huangyujie
/
qihang-ecom-erp-open
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

优化pdd授权url

This commit is contained in:
启航老齐 2025-12-29 14:38:05 +08:00
parent 9ddb43b8d6
commit 09ebdea2f9
5 changed files with 118 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
api/gateway/src/main/java/cn/qihangerp/gateway/TokenFilter.java
View File

@ -29,6 +29,7 @@ public class TokenFilter implements GlobalFilter, Ordered {
if(url.equals("/api/sys-api/login") || url.equals("/api/sys-api/getInfo") || url.equals("/api/sys-api/logout")
|| url.contains("/system/config")
|| url.contains("/captchaImage")
|| url.contains("/oauth_callback")
)
{
// 登录页面 放行

13
core/security/src/main/java/cn/qihangerp/security/JwtAuthenticationTokenFilter.java
View File

@ -45,14 +45,15 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
// String token = exchange.getRequest().getHeaders().getFirst(TOKEN_HEADER);
String token = request.getHeader("Authorization");
String url = request.getRequestURI();
log.info("intercept " + url);
// log.info("intercept " + url);
// log.info("token: " + token); || request.getRequestURI().equals("/getInfo") || request.getRequestURI().equals("/logout")
if (request.getRequestURI().equals("/login")
|| request.getRequestURI().contains("/login")
|| request.getRequestURI().contains("/captchaImage")
|| request.getRequestURI().contains("/order/get_detail")
|| request.getRequestURI().contains("/refund/get_detail")
|| request.getRequestURI().contains("/system/config")
|| url.contains("/login")
|| url.contains("/captchaImage")
|| url.contains("/order/get_detail")
|| url.contains("/refund/get_detail")
|| url.contains("/system/config")
|| url.contains("/oauth_callback")
) {
// 登录页面放行 || request.getRequestURI().equals("/order/get_detail")
chain.doFilter(request, response);

1
core/security/src/main/java/cn/qihangerp/security/SecurityConfig.java
View File

@ -67,6 +67,7 @@ public class SecurityConfig {
.requestMatchers(HttpMethod.GET, "/system/config/**").permitAll()
.requestMatchers(HttpMethod.GET, "/captchaImage").permitAll()
.requestMatchers(HttpMethod.GET, "/api/sys-api/system/config/**").permitAll()
.requestMatchers("/pdd/oauth_callback").permitAll()
// 允许直接访问授权登录接口
.requestMatchers(HttpMethod.POST, "/login").permitAll()
.requestMatchers(HttpMethod.POST, "/api/sys-api/login").permitAll()

118
microservices/pdd-api/src/main/java/cn/qihangerp/api/pdd/controller/PddOAuthController.java
View File

