zgty/zt-dsc
9
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'base-version/main' into dev

Browse Source
This commit is contained in:
chenbowen
2025-11-05 16:32:45 +08:00
parent 79add68d87 ec473a00d4
commit e98615c896
9 changed files with 164 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
zt-dependencies/pom.xml
View File

@@ -56,7 +56,7 @@
<!-- 服务保障相关 --> <!-- 服务保障相关 -->
<lock4j.version>2.2.7</lock4j.version> <lock4j.version>2.2.7</lock4j.version>
<!-- 监控相关 --> <!-- 监控相关 -->
<skywalking.version>9.0.0</skywalking.version> <skywalking.version>9.5.0</skywalking.version>
<spring-boot-admin.version>3.4.5</spring-boot-admin.version> <spring-boot-admin.version>3.4.5</spring-boot-admin.version>
<opentracing.version>0.33.0</opentracing.version> <opentracing.version>0.33.0</opentracing.version>
<!-- Test 测试相关 --> <!-- Test 测试相关 -->

6
zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/controller/admin/auth/vo/AuthLoginRespVO.java
View File

@@ -27,6 +27,12 @@ public class AuthLoginRespVO {
@Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice") @Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice")
private String refreshToken; private String refreshToken;
@Schema(description = "客户端编号", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "eban-oauth2-client")
private String clientId;
@Schema(description = "用户类型", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "1")
private Integer userType;
@Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED) @Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)
private LocalDateTime expiresTime; private LocalDateTime expiresTime;

15
zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/auth/AdminAuthServiceImpl.java
View File

@@ -27,6 +27,7 @@ import com.zt.plat.module.system.enums.user.UserSourceEnum;
import com.zt.plat.module.system.service.logger.LoginLogService; import com.zt.plat.module.system.service.logger.LoginLogService;
import com.zt.plat.module.system.service.member.MemberService; import com.zt.plat.module.system.service.member.MemberService;
import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service; import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service;
import com.zt.plat.module.system.service.oauth2.EbanTokenService;
import com.zt.plat.module.system.service.oauth2.OAuth2TokenService; import com.zt.plat.module.system.service.oauth2.OAuth2TokenService;
import com.zt.plat.module.system.service.social.SocialUserService; import com.zt.plat.module.system.service.social.SocialUserService;
import com.zt.plat.module.system.service.user.AdminUserService; import com.zt.plat.module.system.service.user.AdminUserService;
@@ -72,20 +73,22 @@ public class AdminAuthServiceImpl implements AdminAuthService {
private SmsCodeApi smsCodeApi; private SmsCodeApi smsCodeApi;
@Resource @Resource
private EbanOAuth2Service ebanOAuth2Service; private EbanOAuth2Service ebanOAuth2Service;
@Resource
private EbanTokenService ebanTokenService;
@Value("${sync.encrypt-key}") @Value("${sync.encrypt-key}")
private String encryptKey; private String encryptKey;
// E办OAuth2配置 // E办OAuth2配置
@Value("${eban.oauth2.authorize-url:http://10.2.137.42/idp/oauth2/authorize}") @Value("${eban.oauth2.authorize-url}")
private String ebanAuthorizeUrl; private String ebanAuthorizeUrl;
@Value("${eban.oauth2.client-id:tyszhjyglxt}") @Value("${eban.oauth2.client-id}")
private String ebanClientId; private String ebanClientId;
@Value("${eban.oauth2.redirect-uri:http://172.16.46.63:30080/system/oauth2/callback}") @Value("${eban.oauth2.redirect-uri}")
private String ebanRedirectUri; private String ebanRedirectUri;
@Value("${eban.oauth2.response-type:code}") @Value("${eban.oauth2.response-type}")
private String ebanResponseType; private String ebanResponseType;
/** /**
@@ -308,6 +311,9 @@ public class AdminAuthServiceImpl implements AdminAuthService {
if (accessTokenDO == null) { if (accessTokenDO == null) {
return; return;
} }
if (EbanTokenService.EBAN_CLIENT_ID.equals(accessTokenDO.getClientId())) {
ebanTokenService.globalLogout(accessTokenDO.getAccessToken(), accessTokenDO.getUserId());
}
// 删除成功,则记录登出日志 // 删除成功,则记录登出日志
createLogoutLog(accessTokenDO.getUserId(), accessTokenDO.getUserType(), logType); createLogoutLog(accessTokenDO.getUserId(), accessTokenDO.getUserType(), logType);
} }
@@ -460,7 +466,6 @@ public class AdminAuthServiceImpl implements AdminAuthService {
*/ */
private String buildEbanLoginUrl() { private String buildEbanLoginUrl() {
String state = "login_" + System.currentTimeMillis(); String state = "login_" + System.currentTimeMillis();
return String.format("%s?client_id=%s&redirect_uri=%s&response_type=%s&state=%s", return String.format("%s?client_id=%s&redirect_uri=%s&response_type=%s&state=%s",
ebanAuthorizeUrl, ebanClientId, ebanRedirectUri, ebanResponseType, state); ebanAuthorizeUrl, ebanClientId, ebanRedirectUri, ebanResponseType, state);
} }

