Merge branch 'develop' of http://58.210.154.140:8888/iidi/backend/bocloud.sms into develop

bocloud.sms.booter/src/main/java/com/bocloud/sms/booter/controller/TrxController.java

@@ -32,6 +32,20 @@ public class TrxController {
         return generalResult;
     }
 
+    /**
+     * 单点登录验证token
+     *
+     * @param ngxCookie
+     * @return randomstr
+     */
+    @GetMapping("/soft/randomstr")
+    @Operation(summary = "获取SoftRandomstr")
+    public GeneralResult<String> getSoftRandomstr(@RequestParam(value = "ngxCookie") String ngxCookie,
+                                                  @RequestParam(value = "account") String account) {
+        GeneralResult generalResult = trxService.getSoftRandomstr(ngxCookie, account);
+        return generalResult;
+    }
+
     @PostMapping("/login")
     @Operation(summary = "用户登录")
     public GeneralResult<String> getAuthToken(@RequestBody TrxAuthModel trxAuthModel,
@@ -42,6 +56,16 @@ public class TrxController {
         return generalResult;
     }
 
+    @PostMapping("/softlogin")
+    @Operation(summary = "用户登录")
+    public GeneralResult<String> getSoftAuthToken(@RequestBody TrxAuthModel trxAuthModel,
+                                                  HttpServletRequest request) {
+        String ipAddress = trxService.getRequestIpAddress(request);
+        trxAuthModel.setClientIp(ipAddress);
+        GeneralResult generalResult = trxService.getpwdAuthen(trxAuthModel);
+        return generalResult;
+    }
+
     @PostMapping("/logout")
     @Operation(summary = "天融信用户登出")
     public GeneralResult<String> logout(@RequestBody TrxAuthModel trxAuthModel,

bocloud.sms.service/src/main/java/com/bocloud/sms/interfaces/TrxService.java

@@ -7,8 +7,12 @@ import jakarta.servlet.http.HttpServletRequest;
 public interface TrxService {
     GeneralResult getRandomstr(String ngxCookie);
 
+    GeneralResult getSoftRandomstr(String ngxCookie, String account);
+
     GeneralResult getAuthToken(TrxAuthModel trxAuthModel);
 
+    GeneralResult getpwdAuthen(TrxAuthModel trxAuthModel);
+
     GeneralResult logout(TrxAuthModel trxAuthModel);
 
     String getRequestIpAddress(HttpServletRequest request);

bocloud.sms.service/src/main/java/com/bocloud/sms/service/IndexServiceImpl.java

@@ -78,8 +78,8 @@ public class IndexServiceImpl implements IndexService {
                 }
             }
 
-            resultMap.put("waitDoneTotal", waitDoneTotal);
+            resultMap.put("waitDoneTotal", jsonObject.getInteger("todoCount"));
-            resultMap.put("doneTotal", doneTotal);
+            resultMap.put("doneTotal", jsonObject.getInteger("doneCount"));
 
             return new GeneralResult(true, resultMap, "查询成功");
         } catch (Exception e) {
@@ -96,6 +96,7 @@ public class IndexServiceImpl implements IndexService {
         param.put("page", 1);
         param.put("limit", Integer.MAX_VALUE);
         String result = ykUtil.call(YkInfo.getTaskList, param, JSONArray.class);
+        log.info("result:{}",result);
         JSONObject jsonObject = JSONArray.parseObject(result, JSONObject.class);
         return jsonObject;
     }

bocloud.sms.service/src/main/java/com/bocloud/sms/service/TrxServiceImpl.java

@@ -15,7 +15,9 @@ import com.bocloud.sms.interfaces.TrxService;
 import com.bocloud.sms.model.*;
 import com.bocloud.sms.repository.RoleRepository;
 import com.bocloud.sms.repository.UserRepository;
+import com.bocloud.sms.service.utils.MessageDigestUtils;
 import com.bocloud.sms.service.utils.QxUtils;
+import com.bocloud.sms.service.utils.Sha256Util;
 import com.bocloud.sms.service.utils.YkUtils;
 import com.google.gson.Gson;
 import com.google.gson.reflect.TypeToken;
@@ -31,6 +33,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Service;
 import org.springframework.util.ObjectUtils;
+
 import java.lang.reflect.Type;
 import java.util.*;
 import java.util.stream.Collectors;
@@ -77,6 +80,31 @@ public class TrxServiceImpl implements TrxService {
         return new GeneralResult(true, result.getString("result"), "获取随机数成功");
     }
 
