));
+        appUser.setSex(info.getString("personSex"));
+        appUser.setBirthDate(info.getString("personBirthday"));
+        appUser.setEducation(StringUtil.convertEducation(info.getString("personEducation")));
+        appUser.setPoliticalAffiliation(info.getString("personPolitical"));
+        appUser.setAddress(info.getString("liveAddress"));
+        appUser.setWorkExperience(StringUtil.convertExp(info.getInteger("personYearsWorking")));
+        appUser.setNation(info.getString("personNation"));
+        appUser.setDomicileAddress(info.getString("householdAddress"));
+        String date = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss").format(new Date());
+        appUser.setCreateTime(date);
+        appUser.setUpdateTime(date);
+        appUser.setLoginDate(new Date());
+        appUser.setCreateBy("system");
+        appUser.setLoginIp(IpUtils.getIpAddr());
+
+        //获取身份证，再获取年龄
+        String personCardNo = info.getString("personCardNo");
+        //解密处理
+        if (StringUtils.isNotEmpty(personCardNo)) {
+            personCardNo = EncryptUtil.decryptByAppIdAndSecret(personCardNo, webAppId, webAppSecret);
+            appUser.setAge(StringUtil.getAgeByIdNumber(personCardNo));
+            appUser.setIdCard(personCardNo);
+        }
+        String phone = info.getString("personPhone");
+
+        //解密电话号码
+        if (StringUtils.isNotEmpty(phone)) {
+            phone = EncryptUtil.decryptByAppIdAndSecret(phone, webAppId, webAppSecret);
+            appUser.setPhone(phone);
+        }
+
+        appUserService.insertAppUser(appUser);
+    }
+
+    //发送请求
+    private String sendHttpPost(String url, String token, String params) {
+        try (CloseableHttpClient httpClient = HttpClients.createDefault()) {
+            HttpPost httpPost = new HttpPost(url);
+            if (StringUtils.isNotEmpty(token)) {
+                httpPost.setHeader("Authorization", "Bearer " + token);
+            }
+            httpPost.setEntity(new StringEntity(params, "UTF-8"));
+            httpPost.setHeader("Content-Type", "application/json");
+            try (CloseableHttpResponse response = httpClient.execute(httpPost)) {
+                String responseBody = EntityUtils.toString(response.getEntity(), "UTF-8");
+                return responseBody;
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+}