增加第一登录修改密码

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/controller/admin/auth/vo/AuthLoginRespVO.java

@@ -27,4 +27,7 @@ public class AuthLoginRespVO {
     @Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)
     private LocalDateTime expiresTime;
 
+    @Schema(description = "上一次登录时间", requiredMode = Schema.RequiredMode.NOT_REQUIRED)
+    private LocalDateTime loginDate;
+
 }

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/controller/admin/user/UserController.java

@@ -87,45 +87,58 @@ public class UserController {
 
     private void updateUserRoles(UserSaveReqVO reqVO) {
         Set<Long> roleIds = new HashSet<>();
-        if(reqVO.getRoleType().equals(CommonStatusEnum.ENABLE.getStatus())){
+        if (reqVO.getRoleType().equals(CommonStatusEnum.ENABLE.getStatus())) {
             //可创建用户
             roleIds.add(112L);
-        }else{
+        } else {
             //不可创建用户
             roleIds.add(113L);
         }
-        permissionService.assignUserRole(reqVO.getId(),roleIds);
+        permissionService.assignUserRole(reqVO.getId(), roleIds);
     }
 
     private void updateUserClient(UserSaveReqVO reqVO) {
         Set<Long> clientIds = reqVO.getAssociatedSystem();
-        if(CollectionUtils.isNotEmpty(clientIds)){
-            updateUserClientInfo(clientIds,reqVO.getId());
+        if (CollectionUtils.isNotEmpty(clientIds)) {
+            updateUserClientInfo(clientIds, reqVO.getId());
+        } else {
+            clearUserClientInfo(reqVO.getId());
         }
     }
 
-    private void updateUserClientInfo(Set<Long> clientIds,Long userId) {
+    private void clearUserClientInfo(Long userId) {
+        List<UserClientDO> clients = userClientService.getClientsByUserId(userId);
+        if (CollectionUtils.isNotEmpty(clients)) {
+            List<Long> removeIds = clients.stream().map(UserClientDO::getId).collect(Collectors.toList());
+            userClientService.removeByIds(removeIds);
+        }
+    }
+
+    private void updateUserClientInfo(Set<Long> clientIds, Long userId) {
         List<Long> addIds = new ArrayList<>();
 //        Long userId = SecurityFrameworkUtils.getLoginUserId();
         List<UserClientDO> clientsByUserId = userClientService.getClientsByUserId(userId);
         List<Long> removeIds = new ArrayList<>();
         List<Long> modifyIds = new ArrayList<>();
-        if(CollectionUtils.isNotEmpty(clientsByUserId)){
-            clientsByUserId.forEach(item->{
-                if(clientIds.contains(item.getClientId())){
+        if (CollectionUtils.isNotEmpty(clientsByUserId)) {
+            clientsByUserId.forEach(item -> {
+                if (clientIds.contains(item.getClientId())) {
                     modifyIds.add(item.getClientId());
-                }else{
+                } else {
                     removeIds.add(item.getId());
                 }
             });
-            addIds = clientIds.stream().filter(item->!modifyIds.contains(item)).collect(Collectors.toList());
-        }else{
+            addIds = clientIds.stream().filter(item -> !modifyIds.contains(item)).collect(Collectors.toList());
+        } else {
             addIds = new ArrayList<>(clientIds);
         }
-        if(CollectionUtils.isNotEmpty(addIds)){
+        if (CollectionUtils.isNotEmpty(removeIds)) {
+            userClientService.removeByIds(removeIds);
+        }
+        if (CollectionUtils.isNotEmpty(addIds)) {
             List<UserClientDO> addDOs = new ArrayList<>();
             UserClientDO tmpUserClientDO = null;
-            for(Long addId:addIds){
+            for (Long addId : addIds) {
                 tmpUserClientDO = new UserClientDO();
                 tmpUserClientDO.setUserId(userId);
                 tmpUserClientDO.setClientId(addId);
@@ -143,6 +156,7 @@ public class UserController {
     @Operation(summary = "修改用户")
     @PreAuthorize("@ss.hasPermission('system:user:update')")
     public CommonResult<Boolean> updateUser(@Valid @RequestBody UserSaveReqVO reqVO) {
+        //
         userService.updateUser(reqVO);
         //增加
         updateUserClient(reqVO);
@@ -167,6 +181,14 @@ public class UserController {
         return success(true);
     }
 
