fix: 解除资源服务器跟授权服务耦合关系

kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/CasUser.java

@@ -53,23 +53,26 @@ public class CasUser extends User {
 	/** 最后登陆时间 */
 	private LocalDateTime loginTime;
 
+	/** 状态 */
+	private String ssoStatus;
+
 	/** 创建ID */
-	private String $createById;
+	private String ssoCreateById;
 
 	/** 创建人 */
-	private String $createByName;
+	private String ssoCreateByName;
 
 	/** 创建时间 */
-	private LocalDateTime $createTime;
+	private LocalDateTime ssoCreateTime;
 
-	/** 更新id */
+	/** 更新ID */
-	private String $updateById;
+	private String ssoUpdateById;
 
-	/** 更新者 */
+	/** 更新人 */
-	private String $updateByName;
+	private String ssoUpdateByName;
 
 	/** 更新时间 */
-	private LocalDateTime $updateTime;
+	private LocalDateTime ssoUpdateTime;
 
 	/** 备注 */
 	private String remarks;
@@ -107,12 +110,55 @@ public class CasUser extends User {
 				   String avatar,
 				   String loginIp,
 				   LocalDateTime loginTime,
-				   String createById,
+				   String ssoStatus,
-				   String createByName,
+				   String ssoCreateById,
-				   LocalDateTime createTime,
+				   String ssoCreateByName,
-				   String updateById,
+				   LocalDateTime ssoCreateTime,
-				   String updateByName,
+				   String ssoUpdateById,
-				   LocalDateTime updateTime,
+				   String ssoUpdateByName,
+				   LocalDateTime ssoUpdateTime,
+				   String remarks) {
+		super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
+		this.id = id;
+		this.nickName = nickName;
+		this.email = email;
+		this.phone = phone;
+		this.sex = sex;
+		this.avatar = avatar;
+		this.loginIp = loginIp;
+		this.loginTime = loginTime;
+		this.ssoStatus = ssoStatus;
+		this.ssoCreateById = ssoCreateById;
+		this.ssoCreateByName = ssoCreateByName;
+		this.ssoCreateTime = ssoCreateTime;
+		this.ssoUpdateById = ssoUpdateById;
+		this.ssoUpdateByName = ssoUpdateByName;
+		this.ssoUpdateTime = ssoUpdateTime;
+		this.remarks = remarks;
+	}
+
+	public CasUser(String username,
+				   String password,
+				   boolean enabled,
+				   boolean accountNonExpired,
+				   boolean credentialsNonExpired,
+				   boolean accountNonLocked,
+				   Collection<? extends GrantedAuthority> authorities,
+				   String id,
+				   String nickName,
+				   String email,
+				   String phone,
+				   String sex,
+				   String avatar,
+				   String loginIp,
+				   LocalDateTime loginTime,
+				   String ssoStatus,
+				   String ssoCreateById,
+				   String ssoCreateByName,
+				   LocalDateTime ssoCreateTime,
+				   String ssoUpdateById,
+				   String ssoUpdateByName,
+				   LocalDateTime ssoUpdateTime,
 				   String remarks,
 				   String roleId,
 				   String tenantId) {
@@ -125,12 +171,13 @@ public class CasUser extends User {
 		this.avatar = avatar;
 		this.loginIp = loginIp;
 		this.loginTime = loginTime;
-		this.$createById = createById;
+		this.ssoStatus = ssoStatus;
-		this.$createByName = createByName;
+		this.ssoCreateById = ssoCreateById;
-		this.$createTime = createTime;
+		this.ssoCreateByName = ssoCreateByName;
-		this.$updateById = updateById;
+		this.ssoCreateTime = ssoCreateTime;
-		this.$updateByName = updateByName;
+		this.ssoUpdateById = ssoUpdateById;
-		this.$updateTime = updateTime;
+		this.ssoUpdateByName = ssoUpdateByName;
+		this.ssoUpdateTime = ssoUpdateTime;
 		this.remarks = remarks;
 		this.roleId = roleId;
 		this.tenantId = tenantId;

kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/KiccUser.java

@@ -67,22 +67,22 @@ public class KiccUser extends CasUser {
     @ApiModelProperty("多租户ID集合")
     private String[] tenantIds;
 
