feature: 增加对接华为认证

pom.xml

@@ -80,10 +80,6 @@
             <artifactId>duceap-cloud-starter-config-apollo</artifactId>
         </dependency>
 
-        <dependency>
-            <groupId>com.dragonsoft</groupId>
-            <artifactId>duceap-security-dcuc</artifactId>
-        </dependency>
         <!--配置 duceap 结束-->
 
         <!--配置 dcuc 开始-->
@@ -203,12 +199,23 @@
             <version>1.0.6</version>
             <scope>compile</scope>
         </dependency>
+
+        <dependency>
+            <groupId>com.dragonsoft</groupId>
+            <artifactId>duceap-security-dcuc</artifactId>
+        </dependency>
+
         <!--dids-->
         <dependency>
             <groupId>com.dragonsoft</groupId>
             <artifactId>duceap-security-dids</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>com.dragonsoft</groupId>
+            <artifactId>duceap-security-jwt</artifactId>
+        </dependency>
+
         <!--测试-->
         <dependency>
             <groupId>org.springframework.boot</groupId>

src/main/java/com/dragoninfo/dcuc/authweb/interceptor/SecurityAccessTokenResolver.java

@@ -0,0 +1,73 @@
+package com.dragoninfo.dcuc.authweb.interceptor;
+
+import com.dragoninfo.dcuc.auth.auth.facade.IBimBusinessFacade;
+import com.dragoninfo.dcuc.auth.auth.vo.bim.BimUserInfoItemRespVO;
+import com.dragoninfo.dcuc.user.user.entity.UserInfo;
+import com.dragoninfo.dcuc.user.user.facade.IUserFacade;
+import com.dragonsoft.duceap.base.api.security.ISecurityAccessTokenResolver;
+import com.dragonsoft.duceap.base.entity.security.BaseSecurityUser;
+import com.dragonsoft.duceap.base.entity.security.SecurityUser;
+import com.dragonsoft.duceap.security.jwt.securityaccess.SecurityAccessTokenProperties;
+import com.dragonsoft.duceap.security.jwt.securityaccess.SecurityAccessUserCacheResolver;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author huangzqa
+ * @date 2021/4/15
+ **/
+@Slf4j
+@Component
+public class SecurityAccessTokenResolver implements ISecurityAccessTokenResolver {
+
+    @Autowired
+    private SecurityAccessTokenProperties secAccessProp;
+
+    @Autowired(required = false)
+    private SecurityAccessUserCacheResolver cacheResolver;
+
+    @Autowired
+    private IBimBusinessFacade bimBusinessFacade;
+
+    @Autowired
+    private IUserFacade userFacade;
+
+    @Override
+    public BaseSecurityUser resolve(HttpServletRequest request) {
+        String userToken = request.getHeader(secAccessProp.getUserTokenHeaderName());
+
+        if (cacheResolver != null) {
+            //从缓存中取
+            SecurityUser securityUserCache = (SecurityUser) cacheResolver.getIfPresent(cacheResolver.cacheKey(userToken));
+
+            if (securityUserCache != null) {
+
+                return securityUserCache;
+            }
+        }
+
+        BimUserInfoItemRespVO userInfoItemRespVO = bimBusinessFacade.getUserInfoByUserToken(userToken);
+        String sfzh = userInfoItemRespVO.getSfzh();
+
+        UserInfo userInfo = userFacade.detailBySfzh(sfzh);
+
+        SecurityUser securityUser = new SecurityUser();
+        securityUser.setId(userInfo.getId());
+        securityUser.setName(userInfo.getName());
+        securityUser.setUserName(userInfo.getIdcard());
+        securityUser.setPoliceNo(userInfo.getPoliceNumber());
+        securityUser.setIdcard(userInfo.getIdcard());
+        securityUser.setSecurityOrg(userInfo.getOrgCode());
+        securityUser.setSecurityOrgName(userInfo.getOrgName());
+
+        //放入缓存
+        if (cacheResolver != null) {
+            cacheResolver.put(cacheResolver.cacheKey(userToken), securityUser);
+        }
+        return securityUser;
+    }
+
+}

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/api/controller/RestLoginController.java

