单点登录代码提交

properties/scy/receiveOAConfig.properties

@@ -3,4 +3,5 @@ receiveOAPath=http://oa.shichuangyi.cn:8080/rest/ofs/ReceiveRequestInfoByJson
 #异构系统标识
 syscode=SHR
 serverName=http://ehr.shichuangyi.cn:8080
-eid=K172K145K108K99K127
+eid=K172K145K108K99K127
+deleteMsgPath=http://oa.shichuangyi.cn:8080/rest/ofs/deleteUserRequestInfoByJson

src/com/kingdee/eas/custom/messageWebService/OAMessageWebServiceDao.java

@@ -215,11 +215,15 @@ public class OAMessageWebServiceDao implements MessageWebServiceDao {
             } else {
                 throw new RuntimeException("未找到对应的任务阅读表  assignId: " + assignId);
             }
-            if (WfAssignmentState.CANCELED.equals(stateEnum)) {
-                //任务取消，删除OA待办
-                return deleteMessage(msgId, handlerNumber);
-            } else if (WfAssignmentState.COMPLETED.equals(stateEnum) || WfAssignmentState.REJECTED.equals(stateEnum)) {
-                //任务完成或已拒绝，更新OA消息为已办
+//            if (WfAssignmentState.CANCELED.equals(stateEnum)) {
+//                //任务取消，删除OA待办
+//                return deleteMessage(msgId, handlerNumber);
+//            } else
+
+            if (WfAssignmentState.COMPLETED.equals(stateEnum)
+                    || WfAssignmentState.REJECTED.equals(stateEnum)
+                    || WfAssignmentState.CANCELED.equals(stateEnum)) {
+                //任务完成或已拒绝、任务取消，更新OA消息为已办
                 WSMessage wsMessage = new WSMessage();
                 wsMessage.setMsgID(msgId);
                 wsMessage.setTitle(assignSubject);

src/com/kingdee/eas/custom/sso/OAToMBos.java

@@ -1,19 +1,9 @@
 package com.kingdee.eas.custom.sso;
 
 import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
-import com.kingdee.bos.BOSException;
-import com.kingdee.bos.Context;
-import com.kingdee.eas.cp.eip.sso.util.CASLoginConfigPropUtil;
-import com.kingdee.eas.cp.eip.sso.util.CloudParamUtil;
-import com.kingdee.eas.util.app.DbUtil;
 import com.kingdee.eas.utils.ExpiringMapCache;
-import com.kingdee.jdbc.rowset.IRowSet;
 import com.kingdee.shr.base.syssetting.exception.SHRWebException;
 import com.kingdee.util.StringUtils;
-import okhttp3.OkHttpClient;
-import okhttp3.Request;
-import okhttp3.Response;
 import org.apache.log4j.Logger;
 