-    /** 创建ID */
+    @ApiModelProperty("创建ID")
     private String createById;
 
-    /** 创建人 */
+    @ApiModelProperty("创建人")
     private String createByName;
 
-    /** 创建时间 */
+    @ApiModelProperty("创建时间")
     private LocalDateTime createTime;
 
-    /** 更新id */
+    @ApiModelProperty("更新ID")
     private String updateById;
 
-    /** 更新者 */
+    @ApiModelProperty("更新人")
     private String updateByName;
 
-    /** 更新时间 */
+    @ApiModelProperty("更新时间")
     private LocalDateTime updateTime;
 
 	public KiccUser() {

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/ResourceServerAutoConfiguration.java

@@ -5,6 +5,7 @@ import com.cloud.kicc.common.security.exp.ResourceAuthExceptionEntryPoint;
 import com.cloud.kicc.common.security.override.KiccBearerTokenExtractor;
 import com.cloud.kicc.common.security.exp.KiccLocalResourceServerTokenServices;
 import com.cloud.kicc.common.security.exp.PermissionService;
+import com.cloud.kicc.system.api.feign.RemoteUserService;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
@@ -44,8 +45,8 @@ public class ResourceServerAutoConfiguration {
 	/** 扩展资源服务器令牌服务 */
 	@Bean
 	@Primary
-	public ResourceServerTokenServices resourceServerTokenServices(TokenStore tokenStore) {
+	public ResourceServerTokenServices resourceServerTokenServices(TokenStore tokenStore, RemoteUserService remoteUserService) {
-		return new KiccLocalResourceServerTokenServices(tokenStore);
+		return new KiccLocalResourceServerTokenServices(tokenStore, remoteUserService);
 	}
 
 }

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/exp/KiccLocalResourceServerTokenServices.java

@@ -1,10 +1,24 @@
 package com.cloud.kicc.common.security.exp;
 
+import cn.hutool.json.JSONUtil;
+import com.cloud.kicc.common.core.api.R;
+import com.cloud.kicc.common.core.constant.SecurityConstants;
+import com.cloud.kicc.common.core.enums.CasSystemEnum;
+import com.cloud.kicc.common.core.jackson.KiccJavaTimeModule;
 import com.cloud.kicc.common.data.entity.CasUser;
+import com.cloud.kicc.common.data.entity.KiccUser;
+import com.cloud.kicc.common.security.exception.SecurityCheckedException;
+import com.cloud.kicc.common.security.override.jackson2.SimpleGrantedAuthorityMixin;
+import com.cloud.kicc.system.api.feign.RemoteUserService;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.RequiredArgsConstructor;
+import lombok.SneakyThrows;
+import org.springframework.beans.BeanUtils;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
@@ -12,6 +26,10 @@ import org.springframework.security.oauth2.provider.OAuth2Request;
 import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+
 /**
  *<p>
  * 本地资源服务器令牌服务
@@ -25,23 +43,70 @@ public class KiccLocalResourceServerTokenServices implements ResourceServerToken
 
 	private final TokenStore tokenStore;
 
