1. 根据token获取ticket

2. 根据ticket获取用户信息
3. 开放注册接口

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java

@@ -134,7 +134,7 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	
 	@RequestMapping(value={"/callback/{provider}"}, method = RequestMethod.GET)
 	public ModelAndView callback(@PathVariable String provider) {
-		 //auth call back may exception 
+		 //auth call back may exception
 	    try {
 	    	SocialsAssociate socialsAssociate = null;
     		this.provider=provider;
@@ -170,6 +170,50 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	    
 	    return WebContext.redirect("/login");
 	}
+
+	/**
+	 *  重写钉钉回到方法
+	 * @return
+	 */
+	@RequestMapping(value={"/callback/login_dingtalk"}, method = RequestMethod.GET)
+	public ModelAndView callbackDingTalk() {
+		//auth call back may exception
+		// TODO  钉钉 回调函数
+		try {
+			SocialsAssociate socialsAssociate = null;
+			this.provider="dingtalk";
+			this.authCallback();
+			_logger.debug(this.accountId);
+			socialsAssociate =new SocialsAssociate();
+			socialsAssociate.setProvider(provider);
+			socialsAssociate.setSocialUserId(this.accountId);
+
+			//for login
+			String socialSignOnType=
+					(WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION)!=null) ?
+							(WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION).toString()) : "";
+
+
+			if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)
+					||socialSignOnType.equals("")){
+				socialSignOn(socialsAssociate);
+				return WebContext.redirect("/index");
+			}else{
+				socialBind(socialsAssociate);
+			}
+			Object redirect_uri = WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI);
+			if(redirect_uri != null){
+				return WebContext.redirect(redirect_uri.toString());
+			}else{
+				return WebContext.forward("/socialsignon/list");
+			}
+
+		}catch(Exception e) {
+			_logger.error("callback Exception  ",e);
+		}
+
+		return WebContext.redirect("/login");
+	}
 	
 	public boolean socialBind(SocialsAssociate socialsAssociate){
 	    if(null == socialsAssociate) {

maxkey-gateway/src/main/java/org/gateway/filter/AuthAndLogFilter.java

@@ -21,7 +21,7 @@ import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;
 
 /**
- *  认证和记录日志
+ * 认证和记录日志
  */
 @Component
 public class AuthAndLogFilter implements GlobalFilter, Ordered
@@ -37,12 +37,16 @@ public class AuthAndLogFilter implements GlobalFilter, Ordered
     {
         //获取token
         String address = exchange.getRequest().getPath().toString();
+        //registration/registeron
 
-        if(address.contains("thirdLogin/login")){
+        if (address.contains("thirdLogin/login")
+                || address.contains("thirdLogin/getUserInfo")
+                || address.contains("registration/registeron"))
+        {
             return chain.filter(exchange.mutate().build());
         }
         String token = exchange.getRequest().getHeaders().getFirst("Authorization");
-        System.out.println("Authorization is : "+ token);
+        System.out.println("Authorization is : " + token);
         ServerHttpResponse resp = exchange.getResponse();
         if (StringUtils.isBlank(token))
         {
@@ -52,14 +56,15 @@ public class AuthAndLogFilter implements GlobalFilter, Ordered
         }
         // redis 连接
         RedisConnection redisConnection = redisConnectionFactory.getConnection();
-        String userInfo = (String)redisConnection.get(token);
+        String userInfo = (String) redisConnection.get(token);
         redisConnection.close();
         System.out.println(userInfo);
         if (StringUtils.isEmpty(userInfo))
         {
             return denyAccess(exchange, "token认证错误");
         }
-        System.out.println("token is : "+ userInfo.toString());
+//        exchange.getRequest().getHeaders().add("user",userInfo);
+        System.out.println("token is : " + userInfo.toString());
         return chain.filter(exchange.mutate().build());
     }
 

maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingOrganizationService.java

@@ -53,6 +53,8 @@ public class DingdingOrganizationService   implements ISynchronizerService{
 				_logger.info("dept : " + dept.getDeptId()+" "+ dept.getName()+" "+ dept.getParentId());
 				Organizations org = buildOrganization(dept);
 				_logger.info("Organizations : " + org);
+				// 同步组织
+				organizationsService.merge(org);
 			}
 
