用户登录和用户数据同步功能完善

duty-service/src/main/java/cn/com/taiji/duty/config/LoginInterceptor.java

@@ -43,106 +43,48 @@ public class LoginInterceptor extends HandlerInterceptorAdapter {
             throws Exception {
 
         String token = JwtUtils.getToken(request);
-        if (!PROD.equals(env)) {
-            if (StringUtils.isEmpty(token)) {
-                // throw new RuntimeException("认证失败");
-                response.setCharacterEncoding("utf-8");
-                response.setContentType("application/json; charset=utf-8");
-                PrintWriter out = response.getWriter();
-                out.write(JSONObject.toJSONString(AjaxResult.error(401,"认证失败!")));
-                return false;
-            }
-            String username = stringRedisTemplate.opsForValue().get(token);
-            if (StringUtils.isEmpty(username)) {
-                // throw new RuntimeException("token失效");
-                response.setCharacterEncoding("utf-8");
-                response.setContentType("application/json; charset=utf-8");
-                PrintWriter out = response.getWriter();
-                out.write(JSONObject.toJSONString(AjaxResult.error(402,"token失效!")));
-                return false;
-            }
-            stringRedisTemplate.expire(token, 7200, TimeUnit.SECONDS);
-            return true;
+        if (StringUtils.isEmpty(token)) {
+            // throw new RuntimeException("认证失败");
+            response.setCharacterEncoding("utf-8");
+            response.setContentType("application/json; charset=utf-8");
+            PrintWriter out = response.getWriter();
+            out.write(JSONObject.toJSONString(AjaxResult.error(401,"认证失败!")));
+            return false;
         }
-        // String sessionToken = request.getHeader("sessionToken");
-        //
-        // // 如果sessionToken为空，则无权访问资源
-        // if (StringUtils.isEmpty(sessionToken)) {
-        //     logger.info("无sessionToken!");
-        //     response.setCharacterEncoding("utf-8");
-        //     response.setContentType("application/json; charset=utf-8");
-        //     PrintWriter out = response.getWriter();
-        //     out.write(JSONObject.toJSONString(Result.failedWith(null,401,"无sessionToken!")));
-        //     return false;
-        // }
-        //
-        // // 如果sessionToken不为null，则去redis中拿出该用户的sessionToken进行对比，看是否是同一个回话
-        // String username = stringRedisTemplate.opsForValue().get(Constant.SESSIONTOKEN_PREFIX + sessionToken);
-        // if(StringUtils.isEmpty(username)){
-        //     // 2021年1月8日 新增社管app验证适应
-        //     String appUserName = stringRedisTemplate.opsForValue().get(Constant.APP_ACCESS_TOKEN_PREFIX + sessionToken);
-        //     if(!StringUtils.isEmpty(appUserName)){
-        //         return true;
-        //     }
-        //
-        //     logger.info("sessionToken无效!");
-        //     response.setCharacterEncoding("utf-8");
-        //     response.setContentType("application/json; charset=utf-8");
-        //     PrintWriter out = response.getWriter();
-        //     out.write(JSONObject.toJSONString(Result.failedWith(null,402,"sessionToken无效!")));
-        //     return false;
-        // }else{
-        //     // 获取单点登陆token
-        //     String SSOToken = stringRedisTemplate.opsForValue().get(SSOConstant.SSO_TOKEN_PREFIX + username);
-        //
-        //     // 通过SSOToken，在idaas中判断SSOToken是否过期
-        //     if(SSOToken == null) {
-        //         // 如果已经过期，则删除当前用户缓存的token
-        //         stringRedisTemplate.delete(SSOConstant.SSO_TOKEN_PREFIX + username);
-        //         // 删除用户登录idaas时的返回数据
-        //         stringRedisTemplate.delete(SSOConstant.SSO_RESDATA_PREFIX + username);
-        //
-        //         // 删除用户各类权限缓存
-        //         // 将用户菜单从redis删除
-        //         stringRedisTemplate.delete(PSConstant.USER_MENU_PREFIX + username);
-        //         // 将用户按钮从redis删除
