本文介绍了一种使用企业微信进行用户身份验证的方法,并将其与Spring MVC框架结合,实现了一个具体的登录控制器。该控制器处理了从企业微信获取用户信息的过程,包括获取access_token、通过code换取用户信息等步骤。
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.TypeReference;
@Controller
@RequestMapping(value = "${adminPath}/user")
public class LoginController{
Logger log = LoggerFactory.getLogger(LoginController.class);
String corpid ="ww8c58505d51cea383";
String corpsecret ="6DQn3BjahpIYij76kkGEW-uearBfR0JqI2ozFRJ6o-g";
@Autowired
private LdapAuthentication authentication;
@Autowired
private UserService userService;
//@Value("#{APP_PROP['ips']}")
//private String ips;
@Value("${self_url}")
private String self_url;
@Value("#{APP_PROP['backUrl']}")
private String backUrl;
@SuppressWarnings("static-access")
@RequestMapping(value = "index", method = RequestMethod.GET)
public String index(HttpServletRequest request, HttpServletResponse response, Model model) {
return "modules/sys/sysLogin";
}
@RequestMapping(value = "login", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
String username = request.getParameter("username");
String password = request.getParameter("password");
String domain = "@sekorm.com";
if(StringUtils.isBlank(username) || StringUtils.isBlank(password)){
request.setAttribute("error", "用户名或密码不能为空!");
return "modules/sys/sysLogin";
}
boolean isLogin = authentication.isLogin(username + domain, password);
if (!isLogin) {
request.setAttribute("error", "用户名或密码错误!");
return "modules/sys/sysLogin";
}
request.getSession().setAttribute("username", username);
UserVo user=new UserVo();
user.setUserName(username);
user=userService.getUser(user);
if (null==user) {
request.setAttribute("error", "ERP账号还没有创建,请联系ERP工程师!");
return "modules/sys/sysLogin";
}
request.getSession().setAttribute("user", user);
request.getSession().setAttribute("way", "WEB");
return "redirect:/a/contact/list";
}
@SuppressWarnings({ "unused"})
@RequestMapping(value = "login_wx", method = RequestMethod.GET)
public String login_wx(HttpServletRequest request, HttpServletResponse response, Model model) {
/* * */
try {
String tokenUrl ="https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=ww8c58505d51cea383&corpsecret=6DQn3BjahpIYij76kkGEW-uearBfR0JqI2ozFRJ6o-g";
Map<String, String> map=new HashMap<String,String>();
HttpResponse resp = HttpUtil.getInstance().doGet(tokenUrl, map);
int status=resp.getStatusLine().getStatusCode();
if(status==200){
String resultContent= HttpUtil.readStream(resp.getEntity().getContent(), HttpUtil.defaultEncoding);
Map<String, Object> resultMap = JSON.parseObject(resultContent,new TypeReference<Map<String, Object>>() {});
String access_token = (String) resultMap.get("access_token");
String code=request.getParameter("code");
String useridUrl ="https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo?access_token=ACCESS_TOKEN&code=CODE&agentid=1000010";
useridUrl=useridUrl.replace("ACCESS_TOKEN", access_token).replace("CODE", code);
HttpResponse respUserInfo = HttpUtil.getInstance().doGet(useridUrl, map);
int statusUserInfo=respUserInfo.getStatusLine().getStatusCode();
String resultContentUserInfo= HttpUtil.readStream(respUserInfo.getEntity().getContent(), HttpUtil.defaultEncoding);
Map<String, Object> userMap = JSON.parseObject(resultContentUserInfo,new TypeReference<Map<String, Object>>() {});
Object errcode = userMap.get("errcode");
if(0!=(Integer)errcode ){
return "error/500";
}
String username = (String) userMap.get("UserId");
request.getSession().setAttribute("username", username);
UserVo user=new UserVo();
user.setUserName(username);
user=userService.getUser(user);
request.getSession().setAttribute("user", user);
request.getSession().setAttribute("way", "MOBILE");
}
} catch (Exception e) {
log.error("xxxxxxx",e);
e.printStackTrace();
}
return "redirect:/a/contact/mlist";
}
@RequestMapping(value = "oauth_wx", method = RequestMethod.GET)
public String oauth_wx(HttpServletRequest request, HttpServletResponse response, Model model) {
try {
String redirect_uri = "";
//String backUrl ="http://webback-end.sekorm.com:8082/transactor/a/user/login_wx";
String url=self_url+backUrl;
redirect_uri =java.net.URLEncoder.encode(url, "utf-8");
String oauth2Url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=ww8c58505d51cea383&redirect_uri=" + redirect_uri
+ "&response_type=code&scope=snsapi_base&agentid=1000010&state=STATE#wechat_redirect";
return "redirect:" + oauth2Url;
} catch (Exception e) {
log.error("xxxxxx",e);
e.printStackTrace();
}
return "error/500";
}
}
转载于:https://www.cnblogs.com/albert-think/p/10682459.html
扫一扫
5661
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
