diff --git a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java index 1026006..bd7cb59 100644 --- a/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java +++ b/uboot-common/src/main/java/com/chinaunicom/mall/ebtp/common/base/service/impl/BaseCacheUserServiceImpl.java @@ -1,16 +1,32 @@ package com.chinaunicom.mall.ebtp.common.base.service.impl; +import com.chinaunicom.mall.ebtp.cloud.security.starter.common.RSAcheck; import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.CurrentRoleHolder; +import com.chinaunicom.mall.ebtp.common.base.client.SystemClient; import com.chinaunicom.mall.ebtp.common.base.entity.BaseCacheUser; +import com.chinaunicom.mall.ebtp.common.base.entity.BaseResponse; +import com.chinaunicom.mall.ebtp.common.base.entity.SysUser; import com.chinaunicom.mall.ebtp.common.base.service.IBaseCacheUserService; +import com.chinaunicom.mall.ebtp.common.exception.common.CommonExceptionEnum; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.beans.factory.annotation.Value; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Service; import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.BearerTokenHolder; +import org.springframework.util.StringUtils; +import org.springframework.web.context.request.RequestContextHolder; +import org.springframework.web.context.request.ServletRequestAttributes; + +import javax.crypto.Cipher; +import java.security.KeyFactory; +import java.security.PrivateKey; +import java.security.spec.PKCS8EncodedKeySpec; +import java.util.Base64; + import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.REDIS_USER_KEY; /** @@ -28,28 +44,96 @@ public class BaseCacheUserServiceImpl implements IBaseCacheUserService { @Qualifier("userinfoRedisTemplate") private RedisTemplate redisTemplate; + @Value("${login.captcha.privateKey}") + private String privateKey; + + @Autowired + private SystemClient systemClient; + @Override public BaseCacheUser getCacheUser() { try { String token = BearerTokenHolder.getToken(); - if (token == null || token.isEmpty()) { - log.warn("未获取到token"); - return null; + BaseCacheUser cacheUser = null; + if (StringUtils.hasText(token)) { + Object o = redisTemplate.opsForValue().get(REDIS_USER_KEY + token); + if (o instanceof BaseCacheUser) { + cacheUser = (BaseCacheUser) o; + } } - Object o = redisTemplate.opsForValue().get(REDIS_USER_KEY + token); - if (o instanceof BaseCacheUser) { - BaseCacheUser cacheUser = (BaseCacheUser) o; - // 添加当前用户角色 + // 如果Token没有传递或获取不到,尝试从请求头获取userId字段来获取用户信息(流程/IOA等需要挂载外部页面的鉴权,外部页面的前端将userId拼接_时间加密放到请求头传递) + if (cacheUser == null) { + // token为空或redis未找到,尝试从请求参数code解密userId + ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); + if (attrs != null) { + String userId = attrs.getRequest().getHeader("userId"); + String cap = this.decrypt(userId); + String[] caps = cap.split("_"); + if (caps.length != 2) { + log.warn("解密后的userId格式不正确,userId:{}", userId); + return null; + } + userId = caps[0]; + cacheUser = getCacheUserByUserId(userId); + } else { + log.warn("无法获取ServletRequestAttributes"); + } + } + if (cacheUser != null) { cacheUser.setCurrentRoleCode(CurrentRoleHolder.getRole()); return cacheUser; - } else { - log.warn("redis中未找到用户信息,token:{}", token); - return null; } + return null; } catch (Exception e) { log.error("获取缓存用户信息异常", e); return null; } } + /** + * 通过userId远程获取用户并封装为BaseCacheUser + */ + private BaseCacheUser getCacheUserByUserId(String userId) { + BaseResponse resp = systemClient.getUser(userId); + if (resp != null && resp.isSuccess() && resp.getData() != null) { + SysUser user = resp.getData(); + BaseCacheUser cacheUser = new BaseCacheUser(); + cacheUser.setUserId(user.getUserId()); + cacheUser.setFullName(user.getName()); + cacheUser.setLoginName(user.getEmployeeNumber()); + cacheUser.setMobilePhone(user.getMobile()); + cacheUser.setOfficePhone(user.getOfficePhone()); + cacheUser.setSex(user.getSex() != null ? user.getSex().toString() : null); + cacheUser.setEmployeeNumber(user.getEmployeeNumber()); + cacheUser.setEmailAddress(user.getEmail()); + cacheUser.setUserType("0"); + // cacheUser.setDeptId(orgId); + // cacheUser.setDeptName(sysOrg.getOrgName()); + // cacheUser.setOrganizationId(sysOrg.getCuCompanyNumber()); + // cacheUser.setOrganizationName(sysOrg.getCuCompanyName()); + // cacheUser.setOrganizationFullId(sysOrg.getOrgFullId()); + // cacheUser.setOrganizationFullName(sysOrg.getOrgFullName()); + // BeanUtils.copyProperties(sysUser, cacheUser); + return cacheUser; + } else { + log.warn("systemClient未获取到用户信息,userId:{}", userId); + return null; + } + } + + private String decrypt(String value){ + String val = ""; + System.out.println("\r解密前文字:\r\n" + value); + try { + byte[] encodedData = RSAcheck.decryptBASE64(value); + byte[] decodedData = RSAcheck.decryptByPrivateKey(encodedData, privateKey); + val = new String(decodedData); + System.out.println("解密后文字:\r\n" + val); + }catch (Exception e){ + log.error("解密失败 异常!",e); + CommonExceptionEnum.FRAME_EXCEPTION_COMMON_DATA_OTHER_ERROR.customValidName("解密失败",true); + } + return val; + } + }