 		} catch (ApiException e) {

maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingUsersService.java

@@ -1,24 +1,25 @@
 /*
  * Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
- 
+
 
 package org.maxkey.synchronizer.dingding;
 
 import org.joda.time.DateTime;
 import org.joda.time.format.DateTimeFormat;
+import org.maxkey.constants.ConstantsPasswordSetType;
 import org.maxkey.entity.Synchronizers;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.service.UserInfoService;
@@ -36,100 +37,128 @@ import com.dingtalk.api.response.OapiV2DepartmentListsubResponse.DeptBaseRespons
 import com.dingtalk.api.response.OapiV2UserListResponse.ListUserResponse;
 
 @Service
-public class DingdingUsersService   implements ISynchronizerService{
-	final static Logger _logger = LoggerFactory.getLogger(DingdingUsersService.class);
-	
-	@Autowired
-	DingdingOrganizationService organizationService;
-	
-	@Autowired
-	UserInfoService userInfoService;
-	
-	String access_token;
-	
-	public void sync() {
-		_logger.info("Sync Users...");
-		try {
-			
-			OapiV2DepartmentListsubResponse rspDepts = organizationService.getRspDepts();
-			for(DeptBaseResponse dept : rspDepts.getResult()) {
-				DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/list");
-				OapiV2UserListRequest req = new OapiV2UserListRequest();
-				req.setDeptId(dept.getDeptId());
-				req.setCursor(0L);
-				req.setSize(100L);
-				req.setOrderField("modify_desc");
-				req.setContainAccessLimit(true);
-				req.setLanguage("zh_CN");
-				OapiV2UserListResponse rsp = client.execute(req, access_token);
-				_logger.info("response : " + rsp.getBody());
-				
-				if(rsp.getErrcode()==0) {
-					for(ListUserResponse user :rsp.getResult().getList()) {
-						_logger.info("name : " + user.getName()+" , "+user.getLoginId()+" , "+user.getUserid());
-						UserInfo userInfo  = buildUserInfo(user);
-						_logger.info("userInfo " + userInfo);
-					}
-				}
-			}
-
-			
-		} catch (Exception e) {
-			e.printStackTrace();
-		}
-		
-	}
-	
-	public void postSync(UserInfo userInfo) {
-		
-	}
-
-	public UserInfo buildUserInfo(ListUserResponse user) {
-		UserInfo userInfo = new  UserInfo();
-
-		userInfo.setUsername(user.getUserid());//鐧诲綍鍚�
-		userInfo.setNickName(user.getName());//鐢ㄦ埛鍚�
-		userInfo.setDisplayName(user.getName());//鐢ㄦ埛鍚�
-		userInfo.setFormattedName(user.getName());//鐢ㄦ埛鍚�
-		
-		userInfo.setEmail(user.getEmail());
-		userInfo.setEntryDate(new DateTime(user.getHiredDate()).toString(DateTimeFormat.forPattern("yyyy-MM-dd")));
-		userInfo.setMobile(user.getMobile());//鎵嬫満
-		userInfo.setDepartmentId(user.getDeptIdList().get(0)+"");
-		userInfo.setJobTitle(user.getTitle());//鑱屽姟
-		userInfo.setWorkEmail(user.getOrgEmail());//宸ヤ綔閭欢
-		userInfo.setWorkPhoneNumber(user.getTelephone());//鍏徃鐢佃瘽
-		userInfo.setWorkOfficeName(user.getWorkPlace());//鍔炲叕瀹�
-		userInfo.setDescription(user.getRemark());//澶囨敞
-		
-		return userInfo;
-	}
-
-	public void setOrganizationService(DingdingOrganizationService organizationService) {
-		this.organizationService = organizationService;
-	}
-
-	public void setAccess_token(String access_token) {
-		this.access_token = access_token;
-	}
-
-	public UserInfoService getUserInfoService() {
-		return userInfoService;
-	}
-
-	public void setUserInfoService(UserInfoService userInfoService) {
-		this.userInfoService = userInfoService;
-	}
-
-	public DingdingOrganizationService getOrganizationService() {
-		return organizationService;
-	}
-
-	@Override
-	public void setSynchronizer(Synchronizers Synchronizer) {
-		
-	}
-
-
-	
+public class DingdingUsersService implements ISynchronizerService
+{
+    final static Logger _logger = LoggerFactory.getLogger(DingdingUsersService.class);
+
+    @Autowired
+    DingdingOrganizationService organizationService;
+
+    @Autowired
+    UserInfoService userInfoService;
+
+    String access_token;
+
+    public void sync()