10
zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/EbanOAuth2ServiceImpl.java
View File

@@ -47,19 +47,19 @@ public class EbanOAuth2ServiceImpl implements EbanOAuth2Service {
@Resource @Resource
private EbanTokenService ebanTokenService; private EbanTokenService ebanTokenService;
@Value("${eban.oauth2.auth-server.base-url:http://10.2.137.42/idp/oauth2}") @Value("${eban.oauth2.auth-server.base-url}")
private String authServerBaseUrl; private String authServerBaseUrl;
@Value("${eban.oauth2.auth-server.client-id:tyszhjyglxt}") @Value("${eban.oauth2.auth-server.client-id}")
private String clientId; private String clientId;
@Value("${eban.oauth2.auth-server.client-secret:}") @Value("${eban.oauth2.auth-server.client-secret}")
private String clientSecret; private String clientSecret;
@Value("${eban.oauth2.user-info.url:http://10.2.137.42/idp/oauth2/getUserInfo}") @Value("${eban.oauth2.user-info.url}")
private String userInfoUrl; private String userInfoUrl;
@Value("${eban.oauth2.token.url:http://10.2.137.42/idp/oauth2/getToken}") @Value("${eban.oauth2.token.url}")
private String tokenUrl; private String tokenUrl;
@Override @Override

11
zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/EbanTokenService.java
View File

@@ -9,6 +9,8 @@ import com.zt.plat.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
*/ */
public interface EbanTokenService { public interface EbanTokenService {
String EBAN_CLIENT_ID = "eban-oauth2-client";
/** /**
* 创建E办Token信息到现有OAuth2表中 * 创建E办Token信息到现有OAuth2表中
* *
@@ -61,4 +63,13 @@ public interface EbanTokenService {
* @return OAuth2AccessTokenDO * @return OAuth2AccessTokenDO
*/ */
OAuth2AccessTokenDO getEbanTokenByAccessToken(String accessToken); OAuth2AccessTokenDO getEbanTokenByAccessToken(String accessToken);
/**
* 调用E办全局登出接口
*
* @param accessToken E办访问令牌
* @param userId 系统用户ID
* @return 是否登出成功
*/
boolean globalLogout(String accessToken, Long userId);
} }

102
zt-module-system/zt-module-system-server/src/main/java/com/zt/plat/module/system/service/oauth2/EbanTokenServiceImpl.java
View File

File diff suppressed because it is too large Load Diff

28
zt-module-system/zt-module-system-server/src/main/resources/application.yaml
View File

