From 27618484dc4743d6579aebcc2df1b8625fec4985 Mon Sep 17 00:00:00 2001
From: click33 <2393584716@qq.com>
Date: Thu, 2 May 2024 07:42:20 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20sso=20nosdk=20demo=20?=
 =?UTF-8?q?=E4=B8=8D=E6=AD=A3=E7=A1=AE=E4=B9=8B=E5=A4=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/pj/SaSsoClientApplication.java   | 14 ----
 .../com/pj/SaSsoClientNoSdkApplication.java   | 22 ++++++
 .../java/com/pj/sso/SsoClientController.java  | 31 ++++++---
 .../main/java/com/pj/sso/SsoRequestUtil.java  | 67 +++++++++++--------
 .../src/main/resources/application.yml        |  2 +-
 5 files changed, 81 insertions(+), 55 deletions(-)
 delete mode 100644 sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientApplication.java
 create mode 100644 sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientNoSdkApplication.java

diff --git a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientApplication.java b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientApplication.java
deleted file mode 100644
index 5a6393e2..00000000
--- a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientApplication.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package com.pj;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-
-@SpringBootApplication
-public class SaSsoClientApplication {
-
-	public static void main(String[] args) {
-		SpringApplication.run(SaSsoClientApplication.class, args);
-		System.out.println("\nSa-Token SSO模式三 Client端 （无SDK版本） 启动成功");
-	}
-	
-}
\ No newline at end of file
diff --git a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientNoSdkApplication.java b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientNoSdkApplication.java
new file mode 100644
index 00000000..1bd993de
--- /dev/null
+++ b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/SaSsoClientNoSdkApplication.java
@@ -0,0 +1,22 @@
+package com.pj;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SaSsoClientNoSdkApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(SaSsoClientNoSdkApplication.class, args);
+		System.out.println("\nSa-Token SSO模式三 Client端 （无SDK版本） 启动成功");
+
+		System.out.println();
+		System.out.println("---------------------- Sa-Token SSO 模式三 NoSdk 模式 demo 启动成功 ----------------------");
+		System.out.println("测试访问应用端一: http://sa-sso-client1.com:9004");
+		System.out.println("测试访问应用端二: http://sa-sso-client2.com:9004");
+		System.out.println("测试访问应用端三: http://sa-sso-client3.com:9004");
+		System.out.println("测试前需要根据官网文档修改hosts文件，测试账号密码：sa / 123456");
+		System.out.println();
+	}
+
+}
\ No newline at end of file
diff --git a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoClientController.java b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoClientController.java
index 243a0550..15098acc 100644
--- a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoClientController.java
+++ b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoClientController.java
@@ -29,7 +29,7 @@ public class SsoClientController {
 					"<p>当前会话登录账号：" + session.getAttribute("userId") + "</p>" + 
 					"<p><a href=\"javascript:location.href='/sso/login?back=' + encodeURIComponent(location.href);\">登录</a>" + 
 					" <a href='/sso/logout?back=' +  + encodeURIComponent(location.href);>注销</a>" + 
-					" <a href='/sso/myinfo' target=\"_blank\">获取资料</a></p>";
+					" <a href='/sso/myInfo' target=\"_blank\">获取资料</a></p>";
 		return str;
 	}
 
@@ -62,8 +62,16 @@ public class SsoClientController {
 				ssoLogoutCall = request.getRequestURL().toString().replace("/sso/login", "/sso/logoutCall"); 
 			}
 			
-			// 校验 ticket 
-			String checkUrl = SsoRequestUtil.checkTicketUrl + "?ticket=" + ticket + "&ssoLogoutCall=" + ssoLogoutCall;
+			// 校验 ticket
+			String timestamp = String.valueOf(System.currentTimeMillis());	// 时间戳
+			String nonce = SsoRequestUtil.getRandomString(20);		// 随机字符串
+			String sign = SsoRequestUtil.getSignByTicket(ticket, ssoLogoutCall, timestamp, nonce);	// 参数签名
+			String checkUrl = SsoRequestUtil.checkTicketUrl +
+					"?timestamp=" + timestamp +
+					"&nonce=" + nonce +
+					"&sign=" + sign +
+					"&ticket=" + ticket +
+					"&ssoLogoutCall=" + ssoLogoutCall;
 			AjaxJson result = SsoRequestUtil.request(checkUrl);
 			
