提交视频配套代码

README.md

@@ -1,3 +1,5 @@
 # course-login-expand
 
-登录扩展、登录用户名别名转换、多登录方式共存示例demo
+登录扩展、登录用户名别名转换、多登录方式共存示例demo\
+[专题文档](https://wiki.fanruan.com/pages/viewpage.action?pageId=53127610)\
+代码仅供参考！

build.gradle

@@ -0,0 +1,124 @@
+
+apply plugin: 'java'
+
+[compileJava,compileTestJava]*.options*.encoding = 'UTF-8'
+
+ext {
+    /**
+     * 项目中依赖的jar的路径
+     * 1.如果依赖的jar需要打包到zip中,放置在lib根目录下
+     * 2.如果依赖的jar仅仅是编译时需要，防止在lib下子目录下即可
+     */
+    libPath = "$projectDir/../../webroot/WEB-INF/lib"
+
+    /**
+     * 是否对插件的class进行加密保护，防止反编译
+     */
+    guard = false
+
+    def pluginInfo = getPluginInfo()
+    pluginPre = "fine-plugin"
+    pluginName = pluginInfo.id
+    pluginVersion = pluginInfo.version
+
+    outputPath = "$projectDir/../../webroot/WEB-INF/plugins/plugin-" + pluginName + "-1.0/classes"
+}
+
+group = 'com.fr.plugin'
+version = '10.0'
+sourceCompatibility = '8'
+
+sourceSets {
+    main {
+        java.outputDir = file(outputPath)
+        output.resourcesDir = file(outputPath)
+    }
+}
+
+ant.importBuild("encrypt.xml")
+//定义ant变量
+ant.projectDir = projectDir
+ant.references["compile.classpath"] = ant.path {
+    fileset(dir: libPath, includes: '**/*.jar')
+    fileset(dir: ".",includes:"**/*.jar" )
+}
+
+classes.dependsOn('clean')
+
+task copyFiles(type: Copy,dependsOn: 'classes'){
+    from outputPath
+    into "$projectDir/classes"
+}
+
+task preJar(type:Copy,dependsOn: guard ? 'compile_encrypt_javas' : 'compile_plain_javas'){
+    from "$projectDir/classes"
+    into "$projectDir/transform-classes"
+    include "**/*.*"
+}
+jar.dependsOn("preJar")
+
+task makeJar(type: Jar,dependsOn: preJar){
+    from fileTree(dir: "$projectDir/transform-classes")
+    baseName pluginPre
+    appendix pluginName
+    version pluginVersion
+    destinationDir = file("$buildDir/libs")
+
+    doLast(){
+        delete file("$projectDir/classes")
+        delete file("$projectDir/transform-classes")
+    }
+}
+
+task copyFile(type: Copy,dependsOn: ["makeJar"]){
+    from "$buildDir/libs"
+    from("$projectDir/lib") {
+        include "*.jar"
+    }
+    from "$projectDir/plugin.xml"
+    into file("$buildDir/temp/plugin")
+}
+
+task zip(type:Zip,dependsOn:["copyFile"]){
+    from "$buildDir/temp/plugin"
+    destinationDir file("$buildDir/install")
+    baseName pluginPre
+    appendix pluginName
+    version pluginVersion
+}
+
+//控制build时包含哪些文件,排除哪些文件
+processResources {
+//    exclude everything
+//    用*.css没效果
+//    exclude '**/*.css'
+//    except this file
+//    include 'xx.xml'
+}
+
+/*读取plugin.xml中的version*/
+def getPluginInfo(){
+    def xmlFile = file("plugin.xml")
+    if (!xmlFile.exists()) {
+        return ["id":"none", "version":"1.0.0"]
+    }
+    def plugin = new XmlParser().parse(xmlFile)
+    def version = plugin.version[0].text()
+    def id = plugin.id[0].text()
+    return ["id":id,"version":version]
+}
+
+repositories {
+    mavenLocal()
+    maven {
+        url = uri('http://mvn.finedevelop.com/repository/maven-public/')
+    }
+}
+
+dependencies {
+    //使用本地jar
+    implementation  fileTree(dir: 'lib', include: ['**/*.jar'])
+    implementation  fileTree(dir: libPath, include: ['**/*.jar'])
+}
+
+

encrypt.xml

@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<project>
+    <target name="compile_encrypt_javas" depends="copyFiles">
+        <echo message="加密文件"/>
+        <echo message="${projectDir}"/>
+        <taskdef name="pretreatment" classname="com.fr.plugin.pack.PluginPretreatmentTask">
+            <classpath refid="compile.classpath"/>
+        </taskdef>
+        <pretreatment baseDir="${projectDir}"/>
+    </target>
+    <target name="compile_plain_javas" depends="copyFiles">
+    </target>
+</project>

