初始化
This commit is contained in:
@@ -0,0 +1,140 @@
|
||||
package com.njcn.auth.controller;
|
||||
|
||||
import com.nimbusds.jose.jwk.JWKSet;
|
||||
import com.nimbusds.jose.jwk.RSAKey;
|
||||
import com.njcn.auth.service.UserTokenService;
|
||||
import com.njcn.common.pojo.constant.SecurityConstants;
|
||||
import com.njcn.common.pojo.dto.UserTokenInfo;
|
||||
import com.njcn.common.pojo.enums.response.CommonResponseEnum;
|
||||
import com.njcn.common.pojo.response.HttpResult;
|
||||
import com.njcn.common.utils.HttpResultUtil;
|
||||
import com.njcn.common.utils.LogUtil;
|
||||
import com.njcn.common.utils.sm.DesUtils;
|
||||
import com.njcn.redis.utils.RedisUtil;
|
||||
import com.njcn.user.api.UserFeignClient;
|
||||
import com.njcn.web.controller.BaseController;
|
||||
import com.njcn.web.utils.RequestUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
import io.swagger.annotations.ApiImplicitParams;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.collections.CollectionUtils;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
|
||||
import org.springframework.web.HttpRequestMethodNotSupportedException;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import springfox.documentation.annotations.ApiIgnore;
|
||||
|
||||
import java.security.KeyPair;
|
||||
import java.security.Principal;
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.time.LocalDateTime;
|
||||
import java.time.ZoneOffset;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
|
||||
/**
|
||||
* @author hongawen
|
||||
*/
|
||||
@Api(tags = "认证中心")
|
||||
@Slf4j
|
||||
@RestController
|
||||
@RequestMapping("/oauth")
|
||||
@AllArgsConstructor
|
||||
public class AuthController extends BaseController {
|
||||
|
||||
|
||||
private final TokenEndpoint tokenEndpoint;
|
||||
|
||||
private final KeyPair keyPair;
|
||||
|
||||
private final RedisUtil redisUtil;
|
||||
|
||||
private final UserFeignClient userFeignClient;
|
||||
|
||||
private final UserTokenService userTokenService;
|
||||
|
||||
|
||||
@ApiIgnore
|
||||
@ApiOperation("登录认证")
|
||||
@ApiImplicitParams({
|
||||
@ApiImplicitParam(name = SecurityConstants.GRANT_TYPE, defaultValue = "password", value = "授权模式", required = true),
|
||||
@ApiImplicitParam(name = SecurityConstants.CLIENT_ID, defaultValue = "njcn", value = "Oauth2客户端ID", required = true),
|
||||
@ApiImplicitParam(name = SecurityConstants.CLIENT_SECRET, defaultValue = "njcnpqs", value = "Oauth2客户端秘钥", required = true),
|
||||
@ApiImplicitParam(name = SecurityConstants.REFRESH_TOKEN, value = "刷新token"),
|
||||
@ApiImplicitParam(name = SecurityConstants.USERNAME, value = "登录用户名"),
|
||||
@ApiImplicitParam(name = SecurityConstants.PASSWORD, value = "登录密码"),
|
||||
@ApiImplicitParam(name = SecurityConstants.IMAGE_CODE, value = "图形验证码"),
|
||||
})
|
||||
@PostMapping("/token")
|
||||
public Object postAccessToken(@ApiIgnore Principal principal, @RequestParam @ApiIgnore Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
|
||||
String methodDescribe = getMethodDescribe("postAccessToken");
|
||||
String username = parameters.get(SecurityConstants.USERNAME);
|
||||
String grantType = parameters.get(SecurityConstants.GRANT_TYPE);
|
||||
//正式环境需删除,均是加密的用户名
|
||||
if (!grantType.equalsIgnoreCase(SecurityConstants.PASSWORD)) {
|
||||
username = DesUtils.aesDecrypt(username);
|
||||
}
|
||||
if (grantType.equalsIgnoreCase(SecurityConstants.REFRESH_TOKEN_KEY)) {
|
||||
//如果是刷新token,需要去黑名单校验
|
||||
userTokenService.judgeRefreshToken(parameters.get(SecurityConstants.REFRESH_TOKEN_KEY));
|
||||
}
|
||||
RequestUtil.saveLoginName(username);
|
||||
