From 507a7f7a09bc3e93314109e12a4140c31b91ab85 Mon Sep 17 00:00:00 2001 From: cdf <857448963@qq.com> Date: Wed, 17 Jun 2026 14:19:52 +0800 Subject: [PATCH] =?UTF-8?q?=E8=BE=BD=E5=AE=81CAS=E7=BB=9F=E4=B8=80?= =?UTF-8?q?=E8=AE=A4=E8=AF=81=E5=85=BC=E5=AE=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pqs-auth/pom.xml | 9 +- .../njcn/auth/config/LnSsoClientConfig.java | 26 ++ .../njcn/auth/config/WebSecurityConfig.java | 2 +- .../njcn/auth/controller/AuthController.java | 190 +++++++++++- .../src/main/resources/bootstrap-sjzx.yml | 19 ++ .../njcn/gateway/filter/AuthGlobalFilter.java | 2 +- .../src/main/resources/bootstrap-sjzx.yml | 3 + pqs-gateway/src/main/resources/bootstrap.yml | 284 +----------------- .../com/njcn/user/enums/UserResponseEnum.java | 2 + 9 files changed, 238 insertions(+), 299 deletions(-) create mode 100644 pqs-auth/src/main/java/com/njcn/auth/config/LnSsoClientConfig.java diff --git a/pqs-auth/pom.xml b/pqs-auth/pom.xml index ac24251dd..5dfc8848e 100644 --- a/pqs-auth/pom.xml +++ b/pqs-auth/pom.xml @@ -66,6 +66,13 @@ common-oss ${project.version} + + + + com.sgcc.epri.auth + sso-client-base + 2.1.1 + @@ -138,4 +145,4 @@ - \ No newline at end of file + diff --git a/pqs-auth/src/main/java/com/njcn/auth/config/LnSsoClientConfig.java b/pqs-auth/src/main/java/com/njcn/auth/config/LnSsoClientConfig.java new file mode 100644 index 000000000..6fbcf4a6f --- /dev/null +++ b/pqs-auth/src/main/java/com/njcn/auth/config/LnSsoClientConfig.java @@ -0,0 +1,26 @@ +package com.njcn.auth.config; + +/** + * pqs + * + * @author cdf + * @date 2026/6/8 + */ + +import com.sgcc.epri.auth.config.EnableSSOClient; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Configuration; + +/** + * 仅控制 SSO 客户端开关,不影响任何其他功能 + */ +@Configuration +@ConditionalOnProperty( + prefix = "cas.client", // 配置前缀 + name = "enabled", // 配置项名称 + havingValue = "true", // 值为true才生效 + matchIfMissing = false // 不配置默认关闭 +) +@EnableSSOClient +public class LnSsoClientConfig { +} diff --git a/pqs-auth/src/main/java/com/njcn/auth/config/WebSecurityConfig.java b/pqs-auth/src/main/java/com/njcn/auth/config/WebSecurityConfig.java index bba915ca9..773d503c0 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/config/WebSecurityConfig.java +++ b/pqs-auth/src/main/java/com/njcn/auth/config/WebSecurityConfig.java @@ -37,7 +37,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() - .antMatchers("/oauth/getPublicKey","/oauth/logout","/auth/getImgCode","/judgeToken/guangZhou","/judgeToken/heBei","/oauth/autoLogin").permitAll() + .antMatchers("/oauth/getPublicKey","/oauth/logout","/auth/getImgCode","/judgeToken/guangZhou","/judgeToken/heBei","/oauth/autoLogin","/oauth/lnLogin","/oauth/lnCheck","/oauth/lnRefreshToken").permitAll() // @link https://gitee.com/xiaoym/knife4j/issues/I1Q5X6 (接口文档knife4j需要放行的规则) .antMatchers("/webjars/**","/doc.html","/swagger-resources/**","/v2/api-docs").permitAll() .anyRequest().authenticated() diff --git a/pqs-auth/src/main/java/com/njcn/auth/controller/AuthController.java b/pqs-auth/src/main/java/com/njcn/auth/controller/AuthController.java index f3d832e22..7b2a1f370 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/controller/AuthController.java +++ b/pqs-auth/src/main/java/com/njcn/auth/controller/AuthController.java @@ -25,13 +25,17 @@ import com.njcn.user.pojo.po.UserStrategy; import com.njcn.web.controller.BaseController; import com.njcn.web.utils.RequestUtil; import com.njcn.web.utils.RestTemplateUtil; +import com.sgcc.epri.auth.session.HttpSessionManager; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; -import lombok.AllArgsConstructor; +import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections.CollectionUtils; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint; import org.springframework.web.HttpRequestMethodNotSupportedException; @@ -39,6 +43,10 @@ import org.springframework.web.bind.annotation.