@ -1,10 +1,9 @@
package cn.qihangerp.api.pdd.controller;
import cn.qihangerp.api.pdd.PddTokenCreateBo;
import cn.qihangerp.common.AjaxResult;
import cn.qihangerp.common.enums.EnumShopType;
import cn.qihangerp.model.entity.OShop;
import cn.qihangerp.model.entity.OShopPlatform;
import cn.qihangerp.module.service.OShopPlatformService;
import cn.qihangerp.module.service.OShopService;
@ -12,25 +11,36 @@ import cn.qihangerp.open.common.ApiResultVo;
import cn.qihangerp.open.pdd.PddTokenApiHelper;
import cn.qihangerp.open.pdd.model.Token;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
@AllArgsConstructor
@Slf4j
@RequestMapping("/pdd")
@RestController
public class PddOAuthController {
private final OShopService shopService;
private final OShopPlatformService platformService;
// @Autowired
// private IShopService shopService;
// @Autowired
// private ServerConfig serverConfig;
private static Logger log = LoggerFactory.getLogger(PddOAuthController.class);
@Autowired
private OShopService shopService;
@Autowired
private OShopPlatformService platformService;
@Value("${qihangerp.auth-redirect-url:''}")
private String authRedirectUrl;
@GetMapping("/getOauthUrl")
public AjaxResult oauth(@RequestParam Integer shopId) {
@ -40,7 +50,7 @@ public class PddOAuthController {
String appKey = platform.getAppKey();
String appSercet = platform.getAppSecret();
String url = "https://mms.pinduoduo.com/open.html?response_type=code&client_id=" + appKey + "&redirect_uri=" + URLEncoder.encode(platform.getRedirectUri());
String url = "https://mms.pinduoduo.com/open.html?response_type=code&client_id=" + appKey + "&redirect_uri=" + URLEncoder.encode(platform.getRedirectUri())+"&state="+shopId;
return AjaxResult.success("SUCCESS",url);
}
@ -74,5 +84,91 @@ public class PddOAuthController {
// }
/**
* 授权返回
* @param request
* @return
* @throws IOException
*/
@GetMapping("/oauth_callback")
public void oauthCallback(HttpServletRequest request, HttpServletResponse response) throws IOException {
log.info("================Pdd授权返回==========");
String shopId = request.getParameter("state");
String code = request.getParameter("code");
// 打印查询参数URL中的参数
request.getParameterMap().forEach((key, value) -> {
log.info("Request param: {} = {}", key, String.join(", ", value));
});
OShop shop = shopService.getById(shopId);
log.info("========获取店铺");
if(shop==null) {
log.error("============店铺不存在========");
sendJsonResponse(response, 500, "店铺不存在");
return;
}
else if(shop.getType()!=EnumShopType.PDD.getIndex()) {
log.error("============非PDD店铺========");
sendJsonResponse(response, 500, "非PDD店铺");
return;
}
String appKey="";
String appSecret="";
if(StringUtils.hasText(shop.getAppKey())){
appKey = shop.getAppKey();
appSecret = shop.getAppSecret();
}else {
OShopPlatform oShopPlatform = platformService.selectById(EnumShopType.PDD.getIndex());
appKey = oShopPlatform.getAppKey();
appSecret = oShopPlatform.getAppSecret();
}
if (!StringUtils.hasText(appKey)) {
log.error("============平台参数设置错误没有找到AppKey========");
sendJsonResponse(response, 500, "平台参数设置错误没有找到AppKey");
return;
}
if (!StringUtils.hasText(appSecret)) {
log.error("============平台参数设置错误没有找到AppSecret========");
sendJsonResponse(response, 500, "平台参数设置错误没有找到AppSecret");
return;
}
// log.info("========获取平台参数:{}",appKey);
// PopAccessTokenClient accessTokenClient = new PopAccessTokenClient(appKey, appSecret);
// 生成AccessToken
try {
ApiResultVo<Token> token = PddTokenApiHelper.getToken(appKey, appSecret, code);
// log.info("==========获取拼多多授权token:{}", JSONObject.toJSONString(token));
if (token.getCode() != 0) {
log.error("===========获取拼多多授权token错误" + token.getMsg());
sendJsonResponse(response, 500, token.getMsg());
return;
}
//保存accessToken
shopService.updateSessionKey(shop.getId(),token.getData().getAccess_token());
log.info("===========获取拼多多授权token成功=====SAVE====");
} catch (Exception e) {
e.printStackTrace();
log.error("=======获取拼多多AccessToken异常{}",e.getMessage());
sendJsonResponse(response, 500, e.getMessage());
return;
}
log.info("======拼多多AccessToken获取成功=========");
response.sendRedirect(StringUtils.hasText(authRedirectUrl)?authRedirectUrl:"https://erp.qihangerp.cn/"); // 跳转到新页面
}
// 返回JSON响应
private void sendJsonResponse(HttpServletResponse response, int code, String msg) throws IOException {
response.setContentType("application/json");
response.setCharacterEncoding("UTF-8");
Map<String, Object> map = new HashMap<>();
map.put("code", code);
map.put("msg", URLDecoder.decode(msg, "UTF-8"));
ObjectMapper mapper = new ObjectMapper();
String json = mapper.writeValueAsString(map);
response.getWriter().write(json);
}
}

1
microservices/pdd-api/src/main/resources/application.yml
View File

@ -2,3 +2,4 @@ qihangerp:
name: 启航电商ERP
goods:
version: 2.4.21
auth-redirect-url: http://erp.qihangerp.cn:88