+	private final RemoteUserService remoteUserService;
+
 	@Override
+	@SneakyThrows
 	public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException, InvalidTokenException {
 		// 根据token加载身份验证
 		OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(accessToken);
 		if (oAuth2Authentication == null) {
 			return null;
 		}
-
 		OAuth2Request oAuth2Request = oAuth2Authentication.getOAuth2Request();
-		// 检测是否是属于认证的CAS统一认证用户
+		// 检测是否是属于认证的CasUser实体用户
 		if (!(oAuth2Authentication.getPrincipal() instanceof CasUser)) {
 			return oAuth2Authentication;
 		}
-
 		CasUser casUser = (CasUser) oAuth2Authentication.getPrincipal();
+
+		// 设置SSO子系统扩展用户信息
+		if (casUser.getExPrincipals().get(CasSystemEnum.KICC) == null) {
+			R<KiccUser> result = remoteUserService.selectByCasUserId(casUser.getId());
+			if (result.getCode() != R.SUCCESS) {
+				throw new SecurityCheckedException("找不到系统用户请联系您的系统管理员进行配置!");
+			}
+
+			KiccUser user = result.getData();
+			List<SimpleGrantedAuthority> authorities = Arrays.stream(user.getPermissions())
+					.map(SimpleGrantedAuthority::new)
+					.collect(Collectors.toList());
+			KiccUser kiccUser = new KiccUser(
+					casUser.getUsername(),
+					casUser.getPassword(),
+					casUser.isEnabled(),
+					casUser.isAccountNonExpired(),
+					casUser.isCredentialsNonExpired(),
+					casUser.isAccountNonLocked(),
+					authorities
+			);
+			BeanUtils.copyProperties(user, kiccUser);
+			casUser.getExPrincipals().put(CasSystemEnum.KICC, new ObjectMapper()
+					.registerModule(new KiccJavaTimeModule())
+					.setSerializationInclusion(JsonInclude.Include.NON_NULL)
+					.writeValueAsString(kiccUser));
+			tokenStore.storeAccessToken(tokenStore.getAccessToken(oAuth2Authentication), oAuth2Authentication);
+		}
+
+		// 覆盖casUser核心authorities
+		String str = casUser.getExPrincipals().get(CasSystemEnum.KICC);
+		if (!JSONUtil.isJson(str)) throw new RuntimeException("exPrincipals不是json字符串!");
+		KiccUser kiccUser = new ObjectMapper()
+				.registerModule(new KiccJavaTimeModule())
+				.addMixIn(SimpleGrantedAuthority.class, SimpleGrantedAuthorityMixin.class)
+				.readValue(str, KiccUser.class);
+		CasUser exCasUser = new CasUser(
+				casUser.getUsername(),
+				SecurityConstants.MOCK_PASSWORD,
+				casUser.isEnabled(),
+				casUser.isAccountNonExpired(),
+				casUser.isCredentialsNonExpired(),
+				casUser.isAccountNonLocked(),
+				kiccUser.getAuthorities());
+		BeanUtils.copyProperties(casUser, exCasUser);
+
 		// 每次请求前都预先加载用户名密码身份验证令牌
-		Authentication userAuthentication = new UsernamePasswordAuthenticationToken(casUser, "N/A", casUser.getAuthorities());
+		Authentication userAuthentication = new UsernamePasswordAuthenticationToken(exCasUser, "N/A", exCasUser.getAuthorities());
 		OAuth2Authentication authentication = new OAuth2Authentication(oAuth2Request, userAuthentication);
 		authentication.setAuthenticated(true);
 		return authentication;

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/override/KiccCustomTokenServices.java

@@ -1,6 +1,5 @@
 package com.cloud.kicc.common.security.override;
 
-import cn.hutool.core.map.MapUtil;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.core.Authentication;
@@ -16,7 +15,6 @@ import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.Assert;
 
 import java.util.Date;
-import java.util.Map;
 import java.util.Set;
 import java.util.UUID;
 

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/KiccUserDetailsService.java

@@ -4,24 +4,15 @@ import cn.hutool.core.util.StrUtil;
 import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.CommonConstants;
 import com.cloud.kicc.common.core.constant.SecurityConstants;
-import com.cloud.kicc.common.core.enums.CasSystemEnum;
-import com.cloud.kicc.common.core.jackson.KiccJavaTimeModule;
 import com.cloud.kicc.common.data.entity.CasUser;
-import com.cloud.kicc.common.data.entity.KiccUser;
 import com.cloud.kicc.common.security.exception.SecurityCheckedException;
-import com.fasterxml.jackson.annotation.JsonInclude;
+import com.cloud.kicc.system.api.entity.SsoUser;
-import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.SneakyThrows;
-import org.springframework.beans.BeanUtils;
 import org.springframework.core.Ordered;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 
-import java.util.Arrays;
-import java.util.List;
-import java.util.stream.Collectors;
-
 /**
  *<p>
  * 用户详细信息服务
@@ -56,26 +47,23 @@ public interface KiccUserDetailsService extends UserDetailsService, Ordered {
 	 * @return UserDetails
 	 */
 	@SneakyThrows
-	default UserDetails getUserDetails(R<KiccUser> result) {
+	default UserDetails getUserDetails(R<SsoUser> result) {
-
 		// 验证请求是否成功
 		if (result.getCode() != R.SUCCESS) {
 			throw new SecurityCheckedException(result.getMsg());
 		}
 