*; import org.springframework.web.util.UriComponentsBuilder; import springfox.documentation.annotations.ApiIgnore; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; import java.net.URI; import java.security.KeyPair; import java.security.Principal; @@ -55,7 +63,7 @@ import java.util.stream.Collectors; @Slf4j @RestController @RequestMapping("/oauth") -@AllArgsConstructor +@RequiredArgsConstructor public class AuthController extends BaseController { @@ -71,6 +79,11 @@ public class AuthController extends BaseController { private final UserTokenService userTokenService; + @Value("${cas.redirect-url:http://10.21.30.11:8088/#/login?flag=1}") + private String redirectUrl; + + private String UsernamePrefix = "CAS_"; + @ApiIgnore @OperateInfo(info = LogEnum.SYSTEM_SERIOUS, operateType = OperateType.AUTHENTICATE) @@ -91,7 +104,6 @@ public class AuthController extends BaseController { String methodDescribe = getMethodDescribe("postAccessToken"); String username = parameters.get(SecurityConstants.USERNAME); - String grantType = parameters.get(SecurityConstants.GRANT_TYPE); if (grantType.equalsIgnoreCase(SecurityConstants.GRANT_CAPTCHA) || grantType.equalsIgnoreCase(SecurityConstants.REFRESH_TOKEN_KEY)) { username = DesUtils.aesDecrypt(username); @@ -104,19 +116,19 @@ public class AuthController extends BaseController { UserStrategy data = passWordRuleFeugnClient.getUserStrategy().getData(); String onlineUserKey = SecurityConstants.TOKEN_ONLINE_PREFIX; List onLineUser = (List) redisUtil.getLikeListAllValues(onlineUserKey); - if(CollectionUtil.isNotEmpty(onLineUser)){ + if (CollectionUtil.isNotEmpty(onLineUser)) { String finalUsername = username; - onLineUser = onLineUser.stream().filter(item->{ + onLineUser = onLineUser.stream().filter(item -> { JSONObject jsonObject = AuthPubUtil.getLoginByToken(item.getRefreshToken()); String login = jsonObject.getStr(SecurityConstants.USER_NAME_KEY); long exp = Long.parseLong(jsonObject.getStr(SecurityConstants.JWT_EXP)); - long now = Calendar.getInstance().getTimeInMillis()/1000; - return (exp > now) && !login.equals(finalUsername); + long now = Calendar.getInstance().getTimeInMillis() / 1000; + return (exp > now) && !login.equals(finalUsername); }).collect(Collectors.toList()); } Integer maxNum = data.getMaxNum(); - if((CollectionUtil.isNotEmpty(onLineUser)?onLineUser.size():0)>=maxNum){ + if ((CollectionUtil.isNotEmpty(onLineUser) ? onLineUser.size() : 0) >= maxNum) { throw new BusinessException(UserResponseEnum.LOGIN_USER_OVERLIMIT); } @@ -143,7 +155,7 @@ public class AuthController extends BaseController { @OperateInfo(info = LogEnum.SYSTEM_SERIOUS, operateType = OperateType.LOGOUT) @ApiOperation("用户登出系统") @DeleteMapping("/logout") - public HttpResult logout() { + public HttpResult logout(HttpServletRequest request, HttpServletResponse response) { String methodDescribe = getMethodDescribe("logout"); String userIndex = RequestUtil.getUserIndex(); String username = RequestUtil.getUsername(); @@ -165,6 +177,24 @@ public class AuthController extends BaseController { long lifeTime = Math.abs(refreshTokenExpire.plusMinutes(5L).toEpochSecond(ZoneOffset.of("+8")) - LocalDateTime.now().toEpochSecond(ZoneOffset.of("+8"))); redisUtil.saveByKeyWithExpire(blackUserKey, blackUsers, lifeTime); } + + + // 以下代码是辽宁登出代码,关键:使 Session 失效 + request.getSession().invalidate(); + + // 清除 JSESSIONID + Cookie jsessionidCookie = new Cookie("JSESSIONID", null); + jsessionidCookie.setMaxAge(0); + jsessionidCookie.setPath("/"); + response.addCookie(jsessionidCookie); + + // 清除 loginUser Cookie(关键!) + Cookie loginUserCookie = new