package com.qianwen.smartman.modules.auth.utils; import java.util.Date; import java.util.HashMap; import java.util.Map; import com.qianwen.smartman.common.constant.TenantConstant; import com.qianwen.smartman.common.utils.MessageUtils; import com.qianwen.core.log.exception.ServiceException; import com.qianwen.core.secure.TokenInfo; import com.qianwen.core.secure.utils.SecureUtil; import com.qianwen.core.tenant.BladeTenantProperties; import com.qianwen.core.tool.jackson.JsonUtil; import com.qianwen.core.tool.support.Kv; import com.qianwen.core.tool.utils.DateUtil; import com.qianwen.core.tool.utils.DesUtil; import com.qianwen.core.tool.utils.Func; import com.qianwen.core.tool.utils.SpringUtil; import com.qianwen.core.tool.utils.StringUtil; import com.qianwen.smartman.modules.auth.granter.RefreshTokenGranter; import com.qianwen.smartman.modules.system.entity.Tenant; import com.qianwen.smartman.modules.system.entity.User; import com.qianwen.smartman.modules.system.entity.UserInfo; public class TokenUtil { public static final String DEPT_HEADER_KEY = "Dept-Id"; public static final String ROLE_HEADER_KEY = "Role-Id"; public static final String CAPTCHA_HEADER_KEY = "Captcha-Key"; public static final String CAPTCHA_HEADER_CODE = "Captcha-Code"; public static final String CAPTCHA_NOT_CORRECT = "user.captcha.error"; public static final String TENANT_HEADER_KEY = "Tenant-Id"; public static final String DEFAULT_TENANT_ID = "000000"; public static final String USER_TYPE_HEADER_KEY = "User-Type"; public static final String DEFAULT_USER_TYPE = "web"; public static final String USER_NOT_FOUND = "user.not.found"; public static final String OAUTH_CONFIG_NOT_FOUND = "oauth.config.not.found"; public static final String USER_NOT_BINDED = "not.bind.user"; public static final String USER_HAS_BINDED = "user.has.bind"; public static final String RESOURCE_NOT_FOUND = "resource.not.found"; public static final String USER_HAS_NO_ROLE = "user.has.no.role"; public static final String USER_HAS_NO_TENANT = "user.has.no.tenant"; public static final String USER_HAS_NO_TENANT_PERMISSION = "user.has.tenant.permission"; public static final String USER_HAS_TOO_MANY_FAILS = "user.has.too.many.fails"; public static final String USER_BLOCKED = "user.blocked"; public static final String SOCIAL_FAIL = "sys.social.grant.fail"; public static final String HEADER_KEY = "Authorization"; public static final String HEADER_PREFIX = "Basic "; public static final String DEFAULT_AVATAR = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png"; private static BladeTenantProperties tenantProperties; private static BladeTenantProperties getTenantProperties() { if (tenantProperties == null) { tenantProperties = (BladeTenantProperties) SpringUtil.getBean(BladeTenantProperties.class); } return tenantProperties; } public static Kv createAuthInfo(UserInfo userInfo) { Kv authInfo = Kv.create(); User user = userInfo.getUser(); Map param = new HashMap<>(16); param.put("token_type", "access_token"); param.put("tenant_id", user.getTenantId()); param.put("user_id", Func.toStr(user.getId())); param.put("dept_id", user.getDeptId()); param.put("post_id", user.getPostId()); param.put("role_id", user.getRoleId()); param.put("oauth_id", userInfo.getOauthId()); param.put("account", user.getAccount()); param.put("user_name", user.getAccount()); param.put("nick_name", user.getRealName()); param.put("role_name", Func.join(userInfo.getRoles())); param.put("detail", userInfo.getDetail()); try { TokenInfo accessToken = SecureUtil.createJWT(param, "audience", "issuser", "access_token"); return authInfo.set("tenant_id", user.getTenantId()).set("user_id", Func.toStr(user.getId())).set("dept_id", user.getDeptId()).set("post_id", user.getPostId()).set("role_id", user.getRoleId()).set("oauth_id", userInfo.getOauthId()).set("account", user.getAccount()).set("user_name", user.getAccount()).set("nick_name", user.getRealName()).set("role_name", Func.join(userInfo.getRoles())).set("avatar", Func.toStr(user.getAvatar(), "")).set("access_token", accessToken.getToken()).set(RefreshTokenGranter.GRANT_TYPE, createRefreshToken(userInfo).getToken()).set("token_type", "bearer").set("expires_in", Integer.valueOf(accessToken.getExpire())).set("detail", userInfo.getDetail()).set("license", "powered by bladex"); } catch (Exception ex) { return authInfo.set("error_code", 401).set("error_description", ex.getMessage()); } } private static TokenInfo createRefreshToken(UserInfo userInfo) { User user = userInfo.getUser(); Map param = new HashMap<>(16); param.put("token_type", RefreshTokenGranter.GRANT_TYPE); param.put("user_id", Func.toStr(user.getId())); param.put("dept_id", Func.toStr(user.getDeptId())); param.put("role_id", Func.toStr(user.getRoleId())); return SecureUtil.createJWT(param, "audience", "issuser", RefreshTokenGranter.GRANT_TYPE); } public static boolean judgeTenant(Tenant tenant) { if (tenant == null) { throw new ServiceException(MessageUtils.message(USER_HAS_NO_TENANT, new Object[0])); } if (StringUtil.equalsIgnoreCase(tenant.getTenantId(), "000000")) { return false; } Date expireTime = tenant.getExpireTime(); if (getTenantProperties().getLicense().booleanValue()) { String licenseKey = tenant.getLicenseKey(); String decrypt = DesUtil.decryptFormHex(licenseKey, TenantConstant.DES_KEY); expireTime = ((Tenant) JsonUtil.parse(decrypt, Tenant.class)).getExpireTime(); } if (expireTime != null && expireTime.before(DateUtil.now())) { throw new ServiceException(MessageUtils.message(USER_HAS_NO_TENANT_PERMISSION, new Object[0])); } return false; } }