Merge remote-tracking branch 'base-version/main' into dev
This commit is contained in:
chenbowen
@@ -56,7 +56,7 @@
|
|||||||
<!-- 服务保障相关 -->
|
<!-- 服务保障相关 -->
|
||||||
<lock4j.version>2.2.7</lock4j.version>
|
<lock4j.version>2.2.7</lock4j.version>
|
||||||
<!-- 监控相关 -->
|
<!-- 监控相关 -->
|
||||||
<skywalking.version>9.0.0</skywalking.version>
|
<skywalking.version>9.5.0</skywalking.version>
|
||||||
<spring-boot-admin.version>3.4.5</spring-boot-admin.version>
|
<spring-boot-admin.version>3.4.5</spring-boot-admin.version>
|
||||||
<opentracing.version>0.33.0</opentracing.version>
|
<opentracing.version>0.33.0</opentracing.version>
|
||||||
<!-- Test 测试相关 -->
|
<!-- Test 测试相关 -->
|
||||||
|
|||||||
@@ -27,6 +27,12 @@ public class AuthLoginRespVO {
|
|||||||
@Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice")
|
@Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice")
|
||||||
private String refreshToken;
|
private String refreshToken;
|
||||||
|
|
||||||
|
@Schema(description = "客户端编号", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "eban-oauth2-client")
|
||||||
|
private String clientId;
|
||||||
|
|
||||||
|
@Schema(description = "用户类型", requiredMode = Schema.RequiredMode.NOT_REQUIRED, example = "1")
|
||||||
|
private Integer userType;
|
||||||
|
|
||||||
@Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)
|
@Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||||
private LocalDateTime expiresTime;
|
private LocalDateTime expiresTime;
|
||||||
|
|
||||||
|
|||||||
@@ -27,6 +27,7 @@ import com.zt.plat.module.system.enums.user.UserSourceEnum;
|
|||||||
import com.zt.plat.module.system.service.logger.LoginLogService;
|
import com.zt.plat.module.system.service.logger.LoginLogService;
|
||||||
import com.zt.plat.module.system.service.member.MemberService;
|
import com.zt.plat.module.system.service.member.MemberService;
|
||||||
import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service;
|
import com.zt.plat.module.system.service.oauth2.EbanOAuth2Service;
|
||||||
|
import com.zt.plat.module.system.service.oauth2.EbanTokenService;
|
||||||
import com.zt.plat.module.system.service.oauth2.OAuth2TokenService;
|
import com.zt.plat.module.system.service.oauth2.OAuth2TokenService;
|
||||||
import com.zt.plat.module.system.service.social.SocialUserService;
|
import com.zt.plat.module.system.service.social.SocialUserService;
|
||||||
import com.zt.plat.module.system.service.user.AdminUserService;
|
import com.zt.plat.module.system.service.user.AdminUserService;
|
||||||
@@ -72,20 +73,22 @@ public class AdminAuthServiceImpl implements AdminAuthService {
|
|||||||
private SmsCodeApi smsCodeApi;
|
private SmsCodeApi smsCodeApi;
|
||||||
@Resource
|
@Resource
|
||||||
private EbanOAuth2Service ebanOAuth2Service;
|
private EbanOAuth2Service ebanOAuth2Service;
|
||||||
|
@Resource
|
||||||
|
private EbanTokenService ebanTokenService;
|
||||||
@Value("${sync.encrypt-key}")
|
@Value("${sync.encrypt-key}")
|
||||||
private String encryptKey;
|
private String encryptKey;
|
||||||
|
|
||||||
// E办OAuth2配置
|
// E办OAuth2配置
|
||||||
@Value("${eban.oauth2.authorize-url:http://10.2.137.42/idp/oauth2/authorize}")
|
@Value("${eban.oauth2.authorize-url}")
|
||||||
private String ebanAuthorizeUrl;
|
private String ebanAuthorizeUrl;
