package com.qianwen.smartman.modules.auth.service;
|
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.stereotype.Service;
|
|
import com.qianwen.core.log.exception.ServiceException;
|
import com.qianwen.core.social.props.BladeAuthSource;
|
import com.qianwen.core.social.request.CustomAuthWeChatEntWebRequest;
|
import com.qianwen.core.social.utils.SocialUtil;
|
import com.qianwen.core.tool.api.R;
|
import com.qianwen.core.tool.support.Kv;
|
import com.qianwen.core.tool.utils.Func;
|
import com.qianwen.smartman.common.utils.Lambda;
|
import com.qianwen.smartman.common.utils.MessageUtils;
|
import com.qianwen.smartman.modules.auth.enums.AccountType;
|
import com.qianwen.smartman.modules.auth.enums.UserEnum;
|
import com.qianwen.smartman.modules.auth.granter.EmployeeTokenGranter;
|
import com.qianwen.smartman.modules.auth.granter.PasswordTokenGranter;
|
import com.qianwen.smartman.modules.auth.granter.RefreshTokenGranter;
|
import com.qianwen.smartman.modules.auth.granter.SocialTokenGranter;
|
import com.qianwen.smartman.modules.auth.provider.ITokenGranter;
|
import com.qianwen.smartman.modules.auth.provider.TokenGranterBuilder;
|
import com.qianwen.smartman.modules.auth.provider.TokenParameter;
|
import com.qianwen.smartman.modules.auth.utils.TokenUtil;
|
import com.qianwen.smartman.modules.auth.vo.AuthConfigVO;
|
import com.qianwen.smartman.modules.cps.entity.Employee;
|
import com.qianwen.smartman.modules.cps.service.IEmployeeService;
|
import com.qianwen.smartman.modules.sync.constant.OuterAppConfigConstant;
|
import com.qianwen.smartman.modules.sync.entity.OuterAppConfig;
|
import com.qianwen.smartman.modules.sync.service.IOuterAppConfigService;
|
import com.qianwen.smartman.modules.system.entity.OauthLoginEmployee;
|
import com.qianwen.smartman.modules.system.entity.UserInfo;
|
|
@Service
|
public class MicroAppAuthService {
|
private static final Logger log = LoggerFactory.getLogger(MicroAppAuthService.class);
|
private final IEmployeeService employeeService;
|
private final IOuterAppConfigService appConfigService;
|
|
public MicroAppAuthService(IEmployeeService employeeService, IOuterAppConfigService appConfigService) {
|
this.employeeService = employeeService;
|
this.appConfigService = appConfigService;
|
}
|
|
public R<Kv> loginByCode(final TokenParameter tokenParameter) {
|
ITokenGranter granter = TokenGranterBuilder.getGranter(SocialTokenGranter.GRANT_TYPE);
|
try {
|
UserInfo userInfo = granter.grant(tokenParameter);
|
R validResult = validUserInfo(userInfo);
|
if (!validResult.isSuccess()) {
|
return validResult;
|
}
|
return R.data(createEmployeeOauthInfo(userInfo));
|
} catch (Exception e) {
|
throw new ServiceException(e.getMessage());
|
}
|
}
|
|
public R loginByPassword(String userName, String password, String oauthId) {
|
UserInfo userInfo = userInfoByPassword(userName, password);
|
R valid = validUserInfo(userInfo);
|
if (valid.isSuccess()) {
|
return R.data(createEmployeeOauthInfo(userInfo));
|
}
|
return valid;
|
}
|
|
public R loginByToggleAccount(final String id, AccountType type) {
|
Employee employee;
|
Kv kv;
|
TokenParameter tokenParameter = new TokenParameter();
|
tokenParameter.getArgs().set("tenantId", "000000");
|
if (AccountType.account.equals(type)) {
|
employee = this.employeeService.getById(id);
|
if (employee == null || Func.isEmpty(employee.getUserId())) {
|
throw new ServiceException(MessageUtils.message(TokenUtil.USER_NOT_BINDED, new Object[0]));
|
}
|
tokenParameter.getArgs().set("userId", employee.getUserId());
|
ITokenGranter granter = TokenGranterBuilder.getGranter(PasswordTokenGranter.GRANT_TYPE);
|
UserInfo userInfo = granter.grant(tokenParameter);
|
kv = TokenUtil.createAuthInfo(userInfo);
|
} else {
|
employee = this.employeeService.getOne(Lambda.eq(Employee::getUserId, id));
|
if (employee == null) {
|
throw new ServiceException(MessageUtils.message(TokenUtil.USER_NOT_BINDED, new Object[0]));
|
}
|
tokenParameter.getArgs().set("employeeId", employee.getId());
|
ITokenGranter granter = TokenGranterBuilder.getGranter(EmployeeTokenGranter.GRANT_TYPE);
|
UserInfo userInfo = granter.grant(tokenParameter);
|
kv = createEmployeeOauthInfo(userInfo);
|
}
|
kv.set("account_type", type);
|
kv.set("employee_id", employee.getId());
|
return R.data(kv);
|
}
|
|
public UserInfo userInfoByPassword(String userName, String password) {
|
TokenParameter tokenParameter = new TokenParameter();
|
tokenParameter.getArgs().set("tenantId", "000000").set("username", userName).set(PasswordTokenGranter.GRANT_TYPE, password).set("userType", UserEnum.WEB.getName());
|
ITokenGranter granter = TokenGranterBuilder.getGranter(EmployeeTokenGranter.GRANT_TYPE);
|
return granter.grant(tokenParameter);
|
}
|
|
//yangys R<Void>??
