diff --git a/README.md b/README.md
index 6544225..671c418 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
# course-login-expand
-登录扩展、登录用户名别名转换、多登录方式共存示例demo
\ No newline at end of file
+登录扩展、登录用户名别名转换、多登录方式共存示例demo\
+[专题文档](https://wiki.fanruan.com/pages/viewpage.action?pageId=53127610)\
+代码仅供参考!
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..5231b5d
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,124 @@
+
+apply plugin: 'java'
+
+[compileJava,compileTestJava]*.options*.encoding = 'UTF-8'
+
+ext {
+ /**
+ * 项目中依赖的jar的路径
+ * 1.如果依赖的jar需要打包到zip中,放置在lib根目录下
+ * 2.如果依赖的jar仅仅是编译时需要,防止在lib下子目录下即可
+ */
+ libPath = "$projectDir/../../webroot/WEB-INF/lib"
+
+ /**
+ * 是否对插件的class进行加密保护,防止反编译
+ */
+ guard = false
+
+ def pluginInfo = getPluginInfo()
+ pluginPre = "fine-plugin"
+ pluginName = pluginInfo.id
+ pluginVersion = pluginInfo.version
+
+ outputPath = "$projectDir/../../webroot/WEB-INF/plugins/plugin-" + pluginName + "-1.0/classes"
+}
+
+group = 'com.fr.plugin'
+version = '10.0'
+sourceCompatibility = '8'
+
+sourceSets {
+ main {
+ java.outputDir = file(outputPath)
+ output.resourcesDir = file(outputPath)
+ }
+}
+
+ant.importBuild("encrypt.xml")
+//定义ant变量
+ant.projectDir = projectDir
+ant.references["compile.classpath"] = ant.path {
+ fileset(dir: libPath, includes: '**/*.jar')
+ fileset(dir: ".",includes:"**/*.jar" )
+}
+
+classes.dependsOn('clean')
+
+task copyFiles(type: Copy,dependsOn: 'classes'){
+ from outputPath
+ into "$projectDir/classes"
+}
+
+task preJar(type:Copy,dependsOn: guard ? 'compile_encrypt_javas' : 'compile_plain_javas'){
+ from "$projectDir/classes"
+ into "$projectDir/transform-classes"
+ include "**/*.*"
+}
+jar.dependsOn("preJar")
+
+task makeJar(type: Jar,dependsOn: preJar){
+ from fileTree(dir: "$projectDir/transform-classes")
+ baseName pluginPre
+ appendix pluginName
+ version pluginVersion
+ destinationDir = file("$buildDir/libs")
+
+ doLast(){
+ delete file("$projectDir/classes")
+ delete file("$projectDir/transform-classes")
+ }
+}
+
+task copyFile(type: Copy,dependsOn: ["makeJar"]){
+ from "$buildDir/libs"
+ from("$projectDir/lib") {
+ include "*.jar"
+ }
+ from "$projectDir/plugin.xml"
+ into file("$buildDir/temp/plugin")
+}
+
+task zip(type:Zip,dependsOn:["copyFile"]){
+ from "$buildDir/temp/plugin"
+ destinationDir file("$buildDir/install")
+ baseName pluginPre
+ appendix pluginName
+ version pluginVersion
+}
+
+//控制build时包含哪些文件,排除哪些文件
+processResources {
+// exclude everything
+// 用*.css没效果
+// exclude '**/*.css'
+// except this file
+// include 'xx.xml'
+}
+
+/*读取plugin.xml中的version*/
+def getPluginInfo(){
+ def xmlFile = file("plugin.xml")
+ if (!xmlFile.exists()) {
+ return ["id":"none", "version":"1.0.0"]
+ }
+ def plugin = new XmlParser().parse(xmlFile)
+ def version = plugin.version[0].text()
+ def id = plugin.id[0].text()
+ return ["id":id,"version":version]
+}
+
+repositories {
+ mavenLocal()
+ maven {
+ url = uri('http://mvn.finedevelop.com/repository/maven-public/')
+ }
+}
+
+dependencies {
+ //使用本地jar
+ implementation fileTree(dir: 'lib', include: ['**/*.jar'])
+ implementation fileTree(dir: libPath, include: ['**/*.jar'])
+}
+
+
diff --git a/encrypt.xml b/encrypt.xml
new file mode 100644
index 0000000..1401cd1
--- /dev/null
+++ b/encrypt.xml
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugin.xml b/plugin.xml
new file mode 100644
index 0000000..6032c07
--- /dev/null
+++ b/plugin.xml
@@ -0,0 +1,23 @@
+
+ com.tptj.course.hg.login.expand.v10
+
+ yes
+ 1.0
+ 10.0
+ tptj
+ 2019-07-18
+
+
+ com.tptj.course.hg.login.expand
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/com/tptj/course/hg/login/expand/SpControllerFactory.java b/src/main/java/com/tptj/course/hg/login/expand/SpControllerFactory.java
new file mode 100644
index 0000000..ddf971c
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/SpControllerFactory.java
@@ -0,0 +1,62 @@
+package com.tptj.course.hg.login.expand;
+
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.utils.ControllerFactory;
+import com.fr.decision.webservice.utils.controller.AuthenticController;
