竹云单点认证对接源码提交

metadata/com/kingdee/eas/custom/task/SyncZYEmpFacade.facade

@@ -0,0 +1,130 @@
+<?xml version="1.0" encoding="utf-8"?>
+<facade xmlns="com.kingdee.bos.metadata">
+  <package>com.kingdee.eas.custom.task</package>
+  <name>SyncZYEmpFacade</name>
+  <alias>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].alias</alias>
+  <description>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].description</description>
+  <userDefined>true</userDefined>
+  <bosType>76DBFEF7</bosType>
+  <stereoType>false</stereoType>
+  <businessImplName>com.kingdee.eas.custom.task.SyncZYEmpFacade</businessImplName>
+  <businessControllerName>com.kingdee.eas.custom.task.SyncZYEmpFacadeController</businessControllerName>
+  <accessLevel>public</accessLevel>
+  <subClassingMode>normal</subClassingMode>
+  <methods>
+    <method>
+      <name>SyncAllEmp</name>
+      <isListenerMethod>false</isListenerMethod>
+      <alias>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncAllEmp].alias</alias>
+      <description>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncAllEmp].description</description>
+      <innerID>4f7f7893-a76c-4353-8240-c61f51b8cd78</innerID>
+      <accessLevel>public</accessLevel>
+      <subClassingMode>normal</subClassingMode>
+      <returnValueType />
+      <metadataRef />
+      <transactionAttribute>Supports</transactionAttribute>
+      <userDefined>true</userDefined>
+      <userDefinedLogic />
+      <configured>false</configured>
+    </method>
+    <method>
+      <name>SyncEmpByUpdateTime</name>
+      <isListenerMethod>false</isListenerMethod>
+      <alias>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].alias</alias>
+      <description>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].description</description>
+      <innerID>92db3db3-6ebe-4876-9ba1-2088ac70a94a</innerID>
+      <accessLevel>public</accessLevel>
+      <subClassingMode>normal</subClassingMode>
+      <returnValueType />
+      <metadataRef />
+      <transactionAttribute>Supports</transactionAttribute>
+      <userDefined>true</userDefined>
+      <userDefinedLogic />
+      <parameters>
+        <parameter>
+          <name>updateBeginTime</name>
+          <alias>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateBeginTime].alias</alias>
+          <description>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateBeginTime].description</description>
+          <direction>in</direction>
+          <dataType>String</dataType>
+          <metadataRef />
+          <userDefined>true</userDefined>
+        </parameter>
+        <parameter>
+          <name>updateEndTime</name>
+          <alias>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateEndTime].alias</alias>
+          <description>facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateEndTime].description</description>
+          <direction>in</direction>
+          <dataType>String</dataType>
+          <metadataRef />
+          <userDefined>true</userDefined>
+        </parameter>
+      </parameters>
+      <configured>false</configured>
+    </method>
+  </methods>
+  <resource>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].alias">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="同步竹云用户Facade" />
+      <lang locale="zh_HK" value="同步竹雲用戶Facade" />
+      <lang locale="zh_TW" value="同步竹雲用戶Facade" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].description">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="null" />
+      <lang locale="zh_HK" value="null" />
+      <lang locale="zh_TW" value="null" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].extendedProperty.userDefined">
+      <lang locale="en_US" value="true" />
+      <lang locale="zh_CN" value="true" />
+      <lang locale="zh_TW" value="true" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncAllEmp].alias">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="同步所有用户" />
+      <lang locale="zh_HK" value="同步所有用戶" />
+      <lang locale="zh_TW" value="同步所有用戶" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncAllEmp].description">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="null" />
+      <lang locale="zh_HK" value="null" />
+      <lang locale="zh_TW" value="null" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].alias">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="根据更新时间同步用户" />
+      <lang locale="zh_HK" value="根據更新時間同步用戶" />
+      <lang locale="zh_TW" value="根據更新時間同步用戶" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].description">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="" />
+      <lang locale="zh_TW" value="null" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateBeginTime].alias">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="更新开始时间（yyyy-MM-dd HH:mm:ss）" />
+      <lang locale="zh_HK" value="更新開始時間（yyyy-MM-dd HH:mm:ss）" />
+      <lang locale="zh_TW" value="更新開始時間（yyyy-MM-dd HH:mm:ss）" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateBeginTime].description">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="" />
+      <lang locale="zh_TW" value="null" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateEndTime].alias">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="更新结束时间（yyyy-MM-dd HH:mm:ss）" />
+      <lang locale="zh_HK" value="更新結束時間（yyyy-MM-dd HH:mm:ss）" />
+      <lang locale="zh_TW" value="更新結束時間（yyyy-MM-dd HH:mm:ss）" />
+    </rs>
+    <rs key="facade[com.kingdee.eas.custom.task.SyncZYEmpFacade].methods.method[SyncEmpByUpdateTime].parameters.parameter[updateEndTime].description">
+      <lang locale="en_US" value="null" />
+      <lang locale="zh_CN" value="" />
+      <lang locale="zh_TW" value="null" />
+    </rs>
+  </resource>
+</facade>