-        //         stringRedisTemplate.delete(PSConstant.USER_BUTTON_PREFIX + username);
-        //         // 将用户数据权限从redis删除
-        //         stringRedisTemplate.delete(PSConstant.USER_DATA_PREFIX + username);
-        //         // 将用户角色从redis删除
-        //         stringRedisTemplate.delete(PSConstant.USER_ROLE_PREFIX + username);
-        //
-        //         // 如果已经过期，则提示登录已超时，需要重新登录。
-        //         logger.info("SSOToken过期，请重新登录!");
-        //         response.setCharacterEncoding("utf-8");
-        //         response.setContentType("application/json; charset=utf-8");
-        //         PrintWriter out = response.getWriter();
-        //         out.write(JSONObject.toJSONString(Result.failedWith(null,403,"SSOToken过期，请重新登录!")));
-        //         return false;
-        //     }
-        //
-        //     // 2021年4月7日 新增sessionToken校验，不足5分钟自动续签15分钟
-        //     long expire = 0;
-        //     try{
-        //         expire = stringRedisTemplate.getExpire(Constant.SESSIONTOKEN_PREFIX + sessionToken, TimeUnit.SECONDS);
-        //         if(expire < Constant.SESSIONTOKEN_NEED_LONG && expire > -1 ){
-        //             stringRedisTemplate.expire(Constant.SESSIONTOKEN_PREFIX + sessionToken
-        //                     , 3 * Constant.SESSIONTOKEN_NEED_LONG, TimeUnit.SECONDS);
-        //             stringRedisTemplate.expire(Constant.USER_ONCE_IP_PREFIX + sessionToken
-        //                     , 3 * Constant.SESSIONTOKEN_NEED_LONG, TimeUnit.SECONDS);
-        //             logger.info("user：" + username + "的sessionToken：" + sessionToken + "自动续签成功!");
-        //         }
-        //     }catch(NullPointerException npe){
-        //         logger.info("sessionToken无效!");
-        //         response.setCharacterEncoding("utf-8");
-        //         response.setContentType("application/json; charset=utf-8");
-        //         PrintWriter out = response.getWriter();
-        //         out.write(JSONObject.toJSONString(Result.failedWith(null,402,"sessionToken无效!")));
-        //         return false;
-        //     }
-        //
-            return true;
+        String username = stringRedisTemplate.opsForValue().get(token);
+        if (StringUtils.isEmpty(username)) {
+            // throw new RuntimeException("token失效");
+            response.setCharacterEncoding("utf-8");
+            response.setContentType("application/json; charset=utf-8");
+            PrintWriter out = response.getWriter();
+            out.write(JSONObject.toJSONString(AjaxResult.error(402,"token失效!")));
+            return false;
+        }
+        // 获取单点登陆token
+        String SSOToken = stringRedisTemplate.opsForValue().get("SSOToken-" + username);
+
+        // 通过SSOToken，在idaas中判断SSOToken是否过期
+        if(SSOToken == null) {
+            // throw new RuntimeException("token失效");
+            response.setCharacterEncoding("utf-8");
+            response.setContentType("application/json; charset=utf-8");
+            PrintWriter out = response.getWriter();
+            out.write(JSONObject.toJSONString(AjaxResult.error(402,"token失效!")));
+            return false;
+        }
+
+        // 2021年4月7日 新增sessionToken校验，不足5分钟自动续签15分钟
+        // long expire = 0;
+        // expire = stringRedisTemplate.getExpire(Constant.SESSIONTOKEN_PREFIX + sessionToken, TimeUnit.SECONDS);
+        // if(expire < Constant.SESSIONTOKEN_NEED_LONG && expire > -1 ){
+        //     stringRedisTemplate.expire(Constant.SESSIONTOKEN_PREFIX + sessionToken
+        //             , 3 * Constant.SESSIONTOKEN_NEED_LONG, TimeUnit.SECONDS);
+        //     stringRedisTemplate.expire(Constant.USER_ONCE_IP_PREFIX + sessionToken
+        //             , 3 * Constant.SESSIONTOKEN_NEED_LONG, TimeUnit.SECONDS);
+        //     logger.info("user：" + username + "的sessionToken：" + sessionToken + "自动续签成功!");
         // }
+        stringRedisTemplate.expire(token, 7200, TimeUnit.SECONDS);
+        return true;
     }
 