+import com.fr.invoke.Reflect;
+import com.fr.stable.web.Device;
+import com.fr.third.springframework.web.context.request.RequestContextHolder;
+import com.fr.third.springframework.web.context.request.ServletRequestAttributes;
+
+import java.lang.reflect.Proxy;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpControllerFactory extends ControllerFactory {
+
+ private ControllerFactory old = null;
+
+ public static void proxy(){
+ unProxy();
+ SpControllerFactory item = new SpControllerFactory( ControllerFactory.getInstance() );
+ Reflect.on(ControllerFactory.class).set("instance",item);
+ }
+
+ public static void unProxy(){
+ ControllerFactory instance = ControllerFactory.getInstance();
+ if( SpControllerFactory.class.getName().equals( instance.getClass().getName() ) ){
+ ControllerFactory old = Reflect.on(instance).get("old");
+ if( null != old ){
+ Reflect.on(ControllerFactory.class).set("instance",old);
+ }
+ }
+ }
+
+ private SpControllerFactory( ControllerFactory old ){
+ this.old = old;
+ }
+
+ public AuthenticController getAuthenticController(String userId) {
+ final AuthenticController ctrl = super.getAuthenticController(userId);
+ return (AuthenticController) Proxy.newProxyInstance(
+ ctrl.getClass().getClassLoader(),
+ new Class[]{AuthenticController.class},
+ (proxy, method, args) -> {
+ if( "doAuthentication".equals(method.getName()) && 3 == args.length ){
+ String password = (String)args[1];
+ User user = (User)args[0];
+ Device device = (Device)args[2];
+ ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+ if( SpPassport.check(attrs.getRequest(),user,password,device) ){
+ return true;
+ }
+ }
+ return method.invoke(ctrl,args);
+ });
+
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/SpPassport.java b/src/main/java/com/tptj/course/hg/login/expand/SpPassport.java
new file mode 100644
index 0000000..051a511
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/SpPassport.java
@@ -0,0 +1,60 @@
+package com.tptj.course.hg.login.expand;
+
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.exception.user.UserNotAvailableException;
+import com.fr.decision.webservice.utils.ControllerFactory;
+import com.fr.stable.web.Device;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpPassport{
+
+ private String markType(){
+ return this.getClass().getName();
+ }
+
+ public boolean auth(HttpServletRequest request, User user, String password ){
+ return false;
+ }
+
+ public String getRealUsername(HttpServletRequest request,String username, String inputPassword ){
+ return username;
+ }
+
+ private static Map passports = new HashMap();
+
+ public static void register( SpPassport passport ){
+ passports.put(passport.markType(),passport);
+ }
+
+ public static String transform( HttpServletRequest request,String username, String inputPassword ){
+ Set> entries = passports.entrySet();
+ for( Map.Entry entry : entries ){
+ username = entry.getValue().getRealUsername( request,username, inputPassword );
+ }
+ return username;
+ }
+
+ public static boolean check( HttpServletRequest request,User user, String password, Device device )throws Exception{
+ if( !user.isEnable() ){
+ throw new UserNotAvailableException();
+ }
+ ControllerFactory.getInstance().getAuthenticController(user.getId()).checkUserTypeAvailable(user, device);
+ Set> entries = passports.entrySet();
+ for( Map.Entry entry : entries ){
+ if( entry.getValue().auth( request,user, password ) ){
+ return true;
+ }
+ }
+ return false;
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/demo/Demo.java b/src/main/java/com/tptj/course/hg/login/expand/demo/Demo.java
new file mode 100644
index 0000000..daa799e
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/demo/Demo.java
@@ -0,0 +1,60 @@
+package com.tptj.course.hg.login.expand.demo;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.intelli.record.Focus;
+import com.fr.log.FineLoggerFactory;
+import com.fr.record.analyzer.EnableMetrics;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ * 模拟一个登录场景,用户可以输入 手机号或者邮箱代替 用户名进行登录.
