diff --git a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java index f83eff3..cec1a2d 100644 --- a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java +++ b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java @@ -1,6 +1,7 @@ package com.chinaweal.aiccs.org.controller; import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.chinaweal.aiccs.common.base.controller.BaseController; import com.chinaweal.aiccs.common.constant.CommonConstants; @@ -9,6 +10,7 @@ import com.chinaweal.aiccs.common.util.SM4Utils; import com.chinaweal.aiccs.common.util.StringUtils; import com.chinaweal.aiccs.org.entity.*; import com.chinaweal.aiccs.org.entity.dto.*; +import com.chinaweal.aiccs.org.entity.vo.UserLoginSelectionVO; import com.chinaweal.aiccs.org.service.*; import com.chinaweal.aiccs.redis.RedisService; import com.chinaweal.aicorg.model.AICUser; @@ -18,7 +20,9 @@ import com.chinaweal.youfool.framework.springboot.rest.ResultCode; import com.chinaweal.youfool.framework.sso.util.SSOUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; +import io.swagger.annotations.ApiParam; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.collections4.CollectionUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; @@ -29,6 +33,9 @@ import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import java.io.UnsupportedEncodingException; import java.net.URLEncoder; +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Collectors; /** * Oauth登录控制器 @@ -65,6 +72,8 @@ public class OAuth2Controller extends BaseController { @Autowired private RedisService redisService; + private final static String USER_LOGIN_SELECTION = "USER_LOGIN_SELECTION:"; + /** * OAuth授权端点 */ @@ -636,29 +645,28 @@ public class OAuth2Controller extends BaseController { .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("统一身份认证回调信息不足以支持登录,请联系系统管理员", "UTF-8"))) .build(); } - ImsUser one = iImsUserService.lambdaQuery().eq(ImsUser::getIdCard, userInfo.getIdCard()) - .eq(ImsUser::getDeleted, CommonConstants.FALSE_0).last("limit 1").one(); - if (one == null) { - return ResponseEntity.status(HttpStatus.FOUND) - .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("IMS_USER用户信息不存在,请联系系统管理员", "UTF-8"))) - .build(); - } - // 查询绑定的账号 - String usercode = one.getUsercode(); - ImsUser imsUser = iImsUserService.getById(usercode); - if (imsUser == null) { + List supList = userSupInfoService.lambdaQuery().eq(UserSupInfo::getIdcardAbstr, DigestUtils.md5DigestAsHex(userInfo.getIdCard().getBytes())).list(); + if (CollectionUtils.isEmpty(supList)) { return ResponseEntity.status(HttpStatus.FOUND) .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8"))) .build(); } - String idCard = SM4Utils.decrypt(imsUser.getIdCard(), sm4Key); - UserSupInfo userSup = userSupInfoService.lambdaQuery().eq(UserSupInfo::getIdcardAbstr, DigestUtils.md5DigestAsHex(idCard.getBytes())).one(); - if (userSup == null) { + List list = usersService.lambdaQuery().in(TUsers::getUserid, supList.stream().map(UserSupInfo::getUserid).collect(Collectors.toList())) + .eq(TUsers::getDeleted, CommonConstants.FALSE_0).list(); + if (CollectionUtils.isEmpty(list)) { return ResponseEntity.status(HttpStatus.FOUND) .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8"))) .build(); } - TUsers tuser = usersService.getById(userSup.getUserid()); + // 存储候选 + if (list.size() > 1) { + redisService.set(USER_LOGIN_SELECTION + code, JSON.toJSONString(list), 900); + return ResponseEntity.status(HttpStatus.FOUND) + .location(java.net.URI.create("/integration/#/oauth2?requestId=" + requestId + "&code=" + code)) + .build(); + } + + TUsers tuser = list.get(0); RestResult loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026"); AICUser user = loginResult.getData(); @@ -684,6 +692,66 @@ public class OAuth2Controller extends BaseController { } } + /** + * 根据登录编码获取候选登录用户 + * + * @param code 查询编码 + * @return 查询结果 + */ + @ApiOperation("根据登录编码获取候选登录用户") + @GetMapping("/unified/selection") + public RestResult> getLoginSelection(@ApiParam("查询编码") @RequestParam String code) { + String json = redisService.get(USER_LOGIN_SELECTION + code); + if (StringUtils.isBlank(json)) { + return RestResult.error(ResultCode.DATA_NONE); + } + List list = JSONArray.parseArray(json, TUsers.class); + if (CollectionUtils.isEmpty(list)) { + return RestResult.error(ResultCode.DATA_NONE); + } + List loginSelectionList = new ArrayList<>(list.size()); + for (TUsers each : list) { + UserLoginSelectionVO atom = new UserLoginSelectionVO(); + atom.setUserId(each.getUserid()); + atom.setUsername(each.getUsername()); + atom.setRealname(each.getRealname()); + loginSelectionList.add(atom); + } + return RestResult.ok(loginSelectionList); + } + + /** + * 根据登录编码获取候选登录用户 + * + * @param code 查询编码 + * @return 查询结果 + */ + @ApiOperation("根据登录编码获取候选登录用户") + @PostMapping("/unified/select/login") + public RestResult selectLogin(@ApiParam("查询编码") @RequestParam String code, @ApiParam("用户id") @RequestParam String userId, + HttpServletRequest request) { + String json = redisService.get(USER_LOGIN_SELECTION + code); + if (StringUtils.isBlank(json)) { + return RestResult.error(ResultCode.DATA_NONE); + } + List list = JSONArray.parseArray(json, TUsers.class); + if (CollectionUtils.isEmpty(list)) { + return RestResult.error(ResultCode.DATA_NONE); + } + TUsers tuser = list.stream().filter(each -> StringUtils.equals(each.getUserid(), userId)).findFirst().orElse(null); + if (tuser == null) { + return RestResult.error(ResultCode.DATA_NONE); + } + + RestResult loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026"); + AICUser user = loginResult.getData(); + // 将登录了的用户信息存至Session + request.getSession().setAttribute(DRUID_SESSION_KEY, String.format("%s(%s)", user.getName(), user.getEname())); + redisService.remove(tuser.getUsername()); + SSOUtil.login(user); + return RestResult.ok(); + } + /** * 统一认证平台单点登出 * diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/vo/UserLoginSelectionVO.java b/src/main/java/com/chinaweal/aiccs/org/entity/vo/UserLoginSelectionVO.java new file mode 100644 index 0000000..4224481 --- /dev/null +++ b/src/main/java/com/chinaweal/aiccs/org/entity/vo/UserLoginSelectionVO.java @@ -0,0 +1,39 @@ +package com.chinaweal.aiccs.org.entity.vo; + +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; +import lombok.experimental.Accessors; + +import java.io.Serializable; + +/** + * 用户登录候选VO + * @author lroyia + * @since 2026/3/30 9:31 + **/ +@Data +@Accessors(chain = true) +@ApiModel("用户登录候选VO") +public class UserLoginSelectionVO implements Serializable { + + private static final long serialVersionUID = 1L; + + /** + * 用户id + */ + @ApiModelProperty("用户id") + private String userId; + + /** + * 用户名 + */ + @ApiModelProperty("用户名") + private String username; + + /** + * 用户真名 + */ + @ApiModelProperty("用户真名") + private String realname; +}