+    @PutMapping("/reset-password")
+    @Operation(summary = "重置密码")
+    public CommonResult<Boolean> resetUserPassword(@Valid @RequestBody UserUpdatePasswordReqVO reqVO) {
+        Long loginUserId = SecurityFrameworkUtils.getLoginUserId();
+        userService.updateUserPassword(loginUserId, reqVO.getPassword());
+        return success(true);
+    }
+
     @PutMapping("/update-status")
     @Operation(summary = "修改用户状态")
     @PreAuthorize("@ss.hasPermission('system:user:update')")
@@ -259,61 +281,62 @@ public class UserController {
     @GetMapping("/getLinkInfo")
     @Operation(summary = "获得用户详情")
     @Parameter(name = "id", description = "编号", required = true, example = "1024")
-    public CommonResult<String> getLinkInfo(@RequestParam("linkId") Long linkId,@RequestParam("refreshToken") String refreshToken) {
+    public CommonResult<String> getLinkInfo(@RequestParam("linkId") Long linkId, @RequestParam("refreshToken") String refreshToken) {
         String url = StringUtils.EMPTY;
         Long userId = SecurityFrameworkUtils.getLoginUserId();
-        if(Objects.nonNull(userId)){
+        if (Objects.nonNull(userId)) {
             AdminUserDO user = userService.getUser(userId);
-            if(Objects.isNull(user)){
+            if (Objects.isNull(user)) {
                 throw exception(USER_NOT_EXISTS);
-            }else{
-                if(user.getStatus().equals(CommonStatusEnum.DISABLE.getStatus())){
-                    log.error(USER_IS_DISABLE.getMsg(),user.getUsername());
+            } else {
+                if (user.getStatus().equals(CommonStatusEnum.DISABLE.getStatus())) {
+                    log.error(USER_IS_DISABLE.getMsg(), user.getUsername());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
-                if(!user.getAssociatedSystem().contains(linkId)){
+                if (!user.getAssociatedSystem().contains(linkId)) {
                     log.error(USER_CLIENT_NOT_EXISTS.getMsg());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
                 OAuth2ClientDO oAuth2Client = oAuth2ClientService.getOAuth2Client(linkId);
-                if(Objects.isNull(oAuth2Client)){
+                if (Objects.isNull(oAuth2Client)) {
                     log.error(USER_CLIENT_NOT_EXISTS.getMsg());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
                 UserClientDO userClient = userClientService.getUserClientByParam(userId, linkId);
-                if(Objects.isNull(userClient)){
+                if (Objects.isNull(userClient)) {
                     log.error(USER_CLIENT_NOT_EXISTS.getMsg());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
-                if(userClient.getStatus().equals(CommonStatusEnum.DISABLE.getStatus())){
+                if (userClient.getStatus().equals(CommonStatusEnum.DISABLE.getStatus())) {
                     log.error(USER_CLIENT_STOP.getMsg());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
-                if(userClient.getSyncStatus()==0 || userClient.getSyncStatus()==2){
+                if (userClient.getSyncStatus() == 0 || userClient.getSyncStatus() == 2) {
                     log.error(USER_NO_SYNC.getMsg());
                     throw exception(USER_CLIENT_LINK_AUTH_ERROR);
                 }
                 // 拼接数据
-                url = constructLinkUrl(userClient,oAuth2Client,refreshToken,user);
+                url = constructLinkUrl(userClient, oAuth2Client, refreshToken, user);
             }
         }
         return success(url);
     }
 
-    private String constructLinkUrl( UserClientDO userClient,OAuth2ClientDO oAuth2Client, String refreshToken, AdminUserDO user) {
+    private String constructLinkUrl(UserClientDO userClient, OAuth2ClientDO oAuth2Client, String refreshToken, AdminUserDO user) {
 