 }

duty-service/src/main/java/cn/com/taiji/duty/controller/AuthController.java

@@ -4,10 +4,9 @@ import cn.com.taiji.duty.model.DutyAccount;
 import cn.com.taiji.duty.model.DutyLoginLog;
 import cn.com.taiji.duty.service.IDutyAccountService;
 import cn.com.taiji.duty.service.IDutyLoginLogService;
-import cn.com.taiji.duty.utils.AjaxResult;
-import cn.com.taiji.duty.utils.IdUtils;
-import cn.com.taiji.duty.utils.IpUtils;
-import cn.com.taiji.duty.utils.JwtUtils;
+import cn.com.taiji.duty.service.IdaasLoginService;
+import cn.com.taiji.duty.utils.*;
+import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import eu.bitwalker.useragentutils.UserAgent;
@@ -15,7 +14,9 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.util.DigestUtils;
 import org.springframework.web.bind.annotation.*;
 
 import javax.servlet.http.HttpServletRequest;
@@ -35,6 +36,14 @@ import java.util.concurrent.TimeUnit;
 @Slf4j
 public class AuthController {
 
+    static private final String PROD = "prod";
+
+    @Value("${spring.profiles.active}")
+    private String env;
+
+    @Value("${sys.ssoToken.limit_expiresIn}")
+    private long ssoLimitExpiresIn;
+
     @Autowired
     protected StringRedisTemplate redisTemplate;
 
@@ -47,12 +56,15 @@ public class AuthController {
     @Autowired
     private IDutyAccountService accountService;
 
+    @Autowired
+    private IdaasLoginService idaasLoginService;
+
 
     @ApiOperation("登录")
     @PostMapping(value = "login", name = "登录")
-    public AjaxResult getToken(HttpServletRequest request, @RequestBody Map<String,String> parm) {
-        String username = parm.get("username");
-        String password = parm.get("password");
+    public AjaxResult getToken(HttpServletRequest request, @RequestBody Map<String,String> param) {
+        String username = param.get("username");
+        String password = param.get("password");
         QueryWrapper<DutyAccount> wrapper = new QueryWrapper<>();
         wrapper.eq("username",username);
         int count = dutyAccountService.count(wrapper);
@@ -60,11 +72,55 @@ public class AuthController {
             throw new RuntimeException("登录用户：" + username + " 不存在");
         }
 
-        AjaxResult ajaxResult = new AjaxResult(200, "登录成功!");
-
         String uuid = IdUtils.getUuid();
+        if (PROD.equals(env)) {
+            String md5Password = Md5Utils.md5(password);
+            JSONObject resData = null;
+            try{
+                resData = idaasLoginService.idaasLogin(request,username,md5Password);
+            } catch (Exception e) {
+                e.printStackTrace();
+                String errorMsg = e.getMessage();
+                log.error("idaas登录失败:" + errorMsg);
+                throw new RuntimeException("登录失败,用户不存在或连接失败");
+            }
+            if("200".equals(resData.get("code"))){
+                JSONObject data = resData.getJSONObject("data");
+                // 获取SSOToken时效
+                long expires = data.getLong("expiresIn");
+                // 获取SSOToken
+                String ssoToken = data.getString("accessToken");
+                // 如果时效小于2.5小时，先退出登录，再重新登录，用以刷新SSOToken
+                if(expires < ssoLimitExpiresIn ){
+                    JSONObject resDataNext = logoutThenLogin(request,ssoToken,param);
+                    if(resDataNext == null) {
+                        // return Result.error("登录失败，"+resDataNext.get("massage"));
+                    }else {
+                        // ****** 更新idaas登录返回信息 ****** //
+                        resData = resDataNext;
+                        data = resData.getJSONObject("data");
+                        // ****** 更新SSOToken和刷新时效时间 ****** //
+                        ssoToken = data.getString("accessToken");
+                        expires = data.getLong("expiresIn");
+                    }
+                }
+                // SSOToken
+                redisTemplate.opsForValue().set("SSOToken-" + username, ssoToken, expires, TimeUnit.SECONDS);
+
+                log.info("idaas-sso登录成功");
+            } else {
+                String errorInfo = (String) resData.get("message");
+                log.info("idaas-sso登录失败,"+ errorInfo);
+                throw new RuntimeException("登录失败," + errorInfo);
+            }
+        } else {
+            // SSOToken
+            redisTemplate.opsForValue().set("SSOToken-" + username, uuid, 43200, TimeUnit.SECONDS);
+        }
+        AjaxResult ajaxResult = new AjaxResult(200, "登录成功!");
         ajaxResult.put("token", uuid);
         redisTemplate.opsForValue().set(uuid, username, 7200, TimeUnit.SECONDS);
+
         DutyAccount one = accountService.findByUsername(username);
         DutyLoginLog log = loginLogService.getOne(new LambdaQueryWrapper<DutyLoginLog>()
                 .eq(DutyLoginLog::getAccountId, one.getId()).eq(DutyLoginLog::getStatus, "1").last("limit 1"));
@@ -92,6 +148,42 @@ public class AuthController {
         return ajaxResult;
     }
 