@@ -207,20 +207,26 @@ zt:
# E办OAuth2配置文件 # E办OAuth2配置文件
eban: eban:
oauth2: oauth2:
# E办OAuth2服务端配置 authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
client-id: tyszhjyglxt
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
response-type: code
auth-server: auth-server:
base-url: http://10.2.137.42/idp/oauth2 base-url: http://10.2.137.42/idp/oauth2
client-id: tyszhjyglxt client-id: ${eban.oauth2.client-id}
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从e办系统获取 client-secret: ${eban.oauth2.client-secret}
callback-uri: http://172.16.46.63:30080/system/oauth2/callback
# 用户信息获取配置
user-info:
url: http://10.2.137.42/idp/oauth2/getUserInfo
# 令牌交换配置
token: token:
url: http://10.2.137.42/idp/oauth2/getToken url: ${eban.oauth2.auth-server.base-url}/getToken
refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
logout:
url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
entity-id: tyszhjyglxt
protocol: oauth
token-type: token
user-info:
url: ${eban.oauth2.auth-server.base-url}/getUserInfo
debug: false debug: false

6
zt-module-system/zt-module-system-server/src/test/java/com/zt/plat/module/system/service/dept/DeptServiceImplTest.java
View File

@@ -252,7 +252,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
deptMapper.insert(parentDept); deptMapper.insert(parentDept);
// mock 同级重名部门 // mock 同级重名部门
String duplicateName = randomString(6); String duplicateName = randomString();
DeptDO deptDO = randomPojo(DeptDO.class, o -> { DeptDO deptDO = randomPojo(DeptDO.class, o -> {
o.setParentId(parentDept.getId()); o.setParentId(parentDept.getId());
o.setName(duplicateName); o.setName(duplicateName);
@@ -268,7 +268,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
@Test @Test
public void testValidateDeptNameUnique_topLevelDuplicateAllowed() { public void testValidateDeptNameUnique_topLevelDuplicateAllowed() {
// mock 顶级部门 // mock 顶级部门
String duplicateName = randomString(6); String duplicateName = randomString();
DeptDO topLevelDept = randomPojo(DeptDO.class, o -> { DeptDO topLevelDept = randomPojo(DeptDO.class, o -> {
o.setParentId(DeptDO.PARENT_ID_ROOT); o.setParentId(DeptDO.PARENT_ID_ROOT);
o.setName(duplicateName); o.setName(duplicateName);
@@ -294,7 +294,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
}).setDeptSource(null); }).setDeptSource(null);
deptMapper.insert(parentB); deptMapper.insert(parentB);
String duplicateName = randomString(6); String duplicateName = randomString();
DeptDO childUnderA = randomPojo(DeptDO.class, o -> { DeptDO childUnderA = randomPojo(DeptDO.class, o -> {
o.setParentId(parentA.getId()); o.setParentId(parentA.getId());
o.setName(duplicateName); o.setName(duplicateName);

26
zt-server/src/main/resources/application.yaml
View File

@@ -349,18 +349,26 @@ zt:
# E办OAuth2配置文件 # E办OAuth2配置文件
eban: eban:
oauth2: oauth2:
# E办OAuth2登录配置 authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
authorize-url: http://10.2.137.42/idp/oauth2/authorize
client-id: tyszhjyglxt client-id: tyszhjyglxt
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从e办系统获取 client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
redirect-uri: http://172.16.46.63:30080/system/oauth2/callback redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
response-type: code response-type: code
auth-server:
# 用户信息获取URL base-url: http://10.2.137.42/idp/oauth2
user-info-url: http://10.2.137.42/idp/oauth2/getUserInfo client-id: ${eban.oauth2.client-id}
client-secret: ${eban.oauth2.client-secret}
# 令牌交换URL token:
token-url: http://10.2.137.42/idp/oauth2/getToken url: ${eban.oauth2.auth-server.base-url}/getToken
refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
logout:
url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
entity-id: tyszhjyglxt
protocol: oauth
token-type: token
user-info:
url: ${eban.oauth2.auth-server.base-url}/getUserInfo
debug: false debug: false