-		KiccUser user = result.getData();
+		SsoUser user = result.getData();
-		List<SimpleGrantedAuthority> authorities = Arrays.stream(user.getPermissions())
+        // 构造security用户
-				.map(SimpleGrantedAuthority::new)
+		return new CasUser(
-				.collect(Collectors.toList());
+				user.getUserName(),
-		CasUser casUser = new CasUser(
-				user.getUsername(),
 				SecurityConstants.BCRYPT + user.getPassword(),
 				true,
 				true,
 				true,
 				StrUtil.equals(user.getStatus(), CommonConstants.STATUS_NORMAL),
-				authorities,
+				AuthorityUtils.createAuthorityList(),
-				user.getCasUserId(),
+				user.getId(),
 				user.getNickName(),
 				user.getEmail(),
 				user.getPhone(),
@@ -83,34 +71,15 @@ public interface KiccUserDetailsService extends UserDetailsService, Ordered {
 				user.getAvatar(),
 				user.getLoginIp(),
 				user.getLoginTime(),
+				user.getStatus(),
 				user.getCreateById(),
 				user.getCreateByName(),
 				user.getCreateTime(),
 				user.getUpdateById(),
 				user.getUpdateByName(),
 				user.getUpdateTime(),
-				user.getRemarks(),
+				user.getRemarks()
-				String.join(",", user.getRoleIds()),
-				String.join(",", user.getTenantIds())
 		);
-		KiccUser kiccUser = new KiccUser(
-				casUser.getUsername(),
-				casUser.getPassword(),
-				casUser.isEnabled(),
-				casUser.isAccountNonExpired(),
-				casUser.isCredentialsNonExpired(),
-				casUser.isAccountNonLocked(),
-				authorities
-		);
-		BeanUtils.copyProperties(user, kiccUser);
-		// 设置扩展用户数据
-		casUser.getExPrincipals().put(CasSystemEnum.KICC, new ObjectMapper()
-		.registerModule(new KiccJavaTimeModule())
-		.setSerializationInclusion(JsonInclude.Include.NON_NULL)
-		.writeValueAsString(kiccUser));
-
-		// 构造security用户
-		return casUser;
 	}
 
 	/**

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccAppUserDetailsServiceImpl.java

@@ -3,9 +3,9 @@ package com.cloud.kicc.common.security.service.impl;
 import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.SecurityConstants;
 import com.cloud.kicc.common.data.entity.CasUser;
-import com.cloud.kicc.common.data.entity.KiccUser;
 import com.cloud.kicc.common.security.service.KiccUserDetailsService;
-import com.cloud.kicc.system.api.feign.RemoteUserService;
+import com.cloud.kicc.system.api.entity.SsoUser;
+import com.cloud.kicc.system.api.feign.RemoteAppService;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
@@ -23,7 +23,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 @RequiredArgsConstructor
 public class KiccAppUserDetailsServiceImpl implements KiccUserDetailsService {
 
-	private final RemoteUserService remoteUserService;
+	private final RemoteAppService remoteAppService;
 
 	/**
 	 * 手机号登录
@@ -32,7 +32,7 @@ public class KiccAppUserDetailsServiceImpl implements KiccUserDetailsService {
 	@Override
 	@SneakyThrows
 	public UserDetails loadUserByUsername(String phone) {
-		R<KiccUser> result = remoteUserService.selectByPhone(phone);
+		R<SsoUser> result = remoteAppService.selectByPhone(phone);
         return getUserDetails(result);
 	}
 

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccUserDetailsServiceImpl.java

@@ -1,9 +1,9 @@
 package com.cloud.kicc.common.security.service.impl;
 
 import com.cloud.kicc.common.core.api.R;
-import com.cloud.kicc.common.data.entity.KiccUser;
 import com.cloud.kicc.common.security.service.KiccUserDetailsService;
-import com.cloud.kicc.system.api.feign.RemoteUserService;
+import com.cloud.kicc.system.api.entity.SsoUser;
+import com.cloud.kicc.system.api.feign.RemoteSsoUserService;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
@@ -23,7 +23,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 @RequiredArgsConstructor
 public class KiccUserDetailsServiceImpl implements KiccUserDetailsService {
 