 import javax.servlet.ServletException;
@@ -22,7 +12,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.*;
 import java.net.URLEncoder;
-import java.sql.SQLException;
 import java.text.MessageFormat;
 import java.util.HashMap;
 import java.util.Map;
@@ -110,6 +99,10 @@ public class OAToMBos extends HttpServlet {
         if (StringUtils.isEmpty(getAccessTokenPath)) {
             throw new RuntimeException("getAccessTokenPath不能为空! 请检查配置文件: " + propPath);
         }
+        String serverName = prop.getProperty("serverName");
+        if (StringUtils.isEmpty(serverName)) {
+            throw new RuntimeException("serverName不能为空! 请检查配置文件: " + propPath);
+        }
         String client_secret = prop.getProperty("client_secret");
         if (StringUtils.isEmpty(client_secret)) {
             throw new RuntimeException("client_secret不能为空! 请检查配置文件: " + propPath);
@@ -136,7 +129,7 @@ public class OAToMBos extends HttpServlet {
         params.put("redirect_uri", URLEncoder.encode(redirect_uri2, "UTF-8"));
         try {
             String redirectUrl = null;
-            String token = getAccessToken(getAccessTokenPath, params);
+            String token = SsoUtil.getAccessToken(getAccessTokenPath, params);
             logger.error(token);
             if (StringUtils.isEmpty(redirectUrlKey)) {
                 String eid = prop.getProperty("eid");
@@ -149,7 +142,9 @@ public class OAToMBos extends HttpServlet {
             }
             Map toMbosparams = new HashMap();
             toMbosparams.put("token", token);
-            String urlString = appendUrl(redirectUrl, toMbosparams);
+            //校验流程生效状态
+            redirectUrl = SsoUtil.checkFlowEffectiveStateForMbos(redirectUrl, serverName, getLoginIdPath, token);
+            String urlString = SsoUtil.appendUrl(redirectUrl, toMbosparams);
             resp.sendRedirect(urlString);
             logger.error("redirectMbos url" + urlString);
         } catch (Exception e) {
@@ -195,7 +190,7 @@ public class OAToMBos extends HttpServlet {
         params.put("client_id", client_id);
         params.put("response_type", response_type);
         params.put("redirect_uri", URLEncoder.encode(redirect_uri1, "UTF-8"));
-        String urlString = appendUrl(authorizePath, params);
+        String urlString = SsoUtil.appendUrl(authorizePath, params);
         resp.sendRedirect(urlString);
         logger.error("authorize url" + urlString);
     }
@@ -224,7 +219,7 @@ public class OAToMBos extends HttpServlet {
         Map result = new HashMap();
         try {
             //从人员对象，获取纷享用户userId
-            String loginId = loginId2userId(getLoginIdPath, token);
+            String loginId = SsoUtil.loginId2userId(getLoginIdPath, token);
             result.put("status", "0");
             result.put("message", loginId);
             resp.setStatus(200);
@@ -239,126 +234,4 @@ public class OAToMBos extends HttpServlet {
         writer.write(JSON.toJSONString(result));
         writer.close();
     }
-
-    /**
-     * 获取泛微token方法
-     *
-     * @param getAccessTokenPath
-     * @param params
-     * @return
-     * @throws IOException
-     */
-    private String getAccessToken(String getAccessTokenPath, Map<String, String> params)
-            throws IOException {
-        logger.error("getAccessToken方法参数: " + params);
-        String url = appendUrl(getAccessTokenPath, params);
-        logger.error("access_token url" + url);
-        OkHttpClient client = new OkHttpClient();
-        Request request = new Request.Builder()
-                .url(url)
-                .get()
-                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
-                .build();
-        Response response = client.newCall(request).execute();
-        if (response.isSuccessful()) {
-            String string = response.body().string();
-            JSONObject jsonObject = JSONObject.parseObject(string);
-            String code = jsonObject.getString("code");
-            if ("0".equals(code)) {
-                String access_token = jsonObject.getString("access_token");
