Merge branch 'dev' into test

zt-dependencies/pom.xml

@@ -56,7 +56,7 @@
         <!-- 服务保障相关 -->
         <lock4j.version>2.2.7</lock4j.version>
         <!-- 监控相关 -->
-        <skywalking.version>9.0.0</skywalking.version>
+        <skywalking.version>9.5.0</skywalking.version>
         <spring-boot-admin.version>3.4.5</spring-boot-admin.version>
         <opentracing.version>0.33.0</opentracing.version>
         <!-- Test 测试相关 -->

zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/controller/admin/auth/vo/AuthLoginRespVO.java

@@ -27,6 +27,12 @@ public class AuthLoginRespVO {
     @Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice")
     private String refreshToken;
 
+    @Schema(description = "客户端编号", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "eban-oauth2-client")
+    private String clientId;
+
+    @Schema(description = "用户类型", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "1")
+    private Integer userType;
+
     @Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)
     private LocalDateTime expiresTime;
 

zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/auth/AdminAuthServiceImpl.java

@@ -27,6 +27,7 @@ import com.zt.plat.module.system.enums.user.UserSourceEnum;
 import com.zt.plat.module.system.service.logger.LoginLogService;
 import com.zt.plat.module.system.service.member.MemberService;
 import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service;
+import com.zt.plat.module.system.service.oauth2.EbanTokenService;
 import com.zt.plat.module.system.service.oauth2.OAuth2TokenService;
 import com.zt.plat.module.system.service.social.SocialUserService;
 import com.zt.plat.module.system.service.user.AdminUserService;
@@ -72,20 +73,22 @@ public class AdminAuthServiceImpl implements AdminAuthService {
     private SmsCodeApi smsCodeApi;
     @Resource
     private EbanOAuth2Service ebanOAuth2Service;
+    @Resource
+    private EbanTokenService ebanTokenService;
     @Value("${sync.encrypt-key}")
     private String encryptKey;
 
     // E办OAuth2配置
-    @Value("${eban.oauth2.authorize-url:http://10.2.137.42/idp/oauth2/authorize}")
+    @Value("${eban.oauth2.authorize-url}")
     private String ebanAuthorizeUrl;
 
-    @Value("${eban.oauth2.client-id:tyszhjyglxt}")
+    @Value("${eban.oauth2.client-id}")
     private String ebanClientId;
 
-    @Value("${eban.oauth2.redirect-uri:http://172.16.46.63:30080/system/oauth2/callback}")
+    @Value("${eban.oauth2.redirect-uri}")
     private String ebanRedirectUri;
 
-    @Value("${eban.oauth2.response-type:code}")
+    @Value("${eban.oauth2.response-type}")
     private String ebanResponseType;
 
     /**
@@ -308,6 +311,9 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         if (accessTokenDO == null) {
             return;
         }
+        if (EbanTokenService.EBAN_CLIENT_ID.equals(accessTokenDO.getClientId())) {
+            ebanTokenService.globalLogout(accessTokenDO.getAccessToken(), accessTokenDO.getUserId());
+        }
         // 删除成功，则记录登出日志
         createLogoutLog(accessTokenDO.getUserId(), accessTokenDO.getUserType(), logType);
     }
@@ -460,7 +466,6 @@ public class AdminAuthServiceImpl implements AdminAuthService {
      */
     private String buildEbanLoginUrl() {
         String state = "login_" + System.currentTimeMillis();
-        
         return String.format("%s?client_id=%s&redirect_uri=%s&response_type=%s&state=%s",
                 ebanAuthorizeUrl, ebanClientId, ebanRedirectUri, ebanResponseType, state);
     }

zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/EbanOAuth2ServiceImpl.java

@@ -47,19 +47,19 @@ public class EbanOAuth2ServiceImpl implements EbanOAuth2Service {
     @Resource
     private EbanTokenService ebanTokenService;
     
-    @Value("${eban.oauth2.auth-server.base-url:http://10.2.137.42/idp/oauth2}")
+    @Value("${eban.oauth2.auth-server.base-url}")
     private String authServerBaseUrl;
     
-    @Value("${eban.oauth2.auth-server.client-id:tyszhjyglxt}")
+    @Value("${eban.oauth2.auth-server.client-id}")
     private String clientId;
     
-    @Value("${eban.oauth2.auth-server.client-secret:}")
+    @Value("${eban.oauth2.auth-server.client-secret}")
     private String clientSecret;
     
-    @Value("${eban.oauth2.user-info.url:http://10.2.137.42/idp/oauth2/getUserInfo}")
+    @Value("${eban.oauth2.user-info.url}")
     private String userInfoUrl;
     