+    {
+        _logger.info("Sync Users...");
+        try
+        {
+
+            OapiV2DepartmentListsubResponse rspDepts = organizationService.getRspDepts();
+            for (DeptBaseResponse dept : rspDepts.getResult())
+            {
+                DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/list");
+                OapiV2UserListRequest req = new OapiV2UserListRequest();
+                req.setDeptId(dept.getDeptId());
+                req.setCursor(0L);
+                req.setSize(100L);
+                req.setOrderField("modify_desc");
+                req.setContainAccessLimit(true);
+                req.setLanguage("zh_CN");
+                OapiV2UserListResponse rsp = client.execute(req, access_token);
+                _logger.info("response : " + rsp.getBody());
+
+                if (rsp.getErrcode() == 0)
+                {
+                    for (ListUserResponse user : rsp.getResult().getList())
+                    {
+                        _logger.info("name : " + user.getName() + " , " + user.getLoginId() + " , " + user.getUserid());
+                        UserInfo userInfo = buildUserInfo(user);
+                        // 同步人员
+                        userInfo.setPassword("123456");
+                        userInfo.setPasswordSetType(ConstantsPasswordSetType.PASSWORD_NORMAL);
+                        userInfo.setStatus(1);
+                        userInfo.setDepartmentId(dept.getDeptId().toString());
+                        userInfo.setDepartment(dept.getName());
+                        UserInfo loadUser = userInfoService.loadByUsername(userInfo.getUsername());
+                        if (loadUser != null)
+                        {
+                            userInfoService.update(userInfo);
+                        } else
+                        {
+                            userInfoService.insert(userInfo);
+                        }
+                        _logger.info("userInfo " + userInfo);
+                    }
+                }
+            }
+
+
+        } catch (Exception e)
+        {
+            e.printStackTrace();
+        }
+
+    }
+
+    public void postSync(UserInfo userInfo)
+    {
+
+    }
+
+    public UserInfo buildUserInfo(ListUserResponse user)
+    {
+        UserInfo userInfo = new UserInfo();
+
+        userInfo.setUsername(user.getUserid());//鐧诲綍鍚�
+        userInfo.setNickName(user.getName());//鐢ㄦ埛鍚�
+        userInfo.setDisplayName(user.getName());//鐢ㄦ埛鍚�
+        userInfo.setFormattedName(user.getName());//鐢ㄦ埛鍚�
+
+        userInfo.setEmail(user.getEmail());
+        userInfo.setEntryDate(new DateTime(user.getHiredDate()).toString(DateTimeFormat.forPattern("yyyy-MM-dd")));
+        userInfo.setMobile(user.getMobile());//鎵嬫満
+        userInfo.setDepartmentId(user.getDeptIdList().get(0) + "");
+        userInfo.setJobTitle(user.getTitle());//鑱屽姟
+        userInfo.setWorkEmail(user.getOrgEmail());//宸ヤ綔閭欢
+        userInfo.setWorkPhoneNumber(user.getTelephone());//鍏徃鐢佃瘽
+        userInfo.setWorkOfficeName(user.getWorkPlace());//鍔炲叕瀹�
+        userInfo.setDescription(user.getRemark());//澶囨敞
+
+        return userInfo;
+    }
+
+    public void setOrganizationService(DingdingOrganizationService organizationService)
+    {
+        this.organizationService = organizationService;
+    }
+
+    public void setAccess_token(String access_token)
+    {
+        this.access_token = access_token;
+    }
+
+    public UserInfoService getUserInfoService()
+    {
+        return userInfoService;
+    }
+
+    public void setUserInfoService(UserInfoService userInfoService)
+    {
+        this.userInfoService = userInfoService;
+    }
+
+    public DingdingOrganizationService getOrganizationService()
+    {
+        return organizationService;
+    }
+
+    @Override
+    public void setSynchronizer(Synchronizers Synchronizer)
+    {
+
+    }
+
+
 }

