package com.qmth.xjtu.api;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.qmth.boot.api.annotation.Aac;
import com.qmth.boot.api.annotation.BOOL;
import com.qmth.boot.api.constant.ApiConstant;
import com.qmth.teachcloud.exchange.common.bean.params.OpenParams;
import com.qmth.teachcloud.exchange.common.contant.SystemConstant;
import com.qmth.teachcloud.exchange.common.enums.ExceptionResultEnum;
import com.qmth.teachcloud.exchange.common.service.AuthInfoService;
import com.qmth.teachcloud.exchange.common.service.CommonService;
import com.qmth.teachcloud.exchange.common.util.HttpUtil;
import com.qmth.teachcloud.exchange.common.util.JacksonUtil;
import com.qmth.teachcloud.exchange.common.util.Result;
import com.qmth.teachcloud.exchange.common.util.ServletUtil;
import io.swagger.annotations.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Objects;
import java.util.StringJoiner;
/**
*
* 西安交通大学开放接口前端控制器
*
*
* @author wangliang
* @since 2022-04-26
*/
@Api(tags = "西安交通大学开放接口Controller")
@RestController
@RequestMapping(ApiConstant.DEFAULT_URI_PREFIX + "/${prefix.url.open}")
@Validated
public class OpenApiController {
private static final Logger log = LoggerFactory.getLogger(OpenApiController.class);
private static final String ACCESS_TOKEN_URL = "https://org.xjtu.edu.cn/openplatform/oauth/getAccessToken";
private static final String USER_INFO_URL = "https://org.xjtu.edu.cn/openplatform/oauth/open/getUserInfo";
private static final String LOGOUT_URL = "http://org.xjtu.edu.cn/openplatform/oauth/logout";
private static final String RETURN_URL = "https://org.xjtu.edu.cn/openplatform/login.html";
private static final String schoolCode = "xjtu";//测试学校code,正式改成xjtu
@Resource
CommonService commonService;
@Resource
AuthInfoService authInfoService;
@Value("${cas.config.logoutUrl}")
String logoutUrl;
@ApiOperation(value = "西安交通大学cas鉴权接口")
@ApiResponses({@ApiResponse(code = 200, message = "返回消息", response = Result.class)})
@RequestMapping(value = "/authentication", method = RequestMethod.GET)
@Aac(auth = BOOL.FALSE)
public void authentication(@ApiParam(value = "工号") @RequestParam(required = false) String code,
@ApiParam(value = "系统参数") @RequestParam(required = false) String state,
@ApiParam(value = "用户类型") @RequestParam(required = false) String userType,
@ApiParam(value = "员工工号") @RequestParam(required = false) String employeeNo,
@ApiParam(value = "返回url") @RequestParam(required = false) String returnUrl) throws IOException {
if ((Objects.isNull(code) || Objects.equals(code, ""))
|| (Objects.isNull(employeeNo) || Objects.equals(employeeNo, ""))) {
throw ExceptionResultEnum.ERROR.exception("请先通过学校地址登录");
}
authInfoService.appHasExpired(schoolCode);
Map accessTokenParams = new LinkedHashMap<>();
accessTokenParams.put("code", code);
String accessTokenResult = HttpUtil.post(ACCESS_TOKEN_URL, accessTokenParams, null);
String accessToken = null, gsessionId = null;
//获取accessToken
if (Objects.nonNull(accessTokenResult)) {
log.info("accessTokenResult:{}", JacksonUtil.parseJson(accessTokenResult));
JSONObject jsonObject = JSONObject.parseObject(accessTokenResult);
JSONObject object = jsonObject.getJSONObject("data");
String message = jsonObject.getString("message");
if (Objects.nonNull(object) && Objects.nonNull(message) && Objects.equals(message, "成功")) {
accessToken = object.getString("accessToken");
