IAM
This commit is contained in:
efren
@ -18,7 +18,10 @@ public interface IamClient {
|
||||
* (获取code)oauth2认证接口-未认证跳转统一认证前端,已认证则发放code
|
||||
* @param request 获取授权请求参数
|
||||
* @return
|
||||
* -- 下面是文档的
|
||||
* {"statusCodeValue":0,"msg":null,"data":"http://10.11.4.13:9999/#/digital?code=501679ca-f036-4ed1-9414-585315d8627d"}
|
||||
* -- 下面是实际的
|
||||
* {"statusCodeValue":1004,"msg":"Need Login","data":null}
|
||||
*/
|
||||
@GetMapping("/sign/authz/oauth/v20/authorize")
|
||||
IamAuthResponseDTO<String> authorize(@SpringQueryMap IamAuthRequestDTO request);
|
||||
|
||||
@ -92,10 +92,10 @@ public class IamDepartmentController {
|
||||
@ApiOperation("新增组织架构接口")
|
||||
@PostMapping("/department")
|
||||
public IamApiResponseDTO<String> saveDepartment(@RequestBody IamApiDepartment iamApiDepartment){
|
||||
log.debug("saveUser请求参数:{}", iamApiDepartment);
|
||||
log.debug("saveDepartment请求参数:{}", iamApiDepartment);
|
||||
Boolean saveResult = iamDepartmentService.save(iamApiDepartment);
|
||||
log.debug("saveUser返回结果:{}, {}", saveResult, iamApiDepartment);
|
||||
return IamApiResponseDTO.success(iamApiDepartment.getId());
|
||||
log.debug("saveDepartment返回结果:{}, {}", saveResult, iamApiDepartment);
|
||||
return IamApiResponseDTO.success(iamApiDepartment.getOrgCode());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -31,6 +31,21 @@ public class IamUserController {
|
||||
@Resource
|
||||
private IamUserService iamUserService;
|
||||
|
||||
/**
|
||||
* 授权接口,获取 access_token
|
||||
* 请求方式:POST
|
||||
* 请求地址:/iam/api/access_token
|
||||
* 请求体:{"appId":"xxx", "appSecret":"xxx"}
|
||||
* 返回:{"errorCode":0, "accessToken":"xxxxx", "expiresInMS":7200000}
|
||||
*/
|
||||
@PostMapping("/access_token")
|
||||
@ApiOperation("获取access_token")
|
||||
public java.util.Map<String, Object> getAccessToken(@RequestBody java.util.Map<String, String> body) {
|
||||
String appId = body.get("appId");
|
||||
String appSecret = body.get("appSecret");
|
||||
return iamUserService.generateAccessToken(appId, appSecret);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取人员列表接口
|
||||
* 请求方式:GET
|
||||
@ -62,7 +77,17 @@ public class IamUserController {
|
||||
*/
|
||||
@ApiOperation("获取人员列表接口")
|
||||
@GetMapping("/users")
|
||||
public IamApiResponseDTO<List<IamApiUser>> getUsers(IamApiRequestDTO userRequestDTO){
|
||||
public IamApiResponseDTO getUsers(
|
||||
IamApiRequestDTO userRequestDTO,
|
||||
@RequestHeader(value = "Authorization", required = false) String authorization) {
|
||||
// 鉴权校验
|
||||
// if (authorization == null || !authorization.startsWith("Bearer ")) {
|
||||
// return IamApiResponseDTO.fail(401, "Missing or invalid Authorization header");
|
||||
// }
|
||||
// String token = authorization.substring(7);
|
||||
// if (!iamUserService.validateAccessToken(token)) {
|
||||
// return IamApiResponseDTO.fail(401, "Invalid or expired token");
|
||||
// }
|
||||
log.debug("users请求参数:{}", userRequestDTO);
|
||||
IPage<IamApiUser> page = iamUserService.getUsers(userRequestDTO);
|
||||
List<IamApiUser> users = page.getRecords();
|
||||
@ -99,7 +124,7 @@ public class IamUserController {
|
||||
log.debug("saveUser请求参数:{}", iamApiUser);
|
||||
Boolean saveResult = iamUserService.save(iamApiUser);
|
||||
log.debug("saveUser返回结果:{}, {}", saveResult, iamApiUser);
|
||||
return IamApiResponseDTO.success(iamApiUser.getId());