-                logger.error("access_token " + access_token);
-                return access_token;
-            } else {
-                throw new RuntimeException(jsonObject.getString("msg"));
-            }
-        } else {
-            //网络超时
-            throw new RuntimeException("获取token超时");
-        }
-    }
-
-    /**
-     * 获取用户信息
-     *
-     * @param accessToken
-     * @return
-     * @throws IOException
-     * @throws BOSException
-     * @throws SQLException
-     */
-    private String loginId2userId(String getLoginIdPath, String accessToken)
-            throws IOException, BOSException, SQLException {
-        if (StringUtils.isEmpty(accessToken)) {
-            throw new RuntimeException("accessToken不能为空! ");
-        }
-        //获取第三方用户信息
-        Map params = new HashMap();
-        params.put("access_token", accessToken);
-        String url = appendUrl(getLoginIdPath, params);
-        logger.error("loginId2userId url" + url);
-        OkHttpClient client = new OkHttpClient();
-        Request request = new Request.Builder()
-                .url(url)
-                .get()
-                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
-                .build();
-        Response response = client.newCall(request).execute();
-        if (response.isSuccessful()) {
-            String string = response.body().string();
-            JSONObject jsonObject = JSONObject.parseObject(string);
-            String code = jsonObject.getString("code");
-            if ("0".equals(code)) {
-                JSONObject attributes = jsonObject.getJSONObject("attributes");
-                //登录id
-                String loginid = attributes.getString("loginid");
-                String dataCenter = CASLoginConfigPropUtil.getDataCenter();
-                String locale = CASLoginConfigPropUtil.getLocale();
-                if (!StringUtils.isEmpty(dataCenter) && !StringUtils.isEmpty(locale)) {
-                    Context ctx = CloudParamUtil.getContext(dataCenter, locale, "administrator");
-                    String sql = "SELECT count(1) total FROM T_PM_USER WHERE fnumber=?";
-                    IRowSet rs = DbUtil.executeQuery(ctx, sql, new Object[]{loginid});
-                    int total = 0;
-                    if (rs.next()) {
-                        total = rs.getInt("total");
-                    }
-                    if (total <= 0) {
-                        logger.error("SHR找不到对应的用户, loginid:" + loginid);
-                        throw new RuntimeException("SHR找不到对应的用户, loginid: " + loginid);
-                        //("您无权限访问SHR系统，请联系管理员处理。")
-                    } else if (total > 1) {
-                        logger.error("SHR找到多个对应的用户, loginid:" + loginid);
-                        throw new RuntimeException("SHR找到多个对应的用户, loginid: " + loginid);
-                        //("您无权限访问SHR系统，请联系管理员处理。")
-                    } else {
-                        return loginid;
-                    }
-                }
-                logger.error("获取用户信息报错,数据中心没找到!");
-                throw new RuntimeException("获取用户信息报错,数据中心没找到!");
-            } else {
-                logger.error(jsonObject.getString("msg"));
-                throw new RuntimeException(jsonObject.getString("msg"));
-            }
-        } else {
-            //网络超时
-            logger.error("网络超时");
-            throw new RuntimeException("网络超时");
-        }
-    }
-
-    /**
-     * 拼接地址参数
-     */
-    private static String appendUrl(String url, Map<String, String> data) {
-        logger.error("appendUrl_url: " + url);
-        logger.error("appendUrl_data: " + data);
-        StringBuilder paramStr = new StringBuilder();
-        for (String key : data.keySet()) {
-            paramStr.append(key).append("=").append(data.get(key)).append("&");
-        }
-        paramStr.deleteCharAt(paramStr.lastIndexOf("&"));
-        String str = url.contains("?") ? (url + "&" + paramStr) : (url + "?" + paramStr);
-        logger.error("拼接后的地址为:" + str);
-        return str;
-    }
 }