-	private final RemoteUserService remoteUserService;
+	private final RemoteSsoUserService remoteSsoUserService;
 
 	/**
 	 * 用户名密码登录
@@ -32,7 +32,7 @@ public class KiccUserDetailsServiceImpl implements KiccUserDetailsService {
 	@Override
 	@SneakyThrows
 	public UserDetails loadUserByUsername(String username) {
-		R<KiccUser> result = remoteUserService.selectByUserName(username);
+		R<SsoUser> result = remoteSsoUserService.selectByUserName(username);
         return getUserDetails(result);
 	}
 

kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/util/SecurityUtils.java

@@ -146,12 +146,13 @@ public class SecurityUtils {
 				user.getAvatar(),
 				user.getLoginIp(),
 				user.getLoginTime(),
-				user.getCreateById(),
+				user.getSsoStatus(),
-				user.getCreateByName(),
+				user.getSsoCreateById(),
-				user.getCreateTime(),
+				user.getSsoCreateByName(),
-				user.getUpdateById(),
+				user.getSsoCreateTime(),
-				user.getUpdateByName(),
+				user.getSsoUpdateById(),
-				user.getUpdateTime(),
+				user.getSsoUpdateByName(),
+				user.getSsoUpdateTime(),
 				user.getRemarks(),
                 String.join(",", user.getRoleIds()),
 				String.join(",", user.getTenantIds())

kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/entity/SsoUser.java

@@ -45,7 +45,7 @@ public class SsoUser extends CommonEntity {
     /** 手机号码 */
     private String phone;
 
-    /** 用户性别（0男 1女 2未知） */
+    /** 用户性别（0男 1女 2未知）*/
     private String sex;
 
     /** 头像路径 */
@@ -54,6 +54,9 @@ public class SsoUser extends CommonEntity {
     /** 最后登陆IP */
     private String loginIp;
 
+    /** 帐号状态（0正常 1停用）*/
+    private String status;
+
     /** 最后登陆时间 */
     private LocalDateTime loginTime;
 

kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteAppService.java

@@ -0,0 +1,32 @@
+package com.cloud.kicc.system.api.feign;
+
+import com.cloud.kicc.common.core.api.R;
+import com.cloud.kicc.common.core.constant.AppConstants;
+import com.cloud.kicc.common.core.constant.SecurityConstants;
+import com.cloud.kicc.common.core.constant.ServiceNameConstants;
+import com.cloud.kicc.common.data.entity.KiccUser;
+import com.cloud.kicc.system.api.entity.SsoUser;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+
+/**
+ *<p>
+ * 远程移动端api
+ *</p>
+ *
+ * @Author: wangxiang4
+ * @Date: 2022/2/17
+ */
+@FeignClient(contextId = "remoteAppService", value = ServiceNameConstants.SYSTEM_SERVICE)
+public interface RemoteAppService {
+
+	/**
+	 * 通过手机号码查询用户
+	 * @param phone 手机号码
+	 * @return R
+	 */
+	@GetMapping(value = AppConstants.APP_SYSTEM +  "/app/selectByPhone/{phone}", headers = SecurityConstants.HEADER_FROM_IN)
+	R<SsoUser> selectByPhone(@PathVariable("phone") String phone);
+
+}

kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteSsoUserService.java

@@ -0,0 +1,32 @@
+package com.cloud.kicc.system.api.feign;
+
+import com.cloud.kicc.common.core.api.R;
+import com.cloud.kicc.common.core.constant.AppConstants;
+import com.cloud.kicc.common.core.constant.SecurityConstants;
+import com.cloud.kicc.common.core.constant.ServiceNameConstants;
+import com.cloud.kicc.common.data.entity.KiccUser;
+import com.cloud.kicc.system.api.entity.SsoUser;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+
+/**
+ *<p>
+ * 远程SSO用户api
+ *</p>
+ *
+ * @Author: wangxiang4
+ * @Date: 2022/2/17
+ */
+@FeignClient(contextId = "remoteSsoUserService", value = ServiceNameConstants.SYSTEM_SERVICE)
+public interface RemoteSsoUserService {
+
+	/**
+	 * 通过用户名查询用户
+	 * @param userName 用户名
+	 * @return R
+	 */
+	@GetMapping(value = AppConstants.APP_SYSTEM + "/ssoUser/selectByUserName/{userName}", headers = SecurityConstants.HEADER_FROM_IN)
+	R<SsoUser> selectByUserName(@PathVariable("userName") String userName);
+
+}

kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteUserService.java

@@ -20,22 +20,6 @@ import org.springframework.web.bind.annotation.PathVariable;
 @FeignClient(contextId = "remoteUserService", value = ServiceNameConstants.SYSTEM_SERVICE)
 public interface RemoteUserService {
 
-	/**
-	 * 通过用户名查询用户
-	 * @param userName 用户名
-	 * @return R
-	 */
-	@GetMapping(value = AppConstants.APP_SYSTEM + "/user/selectByUserName/{userName}", headers = SecurityConstants.HEADER_FROM_IN)
-	R<KiccUser> selectByUserName(@PathVariable("userName") String userName);
-
-	/**
-	 * 通过手机号码查询用户
-	 * @param phone 手机号码
-	 * @return R
-	 */
-	@GetMapping(value = AppConstants.APP_SYSTEM +  "/user/selectByPhone/{phone}", headers = SecurityConstants.HEADER_FROM_IN)
-	R<KiccUser> selectByPhone(@PathVariable("phone") String phone);
-
 	/**
 	 * 通过用户ID查询用户
 	 * @param userid 用户id
@@ -44,4 +28,12 @@ public interface RemoteUserService {
 	@GetMapping(value = AppConstants.APP_SYSTEM + "/user/getUser/{userId}", headers = SecurityConstants.HEADER_FROM_IN)
 	R<KiccUser> selectByUserId(@PathVariable("userId") String userid);
 
+	/**
+	 * 通过CAS用户ID查询用户
+	 * @param casUserId 用户id
+	 * @return R
+	 */
+	@GetMapping(value = AppConstants.APP_SYSTEM + "/user/getUserByCasUserId/{casUserId}", headers = SecurityConstants.HEADER_FROM_IN)
+	R<KiccUser> selectByCasUserId(@PathVariable("casUserId") String casUserId);
+
 }

kicc-platform/kicc-platform-api/kicc-system-api/src/main/resources/META-INF/spring.factories

@@ -1,3 +1,6 @@
 com.cloud.kicc.common.feign.KiccFeignAutoConfiguration=\
     com.cloud.kicc.system.api.feign.RemoteDictService,\
-    com.cloud.kicc.system.api.feign.RemoteUserService
+    com.cloud.kicc.system.api.feign.RemoteUserService,\
+    com.cloud.kicc.system.api.feign.RemoteAppService,\
+    com.cloud.kicc.system.api.feign.RemoteRegionService,\
+    com.cloud.kicc.system.api.feign.RemoteSsoUserService

kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/AppController.java

@@ -1,11 +1,12 @@
 package com.cloud.kicc.system.controller;
 
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.AppConstants;
-import com.cloud.kicc.common.data.entity.KiccUser;
 import com.cloud.kicc.common.security.annotation.Inner;
+import com.cloud.kicc.system.api.entity.SsoUser;
 import com.cloud.kicc.system.service.AppService;
-import com.cloud.kicc.system.service.UserService;
+import com.cloud.kicc.system.service.ISsoUserService;
 import io.swagger.annotations.Api;
 import lombok.AllArgsConstructor;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -17,11 +18,11 @@ import java.util.List;
 
 /**
  *<p>
- * 移动端登录
+ * 移动端 控制器
  *</p>
  *
  * @Author: wangxiang4
- * @Date: 2022/2/24
+ * @Since: 2023/9/1
  */
 @RestController
 @AllArgsConstructor
@@ -31,7 +32,7 @@ public class AppController {
 
 	private final AppService appService;
 
-	private final UserService userService;
+	private final ISsoUserService iSsoUserService;
 
