diff --git a/JSD-7472-需求确认书.docx b/JSD-7472-需求确认书.docx
new file mode 100644
index 0000000..b2ecaf9
Binary files /dev/null and b/JSD-7472-需求确认书.docx differ
diff --git a/README.md b/README.md
index ec0a611..a8bf76d 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,6 @@
# open-JSD-7472
-JSD-7472 jwt单点
\ No newline at end of file
+JSD-7472 jwt单点\
+免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
+仅作为开发者学习参考使用!禁止用于任何商业用途!\
+为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。
\ No newline at end of file
diff --git a/plugin.xml b/plugin.xml
new file mode 100644
index 0000000..e7c0705
--- /dev/null
+++ b/plugin.xml
@@ -0,0 +1,18 @@
+
+ com.fr.plugin.sso
+
+ yes
+ 1.0.7
+ 10.0
+ 2018-07-31
+ fr.open
+
+
+ com.fr.plugin.sso
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/main/java/com/fr/plugin/sso/filter/SSOFilter2.java b/src/main/java/com/fr/plugin/sso/filter/SSOFilter2.java
new file mode 100644
index 0000000..5cf8c49
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/filter/SSOFilter2.java
@@ -0,0 +1,76 @@
+package com.fr.plugin.sso.filter;
+
+import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
+import com.fr.plugin.sso.utils.FRUtils;
+import com.fr.plugin.sso.utils.ResponseUtils;
+import com.fr.plugin.sso.utils.Utils;
+import com.fr.plugin.transform.FunctionRecorder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.security.Key;
+
+@FunctionRecorder
+public class SSOFilter2 extends AbstractEmbedRequestFilterProvider {
+
+ @Override
+ public void filter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
+ String url = FRUtils.getAllUrl(httpServletRequest);
+
+ if(!url.contains("viewlet")){
+ return ;
+ }
+
+ String reft = httpServletRequest.getParameter("ref_t");
+
+ //如果是远程设计则放行
+ if(url.contains("remote") || (Utils.isNotNullStr(reft)&&reft.equals("design"))){
+ return;
+ }
+
+ //没有登录参数则放行
+ String token = httpServletRequest.getParameter("token");
+ //登录名
+ String username = httpServletRequest.getParameter("username");
+
+ FRUtils.FRLogInfo("token:"+token+";username:"+username);
+
+ if(Utils.isNullStr(token) && Utils.isNullStr(username)){
+ ResponseUtils.failedResponse(httpServletResponse,"您没有报表访问权限,请联系管理员!");
+ return;
+ }
+
+ Key otherKey = Keys.hmacShaKeyFor(
+ Decoders.BASE64.decode("xxxx")
+ );
+
+ try {
+ io.jsonwebtoken.Jws aa = Jwts.parserBuilder().setSigningKey(otherKey).build().parseClaimsJws(token);
+ //未登录,用用户名登录
+ //已登录,退出重新登录
+ //相同用户名,跳过
+ boolean isLogin = FRUtils.isLogin(httpServletRequest);
+
+ if(isLogin){
+ String currentUser = FRUtils.getCurrentUserName(httpServletRequest);
+
+ if(currentUser.equals(username)){
+ return;
+ }
+
+ FRUtils.logout(httpServletRequest,httpServletResponse);
+ }
+
+ FRUtils.login(httpServletRequest,httpServletResponse,username,"");
+
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("token校验失败:"+e.getMessage());
+ ResponseUtils.failedResponse(httpServletResponse,"token校验失败");
+ return ;
+ }
+
+
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/fr/plugin/sso/test/Test.java b/src/main/java/com/fr/plugin/sso/test/Test.java
new file mode 100644
index 0000000..57113dd
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/test/Test.java
@@ -0,0 +1,22 @@
+package com.fr.plugin.sso.test;
+
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.io.Decoders;
+import io.jsonwebtoken.security.Keys;
+
+import java.security.Key;
+
+public class Test {
+ public static void main(String[] args) {
+ Key otherKey = Keys.hmacShaKeyFor(
+ Decoders.BASE64.decode("NjNhZGRhYWE3OTQ5NjM2ZmNiMGFjNTI2NzY5YzAyNWNjNzI4YjgwZjI4ZTk2MmMxM2E2MzM0NGUzOGIxZDI3M2Y2NGZhODg5NTQ5YjIxMTgyZjQ1OWQ5MTRjZTZlNDVmYjg0ZmM1YmNlMDQ3MmNmOGNkZmUwNTIzYTVmZDMyNzE")
+ );
+
+ try {
+ io.jsonwebtoken.Jws aa = Jwts.parserBuilder().setSigningKey(otherKey).build().parseClaimsJws("eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ2LWludGx6aGFiaW5sb25nIiwiYXV0aCI6IlJPTEVfQURNSU4sUk9MRV9GSUxJTkcsUk9MRV9VU0VSIiwiZXhwIjoxNjE5NTE1ODUyfQ.DG5Vyyl6FLLqb9DGJCwSfBkCvkeLJfhnZKynMaMJukSoPsf4E85LZOsSMfIM4n3fVmZOSX72NWSAE7zh29RRRg");
+ System.out.println(aa);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+}
diff --git a/src/main/java/com/fr/plugin/sso/utils/FRUserUtils.java b/src/main/java/com/fr/plugin/sso/utils/FRUserUtils.java
new file mode 100644
index 0000000..58499dc
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/utils/FRUserUtils.java
@@ -0,0 +1,105 @@
+package com.fr.plugin.sso.utils;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.bean.user.UserBean;
+import com.fr.decision.webservice.bean.user.UserUpdateBean;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class FRUserUtils {
+
+ /**
+ * 获取用户Service
+ * @return
+ */
+ public static UserService getUserService(){
+ return UserService.getInstance();
+ }
+
+ /**
+ * 添加用户
+ * @param userBean
+ */