|
||||||
|
|
||||||
@Value("${eban.oauth2.client-id:tyszhjyglxt}")
|
@Value("${eban.oauth2.client-id}")
|
||||||
private String ebanClientId;
|
private String ebanClientId;
|
||||||
|
|
||||||
@Value("${eban.oauth2.redirect-uri:http://172.16.46.63:30080/system/oauth2/callback}")
|
@Value("${eban.oauth2.redirect-uri}")
|
||||||
private String ebanRedirectUri;
|
private String ebanRedirectUri;
|
||||||
|
|
||||||
@Value("${eban.oauth2.response-type:code}")
|
@Value("${eban.oauth2.response-type}")
|
||||||
private String ebanResponseType;
|
private String ebanResponseType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -308,6 +311,9 @@ public class AdminAuthServiceImpl implements AdminAuthService {
|
|||||||
if (accessTokenDO == null) {
|
if (accessTokenDO == null) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
if (EbanTokenService.EBAN_CLIENT_ID.equals(accessTokenDO.getClientId())) {
|
||||||
|
ebanTokenService.globalLogout(accessTokenDO.getAccessToken(), accessTokenDO.getUserId());
|
||||||
|
}
|
||||||
// 删除成功,则记录登出日志
|
// 删除成功,则记录登出日志
|
||||||
createLogoutLog(accessTokenDO.getUserId(), accessTokenDO.getUserType(), logType);
|
createLogoutLog(accessTokenDO.getUserId(), accessTokenDO.getUserType(), logType);
|
||||||
}
|
}
|
||||||
@@ -460,7 +466,6 @@ public class AdminAuthServiceImpl implements AdminAuthService {
|
|||||||
*/
|
*/
|
||||||
private String buildEbanLoginUrl() {
|
private String buildEbanLoginUrl() {
|
||||||
String state = "login_" + System.currentTimeMillis();
|
String state = "login_" + System.currentTimeMillis();
|
||||||
|
|
||||||
return String.format("%s?client_id=%s&redirect_uri=%s&response_type=%s&state=%s",
|
return String.format("%s?client_id=%s&redirect_uri=%s&response_type=%s&state=%s",
|
||||||
ebanAuthorizeUrl, ebanClientId, ebanRedirectUri, ebanResponseType, state);
|
ebanAuthorizeUrl, ebanClientId, ebanRedirectUri, ebanResponseType, state);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -47,19 +47,19 @@ public class EbanOAuth2ServiceImpl implements EbanOAuth2Service {
|
|||||||
@Resource
|
@Resource
|
||||||
private EbanTokenService ebanTokenService;
|
private EbanTokenService ebanTokenService;
|
||||||
|
|
||||||
@Value("${eban.oauth2.auth-server.base-url:http://10.2.137.42/idp/oauth2}")
|
@Value("${eban.oauth2.auth-server.base-url}")
|
||||||
private String authServerBaseUrl;
|
private String authServerBaseUrl;
|
||||||
|
|
||||||
@Value("${eban.oauth2.auth-server.client-id:tyszhjyglxt}")
|
@Value("${eban.oauth2.auth-server.client-id}")
|
||||||
private String clientId;
|
private String clientId;
|
||||||
|
|
||||||
@Value("${eban.oauth2.auth-server.client-secret:}")
|
@Value("${eban.oauth2.auth-server.client-secret}")
|
||||||
private String clientSecret;
|
private String clientSecret;
|
||||||
|
|
||||||
@Value("${eban.oauth2.user-info.url:http://10.2.137.42/idp/oauth2/getUserInfo}")
|
@Value("${eban.oauth2.user-info.url}")
|
||||||
private String userInfoUrl;
|
private String userInfoUrl;
|
||||||
|
|
||||||
@Value("${eban.oauth2.token.url:http://10.2.137.42/idp/oauth2/getToken}")
|
@Value("${eban.oauth2.token.url}")
|
||||||
private String tokenUrl;
|
private String tokenUrl;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