|
||||
return IamApiResponseDTO.success(iamApiUser.getEmployeeNo());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -125,7 +150,7 @@ public class IamUserController {
|
||||
@PutMapping("/user/{id}")
|
||||
public IamApiResponseDTO<Object> updateUser(@PathVariable("id") String id, @RequestBody IamApiUser iamApiUser) {
|
||||
log.debug("updateUser请求参数:id={}, user={}", id, iamApiUser);
|
||||
iamApiUser.setId(id);
|
||||
iamApiUser.setEmployeeNo(id);
|
||||
boolean updateResult = iamUserService.updateById(iamApiUser);
|
||||
log.debug("updateUser返回结果:{}", updateResult);
|
||||
return IamApiResponseDTO.success();
|
||||
@ -152,4 +177,5 @@ public class IamUserController {
|
||||
return IamApiResponseDTO.success();
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@ -30,14 +30,27 @@ import java.util.Date;
|
||||
@ApiModel(value = "IamApiDepartment对象", description = "组织架构基本信息表")
|
||||
public class IamApiDepartment {
|
||||
|
||||
@TableId(value = "id", type = IdType.ASSIGN_UUID)
|
||||
private String id;
|
||||
private String name;
|
||||
private String parentId; // 上级组织架构的ID
|
||||
private String status; // 标识组织架构的停启用
|
||||
|
||||
/** 组织编码 */
|
||||
@TableId(value = "org_code", type = IdType.INPUT)
|
||||
private String orgCode;
|
||||
/** 组织名称描述 */
|
||||
private String orgName;
|
||||
/** 集团法人编码 */
|
||||
private String groupLegalPersonCode;
|
||||
/** 上级组织编码 */
|
||||
private String parentOrgCode;
|
||||
/** 上级组织名称描述 */
|
||||
private String parentOrgName;
|
||||
/** 组织单位类型 */
|
||||
private String orgUnitType;
|
||||
/** 最新更新日期 */
|
||||
private Date lastUpdateDate;
|
||||
/** 开始日期 */
|
||||
private Date startDate;
|
||||
/** 结束日期 */
|
||||
private Date endDate;
|
||||
/** 创建时间 */
|
||||
private Date createTime;
|
||||
/** 修改时间 */
|
||||
private Date updateTime;
|
||||
}
|
||||
}
|
||||
@ -17,22 +17,70 @@ import java.util.Date;
|
||||
@TableName(value = "iam_api_user", autoResultMap = true)
|
||||
@ApiModel(value = "IamApiUser对象", description = "人员基本信息表")
|
||||
public class IamApiUser {
|
||||
/** 用户ID */
|
||||
@TableId(value = "id", type = IdType.ASSIGN_UUID)
|
||||
private String id;
|
||||
/** 用户名 */
|
||||
/** HR员工编号 */
|
||||
@TableId(value = "employee_no", type = IdType.INPUT)
|
||||
private String employeeNo;
|
||||
/** 员工姓名(中国和外国不同) */
|
||||
private String name;
|
||||
/** 邮箱 */
|
||||
private String email;
|
||||
/** 手机号 */
|
||||
/** 员工状态(在职、离职、退休等) */
|
||||
private String employeeStatusDesc;
|
||||
/** HR组织机构单位一级编码 */
|
||||
private String companyName;
|
||||
/** 员工所属职位编码 */
|
||||
private String positionCode;
|
||||
/** 员工所属职位描述 */
|
||||
private String positionName;
|
||||
/** 员工所属部门编码(最小组织) */
|
||||
private String departmentCode;
|
||||
/** 性别描述(男、女) */
|
||||
private String gender;
|
||||
/** 出生日期 */
|
||||
private Date birthDate;
|
||||
/** 国籍描述 */
|
||||
private String nationality;
|
||||
/** 民族描述 */
|
||||
private String ethnicGroup;
|
||||
/** 身份证号码 */
|
||||
private String idCardNo;
|
||||
/** 政治面貌描述 */
|
||||
private String politicalStatus;
|
||||
/** 学位描述 */
|
||||
private String highestDegree;
|
||||
/** 学历描述 */
|
||||
private String highestEducation;
|
||||
/** 联系电话(座机) */
|
||||
private String workPhone;
|
||||
/** 员工手机号码 */
|
||||
private String mobile;
|
||||
/** 所在组织架构的ID */
|
||||
private String departmentId;
|
||||
/** 标识人员的停启用 */
|
||||