+    /**
+     * @author lizhi
+     * 退出后重新登录idaas，以更新单点登录token
+     * 11-16取消使用
+     */
+    private JSONObject logoutThenLogin(HttpServletRequest request, String ssoToken, Map<String,String> param) {
+        log.info("logout then login begin");
+        // 先登出
+        try {
+            JSONObject logoutResData = idaasLoginService.idaasLogout(request, ssoToken,param.get("username"));
+            String username = param.get("username");
+            String password = param.get("password");
+            // 2020-12-12 加密用户密码
+            String md5Password = Md5Utils.md5(password);
+
+            // 登出成功后，再重新登录
+            if("200".equals(logoutResData.getString("code"))){
+                JSONObject resData_2;
+                try {
+                    resData_2 = idaasLoginService.idaasLogin(request, username, md5Password);
+                    if("200".equals(resData_2.getString("code"))){
+                        return resData_2;
+                    }
+                } catch (Exception e) {
+                    log.info("重新登陆时idaas请求错误，error：" + e.getMessage());
+                    return null;
+                }
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+            log.info("重新登陆时idaas请求错误，error：" + e.getMessage());
+            return null;
+        }
+        return null;
+    }
+
     @ApiOperation("退出")
     @GetMapping(value = "logout", name = "退出")
     public AjaxResult logout(HttpServletRequest request) {

duty-service/src/main/java/cn/com/taiji/duty/controller/DutyAccountController.java

@@ -2,10 +2,13 @@ package cn.com.taiji.duty.controller;
 
 
 import cn.com.taiji.duty.model.DutyAccount;
+import cn.com.taiji.duty.model.DutyDepartment;
 import cn.com.taiji.duty.service.IDutyAccountService;
+import cn.com.taiji.duty.service.IDutyDepartmentService;
 import cn.com.taiji.duty.utils.AjaxResult;
 import cn.com.taiji.duty.utils.JwtUtils;
 import cn.com.taiji.duty.utils.Result;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -37,6 +40,9 @@ public class DutyAccountController {
     @Autowired
     private IDutyAccountService accountService;
 
+    @Autowired
+    private IDutyDepartmentService departmentService;
+
     @ApiOperation("获取账号信息")
     @GetMapping("search")
     public Result<DutyAccount> search(HttpServletRequest request) {
@@ -56,8 +62,9 @@ public class DutyAccountController {
     @ApiOperation("根据单位ID获取人员列表")
     @GetMapping("list")
     public Result<List<DutyAccount>> list(String externalId) {
+        DutyDepartment one = departmentService.getOne(new LambdaQueryWrapper<DutyDepartment>().eq(DutyDepartment::getExternalId, externalId));
         QueryWrapper<DutyAccount> wrapper = new QueryWrapper<>();
-        wrapper.eq("ou_id",externalId);
+        wrapper.eq("ou_uuid",one.getUuid());
         List<DutyAccount> list = accountService.list(wrapper);
         return Result.ok(list);
     }

duty-service/src/main/java/cn/com/taiji/duty/model/DutyAccount.java

@@ -73,8 +73,8 @@ public class DutyAccount implements Serializable {
 
 	/** 所属部门id */
 	@ApiModelProperty("所属部门id")
-	@TableField("ou_id")
-	private String ouId;
+	@TableField("ou_uuid")
+	private String ouUuid;
 
 	/** 所属部门名称 */
 	@ApiModelProperty("所属部门名称")

duty-service/src/main/java/cn/com/taiji/duty/service/IdaasLoginService.java

@@ -0,0 +1,27 @@
+package cn.com.taiji.duty.service;
+
+import com.alibaba.fastjson.JSONObject;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+* @author lizhi
+ */
+public interface IdaasLoginService {
+	/**
+	 * IdaaS登录
+	 * @param username
+	 * @param password
+	 * @return
+	 */
+	JSONObject idaasLogin(HttpServletRequest request, String username, String password) throws Exception;
+
+    /**
+	 * IdaaS登出
+	 * @param ssoToken
+	 * @return
+	 * @throws Exception
+	 */
+	JSONObject idaasLogout(HttpServletRequest request, String ssoToken, String username) throws Exception;
+
+}

duty-service/src/main/java/cn/com/taiji/duty/service/impl/DutySeatDutyUnitServiceImpl.java

@@ -3,11 +3,9 @@ package cn.com.taiji.duty.service.impl;
 import cn.com.taiji.duty.mapper.DutySeatDutyUnitPersonMapper;
 import cn.com.taiji.duty.model.*;
 import cn.com.taiji.duty.mapper.DutySeatDutyUnitMapper;
-import cn.com.taiji.duty.service.IDutyAccountService;
-import cn.com.taiji.duty.service.IDutyOperLogService;
-import cn.com.taiji.duty.service.IDutySeatDutyUnitPersonService;
-import cn.com.taiji.duty.service.IDutySeatDutyUnitService;
+import cn.com.taiji.duty.service.*;
 import cn.com.taiji.duty.utils.SuperBeanUtils;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -41,6 +39,9 @@ public class DutySeatDutyUnitServiceImpl extends ServiceImpl<DutySeatDutyUnitMap
     @Autowired
     private IDutyAccountService accountService;
 
