diff --git a/README.md b/README.md
index a2f218a..af6fd93 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
# course-template-auth
-模板权限集成示例代码
\ No newline at end of file
+模板权限集成示例代码\
+[专题文档](https://wiki.fanruan.com/pages/viewpage.action?pageId=53127610)\
+代码仅供参考!
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
new file mode 100644
index 0000000..5231b5d
--- /dev/null
+++ b/build.gradle
@@ -0,0 +1,124 @@
+
+apply plugin: 'java'
+
+[compileJava,compileTestJava]*.options*.encoding = 'UTF-8'
+
+ext {
+ /**
+ * 项目中依赖的jar的路径
+ * 1.如果依赖的jar需要打包到zip中,放置在lib根目录下
+ * 2.如果依赖的jar仅仅是编译时需要,防止在lib下子目录下即可
+ */
+ libPath = "$projectDir/../../webroot/WEB-INF/lib"
+
+ /**
+ * 是否对插件的class进行加密保护,防止反编译
+ */
+ guard = false
+
+ def pluginInfo = getPluginInfo()
+ pluginPre = "fine-plugin"
+ pluginName = pluginInfo.id
+ pluginVersion = pluginInfo.version
+
+ outputPath = "$projectDir/../../webroot/WEB-INF/plugins/plugin-" + pluginName + "-1.0/classes"
+}
+
+group = 'com.fr.plugin'
+version = '10.0'
+sourceCompatibility = '8'
+
+sourceSets {
+ main {
+ java.outputDir = file(outputPath)
+ output.resourcesDir = file(outputPath)
+ }
+}
+
+ant.importBuild("encrypt.xml")
+//定义ant变量
+ant.projectDir = projectDir
+ant.references["compile.classpath"] = ant.path {
+ fileset(dir: libPath, includes: '**/*.jar')
+ fileset(dir: ".",includes:"**/*.jar" )
+}
+
+classes.dependsOn('clean')
+
+task copyFiles(type: Copy,dependsOn: 'classes'){
+ from outputPath
+ into "$projectDir/classes"
+}
+
+task preJar(type:Copy,dependsOn: guard ? 'compile_encrypt_javas' : 'compile_plain_javas'){
+ from "$projectDir/classes"
+ into "$projectDir/transform-classes"
+ include "**/*.*"
+}
+jar.dependsOn("preJar")
+
+task makeJar(type: Jar,dependsOn: preJar){
+ from fileTree(dir: "$projectDir/transform-classes")
+ baseName pluginPre
+ appendix pluginName
+ version pluginVersion
+ destinationDir = file("$buildDir/libs")
+
+ doLast(){
+ delete file("$projectDir/classes")
+ delete file("$projectDir/transform-classes")
+ }
+}
+
+task copyFile(type: Copy,dependsOn: ["makeJar"]){
+ from "$buildDir/libs"
+ from("$projectDir/lib") {
+ include "*.jar"
+ }
+ from "$projectDir/plugin.xml"
+ into file("$buildDir/temp/plugin")
+}
+
+task zip(type:Zip,dependsOn:["copyFile"]){
+ from "$buildDir/temp/plugin"
+ destinationDir file("$buildDir/install")
+ baseName pluginPre
+ appendix pluginName
+ version pluginVersion
+}
+
+//控制build时包含哪些文件,排除哪些文件
+processResources {
+// exclude everything
+// 用*.css没效果
+// exclude '**/*.css'
+// except this file
+// include 'xx.xml'
+}
+
+/*读取plugin.xml中的version*/
+def getPluginInfo(){
+ def xmlFile = file("plugin.xml")
+ if (!xmlFile.exists()) {
+ return ["id":"none", "version":"1.0.0"]
+ }
+ def plugin = new XmlParser().parse(xmlFile)
+ def version = plugin.version[0].text()
+ def id = plugin.id[0].text()
+ return ["id":id,"version":version]
+}
+
+repositories {
+ mavenLocal()
+ maven {
+ url = uri('http://mvn.finedevelop.com/repository/maven-public/')
+ }
+}
+
+dependencies {
+ //使用本地jar
+ implementation fileTree(dir: 'lib', include: ['**/*.jar'])
+ implementation fileTree(dir: libPath, include: ['**/*.jar'])
+}
+
+
diff --git a/encrypt.xml b/encrypt.xml
new file mode 100644
index 0000000..1401cd1
--- /dev/null
+++ b/encrypt.xml
@@ -0,0 +1,13 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugin.xml b/plugin.xml
new file mode 100644
index 0000000..a844486
--- /dev/null
+++ b/plugin.xml
@@ -0,0 +1,19 @@
+
+ com.tptj.course.hg.auth.template.v10
+
+ yes
+ 1.0
+ 10.0
+ tptj
+ 2019-07-18
+
+
+ com.tptj.course.hg.auth.template
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/com/tptj/course/hg/auth/template/Demo.java b/src/main/java/com/tptj/course/hg/auth/template/Demo.java
new file mode 100644
index 0000000..b785332
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/Demo.java
@@ -0,0 +1,27 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.intelli.record.Focus;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+@EnableMetrics
+public class Demo extends TemplateAuth{
+
+ @Override
+ @Focus(id="com.tptj.course.hg.auth.template.v10",text = "TemplateAuth")
+ public boolean auth(HttpServletRequest request, String templateId, String username) {