@@ -9,6 +9,8 @@ import com.zt.plat.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
|
|||||||
*/
|
*/
|
||||||
public interface EbanTokenService {
|
public interface EbanTokenService {
|
||||||
|
|
||||||
|
String EBAN_CLIENT_ID = "eban-oauth2-client";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 创建E办Token信息到现有OAuth2表中
|
* 创建E办Token信息到现有OAuth2表中
|
||||||
*
|
*
|
||||||
@@ -61,4 +63,13 @@ public interface EbanTokenService {
|
|||||||
* @return OAuth2AccessTokenDO
|
* @return OAuth2AccessTokenDO
|
||||||
*/
|
*/
|
||||||
OAuth2AccessTokenDO getEbanTokenByAccessToken(String accessToken);
|
OAuth2AccessTokenDO getEbanTokenByAccessToken(String accessToken);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 调用E办全局登出接口
|
||||||
|
*
|
||||||
|
* @param accessToken E办访问令牌
|
||||||
|
* @param userId 系统用户ID
|
||||||
|
* @return 是否登出成功
|
||||||
|
*/
|
||||||
|
boolean globalLogout(String accessToken, Long userId);
|
||||||
}
|
}
|
||||||
@@ -1,7 +1,6 @@
|
|||||||
package com.zt.plat.module.system.service.oauth2;
|
package com.zt.plat.module.system.service.oauth2;
|
||||||
|
|
||||||
import cn.hutool.core.date.LocalDateTimeUtil;
|
import cn.hutool.core.date.LocalDateTimeUtil;
|
||||||
import cn.hutool.core.map.MapUtil;
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import cn.hutool.http.HttpRequest;
|
import cn.hutool.http.HttpRequest;
|
||||||
import cn.hutool.http.HttpResponse;
|
import cn.hutool.http.HttpResponse;
|
||||||
@@ -36,19 +35,30 @@ public class EbanTokenServiceImpl implements EbanTokenService {
|
|||||||
@Resource
|
@Resource
|
||||||
private OAuth2AccessTokenMapper oauth2AccessTokenMapper;
|
private OAuth2AccessTokenMapper oauth2AccessTokenMapper;
|
||||||
|
|
||||||
@Value("${eban.oauth2.auth-server.client-id:tyszhjyglxt}")
|
@Value("${eban.oauth2.auth-server.client-id}")
|
||||||
private String clientId;
|
private String clientId;
|
||||||
|
|
||||||
@Value("${eban.oauth2.auth-server.client-secret:}")
|
@Value("${eban.oauth2.auth-server.client-secret}")
|
||||||
private String clientSecret;
|
private String clientSecret;
|
||||||
|
|
||||||
@Value("${eban.oauth2.token.refresh-url:http://10.2.137.42/idp/oauth2/refreshToken}")
|
@Value("${eban.oauth2.token.refresh-url}")
|
||||||
private String refreshTokenUrl;
|
private String refreshTokenUrl;
|
||||||
|
|
||||||
@Value("${eban.oauth2.token.check-url:http://10.2.137.42/idp/oauth2/checkTokenValid}")
|
@Value("${eban.oauth2.token.check-url}")
|
||||||
private String checkTokenUrl;
|
private String checkTokenUrl;
|
||||||
|
|
||||||
private static final String EBAN_CLIENT_ID = "eban-oauth2-client";
|
@Value("${eban.oauth2.logout.url}")
|
||||||
|
private String globalLogoutUrl;
|
||||||
|
|
||||||
|
@Value("${eban.oauth2.logout.entity-id}")
|
||||||
|
private String globalLogoutEntityId;
|
||||||
|
|
||||||
|
@Value("${eban.oauth2.logout.protocol}")
|
||||||
|
private String globalLogoutProtocol;
|
||||||
|
|
||||||
|
@Value("${eban.oauth2.logout.token-type}")
|
||||||
|
private String globalLogoutTokenType;
|
||||||
|
|
||||||
private static final String GRANT_TYPE_REFRESH_TOKEN = "refresh_token";
|
private static final String GRANT_TYPE_REFRESH_TOKEN = "refresh_token";
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -62,7 +72,7 @@ public class EbanTokenServiceImpl implements EbanTokenService {
