package com.qianwen.smartman.modules.auth.utils;
|
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.Map;
|
import com.qianwen.smartman.common.constant.TenantConstant;
|
import com.qianwen.smartman.common.utils.MessageUtils;
|
import com.qianwen.core.log.exception.ServiceException;
|
import com.qianwen.core.secure.TokenInfo;
|
import com.qianwen.core.secure.utils.SecureUtil;
|
import com.qianwen.core.tenant.BladeTenantProperties;
|
import com.qianwen.core.tool.jackson.JsonUtil;
|
import com.qianwen.core.tool.support.Kv;
|
import com.qianwen.core.tool.utils.DateUtil;
|
import com.qianwen.core.tool.utils.DesUtil;
|
import com.qianwen.core.tool.utils.Func;
|
import com.qianwen.core.tool.utils.SpringUtil;
|
import com.qianwen.core.tool.utils.StringUtil;
|
import com.qianwen.smartman.modules.auth.granter.RefreshTokenGranter;
|
import com.qianwen.smartman.modules.system.entity.Tenant;
|
import com.qianwen.smartman.modules.system.entity.User;
|
import com.qianwen.smartman.modules.system.entity.UserInfo;
|
|
/* loaded from: blade-api.jar:BOOT-INF/classes/org/springblade/modules/auth/utils/TokenUtil.class */
|
public class TokenUtil {
|
public static final String DEPT_HEADER_KEY = "Dept-Id";
|
public static final String ROLE_HEADER_KEY = "Role-Id";
|
public static final String CAPTCHA_HEADER_KEY = "Captcha-Key";
|
public static final String CAPTCHA_HEADER_CODE = "Captcha-Code";
|
public static final String CAPTCHA_NOT_CORRECT = "user.captcha.error";
|
public static final String TENANT_HEADER_KEY = "Tenant-Id";
|
public static final String DEFAULT_TENANT_ID = "000000";
|
public static final String USER_TYPE_HEADER_KEY = "User-Type";
|
public static final String DEFAULT_USER_TYPE = "web";
|
public static final String USER_NOT_FOUND = "user.not.found";
|
public static final String OAUTH_CONFIG_NOT_FOUND = "oauth.config.not.found";
|
public static final String USER_NOT_BINDED = "not.bind.user";
|
public static final String USER_HAS_BINDED = "user.has.bind";
|
public static final String RESOURCE_NOT_FOUND = "resource.not.found";
|
public static final String USER_HAS_NO_ROLE = "user.has.no.role";
|
public static final String USER_HAS_NO_TENANT = "user.has.no.tenant";
|
public static final String USER_HAS_NO_TENANT_PERMISSION = "user.has.tenant.permission";
|
public static final String USER_HAS_TOO_MANY_FAILS = "user.has.too.many.fails";
|
public static final String USER_BLOCKED = "user.blocked";
|
public static final String SOCIAL_FAIL = "sys.social.grant.fail";
|
public static final String HEADER_KEY = "Authorization";
|
public static final String HEADER_PREFIX = "Basic ";
|
public static final String DEFAULT_AVATAR = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png";
|
private static BladeTenantProperties tenantProperties;
|
|
private static BladeTenantProperties getTenantProperties() {
|
if (tenantProperties == null) {
|
tenantProperties = (BladeTenantProperties) SpringUtil.getBean(BladeTenantProperties.class);
|
}
|
return tenantProperties;
|
}
|
|
public static Kv createAuthInfo(UserInfo userInfo) {
|
Kv authInfo = Kv.create();
|
User user = userInfo.getUser();
|
Map<String, Object> param = new HashMap<>(16);
|
param.put("token_type", "access_token");
|
param.put("tenant_id", user.getTenantId());
|
param.put("user_id", Func.toStr(user.getId()));
|
param.put("dept_id", user.getDeptId());
|
param.put("post_id", user.getPostId());
|
param.put("role_id", user.getRoleId());
|
param.put("oauth_id", userInfo.getOauthId());
|
param.put("account", user.getAccount());
|
param.put("user_name", user.getAccount());
|
param.put("nick_name", user.getRealName());
|
param.put("role_name", Func.join(userInfo.getRoles()));
|
param.put("detail", userInfo.getDetail());
|
try {
|
TokenInfo accessToken = SecureUtil.createJWT(param, "audience", "issuser", "access_token");
|
return authInfo.set("tenant_id", user.getTenantId()).set("user_id", Func.toStr(user.getId())).set("dept_id", user.getDeptId()).set("post_id", user.getPostId()).set("role_id", user.getRoleId()).set("oauth_id", userInfo.getOauthId()).set("account", user.getAccount()).set("user_name", user.getAccount()).set("nick_name", user.getRealName()).set("role_name", Func.join(userInfo.getRoles())).set("avatar", Func.toStr(user.getAvatar(), "")).set("access_token", accessToken.getToken()).set(RefreshTokenGranter.GRANT_TYPE, createRefreshToken(userInfo).getToken()).set("token_type", "bearer").set("expires_in", Integer.valueOf(accessToken.getExpire())).set("detail", userInfo.getDetail()).set("license", "powered by bladex");
|
} catch (Exception ex) {
|
return authInfo.set("error_code", 401).set("error_description", ex.getMessage());
|
}
|
}
|
|
private static TokenInfo createRefreshToken(UserInfo userInfo) {
|
User user = userInfo.getUser();
|
Map<String, Object> param = new HashMap<>(16);
|
param.put("token_type", RefreshTokenGranter.GRANT_TYPE);
|
param.put("user_id", Func.toStr(user.getId()));
|
param.put("dept_id", Func.toStr(user.getDeptId()));
|
param.put("role_id", Func.toStr(user.getRoleId()));
|
return SecureUtil.createJWT(param, "audience", "issuser", RefreshTokenGranter.GRANT_TYPE);
|
}
|
|
public static boolean judgeTenant(Tenant tenant) {
|
if (tenant == null) {
|
throw new ServiceException(MessageUtils.message(USER_HAS_NO_TENANT, new Object[0]));
|
}
|
if (StringUtil.equalsIgnoreCase(tenant.getTenantId(), "000000")) {
|
return false;
|
}
|
Date expireTime = tenant.getExpireTime();
|
if (getTenantProperties().getLicense().booleanValue()) {
|
String licenseKey = tenant.getLicenseKey();
|
String decrypt = DesUtil.decryptFormHex(licenseKey, TenantConstant.DES_KEY);
|
expireTime = ((Tenant) JsonUtil.parse(decrypt, Tenant.class)).getExpireTime();
|
}
|
if (expireTime != null && expireTime.before(DateUtil.now())) {
|
throw new ServiceException(MessageUtils.message(USER_HAS_NO_TENANT_PERMISSION, new Object[0]));
|
}
|
return false;
|
}
|
}
|
