单点登陆增加用户状态判断

增加用户推送接口

单点登陆增加用户状态判断
增加用户推送接口
a59f6a58 · WeiCong · 01135a00 · a59f6a58 · a59f6a58 · a59f6a58
Commit a59f6a58 authored Aug 19, 2021 by WeiCong
3 changed files
--- a/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
+++ b/src/main/java/cn/com/brilliance/eibs/auth/DatabaseLoginContextForELCS.java
@@ -382,6 +382,17 @@ public class DatabaseLoginContextForELCS extends AbstractLoginContext {
                if (log.isDebugEnabled()) {
                    log.debug("faultCount=" + faultCount);
                }
+            }else if("coas".equals(channel)){
+                if (STATUS_LOCKED.equals(userState)) {
+                    parameterMap.put(ERROR, ErrorCode.LOGIN_LOCK_USR);
+                    return setLogon(false, userName, ERROR_USER_LOCKED, "用户已被锁定.", stmt, rs);
+                } else if (STATUS_EXPIRED.equals(userState)) {
+                    parameterMap.put(ERROR, ErrorCode.LOGIN_EXPRIED_USR);
+                    return setLogon(false, userName, ERROR_USER_EXPRIED, "用户已被注销.", stmt, rs);
+                } else if (!STATUS_NORMAL.equals(userState)) {//非0:正常;1:注销;2:锁定,不可登录,
+                    parameterMap.put(ERROR, ErrorCode.LOGIN_STATE_ABNORMAL_ERROR);
+                    return setLogon(false, userName, ErrorCode.LOGIN_STATE_ABNORMAL_ERROR.getCode(), ErrorCode.LOGIN_STATE_ABNORMAL_ERROR.getMessage(), stmt, rs);
+                }
            }
            sql = "UPDATE usr SET fltcnt=?,sta=?,lstdattim=? WHERE inr=?";

