代码修改

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java

@@ -262,169 +262,164 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
     */
    @RequestMapping(value = "/oauth/login", method = RequestMethod.POST)
    public ResponseEntity<Oauth2Envelop<WlyyUserSimple>> login(@RequestParam Map<String, String> parameters, HttpSession httpSession) throws Exception {
        try{
            logger.info("login:登录进入1");
            //图形验证码验证
            String key = parameters.get("key");
            String text = parameters.get("text");
            if(org.apache.commons.lang3.StringUtils.isNotBlank(key)&& org.apache.commons.lang3.StringUtils.isNotBlank(text)){
                if(!verifyCaptcha(key,text)){
                    throw new ImgCaptchaException("img_captcha error");
                }
        logger.info("login:登录进入1");
        //图形验证码验证
        String key = parameters.get("key");
        String text = parameters.get("text");
        if(org.apache.commons.lang3.StringUtils.isNotBlank(key)&& org.apache.commons.lang3.StringUtils.isNotBlank(text)){
            if(!verifyCaptcha(key,text)){
                throw new ImgCaptchaException("img_captcha error");
            }
            logger.info("login:登录进入2");
        }
        logger.info("login:登录进入2");
            String flag = parameters.get("flag");
        String flag = parameters.get("flag");
            String username = parameters.get("username");
            logger.info(username);
        String username = parameters.get("username");
        logger.info(username);
            if (StringUtils.isEmpty(username)&&StringUtils.isEmpty(flag)) {
                throw new InvalidRequestException("username");
        if (StringUtils.isEmpty(username)&&StringUtils.isEmpty(flag)) {
            throw new InvalidRequestException("username");
        }
        String client_id = parameters.get("client_id");
        if (StringUtils.isEmpty(client_id)) {
            throw new InvalidRequestException("client_id");
        }
        if("alipay".equals(flag)||"family".equals(flag)){
            //支付宝登录||家人登录
            parameters.put("grant_type", flag);
            String encdata = parameters.get("encdata");
            if("alipay".equals(flag)){
                encdata = AES.decrypt(encdata);
            }else{
                encdata = AesEncryptUtils.agDecrypt(encdata);
            }
            String data[] = encdata.split(":");
            username = data[1];
            parameters.put("username", username);
        }else if("dingTalk".equals(flag)){
            //钉钉免登录
            parameters.put("grant_type", "dingTalk");
            String authCode = parameters.get("authCode");
            if(org.apache.commons.lang3.StringUtils.isBlank(authCode)){
                throw new InvalidRequestException("请求参数错误");
            }
            String registerRes= httpClientUtil.get("http://127.0.0.1:10301/doctor/dingtalk_app_user?authCode="+authCode,"UTF-8");
            JSONObject jsonObject= JSONObject.parseObject(registerRes);
            if (jsonObject.getInteger("status") == 200){
                parameters.put("username", jsonObject.getString("message"));
            }else{
                HttpHeaders headers = new HttpHeaders();
                headers.set("Cache-Control", "no-store");
                headers.set("Pragma", "no-cache");
                Oauth2Envelop<WlyyUserSimple> oauth2Envelop = new Oauth2Envelop<>(jsonObject.getString("message"), -1, null);
                return new ResponseEntity<>(oauth2Envelop, headers, HttpStatus.OK);
            }
            String client_id = parameters.get("client_id");
            if (StringUtils.isEmpty(client_id)) {
                throw new InvalidRequestException("client_id");
            }
            if("alipay".equals(flag)||"family".equals(flag)){
                //支付宝登录||家人登录
                parameters.put("grant_type", flag);
                String encdata = parameters.get("encdata");
                if("alipay".equals(flag)){
                    encdata = AES.decrypt(encdata);
                }else{
                    encdata = AesEncryptUtils.agDecrypt(encdata);
                }
                String data[] = encdata.split(":");
                username = data[1];
                parameters.put("username", username);
            }else if("dingTalk".equals(flag)){
                //钉钉免登录
                parameters.put("grant_type", "dingTalk");
                String authCode = parameters.get("authCode");
                if(org.apache.commons.lang3.StringUtils.isBlank(authCode)){
                    throw new InvalidRequestException("请求参数错误");
