飞机维修厂现场集成AD域单点登录

pom.xml

@@ -21,6 +21,12 @@
     </properties>
 
     <dependencies>
+
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+            <version>2.0.2</version>
+        </dependency>
         <dependency>
             <groupId>com.keymobile.authservice</groupId>
             <artifactId>common</artifactId>

src/main/java/com/keymobile/sso/SsoApplication.java

@@ -4,10 +4,11 @@ import com.keymobile.authservice.component.SecurityConfig;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+import org.springframework.cloud.openfeign.EnableFeignClients;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.FilterType;
 import org.springframework.context.annotation.PropertySource;
-
+@EnableFeignClients
 @SpringBootApplication
 @EnableDiscoveryClient
 @ComponentScan(basePackages = {"com.keymobile.sso",

src/main/java/com/keymobile/sso/conf/OpenAPIConfig.java

+package com.keymobile.sso.conf;
+
+import io.swagger.v3.oas.models.OpenAPI;
+import io.swagger.v3.oas.models.info.Info;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class OpenAPIConfig {
+
+    @Bean
+    public OpenAPI openAPI() {
+        Info info = new Info()
+                .title("sso API文档")
+                .description("sso API文档");
+        return new OpenAPI().info(info);
+    }
+
+}

src/main/java/com/keymobile/sso/conf/RESTAuthenticationEntryPoint.java

@@ -14,7 +14,7 @@ public class RESTAuthenticationEntryPoint implements AuthenticationEntryPoint {
     @Override
     public void commence(HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AuthenticationException authException)
             throws IOException {
-        response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
     }
 
 }

src/main/java/com/keymobile/sso/conf/SsoSecurityConfig.java

@@ -38,6 +38,7 @@ public class SsoSecurityConfig {
     @Bean
     protected SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http.authorizeHttpRequests((request) -> {
+            request.requestMatchers("/adApi/**").permitAll();
             request.anyRequest().authenticated();
         });
         http.csrf((httpSecurityCsrfConfigurer) -> {

src/main/java/com/keymobile/sso/exception/LdapException.java

+package com.keymobile.sso.exception;
+
+/**
+ * @author xiesh
+ * @version 1.0.0
+ * @date 2024/11/21
+ * @desc
+ */
+public class LdapException extends Exception{
+
+    private static final long serialVersionUID = 1L;
+
+    public LdapException(String errorMsg) {
+        super(errorMsg);
+    }
+
+    public LdapException(String errorMsg, Throwable cause) {
+        super(errorMsg, cause);
+    }
+
+}

src/main/java/com/keymobile/sso/persistence/LdapInfoRepository.java

+package com.keymobile.sso.persistence;
+import com.keymobile.sso.persistence.model.LdapInfo;
+import jakarta.transaction.Transactional;
+import org.springframework.data.repository.CrudRepository;
+
+@Transactional
+public interface LdapInfoRepository extends CrudRepository<LdapInfo, String> {
+}

src/main/java/com/keymobile/sso/persistence/LdapWhiteListRepository.java

+package com.keymobile.sso.persistence;
+import com.keymobile.sso.persistence.model.LdapWhiteList;
+import jakarta.transaction.Transactional;
+import org.springframework.data.repository.CrudRepository;
+
+
+@Transactional
+public interface LdapWhiteListRepository extends CrudRepository<LdapWhiteList, String> {
+
+}

src/main/java/com/keymobile/sso/persistence/model/LdapInfo.java

+package com.keymobile.sso.persistence.model;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+
+/**
+ * @author xiesh
+ * @version 1.0.0
+ * @date 2024/4/26
+ * @desc
+ */
+
+@Entity
+@Table(name = "sso_ldap_info")
+public class LdapInfo {
+
+    @Id
+    private String id;
+    @Column(name = "HOST", nullable = false)
+    private String host;
+    @Column(name = "PORT", nullable = false)
+    private String port;
+    @Column(name = "USER_NAME", nullable = false)
+    private String username;
+    @Column(name = "PASSWORD", nullable = false)
+    private String password;
+    @Column(name = "DN", nullable = false)
+    private String dn;
+
+
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    public String getHost() {
+        return host;
+    }
+
+    public void setHost(String host) {
+        this.host = host;
+    }
+
+    public String getPort() {
+        return port;
+    }
+
+    public void setPort(String port) {
+        this.port = port;
+    }
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getDn() {
+        return dn;
+    }
+
+    public void setDn(String dn) {
+        this.dn = dn;
+    }
+}

src/main/java/com/keymobile/sso/persistence/model/LdapWhiteList.java

+package com.keymobile.sso.persistence.model;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+
+/**
+ * @author xiesh
+ * @version 1.0.0
+ * @date 2024/4/26
+ * @desc
+ */
+
+@Entity
+@Table(name = "sso_ldap_white_list")
+public class LdapWhiteList {
+
+    @Id
+    @Column(name = "USER_NAME", nullable = false)
+    private String username;
+    @Column(name = "DNAME")
+    private String dname;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+}

