使用飞书免登录

Merge Request: 使用飞书免登录 Created By: @李秋林 Accepted By: @李秋林 URL: https://g-pkkp8204.coding.net/p/wangxiaolu-sfa/d/wangxiaolu-sfa-auth/git/merge/75?initial=true

使用飞书免登录
143e66bf · 000516 · Coding · 11bd7379 · 68d95330 · 143e66bf
--- a/pom.xml
+++ b/pom.xml
@@ -61,6 +61,17 @@
            <optional>true</optional>
        </dependency>

+        <dependency>
+            <groupId>com.larksuite.oapi</groupId>
+            <artifactId>oapi-sdk</artifactId>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/com.squareup.okhttp3/okhttp -->
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>okhttp</artifactId>
+        </dependency>
+
    </dependencies>

    <build>

--- a/src/main/java/com/sfa/auth/controller/FsTokenController.java
+++ b/src/main/java/com/sfa/auth/controller/FsTokenController.java
+package com.sfa.auth.controller;
+
+import com.lark.oapi.service.authen.v1.model.GetUserInfoRespBody;
+import com.sfa.auth.form.LoginBody;
+import com.sfa.auth.service.SysLoginService;
+import com.sfa.auth.util.FeiShuUtil;
+import com.sfa.common.security.service.TokenService;
+import com.sfa.system.api.model.LoginUser;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.Map;
+
+/**
+ * @author : liqiulin
+ * @date : 2024-12-19 13
+ * @describe : 飞书免登
+ */
+@RestController
+public class FsTokenController {
+    @Autowired
+    FeiShuUtil feiShuUtil;
+    @Autowired
+    private TokenService tokenService;
+    @Autowired
+    private SysLoginService sysLoginService;
+
+    @PostMapping("/fs/login")
+    public Map<String, Object> login(@RequestBody LoginBody form){
+        String userAccessToken = feiShuUtil.createUserAccessToken(form.getCode());
+        GetUserInfoRespBody fsUserInfo = feiShuUtil.getUserInfo(userAccessToken);
+        LoginUser userInfo = sysLoginService.fsLogin(fsUserInfo.getEmployeeNo());
+        return tokenService.createToken(userInfo);
+    }
+}
--- a/src/main/java/com/sfa/auth/form/LoginBody.java
+++ b/src/main/java/com/sfa/auth/form/LoginBody.java
@@ -24,6 +24,12 @@ public class LoginBody
     */
    private String password;

+
+    /**
+     * 飞书免登code
+     */
+    private String code;
+
    public String getUsername()
    {
        return username;

--- a/src/main/java/com/sfa/auth/service/SysLoginService.java
+++ b/src/main/java/com/sfa/auth/service/SysLoginService.java
@@ -152,4 +152,37 @@ public class SysLoginService
        }
        recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
    }
+
+    public LoginUser fsLogin(String username) {
+        // IP黑名单校验
+        String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
+        if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
+        {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾，访问IP已被列入系统黑名单");
+            throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
+        }
+        // 查询用户信息
+        R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
+
+        if (R.FAIL == userResult.getCode())
+        {
+            throw new ServiceException(userResult.getMsg());
+        }
+
+        LoginUser userInfo = userResult.getData();
+        SysUser user = userResult.getData().getSysUser();
+        if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
+        {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起，您的账号已被删除");
+            throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
+        }
+        if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
+        {
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用，请联系管理员");
+            throw new ServiceException("对不起，您的账号：" + username + " 已停用");
+        }
+        recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
+        recordLoginInfo(user.getUserId());
+        return userInfo;
+    }
 }
--- a/src/main/java/com/sfa/auth/util/FeiShuUtil.java
+++ b/src/main/java/com/sfa/auth/util/FeiShuUtil.java
+package com.sfa.auth.util;
+
+import com.alibaba.fastjson2.JSONObject;
+import com.google.gson.JsonParser;
+import com.lark.oapi.Client;
+import com.lark.oapi.core.request.RequestOptions;
+import com.lark.oapi.core.utils.Jsons;
+import com.lark.oapi.service.authen.v1.model.GetUserInfoResp;
+import com.lark.oapi.service.authen.v1.model.GetUserInfoRespBody;
+import com.sfa.common.core.exception.auth.NotLoginException;
+import lombok.extern.slf4j.Slf4j;
+import okhttp3.*;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+
+/**
+ * @author : liqiulin
+ * @date : 2024-12-06 16
+ * @describe :
+ */
+@Slf4j
+@Component
+public class FeiShuUtil {
+
+    /**
+     * 根据用户的登录临时code获取useraccessToken
+     */
+    public String createUserAccessToken(String code) {
+        try {
+            HashMap<String, String> bodyMap = new HashMap<>();
+            bodyMap.put("grant_type", "authorization_code");
+            bodyMap.put("client_id", "cli_a7dbe3ec7d9e5013");
+            bodyMap.put("client_secret", "WxiT7uIJNDbDpEGfVCXEwNNfN1A3RgUo");
+            bodyMap.put("code", code);
+
+            OkHttpClient client = new OkHttpClient();
+            RequestBody body = RequestBody.create(JSONObject.toJSONString(bodyMap), MediaType.get("application/json"));
+            Request build = new Request.Builder().url("https://open.feishu.cn/open-apis/authen/v2/oauth/token").addHeader("Content-Type", "application/json; charset=utf-8").post(body).build();
+            Response execute = client.newCall(build).execute();
+            JSONObject rj = JSONObject.parseObject(execute.body().string());
+            if (!rj.containsKey("access_token")){
+                throw new NotLoginException("飞书用户获取失败");
+            }
+            return rj.getString("access_token");
+        } catch (Exception e) {
+            throw new NotLoginException("飞书用户获取失败");
+        }
+    }
+
+    /**
+     * 根据用户的userAccessToken获取用户信息
+     */
+    public GetUserInfoRespBody getUserInfo(String userAccessToken) {
+        try {
+            Client client = getClient();
+            GetUserInfoResp resp = client.authen().userInfo().get(RequestOptions.newBuilder()
+                    .userAccessToken(userAccessToken)
+                    .build());
+            if (!resp.success()) {
+                log.error(String.format("code:%s,msg:%s,reqId:%s, resp:%s",
+                        resp.getCode(), resp.getMsg(), resp.getRequestId(), Jsons.createGSON(true, false).toJson(JsonParser.parseString(new String(resp.getRawResponse().getBody(), "UTF-8")))));
+                return null;
+            }
+            return resp.getData();
+        } catch (Exception e) {
+            log.error("获取用户信息失败，停止执行！");
+            return null;
+        }
+    }
+
+    private Client getClient() {
+        return Client.newBuilder("cli_a7dbe3ec7d9e5013", "WxiT7uIJNDbDpEGfVCXEwNNfN1A3RgUo").build();
+    }
+}
\ No newline at end of file