对接第三方登录接口JAVA代码实现
需求:对接第三方登录接口,实现第三方跳转登录
package com.glodon.zjdata.snjzsc.auth.service;
import cn.hutool.core.util.ObjectUtil;
import com.alibaba.fastjson.JSONObject;
import com.glodon.zjdata.baseline.base.common.dto.JsonResult;
import com.glodon.zjdata.snjzsc.auth.dto.UserInfo;
import com.glodon.zjdata.snjzsc.auth.dto.LoginParam;
import com.glodon.zjdata.snjzsc.system.api.auth.client.AuthOrgUserClient;
import com.glodon.zjdata.snjzsc.system.common.auth.model.AuthUserForUserNameAndPhone;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import javax.net.ssl.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
@Component
@Slf4j
public class LoginService {
private String BaseUrl = "http://三方IP:三方端口";
private String AppId = "第三方提供的应用ID";
private String Secret = "第三方提供的秘钥";
private String entBaseUrl = "https://目标ip:目标端口";
@Autowired
private LoginService loginService;
@Autowired
private AuthUserClient authUserClient;
/**
* 第三方登录
* @param LoginParam
* @param request
* @param response
* @return
*/
public JsonResult<Object> loginByProcess(LoginParam LoginParam, HttpServletRequest request, HttpServletResponse response) {
String code = LoginParam.getCode();
if(StringUtils.isBlank(code)) {
return JsonResult.fail("应用授权code不能为空");
}
String token = getEntTokenByCode(code);
if(StringUtils.isBlank(token) || "null".equalsIgnoreCase(token)) {
return JsonResult.fail("授权code换取token获取异常");
}
log.info("get ent token by code : {} , token : {}",LoginParam.getCode(),token);
String certificateSno = getEntLegalUserInfoByToken(token);
if(StringUtils.isBlank(certificateSno)) {
return JsonResult.fail("当前登录信息获取异常");
}
certificateSno = certificateSno.trim();
log.info("get ent user certificate sno : {}",certificateSno);
//判断基本信息是否存在
//判断用户信息是否存在
AuthUserForUserNameAndPhone authUserForUserNameAndPhone = authOrgUserClient.getUserForCertificateSno(certificateSno);
if(ObjectUtil.isNull(authUserForUserNameAndPhone)) {
return JsonResult.fail("当前登录账号信息未创建");
}
return this.loginService.loginEntJumpProcess(certificateSno,authUserForUserNameAndPhone.getUserType(), request, response);
}
/**
* 通过授权code获取token信息
* @param code
* @return
*/
public String getEntTokenByCode(String code){
String token = "";
try {
// 创建一个信任所有证书的TrustManager
TrustManager[] trustAllCerts = new TrustManager[]{new MyTrustManager()};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// 创建一个不验证主机名的HostnameVerifier
HostnameVerifier allHostsValid = (hostname, session) -> true;
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
// 创建URL对象
URL url = new URL(entBaseUrl+"/auth/getTokenByTmp");
// 创建HttpURLConnection对象
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoInput(true);
connection.setDoOutput(true);
// 设置请求方法为POST
connection.setRequestMethod("POST");
// 设置请求头
connection.setRequestProperty("Content-Type", "application/json");
connection.setRequestProperty("C-Business-Id", "三方业务ID");
connection.setRequestProperty("C-Tenancy-Id", "610000000000");
connection.setRequestProperty("Referer", "第三方ip:第三方端口");
connection.setRequestProperty("C-DynAmic-Password-Foruser", code);
connection.setRequestProperty("C-App-Id", "第三方权限APPID");
connection.setRequestProperty("apppwd", "APP密码");
connection.setRequestProperty("client_id", "客户端ID");
connection.setRequestProperty("client_secret", "客户端秘钥");
// 设置请求体
String requestBody = "{\n" +
" \"txnBodyCom\":{\n" +
" \n" +
" },\n" +
" \"txnCommCom\":\n" +
" {\n" +
" \"tRecInPage\":\"10\",\n" +
" \"txnIttChnlCgyCode\":\"D001C004\",\n" +