+ String code = WebUtils.getHTTPRequestParameter(request,"code");
+ if("123456".equals(code)){
+ return true;
+ }
+ return false;
+ }
+
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java b/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java
new file mode 100644
index 0000000..76c171f
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java
@@ -0,0 +1,43 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class InitFilter extends AbstractGlobalRequestFilterProvider {
+ @Override
+ public String filterName() {
+ return "InitFilter";
+ }
+
+ @Override
+ public void init(FilterConfig config) {
+ //因为生命周期接口执行时,产品本身的认证方式还没有初始化,所以改到filter初始化的时候再进行代理
+ SpTemplateAuthType.proxy();
+ TemplateAuth.register(new Demo());
+ }
+
+ @Override
+ public void destroy() {
+ SpTemplateAuthType.unProxy();
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{"/xx"};
+ }
+ @Override
+ public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
+ try{
+ chain.doFilter(req, res);
+ }catch(Exception e){}
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java b/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java
new file mode 100644
index 0000000..25e9d11
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java
@@ -0,0 +1,22 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LifeCycle extends AbstractPluginLifecycleMonitor {
+ @Override
+ public void afterRun( PluginContext context ) {
+ SpTemplateAuthType.proxy();
+ TemplateAuth.register(new Demo());
+ }
+
+ @Override
+ public void beforeStop( PluginContext context ) {
+ SpTemplateAuthType.unProxy();
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java b/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java
new file mode 100644
index 0000000..cd5f30b
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java
@@ -0,0 +1,38 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus;
+import com.fr.invoke.Reflect;
+import com.fr.third.net.sf.cglib.proxy.MethodInterceptor;
+import com.fr.third.net.sf.cglib.proxy.MethodProxy;
+import java.lang.reflect.Method;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class MethodInterceptorImpl implements MethodInterceptor {
+
+ private Object source;
+
+ public MethodInterceptorImpl(Object source){
+ this.source = source;
+ }
+
+ @Override
+ public Object intercept( Object o, Method method, Object[] params, MethodProxy proxy ) throws Throwable {
+ if( method.getName().equals("templateAuth") ){
+ boolean rt = Reflect.on(SpTemplateAuthType.class).call("templateAuth",params).get();
+ if( rt ){
+ return ((TempAuthValidatorStatus)params[0]).directAccessTemp(true).needAuthorityCheck(false);
+ }
+ }else if( method.getName().equals("hyperlinkTokenValid") ){
+ boolean rt = Reflect.on(SpTemplateAuthType.class).call("hyperlinkTokenValid",params).get();
+ if( rt ){
+ return true;
+ }
+ }
+ return method.invoke(source,params);
+ }
+
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java b/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java
new file mode 100644
index 0000000..47894e1
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java
@@ -0,0 +1,96 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.webservice.impl.template.TemplateAuthType;
+import com.fr.decision.webservice.interceptor.handler.HyperlinkValidAttr;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus;
+import com.fr.invoke.Reflect;
+import com.fr.stable.StringUtils;
+import com.fr.state.SateVariableManager;
+import com.fr.third.net.sf.cglib.proxy.Enhancer;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.Set;
+
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpTemplateAuthType{
+
+ private static Enhancer enhancer = new Enhancer();
+
+ private static TemplateAuthType proxy( TemplateAuthType source ){
+ String key = SpTemplateAuthType.class.getName()+source.toInteger();
+ TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key );
+ if( null == data ){
+ data = source;
+ }
+ enhancer.setSuperclass( source.getClass() );
+ enhancer.setCallback( new MethodInterceptorImpl(data) );
+ return (TemplateAuthType)enhancer.create();
+ }
+
+ private static TemplateAuthType unProxy( TemplateAuthType source ){
