From ffe8dde75e5c82d1cb4227463fcdf21547f508e5 Mon Sep 17 00:00:00 2001 From: "LAPTOP-SB56SG4Q\\86185" Date: Fri, 25 Jun 2021 17:15:14 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8F=90=E4=BA=A4=E8=A7=86=E9=A2=91=E9=85=8D?= =?UTF-8?q?=E5=A5=97=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 4 +- build.gradle | 124 ++++++++++++++++++ encrypt.xml | 13 ++ plugin.xml | 19 +++ .../tptj/course/hg/auth/template/Demo.java | 27 ++++ .../course/hg/auth/template/InitFilter.java | 43 ++++++ .../course/hg/auth/template/LifeCycle.java | 22 ++++ .../auth/template/MethodInterceptorImpl.java | 38 ++++++ .../hg/auth/template/SpTemplateAuthType.java | 96 ++++++++++++++ .../hg/auth/template/StateHubUtils.java | 39 ++++++ .../course/hg/auth/template/TemplateAuth.java | 45 +++++++ 11 files changed, 469 insertions(+), 1 deletion(-) create mode 100644 build.gradle create mode 100644 encrypt.xml create mode 100644 plugin.xml create mode 100644 src/main/java/com/tptj/course/hg/auth/template/Demo.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/InitFilter.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java create mode 100644 src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java diff --git a/README.md b/README.md index a2f218a..af6fd93 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ # course-template-auth -模板权限集成示例代码 \ No newline at end of file +模板权限集成示例代码\ +[专题文档](https://wiki.fanruan.com/pages/viewpage.action?pageId=53127610)\ +代码仅供参考! \ No newline at end of file diff --git a/build.gradle b/build.gradle new file mode 100644 index 0000000..5231b5d --- /dev/null +++ b/build.gradle @@ -0,0 +1,124 @@ + +apply plugin: 'java' + +[compileJava,compileTestJava]*.options*.encoding = 'UTF-8' + +ext { + /** + * 项目中依赖的jar的路径 + * 1.如果依赖的jar需要打包到zip中,放置在lib根目录下 + * 2.如果依赖的jar仅仅是编译时需要,防止在lib下子目录下即可 + */ + libPath = "$projectDir/../../webroot/WEB-INF/lib" + + /** + * 是否对插件的class进行加密保护,防止反编译 + */ + guard = false + + def pluginInfo = getPluginInfo() + pluginPre = "fine-plugin" + pluginName = pluginInfo.id + pluginVersion = pluginInfo.version + + outputPath = "$projectDir/../../webroot/WEB-INF/plugins/plugin-" + pluginName + "-1.0/classes" +} + +group = 'com.fr.plugin' +version = '10.0' +sourceCompatibility = '8' + +sourceSets { + main { + java.outputDir = file(outputPath) + output.resourcesDir = file(outputPath) + } +} + +ant.importBuild("encrypt.xml") +//定义ant变量 +ant.projectDir = projectDir +ant.references["compile.classpath"] = ant.path { + fileset(dir: libPath, includes: '**/*.jar') + fileset(dir: ".",includes:"**/*.jar" ) +} + +classes.dependsOn('clean') + +task copyFiles(type: Copy,dependsOn: 'classes'){ + from outputPath + into "$projectDir/classes" +} + +task preJar(type:Copy,dependsOn: guard ? 'compile_encrypt_javas' : 'compile_plain_javas'){ + from "$projectDir/classes" + into "$projectDir/transform-classes" + include "**/*.*" +} +jar.dependsOn("preJar") + +task makeJar(type: Jar,dependsOn: preJar){ + from fileTree(dir: "$projectDir/transform-classes") + baseName pluginPre + appendix pluginName + version pluginVersion + destinationDir = file("$buildDir/libs") + + doLast(){ + delete file("$projectDir/classes") + delete file("$projectDir/transform-classes") + } +} + +task copyFile(type: Copy,dependsOn: ["makeJar"]){ + from "$buildDir/libs" + from("$projectDir/lib") { + include "*.jar" + } + from "$projectDir/plugin.xml" + into file("$buildDir/temp/plugin") +} + +task zip(type:Zip,dependsOn:["copyFile"]){ + from "$buildDir/temp/plugin" + destinationDir file("$buildDir/install") + baseName pluginPre + appendix pluginName + version pluginVersion +} + +//控制build时包含哪些文件,排除哪些文件 +processResources { +// exclude everything +// 用*.css没效果 +// exclude '**/*.css' +// except this file +// include 'xx.xml' +} + +/*读取plugin.xml中的version*/ +def getPluginInfo(){ + def xmlFile = file("plugin.xml") + if (!xmlFile.exists()) { + return ["id":"none", "version":"1.0.0"] + } + def plugin = new XmlParser().parse(xmlFile) + def version = plugin.version[0].text() + def id = plugin.id[0].text() + return ["id":id,"version":version] +} + +repositories { + mavenLocal() + maven { + url = uri('http://mvn.finedevelop.com/repository/maven-public/') + } +} + +dependencies { + //使用本地jar + implementation fileTree(dir: 'lib', include: ['**/*.jar']) + implementation fileTree(dir: libPath, include: ['**/*.jar']) +} + + diff --git a/encrypt.xml b/encrypt.xml new file mode 100644 index 0000000..1401cd1 --- /dev/null +++ b/encrypt.xml @@ -0,0 +1,13 @@ + + + + + + + + + + + + + \ No newline at end of file diff --git a/plugin.xml b/plugin.xml new file mode 100644 index 0000000..a844486 --- /dev/null +++ b/plugin.xml @@ -0,0 +1,19 @@ + + com.tptj.course.hg.auth.template.v10 + + yes + 1.0 + 10.0 + tptj + 2019-07-18 + + + com.tptj.course.hg.auth.template + + + + + + + + \ No newline at end of file diff --git a/src/main/java/com/tptj/course/hg/auth/template/Demo.java b/src/main/java/com/tptj/course/hg/auth/template/Demo.java new file mode 100644 index 0000000..b785332 --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/Demo.java @@ -0,0 +1,27 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.intelli.record.Focus; +import com.fr.record.analyzer.EnableMetrics; +import com.fr.web.utils.WebUtils; + +import javax.servlet.http.HttpServletRequest; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +@EnableMetrics +public class Demo extends TemplateAuth{ + + @Override + @Focus(id="com.tptj.course.hg.auth.template.v10",text = "TemplateAuth") + public boolean auth(HttpServletRequest request, String templateId, String username) { + String code = WebUtils.getHTTPRequestParameter(request,"code"); + if("123456".equals(code)){ + return true; + } + return false; + } + +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java b/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java new file mode 100644 index 0000000..76c171f --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java @@ -0,0 +1,43 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +public class InitFilter extends AbstractGlobalRequestFilterProvider { + @Override + public String filterName() { + return "InitFilter"; + } + + @Override + public void init(FilterConfig config) { + //因为生命周期接口执行时,产品本身的认证方式还没有初始化,所以改到filter初始化的时候再进行代理 + SpTemplateAuthType.proxy(); + TemplateAuth.register(new Demo()); + } + + @Override + public void destroy() { + SpTemplateAuthType.unProxy(); + } + + @Override + public String[] urlPatterns() { + return new String[]{"/xx"}; + } + @Override + public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) { + try{ + chain.doFilter(req, res); + }catch(Exception e){} + } +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java b/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java new file mode 100644 index 0000000..25e9d11 --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java @@ -0,0 +1,22 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.plugin.context.PluginContext; +import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +public class LifeCycle extends AbstractPluginLifecycleMonitor { + @Override + public void afterRun( PluginContext context ) { + SpTemplateAuthType.proxy(); + TemplateAuth.register(new Demo()); + } + + @Override + public void beforeStop( PluginContext context ) { + SpTemplateAuthType.unProxy(); + } +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java b/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java new file mode 100644 index 0000000..cd5f30b --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java @@ -0,0 +1,38 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus; +import com.fr.invoke.Reflect; +import com.fr.third.net.sf.cglib.proxy.MethodInterceptor; +import com.fr.third.net.sf.cglib.proxy.MethodProxy; +import java.lang.reflect.Method; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +public class MethodInterceptorImpl implements MethodInterceptor { + + private Object source; + + public MethodInterceptorImpl(Object source){ + this.source = source; + } + + @Override + public Object intercept( Object o, Method method, Object[] params, MethodProxy proxy ) throws Throwable { + if( method.getName().equals("templateAuth") ){ + boolean rt = Reflect.on(SpTemplateAuthType.class).call("templateAuth",params).get(); + if( rt ){ + return ((TempAuthValidatorStatus)params[0]).directAccessTemp(true).needAuthorityCheck(false); + } + }else if( method.getName().equals("hyperlinkTokenValid") ){ + boolean rt = Reflect.on(SpTemplateAuthType.class).call("hyperlinkTokenValid",params).get(); + if( rt ){ + return true; + } + } + return method.invoke(source,params); + } + +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java b/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java new file mode 100644 index 0000000..47894e1 --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java @@ -0,0 +1,96 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.decision.webservice.impl.template.TemplateAuthType; +import com.fr.decision.webservice.interceptor.handler.HyperlinkValidAttr; +import com.fr.decision.webservice.utils.DecisionServiceConstants; +import com.fr.decision.webservice.v10.login.LoginService; +import com.fr.decision.webservice.v10.login.TokenResource; +import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus; +import com.fr.invoke.Reflect; +import com.fr.stable.StringUtils; +import com.fr.state.SateVariableManager; +import com.fr.third.net.sf.cglib.proxy.Enhancer; + +import javax.servlet.http.HttpServletRequest; +import java.util.Map; +import java.util.Set; + + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +public class SpTemplateAuthType{ + + private static Enhancer enhancer = new Enhancer(); + + private