-        if(oAuth2Client.getLinkMode()==0){
-            return makeDefaultUrl(userClient,oAuth2Client,refreshToken,user.getUsername());
-        }else if(oAuth2Client.getLinkMode()==1){
+        if (oAuth2Client.getLinkMode() == 0) {
+            return makeDefaultUrl(userClient, oAuth2Client, refreshToken, user.getUsername());
+        } else if (oAuth2Client.getLinkMode() == 1) {
             //观远sso集成
-            return makeGuanUrl(userClient,oAuth2Client,refreshToken,user);
-        }else{
+            return makeGuanUrl(userClient, oAuth2Client, refreshToken, user);
+        } else {
             return StringUtils.EMPTY;
         }
     }
 
     /**
      * 观远sso url
+     *
      * @param userClient
      * @param oAuth2Client
      * @param refreshToken
@@ -329,25 +352,27 @@ public class UserController {
         } catch (InvalidKeySpecException e) {
             throw exception(USER_LINK_ERROR);
         }
-        String str = "{\"domainId\":\"guanbi\",\"externalUserId\":\""+ user.getUsername()+"\"}";
+        String str = "{\"domainId\":\"guanbi\",\"externalUserId\":\"" + user.getUsername() + "\"}";
         String encodedData = GuanRsa.privateEncrypt(str, key);
-        String token =  GuanRsa.toHexString(encodedData);
-        userClientService.updateTokenById(userClient.getId(),token);
-        return oAuth2Client.getLoginUrl()+"?provider=guanbi&ssoToken="+token;
+        String token = GuanRsa.toHexString(encodedData);
+        userClientService.updateTokenById(userClient.getId(), token);
+        return oAuth2Client.getLoginUrl() + "?provider=guanbi&ssoToken=" + token;
     }
 
     /**
      * 默认路径
+     *
      * @param userClient
      * @param oAuth2Client
      * @param refreshToken
      * @param loginUserName
      * @return
      */
-    private String makeDefaultUrl(UserClientDO userClient,OAuth2ClientDO oAuth2Client, String refreshToken, String loginUserName) {
+    private String makeDefaultUrl(UserClientDO userClient, OAuth2ClientDO oAuth2Client, String refreshToken, String loginUserName) {
         String timestamp = System.currentTimeMillis() + "";
-        String token = TransmitSecurityUtil.MD5(timestamp+loginUserName+oAuth2Client.getSecret());
-        userClientService.updateTokenById(userClient.getId(),token);
-        return oAuth2Client.getLoginUrl()+"?timestamp="+timestamp+"&user="+loginUserName+"&token="+token;
+        String token = TransmitSecurityUtil.MD5(timestamp + loginUserName + oAuth2Client.getSecret());
+        userClientService.updateTokenById(userClient.getId(), token);
+        return oAuth2Client.getLoginUrl() + "?timestamp=" + timestamp + "&user=" + loginUserName + "&token=" + token;
     }
+
 }

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/controller/admin/userclient/UserClientController.java

@@ -29,6 +29,7 @@ import org.springframework.http.*;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.client.HttpServerErrorException;
 import org.springframework.web.client.RestTemplate;
 