--- a/src/main/java/org/sss/presentation/noui/controller/CoasHandleController.java
+++ b/src/main/java/org/sss/presentation/noui/controller/CoasHandleController.java
@@ -3,8 +3,7 @@ package org.sss.presentation.noui.controller;
 import com.google.gson.Gson;
 import log.Log;
 import log.LogFactory;
-import org.hibernate.SQLQuery;
+import org.springframework.beans.factory.annotation.Autowired;
-import org.hibernate.Session;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.http.ResponseEntity;
@@ -12,13 +11,14 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.view.RedirectView;
-import org.sss.module.hibernate.HibernateUtils;
+import org.sss.presentation.noui.api.response.ErrorCodes;
+import org.sss.presentation.noui.api.response.NoUiVersion;
+import org.sss.presentation.noui.api.response.ResultUtil;
 import org.sss.presentation.noui.util.DataSecurityUtil;
 import org.sss.presentation.noui.util.HttpClientUtil;
 import org.sss.presentation.noui.util.StringUtil;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 @Controller
@@ -32,8 +32,10 @@ public class CoasHandleController {
    @Value("${coas_server}")
    private String coas_server;
    private Gson gson = new Gson();
+    @Autowired
+    private NoUiVersion noUiVersion;
-    @RequestMapping(value = "/oaut2/callback", method = {RequestMethod.POST, RequestMethod.GET})
+    @RequestMapping(value = "/oauth2/callback", method = {RequestMethod.POST, RequestMethod.GET})
    public ModelAndView callback(@RequestParam("type") String type, @RequestParam("value") String value, @RequestHeader(value = "certdn", required = false) String certdn, ModelAndView view) {
        try {
@@ -41,7 +43,7 @@ public class CoasHandleController {
            body.put("client_id", client_id);
            body.put("client_secret", client_secret);
            body.put("code", value);
-            String url = coas_server + "get_token?client_id={client_id}&client_secret={client_secret}&code={code}";
+            String url = coas_server + "oauth2/get_token?client_id={client_id}&client_secret={client_secret}&code={code}";
            if (!StringUtil.isEmpty(certdn)) {
                body.put("user_certdn", certdn);
                url += "&user_certdn={user_certdn}";
@@ -60,7 +62,7 @@ public class CoasHandleController {
            body = new HashMap<>();
            body.put("access_token", access_token);
 //            res = HttpClientUtil.post(coas_server + "get_info", body, String.class);
-            url = coas_server + "get_info?access_token={access_token}";
+            url = coas_server + "oauth2/get_info?access_token={access_token}";
            log.info("准备请求:" + url + "请求参数:" + body);
            res = HttpClientUtil.post(url, null, String.class, body);
            res_str = res.getBody();
@@ -70,18 +72,7 @@ public class CoasHandleController {
            Map<String, Object> info = (Map<String, Object>) res_body.get("info");
            log.info("获取到用户信息:" + info);
            String userid = (String) info.get("loginid");
-            //验证该用户是否在我方存在
+            //动态生成安全盐
-            Session session = HibernateUtils.openSession(null);
-            SQLQuery sqlQuery = session.createSQLQuery("SELECT inr FROM usr WHERE nam='" + userid + "'");
-            List list = sqlQuery.list();
-            session.close();
-            if (list.size() == 0) {
-                //我方没有当前用户
-                log.error("单点登陆失败,电证前置系统没有该用户:" + userid);
-                view.setView(new RedirectView("/esfe/#/login?channel=coas&errtyp=L6665", false));
-                return view;
-            }
-            //动态生成安全盐z
            String[] pars = {userid};
            String enc = DataSecurityUtil.encrypt(pars, userid);
            //准备调我方主交易
@@ -105,39 +96,42 @@ public class CoasHandleController {
    }
-    /**
-     * 模拟coas得get_token接口
-     *
-     * @return
-     */
    @ResponseBody
-    @RequestMapping(value = "/oaut2/get_token", method = RequestMethod.POST)
+    @RequestMapping(value = "/coas/pushuser", method = RequestMethod.POST)
-    public Object getToken() {
+    public Object login(@RequestBody Map<String, String> dataMap) {
-        Map<String, String> res = new HashMap<>();
+        String loginid = dataMap.get("loginid");
-        res.put("msgCode", "0000");
+        String uname = dataMap.get("uname");
-        res.put("message", "success");
+        String coasloginid = dataMap.get("coasloginid");
-        res.put("token_type", "jwt");
+        String coasuname = dataMap.get("coasuname");
-        res.put("expires_in", "3600");
+        String certdn = dataMap.get("certdn");
-        res.put("access_token", "PExDSWQ+CiAgICAgICAgICAgICAgICA8SXNzQmtDZD4xMDIxMDAwOTk5OTY8L0lzc0JrQ2Q+CiAgICAgICAgICAgICAgICA8TENOYj4yMDE5MDczMTAwMzAwMDAxPC9MQ05iPgogICAgICAgICAgICA8L0xDSWQ+CiAgICAgICAgICAgIDxQcmVzbklkPgogICAgICAgICAgICAgICAgPFByZXNuQmtDb2RlPjEwNTEwMDAwMDAxNzwvUHJlc25Ca0NvZGU+CiAgICAgICAgICAgICAgICA8UHJlc25OYj4xMjM0NTY3ODkxMjM0NTY3ODkxMjwvUHJlc25OYj4KICAgICAgICAgICAgPC9QcmVzbklkPg==");
+        String url = coas_server + "push3rduser?client_id={client_id}&client_secret={client_secret}&optype={optype}&" +
-        return res;
+                "coasloginid={coasloginid}&coasuname={coasuname}&coascertdn={coascertdn}&loginid={loginid}&uname={uname}";
+        Map<String, String> body = new HashMap<>();
+        body.put("client_id", client_id);
+        body.put("client_secret", client_secret);
+        body.put("optype", "CR");
+        body.put("coasloginid", coasloginid);
+        body.put("coasuname", coasuname);
+        body.put("coascertdn", certdn);
+        body.put("loginid", loginid);
+        body.put("uname", uname);
+        log.info("准备请求:" + url + "请求参数:" + body);
+        ResponseEntity<String> res = HttpClientUtil.post(url, null, String.class, body);
+        String res_str = res.getBody();
+        Map<String, Object> res_body = gson.fromJson(res_str, Map.class);
+        log.info("调用coas的push3rduser接口响应:" + res_body);
+        int status = res.getStatusCodeValue();
+        String retcod = (String) res_body.get("rtncode");
+        String retmsg = (String) res_body.get("rtnmsg");
+        if (200 == status) {
+            if (!"CW0I0000".equals(retcod)) {
+                log.error("调用COAS的用户推送接口失败:" + retcod + ",具体处理信息:" + retmsg);
+                return ResultUtil.result(retcod, retmsg, null, noUiVersion.getVersion());
            }
+        } else {
-    /**
+            return ResultUtil.result(ErrorCodes.ERROR, "调用coas的推送接口异常,http返回状态码--" + status, null, noUiVersion.getVersion());
-     * 模拟coas得get_token接口
+        }
-     *
+        return ResultUtil.result(ErrorCodes.SUCCESS, ErrorCodes.SUCCESS_INFO, null, noUiVersion.getVersion());
-     * @return
-     */
-    @ResponseBody
-    @RequestMapping(value = "/oaut2/get_info", method = RequestMethod.POST)
-    public Object getInfo() {
-        Map<String, Object> res = new HashMap<>();
-        res.put("msgCode", "0000");
-        res.put("message", "success");
-        Map<String, String> info = new HashMap<>();
-        info.put("loginid", "system02");
-        info.put("uname", "共享前置管理员");
-        res.put("info", info);
-        return res;
    }
    private void checkRes(ResponseEntity<String> res, String code, String msg, String inf) {
@@ -148,7 +142,7 @@ public class CoasHandleController {
                throw new CoasInfCallException(code);
            }
        } else {
-            throw new IllegalStateException("单点登陆失败,调用coas接口失败,http返回的状态码:" + status);
+            throw new IllegalStateException("单点登陆失败--调用coas接口异常,http返回状态码:" + status);
        }
    }

--- a/src/main/resources/coas.properties
+++ b/src/main/resources/coas.properties
 client_id=ESFE
 client_secret=666666
-coas_server=http://111.1.12.211:8088/coas/oauth2/
+coas_server=http://111.1.12.211:8088/coas/
\ No newline at end of file