" \"tStsTraceId\":\"110567980\",\n" +
" \"tPageJump\":\"1\",\n" +
" \"txnIttChnlId\":\"99990001000000000000000\"\n" +
" }\n" +
"}\n";
try (OutputStream output = connection.getOutputStream()) {
output.write(requestBody.getBytes(StandardCharsets.UTF_8));
}
// 获取响应码和响应内容
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String responseData;
if ((responseData = reader.readLine()) != null) {
JSONObject dataJson = JSONObject.parseObject(responseData);
log.info("get ent token : {}",dataJson.toJSONString());
token = dataJson.getString("C-Response-Body");
}
} catch (Exception e) {
e.printStackTrace();
}
return token;
}
/**
* 获取用户信息
* @param token
* @return
*/
public String getEntLegalUserInfoByToken(String token){
String certificateSno = "";
try {
// 创建一个信任所有证书的TrustManager
TrustManager[] trustAllCerts = new TrustManager[]{new MyTrustManager()};
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// 创建一个不验证主机名的HostnameVerifier
HostnameVerifier allHostsValid = (hostname, session) -> true;
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
// 创建URL对象
URL url = new URL(entBaseUrl+"/gsp/uc20003");
// 创建HttpURLConnection对象
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setDoInput(true);
connection.setDoOutput(true);
// 设置请求方法为POST
connection.setRequestMethod("POST");
// 设置请求头
connection.setRequestProperty("Content-Type", "application/json");
connection.setRequestProperty("C-Business-Id", "三方业务ID");
connection.setRequestProperty("C-Tenancy-Id", "610000000000");
connection.setRequestProperty("Referer", "三方地址:三方端口");
connection.setRequestProperty("C-DynAmic-Password-Foruser", token);
connection.setRequestProperty("C-App-Id", "第三方权限APPID");
connection.setRequestProperty("apppwd", "APP密码");
connection.setRequestProperty("client_id", "客户端ID");
connection.setRequestProperty("client_secret", "客户端秘钥");
// 设置请求体
String requestBody = "{\n" +
" \"txnCommCom\":{\n" +
" \n" +
" },\n" +
" \"txnBodyCom\":\n" +
" {\n" +
" \"tRecInPage\":\"10\",\n" +
" \"txnIttChnlCgyCode\":\"D001C004\",\n" +
" \"tStsTraceId\":\"110567980\",\n" +
" \"tPageJump\":\"1\",\n" +
" \"txnIttChnlId\":\"99990001000000000000000\"\n" +
" }\n" +
"}\n";
try (OutputStream output = connection.getOutputStream()) {
output.write(requestBody.getBytes(StandardCharsets.UTF_8));
}
// 获取响应码和响应内容
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String responseData;
if ((responseData = reader.readLine()) != null) {
JSONObject dataJson = JSONObject.parseObject(responseData);
log.info("get user info : {}",dataJson.toJSONString());
JSONObject bodyJson = JSONObject.parseObject(dataJson.getString("C-Response-Body"));
certificateSno = bodyJson.getJSONObject("userInfo").getString("certificateSno");
}
} catch (Exception e) {
e.printStackTrace();
}
return certificateSno;
}
/**
* 第三方人员登录
* @param request
* @param response
* @return
*/
public JsonResult<Object> loginByProcess(LoginParam LoginParam,HttpServletRequest request, HttpServletResponse response){
String code = LoginParam.getCode();
if(StringUtils.isBlank(code)) {
return JsonResult.fail("应用授权code不能为空");
}
log.info("get code : {}",code);
String appToken = getAppToken();
if(StringUtils.isBlank(appToken)) {
return JsonResult.fail("应用授权token获取异常");
}
log.info("ge app token : {}",appToken);
String userToken = getUserToken(appToken,code);
if(StringUtils.isBlank(userToken)) {
return JsonResult.fail("人员授权token获取异常");
}
log.info("get user token : {}",appToken);
QztUserInfo userInfo = getUserInfo(appToken,userToken);
if(ObjectUtil.isNull(userInfo)) {