-    @Value("${eban.oauth2.token.url:http://10.2.137.42/idp/oauth2/getToken}")
+    @Value("${eban.oauth2.token.url}")
     private String tokenUrl;
     
     @Override

zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/EbanTokenService.java

@@ -9,6 +9,8 @@ import com.zt.plat.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
  */
 public interface EbanTokenService {
 
+    String EBAN_CLIENT_ID = "eban-oauth2-client";
+
     /**
      * 创建E办Token信息到现有OAuth2表中
      *
@@ -61,4 +63,13 @@ public interface EbanTokenService {
      * @return OAuth2AccessTokenDO
      */
     OAuth2AccessTokenDO getEbanTokenByAccessToken(String accessToken);
+
+    /**
+     * 调用E办全局登出接口
+     *
+     * @param accessToken E办访问令牌
+     * @param userId 系统用户ID
+     * @return 是否登出成功
+     */
+    boolean globalLogout(String accessToken, Long userId);
 }

zt-module-system/zt-module-system-server/src/main/resources/application.yaml

@@ -207,20 +207,26 @@ zt:
 # E办OAuth2配置文件
 eban:
   oauth2:
-    # E办OAuth2服务端配置
+    authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
+    client-id: tyszhjyglxt
+    client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
+    redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
+    response-type: code
     auth-server:
       base-url: http://10.2.137.42/idp/oauth2
-      client-id: tyszhjyglxt
-      client-secret: fa821b567e59448e9acea3937529d1b4  # 需要从e办系统获取
-      callback-uri: http://172.16.46.63:30080/system/oauth2/callback
-
-    # 用户信息获取配置
-    user-info:
-      url: http://10.2.137.42/idp/oauth2/getUserInfo
-
-    # 令牌交换配置
+      client-id: ${eban.oauth2.client-id}
+      client-secret: ${eban.oauth2.client-secret}
     token:
-      url: http://10.2.137.42/idp/oauth2/getToken
+      url: ${eban.oauth2.auth-server.base-url}/getToken
+      refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
+      check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
+    logout:
+      url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
+      entity-id: tyszhjyglxt
+      protocol: oauth
+      token-type: token
+    user-info:
+      url: ${eban.oauth2.auth-server.base-url}/getUserInfo
 
 debug: false
 

zt-module-system/zt-module-system-server/src/test/java/com/zt/plat/module/system/service/dept/DeptServiceImplTest.java

@@ -252,7 +252,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
         deptMapper.insert(parentDept);
 
         // mock 同级重名部门
-        String duplicateName = randomString(6);
+    String duplicateName = randomString();
         DeptDO deptDO = randomPojo(DeptDO.class, o -> {
             o.setParentId(parentDept.getId());
             o.setName(duplicateName);
@@ -268,7 +268,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
     @Test
     public void testValidateDeptNameUnique_topLevelDuplicateAllowed() {
         // mock 顶级部门
-        String duplicateName = randomString(6);
+    String duplicateName = randomString();
         DeptDO topLevelDept = randomPojo(DeptDO.class, o -> {
             o.setParentId(DeptDO.PARENT_ID_ROOT);
             o.setName(duplicateName);
@@ -294,7 +294,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
         }).setDeptSource(null);
         deptMapper.insert(parentB);
 
-        String duplicateName = randomString(6);
+    String duplicateName = randomString();
         DeptDO childUnderA = randomPojo(DeptDO.class, o -> {
             o.setParentId(parentA.getId());
             o.setName(duplicateName);

zt-server/src/main/resources/application.yaml

@@ -349,18 +349,26 @@ zt:
 # E办OAuth2配置文件
 eban:
   oauth2:
-    # E办OAuth2登录配置
-    authorize-url: http://10.2.137.42/idp/oauth2/authorize
+    authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
     client-id: tyszhjyglxt
-    client-secret: fa821b567e59448e9acea3937529d1b4  # 需要从e办系统获取
+    client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
     redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
     response-type: code
-    
-    # 用户信息获取URL
-    user-info-url: http://10.2.137.42/idp/oauth2/getUserInfo
-    
-    # 令牌交换URL
-    token-url: http://10.2.137.42/idp/oauth2/getToken
+    auth-server:
+      base-url: http://10.2.137.42/idp/oauth2
+      client-id: ${eban.oauth2.client-id}
+      client-secret: ${eban.oauth2.client-secret}
+    token:
+      url: ${eban.oauth2.auth-server.base-url}/getToken
+      refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
+      check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
+    logout:
+      url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
+      entity-id: tyszhjyglxt
+      protocol: oauth
+      token-type: token
+    user-info:
+      url: ${eban.oauth2.auth-server.base-url}/getUserInfo
 
 debug: false