提交视频配套代码

3 years ago · ffe8dde75e
11 changed files with 469 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,5 @@
 # course-template-auth

-模板权限集成示例代码
+模板权限集成示例代码\
+[专题文档](https://wiki.fanruan.com/pages/viewpage.action?pageId=53127610)\
+代码仅供参考！
--- a/build.gradle
+++ b/build.gradle
@ -0,0 +1,124 @@
+
+apply plugin: 'java'
+
+[compileJava,compileTestJava]*.options*.encoding = 'UTF-8'
+
+ext {
+    /**
+     * 项目中依赖的jar的路径
+     * 1.如果依赖的jar需要打包到zip中,放置在lib根目录下
+     * 2.如果依赖的jar仅仅是编译时需要，防止在lib下子目录下即可
+     */
+    libPath = "$projectDir/../../webroot/WEB-INF/lib"
+
+    /**
+     * 是否对插件的class进行加密保护，防止反编译
+     */
+    guard = false
+
+    def pluginInfo = getPluginInfo()
+    pluginPre = "fine-plugin"
+    pluginName = pluginInfo.id
+    pluginVersion = pluginInfo.version
+
+    outputPath = "$projectDir/../../webroot/WEB-INF/plugins/plugin-" + pluginName + "-1.0/classes"
+}
+
+group = 'com.fr.plugin'
+version = '10.0'
+sourceCompatibility = '8'
+
+sourceSets {
+    main {
+        java.outputDir = file(outputPath)
+        output.resourcesDir = file(outputPath)
+    }
+}
+
+ant.importBuild("encrypt.xml")
+//定义ant变量
+ant.projectDir = projectDir
+ant.references["compile.classpath"] = ant.path {
+    fileset(dir: libPath, includes: '**/*.jar')
+    fileset(dir: ".",includes:"**/*.jar" )
+}
+
+classes.dependsOn('clean')
+
+task copyFiles(type: Copy,dependsOn: 'classes'){
+    from outputPath
+    into "$projectDir/classes"
+}
+
+task preJar(type:Copy,dependsOn: guard ? 'compile_encrypt_javas' : 'compile_plain_javas'){
+    from "$projectDir/classes"
+    into "$projectDir/transform-classes"
+    include "**/*.*"
+}
+jar.dependsOn("preJar")
+
+task makeJar(type: Jar,dependsOn: preJar){
+    from fileTree(dir: "$projectDir/transform-classes")
+    baseName pluginPre
+    appendix pluginName
+    version pluginVersion
+    destinationDir = file("$buildDir/libs")
+
+    doLast(){
+        delete file("$projectDir/classes")
+        delete file("$projectDir/transform-classes")
+    }
+}
+
+task copyFile(type: Copy,dependsOn: ["makeJar"]){
+    from "$buildDir/libs"
+    from("$projectDir/lib") {
+        include "*.jar"
+    }
+    from "$projectDir/plugin.xml"
+    into file("$buildDir/temp/plugin")
+}
+
+task zip(type:Zip,dependsOn:["copyFile"]){
+    from "$buildDir/temp/plugin"
+    destinationDir file("$buildDir/install")
+    baseName pluginPre
+    appendix pluginName
+    version pluginVersion
+}
+
+//控制build时包含哪些文件,排除哪些文件
+processResources {
+//    exclude everything
+//    用*.css没效果
+//    exclude '**/*.css'
+//    except this file
+//    include 'xx.xml'
+}
+
+/*读取plugin.xml中的version*/
+def getPluginInfo(){
+    def xmlFile = file("plugin.xml")
+    if (!xmlFile.exists()) {
+        return ["id":"none", "version":"1.0.0"]
+    }
+    def plugin = new XmlParser().parse(xmlFile)
+    def version = plugin.version[0].text()
+    def id = plugin.id[0].text()
+    return ["id":id,"version":version]
+}
+
+repositories {
+    mavenLocal()
+    maven {
+        url = uri('http://mvn.finedevelop.com/repository/maven-public/')
+    }
+}
+
+dependencies {
+    //使用本地jar
+    implementation  fileTree(dir: 'lib', include: ['**/*.jar'])
+    implementation  fileTree(dir: libPath, include: ['**/*.jar'])
+}
+
+
--- a/encrypt.xml
+++ b/encrypt.xml
@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<project>
+    <target name="compile_encrypt_javas" depends="copyFiles">
+        <echo message="加密文件"/>
+        <echo message="${projectDir}"/>
+        <taskdef name="pretreatment" classname="com.fr.plugin.pack.PluginPretreatmentTask">
+            <classpath refid="compile.classpath"/>
+        </taskdef>
+        <pretreatment baseDir="${projectDir}"/>
+    </target>
+    <target name="compile_plain_javas" depends="copyFiles">
+    </target>
+</project>
--- a/plugin.xml
+++ b/plugin.xml
@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.tptj.course.hg.auth.template.v10</id>
+    <name><![CDATA[ TemplateAuth ]]></name>
+    <active>yes</active>
+    <version>1.0</version>
+    <env-version>10.0</env-version>
+    <vendor>tptj</vendor>
+    <jartime>2019-07-18</jartime>
+    <description><![CDATA[  ]]></description>
+    <change-notes><![CDATA[]]></change-notes>
+	<main-package>com.tptj.course.hg.auth.template</main-package>
+    <function-recorder class="com.tptj.course.hg.auth.template.Demo"/>
+    <extra-decision>
+        <!--    初始化权限    -->
+<!--        <GlobalRequestFilterProvider class="com.tptj.course.hg.auth.template.InitFilter"/>-->
+    </extra-decision>
+    <!--    初始化权限    -->
+    <lifecycle-monitor class="com.tptj.course.hg.login.expand.demo.LifeCycle"/>
+</plugin>