+    @Override
+    public GeneralResult getSoftRandomstr(String ngxCookie, String account) {
+        String url = trxUrl + "/getRandomStr";
+        Map<String, String> paramsMap = new HashMap<>();
+        paramsMap.put("isToken", "false");
+        paramsMap.put("ngx_cookie", ngxCookie);
+        JSONObject result;
+        try {
+            HttpRequest httpRequest = HttpRequest.get(url)
+                    .addHeaders(paramsMap);
+            httpRequest.cookie("ngx_cookie=" + ngxCookie + ";account=" + account);
+            log.info("调用天融信获取软随机字符串接口, url:" + httpRequest.getUrl() + "请求头：" + JSONObject.toJSONString(httpRequest.headers()));
+            log.info("调用天融信获取随机字符串接口, 请求信息:" + JSONObject.toJSONString(httpRequest));
+            HttpResponse response = httpRequest.execute();
+            result = JSONObject.parseObject(response.body());
+            if ("-1".equals(result.getString("result"))) {
+                return new GeneralResult(false, "获取随机数失败" + result.getString("errmsg"));
+            }
+        } catch (Exception e) {
+            log.error("调用天融信获取随机字符串失败", e);
+            return new GeneralResult(false, "获取随机数失败" + e.getMessage());
+        }
+        return new GeneralResult(true, result.getString("result"), "获取随机数成功");
+    }
+
 
     @Override
     public GeneralResult getAuthToken(TrxAuthModel trxAuthModel) {
@@ -87,7 +115,7 @@ public class TrxServiceImpl implements TrxService {
         List<Map<String, Object>> authenList = new ArrayList<>();
         Map<String, Object> userMap = new HashMap<>();
         userMap.put("loginName", trxAuthModel.getLoginName());
-        userMap.put("passwd", trxAuthModel.getPasswd());
+        userMap.put("passwd", trxAuthModel.getPassword());
         authenList.add(userMap);
 
         Map<String, Object> md5Map = new HashMap<>();
@@ -143,6 +171,55 @@ public class TrxServiceImpl implements TrxService {
         return login;
     }
 
+    @Override
+    public GeneralResult getpwdAuthen(TrxAuthModel trxAuthModel) {
+        String url = trxUrl + "/pwdAuthen";
+        String s1 = MessageDigestUtils.encrypt(trxAuthModel.getPassword(), MessageDigestUtils.SHA_256);
+        log.info("密码s1   sha256值:" + s1);
+        log.info("getRandoms 值:" + trxAuthModel.getRandoms());
+        log.info("待加密 值:" + trxAuthModel.getRandoms()+s1);
+        String rs1 = MessageDigestUtils.encrypt(trxAuthModel.getRandoms()+s1, MessageDigestUtils.SHA_256);
+        log.info("密码rs1  sha256值:" + rs1);
+
+        Map<String, Object> paramsMap = new HashMap<>();
+        paramsMap.put("cookie", trxAuthModel.getClientHello());
+        paramsMap.put("confusn_pwd", rs1);
+        paramsMap.put("client_ip", trxAuthModel.getClientIp());
+        JSONObject result = new JSONObject();
+        GeneralResult<Map<String, Object>> login = new GeneralResult<>();
+        try {
+            HttpRequest httpRequest = HttpRequest.post(url)
+                    .header("isToken", "false")
+                    .body(JSONObject.toJSONString(paramsMap));
+            log.info("调用天融信用户软key登录接口, 请求信息:" + JSONObject.toJSONString(httpRequest));
+            HttpResponse response = httpRequest.execute();
+            result = JSONObject.parseObject(response.body());
+            if (!"0".equals(result.getString("result"))) {
+                return new GeneralResult(false, "用户登录天融信失败" + result.getString("errmsg"));
+            }
+            String trxToken = result.getString("token");
+            String userId = result.getString("user_id");
+
+            // 处理ukey登录用户
+            log.info("开始软Key登录用户入库, userId:" + userId);
+            saveUserByTrx(userId);
+            log.info("软Key登录用户入库结束");
+            // 登录
+            log.info("开始软Key登录用户登录云管平台");
+            User user = userRepository.getByUserId(userId);
+            Encryptor encryptor = new AESEncryptor();
+            String password = encryptor.encrypt(userId + "CMP", null);
+            login = userServiceImpl.login(user.getAccount(), password, null, null, true);
+            login.getData().put("trxToken", trxToken);
+            log.info("软Key登录用户登录云管平台结束");
+        } catch (Exception e) {
+            log.error("用户登录失败：", e);
+            return new GeneralResult(false, "用户登录失败" + e.getMessage());
+        }
+        return login;
+
+    }
+
     private void saveUserByTrx(String userId) {
         User user = userRepository.getByUserId(userId);
         // 根据userId获取运控系统用户信息
@@ -249,7 +326,8 @@ public class TrxServiceImpl implements TrxService {
         // 获取运控系统应用列表
         String sysAppList = redisTemplate.opsForValue().get("SYS_APP_LIST");
         Gson gson = new Gson();
-        Type listType = new TypeToken<List<AppEntity>>() {}.getType();
+        Type listType = new TypeToken<List<AppEntity>>() {
+        }.getType();
         List<AppEntity> appList = gson.fromJson(sysAppList, listType);
 