Cookie("loginUser", null); + loginUserCookie.setMaxAge(0); + loginUserCookie.setPath("/"); + response.addCookie(loginUserCookie); + + log.info("登出成功。。。。。。。。。。。。。。。。"); return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe); } @@ -186,20 +216,152 @@ public class AuthController extends BaseController { */ @OperateInfo(info = LogEnum.SYSTEM_COMMON, operateType = OperateType.AUTHENTICATE) @ApiOperation("自动登录") - @PostMapping("/autoLogin") + @GetMapping("/autoLogin") @ApiImplicitParam(name = "phone", value = "手机号", required = true, paramType = "query") @ApiIgnore public HttpResult autoLogin(@RequestParam String phone) { String methodDescribe = getMethodDescribe("autoLogin"); String userUrl = "http://127.0.0.1:10214/oauth/token"; UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(userUrl) - .queryParam("grant_type", "sms_code") - .queryParam("client_id", "njcnapp") + .queryParam("grant_type", SecurityConstants.GRANT_AUTHORIZATION_CODE) + .queryParam("client_id", "njcn") .queryParam("client_secret", "njcnpqs") - .queryParam("phone", phone) - .queryParam("smsCode", "123456789"); + .queryParam("username", "%2FPY4%2FD07ExoKDUg6yCi2cA%3D%3D") + .queryParam("imageCode", "verifyCode") + .queryParam("verifyCode", "0"); + URI uri = builder.build().encode().toUri(); return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, Objects.requireNonNull(RestTemplateUtil.post(uri, HttpResult.class).getBody()).getData(), methodDescribe); } + + /** + * 【电科院CAS调控云单点登录适配】 + * 这个只用来匹配 + */ + @ApiIgnore + @GetMapping("/lnLogin") + @ApiOperation("获取ln系统用户token") + public HttpResult lnLogin(@RequestParam String clientId, @RequestParam String clientSecret, HttpServletRequest request, HttpServletResponse response) throws HttpRequestMethodNotSupportedException { + log.info("进入lnLogin++++++++++++++++++"); + String methodDescribe = getMethodDescribe("lnLogin"); + + // 读取CAS信息 + String userName = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.AUTH_USER_KEY)); + String userId = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.USER_ID_KEY)); + String owner = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.USER_OWNER)); + String name = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.USER_NAME_CHN)); + String employeeId = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.USER_EMPLOYEE_ID)); + + log.info("userName:{}", userName); + log.info("userId:{}", userId); + log.info("owner:{}", owner); + log.info("name:{}", name); + log.info("employeeId:{}", employeeId); + + if ("null".equals(userName)) { + throw new BusinessException(UserResponseEnum.LN_AUTH_ERROR); + } + + // 2. 【关键】用户名前面加上"CAS_"前缀,让UserDetailsService识别 + String casUsername = userName; + + // 2. 直接构造 OAuth2 必要参数(跳过所有密码/加密校验) + Map parameters = new HashMap<>(); + parameters.put("grant_type", "password"); // 固定密码模式 + parameters.put("client_id", clientId); // 你的客户端ID + parameters.put("client_secret", clientSecret); // 你的客户端秘钥 + parameters.put("username", userName); // 统一认证传过来的用户名 + parameters.put("password", "@#001njcnpqs"); + + // 3. 直接调用 OAuth2 生成 Token(跳过所有登录校验) + Authentication authentication = new UsernamePasswordAuthenticationToken( + clientId, clientSecret, Collections.emptyList() + ); + + OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(authentication, parameters).getBody(); + + + // 获取过期时间(秒数) + int expiresIn = oAuth2AccessToken.getExpiresIn(); + log.info("token过期时间: {} 秒", expiresIn); + log.info("token过期时间: {} 分钟", expiresIn / 60); + log.info("token过期时间: {} 小时", expiresIn / 3600); + log.info("====== 免密登录成功,返回token给前端 ======"); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, oAuth2AccessToken, methodDescribe); + } + + + /** + * 重点: + * 这个接口 不加 白名单 + * 访问它 → 自动跳CAS → 登录成功 → 重定向到登录页 + */ + @GetMapping("/lnCheck") + @ApiOperation("检查CAS是否登录") + public