package com.qmth.cdut.api; import com.qmth.boot.api.annotation.Aac; import com.qmth.boot.api.annotation.BOOL; import com.qmth.boot.api.constant.ApiConstant; import com.qmth.cdut.supwisdom.CasUtils; import com.qmth.cdut.supwisdom.Constants; import com.qmth.cdut.supwisdom.LoginUser; import com.qmth.teachcloud.exchange.common.contant.SystemConstant; import com.qmth.teachcloud.exchange.common.enums.ExceptionResultEnum; import com.qmth.teachcloud.exchange.common.service.AuthInfoService; import com.qmth.teachcloud.exchange.common.service.CommonService; import com.qmth.teachcloud.exchange.common.util.Result; import com.qmth.teachcloud.exchange.common.util.ServletUtil; import io.swagger.annotations.*; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import javax.annotation.Resource; import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.Objects; import java.util.StringJoiner; /** *

* 成都理工大学开放接口前端控制器 *

*/ @Api(tags = "成都理工大学开放接口Controller") @RestController @RequestMapping(ApiConstant.DEFAULT_URI_PREFIX + SystemConstant.PREFIX_URL_OPEN) @Validated public class OpenApiController { private static final Logger log = LoggerFactory.getLogger(OpenApiController.class); private static final String schoolCode = "cdut";//测试学校code,成都理工大学 @Resource CommonService commonService; @Resource AuthInfoService authInfoService; @Value("${cas.config.logoutUrl}") String logoutUrl; @Value("${cas.config.returnUrl}") String returnUrl; @ApiOperation(value = "成都理工大学cas鉴权接口") @ApiResponses({@ApiResponse(code = 200, message = "返回消息", response = Result.class)}) @RequestMapping(value = "/authentication", method = RequestMethod.GET) @Aac(auth = BOOL.FALSE) public void sso(HttpServletRequest request, HttpServletResponse response) throws IOException { HttpSession session = request.getSession(); String targetUrl = CasUtils.getTargetUrl(request); authInfoService.appHasExpired(schoolCode); if (CasUtils.isLogin(session)) { LoginUser loginUser = (LoginUser) session.getAttribute(Constants.LOGIN_USER_KEY); String account = loginUser.getAccount(); String sessionId = session.getId(); if (StringUtils.isNotBlank(sessionId)) { StringJoiner stringJoiner = new StringJoiner(""); stringJoiner.add(logoutUrl).add(SystemConstant.GET_UNKNOWN).add("sessionId") .add(SystemConstant.GET_EQUAL).add(sessionId); returnUrl = stringJoiner.toString(); } else { throw ExceptionResultEnum.ERROR.exception("sessionId为空"); } commonService.redirectLogic(account, schoolCode, returnUrl, null); } else { if (CasUtils.hasTicket(request)) { LoginUser loginUser = CasUtils.getLoginUser(request); if (loginUser.isLogin() && doLogin(loginUser, request)) { CasUtils.login(loginUser, session); String account = loginUser.getAccount(); commonService.redirectLogic(account, schoolCode, returnUrl, null); } else { String loginUrl = CasUtils.getLoginUrl(request); response.sendRedirect(loginUrl); // TODO 可选:业务系统可根据实际情况进行处理 // response.sendRedirect(CasUtils.getErrorUrl(request)); } } else { String loginUrl = CasUtils.getLoginUrl(request); response.sendRedirect(loginUrl); } } } @ApiOperation(value = "西安交通大学cas鉴权退出接口") @RequestMapping(value = "/authentication/logout", method = RequestMethod.GET) @ApiResponses({@ApiResponse(code = 200, message = "返回消息", response = Result.class)}) @Aac(auth = BOOL.FALSE) public void logout(@ApiParam(value = "sessionId", required = true) @RequestParam String sessionId) throws IOException { if (Objects.isNull(logoutUrl) || Objects.equals(logoutUrl, "")) { throw ExceptionResultEnum.PARAMS_ERROR.exception("鉴权退出地址不存在"); } if (Objects.isNull(sessionId) || Objects.equals(sessionId, "")) { throw ExceptionResultEnum.PARAMS_ERROR.exception("sessionId为空"); } authInfoService.appHasExpired(schoolCode); HttpServletRequest request = ServletUtil.getRequest(); HttpServletResponse response = ServletUtil.getResponse(); if (doLogout(request)) { HttpSession session = request.getSession(); CasUtils.logout(session); response.sendRedirect(CasUtils.getLogoutUrl(request)); } else { response.sendRedirect(CasUtils.getLoginUrl(request)); } } public boolean doLogin(LoginUser loginUser, HttpServletRequest request) { HttpSession session = request.getSession(); ServletContext application = session.getServletContext(); // 如果使用了Spring可以用下面的方法获取spring的context对象 // WebApplicationContext appContext = WebApplicationContextUtils.getWebApplicationContext(application); // 如果需要使用SpringMVC上下文、可以用下面的方法获取springMVC的context对象 // WebApplicationContext mvcContext = RequestContextUtils.getWebApplicationContext(request); // TODO 需要业务系统重写 return true; } public boolean doLogout(HttpServletRequest request) { return true; } }