+    @Autowired
+    private IDutyDepartmentService departmentService;
+
     @Override
     public DutySeatDutyUnitDTO queryById(Long id) {
         return dutyUnitMapper.findById(id);
@@ -75,9 +76,9 @@ public class DutySeatDutyUnitServiceImpl extends ServiceImpl<DutySeatDutyUnitMap
 
         List<DutySeatDutyUnitPerson> list = dutyUnitPersonService.list();
         List<Long> ids = list.parallelStream().map(DutySeatDutyUnitPerson::getAccountId).filter(Objects::nonNull).distinct().collect(Collectors.toList());
-
+        DutyDepartment one = departmentService.getOne(new LambdaQueryWrapper<DutyDepartment>().eq(DutyDepartment::getExternalId, externalId));
         QueryWrapper<DutyAccount> wrapper = new QueryWrapper<>();
-        wrapper.eq("ou_id",externalId);
+        wrapper.eq("ou_uuid",one.getUuid());
         if (ids.size() > 0) {
             wrapper.notIn("id",ids);
         }

duty-service/src/main/java/cn/com/taiji/duty/service/impl/IdaasLoginServiceImpl.java

@@ -0,0 +1,77 @@
+package cn.com.taiji.duty.service.impl;
+
+import cn.com.taiji.duty.service.IdaasLoginService;
+import com.alibaba.fastjson.JSONObject;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.*;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author lizhi
+ */
+@Slf4j
+@Service
+public class IdaasLoginServiceImpl implements IdaasLoginService {
+
+	@Value("${idaas.param.appKey}")
+	private String appKey;
+
+	@Value("${idaas.param.appSecret}")
+	private String appSecret;
+
+	@Value("${idaas.url-prefix}")
+	private String idaasUrlPrefix;
+
+	@Value("${idaas.sso-api.login}")
+	private String loginApi;
+
+	@Value("${idaas.sso-api.logout}")
+	private String logoutApi;
+
+	@Value("${idaas.sso-api.userInfo}")
+	private String userInfoApi;
+
+	@Value("${idaas.sso-api.loginByUsername}")
+	private String loginByUsername;
+
+	@Override
+	public JSONObject idaasLogin(HttpServletRequest request, String username, String password) throws Exception{
+
+		SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
+		requestFactory.setConnectTimeout(5000);
+		RestTemplate restTemplate = new RestTemplate();
+		HttpHeaders headers = new HttpHeaders();
+		headers.setContentType(MediaType.APPLICATION_JSON);
+		JSONObject jsonObj = new JSONObject();
+		jsonObj.put("clientId", appKey);
+		jsonObj.put("clientSecret", appSecret);
+		jsonObj.put("username", username);
+		jsonObj.put("password", password);
+		HttpEntity<String> entity = new HttpEntity<String>(jsonObj.toJSONString(), headers);
+		//post发送请求
+		ResponseEntity<JSONObject> exchange = restTemplate.exchange(idaasUrlPrefix + loginApi, HttpMethod.POST, entity, JSONObject.class);
+		//获取idaas返回的json
+		JSONObject resData = exchange.getBody();
+		// System.out.println(resData);
+		return resData;
+	}
+
+	@Override
+	public JSONObject idaasLogout(HttpServletRequest request, String ssoToken,String username) throws Exception {
+
+		SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
+		requestFactory.setConnectTimeout(1000);
+		RestTemplate restTemplate = new RestTemplate();
+		String url = idaasUrlPrefix + logoutApi + "?access_token=" + ssoToken;
+		//post发送请求
+		ResponseEntity<JSONObject> exchange = restTemplate.exchange(url, HttpMethod.POST, null, JSONObject.class);
+		//获取idaas返回的json
+		JSONObject resData = exchange.getBody();
+		return resData;
+	}
+}

duty-service/src/main/java/cn/com/taiji/duty/task/TimeTask.java

@@ -1,26 +1,29 @@
 package cn.com.taiji.duty.task;
 
 
-import cn.com.taiji.duty.model.DutyLoginLog;
-import cn.com.taiji.duty.model.DutySeatDutyUnit;
-import cn.com.taiji.duty.model.DutySignInRecord;
-import cn.com.taiji.duty.model.DutyStatistics;
+import cn.com.taiji.duty.model.*;
 import cn.com.taiji.duty.service.*;
 import cn.com.taiji.duty.utils.StringUtils;
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.http.*;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;
 
 import java.time.DayOfWeek;
 import java.time.LocalDate;
 import java.time.format.DateTimeFormatter;
 import java.time.temporal.WeekFields;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
 