OAuth2AccessToken oAuth2AccessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
|
||||
//用户的登录名&密码校验成功后,判断当前该用户是否可以正常使用系统
|
||||
userFeignClient.judgeUserStatus(username);
|
||||
//登录成功后,记录token信息,并处理踢人效果
|
||||
userTokenService.recordUserInfo(oAuth2AccessToken);
|
||||
if (!grantType.equalsIgnoreCase(SecurityConstants.PASSWORD)) {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, oAuth2AccessToken, methodDescribe);
|
||||
} else {
|
||||
return oAuth2AccessToken;
|
||||
}
|
||||
}
|
||||
|
||||
@ApiOperation("用户登出系统")
|
||||
@DeleteMapping("/logout")
|
||||
public HttpResult<Object> logout() {
|
||||
String methodDescribe = getMethodDescribe("logout");
|
||||
String userIndex = RequestUtil.getUserIndex();
|
||||
String username = RequestUtil.getUsername();
|
||||
LogUtil.njcnDebug(log, "{},用户名为:{}", methodDescribe, username);
|
||||
String blackUserKey = SecurityConstants.TOKEN_BLACKLIST_PREFIX + userIndex;
|
||||
String onlineUserKey = SecurityConstants.TOKEN_ONLINE_PREFIX + userIndex;
|
||||
Object onlineTokenInfoOld = redisUtil.getObjectByKey(onlineUserKey);
|
||||
List<UserTokenInfo> blackUsers = (List<UserTokenInfo>) redisUtil.getObjectByKey(blackUserKey);
|
||||
UserTokenInfo userTokenInfo;
|
||||
if (!Objects.isNull(onlineTokenInfoOld)) {
|
||||
//清除在线token信息
|
||||
redisUtil.delete(onlineUserKey);
|
||||
userTokenInfo = (UserTokenInfo) onlineTokenInfoOld;
|
||||
if (CollectionUtils.isEmpty(blackUsers)) {
|
||||
blackUsers = new ArrayList<>();
|
||||
}
|
||||
blackUsers.add(userTokenInfo);
|
||||
LocalDateTime refreshTokenExpire = userTokenInfo.getRefreshTokenExpire();
|
||||
long lifeTime = Math.abs(refreshTokenExpire.plusMinutes(5L).toEpochSecond(ZoneOffset.of("+8")) - LocalDateTime.now().toEpochSecond(ZoneOffset.of("+8")));
|
||||
redisUtil.saveByKeyWithExpire(blackUserKey, blackUsers, lifeTime);
|
||||
}
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 文档隐藏该接口
|
||||
*/
|
||||
@ApiIgnore
|
||||
@ApiOperation("RSA公钥获取接口")
|
||||
@GetMapping("/getPublicKey")
|
||||
public Map<String, Object> getPublicKey() {
|
||||
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
|
||||
RSAKey key = new RSAKey.Builder(publicKey).build();
|
||||
return new JWKSet(key).toJSONObject();
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
package com.njcn.auth.controller;
|
||||
|
||||
import cn.hutool.json.JSONObject;
|
||||
import com.njcn.common.pojo.annotation.OperateInfo;
|
||||
import com.njcn.common.pojo.enums.common.LogEnum;
|
||||
import com.njcn.common.pojo.enums.response.CommonResponseEnum;
|
||||
import com.njcn.common.pojo.response.HttpResult;
|
||||
import com.njcn.common.utils.HttpResultUtil;
|
||||
import com.njcn.common.utils.LogUtil;
|
||||
import com.njcn.web.controller.BaseController;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiImplicitParam;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpEntity;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
/**
|
||||
* @author hongawen
|
||||
* @version 1.0.0
|
||||
* @date 2022年04月27日 11:22
|
||||
*/
|
||||
@Slf4j
|
||||
@RestController
|
||||
@AllArgsConstructor
|
||||
@Api(tags = "校验第三方token")
|
||||
@RequestMapping("/judgeToken")
|
||||
public class JudgeThirdToken extends BaseController {
|
||||
|
||||
/**
|
||||
* 校验广州超高压token有效性
|
||||
*
|
||||
* @param token token数据
|
||||
*/
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON)
|
||||
@PostMapping("/guangZhou")
|
||||
@ApiOperation("校验广州超高压token有效性")
|
||||
@ApiImplicitParam(name = "token", value = "", required = true)
|
||||
public HttpResult<Object> guangZhou(String token) {
|
||||
RestTemplate restTemplate = new RestTemplate();
|
||||