src/com/kingdee/eas/custom/sso/OAToSHR.java

@@ -1,18 +1,10 @@
 package com.kingdee.eas.custom.sso;
 
 import com.alibaba.fastjson.JSON;
-import com.alibaba.fastjson.JSONObject;
-import com.kingdee.bos.BOSException;
-import com.kingdee.bos.Context;
 import com.kingdee.eas.cp.eip.sso.ltpa.LtpaTokenManager;
-import com.kingdee.eas.cp.eip.sso.util.CASLoginConfigPropUtil;
-import com.kingdee.eas.cp.eip.sso.util.CloudParamUtil;
-import com.kingdee.eas.util.app.DbUtil;
 import com.kingdee.eas.utils.ExpiringMapCache;
-import com.kingdee.jdbc.rowset.IRowSet;
 import com.kingdee.shr.base.syssetting.exception.SHRWebException;
 import com.kingdee.util.StringUtils;
-import okhttp3.*;
 import org.apache.log4j.Logger;
 
 import javax.servlet.ServletException;
@@ -21,7 +13,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.*;
 import java.net.URLEncoder;
-import java.sql.SQLException;
 import java.util.*;
 
 /**
@@ -116,14 +107,14 @@ public class OAToSHR extends HttpServlet {
         }
         Random random = new Random();
         String key = System.currentTimeMillis() + String.valueOf(random.nextInt(99999));
-        redirectUrlCache.put(key, redirectUrl,300000);
+        redirectUrlCache.put(key, redirectUrl, 300000);
         logger.error("callBack redirectUrl" + redirectUrl);
         redirect_uri1 += "?redirect=" + key;
         Map params = new HashMap();
         params.put("client_id", client_id);
         params.put("response_type", response_type);
         params.put("redirect_uri", URLEncoder.encode(redirect_uri1, "UTF-8"));
-        String urlString = appendUrl(authorizePath, params);
+        String urlString = SsoUtil.appendUrl(authorizePath, params);
         resp.sendRedirect(urlString);
         logger.error("authorize url" + urlString);
     }
@@ -173,10 +164,10 @@ public class OAToSHR extends HttpServlet {
         params.put("code", ticket);
         params.put("redirect_uri", URLEncoder.encode(redirect_uri2, "UTF-8"));
         try {
-            String token = getAccessToken(getAccessTokenPath, params);
+            String token = SsoUtil.getAccessToken(getAccessTokenPath, params);
             logger.error(token);
             //从人员对象，获取纷享用户userId
-            String loginId = loginId2userId(getLoginIdPath, token);
+            String loginId = SsoUtil.loginId2userId(getLoginIdPath, token);
             String loginUrl = login(loginId, redirectUrl);
             resp.sendRedirect(loginUrl);
         } catch (Exception e) {
@@ -213,131 +204,11 @@ public class OAToSHR extends HttpServlet {
                 redirectUrlStr.append(serverName).append(redirectUrl);
             }
         }
-        String encode = URLEncoder.encode(redirectUrlStr.toString(), "UTF-8");
+        //校验流程生效状态
+        String redirect = SsoUtil.checkFlowEffectiveStateForPc(redirectUrlStr.toString(), serverName);
+        String encode = URLEncoder.encode(redirect, "UTF-8");
         url.append(URLEncoder.encode(encode, "UTF-8"));
         logger.error("login: url" + url);
         return url.toString();
     }
-
-    /**
-     * 获取泛微token方法
-     *
-     * @param getAccessTokenPath
-     * @param params
-     * @return
-     * @throws IOException
-     */
-    private String getAccessToken(String getAccessTokenPath, Map<String, String> params)
-            throws IOException {
-        logger.error("getAccessToken方法参数: " + params);
-        String url = appendUrl(getAccessTokenPath, params);
-        logger.error("access_token url" + url);
-        OkHttpClient client = new OkHttpClient();
-        Request request = new Request.Builder()
-                .url(url)
-                .get()
-                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
-                .build();
-        Response response = client.newCall(request).execute();
-        if (response.isSuccessful()) {
-            String string = response.body().string();
-            JSONObject jsonObject = JSONObject.parseObject(string);
-            String code = jsonObject.getString("code");
-            if ("0".equals(code)) {