         List<AppPerm> permList = JSONArray.parseArray(qxUtils.queryApp(userToken, userId), AppPerm.class);
@@ -270,7 +348,7 @@ public class TrxServiceImpl implements TrxService {
     }
 
     // 获取天融信用户在权限系统的门户应用的菜单
-    public List<AppModule> queryQxCategoryList(String userToken ,String userId) {
+    public List<AppModule> queryQxCategoryList(String userToken, String userId) {
         List<AppModule> appModules = JSONArray.parseArray(qxUtils.queryAppModules(userToken, userId), AppModule.class);
         log.info("获取用户在指定应用中可操作的功能模块信息结果:" + JSONObject.toJSONString(appModules));
         return appModules;

bocloud.sms.service/src/main/java/com/bocloud/sms/service/utils/MessageDigestUtils.java

@@ -0,0 +1,147 @@
+package com.bocloud.sms.service.utils;
+
+
+import lombok.extern.slf4j.Slf4j;
+
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * 加密工具类
+ *
+ * <pre>
+ * 采用消息摘要加密算法，支持如下算法：
+ * MD2     The MD2 message digest algorithm as defined in RFC 1319.
+ * MD5     The MD5 message digest algorithm as defined in RFC 1321.
+ * SHA-1   Hash algorithms defined in the FIPS PUB 180-2.
+ * SHA-256 SHA-256 is a 256-bit hash function intended to provide 128 bits of security against collision attacks,
+ * SHA-384 while SHA-512 is a 512-bit hash function intended to provide 256 bits of security. A 384-bit hash may
+ * SHA-512 be obtained by truncating the SHA-512 output.
+ * </pre>
+ *
+ * @author Shawpin Shi
+ * @since 2016-9-1
+ */
+@Slf4j
+public class MessageDigestUtils {
+
+    private final static char[] HEX_ARRAY = "0123456789abcdef".toCharArray();
+
+    /**
+     * MD5加密(128bit,16byte,32hex)<br>
+     * Message Digest Algorithm MD5（消息摘要算法第五版）
+     */
+    public static final String MD5 = "MD5";
+
+    /**
+     * SHA-1加密(160bit,20byte,40hex)<br>
+     * 安全哈希算法（Secure Hash Algorithm）<br>
+     * SHA家族的五个算法，分别是SHA-1、SHA-224、SHA-256、SHA-384，和SHA-512， 由美国国家安全局（NSA）所设计，<br>
+     * 并由美国国家标准与技术研究院（NIST）发布； 后四者有时并称为SHA-2。<br>
+     * 特别注意：Java目前不支持SHA-224算法。
+     */
+    public static final String SHA_1 = "SHA-1";
+
+    /**
+     * SHA-256加密(256bit,64hex)
+     */
+    public static final String SHA_256 = "SHA-256";
+
+    /**
+     * SHA-384加密(384bit,96hex)
+     */
+    public static final String SHA_384 = "SHA-384";
+
+    /**
+     * SHA-512加密(512bit,64byte,128hex)
+     */
+    public static final String SHA_512 = "SHA-512";
+
+    /**
+     * 根据指定的算法名称加密
+     *
+     * @author Shawpin Shi
+     * @since 2016-9-1
+     */
+    public static String encrypt(String source, String algorithmName) {
+        return encrypt(source, algorithmName, StandardCharsets.UTF_8);
+    }
+
+    /**
+     * 根据指定的算法名称加密(支持指定字符串序列化字符集)
+     *
+     * @author Shawpin Shi
+     * @since 2020-12-03
+     */
+    public static String encrypt(String source, String algorithmName, Charset charset) {
+        String ciphertext = null;
+        MessageDigest md;
+        try {
+            md = MessageDigest.getInstance(algorithmName);
+            byte[] digest = md.digest(source.getBytes(charset));
+            ciphertext = byteToHexString(digest);
+        } catch (NoSuchAlgorithmException e) {
+            log.error(e.getMessage(), e);
+        }
+
+        return ciphertext;
+    }
+
+    /**
+     * 根据指定的算法和盐值加密
+     *
+     * @author Shawpin Shi
+     * @since 2016-9-1
+     */
+    public static String encryptWithSalt(String source, String salt, String algorithmName) {
+        String newSource = source + "@" + salt;
+        return encrypt(newSource, algorithmName);
+    }
+
+    /**
+     * 将字节数转化成16进制的字符串
+     *
+     * @author Shawpin Shi
+     * @since 2016-9-1
+     * @since 2017-9-29 调用高效的工具类
+     */
+    private static String byteToHexString(byte[] bytes) {
+        int len = bytes.length;
+        if (len > Integer.MAX_VALUE >> 1) {
+            throw new RuntimeException("字节数组的长度不能超过" + (Integer.MAX_VALUE >> 1));
+        }
+
+        int newLen = len << 1;// len * 2
+        char[] hexChars = new char[newLen];
+
+        int v, index;
+
+        for (int i = 0; i < len; i++) {
+            v = bytes[i] & 0xFF; // 保留低8位，高24位置0
+            index = i << 1;// i * 2
+            hexChars[index] = HEX_ARRAY[v >>> 4];
+            hexChars[index + 1] = HEX_ARRAY[v & 0x0F];
+        }
+        return new String(hexChars);
+    }
+
+
+    /**
+     * Test
+     */
+    public static void main(String[] args) {
+        String source = "0aece0ff48aafb9c481826d13ef5e3c8b74e44b4584b28a0fe499aee108227e8db8470f4b9f9ac5d2ab508a9ff84312da9f1646a8b5ed6570fd2f27790460e47";
+        System.out.println("Source String:" + source);
+        System.out.println("Encrypted String:");
+        System.out.println("Use MD5:     " + MessageDigestUtils.encrypt(source, MessageDigestUtils.MD5));
+        System.out.println("Use SHA-1:   " + MessageDigestUtils.encrypt(source, MessageDigestUtils.SHA_1));
+        System.out.println("Use SHA-256: " + MessageDigestUtils.encrypt(source, MessageDigestUtils.SHA_256));
+        System.out.println("Use SHA-384: " + MessageDigestUtils.encrypt(source, MessageDigestUtils.SHA_384));
+        System.out.println("Use SHA-512: " + MessageDigestUtils.encrypt(source, MessageDigestUtils.SHA_512));
+
+        System.out.println("MD5 Salt:    " + MessageDigestUtils.encryptWithSalt(source, "sxp", MessageDigestUtils.MD5));
+    }
+
+}