 import javax.annotation.Resource;
@@ -185,26 +186,36 @@ public class UserClientController {
         headers.setContentType(MediaType.APPLICATION_JSON_UTF8);
         HttpEntity< Map<String, Object>> httpEntity = new HttpEntity<>(dataMap);
         try {
-            ResponseEntity exchange = restTemplate.postForEntity(oAuth2Client.getSyncUserInfoUrl(), httpEntity,Object.class);
-            if(exchange.getStatusCode()== HttpStatus.OK){
-                Map<String,Object> resultRemote = (Map)exchange.getBody();
-                if(Objects.nonNull(resultRemote)){
-                    String result = (String) resultRemote.get("result");
-                    if(result.compareTo("ok")==0){
-                        userClientService.updateUserSyncStatus(userClient.getId(),1);
-                    }else{
-                        userClientService.updateUserStatus(userClient.getId(),2);
-                        throw exception(USER_SYNC_OPERATION_FAIL);
-                    }
+            String syncUrl = oAuth2Client.getSyncUserInfoUrl();
+            syncGuanyuanUserInfo(userClient, syncUrl, httpEntity);
+        }catch (Exception e){
+            if(StringUtils.isNotEmpty(e.getLocalizedMessage()) && e.getLocalizedMessage().contains("reason:loginId already exists")){
+                String updateSyncUrl = oAuth2Client.getSyncUserInfoUrl().replace("add","modify");
+                syncGuanyuanUserInfo(userClient, updateSyncUrl, httpEntity);
+            }else{
+                userClientService.updateUserSyncStatus(userClient.getId(),2);
+                log.error(e.getCause().toString());
+                throw exception(USER_SYNC_OPERATION_FAIL);
+            }
+        }
+    }
+
+    private void syncGuanyuanUserInfo(UserClientDO userClient, String syncUrl, HttpEntity<Map<String, Object>> httpEntity) {
+        ResponseEntity exchange = restTemplate.postForEntity(syncUrl, httpEntity,Object.class);
+        if(exchange.getStatusCode()== HttpStatus.OK){
+            Map<String,Object> resultRemote = (Map)exchange.getBody();
+            if(Objects.nonNull(resultRemote)){
+                String result = (String) resultRemote.get("result");
+                if(result.compareTo("ok")==0){
+                    userClientService.updateUserSyncStatus(userClient.getId(),1);
                 }else{
-                    userClientService.updateUserStatus(userClient.getId(),2);
+                    userClientService.updateUserSyncStatus(userClient.getId(),2);
                     throw exception(USER_SYNC_OPERATION_FAIL);
                 }
+            }else{
+                userClientService.updateUserSyncStatus(userClient.getId(),2);
+                throw exception(USER_SYNC_OPERATION_FAIL);
             }
-        }catch (Exception e){
-            log.error(e.toString());
-            userClientService.updateUserStatus(userClient.getId(),2);
-            throw exception(USER_SYNC_OPERATION_FAIL);
         }
     }
 
@@ -249,6 +260,10 @@ public class UserClientController {
                     }
                 }
             }
+//            else{
+//                deptName = dept.getName();
+//                deptCode = dept.getCode();
+//            }
         }
         //头部信息
         HttpHeaders headers = new HttpHeaders();

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/dal/dataobject/oauth2/OAuth2AccessTokenDO.java

@@ -72,4 +72,7 @@ public class OAuth2AccessTokenDO extends TenantBaseDO {
      */
     private LocalDateTime expiresTime;
 
+    @TableField(exist = false)
+    private LocalDateTime loginDate;
+
 }

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/service/auth/AdminAuthServiceImpl.java

@@ -33,6 +33,7 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 import javax.validation.Validator;
+import java.time.LocalDateTime;
 import java.util.Objects;
 
 import static com.poteviohealth.cgp.sso.framework.common.exception.util.ServiceExceptionUtil.exception;
@@ -106,7 +107,7 @@ public class AdminAuthServiceImpl implements AdminAuthService {
                     reqVO.getSocialType(), reqVO.getSocialCode(), reqVO.getSocialState()));
         }
         // 创建 Token 令牌，记录登录日志
-        return createTokenAfterLoginSuccess(user.getId(), reqVO.getUsername(), LoginLogTypeEnum.LOGIN_USERNAME);
+        return createTokenAfterLoginSuccess(user.getId(), reqVO.getUsername(),user.getLoginDate(),LoginLogTypeEnum.LOGIN_USERNAME);
     }
 
     @Override
@@ -131,7 +132,7 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         }
 
         // 创建 Token 令牌，记录登录日志
-        return createTokenAfterLoginSuccess(user.getId(), reqVO.getMobile(), LoginLogTypeEnum.LOGIN_MOBILE);
+        return createTokenAfterLoginSuccess(user.getId(), reqVO.getMobile(),user.getLoginDate(), LoginLogTypeEnum.LOGIN_MOBILE);
     }
 
     private void createLoginLog(Long userId, String username,
@@ -169,7 +170,7 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         }
 
