jiany
12 months ago
20 changed files with 433 additions and 112 deletions
Binary file not shown.
@ -0,0 +1,76 @@
|
||||
package com.fr.plugin.decision.integration.filter; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.general.http.HttpRequest; |
||||
import com.fr.general.http.HttpToolbox; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.plugin.decision.integration.config.IntegrateConf; |
||||
import com.fr.plugin.decision.integration.utils.CommonUtils; |
||||
import com.fr.plugin.decision.integration.utils.LogUtils; |
||||
import com.fr.plugin.decision.integration.validation.BILinkValidate; |
||||
import com.fr.plugin.decision.integration.validation.DashboardValidate; |
||||
import com.fr.plugin.decision.integration.validation.TemplateValidate; |
||||
import com.fr.plugin.decision.integration.validation.Validate; |
||||
import com.fr.third.fasterxml.jackson.databind.ObjectMapper; |
||||
import com.fr.third.org.apache.http.HttpEntity; |
||||
import com.fr.third.org.apache.http.entity.StringEntity; |
||||
import com.fr.web.utils.DefaultRequestParameterCollector; |
||||
|
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
public class RequestCheckFilter extends AbstractEmbedRequestFilterProvider { |
||||
|
||||
private Validate[] validates = new Validate[] {TemplateValidate.KEY, BILinkValidate.KEY, DashboardValidate.KEY}; |
||||
|
||||
@Override |
||||
public void filter(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { |
||||
|
||||
if (!IntegrateConf.getInstance().getParaCheckTurnOn()) return; |
||||
|
||||
for (Validate v : validates) { |
||||
if (v.accept(request)) { |
||||
HashMap<String, Object> params = v.getCheckParameter(request); |
||||
params.putAll(getBaseParams(request)); |
||||
if (!doCheck(params)) { |
||||
LogUtils.debug("request check failed, now will show error page"); |
||||
CommonUtils.showErrorPage(response, "请登录系统访问报表", ""); |
||||
} |
||||
break; |
||||
} |
||||
} |
||||
} |
||||
|
||||
private HashMap<String, Object> getBaseParams(HttpServletRequest request) { |
||||
HashMap<String, Object> requestMap = new HashMap<>(); |
||||
requestMap.putAll(DefaultRequestParameterCollector.getInstance().getParametersFromParameter(request)); |
||||
requestMap.put("userId", LoginService.getInstance().getCurrentUserNameFromRequestCookie(request)); |
||||
return requestMap; |
||||
} |
||||
|
||||
private boolean doCheck(Map params) { |
||||
try { |
||||
HashMap<String, String> headerMap = new HashMap(1); |
||||
headerMap.put("Content-Type", "application/json"); |
||||
HttpEntity entity = new StringEntity(new ObjectMapper().writeValueAsString(params), "utf-8"); |
||||
LogUtils.debug("request check params:{}", params); |
||||
String result = HttpToolbox.executeAndParse( |
||||
HttpRequest.custom() |
||||
.url(IntegrateConf.getInstance().getParaCheckUrl()) |
||||
.post(entity) |
||||
.headers(headerMap) |
||||
.build()); |
||||
LogUtils.debug("request check result:{}", result); |
||||
return new JSONObject(result).getBoolean("data"); |
||||
} catch (Exception e) { |
||||
LogUtils.error(e.getMessage(), e); |
||||
return false; |
||||
} |
||||
|
||||
} |
||||
} |
@ -1,62 +0,0 @@
|
||||
package com.fr.plugin.decision.integration.filter; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.general.http.HttpRequest; |
||||
import com.fr.general.http.HttpToolbox; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.plugin.decision.integration.config.IntegrateConf; |
||||
import com.fr.plugin.decision.integration.utils.CommonUtils; |
||||
import com.fr.stable.ArrayUtils; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.fasterxml.jackson.databind.ObjectMapper; |
||||
import com.fr.third.org.apache.http.HttpEntity; |
||||
import com.fr.third.org.apache.http.entity.StringEntity; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
public class TplParaCheckFilter extends AbstractEmbedRequestFilterProvider { |
||||
|
||||
private String[] reportParameterNames = new String[]{"viewlet", "viewlets", "reportlet", "reportlets"}; |
||||
|
||||
@Override |
||||
public void filter(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { |
||||
if (!needCheckParameter(request)) return; |
||||
|
||||
HashMap<String, Object> requestMap = new HashMap<>(); |