@@ -1,73 +0,0 @@
-package com.dragoninfo.dcuc.authweb.restcontroller.api.controller;
-
-import com.dragonsoft.duceap.commons.util.string.StringUtils;
-import com.google.common.collect.Lists;
-import org.apache.http.HttpResponse;
-import org.apache.http.NameValuePair;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.client.utils.URIBuilder;
-import org.apache.http.impl.client.HttpClientBuilder;
-import org.apache.http.message.BasicNameValuePair;
-import org.apache.http.util.EntityUtils;
-import org.jasig.cas.client.util.XmlUtils;
-import org.jasig.cas.client.validation.Assertion;
-import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.List;
-
-/**
- *
- * @author Administrator
- * @date 2019/3/5
- */
-@Controller
-@RequestMapping(value = "/api/")
-public class RestLoginController {
-    @RequestMapping(value = "login")
-    public void login(@RequestParam(value = "ticket", required = false) String ticket,
-                      HttpServletRequest request,
-                      HttpServletResponse response) {
-        //判断是否是单点登录服务器发出的退出请求
-        if (StringUtils.isNotEmpty(request.getParameter("logoutRequest"))) {
-            String logoutMessage = request.getParameter("logoutRequest");
-            final String key = XmlUtils.getTextForElement(logoutMessage, "SessionIndex");
-            //获取key后，从登录时保存的key与登录状态的映射对中获取登录状态并销毁，并处理退出逻辑
-            return;
-        }
-        //验证票据获取用户信息
-        if (StringUtils.isEmpty(ticket)) {
-            return;
-        }
-        HttpClient httpclient = HttpClientBuilder.create().build();
-        String casTicketValidateUrl = "http://54.179.163.62:8080/dcucserver/serviceValidate";
-        URIBuilder uriBuilder = null;
-        try {
-            uriBuilder = new URIBuilder(casTicketValidateUrl);
-            List<NameValuePair> params = Lists.newArrayList();
-            params.add(new BasicNameValuePair("ticket", ticket));
-            params.add(new BasicNameValuePair("service", "http://172.16.105.196:8888/dcuc/api/login"));
-            uriBuilder.addParameters(params);
-            HttpGet httpGet = new HttpGet(uriBuilder.build());
-            httpGet.addHeader("Content-Type", "application/x-www-form-urlencoded");
-            HttpResponse httpResponse = httpclient.execute(httpGet);
-            String tokenResponse = EntityUtils.toString(httpResponse.getEntity());
-            //解析响应的报文获取用户ID
-            Cas20ServiceTicketValidator cas20ServiceTicketValidator = new Cas20ServiceTicketValidator("");
-            Assertion assertion = cas20ServiceTicketValidator.parseResponse(tokenResponse);
-            String userId = assertion.getPrincipal().getName();
-            //获取userId后再调统一用户的相关接口获取更详细的用户信息，并实现系统的登录逻辑
-            //再以登录状态（如session）为value，以ticket为key，保存一份key与登录状态的映射对，用于单点退出
-
-            //最后重定向到登录后的页面
-            response.sendRedirect(request.getContextPath() + "/index");
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-    }
-}

src/main/java/com/dragoninfo/dcuc/authweb/restcontroller/login/DcucLoginController.java

@@ -1,6 +1,7 @@
 package com.dragoninfo.dcuc.authweb.restcontroller.login;
 
 
+import cn.hutool.core.util.StrUtil;
 import com.dragoninfo.dcuc.auth.auth.facade.IRoleFacade;
 import com.dragoninfo.dcuc.authweb.config.DcucAuthWebConfig;
 import com.dragoninfo.dcuc.org.facade.IOrgInfoFacade;
@@ -56,15 +57,18 @@ public class DcucLoginController {
         UserInfo userInfo = new UserInfo();
         try {
             SecurityUser securityUser = (SecurityUser) UserContextUtils.getCurrentUser();
-            if("dids".equals(securityProperties.getType())){
+            if ("dids".equals(securityProperties.getType())) {
                 userInfo = userFacade.detailBySfzh(securityUser.getIdcard());
                 securityUser.setName(userInfo.getName());
                 securityUser.setUserName(userInfo.getName());
             }
-            if("dcuc".equals(securityProperties.getType())){
+            if ("dcuc".equals(securityProperties.getType())) {
                 userInfo = iUserInfoFacade.userDetail(securityUser.getId());
             }
-            securityUser.setId(userInfo.getId());
+            String userId = securityUser.getId();
+            if (StrUtil.isBlank(userId)) {
+                securityUser.setId(userInfo.getId());
+            }
             List<SecurityRight> authmenu = getAuthmenu(securityUser, userInfo);
             securityUser.setSecurityRightList(authmenu);
             //todo 因为数据库不同  后续不需要下面代码

src/main/resources/application-base.yml

@@ -35,8 +35,12 @@ duceap:
   apollo:
     client:
       host: http://10.201.3.20:8070
+  security-access:
+    jwt:
+      enabled: true
+      user-token-header-name: userToken
   security:
-    type: dcuc
+    #    type: dcuc ## 注解掉不开启认证登录
     dcuc:
       cas-server-url-prefix: http://192.168.10.2:8877/sso
       server-name: 10.11.1.151:8000