单点登录对接问题

6d78f520 · sam.x.wang · b16820a0 · 6d78f520 · 6d78f520
Commit 6d78f520 authored Apr 16, 2019 by sam.x.wang
Hide whitespace changes
Inline Side-by-side

Showing with 120 additions and 59 deletions

IndexController.java ...java/pwc/taxtech/atms/web/controller/IndexController.java +71 -30

index.html atms-web/src/main/webapp/orangeweb/index.html +49 -29

No files found.
--- a/atms-web/src/main/java/pwc/taxtech/atms/web/controller/IndexController.java
+++ b/atms-web/src/main/java/pwc/taxtech/atms/web/controller/IndexController.java
@@ -6,19 +6,13 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.core.ParameterizedTypeReference;
-import org.springframework.http.*;
 import org.springframework.stereotype.Controller;
-import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.client.RestTemplate;
+import pwc.taxtech.atms.common.DDUserInfoRes;
 import pwc.taxtech.atms.common.HttpUtil;
 import pwc.taxtech.atms.dto.AtmsTokenDto;
-import pwc.taxtech.atms.dto.LoginOutputDto;
 import pwc.taxtech.atms.web.AtmsWebSettings;

 import javax.servlet.ServletException;
@@ -56,6 +50,16 @@ public class IndexController {
    @Autowired
    private RestTemplate restTemplate;

+    /**
+     *
+     * @param atmsApiToken
+     * @param ltpaToken
+     * @param request
+     * @param response
+     * @return
+     * @throws IOException
+     * @throws ServletException
+     */
    @RequestMapping(value = {"/", "/index", "/index.html"}, method = RequestMethod.GET)
    public String login(@CookieValue(value = "AtmsApiToken", required = false) String atmsApiToken,
                        @CookieValue(value = "LtpaToken", required = false) String ltpaToken,
@@ -93,15 +97,24 @@ public class IndexController {
        return "redirect:Account/LogOn";
    }

+    /**
+     *
+     * @param jumpto
+     * @param code
+     * @param response
+     * @throws IOException
+     * @throws ServletException
+     */
    @RequestMapping(value = {"/sso/callback"})
    public void ddSSOCallback(@RequestParam(value = "jumpto") String jumpto,
-                                @RequestParam(value = "code") String code,
-                                HttpServletResponse response) throws IOException, ServletException {
-        try{
+                              @RequestParam(value = "code") String code,
+                              HttpServletResponse response) throws IOException, ServletException {
+        try {
+            logger.info("jumpto=" + jumpto + "code=" + code);
            String ticketStr = getTicket(code);
-            response.sendRedirect(jumpto+"?code="+code+"&ticketStr="+ticketStr);
-        }catch (Exception e){
-            logger.error("ddSSOCallback error",e);
+            response.sendRedirect(jumpto + "?code=" + code + "&ticketStr=" + ticketStr);
+        } catch (Exception e) {
+            logger.error("ddSSOCallback error", e);
        }
    }

@@ -109,56 +122,84 @@ public class IndexController {
     * 18/03/2019 20:46
     * 跨站cookie的问题，所以做了一次跳转
     * [code, ticketStr, request, response]
-     * @author Gary J Li
+     *
     * @return
+     * @author Gary J Li
     */
    @RequestMapping(value = {"/sso/accept"})
    public String accept(@RequestParam(value = "code") String code,
-                                @RequestParam(value = "ticketStr") String ticketStr,HttpServletRequest request,
-                                HttpServletResponse response) throws IOException, ServletException {
+                         @RequestParam(value = "ticketStr") String ticketStr, HttpServletRequest request,
+                         HttpServletResponse response) throws IOException, ServletException {
        StringBuffer url = request.getRequestURL();
        String tempContextUrl = url.delete(url.length() - request.getRequestURI().length(), url.length()).append("/").toString();
-        try{
-            Cookie codeCookie = new Cookie("ddCode",URLEncoder.encode(code, "UTF-8"));
+        try {
+            Cookie codeCookie = new Cookie("ddCode", URLEncoder.encode(code, "UTF-8"));
            codeCookie.setPath("/");
            codeCookie.setMaxAge(18000);
-            Cookie ddTicket = new Cookie("ddTicket",URLEncoder.encode(ticketStr, "UTF-8"));
+            Cookie ddTicket = new Cookie("ddTicket", URLEncoder.encode(ticketStr, "UTF-8"));
            ddTicket.setPath("/");
            ddTicket.setMaxAge(18000);
            response.addCookie(codeCookie);
            response.addCookie(ddTicket);
-          }catch (Exception e){
-            logger.error("ddSSOCallback error",e);
+        } catch (Exception e) {
+            logger.error("ddSSOCallback error", e);
        }
-        return "redirect:"+tempContextUrl;
+        return "redirect:" + tempContextUrl;
    }

