diff --git a/src/main/java/com/api/qfengx/DispatchApi.java b/src/main/java/com/api/qfengx/DispatchApi.java
index f0bf60a33c68b9525e8685ebadcc318df9fdfcaf..2ccb368485be0c1edb35b29cb9d4b80b8884003c 100644
--- a/src/main/java/com/api/qfengx/DispatchApi.java
+++ b/src/main/java/com/api/qfengx/DispatchApi.java
@@ -40,11 +40,7 @@ public class DispatchApi {
     @Produces(MediaType.APPLICATION_JSON)
     public String date(@Context HttpServletRequest request,
                             @Context HttpServletResponse response) throws IOException {
-        String path = request.getParameter("service");
-        if (StringUtils.isEmpty(path)) {
-            return JSON.toJSONString(Result.paramErr());
-        }
-        response.sendRedirect(path);
+        response.setHeader("Access-Control-Allow-Origin", "*");
         return JSON.toJSONString(Result.ok(DateUtils.datetime()));
     }
 
diff --git a/src/main/java/com/api/qfengx/data/hrm/DataHrmApi.java b/src/main/java/com/api/qfengx/data/hrm/DataHrmApi.java
index f10beb80428ee1cdafc26516c381fdff6479142a..3d09d95f1329d1c2a65f823cb3cce01183b12c2c 100644
--- a/src/main/java/com/api/qfengx/data/hrm/DataHrmApi.java
+++ b/src/main/java/com/api/qfengx/data/hrm/DataHrmApi.java
@@ -30,13 +30,13 @@ public class DataHrmApi {
                             @Context HttpServletResponse response) {
         try {
             String outkey = request.getParameter("outkey");
-            String fixedToken = request.getParameter("fixed_token");
-            if (StringUtils.isEmpty(outkey) || StringUtils.isEmpty(fixedToken)) {
+//            String fixedToken = request.getParameter("fixed_token");
+            if (StringUtils.isEmpty(outkey)) {
                 return JSON.toJSONString(Result.paramErr());
             }
-            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
-                return JSON.toJSONString(Result.tokenErr());
-            }
+//            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
+//                return JSON.toJSONString(Result.tokenErr());
+//            }
             Map<String, String> resMap = DaoUtils.executeQueryToMap("select id, departmentname , outkey, departmentcode from hrmdepartment where outkey = ?", outkey);
             if (resMap == null || resMap.isEmpty()) {
                 return JSON.toJSONString(Result.fail("部门不存在"));
@@ -55,13 +55,13 @@ public class DataHrmApi {
                               @Context HttpServletResponse response) {
         try {
             String outkey = request.getParameter("outkey");
-            String fixedToken = request.getParameter("fixed_token");
-            if (StringUtils.isEmpty(outkey) || StringUtils.isEmpty(fixedToken)) {
+//            String fixedToken = request.getParameter("fixed_token");
+            if (StringUtils.isEmpty(outkey)) {
                 return JSON.toJSONString(Result.paramErr());
             }
-            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
-                return JSON.toJSONString(Result.tokenErr());
-            }
+//            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
+//                return JSON.toJSONString(Result.tokenErr());
+//            }
             Map<String, String> resMap = DaoUtils.executeQueryToMap("select id, subcompanycode, subcompanyname, outkey from hrmsubcompany where outkey = ?", outkey);
             if (resMap == null || resMap.isEmpty()) {
                 return JSON.toJSONString(Result.fail("分部不存在"));
@@ -81,13 +81,13 @@ public class DataHrmApi {
                             @Context HttpServletResponse response) {
         try {
             String loginid = request.getParameter("loginid");
-            String fixedToken = request.getParameter("fixed_token");
-            if (StringUtils.isEmpty(loginid) || StringUtils.isEmpty(fixedToken)) {
+//            String fixedToken = request.getParameter("fixed_token");
+            if (StringUtils.isEmpty(loginid)) {
                 return JSON.toJSONString(Result.paramErr());
             }
-            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
-                return JSON.toJSONString(Result.tokenErr());
-            }
+//            if (!StringUtils.equals(fixedToken, DevModeConfig.getPropConfig("api.fixed.token", "f808f256e8df4dfc9f1f90633b194a13").getValue())) {
+//                return JSON.toJSONString(Result.tokenErr());
+//            }
             // 获取人员ID
             Map<String, String> resMap = DaoUtils.executeQueryToMap("select id, lastname as name, workcode, loginid from hrmresource where loginid = ?", loginid);
             if (resMap == null || resMap.isEmpty()) {
diff --git a/src/test/java/cn/qfengx/test/TokenTest.java b/src/test/java/cn/qfengx/test/TokenTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..c36e6b37f2819cf4345e63f0399850f23e5497f0