 	@Inner(false)
 	@GetMapping("/sendSmsCode/{phone:\\d+}")
@@ -46,12 +47,12 @@ public class AppController {
 	 */
 	@Inner
 	@GetMapping("/selectByPhone/{phone:\\d+}")
-	public R<KiccUser> selectByPhone(@PathVariable String phone) {
+	public R<SsoUser> selectByPhone(@PathVariable String phone) {
-		List<KiccUser> user = userService.getUserByPhone(phone);
+		List<SsoUser> user = iSsoUserService.list(Wrappers.<SsoUser>lambdaQuery().eq(SsoUser::getPhone, phone));
 		if (user.isEmpty()) {
-			return R.error("该手机号不存在，请注册!");
+			return R.error("该手机号不存在，请先注册!");
 		}
-		return R.ok(userService.getUserAuthority(user.get(0)));
+		return R.ok(user.get(0));
 	}
 
 }

kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/SsoUserController.java

@@ -9,6 +9,7 @@ import com.cloud.kicc.common.core.api.R;
 import com.cloud.kicc.common.core.constant.AppConstants;
 import com.cloud.kicc.common.data.entity.KiccUser;
 import com.cloud.kicc.common.log.annotation.SysLog;
+import com.cloud.kicc.common.security.annotation.Inner;
 import com.cloud.kicc.common.security.util.SecurityUtils;
 import com.cloud.kicc.system.api.entity.SsoUser;
 import com.cloud.kicc.system.api.entity.User;
@@ -20,7 +21,6 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.Arrays;
-import java.util.List;
 
 /**
  *<p>
@@ -88,6 +88,16 @@ public class SsoUserController {
         return R.ok();
     }
 
+    @Inner
+    @GetMapping("/selectByUserName/{userName}")
+    public R selectByUserName(@PathVariable String userName) {
+        SsoUser user = iSsoUserService.getOne(Wrappers.<SsoUser>lambdaQuery().eq(SsoUser::getUserName, userName));
+        if (user == null) {
+            return R.error("该用户不存在，请注册!");
+        }
+        return R.ok(user);
+    }
+
     @SysLog("用户密码重置")
     @PutMapping("/resetPwd")
     public R resetPwd(@Validated @RequestBody SsoUser ssoUser) {

kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java

@@ -105,17 +105,15 @@ public class UserController {
     @GetMapping("/getUser/{id:\\w+}")
     public R getUser(@PathVariable("id") String id) {
         KiccUser user = userService.getUserById(id);
-        if (user == null) return R.error("该用户不存在，请注册!");
+        if (user == null) return R.error("该用户不存在，请先注册!");
         return R.ok(userService.getUserAuthority(user));
     }
 
     @Inner
-    @GetMapping("/selectByUserName/{userName}")
+    @GetMapping("/getUserByCasUserId/{casUserId:\\w+}")
-    public R selectByUserName(@PathVariable String userName) {
+    public R getUserByCasUserId(@PathVariable String casUserId) {
-        KiccUser user = userService.getUserByName(userName);
+        KiccUser user = userService.getUserByCasUserId(casUserId);
-        if (user == null) {
+        if (user == null) return R.error("该用户不存在，请先注册!");
-            return R.error("该用户不存在，请注册!");
-        }
         return R.ok(userService.getUserAuthority(user));
     }
 

kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/UserService.java

@@ -73,6 +73,13 @@ public interface UserService extends IService<User> {
      */
     KiccUser getUserById(String userId);
 
+
+    /**
+     * 根据casUserId查询用户
+     * @param casUserId CAS用户ID
+     */
+    KiccUser getUserByCasUserId(String casUserId);
+
     /**
      * 根据名称查询用户
      * @param userName 用户名称

kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserServiceImpl.java

@@ -211,6 +211,11 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
         return baseMapper.getUserByParam(MapUtil.<String, Object>builder("id", userId).build());
     }
 
+    @Override
+    public KiccUser getUserByCasUserId(String casUserId) {
+        return baseMapper.getUserByParam(MapUtil.<String, Object>builder("casUserId", casUserId).build());
+    }
+
     @Override
     public KiccUser getUserByName(String userName) {
         return baseMapper.getUserByParam(MapUtil.<String, Object>builder("userName", userName).build());