metadata/facade_pkmapping.properties

@@ -1,5 +1,6 @@
-#
-#Tue May 21 20:06:50 CST 2024
+#Facade pk <==> bosType
+#Thu Sep 26 15:45:59 CST 2024
+76DBFEF7=com.kingdee.eas.custom.task.SyncZYEmpFacade
 12EE1EB9=com.kingdee.eas.custom.projectbonus.task.ProjectbonusFacade
 DD18840D=com.kingdee.eas.custom.performancenew.task.PerformancenewFacade
 4F5A179C=com.kingdee.eas.custom.expandassess.app.task.ExpandassessFacade

patch/竹云单点对接部署/server/deploy/easweb.ear/shr_web.war/WEB-INF/sso/applicationContext-ssoClient.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	   xmlns:p="http://www.springframework.org/schema/p"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
+	<!--org.springframework.beans.factory.config.PropertyPlaceholderConfigurer-->
+	<bean id="propertyPlaceholderConfigurer"
+          class="com.kingdee.eas.cp.eip.sso.util.EASPropertyPlaceholderConfigurer">
+		<property name="location"
+                  value="/WEB-INF/sso/ssoParamemter.properties"/>
+		<property name="systemPropertiesLocation"
+                  value="ssoClient.properties"/>
+		<property name="systemPropertiesMode"
+                  value="2"/>
+	</bean>
+	<!-- 竹云单点认证过滤器 -->
+	<bean id="casAuthenticationFilter" class="com.qy.sso.bamboocloud.filter.authentication.ZYPortalAuthenticationFilter"
+          p:serverLoginUrl="${cas.server.url}${cas.server.loginPath}"
+          p:serverName="${cas.client.serverName}"
+		  p:renew="${cas.server.renew}"
+		  p:gateway="${cas.server.gateway}"
+		  p:getServerNameFromRequest="${sso.client.serverNameFromRequest}"
+		  p:getServerLoginUrlFromRequest="${sso.server.loginUrlFromRequest}"
+		  p:encodeServiceUrl="false"
+		  p:clientId="${cas.server.clientId}"
+		  p:responseType="${cas.server.responseType}"		  
+		/>
+	<!-- getServerLoginUrlFromRequest=false is for the communication between portal and eassso using local net, also for resolving problems under certain firewall enviroment.  -->
+	<!-- 竹云用户信息校验过滤器 -->
+	<bean id="casTicketValidationFilter" class="com.qy.sso.bamboocloud.filter.validate.ZYTicketValidationFilter"
+		  p:casServerUrlPrefix="${cas.server.url}"
+		  p:serverName="${cas.client.serverName}"
+		  p:renew="${cas.server.renew}"
+		  p:getServerNameFromRequest="${sso.client.serverNameFromRequest}"
+		  p:getServerLoginUrlFromRequest="false"
+		  p:redirectAfterValidation="true"
+		  p:exceptionOnValidationFailure="true"
+		  p:useSession="true"
+		  p:getTokenPath="${cas.server.url}${cas.server.getTokenPath}"
+		  p:getUserInfoPath="${cas.server.url}${cas.server.getUserInfoPath}"
+		  p:clientId="${cas.server.clientId}"
+		  p:responseType="${cas.server.responseType}"
+		  p:clientSecret="${cas.server.clientSecret}"
+		  p:grantType="${cas.server.grantType}"
+		/>
+</beans>