                }
                String registerRes= httpClientUtil.get("http://127.0.0.1:10301/doctor/dingtalk_app_user?authCode="+authCode,"UTF-8");
                JSONObject jsonObject= JSONObject.parseObject(registerRes);
                if (jsonObject.getInteger("status") == 200){
                    parameters.put("username", jsonObject.getString("message"));
                }else{
                    HttpHeaders headers = new HttpHeaders();
                    headers.set("Cache-Control", "no-store");
                    headers.set("Pragma", "no-cache");
                    Oauth2Envelop<WlyyUserSimple> oauth2Envelop = new Oauth2Envelop<>(jsonObject.getString("message"), -1, null);
                    return new ResponseEntity<>(oauth2Envelop, headers, HttpStatus.OK);
                }
            }else if (StringUtils.isEmpty(parameters.get("captcha"))) {
                parameters.put("grant_type", "password");
                //解密密码
                if (parameters.get("password") != null) {
                    KeyPair keyPair = (KeyPair) httpSession.getAttribute("privateKey");
                    String password = com.yihu.jw.security.utils.RSAUtils.decryptBase64(parameters.get("password"), keyPair);
                    parameters.put("password", password);
                } else {
                    //第三方同步账号模式登录
                    parameters.put("grant_type", "ihealthCode");
                }
        }else if (StringUtils.isEmpty(parameters.get("captcha"))) {
            parameters.put("grant_type", "password");
            //解密密码
            if (parameters.get("password") != null) {
                KeyPair keyPair = (KeyPair) httpSession.getAttribute("privateKey");
                String password = com.yihu.jw.security.utils.RSAUtils.decryptBase64(parameters.get("password"), keyPair);
                parameters.put("password", password);
            } else {
                parameters.put("grant_type", "captcha");
            }
            logger.info("login:登录进入3");
            ClientDetails authenticatedClient = clientDetailsService.loadClientByClientId(client_id);
            if (null == authenticatedClient) {
                throw new InvalidRequestException("client_id");
                //第三方同步账号模式登录
                parameters.put("grant_type", "ihealthCode");
            }
            logger.info("login:登录进入4"+authenticatedClient.getClientId());
        } else {
            parameters.put("grant_type", "captcha");
        }
        logger.info("login:登录进入3");
            TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(parameters, authenticatedClient);
            oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient);
            OAuth2AccessToken token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest);
            if (token == null) {
                throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
            }
        /*如果是移动端登陆则移除之前的token，
        在网关处通过HTTP状态码告知前端是过期（402）还是账号在别处登陆（403），
        实现同一账号只能在一处登陆*/
            if("1".equals(kickEachOther)){
                HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
                if (request.getHeader("login-device") != null && (request.getHeader("login-device").equalsIgnoreCase("mobile")||request.getHeader("login-device").equalsIgnoreCase("pc"))) {
                    if (tokenStore.readAccessToken(token.getValue())!=null){
                        tokenStore.removeAccessToken(token.getValue());
                        tokenStore.removeRefreshToken(token.getRefreshToken().getValue());
                        token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest);
                    }
        ClientDetails authenticatedClient = clientDetailsService.loadClientByClientId(client_id);
        if (null == authenticatedClient) {
            throw new InvalidRequestException("client_id");
        }
        logger.info("login:登录进入4"+authenticatedClient.getClientId());
        TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(parameters, authenticatedClient);
        oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient);
        OAuth2AccessToken token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest);
        if (token == null) {
            throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
        }
    /*如果是移动端登陆则移除之前的token，
    在网关处通过HTTP状态码告知前端是过期（402）还是账号在别处登陆（403），
    实现同一账号只能在一处登陆*/
        if("1".equals(kickEachOther)){
            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
            if (request.getHeader("login-device") != null && (request.getHeader("login-device").equalsIgnoreCase("mobile")||request.getHeader("login-device").equalsIgnoreCase("pc"))) {