 /**
  * @Description
@@ -32,6 +35,42 @@ import java.util.List;
 @Slf4j
 public class TimeTask {
 
+    @Value("${idaas-info.url-prefix}")
+    private String idaasUrlPrefix;
+
+    @Value("${idaas-info.api-url.login}")
+    private String loginApi;
+
+    @Value("${idaas-info.api-url.role-accounts}")
+    private String roleAccountsApi;
+
+    @Value("${idaas-info.api-url.userInfo}")
+    private String userInfoApi;
+
+    @Value("${idaas-info.api-url.org}")
+    private String orgApi;
+
+    @Value("${idaas-info.param.clientId}")
+    private String clientId;
+
+    @Value("${idaas-info.param.clientSecret}")
+    private String clientSecret;
+
+    @Value("${idaas-info.param.username}")
+    private String username;
+
+    @Value("${idaas-info.param.password}")
+    private String password;
+
+    @Value("${idaas-info.param.role-zby}")
+    private String roleZby;
+
+    @Value("${idaas-info.param.role-zbgl}")
+    private String roleZbgl;
+
+    @Value("${idaas-info.param.psId}")
+    private String psId;
+
     @Autowired
     private IDutyStatisticsService statisticsService;
 
@@ -50,6 +89,15 @@ public class TimeTask {
     @Autowired
     private IDutyConfigService configService;
 
+    @Autowired
+    private IDutyRoleAccountService roleAccountService;
+
+    @Autowired
+    private IDutyAccountService accountService;
+
+    @Autowired
+    private IDutyDepartmentService departmentService;
+
     @Scheduled(cron = "0 0 0 * * ?")
     public void signScheduleOne() {
         log.info("===========签卡处理定时开始===========");
@@ -231,4 +279,123 @@ public class TimeTask {
         }
     }
 