static TemplateAuthType proxy( TemplateAuthType source ){ + String key = SpTemplateAuthType.class.getName()+source.toInteger(); + TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key ); + if( null == data ){ + data = source; + } + enhancer.setSuperclass( source.getClass() ); + enhancer.setCallback( new MethodInterceptorImpl(data) ); + return (TemplateAuthType)enhancer.create(); + } + + private static TemplateAuthType unProxy( TemplateAuthType source ){ + String key = SpTemplateAuthType.class.getName()+source.toInteger(); + TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key ); + SateVariableManager.remove(key); + return null != data ? data : source; + } + + public static void proxy(){ + Map typeMap = Reflect.on(TemplateAuthType.class).get("typeMap"); + Set> entries = typeMap.entrySet(); + for( Map.Entry entry : entries ){ + TemplateAuthType type = proxy( entry.getValue() ); + entry.setValue(type); + } + } + + public static void unProxy(){ + Map typeMap = Reflect.on(TemplateAuthType.class).get("typeMap"); + Set> entries = typeMap.entrySet(); + for( Map.Entry entry : entries ){ + TemplateAuthType type = unProxy( entry.getValue() ); + entry.setValue(type); + } + } + + private static String getUsername( HttpServletRequest request ){ + try{ + return LoginService.getInstance().loginStatusValid(request, TokenResource.COOKIE).getUsername(); + }catch(Exception e){ + + } + return StringUtils.EMPTY; + } + + public static boolean templateAuth(TempAuthValidatorStatus status, + HttpServletRequest request, String templateId) throws Exception{ + String username = getUsername(request); + boolean rt = TemplateAuth.check(request,templateId,username); + if(rt){ + //设置超链接获得权限 + String key = StateHubUtils.initAuthKey(templateId); + request.setAttribute(DecisionServiceConstants.FINE_DIGITAL_SIGNATURE,key); + } + return rt; + } + + /** + * 检查超链接权限 + * @param attr + * @return + * @throws Exception + */ + public static boolean hyperlinkTokenValid(HyperlinkValidAttr attr) throws Exception{ + String mainTempId = attr.getHyperlinkMainTempId(); + String signature = attr.getHyperlinkDigitalSignature(); + return StateHubUtils.authKey(mainTempId,signature); + } +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java b/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java new file mode 100644 index 0000000..a5779b1 --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java @@ -0,0 +1,39 @@ +package com.tptj.course.hg.auth.template; + +import com.fr.decision.base.util.UUIDUtil; +import com.fr.decision.config.FSConfig; +import com.fr.log.FineLoggerFactory; +import com.fr.stable.StringUtils; +import com.fr.store.StateHubManager; +import com.fr.store.StateHubService; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + **/ +public class StateHubUtils { + private static StateHubService getTemplateAuthService(){ + return StateHubManager.applyForService("TemplateAuthKey"); + } + public static String initAuthKey( String templateId ){ + int timeout = (int) FSConfig.getInstance().getLoginConfig().getLoginTimeout(); + String key = UUIDUtil.generate()+System.currentTimeMillis(); + try{ + getTemplateAuthService().put( key, templateId,timeout ); + return key; + }catch(Exception e){ + FineLoggerFactory.getLogger().error(e.getMessage(),e); + } + return StringUtils.EMPTY; + } + + public static boolean authKey( String templateId, String key ){ + try{ + return templateId.equals( getTemplateAuthService().get(key) ); + }catch(Exception e){ + FineLoggerFactory.getLogger().error(e.getMessage(),e); + } + return false; + } +} diff --git a/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java b/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java new file mode 100644 index 0000000..56c3ef1 --- /dev/null +++ b/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java @@ -0,0 +1,45 @@ +package com.tptj.course.hg.auth.template; + +import javax.servlet.http.HttpServletRequest; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; + +/** + * @author 秃破天际 + * @version 10.0 + * Created by 秃破天际 on 2021/6/23 + * HyperlinkTokenSaveHelper + * ReportletHyperlink + **/ +public abstract class TemplateAuth { + + /** + * + * @param request 当前的请求 + * @param templateId 当前要访问的模板路径 + * @param username 当前已登录的用户名(如果没有登录就是空) + * @return 是否授权访问 + */ + public abstract boolean auth(HttpServletRequest request,String templateId, String username ); + + private String getType() { + return this.getClass().getName(); + } + + private static Map map = new HashMap(); + + public static void register( TemplateAuth auth ){ + map.put(auth.getType(), auth); + } + + public static boolean check(HttpServletRequest request,String templateId, String username){ + Set> entries = map.entrySet(); + for( Map.Entry entry : entries ){ + if(entry.getValue().auth(request,templateId,username)){ + return true; + } + } + return false; + } +}