patch/竹云单点对接部署/server/deploy/portal.ear/portal.war/WEB-INF/sso/applicationContext-ssoClient.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	   xmlns:p="http://www.springframework.org/schema/p"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
+	<!--org.springframework.beans.factory.config.PropertyPlaceholderConfigurer-->
+	<bean id="propertyPlaceholderConfigurer"
+          class="com.kingdee.eas.cp.eip.sso.util.EASPropertyPlaceholderConfigurer">
+		<property name="location"
+                  value="/WEB-INF/sso/ssoParamemter.properties"/>
+		<property name="systemPropertiesLocation"
+                  value="ssoClient.properties"/>
+		<property name="systemPropertiesMode"
+                  value="2"/>
+	</bean>
+	<!-- 竹云单点认证过滤器 -->
+	<bean id="casAuthenticationFilter" class="com.qy.sso.bamboocloud.filter.authentication.ZYPortalAuthenticationFilter"
+          p:serverLoginUrl="${cas.server.url}${cas.server.loginPath}"
+          p:serverName="${cas.client.serverName}"
+		  p:renew="${cas.server.renew}"
+		  p:gateway="${cas.server.gateway}"
+		  p:getServerNameFromRequest="${sso.client.serverNameFromRequest}"
+		  p:getServerLoginUrlFromRequest="${sso.server.loginUrlFromRequest}"
+		  p:encodeServiceUrl="false"
+		  p:clientId="${cas.server.clientId}"
+		  p:responseType="${cas.server.responseType}"		  
+		/>
+	<!-- getServerLoginUrlFromRequest=false is for the communication between portal and eassso using local net, also for resolving problems under certain firewall enviroment.  -->
+	<!-- 竹云用户信息校验过滤器 -->
+	<bean id="casTicketValidationFilter" class="com.qy.sso.bamboocloud.filter.validate.ZYTicketValidationFilter"
+		  p:casServerUrlPrefix="${cas.server.url}"
+		  p:serverName="${cas.client.serverName}"
+		  p:renew="${cas.server.renew}"
+		  p:getServerNameFromRequest="${sso.client.serverNameFromRequest}"
+		  p:getServerLoginUrlFromRequest="false"
+		  p:redirectAfterValidation="true"
+		  p:exceptionOnValidationFailure="true"
+		  p:useSession="true"
+		  p:getTokenPath="${cas.server.url}${cas.server.getTokenPath}"
+		  p:getUserInfoPath="${cas.server.url}${cas.server.getUserInfoPath}"
+		  p:clientId="${cas.server.clientId}"
+		  p:responseType="${cas.server.responseType}"
+		  p:clientSecret="${cas.server.clientSecret}"
+		  p:grantType="${cas.server.grantType}"
+		/>
+</beans>

patch/竹云单点对接部署/server/profiles/server1/config/portalConfig/CASLoginConfig.properties

@@ -0,0 +1,11 @@
+solutionName=eas
+dataCenter=gemdale
+locale=L2
+DBType=0
+userAuthPattern=BaseDB
+isPureWeb=true
+redirectTo=null
+userDomain= 
+loginFlow=true
+sso.user.mapping=false
+sso.user.useExternalUser=false