--- a/src/main/java/com/tptj/course/hg/auth/template/Demo.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/Demo.java
@ -0,0 +1,27 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.intelli.record.Focus;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+@EnableMetrics
+public class Demo extends TemplateAuth{
+
+    @Override
+    @Focus(id="com.tptj.course.hg.auth.template.v10",text = "TemplateAuth")
+    public boolean auth(HttpServletRequest request, String templateId, String username) {
+        String code = WebUtils.getHTTPRequestParameter(request,"code");
+        if("123456".equals(code)){
+            return true;
+        }
+        return false;
+    }
+
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/InitFilter.java
@ -0,0 +1,43 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class InitFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "InitFilter";
+    }
+
+    @Override
+    public void init(FilterConfig config) {
+        //因为生命周期接口执行时，产品本身的认证方式还没有初始化，所以改到filter初始化的时候再进行代理
+        SpTemplateAuthType.proxy();
+        TemplateAuth.register(new Demo());
+    }
+
+    @Override
+    public void destroy() {
+        SpTemplateAuthType.unProxy();
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/xx"};
+    }
+    @Override
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
+        try{
+            chain.doFilter(req, res);
+        }catch(Exception e){}
+    }
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/LifeCycle.java
@ -0,0 +1,22 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class LifeCycle extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun( PluginContext context ) {
+        SpTemplateAuthType.proxy();
+        TemplateAuth.register(new Demo());
+    }
+
+    @Override
+    public void beforeStop( PluginContext context ) {
+        SpTemplateAuthType.unProxy();
+    }
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/MethodInterceptorImpl.java
@ -0,0 +1,38 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus;
+import com.fr.invoke.Reflect;
+import com.fr.third.net.sf.cglib.proxy.MethodInterceptor;
+import com.fr.third.net.sf.cglib.proxy.MethodProxy;
+import java.lang.reflect.Method;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class MethodInterceptorImpl implements MethodInterceptor {
+
+    private Object source;
+
+    public MethodInterceptorImpl(Object source){
+        this.source = source;
+    }
+
+    @Override
+    public Object intercept( Object o, Method method, Object[] params, MethodProxy proxy ) throws Throwable {
+        if( method.getName().equals("templateAuth") ){
+            boolean rt = Reflect.on(SpTemplateAuthType.class).call("templateAuth",params).get();
+            if( rt ){
+                return ((TempAuthValidatorStatus)params[0]).directAccessTemp(true).needAuthorityCheck(false);
+            }
+        }else if( method.getName().equals("hyperlinkTokenValid") ){
+            boolean rt = Reflect.on(SpTemplateAuthType.class).call("hyperlinkTokenValid",params).get();
+            if( rt ){
+                return true;
+            }
+        }
+        return method.invoke(source,params);
+    }
+
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/SpTemplateAuthType.java
@ -0,0 +1,96 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.webservice.impl.template.TemplateAuthType;
+import com.fr.decision.webservice.interceptor.handler.HyperlinkValidAttr;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.template.TempAuthValidatorStatus;
+import com.fr.invoke.Reflect;
+import com.fr.stable.StringUtils;
+import com.fr.state.SateVariableManager;
+import com.fr.third.net.sf.cglib.proxy.Enhancer;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.Set;
+
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class SpTemplateAuthType{
+
+    private static Enhancer enhancer = new Enhancer();
+
+    private static TemplateAuthType proxy( TemplateAuthType source ){
+        String key = SpTemplateAuthType.class.getName()+source.toInteger();
+        TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key );
+        if( null == data ){
+            data = source;
+        }
+        enhancer.setSuperclass( source.getClass() );
+        enhancer.setCallback( new MethodInterceptorImpl(data) );
+        return (TemplateAuthType)enhancer.create();
+    }
+
+    private static TemplateAuthType unProxy( TemplateAuthType source ){
+        String key = SpTemplateAuthType.class.getName()+source.toInteger();
+        TemplateAuthType data = (TemplateAuthType) SateVariableManager.get( key );
+        SateVariableManager.remove(key);
+        return null != data ? data : source;
+    }
+