+    @Scheduled(cron = "0 0/10 * * * ?")
+    public void dataSchedule() {
+        log.info("===========数据同步定时开始===========");
+        // 记录请求开始时间
+        long startTime = System.currentTimeMillis();
+        this.data();
+        // 记录请求结束时间
+        long endTime = System.currentTimeMillis();
+        // 计算本次请求耗时
+        long takeTime = endTime - startTime;
+        log.info("任务耗时：{}",takeTime);
+        log.info("===========数据同步定时结束===========");
+    }
+
+    public void data() {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(MediaType.APPLICATION_JSON);
+        String token = redisTemplate.opsForValue().get("dataToken-" + username);
+        if (StringUtils.isEmpty(token)) {
+            JSONObject jsonObj = new JSONObject();
+            jsonObj.put("clientId", clientId);
+            jsonObj.put("clientSecret", clientSecret);
+            jsonObj.put("username", username);
+            jsonObj.put("password", password);
+            HttpEntity<String> entity = new HttpEntity<String>(jsonObj.toJSONString(), headers);
+            //post发送请求
+            ResponseEntity<JSONObject> exchange = restTemplate.exchange(idaasUrlPrefix + loginApi, HttpMethod.POST, entity, JSONObject.class);
+            //获取idaas返回的json
+            JSONObject resData = exchange.getBody();
+            JSONObject data = resData.getJSONObject("data");
+            // 获取SSOToken时效
+            long expires = data.getLong("expiresIn");
+            // 获取SSOToken
+            String dataToken = data.getString("accessToken");
+            redisTemplate.opsForValue().set("dataToken-" + username, dataToken, expires, TimeUnit.SECONDS);
+        }
+
+        headers.set("Authorization","Bearer " + token);
+        int pageSize = 100;
+        int currentPage = 1;
+        // 值班员请求
+        String url = idaasUrlPrefix + roleAccountsApi + "?privilegeUuid=" + roleZby + "&psSystemUuid="
+                + psId + "&pageSize=" + pageSize + "&currentPage=" + currentPage;
+        new JSONObject();
+        HttpEntity entity = new HttpEntity<>(headers);
+        //get发送请求
+        ResponseEntity<JSONObject> exchange = restTemplate.exchange(url, HttpMethod.GET, entity, JSONObject.class);
+        JSONObject resData = exchange.getBody();
+        JSONObject data = resData.getJSONObject("data");
+        JSONArray jsonArray = data.getJSONArray("list");
+        List<DutyRoleAccount> roleAccounts = JSONArray.parseArray(jsonArray.toJSONString(), DutyRoleAccount.class);
+        roleAccounts.forEach(dutyRoleAccount -> dutyRoleAccount.setRoleUuid(roleZby));
+
+
+        // 值班管理员请求
+        String urlZbgl = idaasUrlPrefix + roleAccountsApi + "?privilegeUuid=" + roleZbgl + "&psSystemUuid="
+                + psId + "&pageSize=" + pageSize + "&currentPage=" + currentPage;
+        //get发送请求
+        ResponseEntity<JSONObject> exchangeZbgl = restTemplate.exchange(urlZbgl, HttpMethod.GET, entity, JSONObject.class);
+        JSONObject resDataZbgl = exchangeZbgl.getBody();
+        JSONObject dataZbgl = resDataZbgl.getJSONObject("data");
+        JSONArray jsonArrayZbgl = dataZbgl.getJSONArray("list");
+        List<DutyRoleAccount> roleAccountsZbgl = JSONArray.parseArray(jsonArrayZbgl.toJSONString(), DutyRoleAccount.class);
+        roleAccountsZbgl.forEach(dutyRoleAccount -> dutyRoleAccount.setRoleUuid(roleZbgl));
+
+        List<DutyRoleAccount> dutyRoleAccounts = new ArrayList<>();
+        dutyRoleAccounts.addAll(roleAccounts);
+        dutyRoleAccounts.addAll(roleAccountsZbgl);
+        dutyRoleAccounts.forEach(dutyRoleAccount -> {
+            roleAccountService.saveOrUpdate(dutyRoleAccount,new LambdaQueryWrapper<DutyRoleAccount>()
+                    .eq(DutyRoleAccount::getUdAccountUuid,dutyRoleAccount.getUdAccountUuid())
+                    .eq(DutyRoleAccount::getRoleUuid,dutyRoleAccount.getRoleUuid()));
+        });
+        // roleAccountService.saveBatch(dutyRoleAccounts);
+
+        List<String> stringList = dutyRoleAccounts.parallelStream().map(DutyRoleAccount::getUdAccountUuid).filter(Objects::nonNull).distinct().collect(Collectors.toList());
+        List<DutyAccount> accounts = new ArrayList<>();
+        // 用户信息请求
+        stringList.forEach(t -> {
+            ResponseEntity<JSONObject> responseEntity = restTemplate.exchange(idaasUrlPrefix + userInfoApi + "?userUuid=" + t, HttpMethod.GET, entity, JSONObject.class);
+            JSONObject jsonObject = responseEntity.getBody().getJSONObject("data").getJSONObject("userInformation");
+            DutyAccount account = JSONObject.parseObject(jsonObject.toJSONString(), DutyAccount.class);
+            account.setUuid(t);
+            DutyAccount one = accountService.getOne(new LambdaQueryWrapper<DutyAccount>().eq(DutyAccount::getUuid, t));
+            if (one != null) {
+                account.setId(one.getId());
+                accountService.updateById(account);
+            } else {
+                accounts.add(account);
+            }
+        });
+        if (accounts.size() > 0) {
+            accountService.saveBatch(accounts);
+        }
+
+        List<String> collect = accounts.parallelStream().map(DutyAccount::getOuUuid).filter(Objects::nonNull).distinct().collect(Collectors.toList());
+        List<DutyDepartment> departments = new ArrayList<>();
+        // 用户信息请求
+        collect.forEach(f -> {
+            ResponseEntity<JSONObject> responseEntity = restTemplate.exchange(idaasUrlPrefix + orgApi + f + "?uuid=" + f, HttpMethod.GET, entity, JSONObject.class);
+            JSONObject jsonObject = responseEntity.getBody().getJSONObject("data").getJSONObject("formDto");
+            DutyDepartment department = JSONObject.parseObject(jsonObject.toJSONString(), DutyDepartment.class);
+            department.setOrganizationName(jsonObject.get("name").toString());
+            DutyDepartment one = departmentService.getOne(new LambdaQueryWrapper<DutyDepartment>().eq(DutyDepartment::getUuid, f));
+            if (one != null) {
+                department.setId(one.getId());
+                departmentService.updateById(department);
+            } else {
+                departments.add(department);
+            }
+        });
+        if (departments.size() > 0) {
+            departmentService.saveBatch(departments);
+        }
+
+
+    }
+
 }