src/main/java/com/keymobile/sso/service/ADService.java

+package com.keymobile.sso.service;
+
+import com.keymobile.sso.persistence.model.LdapInfo;
+import com.keymobile.sso.persistence.model.LdapWhiteList;
+import jakarta.servlet.http.HttpServletRequest;
+
+import java.util.List;
+
+/**
+ * @author xiesh
+ * @version 1.0.0
+ * @date 2024/11/20
+ * @desc ad域服务
+ */
+public interface ADService {
+
+
+    LdapInfo saveLdapInfo(LdapInfo ldapInfo);
+
+    LdapInfo getLdapInfo();
+
+    void deleteLdapInfo();
+
+    String ldapAuthentication(String username, String password);
+
+    String login(HttpServletRequest request, String username, String password);
+
+    LdapWhiteList saveWhiteList(LdapWhiteList whiteList);
+
+    void deleteWhiteList(String username);
+
+    List<LdapWhiteList> listWhiteList();
+
+    void syncUser();
+
+}

src/main/java/com/keymobile/sso/service/AuthRemoteService.java

+package com.keymobile.sso.service;
+
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
+import java.util.Map;
+
+@FeignClient(value = "authService")
+public interface AuthRemoteService {
+
+    @RequestMapping(value = "/users/findByName")
+    List<Map<String, Object>> getUserByName(@RequestParam(value = "match") String match);
+
+    @PostMapping(value = "/users")
+    Map<String, Object> addUser(@RequestBody Map<String, Object> user);
+
+    @PostMapping(value = "/users/{userId}")
+    Map<String, Object> updateUser(@PathVariable(value = "userId") Long userId, @RequestBody Map<String, Object> user);
+
+}

src/main/java/com/keymobile/sso/util/AES.java

+package com.keymobile.sso.util;
+
+import org.apache.commons.lang.StringUtils;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+
+public class AES {
+    //编码方式
+    public static final String CODE_TYPE = "UTF-8";
+
+    //填充类型
+    public static final String AES_TYPE = "AES/ECB/PKCS5Padding";
+
+    //私钥
+    private static String AES_KEY = "4444111133332222";   //AES固定格式为128/192/256 bits.即：16/24/32bytes。DES固定格式为128bits，即8bytes。
+
+    /**
+     * 加密
+     *
+     * @param cleartext
+     * @return
+     */
+    public static String encrypt(String cleartext) {
+        //加密方式： AES128(CBC/PKCS5Padding) + Base64, 私钥：1111222233334444
+        try {
+            if(StringUtils.isNotBlank(cleartext)){
+                //IvParameterSpec zeroIv = new IvParameterSpec(VIPARA.getBytes());
+                //两个参数，第一个为私钥字节数组， 第二个为加密方式 AES或者DES
+                SecretKeySpec key = new SecretKeySpec(AES_KEY.getBytes(StandardCharsets.UTF_8), "AES");
+                //实例化加密类，参数为加密方式，要写全
+                Cipher cipher = Cipher.getInstance(AES_TYPE); //PKCS5Padding比PKCS7Padding效率高，PKCS7Padding可支持IOS加解密
+                //初始化，此方法可以采用三种方式，按加密算法要求来添加。（1）无第三个参数（2）第三个参数为SecureRandom random = new SecureRandom();中random对象，随机数。(AES不可采用这种方法)（3）采用此代码中的IVParameterSpec
+                //加密时使用:ENCRYPT_MODE;  解密时使用:DECRYPT_MODE;
+                cipher.init(Cipher.ENCRYPT_MODE, key); //CBC类型的可以在第三个参数传递偏移量zeroIv,ECB没有偏移量
+                //加密操作,返回加密后的字节数组，然后需要编码。主要编解码方式有Base64, HEX, UUE,7bit等等。此处看服务器需要什么编码方式
+                byte[] encryptedData = cipher.doFinal(cleartext.getBytes(StandardCharsets.UTF_8));
+
+                // 修改点：使用 java.util.Base64 替代 sun.misc.BASE64Encoder
+                return Base64.getEncoder().encodeToString(encryptedData);
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    /**
+     * 解密
+     *
+     * @param encrypted
+     * @return
+     */
+    public static String decrypt(String encrypted) {
+        try {
+            if(StringUtils.isNotBlank(encrypted)){
+                // 修改点：使用 java.util.Base64 替代 sun.misc.BASE64Decoder
+                byte[] byteMi = Base64.getDecoder().decode(encrypted);
+
+                //IvParameterSpec zeroIv = new IvParameterSpec(VIPARA.getBytes());
+                SecretKeySpec key = new SecretKeySpec(AES_KEY.getBytes(StandardCharsets.UTF_8), "AES");
+                Cipher cipher = Cipher.getInstance(AES_TYPE);
+                //与加密时不同MODE:Cipher.DECRYPT_MODE
+                cipher.init(Cipher.DECRYPT_MODE, key);  //CBC类型的可以在第三个参数传递偏移量zeroIv,ECB没有偏移量
+                byte[] decryptedData = cipher.doFinal(byteMi);
+                return new String(decryptedData, CODE_TYPE);
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static void setAesKey(String aesKey){
+        AES_KEY = aesKey;
+    }
+
+    /**
+     * 测试
+     *
+     * @param args
+     * @throws Exception
+     */
+    public static void main(String[] args) throws Exception {
+        String pass = "Ims1555#";
+        setAesKey("4444111133332222");
+        System.out.println("加密内容："+encrypt(pass));
+        String content = encrypt(pass);
+        System.out.println("解密内容："+decrypt(content));
+    }
+}