plugin.xml

@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.tptj.course.hg.login.expand.v10</id>
+    <name><![CDATA[ LoginExpand ]]></name>
+    <active>yes</active>
+    <version>1.0</version>
+    <env-version>10.0</env-version>
+    <vendor>tptj</vendor>
+    <jartime>2019-07-18</jartime>
+    <description><![CDATA[  ]]></description>
+    <change-notes><![CDATA[]]></change-notes>
+	<main-package>com.tptj.course.hg.login.expand</main-package>
+    <function-recorder class="com.tptj.course.hg.login.expand.demo.Demo"/>
+    <extra-decision>
+        <!--    注册PC/移动端 默认的登录处理接口    -->
+        <GlobalRequestFilterProvider class="com.tptj.course.hg.login.expand.filter.DefaultLoginFilter"/>
+        <!--    注册远程工作目录登录处理接口    -->
+        <GlobalRequestFilterProvider class="com.tptj.course.hg.login.expand.filter.RemoteLoginFilter"/>
+        <!--    注册产品自带的单点登录处理接口    -->
+        <GlobalRequestFilterProvider class="com.tptj.course.hg.login.expand.filter.CrossLoginFilter"/>
+    </extra-decision>
+    <!--    代理插件逻辑和注册需要具体实现的登录方法    -->
+    <lifecycle-monitor class="com.tptj.course.hg.login.expand.demo.LifeCycle"/>
+</plugin>

src/main/java/com/tptj/course/hg/login/expand/SpControllerFactory.java

@@ -0,0 +1,62 @@
+package com.tptj.course.hg.login.expand;
+
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.utils.ControllerFactory;
+import com.fr.decision.webservice.utils.controller.AuthenticController;
+import com.fr.invoke.Reflect;
+import com.fr.stable.web.Device;
+import com.fr.third.springframework.web.context.request.RequestContextHolder;
+import com.fr.third.springframework.web.context.request.ServletRequestAttributes;
+
+import java.lang.reflect.Proxy;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpControllerFactory extends ControllerFactory {
+
+    private ControllerFactory old = null;
+
+    public static void proxy(){
+        unProxy();
+        SpControllerFactory item = new SpControllerFactory( ControllerFactory.getInstance() );
+        Reflect.on(ControllerFactory.class).set("instance",item);
+    }
+
+    public static void unProxy(){
+        ControllerFactory instance = ControllerFactory.getInstance();
+        if( SpControllerFactory.class.getName().equals( instance.getClass().getName() ) ){
+            ControllerFactory old = Reflect.on(instance).get("old");
+            if( null != old  ){
+                Reflect.on(ControllerFactory.class).set("instance",old);
+            }
+        }
+    }
+
+    private SpControllerFactory( ControllerFactory old ){
+        this.old = old;
+    }
+
+    public AuthenticController getAuthenticController(String userId) {
+        final AuthenticController ctrl = super.getAuthenticController(userId);
+        return (AuthenticController) Proxy.newProxyInstance(
+                ctrl.getClass().getClassLoader(),
+                new Class[]{AuthenticController.class},
+                (proxy, method, args) -> {
+                    if( "doAuthentication".equals(method.getName()) && 3 == args.length ){
+                        String password = (String)args[1];
+                        User user = (User)args[0];
+                        Device device = (Device)args[2];
+                        ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+                        if( SpPassport.check(attrs.getRequest(),user,password,device) ){
+                            return true;
+                        }
+                    }
+                    return method.invoke(ctrl,args);
+                });
+
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/SpPassport.java

@@ -0,0 +1,60 @@
+package com.tptj.course.hg.login.expand;
+
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.exception.user.UserNotAvailableException;
+import com.fr.decision.webservice.utils.ControllerFactory;
+import com.fr.stable.web.Device;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpPassport{
+
+    private String markType(){
+        return this.getClass().getName();
+    }
+
+    public boolean auth(HttpServletRequest request, User user, String password ){
+        return false;
+    }
+
+    public String getRealUsername(HttpServletRequest request,String username, String inputPassword ){
+        return username;
+    }
+
+    private static Map<String,SpPassport> passports = new HashMap<String,SpPassport>();
+
+    public static void register( SpPassport passport ){
+        passports.put(passport.markType(),passport);
+    }
+
+    public static String transform( HttpServletRequest request,String username, String inputPassword ){
+        Set<Map.Entry<String, SpPassport>> entries = passports.entrySet();
+        for( Map.Entry<String, SpPassport> entry : entries ){
+            username = entry.getValue().getRealUsername( request,username, inputPassword );
+        }
+        return username;
+    }
+
+    public static boolean check( HttpServletRequest request,User user, String password, Device device )throws Exception{
+        if( !user.isEnable() ){
+            throw new UserNotAvailableException();
+        }
+        ControllerFactory.getInstance().getAuthenticController(user.getId()).checkUserTypeAvailable(user, device);
+        Set<Map.Entry<String, SpPassport>> entries = passports.entrySet();
+        for( Map.Entry<String, SpPassport> entry : entries ){
+            if( entry.getValue().auth( request,user, password ) ){
+                return true;
+            }
+        }
+        return false;
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/demo/Demo.java