bocloud.sms.service/src/main/java/com/bocloud/sms/service/utils/Sha256Util.java

@@ -0,0 +1,60 @@
+package com.bocloud.sms.service.utils;
+
+import com.alibaba.excel.EasyExcel;
+import com.alibaba.excel.metadata.Head;
+import com.alibaba.excel.write.builder.ExcelWriterBuilder;
+import com.alibaba.excel.write.handler.CellWriteHandler;
+import com.alibaba.excel.write.metadata.holder.WriteSheetHolder;
+import com.alibaba.excel.write.metadata.holder.WriteTableHolder;
+import com.alibaba.excel.write.metadata.style.WriteCellStyle;
+import com.alibaba.excel.write.metadata.style.WriteFont;
+import com.alibaba.excel.write.style.HorizontalCellStyleStrategy;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.poi.hssf.usermodel.*;
+import org.apache.poi.ss.usermodel.*;
+import org.apache.poi.ss.util.CellRangeAddressList;
+import org.apache.poi.xssf.usermodel.*;
+
+import java.io.IOException;
+import java.math.BigDecimal;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+import java.util.Map;
+
+
+/**
+ * @author tyl
+ * @time 2020/9/8 周二 16:19
+ */
+@Slf4j
+public class Sha256Util {
+
+    /**
+     * 对字符串进行SHA-256计算
+     * @return
+     */
+    public static String sha256(String input) {
+        try {
+            MessageDigest digest = MessageDigest.getInstance("SHA-256");
+            byte[] hash = digest.digest(input.getBytes());
+            StringBuilder hexString = new StringBuilder();
+
+            for (byte b : hash) {
+                String hex = Integer.toHexString(0xff & b);
+                if (hex.length() == 1) {
+                    hexString.append('0');
+                }
+                hexString.append(hex);
+            }
+            return hexString.toString();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+            return null;
+        }
+    }
+
+}

bocloud.sms.storage/src/main/java/com/bocloud/sms/model/TrxAuthModel.java

@@ -5,9 +5,10 @@ import lombok.Data;
 @Data
 public class TrxAuthModel {
     private String loginName;
-    private String passwd;
+    private String password;
     private String clientHello; // cookie
     private String serverHello; // certMd5
     private String trxToken;
     private String clientIp;
+    private String randoms;
 }