From 757283266b4f13906dbc941558c2ea3ad2480a71 Mon Sep 17 00:00:00 2001 From: lroyia Date: Tue, 24 Mar 2026 17:04:33 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=AE=9E=E7=8E=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/controller/OAuth2Controller.java | 67 ++++++++++++++----- .../chinaweal/aiccs/org/entity/ImsUser.java | 7 ++ .../chinaweal/aiccs/org/entity/TUsers.java | 26 ++++++- .../aiccs/org/entity/dto/ImsUserDTO.java | 3 + .../aiccs/org/entity/dto/UnifiedAuthDTO.java | 1 + .../org/service/impl/ImsUserServiceImpl.java | 1 + .../service/impl/UnifiedAuthServiceImpl.java | 2 +- 7 files changed, 87 insertions(+), 20 deletions(-) diff --git a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java index ec22cbf..9bf1c59 100644 --- a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java +++ b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java @@ -3,22 +3,19 @@ package com.chinaweal.aiccs.org.controller; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.chinaweal.aiccs.common.base.controller.BaseController; -import com.chinaweal.aiccs.common.base.entity.dto.login.LoginMessage; +import com.chinaweal.aiccs.common.constant.CommonConstants; import com.chinaweal.aiccs.common.util.OAuthTokenUtils; import com.chinaweal.aiccs.common.util.SM4Utils; import com.chinaweal.aiccs.common.util.StringUtils; -import com.chinaweal.aiccs.org.entity.OauthAccessToken; -import com.chinaweal.aiccs.org.entity.OauthAuthorizationCode; -import com.chinaweal.aiccs.org.entity.OauthClient; +import com.chinaweal.aiccs.org.entity.*; import com.chinaweal.aiccs.org.entity.dto.*; -import com.chinaweal.aiccs.org.service.IOauthAccessTokenService; -import com.chinaweal.aiccs.org.service.IOauthAuthorizationCodeService; -import com.chinaweal.aiccs.org.service.IOauthClientService; -import com.chinaweal.aiccs.org.service.IUnifiedAuthService; +import com.chinaweal.aiccs.org.service.*; +import com.chinaweal.aiccs.redis.RedisService; import com.chinaweal.aicorg.model.AICUser; import com.chinaweal.aicorg.services.OrgUM; import com.chinaweal.youfool.framework.springboot.rest.RestResult; import com.chinaweal.youfool.framework.springboot.rest.ResultCode; +import com.chinaweal.youfool.framework.sso.util.SSOUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; @@ -53,9 +50,17 @@ public class OAuth2Controller extends BaseController { @Autowired private IOauthAccessTokenService oauthTokenService; @Autowired + private IImsUserService iImsUserService; + @Autowired private OrgUM orgUM; @Autowired private IUnifiedAuthService unifiedAuthService; + @Autowired + private UserBaseService userBaseService; + @Autowired + private TUsersService usersService; + @Autowired + private RedisService redisService; /** * OAuth授权端点 @@ -577,7 +582,8 @@ public class OAuth2Controller extends BaseController { @RequestParam(value = "code", required = false) String code, @RequestParam(value = "state", required = false) String state, @RequestParam(value = "error", required = false) String error, - @RequestParam(value = "error_description", required = false) String errorDescription) { + @RequestParam(value = "error_description", required = false) String errorDescription, + HttpServletRequest request) { try { // 检查是否有错误 @@ -597,33 +603,58 @@ public class OAuth2Controller extends BaseController { .build(); } + String requestId = StringUtils.getUUID(); log.info("收到统一认证平台回调,code: {}, state: {}", code, state); // 使用授权码获取访问令牌 UnifiedAuthDTO.TokenResponse tokenResponse = unifiedAuthService.getAccessToken(code); if (StringUtils.isNotBlank(tokenResponse.getError())) { - log.error("获取访问令牌失败: {} - {}", tokenResponse.getError(), tokenResponse.getError_description()); + log.error("requestId:{},获取访问令牌失败: {} - {}", requestId, tokenResponse.getError(), tokenResponse.getError_description()); return ResponseEntity.status(HttpStatus.FOUND) - .location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8"))) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(tokenResponse.getError_description(), "UTF-8"))) .build(); } // 使用访问令牌获取用户信息 UnifiedAuthDTO.UserInfoResponse userInfo = unifiedAuthService.getUserInfo(tokenResponse.getAccess_token()); if (StringUtils.isNotBlank(userInfo.getError())) { - log.error("获取用户信息失败: {} - {}", userInfo.getError(), userInfo.getError_description()); + log.error("requestId:{},获取用户信息失败: {} - {}", requestId, userInfo.getError(), userInfo.getError_description()); return ResponseEntity.status(HttpStatus.FOUND) - .location(java.net.URI.create("/integration/#/login?error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8"))) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode(userInfo.getError_description(), "UTF-8"))) .build(); } // 获取到用户信息,进行本地登录处理 - log.info("统一认证平台OAuth2回调接口,获取到用户信息: {}", JSON.toJSONString(userInfo)); + log.info("统一认证平台OAuth2回调接口,获取到用户信息,requestId:{},用户信息:{}", requestId, JSON.toJSONString(userInfo)); - // 这里需要根据业务需求,使用用户信息创建本地会话 - // 例如:调用本地登录逻辑,设置session等 - // 这里简化处理,实际需要根据系统现有的登录机制实现 - // TODO:实际登录逻辑 + // 根据证件号查询IMS用户信息 + if (StringUtils.isBlank(userInfo.getIdCard())) { + return ResponseEntity.status(HttpStatus.FOUND) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("统一身份认证回调信息不足以支持登录,请联系系统管理员", "UTF-8"))) + .build(); + } + ImsUser one = iImsUserService.lambdaQuery().eq(ImsUser::getIdCard, userInfo.getIdCard()) + .eq(ImsUser::getDeleted, CommonConstants.FALSE_0).last("limit 1").one(); + if (one == null) { + return ResponseEntity.status(HttpStatus.FOUND) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("IMS_USER用户信息不存在,请联系系统管理员", "UTF-8"))) + .build(); + } + // 