                if (tokenStore.readAccessToken(token.getValue())!=null){
                    tokenStore.removeAccessToken(token.getValue());
                    tokenStore.removeRefreshToken(token.getRefreshToken().getValue());
                    token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest);
                }
                if (token == null) {
                    throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
                }
            }
            WlyyUserSimple wlyyUserSimple = userDetailsService.authSuccess(parameters.get("username"));
            if ("pad".equals(parameters.get("clientType"))&&!("1".equals(wlyyUserSimple.getArchiveType())) ){//医养平板端登录限制
                throw new InvalidGrantException("不允许登录该平台");
            }
            logger.info("wlyyUserSimple::"+wlyyUserSimple);
            wlyyUserSimple.setAccessToken(token.getValue());
            wlyyUserSimple.setTokenType(token.getTokenType());
            wlyyUserSimple.setExpiresIn(token.getExpiresIn());
            wlyyUserSimple.setRefreshToken(token.getRefreshToken().getValue());
            wlyyUserSimple.setUser(parameters.get("username"));
            wlyyUserSimple.setState(parameters.get("state"));
            String loginType = parameters.get("login_type");
            String openid = parameters.get("openid");
            String wechatId = parameters.get("wechatId");
            logger.info("login:登录进入7");
            //更新患者openId
            BaseLoginLogDO baseLoginLogDO = new BaseLoginLogDO();
            logger.info("gengxin开始");
            if (!StringUtils.isEmpty(openid) && !"undefined".equalsIgnoreCase(openid) && ("3".equals(loginType)||"4".equalsIgnoreCase(loginType))) {
                baseLoginLogDO.setOpenid(openid);
                logger.info("gengxin进入"+openid);
                userDetailsService.updateOpenId(openid, wlyyUserSimple.getId());
                if (!StringUtils.isEmpty(wechatId)&& !"undefined".equalsIgnoreCase(wechatId)){
                    logger.info("gengxin进入"+wechatId);
                    userDetailsService.updateOpenIdAndWechatId(openid,wlyyUserSimple.getId(),wechatId);
                }
            }
            if (parameters.get("password") != null) {
                //使用密码登录成功后, 更新失败次数为 0
                userDetailsService.addFailureCount(username, 0);
            if (token == null) {
                throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
            }
            logger.info("login:登录进入8");
        }
            userDetailsService.setRolePhth(loginType, token, wlyyUserSimple.getId(), redisTemplate);
        WlyyUserSimple wlyyUserSimple = userDetailsService.authSuccess(parameters.get("username"));
        if ("pad".equals(parameters.get("clientType"))&&!("1".equals(wlyyUserSimple.getArchiveType())) ){//医养平板端登录限制
            throw new InvalidGrantException("不允许登录该平台");
        }
        logger.info("wlyyUserSimple::"+wlyyUserSimple);
        wlyyUserSimple.setAccessToken(token.getValue());
        wlyyUserSimple.setTokenType(token.getTokenType());
        wlyyUserSimple.setExpiresIn(token.getExpiresIn());
        wlyyUserSimple.setRefreshToken(token.getRefreshToken().getValue());
        wlyyUserSimple.setUser(parameters.get("username"));
        wlyyUserSimple.setState(parameters.get("state"));
        String loginType = parameters.get("login_type");
        String openid = parameters.get("openid");
        String wechatId = parameters.get("wechatId");
        logger.info("login:登录进入7");
        //更新患者openId
        BaseLoginLogDO baseLoginLogDO = new BaseLoginLogDO();
        logger.info("gengxin开始");
        if (!StringUtils.isEmpty(openid) && !"undefined".equalsIgnoreCase(openid) && ("3".equals(loginType)||"4".equalsIgnoreCase(loginType))) {
            baseLoginLogDO.setOpenid(openid);
            logger.info("gengxin进入"+openid);
            userDetailsService.updateOpenId(openid, wlyyUserSimple.getId());
            if (!StringUtils.isEmpty(wechatId)&& !"undefined".equalsIgnoreCase(wechatId)){
                logger.info("gengxin进入"+wechatId);
                userDetailsService.updateOpenIdAndWechatId(openid,wlyyUserSimple.getId(),wechatId);
            }
        }
        if (parameters.get("password") != null) {
            //使用密码登录成功后, 更新失败次数为 0
            userDetailsService.addFailureCount(username, 0);
        }
        logger.info("login:登录进入8");
            logger.info("login:登录进入9");
            String clientType = parameters.get("clientType");
            baseLoginLogDO.setUserId(wlyyUserSimple.getId());