duty-service/src/main/java/cn/com/taiji/duty/utils/Md5Utils.java

@@ -0,0 +1,37 @@
+package cn.com.taiji.duty.utils;
+
+import java.security.MessageDigest;
+
+/**
+ * MD5密码加密工具
+ * @author lizhi
+ */
+public class Md5Utils {
+	private static final char[] HEX_DIGITS = "0123456789abcdef".toCharArray();
+	private static final char[] CHAR_ARRAY = "_-0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ".toCharArray();
+
+	public static String md5(String srcStr) {
+		return hash("MD5", srcStr);
+	}
+
+	public static String hash(String algorithm, String srcStr) {
+		try {
+			MessageDigest md = MessageDigest.getInstance(algorithm);
+			byte[] bytes = md.digest(srcStr.getBytes("utf-8"));
+			return toHex(bytes);
+		} catch (Exception var4) {
+			throw new RuntimeException(var4);
+		}
+	}
+
+	public static String toHex(byte[] bytes) {
+		StringBuilder ret = new StringBuilder(bytes.length * 2);
+
+		for(int i = 0; i < bytes.length; ++i) {
+			ret.append(HEX_DIGITS[bytes[i] >> 4 & 15]);
+			ret.append(HEX_DIGITS[bytes[i] & 15]);
+		}
+
+		return ret.toString();
+	}
+}

duty-service/src/main/resources/application-prod.yml

@@ -8,7 +8,7 @@ spring:
   devtools.restart.enabled: true
   redis:
     host: 10.110.49.2
-    port: 6379
+    port: 16080
     database: 0
     #    password: root@2022!
     timeout: 10s

duty-service/src/main/resources/application.yml

@@ -1,8 +1,8 @@
 spring:
   application.name: duty-service
 #  profiles.active: local
-  profiles.active: dev
-#  profiles.active: prod
+#  profiles.active: dev
+  profiles.active: prod
   servlet:
     multipart:
       # 单个文件大小
@@ -66,6 +66,28 @@ taiji:
   faceTaskId: 0db384d3bbdd432aba457d64e347d369
   carTaskId: 4ef6713e9b894c35b572800f30fd8eba
 
+#### 获取本门用户数据 ####
+idaas-info:
+  url-prefix: http://10.110.32.9
+  param:
+    role-zby: 60f6d0e4a0510e6832ca4269508a26bfFvIMvcGatwS
+    role-zbgl: 8bdaaf47a6d5e8debe52bd29f3f4a967ocOR4jgbxaR
+    clientId: 4e7f3d75485906dca0154b9958a1b3c9OlZgW37BIDv
+    clientSecret: qYfCPtemZwXZZACrVhGRirsV3azj9NXWCkwjIJJNJD
+    username: zbxtsync
+    password: Sync@2023!
+    psId: b984743dac2a867036287fd67608b223HXnPVEvjMhv
+  api-url:
+    login: /public/enduser/login
+    role-accounts: /api/bff/v1.2/ps/authorization/role/relation/accounts
+    userInfo: /api/bff/v1.2/ud/account/routine/lookup
+    org: /api/bff/v1.2/ud/ou/routine/lookup/
+
+###### 系统参数配置 ######
+sys:
+  ssoToken:
+    limit_expiresIn: 9000
+
 ##### idaas相关配置 #####
 idaas:
   url-prefix: http://10.110.32.9 #政务外网-正式环境接口前缀

duty-service/src/main/resources/mapper/DutyAccountMapper.xml

@@ -14,7 +14,7 @@
         <result column="create_time" property="createTime" />
         <result column="locked" property="locked" />
         <result column="archived" property="archived" />
-        <result column="ou_id" property="ouId" />
+        <result column="ou_uuid" property="ouUuid" />
         <result column="ou_directory" property="ouDirectory" />
         <result column="region_code" property="regionCode" />
     </resultMap>
@@ -30,7 +30,7 @@
         <result column="create_time" property="createTime" />
         <result column="locked" property="locked" />
         <result column="archived" property="archived" />
-        <result column="ou_id" property="ouId" />
+        <result column="ou_uuid" property="ouUuid" />
         <result column="ou_directory" property="ouDirectory" />
         <result column="region_code" property="regionCode" />
         <association property="dutyUnit" javaType="DutySeatDutyUnit">
@@ -54,7 +54,7 @@
     <select id="findByUsername" resultMap="DutyAccountResult">
         select a.*,d.id as d_id,d.organization_name,d.external_id,u.id as u_id,u.serial_number,u.name as u_name,u.abbreviation,u.dept_id,r.name,r.permission_value
         from duty_account a
-        left join duty_department d on a.ou_id = d.external_id
+        left join duty_department d on a.ou_uuid = d.uuid
         left join duty_seat_duty_unit u on d.id = u.dept_id
         left join duty_role_account ra on a.uuid = ra.ud_account_uuid
         left join duty_role r on ra.role_uuid = r.uuid