gsessionId = object.getString("gsessionId");
} else {
throw ExceptionResultEnum.ERROR.exception(message);
}
}
OpenParams openParams = null;
//获取用户信息
if (Objects.nonNull(accessToken)) {
String userInfoResult = HttpUtil.post(USER_INFO_URL, null, accessToken);
if (Objects.nonNull(userInfoResult)) {
log.info("userInfoResult:{}", JacksonUtil.parseJson(userInfoResult));
openParams = new OpenParams();
// openParams.setResult(JacksonUtil.parseJson(userInfoResult));
JSONObject jsonObject = JSONObject.parseObject(userInfoResult);
JSONObject object = jsonObject.getJSONObject("data");
String message = jsonObject.getString("message");
JSONArray userTypeJsonArray = object.getJSONArray("userTypes");
JSONArray deptInfoJsonArray = object.getJSONArray("deptInfos");
if (Objects.nonNull(object) && Objects.nonNull(message) && Objects.equals(message, "成功")) {
openParams.setOrgName(object.getString("orgName"));
if (Objects.nonNull(userTypeJsonArray) && userTypeJsonArray.size() > 0) {
JSONObject userTypeJsonObject = userTypeJsonArray.getJSONObject(0);
openParams.setName(userTypeJsonObject.getString("memberName"));
Integer userTypeRole = userTypeJsonObject.getInteger("userType");
if (Objects.nonNull(userTypeRole) && userTypeRole.intValue() == 1) {
openParams.setRoleName("学生");
} else if (Objects.nonNull(userTypeRole) && userTypeRole.intValue() == 2) {
openParams.setRoleName("教职工");
}
}
if (Objects.nonNull(deptInfoJsonArray) && deptInfoJsonArray.size() > 0) {
JSONObject deptInfoJsonArrayJsonObject = deptInfoJsonArray.getJSONObject(0);
openParams.setDeptName(deptInfoJsonArrayJsonObject.getString("deptName"));
}
} else {
throw ExceptionResultEnum.ERROR.exception(message);
}
}
}
//登出
if (Objects.nonNull(gsessionId)) {
StringJoiner stringJoiner = new StringJoiner("");
stringJoiner.add(logoutUrl).add(SystemConstant.GET_UNKNOWN).add("gSessionId")
.add(SystemConstant.GET_EQUAL).add(gsessionId);
returnUrl = stringJoiner.toString();
} else {
throw ExceptionResultEnum.ERROR.exception("gSessionId为空");
}
commonService.redirectLogic(employeeNo, schoolCode, returnUrl, Objects.nonNull(openParams) ? JacksonUtil.parseJson(openParams) : null);
}
@ApiOperation(value = "西安交通大学cas鉴权退出接口")
@RequestMapping(value = "/authentication/logout", method = RequestMethod.GET)
@ApiResponses({@ApiResponse(code = 200, message = "返回消息", response = Result.class)})
@Aac(auth = BOOL.FALSE)
public void logout(@ApiParam(value = "sessionId", required = true) @RequestParam String gSessionId) throws IOException {
if (Objects.isNull(logoutUrl) || Objects.equals(logoutUrl, "")) {
throw ExceptionResultEnum.PARAMS_ERROR.exception("鉴权退出地址不存在");
}
if (Objects.isNull(gSessionId) || Objects.equals(gSessionId, "")) {
throw ExceptionResultEnum.PARAMS_ERROR.exception("sessionId为空");
}
Map logoutParams = new LinkedHashMap<>();
logoutParams.put("gSessionId", gSessionId);
String logoutResult = HttpUtil.post(LOGOUT_URL, logoutParams, null);
if (Objects.nonNull(logoutResult)) {
log.info("logoutResult:{}", JacksonUtil.parseJson(logoutResult));
JSONObject jsonObject = JSONObject.parseObject(logoutResult);
String message = jsonObject.getString("message");
if (Objects.nonNull(message) && Objects.equals(message, "成功")) {
HttpServletResponse response = ServletUtil.getResponse();
response.setHeader("Access-Control-Allow-Origin", SystemConstant.PATH_MATCH);
response.sendRedirect(RETURN_URL);
}
}
}
}