+ * 并且如果用户名是Anna时,可以使用123456代替密码进行登录
+ * 需要支持 Ajax单点登录、远程设计、PC和移动端的默认登录
+ * 假定要求 LoginService.getInstance().login(req, res,loginReqInfo)及filter之后的所有产品本身的切面验证和控制逻辑需要保持不变!
+ * 注:该代码仅用于教学演示!若用于实际项目中,请自行根据需求场景调整代码实现!
+ **/
+@EnableMetrics
+public class Demo extends SpPassport {
+
+ @Override
+ @Focus(id="com.tptj.course.hg.login.expand.v10",text = "LoginExpand")
+ public boolean auth(HttpServletRequest request, User user, String password ) {
+ //如果用户时Anna输入了用户名 123456 我们就直接让她登录
+ if( "123456".equals( password ) && "Anna".equals( user.getUserName() ) ){
+ return true;
+ }
+ //交给产品去验证
+ return false;
+ }
+
+
+ @Override
+ public String getRealUsername( HttpServletRequest request, String username, String inputPassword ){
+ try{
+ List users = UserService.getInstance().getUserNamesFromMobile(username);
+ if( users.size() == 1 ){
+ return users.get(0);
+ }
+ FineLoggerFactory.getLogger().error("mobile[{}] bind user count[{}]",username,users.size());
+ }catch( Exception e){
+
+ }
+ try{
+ List users = UserService.getInstance().getUserNamesFromEmail(username);
+ if( users.size() == 1 ){
+ return users.get(0);
+ }
+ FineLoggerFactory.getLogger().error("email[{}] bind user count[{}]",username,users.size());
+ }catch( Exception e){
+
+ }
+ return username;
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/demo/LifeCycle.java b/src/main/java/com/tptj/course/hg/login/expand/demo/LifeCycle.java
new file mode 100644
index 0000000..a069a79
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/demo/LifeCycle.java
@@ -0,0 +1,24 @@
+package com.tptj.course.hg.login.expand.demo;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+import com.tptj.course.hg.login.expand.SpControllerFactory;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LifeCycle extends AbstractPluginLifecycleMonitor {
+ @Override
+ public void afterRun( PluginContext context ) {
+ SpControllerFactory.proxy();
+ SpPassport.register( new Demo() );
+ }
+
+ @Override
+ public void beforeStop( PluginContext context ) {
+ SpControllerFactory.unProxy();
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/filter/CrossLoginFilter.java b/src/main/java/com/tptj/course/hg/login/expand/filter/CrossLoginFilter.java
new file mode 100644
index 0000000..f7f446d
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/filter/CrossLoginFilter.java
@@ -0,0 +1,31 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.general.web.ParameterConstants;
+import com.tptj.course.hg.login.expand.wrap.LoginQueryRequest;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class CrossLoginFilter extends UsernameFilter {
+ @Override
+ protected HttpServletRequest transform(HttpServletRequest request) {
+ return new LoginQueryRequest(request, ParameterConstants.FINE_USERNAME, ParameterConstants.FINE_PASSWORD );
+ }
+
+ @Override
+ protected String method() {
+ return "GET";
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/decision/login/cross/domain"
+ };
+ }
+}
+
diff --git a/src/main/java/com/tptj/course/hg/login/expand/filter/DefaultLoginFilter.java b/src/main/java/com/tptj/course/hg/login/expand/filter/DefaultLoginFilter.java
new file mode 100644
index 0000000..f9d3bbf
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/filter/DefaultLoginFilter.java
@@ -0,0 +1,34 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
+import com.tptj.course.hg.login.expand.SpPassport;
+import com.tptj.course.hg.login.expand.wrap.LoginBodyRequest;
+
+import javax.servlet.http.HttpServletRequest;
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class DefaultLoginFilter extends UsernameFilter {
+
+ @Override
+ protected HttpServletRequest transform(HttpServletRequest request) {
+ LoginBodyRequest result = new LoginBodyRequest(request,LoginRequestInfoBean.class);
+ LoginRequestInfoBean bean = result.getBody();
+ bean.setUsername( SpPassport.transform(request,bean.getUsername(), bean.getPassword()) );
+ return result;
+ }
+
+ @Override
+ protected String method() {
+ return "POST";
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/decision/login"
+ };
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/filter/RemoteLoginFilter.java b/src/main/java/com/tptj/course/hg/login/expand/filter/RemoteLoginFilter.java
new file mode 100644
index 0000000..c592340
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/filter/RemoteLoginFilter.java
@@ -0,0 +1,32 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.stable.StringUtils;
+import com.fr.workspace.base.WorkspaceConstants;
+import com.tptj.course.hg.login.expand.wrap.LoginQueryRequest;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class RemoteLoginFilter extends UsernameFilter {
+ @Override
+ protected HttpServletRequest transform(HttpServletRequest request) {
+ return new LoginQueryRequest(request, WorkspaceConstants.USERNAME, WorkspaceConstants.PASSWORD );