 			// 200 代表校验成功 
@@ -97,7 +105,7 @@ public class SsoClientController {
         Object loginId = session.getAttribute("userId");  // 账号id 
 		String timestamp = String.valueOf(System.currentTimeMillis());	// 时间戳 
 		String nonce = SsoRequestUtil.getRandomString(20);		// 随机字符串
-		String sign = SsoRequestUtil.getSign(loginId, timestamp, nonce, SsoRequestUtil.secretkey);	// 参数签名
+		String sign = SsoRequestUtil.getSign(loginId, timestamp, nonce);	// 参数签名
 		
         String url = SsoRequestUtil.sloUrl + 
         		"?loginId=" + loginId +
@@ -123,12 +131,13 @@ public class SsoClientController {
 	
 	// SSO-Client端：单点注销回调地址
 	@RequestMapping("/sso/logoutCall")
-	public Object ssoLogoutCall(String loginId, String timestamp, String nonce, String sign) {
+	public Object ssoLogoutCall(String loginId, String autoLogout, String timestamp, String nonce, String sign) {
 		
 		// 校验签名 
-		String calcSign = SsoRequestUtil.getSign(loginId, timestamp, nonce, SsoRequestUtil.secretkey);
+		String calcSign = SsoRequestUtil.getSignByLogoutCall(loginId, autoLogout, timestamp, nonce);
 		if(calcSign.equals(sign) == false) {
-			return AjaxJson.getError("无效签名，拒绝应答");
+			System.out.println("无效签名，拒绝应答：" + sign);
+			return AjaxJson.getError("无效签名，拒绝应答" + sign);
 		}
 		
 		// 注销这个账号id 
@@ -143,8 +152,8 @@ public class SsoClientController {
 	}
 
 	// 查询我的账号信息 (调用此接口的前提是 sso-server 端开放了 /sso/userinfo 路由)
-	@RequestMapping("/sso/myinfo")
-	public Object myinfo(HttpSession session) {
+	@RequestMapping("/sso/myInfo")
+	public Object myInfo(HttpSession session) {
 		// 如果尚未登录 
 		if(session.getAttribute("userId") == null) {
 			return "尚未登录，无法获取";
@@ -154,9 +163,9 @@ public class SsoClientController {
         Object loginId = session.getAttribute("userId");  // 账号id 
 		String timestamp = String.valueOf(System.currentTimeMillis());	// 时间戳 
 		String nonce = SsoRequestUtil.getRandomString(20);		// 随机字符串
-		String sign = SsoRequestUtil.getSign(loginId, timestamp, nonce, SsoRequestUtil.secretkey);	// 参数签名
+		String sign = SsoRequestUtil.getSign(loginId, timestamp, nonce);	// 参数签名
 		
-        String url = SsoRequestUtil.userinfoUrl + 
+        String url = SsoRequestUtil.getDataUrl +
         		"?loginId=" + loginId +
         		"&timestamp=" + timestamp +
         		"&nonce=" + nonce +
diff --git a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoRequestUtil.java b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoRequestUtil.java
index 3ac8f181..0cbfa27d 100644
--- a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoRequestUtil.java
+++ b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/java/com/pj/sso/SsoRequestUtil.java
@@ -1,14 +1,14 @@
 package com.pj.sso;
 
+import com.dtflys.forest.Forest;
+import com.pj.sso.util.AjaxJson;
+
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.security.MessageDigest;
 import java.util.Map;
 import java.util.Random;
 
-import com.dtflys.forest.Forest;
-import com.pj.sso.util.AjaxJson;
-
 /**
  * 封装一些 sso 共用方法 
  * 
@@ -17,40 +17,41 @@ import com.pj.sso.util.AjaxJson;
  */
 public class SsoRequestUtil {
 