            baseLoginLogDO.setCreateTime(new Date());
            String userAgent = JSONObject.toJSONString(wlyyUserSimple);
            baseLoginLogDO.setUserAgent(userAgent);
            baseLoginLogDO.setLoginType(loginType);
            baseLoginLogDO.setName(wlyyUserSimple.getName());
            baseLoginLogDO.setClientType(clientType);
            baseLoginLogDO.setToken(token.getValue());
            baseLoginLogService.save(baseLoginLogDO);
            logger.info("login:登录进入10");
        userDetailsService.setRolePhth(loginType, token, wlyyUserSimple.getId(), redisTemplate);
            //个推 clientId
            String clientId = parameters.get("getuiClientId");
            String getuiClientType = parameters.get("getuiClientType");
            String padImei = parameters.get("padImei");
            //客户端类型 app,wx,pad,pc
            userDetailsService.updateInfo(clientId,getuiClientType,padImei,loginType,wlyyUserSimple.getId(),baseLoginLogDO);
        logger.info("login:登录进入9");
        String clientType = parameters.get("clientType");
        baseLoginLogDO.setUserId(wlyyUserSimple.getId());
        baseLoginLogDO.setCreateTime(new Date());
        String userAgent = JSONObject.toJSONString(wlyyUserSimple);
        baseLoginLogDO.setUserAgent(userAgent);
        baseLoginLogDO.setLoginType(loginType);
        baseLoginLogDO.setName(wlyyUserSimple.getName());
        baseLoginLogDO.setClientType(clientType);
        baseLoginLogDO.setToken(token.getValue());
        baseLoginLogService.save(baseLoginLogDO);
        logger.info("login:登录进入10");
            return getResponse(wlyyUserSimple);
        }catch (Exception e){
            e.printStackTrace();
        }
        return null;
        //个推 clientId
        String clientId = parameters.get("getuiClientId");
        String getuiClientType = parameters.get("getuiClientType");
        String padImei = parameters.get("padImei");
        //客户端类型 app,wx,pad,pc
        userDetailsService.updateInfo(clientId,getuiClientType,padImei,loginType,wlyyUserSimple.getId(),baseLoginLogDO);
        return getResponse(wlyyUserSimple);
    }
@@ -616,7 +611,7 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
                message = jsonStr.getString("Message");
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        throw new IllegalStateException(message);
        /*Captcha _captcha = new Captcha();
@@ -1196,7 +1191,7 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
    @ExceptionHandler(Exception.class)
    public ResponseEntity<Oauth2Envelop> handleException(Exception e) throws Exception {
        LOG.debug(e.getMessage(), e);
        e.printStackTrace();
        if (e instanceof UsernameNotFoundException) {
            return handleOAuth2Exception(new Oauth2Envelop("账号或者密码错误!", ResultStatus.INVALID_GRANT), e);
        } else if (e instanceof NoSuchClientException) {
@@ -1212,9 +1207,9 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
        } else if (e instanceof IllegalStateException) {
            return handleOAuth2Exception(new Oauth2Envelop(e.getMessage(), -1), e);
        }else if (e instanceof ImgCaptchaException) {
            return handleOAuth2Exception(new Oauth2Envelop(e.getMessage(), ResultStatus.IMG_CAPTCHA), e);
            return handleOAuth2Exception(new Oauth2Envelop("图片验证码错误", ResultStatus.IMG_CAPTCHA), e);
        }
        return handleOAuth2Exception(new Oauth2Envelop(e.getMessage(), -1), e);
        return handleOAuth2Exception(new Oauth2Envelop("请求失败", -1), e);
    }
    private String invalidGrantMessage(InvalidGrantException e) {

svr/svr-cloud-care/src/main/java/com/yihu/jw/care/util/DingdingUtil.java

@@ -29,12 +29,12 @@ public class DingdingUtil {
    private static final Logger logger = LoggerFactory.getLogger(DingdingUtil.class);
    //测试
    private static final String AppKey = "ceshiyzh-jtP6zf3cfZEqs8UmmYNra";
    private static final String AppSecret = "NbbH9viHPDNTPTuQPz2Y0Y06F88krYWTTPLv0h01";
//    private static final String AppKey = "ceshiyzh-jtP6zf3cfZEqs8UmmYNra";
//    private static final String AppSecret = "NbbH9viHPDNTPTuQPz2Y0Y06F88krYWTTPLv0h01";
    //正式
//    private static final String AppKey = "zhyzh-r085NCVALJYmgcDc7oBVFRZj";
//    private static final String AppSecret = "fH8ZVDGAmJaeF7ujwAZgCi40w0U3im9J801vBaSF";
    private static final String AppKey = "zhyzh-r085NCVALJYmgcDc7oBVFRZj";
    private static final String AppSecret = "fH8ZVDGAmJaeF7ujwAZgCi40w0U3im9J801vBaSF";
    private static final String DomainName = "openplatform.dg-work.cn";
    private static final String tenantId = "50495309";