'20240305'

ruoyi-admin/src/main/java/com/ruoyi/web/Utils/SHA1.java

@@ -0,0 +1,33 @@
+package com.ruoyi.web.Utils;
+
+import java.security.MessageDigest;
+
+public class SHA1 {
+    /**
+     * @Comment SHA1实现
+     * @Author Ron
+     * @Date 2017年9月13日 下午3:30:36
+     * @return
+     */
+    public static String shaEncode(String inStr){
+        MessageDigest sha = null;
+        try {
+            sha = MessageDigest.getInstance("SHA");
+            byte[] byteArray = inStr.getBytes("UTF-8");
+            byte[] md5Bytes = sha.digest(byteArray);
+            StringBuffer hexValue = new StringBuffer();
+            for (int i = 0; i < md5Bytes.length; i++) {
+                int val = ((int) md5Bytes[i]) & 0xff;
+                if (val < 16) {
+                    hexValue.append("0");
+                }
+                hexValue.append(Integer.toHexString(val));
+            }
+            return hexValue.toString();
+        } catch (Exception e) {
+            System.out.println(e.toString());
+            e.printStackTrace();
+            return "";
+        }
+    }
+}

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SsoLoginController.java

@@ -14,12 +14,16 @@ import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.model.NoPswLoginBody;
 import com.ruoyi.framework.web.service.SsoLoginService;
+import com.ruoyi.web.Utils.SHA1;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.security.MessageDigest;
+
 /**
  * 第三方登录验证
  *
@@ -27,6 +31,10 @@ import org.springframework.web.bind.annotation.RestController;
  */
 @RestController
 public class SsoLoginController {
+
+    @Value("${OA.KEY}")
+    private String key;
+
     /**
      * @Description: 平台带着token来系统里面登陆
      * 这边需要做两个步骤：
@@ -43,14 +51,18 @@ public class SsoLoginController {
     @PostMapping("/noPwdLogin")
     @ApiOperation(value = "无密码登录")
     public AjaxResult noPwdLogin(@RequestBody NoPswLoginBody noPswLoginBody) {
+        // 生成令牌(免密登录)
+        AjaxResult ajax = AjaxResult.success();
+
         String loginid = noPswLoginBody.getLoginid();
         String token = noPswLoginBody.getToken();
 
         //OA验证
-        //....
+        String newToken = SHA1.shaEncode(key+loginid);
+        if(!token.equals(newToken)){
+            return ajax.error("访问异常!");
+        }
 
-        // 生成令牌(免密登录)
-        AjaxResult ajax = AjaxResult.success();
         // 生成令牌
         String systoken = loginService.noPwdLogin(loginid);
         ajax.put(Constants.TOKEN, systoken);

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java

@@ -13,10 +13,7 @@ import com.ruoyi.common.core.redis.RedisCache;
 import com.ruoyi.common.enums.DataSourceType;
 import com.ruoyi.system.domain.cost;
 import com.ruoyi.system.domain.material;
-import com.ruoyi.system.domain.temp;
 import com.ruoyi.system.service.*;
-import com.ruoyi.web.Utils.batchInsert;
-import org.apache.commons.collections4.ListUtils;
 import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;

ruoyi-admin/src/main/resources/application.yml

@@ -198,3 +198,7 @@ minio:
   accessKey: minioadmin
   secretKey: minioadmin
   bucketName: test
+
+# OA单点登录key
+OA:
+  KEY: uy4MbH