+	/**
+	 * SSO-Server端主机地址
+	 */
+	public static String serverUrl = "http://sa-sso-server.com:9000";
+
 	/**
 	 * SSO-Server端 统一认证地址 
 	 */
-	public static String authUrl = "http://sa-sso-server.com:9000/sso/auth";
-	
-	/**
-	 * 使用 Http 请求校验ticket 
-	 */
-//	public static boolean isHttp = true;
-	
+	public static String authUrl = serverUrl + "/sso/auth";
+
 	/**
 	 * SSO-Server端 ticket校验地址 
 	 */
-	public static String checkTicketUrl = "http://sa-sso-server.com:9000/sso/checkTicket";
-	
-	/**
-	 * 打开单点注销功能 
-	 */
-	public static boolean isSlo = true;
-	
+	public static String checkTicketUrl = serverUrl + "/sso/checkTicket";
+
 	/**
 	 * 单点注销地址 
 	 */
-	public static String sloUrl = "http://sa-sso-server.com:9000/sso/signout";
-	
+	public static String sloUrl = serverUrl + "/sso/signout";
+
+	/**
+	 * SSO-Server端 查询userinfo地址
+	 */
+	public static String getDataUrl = serverUrl + "/sso/getData";
+
+	/**
+	 * 打开单点注销功能
+	 */
+	public static boolean isSlo = true;
+
 	/**
 	 * 接口调用秘钥 
 	 */
-	public static String secretkey = "kQwIOrYvnXmSDkwEiFngrKidMcdrgKor";
-	
-	/**
-	 * SSO-Server端 查询userinfo地址 
-	 */
-	public static String userinfoUrl = "http://sa-sso-server.com:9000/sso/userinfo";
+	public static String secretKey = "kQwIOrYvnXmSDkwEiFngrKidMcdrgKor";
+
 	
 	
 	// -------------------------- 工具方法 
@@ -69,12 +70,20 @@ public class SsoRequestUtil {
 	 * 根据参数计算签名 
 	 * @param loginId 账号id
 	 * @param timestamp 当前时间戳，13位
-	 * @param nonce 随机字符串 
-	 * @param secretkey 账号id
+	 * @param nonce 随机字符串
 	 * @return 签名 
 	 */
-	public static String getSign(Object loginId, String timestamp, String nonce, String secretkey) {
-		return md5("loginId=" + loginId + "&nonce=" + nonce + "&timestamp=" + timestamp + "&key=" + secretkey);
+	public static String getSign(Object loginId, String timestamp, String nonce) {
+		return md5("loginId=" + loginId + "&nonce=" + nonce + "&timestamp=" + timestamp + "&key=" + secretKey);
+	}
+	// 单点注销回调时构建签名
+	public static String getSignByLogoutCall(Object loginId, String autoLogout, String timestamp, String nonce) {
+		System.out.println("autoLogout=" + autoLogout + "loginId=" + loginId + "&nonce=" + nonce + "&timestamp=" + timestamp + "&key=" + secretKey);
+		return md5("autoLogout=" + autoLogout + "&loginId=" + loginId + "&nonce=" + nonce + "&timestamp=" + timestamp + "&key=" + secretKey);
+	}
+	// 校验ticket 时构建签名
+	public static String getSignByTicket(String ticket, String ssoLogoutCall, String timestamp, String nonce) {
+		return md5("nonce=" + nonce + "&ssoLogoutCall=" + ssoLogoutCall + "&ticket=" + ticket + "&timestamp=" + timestamp + "&key=" + secretKey);
 	}
 
 	/**
diff --git a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/resources/application.yml b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/resources/application.yml
index bb9f457b..982a1264 100644
--- a/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/resources/application.yml
+++ b/sa-token-demo/sa-token-demo-sso/sa-token-demo-sso3-client-nosdk/src/main/resources/application.yml
@@ -1,6 +1,6 @@
 # 端口
 server:
-    port: 9001
+    port: 9004
 
 forest: 
     # 打开/关闭Forest请求日志（默认为 true）