    @RequestMapping(value = {"/admin", "/admin.html"}, method = RequestMethod.GET)
    public String admin(@CookieValue(value = "AtmsApiToken", required = false) String atmsApiToken) {
-        if (StringUtils.hasText(atmsApiToken)) {
+        if (StringUtils.hasText( atmsApiToken)) {
            return "admin";
        }
        return "redirect:Account/LogOn";
    }

    public String getTicket(String code) {
-        try{
+        try {
            JSONObject object;
-            String ddResp = HttpUtil.post(getUserInfoUrl + "check_code", "code=" + code + "&app_key=" + appKey+ "&app_id=" + appId, "application/x-www-form-urlencoded", "UTF-8", 10000, 10000);
+            String url = getUserInfoUrl + "check_code";
+            String ddResp = HttpUtil.post(url, "code=" + code + "&app_key=" + appKey + "&app_id=" + appId, "application/x-www-form-urlencoded", "UTF-8", 10000, 10000);
            object = JSONObject.parseObject(ddResp);
+            logger.info("get ddTicket by code ， object=" + object);
            Map<String, Object> res = object.getInnerMap();
            int errno = (int) res.get("errno");
            if (errno != 0) {
                logger.warn(String.format("DD Ticket get Failed:[%s]", object.toJSONString()));
                return null;
-            }else{
-                Map<String, String> data = (Map)res.get("data");
+            } else {
+
+                Map<String, String> data = (Map) res.get("data");
+                logger.info("check_code data=" + data);
                return data.get("ticket");
            }
-        }catch (Exception e){
-            logger.error(String.format("通过code:[%s]获取Ticket失败",code));
+        } catch (Exception e) {
+            logger.error(String.format("通过code:[%s]获取Ticket失败", code));
        }
        return null;
    }