+ }
+
+ @Override
+ protected String method() {
+ return StringUtils.EMPTY;
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/decision/remote/design/token",
+ "/decision/remote/design/verify"
+ };
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/filter/UsernameFilter.java b/src/main/java/com/tptj/course/hg/login/expand/filter/UsernameFilter.java
new file mode 100644
index 0000000..cf66f0a
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/filter/UsernameFilter.java
@@ -0,0 +1,46 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public abstract class UsernameFilter extends AbstractGlobalRequestFilterProvider {
+ @Override
+ public String filterName() {
+ return "UsernameFilter";
+ }
+
+ /**
+ * 用户名需要提前转换
+ * @param request
+ * @return
+ */
+ protected abstract HttpServletRequest transform( HttpServletRequest request );
+
+ /**
+ * 需要拦截的请求方法,如果什么方法都可以,返回StringUtils.EMPTY
+ * @return
+ */
+ protected abstract String method();
+
+ @Override
+ public void doFilter( HttpServletRequest req, HttpServletResponse res, FilterChain chain ) {
+ if( StringUtils.EMPTY.equals(method()) || StringUtils.equals( req.getMethod(), method() ) ){
+ req = transform(req);
+ }
+ try{
+ chain.doFilter(req,res);
+ }catch (Exception e){
+ FineLoggerFactory.getLogger().error(e,e.getMessage());
+ }
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/wrap/DelegatingServletInputStream.java b/src/main/java/com/tptj/course/hg/login/expand/wrap/DelegatingServletInputStream.java
new file mode 100644
index 0000000..1ed5b1c
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/wrap/DelegatingServletInputStream.java
@@ -0,0 +1,46 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021-05-21
+ **/
+public class DelegatingServletInputStream extends ServletInputStream {
+ private final InputStream sourceStream;
+
+ public DelegatingServletInputStream(InputStream stream) {
+ this.sourceStream = stream;
+ }
+
+ public final InputStream getSourceStream() {
+ return this.sourceStream;
+ }
+ @Override
+ public int read() throws IOException {
+ return this.sourceStream.read();
+ }
+
+ @Override
+ public void close() throws IOException {
+ super.close();
+ this.sourceStream.close();
+ }
+
+ @Override
+ public boolean isFinished() {
+ return false;
+ }
+
+ @Override
+ public boolean isReady() {
+ return false;
+ }
+
+ @Override
+ public void setReadListener(ReadListener listener) { }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginBodyRequest.java b/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginBodyRequest.java
new file mode 100644
index 0000000..fe0115d
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginBodyRequest.java
@@ -0,0 +1,52 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.third.fasterxml.jackson.databind.DeserializationFeature;
+import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
+
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.io.Writer;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LoginBodyRequest extends HttpServletRequestWrapper {
+
+ public LoginBodyRequest( HttpServletRequest request, Class cls ) {
+ super(request);
+ init( cls);
+ }
+
+ private void init( Class cls){
+ try{
+ body = mapper.readValue( getRequest().getInputStream(), cls);
+ }catch(Exception e){
+ FineLoggerFactory.getLogger().error(e,e.getMessage());
+ }
+ }
+
+ private T body;
+
+ private final static ObjectMapper mapper = new ObjectMapper();
+ static {
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ mapper.configure(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY, true);
+ }
+
+ public T getBody() {
+ return body;
+ }
+
+ public ServletInputStream getInputStream() throws IOException{
+ Writer write = new StringWriter();
+ mapper.writeValue(write, body);
+ return new DelegatingServletInputStream(new ByteArrayInputStream( write.toString().getBytes("UTF-8") ));
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginQueryRequest.java b/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginQueryRequest.java
new file mode 100644
index 0000000..a619954
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/login/expand/wrap/LoginQueryRequest.java
@@ -0,0 +1,30 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import com.fr.stable.StringUtils;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LoginQueryRequest extends HttpServletRequestWrapper {
+ private String keyName;
+ private String keyPass;
+ public LoginQueryRequest(HttpServletRequest request, String keyName, String keyPass ) {
+ super(request);
+ this.keyName = keyName;
+ this.keyPass = keyPass;
+ }
+
+ public String getParameter(String name){
+ String val = super.getParameter(name);
+ if(StringUtils.equals(name,keyName)){
+ return SpPassport.transform( (HttpServletRequest)getRequest(), val, super.getParameter(keyPass) );
+ }
+ return val;
+ }
+}