-                String access_token = jsonObject.getString("access_token");
-                logger.error("access_token " + access_token);
-                return access_token;
-            } else {
-                throw new RuntimeException(jsonObject.getString("msg"));
-            }
-        } else {
-            //网络超时
-            throw new RuntimeException("获取token超时");
-        }
-    }
-
-    /**
-     * 获取用户信息
-     *
-     * @param accessToken
-     * @return
-     * @throws IOException
-     * @throws BOSException
-     * @throws SQLException
-     */
-    private String loginId2userId(String getLoginIdPath, String accessToken)
-            throws IOException, BOSException, SQLException {
-        if (StringUtils.isEmpty(accessToken)) {
-            throw new RuntimeException("accessToken不能为空! ");
-        }
-        //获取第三方用户信息
-        Map params = new HashMap();
-        params.put("access_token", accessToken);
-        String url = appendUrl(getLoginIdPath, params);
-        logger.error("loginId2userId url" + url);
-        OkHttpClient client = new OkHttpClient();
-        Request request = new Request.Builder()
-                .url(url)
-                .get()
-                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
-                .build();
-        Response response = client.newCall(request).execute();
-        if (response.isSuccessful()) {
-            String string = response.body().string();
-            JSONObject jsonObject = JSONObject.parseObject(string);
-            String code = jsonObject.getString("code");
-            if ("0".equals(code)) {
-                JSONObject attributes = jsonObject.getJSONObject("attributes");
-                //登录id
-                String loginid = attributes.getString("loginid");
-                String dataCenter = CASLoginConfigPropUtil.getDataCenter();
-                String locale = CASLoginConfigPropUtil.getLocale();
-                if (!StringUtils.isEmpty(dataCenter) && !StringUtils.isEmpty(locale)) {
-                    Context ctx = CloudParamUtil.getContext(dataCenter, locale, "administrator");
-                    String sql = "SELECT count(1) total FROM T_PM_USER WHERE fnumber=?";
-                    IRowSet rs = DbUtil.executeQuery(ctx, sql, new Object[]{loginid});
-                    int total = 0;
-                    if (rs.next()) {
-                        total = rs.getInt("total");
-                    }
-                    if (total <= 0) {
-                        logger.error("SHR找不到对应的用户, loginid:" + loginid);
-                        throw new RuntimeException("SHR找不到对应的用户, loginid: " + loginid);
-                        //("您无权限访问SHR系统，请联系管理员处理。")
-                    } else if (total > 1) {
-                        logger.error("SHR找到多个对应的用户, loginid:" + loginid);
-                        throw new RuntimeException("SHR找到多个对应的用户, loginid: " + loginid);
-                        //("您无权限访问SHR系统，请联系管理员处理。")
-                    } else {
-                        return loginid;
-                    }
-                }
-                logger.error("获取用户信息报错,数据中心没找到!");
-                throw new RuntimeException("获取用户信息报错,数据中心没找到!");
-            } else {
-                logger.error(jsonObject.getString("msg"));
-                throw new RuntimeException(jsonObject.getString("msg"));
-            }
-        } else {
-            //网络超时
-            logger.error("网络超时");
-            throw new RuntimeException("网络超时");
-        }
-    }
-
-    /**
-     * 拼接地址参数
-     */
-    private static String appendUrl(String url, Map<String, String> data) {
-        logger.error("appendUrl_url: " + url);
-        logger.error("appendUrl_data: " + data);
-        StringBuilder paramStr = new StringBuilder();
-        for (String key : data.keySet()) {
-            paramStr.append(key).append("=").append(data.get(key)).append("&");
-        }
-        paramStr.deleteCharAt(paramStr.lastIndexOf("&"));
-        String str = url.contains("?") ? (url + "&" + paramStr) : (url + "?" + paramStr);
-        logger.error("拼接后的地址为:" + str);
-        return str;
-    }
 }