String methodDescribe = getMethodDescribe("guangZhou");
|
||||
LogUtil.njcnDebug(log, "{},token:{}", methodDescribe, token);
|
||||
|
||||
// 请求地址
|
||||
String url = "http://10.121.17.9:9080/ehv/auth_valid";
|
||||
|
||||
// 请求头设置,x-www-form-urlencoded格式的数据
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
|
||||
|
||||
//提交参数设置
|
||||
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
|
||||
map.add("token", token);
|
||||
|
||||
// 组装请求体
|
||||
HttpEntity<MultiValueMap<String, String>> request =
|
||||
new HttpEntity<>(map, headers);
|
||||
|
||||
// 发送post请求,并打印结果,以String类型接收响应结果JSON字符串
|
||||
String result = restTemplate.postForObject(url, request, String.class);
|
||||
JSONObject resultJson = new JSONObject(result);
|
||||
System.out.println(result);
|
||||
if (resultJson.getInt("status") == 1) {
|
||||
//成功
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe);
|
||||
} else {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,80 @@
|
||||
package com.njcn.auth.controller;
|
||||
|
||||
import cn.hutool.core.io.IoUtil;
|
||||
import com.google.code.kaptcha.Producer;
|
||||
import com.google.code.kaptcha.util.Config;
|
||||
import com.njcn.auth.utils.AuthPubUtil;
|
||||
import com.njcn.common.pojo.constant.SecurityConstants;
|
||||
import com.njcn.redis.utils.RedisUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import springfox.documentation.annotations.ApiIgnore;
|
||||
|
||||
import javax.imageio.ImageIO;
|
||||
import javax.servlet.ServletOutputStream;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.awt.image.BufferedImage;
|
||||
import java.io.IOException;
|
||||
import java.util.Properties;
|
||||
|
||||
/**
|
||||
* @author hongawen
|
||||
* @version 1.0.0
|
||||
* @date 2021年06月04日 15:25
|
||||
*/
|
||||
@Api(tags = "认证中心")
|
||||
@Slf4j
|
||||
@Controller
|
||||
@RequestMapping("/auth")
|
||||
@AllArgsConstructor
|
||||
public class KaptchaController {
|
||||
|
||||
private final RedisUtil redisUtil;
|
||||
|
||||
@ApiIgnore
|
||||
@ApiOperation("获取图形验证码")
|
||||
@GetMapping("/getImgCode")
|
||||
public void getImgCode(@ApiIgnore HttpServletResponse resp, @ApiIgnore HttpServletRequest request) {
|
||||
ServletOutputStream out = null;
|
||||
try {
|
||||
out = resp.getOutputStream();
|
||||
// resp.setContentType("image/jpeg");"/pqs-auth/auth/getImgCode",
|
||||
if (null != out) {
|
||||
Properties props = new Properties();
|
||||
Producer kaptchaProducer;
|
||||
ImageIO.setUseCache(false);
|
||||
props.put("kaptcha.border", "no");
|
||||
props.put("kaptcha.textproducer.font.color", "black");
|
||||
/*props.put("kaptcha.obscurificator.impl", "com.google.code.kaptcha.impl.ShadowGimpy");*/
|
||||
/*props.put("kaptcha.noise.impl", "com.sso.utils.ComplexNoise");*/
|
||||
props.put("kaptcha.textproducer.char.space", "5");
|
||||
props.put("kaptcha.textproducer.char.length", "4");
|
||||
Config config = new Config(props);
|
||||
kaptchaProducer = config.getProducerImpl();
|
||||
//此处需要固定采用字母和数字混合
|
||||
String capText = AuthPubUtil.getKaptchaText(4);
|
||||
String userAgent = request.getHeader(HttpHeaders.USER_AGENT);
|
||||
String ip = request.getHeader(SecurityConstants.REQUEST_HEADER_KEY_CLIENT_REAL_IP);
|
||||
String key = userAgent + ip;
|
||||
redisUtil.delete(key);
|
||||
redisUtil.saveByKeyWithExpire(key, capText, 30*60L);
|
||||
BufferedImage bi = kaptchaProducer.createImage(capText);
|
||||
ImageIO.write(bi, "jpg", out);
|
||||
out.flush();
|
||||
}
|
||||
} catch (IOException ioException) {
|
||||
log.error("获取图形验证码异常,异常为:{}", ioException.toString());
|
||||
} finally {
|
||||
IoUtil.close(out);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user