禅道接入门户

yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/AuthController.java

@@ -205,6 +205,13 @@ public class AuthController {
         return success(authService.pmsSsoToken(reqVO));
     }
 
+    @PostMapping("/zentaoSsoToken")
+    @PermitAll
+    @Operation(summary = "根据当前登录人工号 获取随机验证码", description = "快捷登录 禅道")
+    public CommonResult<AuthZentaoLoginRespVO> zentaoSsoToken(@RequestBody @Valid AuthSocialLoginReqVO reqVO) {
+        return success(authService.zentaoSsoToken(reqVO));
+    }
+
     @GetMapping("/getUser")
     @PermitAll
     @Operation(summary = "CRM系统根据登录token获取登录人工号 免登录", description = "CRM获取登录人工号")

yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/vo/AuthZentaoLoginRespVO.java

@@ -0,0 +1,28 @@
+package cn.iocoder.yudao.module.system.controller.admin.auth.vo;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Schema(description = "管理后台 - 禅道 免登录 Response VO")
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Builder
+public class AuthZentaoLoginRespVO {
+
+    @Schema(description = "工号", requiredMode = Schema.RequiredMode.REQUIRED, example = "0033777")
+    private String jobNumber;
+
+    @Schema(description = "禅道第三方应用代号", requiredMode = Schema.RequiredMode.REQUIRED, example = "Deep0ilPortal")
+    private String code;
+
+    @Schema(description = "时间戳", requiredMode = Schema.RequiredMode.REQUIRED, example = "1775199774917")
+    private Long timestamp;
+
+    @Schema(description = "访问令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "43f484e18659a1898cded87e6fd8e40c")
+    private String token;
+
+}

yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthService.java

@@ -93,7 +93,7 @@ public interface AdminAuthService {
     String oaSsoToken(AuthOaLoginReqVO reqVO);
 
     /**
-     * 免登录OA
+     * 免登录 pms
      *
      * @param reqVO 验证码信息
      */
@@ -113,4 +113,11 @@ public interface AdminAuthService {
      * @return 登录结果
      */
     AuthLoginRespVO h5SocialLogin(@Valid AuthSocialLoginReqVO reqVO);
+
+    /**
+     * 免登录 禅道
+     *
+     * @param reqVO 验证码信息
+     */
+    AuthZentaoLoginRespVO zentaoSsoToken(AuthSocialLoginReqVO reqVO);
 }

yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java

@@ -1,8 +1,10 @@
 package cn.iocoder.yudao.module.system.service.auth;
 
+import cn.hutool.core.date.LocalDateTimeUtil;
 import cn.hutool.core.util.ObjUtil;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.SecureUtil;
 import cn.iocoder.yudao.framework.common.enums.CommonStatusEnum;
 import cn.iocoder.yudao.framework.common.enums.UserTypeEnum;
 import cn.iocoder.yudao.framework.common.util.monitor.TracerUtils;
@@ -53,6 +55,7 @@ import org.springframework.web.client.RestTemplate;
 
 import javax.annotation.Resource;
 import javax.validation.Validator;
+import java.time.LocalDateTime;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
@@ -100,6 +103,12 @@ public class AdminAuthServiceImpl implements AdminAuthService {
     @Value("${oa.secret}")
     private String oaSecret;
 
+    @Value("${zentao.code}")
+    private String zentaoCode;
+
+    @Value("${zentao.secret}")
+    private String zentaoSecret;
+
     /**
      * 验证码的开关，默认为 true
      */
@@ -443,4 +452,52 @@ public class AdminAuthServiceImpl implements AdminAuthService {
             throw exception(USER_NOT_EXISTS);
         }
     }
+
+    @Override
+    public AuthZentaoLoginRespVO zentaoSsoToken(AuthSocialLoginReqVO reqVO) {
+        AuthZentaoLoginRespVO respVO = new AuthZentaoLoginRespVO();
+        respVO.setCode(zentaoCode);
+        LocalDateTime currentDate = LocalDateTime.now();
+        Long currentDateMilli = LocalDateTimeUtil.toEpochMilli(currentDate);
+        respVO.setTimestamp(currentDateMilli);
+        // 跳转链接 http://project.deepoil.cc/zentao/api.php?m=user&f=apilogin&account=0033777&code=Deep0ilPortal&time=1775199774917&token=43f484e18659a1898cded87e6fd8e40c
+        // md5 加密 code+应用密钥+时间戳  得到 token
+        String token = SecureUtil.md5(zentaoCode + zentaoSecret + currentDateMilli);
+        respVO.setToken(token);
+        // h5页面获取免登录授权码code 后台通过code查询用户信息
+        String validCode = StrUtils.xssEncode(reqVO.getCode());
+        try {
+            // 钉钉用户id
+            String userId = DingtalkUtil.getUserIdByAuthCode(validCode);
+            if (StrUtil.isBlank(userId)) {
+                // 查询不到用户详情 返回 登录失败
+                throw exception(USER_NOT_EXISTS);
+            }
+            // 根据钉钉用户id 查询用户详情
+            OapiV2UserGetResponse.UserGetResponse userDetail = DingtalkUtil.getUserDetail(userId);
+            if (ObjUtil.isEmpty(userDetail)) {
+                // 查询不到用户详情 返回 登录失败
+                throw exception(USER_NOT_EXISTS);
+            }
+            // 工号
+            String jobNumber = userDetail.getJobNumber();
+            respVO.setJobNumber(jobNumber);
+            // 手机号
+            String mobile = userDetail.getMobile();
+            if (StrUtil.isBlank(mobile)) {
+                throw exception(USER_NOT_EXISTS);
+            }
+            // 查询当前用户表中 此手机号 是否存在
+            AdminUserDO user = userService.getUserByMobile(mobile);
+            if (ObjUtil.isEmpty(user)) {
+                throw exception(USER_NOT_EXISTS);
+            }
+            return respVO;
+        } catch (Exception e) {
+            // 调用钉钉接口报错 提示 登录失败
+            e.printStackTrace();
+            throw exception(USER_NOT_EXISTS);
+        }
+    }
+
 }

yudao-server/src/main/resources/application-dev.yaml

@@ -269,4 +269,8 @@ oa:
 
 pms:
   secret: cc99d802-ce5c-5f62-b037-9a00726e7109
-  ssoToken: https://iot.deepoil.cc/admin-api/system/auth/ssoLogin/getToken
+  ssoToken: https://iot.deepoil.cc/admin-api/system/auth/ssoLogin/getToken
+
+zentao:
+  code: Deep0ilPortal
+  secret: fff507e4daffa4e8d8519109d21a138f