return JsonResult.fail("当前登录人信息获取异常");
}
String name = userInfo.getName();
String mobileNumber = userInfo.getMobilePhone().getNumber();
if(StringUtils.isBlank(name) && StringUtils.isBlank(mobileNumber)) {
return JsonResult.fail("登录失败");
}
log.info("get user login name : {} , mobile number : {}",name,mobileNumber);
return this.loginService.loginJumpProcess((short)1, name, mobileNumber, request, response);
}
/**
* 获取应用访问授权
* @return
* @throws Exception
*/
public String getAppToken() {
String appToken = "";
try{
URIBuilder uriBuilder = new URIBuilder(BaseUrl+"第三方访问地址")
.addParameter("grant_type", "client_credential")
.addParameter("appid", govAppId)
.addParameter("secret", govSecret);
JSONObject jsonObject = httpGetRequest(uriBuilder);
Integer errCode = Integer.valueOf(jsonObject.getString("errCode"));
if (errCode.equals(0)){
String data = jsonObject.getString("data");
JSONObject dataDetails = JSONObject.parseObject(data);
appToken = dataDetails.getString("appToken");
}
}catch (Exception e){
e.printStackTrace();
}
return appToken;
}
/**
* 获取人员访问授权
* @param appToken
* @return
* @throws Exception
*/
public String getUserToken(String appToken,String code){
String userToken = "";
try{
URIBuilder uriBuilder = new URIBuilder(govBaseUrl+"第三方登录路径")
.addParameter("app_token", appToken)
.addParameter("grant_type", "authorization_code")
.addParameter("code", code);
JSONObject jsonObject = httpGetRequest(uriBuilder);
Integer errCode = Integer.valueOf(jsonObject.getString("errCode"));
if (errCode.equals(0)){
String data = jsonObject.getString("data");
JSONObject dataDetails = JSONObject.parseObject(data);
userToken = dataDetails.getString("userToken");
}
}catch (Exception e){
e.printStackTrace();
}
return userToken;
}
/**
* 获取人员基本信息
* @param appToken
* @param userToken
* @return
* @throws Exception
*/
public UserInfo getUserInfo(String appToken,String userToken){
UserInfo UserInfo = null;
try{
URIBuilder uriBuilder = new URIBuilder(govBaseUrl+"第三方人员信息路径")
.addParameter("app_token", appToken)
.addParameter("user_token", userToken);
JSONObject jsonObject = httpGetRequest(uriBuilder);
Integer errCode = Integer.valueOf(jsonObject.getString("errCode"));
if (errCode.equals(0)){
String data = jsonObject.getString("data");
log.info("get user info : {}",data);
UserInfo = JSONObject.parseObject(data,UserInfo.class);
}
}catch (Exception e){
e.printStackTrace();
}
return UserInfo;
}
/**
* HTTP GET通用请求
* @param uriBuilder
* @return
* @throws Exception
*/
public JSONObject httpGetRequest(URIBuilder uriBuilder) throws Exception {
CloseableHttpClient httpClient = HttpClients.createDefault();
HttpGet httpGet = new HttpGet(uriBuilder.build());
httpGet.addHeader("Content-Type", "application/json;charset=utf-8");
CloseableHttpResponse response = httpClient.execute(httpGet);
String responseBody = EntityUtils.toString(response.getEntity());
JSONObject jsonObject = JSONObject.parseObject(responseBody);
log.info("http get response : {}" ,jsonObject.toJSONString());
// 关闭连接和释放资源
response.close();
httpClient.close();
return jsonObject;
}
private static class MyTrustManager implements X509TrustManager {
@Override
public void checkClientTrusted(java.security.cert.X509Certificate[] chain, String authType) { }
@Override
public void checkServerTrusted(java.security.cert.X509Certificate[] chain, String authType) { }
@Override
public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new java.security.cert.X509Certificate[]{}; }
}
}
根据第三方提供对接接口进行业务实现