+    public static void proxy(){
+        Map<Integer, TemplateAuthType> typeMap = Reflect.on(TemplateAuthType.class).get("typeMap");
+        Set<Map.Entry<Integer, TemplateAuthType>> entries = typeMap.entrySet();
+        for( Map.Entry<Integer, TemplateAuthType> entry : entries ){
+            TemplateAuthType type = proxy( entry.getValue() );
+            entry.setValue(type);
+        }
+    }
+
+    public static void unProxy(){
+        Map<Integer, TemplateAuthType> typeMap = Reflect.on(TemplateAuthType.class).get("typeMap");
+        Set<Map.Entry<Integer, TemplateAuthType>> entries = typeMap.entrySet();
+        for( Map.Entry<Integer, TemplateAuthType> entry : entries ){
+            TemplateAuthType type = unProxy( entry.getValue() );
+            entry.setValue(type);
+        }
+    }
+
+    private static String getUsername( HttpServletRequest request ){
+        try{
+            return LoginService.getInstance().loginStatusValid(request, TokenResource.COOKIE).getUsername();
+        }catch(Exception e){
+
+        }
+        return StringUtils.EMPTY;
+    }
+
+    public static boolean templateAuth(TempAuthValidatorStatus status,
+                                        HttpServletRequest request, String templateId) throws Exception{
+        String username = getUsername(request);
+        boolean rt = TemplateAuth.check(request,templateId,username);
+        if(rt){
+            //设置超链接获得权限
+            String key = StateHubUtils.initAuthKey(templateId);
+            request.setAttribute(DecisionServiceConstants.FINE_DIGITAL_SIGNATURE,key);
+        }
+        return rt;
+    }
+
+    /**
+     * 检查超链接权限
+     * @param attr
+     * @return
+     * @throws Exception
+     */
+    public static boolean hyperlinkTokenValid(HyperlinkValidAttr attr) throws Exception{
+        String mainTempId = attr.getHyperlinkMainTempId();
+        String signature = attr.getHyperlinkDigitalSignature();
+        return StateHubUtils.authKey(mainTempId,signature);
+    }
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/StateHubUtils.java
@ -0,0 +1,39 @@
+package com.tptj.course.hg.auth.template;
+
+import com.fr.decision.base.util.UUIDUtil;
+import com.fr.decision.config.FSConfig;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.store.StateHubManager;
+import com.fr.store.StateHubService;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ **/
+public class StateHubUtils {
+    private static StateHubService getTemplateAuthService(){
+        return StateHubManager.applyForService("TemplateAuthKey");
+    }
+    public static String initAuthKey( String templateId ){
+        int timeout = (int) FSConfig.getInstance().getLoginConfig().getLoginTimeout();
+        String key = UUIDUtil.generate()+System.currentTimeMillis();
+        try{
+            getTemplateAuthService().put( key, templateId,timeout );
+            return key;
+        }catch(Exception e){
+            FineLoggerFactory.getLogger().error(e.getMessage(),e);
+        }
+        return StringUtils.EMPTY;
+    }
+
+    public static boolean authKey( String templateId, String key ){
+        try{
+            return templateId.equals( getTemplateAuthService().get(key) );
+        }catch(Exception e){
+            FineLoggerFactory.getLogger().error(e.getMessage(),e);
+        }
+        return false;
+    }
+}
--- a/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java
+++ b/src/main/java/com/tptj/course/hg/auth/template/TemplateAuth.java
@ -0,0 +1,45 @@
+package com.tptj.course.hg.auth.template;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * @author 秃破天际
+ * @version 10.0
+ * Created by 秃破天际 on 2021/6/23
+ * HyperlinkTokenSaveHelper
+ * ReportletHyperlink
+ **/
+public abstract class TemplateAuth {
+
+    /**
+     *
+     * @param request 当前的请求
+     * @param templateId 当前要访问的模板路径
+     * @param username 当前已登录的用户名（如果没有登录就是空）
+     * @return 是否授权访问
+     */
+    public abstract boolean auth(HttpServletRequest request,String templateId, String username );
+
+    private String getType() {
+        return this.getClass().getName();
+    }
+
+    private static Map<String,TemplateAuth> map = new HashMap<String,TemplateAuth>();
+
+    public static void register( TemplateAuth auth ){
+        map.put(auth.getType(), auth);
+    }
+
+    public static boolean check(HttpServletRequest request,String templateId, String username){
+        Set<Map.Entry<String, TemplateAuth>> entries = map.entrySet();
+        for( Map.Entry<String, TemplateAuth> entry : entries ){
+            if(entry.getValue().auth(request,templateId,username)){
+                return true;
+            }
+        }
+        return false;
+    }
+}