|
|||||||
}
|
}
|
||||||
|
|
||||||
LocalDateTime expiresTime = calculateExpiresTime(expiresIn);
|
LocalDateTime expiresTime = calculateExpiresTime(expiresIn);
|
||||||
Map<String, String> userInfoMap = MapUtil.newHashMap(6, false);
|
Map<String, String> userInfoMap = new HashMap<>(6);
|
||||||
if (StrUtil.isNotBlank(userInfo.getLoginName())) {
|
if (StrUtil.isNotBlank(userInfo.getLoginName())) {
|
||||||
userInfoMap.put("username", userInfo.getLoginName());
|
userInfoMap.put("username", userInfo.getLoginName());
|
||||||
}
|
}
|
||||||
@@ -152,7 +162,17 @@ public class EbanTokenServiceImpl implements EbanTokenService {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void deleteEbanToken(Long userId) {
|
public void deleteEbanToken(Long userId) {
|
||||||
if (oauth2AccessTokenMapper.deleteByUserIdAndClientId(userId, EBAN_CLIENT_ID) > 0) {
|
OAuth2AccessTokenDO tokenDO = getEbanTokenByUserId(userId);
|
||||||
|
if (tokenDO == null) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
globalLogout(tokenDO.getAccessToken(), userId);
|
||||||
|
|
||||||
|
int rows = tokenDO.getId() != null
|
||||||
|
? oauth2AccessTokenMapper.deleteById(tokenDO.getId())
|
||||||
|
: oauth2AccessTokenMapper.deleteByUserIdAndClientId(userId, EBAN_CLIENT_ID);
|
||||||
|
if (rows > 0) {
|
||||||
log.info("已删除用户{}的E办Token", userId);
|
log.info("已删除用户{}的E办Token", userId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -187,6 +207,72 @@ public class EbanTokenServiceImpl implements EbanTokenService {
|
|||||||
return StrUtil.equalsIgnoreCase(json.getStr("result"), "true");
|
return StrUtil.equalsIgnoreCase(json.getStr("result"), "true");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean globalLogout(String accessToken, Long userId) {
|
||||||
|
String entityId = StrUtil.blankToDefault(globalLogoutEntityId, clientId);
|
||||||
|
String protocol = StrUtil.blankToDefault(globalLogoutProtocol, "oauth");
|
||||||
|
String tokenType = StrUtil.blankToDefault(globalLogoutTokenType, "token");
|
||||||
|
|
||||||
|
if (StrUtil.isBlank(entityId)) {
|
||||||
|
log.warn("调用E办全局登出时缺少entityId配置,userId={}", userId);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (StrUtil.isBlank(accessToken) && !StrUtil.equalsIgnoreCase(tokenType, "fromWeb")) {
|
||||||
|
log.warn("调用E办全局登出时缺少accessToken,userId={},tokenType={}", userId, tokenType);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
Map<String, Object> params = new HashMap<>(4);
|
||||||
|
params.put("entityId", entityId);
|
||||||
|
params.put("protocol", protocol);
|
||||||
|
params.put("tokenType", tokenType);
|
||||||
|
if (StrUtil.isNotBlank(accessToken)) {
|
||||||
|
params.put("token", accessToken);
|
||||||
|
}
|
||||||
|
|
||||||
|
HttpResponse response = HttpRequest.get(globalLogoutUrl)
|
||||||
|
.form(params)
|
||||||
|
.timeout(10000)
|
||||||
|
.execute();
|
||||||
|
if (!response.isOk()) {
|
||||||
|
log.error("调用E办全局登出失败,userId={},状态码={},响应={}", userId, response.getStatus(), response.body());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
JSONObject json = parseJson(response.body());
|
||||||
|
if (json.isEmpty()) {
|
||||||
|
log.warn("调用E办全局登出返回空响应,userId={},body={}", userId, response.body());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (json.containsKey("errcode")) {