private String status;
|
||||
/** 员工电子邮箱地址 */
|
||||
private String email;
|
||||
/** 是否是船员(船员是 其他否) */
|
||||
private String isCrew;
|
||||
/** 员工类型描述(合同、劳务派遣、协议制等) */
|
||||
private String employeeGroup;
|
||||
/** 入职日期 */
|
||||
private Date entryDate;
|
||||
/** 离职日期 */
|
||||
private Date leaveDate;
|
||||
/** 员工SAP用户名 */
|
||||
private String sapUsername;
|
||||
/** 人事范围中的国家描述 */
|
||||
private String country;
|
||||
/** 人事范围中的地区描述 */
|
||||
private String region;
|
||||
/** 最新组织分配的日期 */
|
||||
private Date lastPositionDate;
|
||||
/** 最新专业技术资格名称 */
|
||||
private String professionalQualificationName;
|
||||
/** 最细执业资格小类名称 */
|
||||
private String qualificationSubtype;
|
||||
/** 最高学历专业名称 */
|
||||
private String majorName;
|
||||
/** 简历信息数据 */
|
||||
private String workExperience;
|
||||
|
||||
/** 创建时间 */
|
||||
private Date createTime;
|
||||
/** 修改时间 */
|
||||
private Date updateTime;
|
||||
}
|
||||
}
|
||||
@ -20,6 +20,10 @@ public class IamUser implements Serializable {
|
||||
private Integer gender;
|
||||
/** 展示名称 */
|
||||
private String displayName;
|
||||
/** 部门ID */
|
||||
private String departmentId;
|
||||
/** 手机号 */
|
||||
private String mobile;
|
||||
/** 创建日期 */
|
||||
private String createdate;
|
||||
/** 职务 */
|
||||
@ -42,6 +46,8 @@ public class IamUser implements Serializable {
|
||||
private String department;
|
||||
/** 用户名(登录名) */
|
||||
private String user;
|
||||
/** 邮箱 */
|
||||
private String email;
|
||||
/** 用户名(登录名,冗余) */
|
||||
private String username;
|
||||
}
|
||||
@ -10,4 +10,19 @@ import java.util.List;
|
||||
public interface IamUserService extends IBaseService<IamApiUser> {
|
||||
|
||||
IPage<IamApiUser> getUsers(IamApiRequestDTO iamUserRequestDTO);
|
||||
|
||||
/**
|
||||
* 生成 accessToken
|
||||
* @param appId 应用ID
|
||||
* @param appSecret 应用密钥
|
||||
* @return accessToken 及有效期
|
||||
*/
|
||||
java.util.Map<String, Object> generateAccessToken(String appId, String appSecret);
|
||||
|
||||
/**
|
||||
* 校验 accessToken 是否有效
|
||||
* @param token token字符串
|
||||
* @return 有效返回true,无效返回false
|
||||
*/
|
||||
boolean validateAccessToken(String token);
|
||||
}
|
||||
|
||||
@ -34,4 +34,29 @@ public class IamUserServiceImpl extends ServiceImpl<IamUserMapper, IamApiUser> i
|
||||
}
|
||||
return iamUserMapper.selectPage(page, queryWrapper);
|
||||
}
|
||||
|
||||
@Override
|
||||
public java.util.Map<String, Object> generateAccessToken(String appId, String appSecret) {
|
||||
// 简单示例:实际生产环境请替换为安全的校验和token生成逻辑
|
||||
java.util.Map<String, Object> result = new java.util.HashMap<>();
|
||||
// 假设appId/appSecret校验通过
|
||||
if ("8f1b3c2d4e5f6a7b8c9d0e1f2a3b4c5d".equals(appId) && "QwErTyUiOp1234567890ZxCvBnMqWeRtY=".equals(appSecret)) {
|
||||
String token = java.util.UUID.randomUUID().toString().replaceAll("-", "");
|
||||
long expiresInMS = 2 * 60 * 60 * 1000L; // 2小时
|
||||
result.put("errorCode", 0);
|
||||
result.put("accessToken", token);
|
||||
result.put("expiresInMS", expiresInMS);
|
||||
} else {
|
||||
result.put("errorCode", 1);
|
||||
result.put("errorMsg", "appId or appSecret invalid");
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean validateAccessToken(String token) {
|
||||
// 简单实现:实际应结合缓存/数据库和过期时间校验
|
||||
// 这里只做演示,假设所有生成的token都有效
|
||||
return token != null && token.length() == 32;
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user