void lnToken(HttpServletRequest request, HttpServletResponse response) throws IOException { + log.info("进入lnCheck。。。。"); + response.sendRedirect(redirectUrl); + } + + + /** + */ + @GetMapping("/lnRefreshToken") + @ApiOperation("刷新token") + public HttpResult lnRefreshToken( + @RequestParam String refreshToken, + @RequestParam String clientId, + @RequestParam String clientSecret, + HttpServletRequest request, + HttpServletResponse response) throws HttpRequestMethodNotSupportedException { + + log.info("进入lnRefreshToken,开始刷新token"); + String methodDescribe = getMethodDescribe("lnRefreshToken"); + + // ========== 【前置:优先校验CAS会话是否过期】 ========== + String userName = String.valueOf(HttpSessionManager.getAttribute(request, HttpSessionManager.AUTH_USER_KEY)); + if ("null".equals(userName)) { + log.error("CAS会话已过期,跳转登录页"); + throw new BusinessException(UserResponseEnum.LN_AUTH_ERROR); + } + + // 1. 先尝试用refresh_token正常刷新 + Map parameters = new HashMap<>(); + parameters.put("grant_type", "refresh_token"); + parameters.put("refresh_token", refreshToken); + parameters.put("client_id", clientId); + parameters.put("client_secret", clientSecret); + + Authentication authentication = new UsernamePasswordAuthenticationToken( + clientId, clientSecret, Collections.emptyList() + ); + + try { + OAuth2AccessToken newAccessToken = tokenEndpoint.postAccessToken(authentication, parameters).getBody(); + log.info("refresh_token刷新成功"); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, newAccessToken, methodDescribe); + } catch (Exception e) { + log.warn("refresh_token刷新失败,尝试回退到CAS会话重新签发token", e); + } + + + // 3. CAS会话有效,重新签发token(等同于重新登录) + log.info("CAS会话有效,为用户[{}]重新签发token", userName); + String casUsername = userName; + Map reLoginParams = new HashMap<>(); + reLoginParams.put("grant_type", "password"); + reLoginParams.put("client_id", clientId); + reLoginParams.put("client_secret", clientSecret); + reLoginParams.put("username", userName); + reLoginParams.put("password", "@#001njcnpqs"); + + Authentication reAuth = new UsernamePasswordAuthenticationToken( + clientId, clientSecret, Collections.emptyList() + ); + + OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(reAuth, reLoginParams).getBody(); + log.info("CAS回退重签token成功,userName:{}", userName); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, oAuth2AccessToken, methodDescribe); + } } diff --git a/pqs-auth/src/main/resources/bootstrap-sjzx.yml b/pqs-auth/src/main/resources/bootstrap-sjzx.yml index 8c46a2ea1..14e9e4e8e 100644 --- a/pqs-auth/src/main/resources/bootstrap-sjzx.yml +++ b/pqs-auth/src/main/resources/bootstrap-sjzx.yml @@ -55,3 +55,22 @@ mybatis-plus: mqtt: client-id: @artifactId@${random.value} + + + + +cas: + client: + # true 开启 false 关闭 + enabled: false + redirect-url: http://PQMonitoring.dcloud.ln.dc.sgcc.com.cn/#/login?flag=1 + server-url-prefix: http://privilege-epri.dcloud.ln.dc.sgcc.com.cn/cas + server-login-url: http://privilege-epri.dcloud.ln.dc.sgcc.com.cn/cas/login + client-host-url: http://PQMonitoring.dcloud.ln.dc.sgcc.com.cn:80 + validation-type: CAS + #白名单设置 + # /oauth/lnLogin$|/pqs-auth/oauth/lnLogin|/oauth/lnRefreshToken$|/pqs-auth/oauth/lnRefreshToken +sso: + whiteList: + + diff --git a/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java b/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java index 4b22f8a22..0e9b7d54b 100644 --- a/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java +++ b/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java @@ -44,7 +44,7 @@ import java.util.List; @RequiredArgsConstructor public class AuthGlobalFilter implements GlobalFilter, Ordered { - private final static List USER_AGENT_IP = Arrays.asList("/pqs-auth/auth/getImgCode", "/pqs-auth/oauth/token", "/user-boot/user/generateSm2Key", "/user-boot/user/updateFirstPassword", "/user-boot/appUser/resetPsd"); + private final static List USER_AGENT_IP = Arrays.asList("/pqs-auth/auth/getImgCode", "/pqs-auth/oauth/token", "/user-boot/user/generateSm2Key", "/user-boot/user/updateFirstPassword", "/user-boot/appUser/resetPsd","/pqs-auth/oauth/lnLogin","/pqs-auth/oauth/lnCheck","/pqs-auth/oauth/lnRefreshToken"); private final RedisUtil redisUtil; diff --git a/pqs-gateway/src/main/resources/bootstrap-sjzx.yml b/pqs-gateway/src/main/resources/bootstrap-sjzx.yml index 8f3ee1adb..441af6c47 100644 --- a/pqs-gateway/src/main/resources/bootstrap-sjzx.yml +++ b/pqs-gateway/src/main/resources/bootstrap-sjzx.yml @@ -223,6 +223,9 @@ whitelist: - /user-boot/appUser/resetPsd - /pqs-auth/oauth/logout - /pqs-auth/oauth/token + - /pqs-auth/oauth/lnLogin + - /pqs-auth/oauth/lnCheck + - /pqs-auth/oauth/lnRefreshToken - /pqs-auth/oauth/autoLogin - /pqs-auth/auth/getImgCode - /pqs-auth/oauth/getPublicKey diff --git a/pqs-gateway/src/main/resources/bootstrap.yml b/pqs-gateway/src/main/resources/bootstrap.yml index 7ceb0bc24..55f514180 100644 --- a/pqs-gateway/src/main/resources/bootstrap.yml +++ b/pqs-gateway/src/main/resources/bootstrap.yml @@ -1,283 +1,3 @@ -#当前服务的基本信息 -microservice: - ename: @artifactId@ - name: "@name@" - version: @version@ - sentinel: - url: @sentinel.url@ - gateway: - url: @gateway.url@ -server: - port: 10215 spring: - application: - name: @artifactId@ - main: - allow-bean-definition-overriding: true - #nacos注册中心以及配置中心的指定 - cloud: - nacos: - discovery: - ip: @service.server.url@ - server-addr: @nacos.url@ - username: @nacos.username@ - password: @nacos.password@ - namespace: @nacos.namespace@ - config: - server-addr: @nacos.url@ - username: @nacos.username@ - password: @nacos.password@ - namespace: @nacos.namespace@ - file-extension: yaml - shared-configs: - - data-id: share-config.yaml - refresh: true - - data-id: share-config-datasource-db.yaml - refresh: true - gateway: - globalcors: - corsConfigurations: - '[/**]': - allowCredentials: true - exposedHeaders: "Content-Disposition,Content-Type,Cache-Control" - allowedHeaders: "*" - allowedOrigins: "*" - allowedMethods: "*" - discovery: - locator: - # 开启自动代理 (自动装载从配置中心serviceId) - enabled: true - # 服务id为true --> 这样小写服务就可访问了 - lower-case-service-id: true - routes: - - id: pqs-auth - uri: lb://pqs-auth - predicates: - - Path=/pqs-auth/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: user-boot - uri: lb://user-boot - predicates: - - Path=/user-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: device-boot - uri: lb://device-boot - predicates: - - Path=/device-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: system-boot - uri: lb://system-boot - predicates: - - Path=/system-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: harmonic-boot - uri: lb://harmonic-boot - predicates: - - Path=/harmonic-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: energy-boot - uri: lb://energy-boot - predicates: - - Path=/energy-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: event-boot - uri: lb://event-boot - predicates: - - Path=/event-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: quality-boot - uri: lb://quality-boot - predicates: - - Path=/quality-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: harmonic-prepare - uri: lb://harmonic-prepare - predicates: - - Path=/harmonic-prepare/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: process-boot - uri: lb://process-boot - predicates: - - Path=/process-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: prepare-boot - uri: lb://prepare-boot - predicates: - - Path=/prepare-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: algorithm-boot - uri: lb://algorithm-boot - predicates: - - Path=/algorithm-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: access-boot - uri: lb://access-boot - predicates: - - Path=/access-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: cs-device-boot - uri: lb://cs-device-boot - predicates: - - Path=/cs-device-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: cs-system-boot - uri: lb://cs-system-boot - predicates: - - Path=/cs-system-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: cs-warn-boot - uri: lb://cs-warn-boot - predicates: - - Path=/cs-warn-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: cs-harmonic-boot - uri: lb://cs-harmonic-boot - predicates: - - Path=/cs-harmonic-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: advance-boot - uri: lb://advance-boot - predicates: - - Path=/advance-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: bpm-boot - uri: lb://bpm-boot - predicates: - - Path=/bpm-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: supervision-boot - uri: lb://supervision-boot - predicates: - - Path=/supervision-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - - id: cs-report-boot - uri: lb://cs-report-boot - predicates: - - Path=/cs-report-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - #河北国网总部调用省侧接口,路径总部统一规定 - - id: hb_pms_down - uri: lb://harmonic-boot - predicates: - - Path=/IndexAnalysis/** - - Path=/pms-tech-powerquality-start/** - - id: zl-event-boot - uri: lb://zl-event-boot - predicates: - - Path=/zl-event-boot/** - filters: - - SwaggerHeaderFilter - - StripPrefix=1 - -#项目日志的配置 -logging: - #config: http://@nacos.url@/nacos/v1/cs/configs?tenant=@nacos.namespace@&group=DEFAULT_GROUP&dataId=logback.xml - level: - root: info - -whitelist: - urls: - - /user-boot/user/generateSm2Key - - /user-boot/theme/getTheme - - /user-boot/user/updateFirstPassword - - /user-boot/appUser/authCode - - /user-boot/appUser/register - - /user-boot/appUser/resetPsd - - /pqs-auth/oauth/logout - - /pqs-auth/oauth/token - - /pqs-auth/oauth/autoLogin - - /pqs-auth/auth/getImgCode - - /pqs-auth/oauth/getPublicKey - - /pqs-auth/judgeToken/heBei - - /pqs-auth/judgeToken/guangZhou - - - /webjars/** - - /actuator/** - - /doc.html - - /swagger-resources/** - - /*/v2/api-docs - - /favicon.ico - - /system-boot/theme/getTheme - - /system-boot/image/toStream - - /system-boot/file/download - - /cs-system-boot/appinfo/queryAppInfoByType - - /system-boot/dictType/dictDataCache - - /system-boot/file/** - - /system-boot/area/** - - /bpm-boot/** - - /harmonic-boot/comAccess/getComAccessData - - /harmonic-boot/harmonic/getHistoryResult - - /event-boot/transient/getTransientAnalyseWave -# - /** - #开始 -# - /advance-boot/** -# - /device-boot/** -# - /system-boot/** -# - /harmonic-boot/** -# - /energy-boot/** -# - /event-boot/** -# - /quality-boot/** -# - /harmonic-prepare/** -# - /process-boot/** -# - /bpm-boot/** -# - /system-boot/** -# - /supervision-boot/** -# - /user-boot/** -# - /harmonic-boot/** -# - /cs-device-boot/** - #结束 - - /user-boot/user/listAllUserByDeptId - - /IndexAnalysis/** -#mqtt: -# client-id: @artifactId@${random.value} - - - - - - - - - + profiles: + active: @spring.profiles.active@ diff --git a/pqs-user/user-api/src/main/java/com/njcn/user/enums/UserResponseEnum.java b/pqs-user/user-api/src/main/java/com/njcn/user/enums/UserResponseEnum.java index 3c2e83b06..24d5ce185 100644 --- a/pqs-user/user-api/src/main/java/com/njcn/user/enums/UserResponseEnum.java +++ b/pqs-user/user-api/src/main/java/com/njcn/user/enums/UserResponseEnum.java @@ -105,6 +105,8 @@ public enum UserResponseEnum { REFERRAL_CODE_LAPSE("A0119","角色推荐码失效,请联系管理员"), REFERRAL_CODE_ERROR("A0119","角色推荐码错误,请联系管理员"), + LN_AUTH_ERROR("A0121","统一认证过期,请重新认证"), + ; private final String code;