|
||||||
|
log.warn("调用E办全局登出返回错误,userId={},错误码={},信息={}", userId, json.getStr("errcode"), json.getStr("msg"));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
boolean success = false;
|
||||||
|
String result = json.getStr("result");
|
||||||
|
if (StrUtil.isNotBlank(result)) {
|
||||||
|
success = StrUtil.equalsIgnoreCase(result, "true")
|
||||||
|
|| StrUtil.equalsIgnoreCase(result, "success")
|
||||||
|
|| StrUtil.equalsIgnoreCase(result, "ok");
|
||||||
|
}
|
||||||
|
if (!success && json.containsKey("success")) {
|
||||||
|
success = Boolean.TRUE.equals(json.getBool("success"));
|
||||||
|
}
|
||||||
|
if (!success && json.containsKey("status")) {
|
||||||
|
success = StrUtil.equalsIgnoreCase(json.getStr("status"), "200")
|
||||||
|
|| StrUtil.equalsIgnoreCase(json.getStr("status"), "success")
|
||||||
|
|| StrUtil.equalsIgnoreCase(json.getStr("status"), "true");
|
||||||
|
}
|
||||||
|
|
||||||
|
if (success) {
|
||||||
|
log.info("调用E办全局登出成功,userId={}", userId);
|
||||||
|
} else {
|
||||||
|
log.warn("调用E办全局登出未返回明确成功标识,userId={},响应={}", userId, json);
|
||||||
|
}
|
||||||
|
return success;
|
||||||
|
}
|
||||||
|
|
||||||
private LocalDateTime calculateExpiresTime(Integer expiresIn) {
|
private LocalDateTime calculateExpiresTime(Integer expiresIn) {
|
||||||
int seconds = expiresIn != null && expiresIn > 0 ? expiresIn : 3600;
|
int seconds = expiresIn != null && expiresIn > 0 ? expiresIn : 3600;
|
||||||
return LocalDateTimeUtil.offset(LocalDateTime.now(), seconds, ChronoUnit.SECONDS);
|
return LocalDateTimeUtil.offset(LocalDateTime.now(), seconds, ChronoUnit.SECONDS);
|
||||||
|
|||||||
@@ -207,20 +207,26 @@ zt:
|
|||||||
# E办OAuth2配置文件
|
# E办OAuth2配置文件
|
||||||
eban:
|
eban:
|
||||||
oauth2:
|
oauth2:
|
||||||
# E办OAuth2服务端配置
|
authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
|
||||||
|
client-id: tyszhjyglxt
|
||||||
|
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
|
||||||
|
redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
|
||||||
|
response-type: code
|
||||||
auth-server:
|
auth-server:
|
||||||
base-url: http://10.2.137.42/idp/oauth2
|
base-url: http://10.2.137.42/idp/oauth2
|
||||||
client-id: tyszhjyglxt
|
client-id: ${eban.oauth2.client-id}
|
||||||
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从e办系统获取
|
client-secret: ${eban.oauth2.client-secret}
|
||||||
callback-uri: http://172.16.46.63:30080/system/oauth2/callback
|
|
||||||
|
|
||||||
# 用户信息获取配置
|
|
||||||
user-info:
|
|
||||||
url: http://10.2.137.42/idp/oauth2/getUserInfo
|
|
||||||
|
|
||||||
# 令牌交换配置
|
|
||||||
token:
|
token:
|
||||||
url: http://10.2.137.42/idp/oauth2/getToken
|
url: ${eban.oauth2.auth-server.base-url}/getToken
|
||||||
|
refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
|
||||||
|
check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
|
||||||
|
logout:
|
||||||
|
url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
|
||||||
|
entity-id: tyszhjyglxt
|
||||||
|
protocol: oauth
|
||||||
|
token-type: token
|
||||||
|
user-info:
|
||||||
|
url: ${eban.oauth2.auth-server.base-url}/getUserInfo
|
||||||
|
|
||||||
debug: false
|
debug: false
|
||||||
|
|
||||||
|
|||||||
@@ -252,7 +252,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