--- /dev/null
+++ b/src/test/java/cn/qfengx/test/TokenTest.java
@@ -0,0 +1,146 @@
+package cn.qfengx.test;
+
+import cn.hutool.core.util.CharsetUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.crypto.asymmetric.KeyType;
+import cn.hutool.crypto.asymmetric.RSA;
+import cn.hutool.http.HttpRequest;
+import cn.hutool.json.JSONUtil;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+
+public class TokenTest {
+
+    /**
+     * 模拟缓存服务
+     */
+    private static final Map<String,String> SYSTEM_CACHE = new HashMap<>();
+
+    /**
+     * ecology系统发放的授权许可证(appid)
+     */
+    private static final String APPID = "9aebc1b4-6f35-5454-81a1-325001a7685b";
+
+    public static void main(String[] args) {
+        testRegist("https://e9pctest.fosun.com");
+        testGetoken("https://e9pctest.fosun.com");
+        testRestful("https://e9pctest.fosun.com", "/api/auth/fosun/fxt/workflowFields?workflowid=456014", "");
+//        testRestful("https://e9pctest.fosun.com","/api/system/appmanage/route",null);
+    }
+
+    /**
+     * 第一步：
+     *
+     * 调用ecology注册接口,根据appid进行注册,将返回服务端公钥和Secret信息
+     */
+    public static Map<String,Object> testRegist(String address){
+
+        //获取当前系统RSA加密的公钥
+        RSA rsa = new RSA();
+        String publicKey = rsa.getPublicKeyBase64();
+        String privateKey = rsa.getPrivateKeyBase64();
+
+        // 客户端RSA私钥
+        SYSTEM_CACHE.put("LOCAL_PRIVATE_KEY",privateKey);
+        // 客户端RSA公钥
+        SYSTEM_CACHE.put("LOCAL_PUBLIC_KEY",publicKey);
+
+        //调用ECOLOGY系统接口进行注册
+        String data = HttpRequest.post(address + "/api/ec/dev/auth/regist")
+                .header("appid",APPID)
+                .header("cpk",publicKey)
+                .timeout(2000)
+                .execute().body();
+
+        // 打印ECOLOGY响应信息
+        System.out.println("testRegist()："+data);
+        Map<String,Object> datas = JSONUtil.parseObj(data);
+
+        //ECOLOGY返回的系统公钥
+        SYSTEM_CACHE.put("SERVER_PUBLIC_KEY",StrUtil.nullToEmpty((String)datas.get("spk")));
+        //ECOLOGY返回的系统密钥
+        SYSTEM_CACHE.put("SERVER_SECRET",StrUtil.nullToEmpty((String)datas.get("secrit")));
+        return datas;
+    }
+
+
+
+    /**
+     * 第二步：
+     *
+     * 通过第一步中注册系统返回信息进行获取token信息
+     */
+    public static Map<String,Object> testGetoken(String address){
+        // 从系统缓存或者数据库中获取ECOLOGY系统公钥和Secret信息
+        String secret = SYSTEM_CACHE.get("SERVER_SECRET");
+        String spk = SYSTEM_CACHE.get("SERVER_PUBLIC_KEY");
+
+        // 如果为空,说明还未进行注册,调用注册接口进行注册认证与数据更新
+        if (Objects.isNull(secret)||Objects.isNull(spk)){
+            testRegist(address);
+            // 重新获取最新ECOLOGY系统公钥和Secret信息
+            secret = SYSTEM_CACHE.get("SERVER_SECRET");
+            spk = SYSTEM_CACHE.get("SERVER_PUBLIC_KEY");
+        }
+
+        // 公钥加密,所以RSA对象私钥为null
+        RSA rsa = new RSA(null,spk);
+        //对秘钥进行加密传输，防止篡改数据
+        String encryptSecret = rsa.encryptBase64(secret,CharsetUtil.CHARSET_UTF_8,KeyType.PublicKey);
+
+        //调用ECOLOGY系统接口进行注册
+        String data = HttpRequest.post(address+ "/api/ec/dev/auth/applytoken")
+                .header("appid",APPID)
+                .header("secret",encryptSecret)
+                .header("time","3600")
+                .execute().body();
+
+        System.out.println("testGetoken()："+data);
+        Map<String,Object> datas = JSONUtil.parseObj(data);
+
+        //ECOLOGY返回的token
+        // TODO 为Token缓存设置过期时间
+        SYSTEM_CACHE.put("SERVER_TOKEN", StrUtil.nullToEmpty((String)datas.get("token")));
+
+        return datas;
+    }
+
+    /**
+     * 第三步：
+     *
+     * 调用ecology系统的rest接口，请求头部带上token和用户标识认证信息
+     *
+     * @param address ecology系统地址
+     * @param api rest api 接口地址(该测试代码仅支持GET请求)
+     * @param jsonParams 请求参数json串
+     *
+     * 注意：ECOLOGY系统所有POST接口调用请求头请设置 "Content-Type","application/x-www-form-urlencoded; charset=utf-8"
+     */
+    public static String testRestful(String address,String api,String jsonParams){
+
+        //ECOLOGY返回的token
+        String token= SYSTEM_CACHE.get("SERVER_TOKEN");
+        if (StrUtil.isEmpty(token)){
+            token = (String) testGetoken(address).get("token");
+        }
+
+        String spk = SYSTEM_CACHE.get("SERVER_PUBLIC_KEY");
+        //封装请求头参数
+        RSA rsa = new RSA(null,spk);
+        //对用户信息进行加密传输,暂仅支持传输OA用户ID
+        String encryptUserid = rsa.encryptBase64("1", CharsetUtil.CHARSET_UTF_8, KeyType.PublicKey);
+
+        //调用ECOLOGY系统接口
+        String data = HttpRequest.get(address + api)
+                .header("appid",APPID)
+                .header("token",token)
+                .header("userid",encryptUserid)
+                .body(jsonParams)
+                .execute().body();
+        System.out.println("testRestful()："+data);
+        return data;
+    }
+
+}