src/com/kingdee/eas/custom/sso/SsoUtil.java

@@ -0,0 +1,250 @@
+package com.kingdee.eas.custom.sso;
+
+import com.alibaba.fastjson.JSONObject;
+import com.kingdee.bos.BOSException;
+import com.kingdee.bos.Context;
+import com.kingdee.eas.cp.eip.sso.ltpa.LtpaTokenManager;
+import com.kingdee.eas.cp.eip.sso.util.CASLoginConfigPropUtil;
+import com.kingdee.eas.cp.eip.sso.util.CloudParamUtil;
+import com.kingdee.eas.util.app.DbUtil;
+import com.kingdee.jdbc.rowset.IRowSet;
+import com.kingdee.util.StringUtils;
+import okhttp3.OkHttpClient;
+import okhttp3.Request;
+import okhttp3.Response;
+import org.apache.log4j.Logger;
+
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.sql.SQLException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @Description TODO
+ * @Date 2024/11/25 10:02
+ * @Created by Heyuan
+ */
+public class SsoUtil {
+    private static Logger logger = Logger.getLogger(SsoUtil.class);
+
+    /**
+     * 校验流程生效状态
+     *
+     * @param redirect
+     * @param serverName
+     * @return
+     * @throws BOSException
+     * @throws SQLException
+     */
+    public static String checkFlowEffectiveStateForPc(String redirect, String serverName) throws BOSException, SQLException {
+        if (StringUtils.isEmpty(redirect)) {
+            throw new RuntimeException("重定向地址不能为空!");
+        }
+        if (StringUtils.isEmpty(serverName)) {
+            throw new RuntimeException("serverName不能为空!");
+        }
+        int index = redirect.indexOf("?");
+        Map<String, String> params = new HashMap<>();
+        if (index > 0) {
+            String redirectParams = redirect.substring(index + 1);
+            String[] arrary = redirectParams.split("&");
+            for (int i = 0; i < arrary.length; i++) {
+                String[] split = arrary[i].split("=");
+                params.put(split[0], split[1]);
+            }
+        } else {
+            return redirect;
+        }
+        //流程id
+        String assignmentId = params.get("AssignmentId");
+        if (StringUtils.isEmpty(assignmentId)) {
+            assignmentId = params.get("assignId");
+        }
+        if (StringUtils.isEmpty(assignmentId)) {
+            return redirect;
+        }
+        String dataCenter = CASLoginConfigPropUtil.getDataCenter();
+        String locale = CASLoginConfigPropUtil.getLocale();
+        if (!StringUtils.isEmpty(dataCenter) && !StringUtils.isEmpty(locale)) {
+            Context ctx = CloudParamUtil.getContext(dataCenter, locale, "administrator");
+            String sql = "SELECT count(1) total FROM T_WFR_Assign WHERE FASSIGNID = ?";
+            IRowSet rs = DbUtil.executeQuery(ctx, sql, new Object[]{assignmentId});
+            int total = 0;
+            while (rs.next()) {
+                total = rs.getInt("total");
+            }
+            if (total <= 0) {
+                return serverName + "/shr/flowErrorPage.jsp";
+            } else {
+                return redirect;
+            }
+        }
+        logger.error("获取用户信息报错,数据中心没找到!");
+        throw new RuntimeException("获取用户信息报错,数据中心没找到!");
+    }
+
+    /**
+     * 移动端校验流程生效状态
+     *
+     * @param redirect
+     * @param serverName
+     * @param getLoginIdPath
+     * @param token
+     * @return
+     * @throws SQLException
+     * @throws BOSException
+     * @throws IOException
+     */
+    public static String checkFlowEffectiveStateForMbos(String redirect,
+                                                 String serverName,
+                                                 String getLoginIdPath,
+                                                 String token) throws SQLException, BOSException, IOException {
+        if (StringUtils.isEmpty(getLoginIdPath)) {
+            throw new RuntimeException("getLoginIdPath不能为空!");
+        }
+        if (StringUtils.isEmpty(serverName)) {
+            throw new RuntimeException("serverName不能为空!");
+        }
+        if (StringUtils.isEmpty(token)) {
+            throw new RuntimeException("token不能为空!");
+        }
+        redirect = checkFlowEffectiveStateForPc(redirect, serverName);
+        if (redirect.contains("/shr/flowErrorPage.jsp")) {
+            String userNumber = SsoUtil.loginId2userId(getLoginIdPath, token);
+            String password = LtpaTokenManager.generate(userNumber, LtpaTokenManager.getDefaultLtpaConfig()).toString();
+            logger.error("login: password" + password);
+            StringBuilder url = new StringBuilder();
+            url.append(serverName).append("/shr/index2sso.jsp?username=").append(userNumber)
+                    .append("&password=").append(password).append("&redirectTo=");
+            String encode = URLEncoder.encode(redirect, "UTF-8");
+            url.append(URLEncoder.encode(encode, "UTF-8"));
+            return url.toString();
+        } else {
+            return redirect;
+        }
+    }
+
+    /**
+     * 获取用户信息
+     *
+     * @param accessToken
+     * @return
+     * @throws IOException
+     * @throws BOSException
+     * @throws SQLException