patch/竹云单点对接部署/server/profiles/server1/config/portalConfig/ssoClient.properties

@@ -0,0 +1,36 @@
+#
+#Tue Jun 25 10:32:11 CST 2024
+cas.server.renew=false
+cas.server.proxyCallbackUrl=
+sso.client.serverNameByRequestMap=false
+cas.client.proxyCallbackUrl=
+sso.client.redirectTo=/index_sso.jsp
+sso.client.loginUrl=/ssoWelcome
+sso.server.loginUrlByRequestMap=false
+???cas.server.gateway=false
+# 重定向地址ip:port
+cas.client.serverName=http://10.0.64.221:6888
+# 单点认证地址ip:port
+cas.server.url=https://iamtest.gemdale.com:18010
+# 单点认证接口地址
+cas.server.loginPath=/idp/oauth2/authorize
+sso.easIsSSOClient=true
+cas.server.IsIndependentDeployment=true
+# 是否从请求中获取服务地址  否则就会重定向到到cas.client.serverName
+sso.client.serverNameFromRequest=false
+sso.server.loginUrlFromRequest=false
+# 认证接口参数
+cas.server.clientId=testshr
+# 认证接口参数
+cas.server.responseType=code
+# 认证接口参数密钥
+cas.server.clientSecret=3efc15090259478faebde9281ec96fe9
+# 认证接口参数
+cas.server.grantType=authorization_code
+# 认证接口获取token接口地址
+cas.server.getTokenPath=/idp/oauth2/getToken
+# 认证接口获取用户信息接口地址
+cas.server.getUserInfoPath=/idp/oauth2/getUserInfo
+
+
+

patch/竹云单点对接部署/server/properties/Api/propertie.properties

@@ -0,0 +1,7 @@
+Appkey=1838882415880818690
+AppSecret=BFOmgnJrmdl6lEcQEIEt3fXtbfavRB82
+serverName=https://api-test.gemdale.com
+#获取用户总数接口地址
+getEmpCountPath=/openApi/organization-center/emp/getEmpCount
+#获取用户信息接口地址
+getEmpPath=/openApi/organization-center/emp/getEmp

src/com/kingdee/eas/custom/task/SyncZYEmpFacadeControllerBean.java

@@ -1,5 +1,6 @@
 package com.kingdee.eas.custom.task;
 
+import com.alibaba.fastjson.JSONArray;
 import com.alibaba.fastjson.JSONObject;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.gemdale.gdgateway.util.MD5Utils;
@@ -7,7 +8,6 @@ import com.kingdee.eas.base.permission.UserCollection;
 import com.kingdee.eas.base.permission.UserFactory;
 import com.kingdee.eas.base.permission.UserInfo;
 import com.kingdee.eas.basedata.person.PersonInfo;
-import com.kingdee.eas.custom.task.vo.EmpInfo;
 import com.kingdee.eas.util.app.DbUtil;
 import com.kingdee.util.DateTimeUtils;
 import com.kingdee.util.StringUtils;
@@ -25,7 +25,7 @@ import java.util.*;
 
 public class SyncZYEmpFacadeControllerBean extends AbstractSyncZYEmpFacadeControllerBean {
     private static String propertiesUrl = System.getProperty("EAS_HOME") + "/server/properties/Api/propertie.properties";
-    private List<EmpInfo> empInfoList = new ArrayList<>();
+    private List empInfoList = new ArrayList<>();
     private static Logger logger = Logger.getLogger(SyncZYEmpFacadeControllerBean.class);
     private int pageSize = 100;
 