|
|||||||
deptMapper.insert(parentDept);
|
deptMapper.insert(parentDept);
|
||||||
|
|
||||||
// mock 同级重名部门
|
// mock 同级重名部门
|
||||||
String duplicateName = randomString(6);
|
String duplicateName = randomString();
|
||||||
DeptDO deptDO = randomPojo(DeptDO.class, o -> {
|
DeptDO deptDO = randomPojo(DeptDO.class, o -> {
|
||||||
o.setParentId(parentDept.getId());
|
o.setParentId(parentDept.getId());
|
||||||
o.setName(duplicateName);
|
o.setName(duplicateName);
|
||||||
@@ -268,7 +268,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
|
|||||||
@Test
|
@Test
|
||||||
public void testValidateDeptNameUnique_topLevelDuplicateAllowed() {
|
public void testValidateDeptNameUnique_topLevelDuplicateAllowed() {
|
||||||
// mock 顶级部门
|
// mock 顶级部门
|
||||||
String duplicateName = randomString(6);
|
String duplicateName = randomString();
|
||||||
DeptDO topLevelDept = randomPojo(DeptDO.class, o -> {
|
DeptDO topLevelDept = randomPojo(DeptDO.class, o -> {
|
||||||
o.setParentId(DeptDO.PARENT_ID_ROOT);
|
o.setParentId(DeptDO.PARENT_ID_ROOT);
|
||||||
o.setName(duplicateName);
|
o.setName(duplicateName);
|
||||||
@@ -294,7 +294,7 @@ public class DeptServiceImplTest extends BaseDbUnitTest {
|
|||||||
}).setDeptSource(null);
|
}).setDeptSource(null);
|
||||||
deptMapper.insert(parentB);
|
deptMapper.insert(parentB);
|
||||||
|
|
||||||
String duplicateName = randomString(6);
|
String duplicateName = randomString();
|
||||||
DeptDO childUnderA = randomPojo(DeptDO.class, o -> {
|
DeptDO childUnderA = randomPojo(DeptDO.class, o -> {
|
||||||
o.setParentId(parentA.getId());
|
o.setParentId(parentA.getId());
|
||||||
o.setName(duplicateName);
|
o.setName(duplicateName);
|
||||||
|
|||||||
@@ -349,18 +349,26 @@ zt:
|
|||||||
# E办OAuth2配置文件
|
# E办OAuth2配置文件
|
||||||
eban:
|
eban:
|
||||||
oauth2:
|
oauth2:
|
||||||
# E办OAuth2登录配置
|
authorize-url: ${eban.oauth2.auth-server.base-url}/authorize
|
||||||
authorize-url: http://10.2.137.42/idp/oauth2/authorize
|
|
||||||
client-id: tyszhjyglxt
|
client-id: tyszhjyglxt
|
||||||
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从e办系统获取
|
client-secret: fa821b567e59448e9acea3937529d1b4 # 需要从 e 办系统获取
|
||||||
redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
|
redirect-uri: http://172.16.46.63:30080/system/oauth2/callback
|
||||||
response-type: code
|
response-type: code
|
||||||
|
auth-server:
|
||||||
# 用户信息获取URL
|
base-url: http://10.2.137.42/idp/oauth2
|
||||||
user-info-url: http://10.2.137.42/idp/oauth2/getUserInfo
|
client-id: ${eban.oauth2.client-id}
|
||||||
|
client-secret: ${eban.oauth2.client-secret}
|
||||||
# 令牌交换URL
|
token:
|
||||||
token-url: http://10.2.137.42/idp/oauth2/getToken
|
url: ${eban.oauth2.auth-server.base-url}/getToken
|
||||||
|
refresh-url: ${eban.oauth2.auth-server.base-url}/refreshToken
|
||||||
|
check-url: ${eban.oauth2.auth-server.base-url}/checkTokenValid
|
||||||
|
logout:
|
||||||
|
url: http://10.2.137.42/idp/profile/AllChannel/Redirect/GLO
|
||||||
|
entity-id: tyszhjyglxt
|
||||||
|
protocol: oauth
|
||||||
|
token-type: token
|
||||||
|
user-info:
|
||||||
|
url: ${eban.oauth2.auth-server.base-url}/getUserInfo
|
||||||
|
|
||||||
debug: false
|
debug: false
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user