查询绑定的账号 + String usercode = one.getUsercode(); + TUsers tuser = usersService.lambdaQuery().eq(TUsers::getImsusercode, usercode).last("limit 1").one(); + if (tuser == null) { + return ResponseEntity.status(HttpStatus.FOUND) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8"))) + .build(); + } + + RestResult loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026"); + AICUser user = loginResult.getData(); + // 将登录了的用户信息存至Session + request.getSession().setAttribute(DRUID_SESSION_KEY, String.format("%s(%s)", user.getName(), user.getEname())); + redisService.remove(tuser.getUsername()); + SSOUtil.login(user); // 跳转到首页 return ResponseEntity.status(HttpStatus.FOUND) diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java b/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java index b554d1a..32b209a 100644 --- a/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java +++ b/src/main/java/com/chinaweal/aiccs/org/entity/ImsUser.java @@ -100,6 +100,13 @@ public class ImsUser implements Serializable { @ApiModelProperty("组织机构") private String userorg; + /** + * 组织机构编码 + */ + @TableField("USERORGCODE") + @ApiModelProperty("组织机构编码") + private String userorgcode; + /** * 身份证号 */ diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java b/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java index 0346834..54264a5 100644 --- a/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java +++ b/src/main/java/com/chinaweal/aiccs/org/entity/TUsers.java @@ -1,5 +1,6 @@ package com.chinaweal.aiccs.org.entity; +import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; import com.baomidou.mybatisplus.extension.activerecord.Model; @@ -7,6 +8,8 @@ import java.io.Serializable; import java.time.LocalDate; import java.time.LocalDateTime; +import com.chinaweal.aiccs.common.util.DateUtils; +import com.fasterxml.jackson.annotation.JsonFormat; import lombok.Data; import lombok.EqualsAndHashCode; import lombok.experimental.Accessors; @@ -27,37 +30,58 @@ public class TUsers extends Model { private static final long serialVersionUID=1L; - @TableId + @TableId("USERID") private String userid; + @TableField("USERNAME") private String username; + @TableField("PASSWORD") private String password; + @TableField("REALNAME") private String realname; + @TableField("LOCKED") private String locked; + @TableField("DELETED") private String deleted; + @TableField("ORGDEPTID") private String orgdeptid; + @TableField("ORGUNITID") private String orgunitid; + @TableField("ORGJOBID") private String orgjobid; + @TableField("USERPROP") private Integer userprop; + @TableField("USERSTATUS") private String userstatus; + @TableField("GRADENUM") private Integer gradenum; + @TableField("CUSTOMINDEX") private Integer customindex; + @TableField("LIMITTNUM") private Integer limittnum; //限制用户登录次数 + @JsonFormat(pattern = DateUtils.DATETIME_DEFAULT_FORMAT, timezone = "GMT+8") + @TableField("LASTERRORTIME") private LocalDateTime lasterrortime;//用户登录失败5次后的时间 + /** + * 统一身份认证的用户编码 + */ + @TableField("IMSUSERCODE") + private String imsusercode; + @Override diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java b/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java index 18e3510..3040da9 100644 --- a/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java +++ b/src/main/java/com/chinaweal/aiccs/org/entity/dto/ImsUserDTO.java @@ -55,6 +55,9 @@ public class ImsUserDTO implements Serializable { @ApiModelProperty(value = "组织机构") private String userorg; + @ApiModelProperty(value = "组织机构编码") + private String userorgcode; + @ApiModelProperty(value = "身份证号") private String idCard; diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java b/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java index 53a88fa..72a3c0b 100644 --- a/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java +++ b/src/main/java/com/chinaweal/aiccs/org/entity/dto/UnifiedAuthDTO.java @@ -73,6 +73,7 @@ public class UnifiedAuthDTO { @Data public static class UserInfoResponse { private String userId; + private String idCard; private String userName; private String name; private String code; diff --git a/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java b/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java index 5f804a5..093b8e1 100644 --- a/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java +++ b/src/main/java/com/chinaweal/aiccs/org/service/impl/ImsUserServiceImpl.java @@ -85,6 +85,7 @@ public class ImsUserServiceImpl extends ServiceImpl impl newUser.setIsRoam(dto.getIsRoam()); newUser.setStatus(dto.getStatus()); newUser.setUserorg(dto.getUserorg()); + newUser.setUserorgcode(dto.getUserorgcode()); newUser.setDeleted("0"); this.save(newUser); } diff --git a/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java b/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java index 98b0464..feccc20 100644 --- a/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java +++ b/src/main/java/com/chinaweal/aiccs/org/service/impl/UnifiedAuthServiceImpl.java @@ -114,7 +114,7 @@ public class UnifiedAuthServiceImpl implements IUnifiedAuthService { ResponseEntity responseEntity = restTemplate.getForEntity(url, String.class); String responseBody = responseEntity.getBody(); - log.info("获取用户信息响应: {}", responseBody); + log.info("IMS获取用户信息响应: {}", responseBody); // 解析响应 UnifiedAuthDTO.UserInfoResponse response = JSON.parseObject(responseBody, UnifiedAuthDTO.UserInfoResponse.class);