@@ -0,0 +1,60 @@
+package com.tptj.course.hg.login.expand.demo;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.intelli.record.Focus;
+import com.fr.log.FineLoggerFactory;
+import com.fr.record.analyzer.EnableMetrics;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ * 模拟一个登录场景，用户可以输入 手机号或者邮箱代替 用户名进行登录.
+ * 并且如果用户名是Anna时，可以使用123456代替密码进行登录
+ * 需要支持 Ajax单点登录、远程设计、PC和移动端的默认登录
+ * 假定要求 LoginService.getInstance().login(req, res,loginReqInfo)及filter之后的所有产品本身的切面验证和控制逻辑需要保持不变！
+ * 注：该代码仅用于教学演示！若用于实际项目中，请自行根据需求场景调整代码实现！
+ **/
+@EnableMetrics
+public class Demo extends SpPassport {
+
+    @Override
+    @Focus(id="com.tptj.course.hg.login.expand.v10",text = "LoginExpand")
+    public boolean auth(HttpServletRequest request, User user, String password ) {
+        //如果用户时Anna输入了用户名 123456 我们就直接让她登录
+        if( "123456".equals( password ) && "Anna".equals( user.getUserName() ) ){
+            return true;
+        }
+        //交给产品去验证
+        return false;
+    }
+
+
+    @Override
+    public String getRealUsername( HttpServletRequest request, String username, String inputPassword ){
+        try{
+            List<String> users = UserService.getInstance().getUserNamesFromMobile(username);
+            if( users.size() == 1 ){
+                return users.get(0);
+            }
+            FineLoggerFactory.getLogger().error("mobile[{}] bind user count[{}]",username,users.size());
+        }catch( Exception e){
+
+        }
+        try{
+            List<String> users = UserService.getInstance().getUserNamesFromEmail(username);
+            if( users.size() == 1 ){
+                return users.get(0);
+            }
+            FineLoggerFactory.getLogger().error("email[{}] bind user count[{}]",username,users.size());
+        }catch( Exception e){
+
+        }
+        return username;
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/demo/LifeCycle.java

@@ -0,0 +1,24 @@
+package com.tptj.course.hg.login.expand.demo;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+import com.tptj.course.hg.login.expand.SpControllerFactory;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LifeCycle extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun( PluginContext context ) {
+        SpControllerFactory.proxy();
+        SpPassport.register( new Demo() );
+    }
+
+    @Override
+    public void beforeStop( PluginContext context ) {
+        SpControllerFactory.unProxy();
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/filter/CrossLoginFilter.java

@@ -0,0 +1,31 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.general.web.ParameterConstants;
+import com.tptj.course.hg.login.expand.wrap.LoginQueryRequest;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class CrossLoginFilter extends UsernameFilter {
+    @Override
+    protected HttpServletRequest transform(HttpServletRequest request) {
+        return new LoginQueryRequest(request, ParameterConstants.FINE_USERNAME, ParameterConstants.FINE_PASSWORD );
+    }
+
+    @Override
+    protected String method() {
+        return "GET";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{
+                "/decision/login/cross/domain"
+        };
+    }
+}
+

src/main/java/com/tptj/course/hg/login/expand/filter/DefaultLoginFilter.java

@@ -0,0 +1,34 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
+import com.tptj.course.hg.login.expand.SpPassport;
+import com.tptj.course.hg.login.expand.wrap.LoginBodyRequest;
+
+import javax.servlet.http.HttpServletRequest;
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class DefaultLoginFilter extends UsernameFilter {
+
+    @Override
+    protected HttpServletRequest transform(HttpServletRequest request) {
+        LoginBodyRequest<LoginRequestInfoBean> result = new LoginBodyRequest(request,LoginRequestInfoBean.class);
+        LoginRequestInfoBean bean = result.getBody();
+        bean.setUsername( SpPassport.transform(request,bean.getUsername(), bean.getPassword()) );
+        return result;
+    }
+
+    @Override
+    protected String method() {
+        return "POST";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{
+                "/decision/login"
+        };
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/filter/RemoteLoginFilter.java