||||
for (String parameter : request.getParameterMap().keySet()) { |
||||
if (!ArrayUtils.contains(reportParameterNames, parameter)) |
||||
requestMap.put(parameter, request.getParameter(parameter)); |
||||
} |
||||
requestMap.put("userId", LoginService.getInstance().getCurrentUserNameFromRequestCookie(request)); |
||||
|
||||
try { |
||||
if (doCheckTplParameter(requestMap)) return; |
||||
} catch (Exception e) { |
||||
} |
||||
CommonUtils.showErrorPage(response, "请登录系统访问报表", ""); |
||||
} |
||||
|
||||
/** |
||||
* 请求是否需要校验预览参数 |
||||
**/ |
||||
private boolean needCheckParameter(HttpServletRequest request) { |
||||
return IntegrateConf.getInstance().getParaCheckTurnOn() && |
||||
//LoginService.getInstance().isLogged(request) &&
|
||||
StringUtils.isNotBlank(WebUtils.getReportTitleFromRequest(request)); |
||||
} |
||||
|
||||
private boolean doCheckTplParameter(Map requestMap) throws IOException { |
||||
HashMap headerMap = new HashMap(); |
||||
headerMap.put("Content-Type", "application/json"); |
||||
HttpEntity entity = new StringEntity(new ObjectMapper().writeValueAsString(requestMap), "utf-8"); |
||||
String result = HttpToolbox.executeAndParse(HttpRequest.custom().url(IntegrateConf.getInstance().getParaCheckUrl()).post(entity).headers(headerMap).build()); |
||||
return new JSONObject(result).getBoolean("data"); |
||||
} |
||||
} |
@ -0,0 +1,22 @@
|
||||
package com.fr.plugin.decision.integration.token; |
||||
|
||||
import com.fr.plugin.context.PluginContexts; |
||||
import com.fr.stable.fun.impl.AbstractJavaScriptFileHandler; |
||||
|
||||
/** |
||||
* @Author JianYe.Wang |
||||
* @Data 2022/7/21 11:12 |
||||
* @Description 兼容报表访问地址通过URL传递fine_auth_token的形式 |
||||
* @Version 10.0 |
||||
**/ |
||||
public class LoadTokenJSFileHandler extends AbstractJavaScriptFileHandler { |
||||
|
||||
@Override |
||||
public String[] pathsForFiles() { |
||||
if (!PluginContexts.currentContext().isAvailable()) { |
||||
return new String[0]; |
||||
} |
||||
|
||||
return new String[] {"com/fr/plugin/decision/integration/token/js/token.js"}; |
||||
} |
||||
} |
@ -0,0 +1,24 @@
|
||||
package com.fr.plugin.decision.integration.validation; |
||||
|
||||
import com.fr.base.ServerConfig; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.util.HashMap; |
||||
import java.util.regex.Matcher; |
||||
import java.util.regex.Pattern; |
||||
|
||||
/** |
||||
* @Author JianYe.Wang |
||||
* @Data 2022/6/16 9:38 |
||||
* @Description TODO |
||||
* @Version 10.0 |
||||
**/ |
||||
public class BILinkValidate extends DashboardValidate { |
||||
|
||||
public static final Validate KEY = new BILinkValidate(); |
||||
|
||||
@Override |
||||
protected Pattern getPattern() { |
||||
return Pattern.compile("(?<=" + ServerConfig.getInstance().getServletName() + "/link/).*"); |
||||
} |
||||
} |
@ -0,0 +1,36 @@
|
||||
package com.fr.plugin.decision.integration.validation; |
||||
|
||||
import com.fr.base.ServerConfig; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.util.HashMap; |
||||
import java.util.regex.Matcher; |
||||
import java.util.regex.Pattern; |
||||
|
||||
/** |
||||
* @author Jianye |
||||
* @version 10.0 |
||||
* @data 2022/8/24 17:26 |
||||
**/ |
||||
public class DashboardValidate implements Validate { |
||||
|
||||
public static final DashboardValidate KEY = new DashboardValidate(); |
||||
|
||||
@Override |
||||
public boolean accept(HttpServletRequest request) { |
||||
return getPattern().matcher(request.getRequestURI()).find(); |
||||
} |
||||
|
||||
@Override |
||||
public HashMap<String, Object> getCheckParameter(HttpServletRequest request) { |
||||
HashMap<String, Object> param = new HashMap<>(); |
||||
Matcher m = getPattern().matcher(request.getRequestURI()); |
||||
m.find(); |
||||
param.put("dashboard", m.group()); |
||||
return param; |
||||
} |
||||
|
||||
protected Pattern getPattern() { |
||||
return Pattern.compile("(?<=" + ServerConfig.getInstance().getServletName() + "/v5/design/report/).*?(?=/edit|/view)"); |
||||
} |
||||
} |
@ -0,0 +1,30 @@
|
||||
package com.fr.plugin.decision.integration.validation; |
||||
|
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.util.HashMap; |
||||
|
||||
/** |
||||
* @Author JianYe.Wang |
||||