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java

@@ -183,6 +183,8 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
 
                 // third login
                 .excludePathPatterns("/thirdLogin/*")
+                // 注册
+                .excludePathPatterns("/registration/registeron")
 
                 //OAuth
                 .addPathPatterns("/authz/oauth/v20/authorize")

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ThirdLoginController.java

@@ -2,12 +2,14 @@ package org.maxkey.web.contorller;
 
 import com.alibaba.cloud.commons.lang.StringUtils;
 import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.nimbusds.jwt.SignedJWT;
 import io.swagger.annotations.ApiOperation;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
 import org.maxkey.authn.support.jwt.JwtLoginService;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
+import org.maxkey.authz.cas.endpoint.ticket.generator.DefaultUniqueTicketIdGenerator;
 import org.maxkey.entity.Organizations;
 import org.maxkey.entity.SocialsProvider;
 import org.maxkey.entity.UserInfo;
@@ -62,6 +64,7 @@ public class ThirdLoginController
     @Qualifier("socialSignOnProviderService")
     SocialSignOnProviderService socialSignOnProviderService;
 
+    private DefaultUniqueTicketIdGenerator generator = new DefaultUniqueTicketIdGenerator();
 
     @Autowired
     RedisConnectionFactory redisConnectionFactory;
@@ -91,15 +94,16 @@ public class ThirdLoginController
             data.put("userInfo", userInfo);
             data.put("token", token);
             RedisConnection redisConnection = redisConnectionFactory.getConnection();
-            // 默认 30分钟
+            // 默认 7天
             // 先获取之前有没有token
             String oldToken = redisConnection.get(userInfo.getId());
-            if(StringUtils.isNotEmpty(oldToken)){
+            if (StringUtils.isNotEmpty(oldToken))
+            {
                 redisConnection.delete(userInfo.getId());
                 redisConnection.delete(oldToken);
             }
-            redisConnection.setex(userInfo.getId(),1800,token);
-            redisConnection.setex(token,1800,JSON.toJSONString(userInfo));
+            redisConnection.setex(userInfo.getId(), 1800, token);
+            redisConnection.setex(token, 1800, JSON.toJSONString(userInfo));
             redisConnection.close();
             _logger.debug("token >>>" + token);
             result.setData(data);
@@ -114,6 +118,53 @@ public class ThirdLoginController
     }
 
     /**
+     * 根据token获取令牌
+     *
+     * @param token
+     * @return
+     */
+    @RequestMapping(value = {"/getTicket"})
+    public RetResult<Object> getTicket(HttpServletRequest request)
+    {
+        JSONObject result = new JSONObject();
+        String token = request.getHeader("Authorization");
+        _logger.debug("token > " + token);
+        // 生成令牌
+        String ticket = generator.getNewTicketId("TT");
+        _logger.debug("ticket > " + ticket);
+        // 1天
+        RedisConnection redisConnection = redisConnectionFactory.getConnection();
+        String userInfo = redisConnection.get(token);
+        UserInfo user = JSONObject.parseObject(userInfo,UserInfo.class);
+        result.put("token",token);
+        result.put("user",user);
+        redisConnection.setex(ticket, 60 * 60 * 24 * 7, result.toJSONString());
+        redisConnection.close();
+        result = new JSONObject();
+        result.put("ticket",ticket);
+        return new RetResult().setMsg("请求成功").setData(result).setCode(RetCode.SUCCESS);
+    }
+
+    /**
+     * 根据令牌获取用户信息
+     * @param ticket
+     * @return
+     */
+    @RequestMapping(value = {"/getUserInfo"}, method = RequestMethod.GET)
+    public RetResult<Object> getUserInfo(@RequestParam("ticket") String ticket, HttpServletRequest request)
+    {
+        if(StringUtils.isEmpty(ticket)){
+            return new RetResult().setMsg("参数ticket不存在").setData(null).setCode(RetCode.FAIL);
+        }
+        JSONObject result = new JSONObject();
+        RedisConnection redisConnection = redisConnectionFactory.getConnection();
+        String userInfo = redisConnection.get(ticket);
+        result.put("userInfo", userInfo);
+        redisConnection.close();
+        return new RetResult().setMsg("请求成功").setData(result).setCode(RetCode.SUCCESS);
+    }
+
+    /**
      * 校验token
      *
      * @param token