+     */
+    public static String loginId2userId(String getLoginIdPath, String accessToken)
+            throws IOException, BOSException, SQLException {
+        if (StringUtils.isEmpty(accessToken)) {
+            throw new RuntimeException("accessToken不能为空! ");
+        }
+        //获取第三方用户信息
+        Map params = new HashMap();
+        params.put("access_token", accessToken);
+        String url = appendUrl(getLoginIdPath, params);
+        logger.error("loginId2userId url" + url);
+        OkHttpClient client = new OkHttpClient();
+        Request request = new Request.Builder()
+                .url(url)
+                .get()
+                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
+                .build();
+        Response response = client.newCall(request).execute();
+        if (response.isSuccessful()) {
+            String string = response.body().string();
+            JSONObject jsonObject = JSONObject.parseObject(string);
+            String code = jsonObject.getString("code");
+            if ("0".equals(code)) {
+                JSONObject attributes = jsonObject.getJSONObject("attributes");
+                //登录id
+                String loginid = attributes.getString("loginid");
+                String dataCenter = CASLoginConfigPropUtil.getDataCenter();
+                String locale = CASLoginConfigPropUtil.getLocale();
+                if (!StringUtils.isEmpty(dataCenter) && !StringUtils.isEmpty(locale)) {
+                    Context ctx = CloudParamUtil.getContext(dataCenter, locale, "administrator");
+                    String sql = "SELECT count(1) total FROM T_PM_USER WHERE fnumber=?";
+                    IRowSet rs = DbUtil.executeQuery(ctx, sql, new Object[]{loginid});
+                    int total = 0;
+                    if (rs.next()) {
+                        total = rs.getInt("total");
+                    }
+                    if (total <= 0) {
+                        logger.error("SHR找不到对应的用户, loginid:" + loginid);
+                        throw new RuntimeException("SHR找不到对应的用户, loginid: " + loginid);
+                        //("您无权限访问SHR系统，请联系管理员处理。")
+                    } else if (total > 1) {
+                        logger.error("SHR找到多个对应的用户, loginid:" + loginid);
+                        throw new RuntimeException("SHR找到多个对应的用户, loginid: " + loginid);
+                        //("您无权限访问SHR系统，请联系管理员处理。")
+                    } else {
+                        return loginid;
+                    }
+                }
+                logger.error("获取用户信息报错,数据中心没找到!");
+                throw new RuntimeException("获取用户信息报错,数据中心没找到!");
+            } else {
+                logger.error(jsonObject.getString("msg"));
+                throw new RuntimeException(jsonObject.getString("msg"));
+            }
+        } else {
+            //网络超时
+            logger.error("网络超时");
+            throw new RuntimeException("网络超时");
+        }
+    }
+
+    /**
+     * 获取泛微token方法
+     *
+     * @param getAccessTokenPath
+     * @param params
+     * @return
+     * @throws IOException
+     */
+    public static String getAccessToken(String getAccessTokenPath, Map<String, String> params)
+            throws IOException {
+        logger.error("getAccessToken方法参数: " + params);
+        String url = appendUrl(getAccessTokenPath, params);
+        logger.error("access_token url" + url);
+        OkHttpClient client = new OkHttpClient();
+        Request request = new Request.Builder()
+                .url(url)
+                .get()
+                .addHeader("content-type", "multipart/form-data; boundary=---011000010111000001101001")
+                .build();
+        Response response = client.newCall(request).execute();
+        if (response.isSuccessful()) {
+            String string = response.body().string();
+            JSONObject jsonObject = JSONObject.parseObject(string);
+            String code = jsonObject.getString("code");
+            if ("0".equals(code)) {
+                String access_token = jsonObject.getString("access_token");
+                logger.error("access_token " + access_token);
+                return access_token;
+            } else {
+                throw new RuntimeException(jsonObject.getString("msg"));
+            }
+        } else {
+            //网络超时
+            throw new RuntimeException("获取token超时");
+        }
+    }
+
+
+    /**
+     * 拼接地址参数
+     */
+    public static String appendUrl(String url, Map<String, String> data) {
+        logger.error("appendUrl_url: " + url);
+        logger.error("appendUrl_data: " + data);
+        StringBuilder paramStr = new StringBuilder();
+        for (String key : data.keySet()) {
+            paramStr.append(key).append("=").append(data.get(key)).append("&");
+        }
+        paramStr.deleteCharAt(paramStr.lastIndexOf("&"));
+        String str = url.contains("?") ? (url + "&" + paramStr) : (url + "?" + paramStr);
+        logger.error("拼接后的地址为:" + str);
+        return str;
+    }
+}