From 2a789f594527bb35a5d719909333849177504eb9 Mon Sep 17 00:00:00 2001
From: peng <peng.com>
Date: 星期一, 24 十一月 2025 16:54:02 +0800
Subject: [PATCH] 移除cve处理

---
 ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java |   68 +++++++++++++++++++++++++++++++++-
 1 files changed, 66 insertions(+), 2 deletions(-)

diff --git a/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java b/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
index a541e1f..640c8e5 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java
@@ -3,7 +3,9 @@
 import cn.dev33.satoken.annotation.SaIgnore;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.aliyun.dingtalkcontact_1_0.models.GetUserHeaders;
 import com.aliyun.dingtalkcontact_1_0.models.GetUserResponseBody;
 import com.aliyun.dingtalkoauth2_1_0.models.GetUserTokenRequest;
@@ -14,9 +16,7 @@
 import com.dingtalk.api.DingTalkClient;
 import com.dingtalk.api.request.*;
 import com.dingtalk.api.response.OapiUserGetbyunionidResponse;
-import com.dingtalk.api.response.OapiUserGetuserinfoResponse;
 import com.dingtalk.api.response.OapiV2UserGetResponse;
-import com.dingtalk.api.response.OapiV2UserGetuserinfoResponse;
 import com.taobao.api.ApiException;
 import jakarta.servlet.http.HttpServletRequest;
 import lombok.RequiredArgsConstructor;
@@ -33,6 +33,7 @@
 import org.dromara.common.core.utils.MessageUtils;
 import org.dromara.common.core.utils.StreamUtils;
 import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.redis.utils.RedisUtils;
 import org.dromara.common.social.config.properties.SocialLoginConfigProperties;
 import org.dromara.common.social.config.properties.SocialProperties;
 import org.dromara.common.social.utils.SocialUtils;
@@ -50,12 +51,17 @@
 import org.dromara.web.service.IAuthStrategy;
 import org.dromara.web.service.SysLoginService;
 import org.dromara.web.service.SysRegisterService;
+import org.dromara.web.utils.RZTHttpUtils;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 import com.aliyun.teaopenapi.models.Config;
 
 import java.net.URL;
+import java.time.Duration;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;
 
 /**
  * 璁よ瘉
@@ -79,6 +85,7 @@
     private final ISysClientService clientService;
     private final ISysUserService userService;
     private final SysUserMapper userMapper;
+    private final RZTHttpUtils rzthttpUtils;
 
 
     /**
@@ -315,4 +322,61 @@
         return rsp.getResult();
     }
 
+
+    final String redisKey = "RZT_TOKEN";
+
+    @RequestMapping(value = "/rztLogin", method = RequestMethod.GET)
+    public String getRztAccessToken(@RequestParam(value = "code") String code) {
+        try {
+
+            log.info("code鍊硷細{}", code);
+            String accessToken = getRztToken();
+            log.info("accessToken鍊硷細{}", accessToken);
+            if (StrUtil.isNotBlank(accessToken)) {
+                Map<String, String> hashMap = new HashMap<>();
+                hashMap.put("code", code);
+                hashMap.put("token", accessToken);
+                String userJson = rzthttpUtils.sendGetRequest("/login/info", hashMap);
+                log.info("鐢ㄦ埛淇℃伅锛歿}", userJson);
+                JSONObject userObject = JSON.parseObject(userJson);
+                if (userObject.getIntValue("errcode") == 0) {
+                    return userObject.getString("userid");
+                } else {
+                    log.error("鑾峰彇鐢ㄦ埛淇℃伅澶辫触锛歿}", userObject.getString("errmsg"));
+                }
+            }
+
+        } catch (Exception e) {
+            log.error("鑾峰彇鐢ㄦ埛淇℃伅寮傚父锛歿}", e.getMessage());
+        }
+        return "";
+    }
+
+    @Value("${rzt.corpId}")
+    private String corpId;
+
+    @Value("${rzt.corpSecret}")
+    private String corpSecret;
+
+    private String getRztToken() throws Exception {
+        String token = RedisUtils.getCacheObject(redisKey);
+        if (StrUtil.isEmpty(token)) {
+
+            String accessJson = rzthttpUtils.sendGetRequest("/gettoken?corpId=" + corpId + "&corpsecret=" + corpSecret, null);
+            log.info("getRztToken accessJson鍊硷細{}", accessJson);
+            JSONObject jsonObject = JSON.parseObject(accessJson);
+            if (jsonObject.getIntValue("errcode") == 0) {
+                String accessToken = jsonObject.getString("access_token");
+                Integer expiresIn = jsonObject.getIntValue("expires_in");
+                RedisUtils.setCacheObject(redisKey, accessToken, Duration.ofSeconds(expiresIn));
+                return accessToken;
+            } else {
+                log.error("鑾峰彇token澶辫触锛歿},{}", jsonObject.getIntValue("errcode"), jsonObject.getString("errmsg"));
+                return null;
+            }
+
+        } else {
+            return token;
+        }
+    }
 }

--
Gitblit v1.8.0