         // 创建 Token 令牌，记录登录日志
-        return createTokenAfterLoginSuccess(user.getId(), user.getUsername(), LoginLogTypeEnum.LOGIN_SOCIAL);
+        return createTokenAfterLoginSuccess(user.getId(), user.getUsername(),user.getLoginDate(),LoginLogTypeEnum.LOGIN_SOCIAL);
     }
 
     @VisibleForTesting
@@ -191,13 +192,14 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         }
     }
 
-    private AuthLoginRespVO createTokenAfterLoginSuccess(Long userId, String username, LoginLogTypeEnum logType) {
+    private AuthLoginRespVO createTokenAfterLoginSuccess(Long userId, String username, LocalDateTime loginDate,LoginLogTypeEnum logType) {
         // 插入登陆日志
         createLoginLog(userId, username, logType, LoginResultEnum.SUCCESS);
         // 创建访问令牌
         OAuth2AccessTokenDO accessTokenDO = oauth2TokenService.createAccessToken(userId, getUserType().getValue(),
                 OAuth2ClientConstants.CLIENT_ID_DEFAULT, null);
         // 构建返回结果
+        accessTokenDO.setLoginDate(loginDate);
         return AuthConvert.INSTANCE.convert(accessTokenDO);
     }
 

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/service/user/AdminUserServiceImpl.java

@@ -125,6 +125,7 @@ public class AdminUserServiceImpl implements AdminUserService {
             success = SYSTEM_USER_UPDATE_SUCCESS)
     public void updateUser(UserSaveReqVO updateReqVO) {
         updateReqVO.setPassword(null); // 特殊：此处不更新密码
+        updateReqVO.setUsername(null); //不更新用户名
         // 1. 校验正确性
         AdminUserDO oldUser = validateUserForCreateOrUpdate(updateReqVO.getId(), updateReqVO.getUsername(),
                 updateReqVO.getMobile(), updateReqVO.getEmail(), updateReqVO.getDeptId(), updateReqVO.getPostIds());

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/service/userclient/UserClientService.java

@@ -69,4 +69,6 @@ public interface UserClientService {
     void updateUserStatus(Long id, Integer status);
 
     void updateUserSyncStatus(Long id, Integer status);
+
+    void removeByIds(List<Long> removeIds);
 }

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/service/userclient/UserClientServiceImpl.java

@@ -157,4 +157,9 @@ public class UserClientServiceImpl implements UserClientService {
         updateObj.setSyncStatus(status);
         userClientMapper.updateById(updateObj);
     }
+
+    @Override
+    public void removeByIds(List<Long> removeIds) {
+        userClientMapper.deleteBatchIds(removeIds);
+    }
 }

sso-module-system/sso-module-system-biz/src/main/java/com/poteviohealth/cgp/sso/module/system/util/transmit/TransmitSecurityUtil.java

@@ -266,17 +266,19 @@ public class TransmitSecurityUtil {
 //        System.out.println(o.get("timestamp"));
 //        System.out.println(o.get("devOperator"));
 
-        String test = encryByPublicKey("test11111111111111");
-        System.out.println(test);
-        System.out.println(test.length());
+//        String test = encryByPublicKey("test11111111111111");
+//        System.out.println(test);
+//        System.out.println(test.length());
 //        System.out.println(MD5(test));
-        String s = decryByPrivateKey(test);
-        System.out.println(s);
+//        String s = decryByPrivateKey(test);
+//        System.out.println(s);
 
 
 //        RSA rsa = new RSA(null, publicKey);
 //        byte[] signature = rsa.encrypt("test", KeyType.PublicKey);
 //        String sign = HexUtil.encodeHexStr(signature);
+        String s = MD5("1728701412446" + "18978663105" + "mYtPw54v82krEB4s");
+        System.out.println(s.equals("FB2ED4E282E568AFB7ABBA90BF89C406"));
 
 
     }