@@ -0,0 +1,32 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.stable.StringUtils;
+import com.fr.workspace.base.WorkspaceConstants;
+import com.tptj.course.hg.login.expand.wrap.LoginQueryRequest;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class RemoteLoginFilter extends UsernameFilter {
+    @Override
+    protected HttpServletRequest transform(HttpServletRequest request) {
+        return new LoginQueryRequest(request, WorkspaceConstants.USERNAME, WorkspaceConstants.PASSWORD );
+    }
+
+    @Override
+    protected String method() {
+        return StringUtils.EMPTY;
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{
+                "/decision/remote/design/token",
+                "/decision/remote/design/verify"
+        };
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/filter/UsernameFilter.java

@@ -0,0 +1,46 @@
+package com.tptj.course.hg.login.expand.filter;
+
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public abstract class UsernameFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "UsernameFilter";
+    }
+
+    /**
+     * 用户名需要提前转换
+     * @param request
+     * @return
+     */
+    protected abstract HttpServletRequest transform( HttpServletRequest request );
+
+    /**
+     * 需要拦截的请求方法，如果什么方法都可以，返回StringUtils.EMPTY
+     * @return
+     */
+    protected abstract String method();
+
+    @Override
+    public void doFilter( HttpServletRequest req, HttpServletResponse res, FilterChain chain ) {
+        if( StringUtils.EMPTY.equals(method()) || StringUtils.equals( req.getMethod(), method() ) ){
+            req = transform(req);
+        }
+        try{
+            chain.doFilter(req,res);
+        }catch (Exception e){
+            FineLoggerFactory.getLogger().error(e,e.getMessage());
+        }
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/wrap/DelegatingServletInputStream.java

@@ -0,0 +1,46 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021-05-21
+ **/
+public class DelegatingServletInputStream extends ServletInputStream {
+    private final InputStream sourceStream;
+
+    public DelegatingServletInputStream(InputStream stream) {
+        this.sourceStream = stream;
+    }
+
+    public final InputStream getSourceStream() {
+        return this.sourceStream;
+    }
+    @Override
+    public int read() throws IOException {
+        return this.sourceStream.read();
+    }
+
+    @Override
+    public void close() throws IOException {
+        super.close();
+        this.sourceStream.close();
+    }
+
+    @Override
+    public boolean isFinished() {
+        return false;
+    }
+
+    @Override
+    public boolean isReady() {
+        return false;
+    }
+
+    @Override
+    public void setReadListener(ReadListener listener) { }
+}

src/main/java/com/tptj/course/hg/login/expand/wrap/LoginBodyRequest.java

@@ -0,0 +1,52 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.third.fasterxml.jackson.databind.DeserializationFeature;
+import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
+
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.StringWriter;
+import java.io.Writer;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LoginBodyRequest<T> extends HttpServletRequestWrapper {
+
+    public LoginBodyRequest( HttpServletRequest request, Class<T> cls ) {
+        super(request);
+        init( cls);
+    }
+
+    private void init( Class<T> cls){
+        try{
+            body = mapper.readValue( getRequest().getInputStream(), cls);
+        }catch(Exception e){
+            FineLoggerFactory.getLogger().error(e,e.getMessage());
+        }
+    }
+
+    private T body;
+
+    private final static ObjectMapper mapper = new ObjectMapper();
+    static {
+        mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+        mapper.configure(DeserializationFeature.ACCEPT_SINGLE_VALUE_AS_ARRAY, true);
+    }
+
+    public T getBody() {
+        return body;
+    }
+
+    public ServletInputStream getInputStream() throws IOException{
+        Writer write = new StringWriter();
+        mapper.writeValue(write, body);
+        return new DelegatingServletInputStream(new ByteArrayInputStream( write.toString().getBytes("UTF-8") ));
+    }
+}

src/main/java/com/tptj/course/hg/login/expand/wrap/LoginQueryRequest.java

@@ -0,0 +1,30 @@
+package com.tptj.course.hg.login.expand.wrap;
+
+import com.fr.stable.StringUtils;
+import com.tptj.course.hg.login.expand.SpPassport;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LoginQueryRequest extends HttpServletRequestWrapper {
+    private String keyName;
+    private String keyPass;
+    public LoginQueryRequest(HttpServletRequest request, String keyName, String keyPass ) {
+        super(request);
+        this.keyName = keyName;
+        this.keyPass = keyPass;
+    }
+
+    public String getParameter(String name){
+        String val = super.getParameter(name);
+        if(StringUtils.equals(name,keyName)){
+            return SpPassport.transform( (HttpServletRequest)getRequest(), val, super.getParameter(keyPass) );
+        }
+        return val;
+    }
+}