@@ -61,7 +61,7 @@ public class SyncZYEmpFacadeControllerBean extends AbstractSyncZYEmpFacadeContro
     private void updateUserInfo(Context ctx) throws BOSException {
         try {
             ObjectMapper objectMapper = new ObjectMapper();
-            UserCollection userCollection = UserFactory.getLocalInstance(ctx).getUserCollection("select id,person.*");
+            UserCollection userCollection = UserFactory.getLocalInstance(ctx).getUserCollection("select id,person.* where person is not null");
             Map<String, String> idCardNoMap = new HashMap<>();
             Map<String, String> passportNoMap = new HashMap<>();
             Map<String, String> emailMap = new HashMap<>();
@@ -88,15 +88,15 @@ public class SyncZYEmpFacadeControllerBean extends AbstractSyncZYEmpFacadeContro
             List<Object[]> updateParams = new ArrayList<>();
             for (int i = 0; i < empInfoList.size(); i++) {
                 //首先匹配身份证或护照号,再匹配邮箱
-                EmpInfo empInfo = empInfoList.get(i);
+                Map<String, Object> empInfo = (Map<String, Object>) empInfoList.get(i);
                 //账号
-                String username = empInfo.getUsername();
-                String email = empInfo.getEmail();
-                String cardType = empInfo.getCardType();
-                String cardNum = empInfo.getCardNum();
+                String username = (String) empInfo.get("username");
+                String email = (String) empInfo.get("email");
+                String cardType = (String) empInfo.get("cardType");
+                String cardNum = (String) empInfo.get("cardNum");
                 String userId = null;
-                if (!StringUtils.isEmpty(cardNum)) {
-                    if ("大陆地区身份证".equals(cardType)) {
+                if (!StringUtils.isEmpty(cardNum) && "null".equals(cardNum)) {
+                    if (!StringUtils.isEmpty(cardType) && cardType.contains("身份证")) {
                         userId = idCardNoMap.get(cardNum);
                     } else {
                         userId = passportNoMap.get(cardNum);
@@ -307,9 +307,9 @@ public class SyncZYEmpFacadeControllerBean extends AbstractSyncZYEmpFacadeContro
                         Boolean success = (Boolean) result.get("success");
                         logger.error("查询用户数据: " + resultStr);
                         if (success) {
-                            String data = (String) result.get("data");
-                            EmpInfo empInfo = objectMapper.readValue(data, EmpInfo.class);
-                            empInfoList.add(empInfo);
+                            List data = (List) result.get("data");
+                            //EmpInfo empInfo = objectMapper.readValue(data, EmpInfo.class);
+                            empInfoList.addAll(data);
                         } else {
                             String msg = (String) result.get("msg");
                             throw new BOSException(msg);
@@ -325,4 +325,107 @@ public class SyncZYEmpFacadeControllerBean extends AbstractSyncZYEmpFacadeContro
             }
         }
     }
+//
+//    public static void main(String[] args) throws IOException, BOSException {
+//        OkHttpClient client = new OkHttpClient();
+//        ObjectMapper objectMapper = new ObjectMapper();
+//        Map<String, String> idCardNoMap = new HashMap<>();
+//        idCardNoMap.put("2342", "111");
+//        Map<String, String> passportNoMap = new HashMap<>();
+//        passportNoMap.put("234123", "111");
+//        Map<String, String> emailMap = new HashMap<>();
+//        emailMap.put("liucanyu1@gemdale.com", "111");
+//
+//
+//        int total = 0;
+//        JSONObject content = new JSONObject();
+//        content.put("containslnvalid", false);//是否包含失效用户
+//        String contentStr = content.toJSONString();
+//        RequestBody body = RequestBody.create(MediaType.parse("application/json"), contentStr);
+//
+//        Request request = new Request.Builder()
+//                .url("https://api-test.gemdale.com/openApi/organization-center/emp/getEmpCount")
+//                .post(body)
+//                .addHeader("x-ca-key", "1838882415880818690")
+//                .addHeader("x-ca-signature", "+fCDx073OeZDGPalliiigQ==")
+//                .addHeader("x-ca-signature-method", "MD5")
+//                .addHeader("content-type", "application/json")
+//                .build();
+//        Response response = client.newCall(request).execute();
+//        if (response.isSuccessful()) {
+//            Map result = objectMapper.readValue(response.body().string(), Map.class);
+//            Boolean success = (Boolean) result.get("success");
+//            if (success) {
+//                total = (int) result.get("total");
+//            } else {
+//                String msg = (String) result.get("msg");
+//                throw new BOSException(msg);
+//            }
+//        } else {
+//            throw new BOSException("请求失败");
+//        }
+//        System.out.println("total: " + total);
+//        boolean flag = true;
+//        int pageCount = total % 100 == 0 ? total / 100 : total / 100 + 1;
+//        for (int page = 1; page <= pageCount && flag; page++) {
+//            content = new JSONObject();
+//            content.put("containslnvalid", false);//是否包含失效用户
+//            content.put("pageSize", 100);
+//            content.put("pageNum", page);
+//            body = RequestBody.create(MediaType.parse("application/json"), content.toJSONString());
+//            System.out.println("page: " + page);
+//
+//            request = new Request.Builder()
+//                    .url("https://api-test.gemdale.com/openApi/organization-center/emp/getEmp")
+//                    .post(body)
+//                    .addHeader("x-ca-key", "1838882415880818690")
+//                    .addHeader("x-ca-signature", "KvB3twvz5cYyffJlvZQo8Q==")
+//                    .addHeader("x-ca-signature-method", "MD5")
+//                    .addHeader("content-type", "application/json")
+//                    .build();
+//            response = client.newCall(request).execute();
+//            if (response.isSuccessful()) {
+//                String resultStr = response.body().string();
+//                Map result = objectMapper.readValue(resultStr, Map.class);
+//                Boolean success = (Boolean) result.get("success");
+//                logger.error("查询用户数据: " + resultStr);
+//                if (success) {
+//                    List data = (List) result.get("data");
+//                    for (int i = 0; i < data.size() && flag; i++) {
+//                        Map<String, Object> map = (Map<String, Object>) data.get(i);
+//                        String username = (String) map.get("username");
+//                        if ("liucanyu1".equals(username)) {
+//                            System.out.println("username: " + username);
+//                            String cardType = (String) map.get("cardType");
+//                            System.out.println("cardType: " + cardType);
+//                            String cardNum = (String) map.get("cardNum");
+//                            System.out.println("cardNum: " + cardNum);
+//                            if (!StringUtils.isEmpty(cardNum)) {
+//                                System.out.println("cardNum: " + cardNum);
+//                            }
+//                            String email = (String) map.get("email");
+//                            System.out.println("email: " + email);
+//                            String userId = null;
+//                            if (!StringUtils.isEmpty(cardNum)) {
+//                                if (!StringUtils.isEmpty(cardType) && cardType.contains("身份证")) {
+//                                    userId = idCardNoMap.get(cardNum);
+//                                } else {
+//                                    userId = passportNoMap.get(cardNum);
+//                                }
+//                            } else {
+//                                userId = emailMap.get(email);
+//                            }
+//                            System.out.println("userId: " + userId);
+//                            flag = false;
+//                        }
+//                    }
+//                } else {
+//                    String msg = (String) result.get("msg");
+//                    throw new BOSException(msg);
+//                }
+//            } else {
+//                throw new BOSException("请求失败");
+//            }
+//        }
+//    }
 }