* @Data 2022/6/16 9:34 |
||||
* @Description TODO |
||||
* @Version 10.0 |
||||
**/ |
||||
public class TemplateValidate implements Validate{ |
||||
|
||||
public static final Validate KEY = new TemplateValidate(); |
||||
|
||||
@Override |
||||
public boolean accept(HttpServletRequest request) { |
||||
return StringUtils.isNotEmpty(WebUtils.getReportTitleFromRequest(request)); |
||||
} |
||||
|
||||
@Override |
||||
public HashMap<String, Object> getCheckParameter(HttpServletRequest request) { |
||||
HashMap<String, Object> param = new HashMap<>(); |
||||
param.put("reportlet", WebUtils.getReportTitleFromRequest(request)); |
||||
return param; |
||||
} |
||||
} |
@ -0,0 +1,18 @@
|
||||
package com.fr.plugin.decision.integration.validation; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.util.HashMap; |
||||
|
||||
/** |
||||
* @Author JianYe.Wang |
||||
* @Data 2022/6/16 9:31 |
||||
* @Description TODO |
||||
* @Version 10.0 |
||||
**/ |
||||
public interface Validate { |
||||
|
||||
boolean accept(HttpServletRequest request); |
||||
|
||||
HashMap<String, Object> getCheckParameter(HttpServletRequest request); |
||||
|
||||
} |
@ -0,0 +1,34 @@
|
||||
<!DOCTYPE html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<title>Title</title> |
||||
</head> |
||||
<body> |
||||
<script> |
||||
function addCookie(name, value, path, time) { |
||||
var cookie = name + "=" + encodeURI(value); |
||||
if (time && time > 0) { |
||||
var now = new Date; |
||||
now.setTime(now.getTime() + 3600 * time * 1e3); |
||||
cookie = cookie + "; expires=" + now.toUTCString() |
||||
} |
||||
path && (cookie = cookie + "; path=" + path); |
||||
if ('https:' === location.protocol) { |
||||
cookie = cookie + ";SameSite=None;Secure"; |
||||
} |
||||
document.cookie = cookie; |
||||
} |
||||
window.onload = function () { |
||||
console.log("onload"); |
||||
addCookie("fine_auth_token", "${token}", "/"); |
||||
addCookie("fine_remember_login", "-1", "/"); |
||||
|
||||
window.parent.postMessage({ |
||||
type: "fr_sso", |
||||
data: true |
||||
}, "*"); |
||||
} |
||||
</script> |
||||
</body> |
||||
</html> |
@ -0,0 +1,65 @@
|
||||
!(function () { |
||||
var params = FR.generateUrlParam(window.location.href); |
||||
var token_key = "fine_auth_token"; |
||||
var param_key = "__parameters__"; |
||||
var token; |
||||
|
||||
// url 直接传入
|
||||
!token && params.hasOwnProperty(token_key) && (token = params[token_key]); |
||||
|
||||
// 超级链接到模板
|
||||
if (!token) { |
||||
var hp; |
||||
try { |
||||
if (params.hasOwnProperty(param_key) && (hp = JSON.parse(decodeURIComponent(decodeURIComponent(params[param_key])))).hasOwnProperty(token_key)) { |
||||
token = hp[token_key]; |
||||
} |
||||
} catch (e) { |
||||
console.error(e); |
||||
} |
||||
} |
||||
|
||||
if (token) { |
||||
console.log("Load fine_auth_token from parameter successful!"); |
||||
var _ajax = FR.ajax; |
||||
FR.ajax = function (i) { |
||||
i.data || ( i.data = {}); |
||||
i.data[token_key] = token; |
||||
_ajax.call(this, i); |
||||
}; |
||||
|
||||
var _hyperLinkByGet = FR.doHyperlinkByGet4Reportlet; |
||||
FR.doHyperlinkByGet4Reportlet = function (i) { |
||||
i.para || ( i.para = {}); |
||||
i.para[token_key] = token; |
||||
_hyperLinkByGet.call(this, i); |
||||
}; |
||||
|
||||
// 网页框
|
||||
let _changeIframe = FR.IframeEditor.prototype._changeIframe; |
||||
FR.IframeEditor.prototype._changeIframe = function (src) { |
||||
src += (((src.indexOf("?") > -1) ? "&":"?") + token_key + "=" + token); |
||||
_changeIframe.call(this, src); |
||||
} |
||||
|
||||
// 网页框插件
|
||||
if (FR.RHIframe) { |
||||
let _changeIframe = FR.RHIframe.prototype._changeIframe; |
||||
FR.RHIframe.prototype._changeIframe = function (src) { |
||||
src += (((src.indexOf("?") > -1) ? "&":"?") + token_key + "=" + token); |
||||
_changeIframe.call(this, src); |
||||
} |
||||
} |
||||
|
||||
// 导出请求
|
||||
var _openUrlByForm = FR.openUrlByForm; |
||||
FR.openUrlByForm = function (src) { |
||||
src += (((src.indexOf("?") > -1) ? "&":"?") + token_key + "=" + token); |
||||
_openUrlByForm.call(this, src); |
||||
} |
||||
|
||||
} else { |
||||
console.log("Load fine_auth_token from parameter failed!"); |
||||
} |
||||
|
||||
})(); |
Loading…
Reference in new issue