|
protected R validUserInfo(UserInfo userInfo) {
|
if (userInfo == null) {
|
return R.fail(MessageUtils.message(TokenUtil.USER_NOT_FOUND, new Object[0]));
|
}
|
if (userInfo.getUser() == null || userInfo.getUser().getId() == null) {
|
R fail = R.fail(500, MessageUtils.message(TokenUtil.SOCIAL_FAIL, new Object[0]));
|
fail.setData(userInfo);
|
return fail;
|
}
|
int errorCode = 200;
|
String message = "";
|
if (1 != userInfo.getUser().getStatus().intValue()) {
|
errorCode = 400;
|
message = MessageUtils.message(TokenUtil.USER_BLOCKED, new Object[0]);
|
}
|
if (200 != errorCode) {
|
return R.fail(errorCode, message);
|
}
|
return R.success(message);
|
}
|
|
public R<CustomAuthWeChatEntWebRequest.SignatureResult> getWeChatSiginValue(final String url, final boolean isAgent) {
|
CustomAuthWeChatEntWebRequest authRequest = SocialUtil.getAuthRequest(BladeAuthSource.WECHAT_ENTERPRISE_WEB);
|
return R.data(authRequest.signatureURL(url, isAgent));
|
}
|
|
public static Kv createEmployeeOauthInfo(UserInfo userInfo) {
|
Kv oauthInfo = TokenUtil.createAuthInfo(userInfo);
|
OauthLoginEmployee employee = (OauthLoginEmployee) userInfo.getUser();
|
if (Func.isNotEmpty(employee.getSystemAccount())) {
|
oauthInfo.put("system_user", employee.getSystemAccount());
|
}
|
oauthInfo.set("account_type", AccountType.employee);
|
oauthInfo.set("employee_id", userInfo.getUser().getId());
|
return oauthInfo;
|
}
|
|
public R refreshToken(AccountType accountType, String refreshToken) {
|
Kv kv;
|
TokenParameter parameter = new TokenParameter();
|
parameter.getArgs().set("tenantId", "000000");
|
parameter.getArgs().set("refreshToken", refreshToken);
|
parameter.getArgs().set("isRefreshToken", true);
|
if (AccountType.account.equals(accountType)) {
|
parameter.getArgs().set("grantType", RefreshTokenGranter.GRANT_TYPE);
|
ITokenGranter granter = TokenGranterBuilder.getGranter(RefreshTokenGranter.GRANT_TYPE);
|
kv = TokenUtil.createAuthInfo(granter.grant(parameter));
|
kv.set("account_type", accountType);
|
} else {
|
ITokenGranter granter2 = TokenGranterBuilder.getGranter(EmployeeTokenGranter.GRANT_TYPE);
|
kv = createEmployeeOauthInfo(granter2.grant(parameter));
|
}
|
return R.data(kv);
|
}
|
|
public AuthConfigVO getAuthConfig(final String source) {
|
int appType = (source.equalsIgnoreCase(BladeAuthSource.DINGTALK_WEB.toString()) ? OuterAppConfigConstant.DING : OuterAppConfigConstant.QY_WECHAT).intValue();
|
OuterAppConfig appConfig = this.appConfigService.getAppConfig(Integer.valueOf(appType));
|
AuthConfigVO authConfigVO = new AuthConfigVO(appConfig);
|
return authConfigVO;
|
}
|
}
|