+    /**
+     *  sam
+     * @param ticket
+     * @param request
+     * @param response
+     * @return
+     */
+    @RequestMapping(value = {"/sso/getUser"}, method = RequestMethod.GET)
+    @ResponseBody
+    public String accept(@RequestParam(value = "ticket") String ticket, HttpServletRequest request,
+                         HttpServletResponse response) {
+        DDUserInfoRes ddUserInfoRes = null;
+        try {
+            String responseDD = HttpUtil.post(getUserInfoUrl + "get_user_by_ticket", "ticket=" + ticket + "&app_id=" + appId, "application/x-www-form-urlencoded", "UTF-8", 10000, 10000);
+
+            logger.info(String.format("DD-get_user_by_ticket返回:[%s]", responseDD));
+            ddUserInfoRes = JSONObject.parseObject(responseDD, DDUserInfoRes.class);
+        } catch (Exception e) {
+            logger.info(String.format("调用DDSSO获取用户信息失败:[%s]", e.getMessage()), e);
+        }
+        return JSON.toJSONString(ddUserInfoRes);
+    }
+
 }
--- a/atms-web/src/main/webapp/orangeweb/index.html
+++ b/atms-web/src/main/webapp/orangeweb/index.html
@@ -6,23 +6,6 @@
    <meta name=viewport content="width=device-width,initial-scale=1">
    <link rel=icon href=favicon.ico>
    <title>didi2</title>
-    <link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900">
-    <link rel=stylesheet href="https://fonts.googleapis.com/css?family=Material+Icons">
-    <link href=js/about.17654e8a.js rel=prefetch>
-    <link href=css/app.cf16809e.css rel=preload as=style>
-    <link href=css/chunk-vendors.2f35f377.css rel=preload as=style>
-    <link href=js/app.c8b0fed0.js rel=preload as=script>
-    <link href=js/chunk-vendors.39b13767.js rel=preload as=script>
-    <link href=css/chunk-vendors.2f35f377.css rel=stylesheet>
-    <link href=css/app.cf16809e.css rel=stylesheet>
-    </head>
-    <body>
-    <noscript>
-        <strong>We're sorry but didi2 doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
-    </noscript>
-    <div id="app"></div>
-    <script src=js/chunk-vendors.39b13767.js></script>
-    <script src=js/app.c8b0fed0.js></script>
    <script>
        //获取地址栏参数，name:参数名称
        var z =function getUrlParms(name){
@@ -32,8 +15,10 @@
                return unescape(r[2]);
            return null;
        }
-        var code = z("code");
-        var ticket=z("ticketStr");
+
+        var ddTicket = z("ticketStr");
+
+        //設置cookie
        var sc= function setCookie(name,value) {
            var Days = 30;
            var exp = new Date();
@@ -41,20 +26,54 @@
            document.cookie = name + "="+ escape (value) + ";expires=" + exp.toGMTString();
        }

-        sc("ddCode",code);
-        sc("ddTicket",ticket );
-       var gc= function getCookie(name)
-       {
+        sc("ddTicket",ddTicket);

-           var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)");
+        var ReUrl="https://me.xiaojukeji.com/project/stargate-auth/html/login.html?redirect_uri=http%3A%2F%2Fmis.diditaxi.com.cn%2Fauth%3Fapp_id%3D2500%26version%3D1.0%26jumpto%3Dhttp://dts-test.erp.didichuxing.com/orangeweb/index.html%26callback_index%3D0"

-           if(arr=document.cookie.match(reg))
-               return unescape(arr[2]);
-           else
-               return null;
+        if(ddTicket==undefined || ddTicket==""  || ddTicket == null){
+            document.location=ReUrl;
+        }
+        else {
+            //创建核心对象
+            xmlhttp = null;
+            if (window.XMLHttpRequest) {// code for Firefox, Opera, IE7, etc.
+                xmlhttp = new XMLHttpRequest();
+            } else if (window.ActiveXObject) {// code for IE6, IE5
+                xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");
+            }
+            //编写回调函数
+            xmlhttp.onreadystatechange = function() {
+                if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
+                    //
+                }
+            }
+            //這個 url 測試的
+            var getUserUrl="http://dts-test.erp.didichuxing.com/H5/sso/getUser?ticket=";
+            //open设置请求方式和请求路径
+            xmlhttp.open("get", getUserUrl+ddTicket);
+            //send 发送
+            xmlhttp.send();

-       }
+        }

    </script>
+    <link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900">
+    <link rel=stylesheet href="https://fonts.googleapis.com/css?family=Material+Icons">
+    <link href=js/about.17654e8a.js rel=prefetch>
+    <link href=css/app.cf16809e.css rel=preload as=style>
+    <link href=css/chunk-vendors.2f35f377.css rel=preload as=style>
+    <link href=js/app.c8b0fed0.js rel=preload as=script>
+    <link href=js/chunk-vendors.39b13767.js rel=preload as=script>
+    <link href=css/chunk-vendors.2f35f377.css rel=stylesheet>
+    <link href=css/app.cf16809e.css rel=stylesheet>
+    </head>
+    <body>
+    <noscript>
+        <strong>We're sorry but didi2 doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
+    </noscript>
+    <div id="app"></div>
+    <script src=js/chunk-vendors.39b13767.js></script>
+    <script src=js/app.c8b0fed0.js></script>
+
    </body>
    </html>
\ No newline at end of file