+ String key = SpTemplateAuthType.class.getName()+source.toInteger();
+ TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key );
+ SateVariableManager.remove(key);
+ return null != data ? data : source;
+ }
+
+ public static void proxy(){
+ Map typeMap = Reflect.on(TemplateAuthType.class).get("typeMap");
+ Set> entries = typeMap.entrySet();
+ for( Map.Entry entry : entries ){
+ TemplateAuthType type = proxy( entry.getValue() );
+ entry.setValue(type);
+ }
+ }
+
+ public static void unProxy(){
+ Map typeMap = Reflect.on(TemplateAuthType.class).get("typeMap");
+ Set> entries = typeMap.entrySet();
+ for( Map.Entry entry : entries ){
+ TemplateAuthType type = unProxy( entry.getValue() );
+ entry.setValue(type);
+ }
+ }
+
+ private static String getUsername( HttpServletRequest request ){
+ try{
+ return LoginService.getInstance().loginStatusValid(request, TokenResource.COOKIE).getUsername();
+ }catch(Exception e){
+
+ }
+ return StringUtils.EMPTY;
+ }
+
+ public static boolean templateAuth(TempAuthValidatorStatus status,
+ HttpServletRequest request, String templateId) throws Exception{
+ String username = getUsername(request);
+ boolean rt = TemplateAuth.check(request,templateId,username);
+ if(rt){
+ //设置超链接获得权限
+ String key = StateHubUtils.initAuthKey(templateId);
+ request.setAttribute(DecisionServiceConstants.FINE_DIGITAL_SIGNATURE,key);
+ }
+ return rt;
+ }
+
+ /**
+ * 检查超链接权限
+ * @param attr
+ * @return
+ * @throws Exception
+ */
+ public static boolean hyperlinkTokenValid(HyperlinkValidAttr attr) throws Exception{
+ String mainTempId = attr.getHyperlinkMainTempId();
+ String signature = attr.getHyperlinkDigitalSignature();
+ return StateHubUtils.authKey(mainTempId,signature);
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java b/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java
new file mode 100644
index 0000000..a5779b1
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java
@@ -0,0 +1,39 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.base.util.UUIDUtil;
+import com.fr.decision.config.FSConfig;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.store.StateHubManager;
+import com.fr.store.StateHubService;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class StateHubUtils {
+ private static StateHubService getTemplateAuthService(){
+ return StateHubManager.applyForService("TemplateAuthKey");
+ }
+ public static String initAuthKey( String templateId ){
+ int timeout = (int) FSConfig.getInstance().getLoginConfig().getLoginTimeout();
+ String key = UUIDUtil.generate()+System.currentTimeMillis();
+ try{
+ getTemplateAuthService().put( key, templateId,timeout );
+ return key;
+ }catch(Exception e){
+ FineLoggerFactory.getLogger().error(e.getMessage(),e);
+ }
+ return StringUtils.EMPTY;
+ }
+
+ public static boolean authKey( String templateId, String key ){
+ try{
+ return templateId.equals( getTemplateAuthService().get(key) );
+ }catch(Exception e){
+ FineLoggerFactory.getLogger().error(e.getMessage(),e);
+ }
+ return false;
+ }
+}
diff --git a/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java b/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java
new file mode 100644
index 0000000..56c3ef1
--- /dev/null
+++ b/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java
@@ -0,0 +1,45 @@
+package com.tptj.course.hg.auth.template;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ * HyperlinkTokenSaveHelper
+ * ReportletHyperlink
+ **/
+public abstract class TemplateAuth {
+
+ /**
+ *
+ * @param request 当前的请求
+ * @param templateId 当前要访问的模板路径
+ * @param username 当前已登录的用户名(如果没有登录就是空)
+ * @return 是否授权访问
+ */
+ public abstract boolean auth(HttpServletRequest request,String templateId, String username );
+
+ private String getType() {
+ return this.getClass().getName();
+ }
+
+ private static Map map = new HashMap();
+
+ public static void register( TemplateAuth auth ){
+ map.put(auth.getType(), auth);
+ }
+
+ public static boolean check(HttpServletRequest request,String templateId, String username){
+ Set> entries = map.entrySet();
+ for( Map.Entry entry : entries ){
+ if(entry.getValue().auth(request,templateId,username)){
+ return true;
+ }
+ }
+ return false;
+ }
+}