src/com/qy/sso/bamboocloud/filter/validate/ZYTicketValidationFilter.java

@@ -66,9 +66,15 @@ public class ZYTicketValidationFilter extends Cas20ProxyReceivingTicketValidatio
                                           Assertion assertion) {
         super.onSuccessfulValidation(request, response, assertion);
         try {
+            Map<String, Object> attributes = assertion.getAttributes();
+            Boolean isFail = (Boolean) attributes.get("isFail");
+            if (isFail) {
+                response.sendRedirect("/eassso/unreg/userNumberError.jsp");
+                return;
+            }
             //初始化会话数据
             this.initializeSessionData(request, response);
-        } catch (SHRWebException var5) {
+        } catch (Exception var5) {
             throw new RuntimeException(var5);
         }
     }
@@ -89,7 +95,8 @@ public class ZYTicketValidationFilter extends Cas20ProxyReceivingTicketValidatio
                 session.setAttribute("sessionCreateTime", session.getCreationTime());
             } else {
                 //重定向到登出页面
-                response.sendRedirect("/shr/shr_loginout/logout.do");
+                //response.sendRedirect("/shr/shr_loginout/logout.do");
+                response.sendRedirect("/shr");
             }
         } catch (Exception e) {
             e.printStackTrace();
@@ -99,7 +106,7 @@ public class ZYTicketValidationFilter extends Cas20ProxyReceivingTicketValidatio
                     session.invalidate();
                 }
                 //重定向到登出页面
-                response.sendRedirect("/shr/shr_loginout/logout.do");
+                response.sendRedirect("/shr");
             } catch (IOException var6) {
                 var6.printStackTrace();
             }
@@ -107,6 +114,7 @@ public class ZYTicketValidationFilter extends Cas20ProxyReceivingTicketValidatio
     }
 
 
+
     /**
      * 获取身份校验器
      *
@@ -125,7 +133,6 @@ public class ZYTicketValidationFilter extends Cas20ProxyReceivingTicketValidatio
     }
 
     /**
-     *
      * @param request
      * @return
      */

src/com/qy/sso/bamboocloud/validation/ZYPortalServiceTicketValidator.java

@@ -44,6 +44,7 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
 
     /**
      * 校验
+     * 不能返回空对象并且assertion.getPrincipal()也不能为空!
      *
      * @param code    身份标识
      * @param service
@@ -54,11 +55,12 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
                                     String service) throws TicketValidationException {
         //String validationUrl = this.constructValidationUrl(code, service);
         //this.logger.debug("Constructing validation url: {}", validationUrl);
+        HashMap attributes = new HashMap<>();
         try {
             this.logger.debug("Retrieving response from server.");
             Map<String, Object> token = getToken(code, null);
             String loginName = getUserInfo(token);//员工编码
-            System.out.println("获取员工信息 登录账号: " + loginName);
+            this.logger.debug("获取员工信息 登录账号: " + loginName);
             if (StringUtils.isEmpty(loginName)) {
                 throw new TicketValidationException("获取用户信息的登录账号为空!");
             }
@@ -73,11 +75,14 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
                     userNumber = rs.getString("fnumber");
                 }
                 if (StringUtils.isEmpty(userNumber)) {
-                    throw new TicketValidationException("loginName :" + loginName + "不是shr用户");
+                    this.logger.error("loginName :" + loginName + "不是shr用户");
+                    attributes.put("isFail", true);
+                    userNumber = loginName;
+                    //throw new TicketValidationException("loginName :" + loginName + "不是shr用户");
                 }
                 //创建登录用户
                 AttributePrincipal principal = new AttributePrincipalImpl(userNumber);
-                return new AssertionImpl(principal, new HashMap<>());
+                return new AssertionImpl(principal, attributes);
             } else {
                 throw new TicketValidationException("数据中心 或 locale 为空!");
             }
@@ -87,9 +92,17 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
         }
     }
 
+    /**
+     * 获取token
+     *
+     * @param code
+     * @param state
+     * @return
+     * @throws TicketValidationException
+     */
     private Map<String, Object> getToken(String code, String state) throws TicketValidationException {
-        System.out.println("code: " + code);
-        System.out.println("state: " + state);
+        this.logger.debug("code: " + code);
+        this.logger.debug("state: " + state);
         if (StringUtils.isEmpty(code)) {
             //检查session
             throw new TicketValidationException("code 不能为空!");
@@ -117,7 +130,7 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
         if (sYResponse.isSuccessful()) {
             try {
                 String result = sYResponse.body().string();
-                System.out.println("getToken sYResponse : " + result);
+                this.logger.debug("getToken sYResponse : " + result);
                 ObjectMapper objectMapper = new ObjectMapper();
                 Map<String, Object> map = objectMapper.readValue(result, Map.class);
                 String errcode = (String) map.get("errcode");
@@ -138,6 +151,13 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
         }
     }
 
+    /**
+     * 获取用户信息
+     *
+     * @param tokenResponse
+     * @return
+     * @throws TicketValidationException
+     */
     private String getUserInfo(Map<String, Object> tokenResponse) throws TicketValidationException {
         if (tokenResponse == null) {
             throw new TicketValidationException("tokenResponse 不能为空!");
@@ -165,7 +185,7 @@ public class ZYPortalServiceTicketValidator implements TicketValidator {
         if (sYResponse.isSuccessful()) {
             try {
                 String result = sYResponse.body().string();
-                System.out.println("getUserInfo sYResponse : " + result);
+                this.logger.debug("getUserInfo sYResponse : " + result);
                 ObjectMapper objectMapper = new ObjectMapper();
                 Map<String, Object> map = objectMapper.readValue(result, Map.class);
                 String errcode = (String) map.get("errcode");