+ public static void addUser(UserBean userBean){
+ try {
+ getUserService().addUser(userBean);
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("addUser:exception:"+e.getMessage());
+ }
+ }
+
+ /**
+ * 删除用户
+ * @param userBean
+ */
+ public static void updateUser(UserBean userBean){
+ try {
+ getUserService().editUser(userBean);
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("updateUser:exception:"+e.getMessage());
+ }
+ }
+
+ /**
+ * 删除用户
+ * @param user
+ * @return
+ */
+ public static int deleteUser(User user){
+ String userId = user.getId();
+
+ UserUpdateBean userUpdateBean = new UserUpdateBean();
+ userUpdateBean.setRemoveUserIds(new String[]{userId});
+
+ try {
+ return getUserService().deleteUsers(userUpdateBean);
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("deleteUser:exception:"+e.getMessage());
+ }
+
+ return 0;
+ }
+
+ /**
+ * 根据用户名获取用户实体
+ * @param userName
+ * @return
+ */
+ public static User getUserByUserName(String userName){
+ try {
+ return getUserService().getUserByUserName(userName);
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("获取用户信息异常:"+e.getMessage());
+ }
+
+ return null;
+ }
+
+ /**
+ * 判断是否是管理员
+ * @param userId
+ * @return
+ */
+ public static boolean isAdmin(String userId){
+ return UserService.getInstance().isAdmin(userId);
+ }
+
+ /**
+ * 验证密码是否正确
+ * @param psd 明文密码
+ * @param user 根据用户名获取得用户对象
+ * @return
+ */
+// public static boolean checkPsd(String psd,User user){
+// String shaPsd = CipherUtils.jdksha256(psd);
+//
+// return shaPsd.equals(user.getPassword());
+// }
+
+ public static void getCurrentUser(HttpServletRequest httpServletRequest){
+// LoginService.getInstance().getCurrentUserNameFromRequest(user)
+// UserService.getInstance().getC
+ }
+}
diff --git a/src/main/java/com/fr/plugin/sso/utils/FRUtils.java b/src/main/java/com/fr/plugin/sso/utils/FRUtils.java
new file mode 100644
index 0000000..d5ad363
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/utils/FRUtils.java
@@ -0,0 +1,154 @@
+package com.fr.plugin.sso.utils;
+
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.event.LogInOutEvent;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.event.EventDispatcher;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.List;
+
+public class FRUtils {
+ /**
+ * 判断用户是否存在
+ * @param userName
+ * @return
+ */
+ public static boolean isUserExist(String userName){
+ if (StringUtils.isEmpty(userName)) {
+ return false;
+ } else {
+ try {
+ List var1 = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName)));
+ return var1 != null && !var1.isEmpty();
+ } catch (Exception var2) {
+ FineLoggerFactory.getLogger().error(var2.getMessage());
+ return false;
+ }
+ }
+ }
+
+ /**
+ * 判断是否登录FR
+ * @param req
+ * @return
+ */
+ public static boolean isLogin(HttpServletRequest req){
+ return LoginService.getInstance().isLogged(req);
+ }
+
+ /**
+ * 帆软登录
+ * @param httpServletRequest
+ * @param httpServletResponse
+ * @param userName
+ * @param url
+ */
+ public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){
+
+ FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName);
+ FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+ //判断用户名是否为空
+ if(!Utils.isNullStr(userName)){
+ if(isUserExist(userName)){
+ String FRToken = "";
+
+ try {
+ HttpSession session = httpServletRequest.getSession(true);
+
+ FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName);
+
+ httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
+
+ session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
+ EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true));
+ FineLoggerFactory.getLogger().info("FRLOG:登陆成功!");
+
+ if(!Utils.isNullStr(url)){
+ httpServletResponse.sendRedirect(url);
+ }
+ } catch (Exception e) {
+ ResponseUtils.failedResponse(httpServletResponse,"登录异常,请联系管理员!");
+ FineLoggerFactory.getLogger().info("FRLOG:登录异常,请联系管理员!");
+ FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+ }
+ }else{
+ ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!");
+ FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!");
+ }
+ }else{
+ ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!");
+ FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!");
+ }
+ }
+
+ /**
+ *
+ * @param httpServletRequest
+ * @param httpServletResponse
+ */
+ public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse) throws Exception {
+// HttpSession session = httpServletRequest.getSession(true);
+ LoginService.getInstance().logout(httpServletRequest,httpServletResponse);
+ LoginService.getInstance().crossDomainLogout(httpServletRequest,httpServletResponse,"");
+// session.invalidate();
+ }
+
+ /**
+ * 打印FR日志
+ * @param message
+ */
+ public static void FRLogInfo(String message){
+ FineLoggerFactory.getLogger().info("FRLOG:"+message);
+ }
+
+ /**
+ * 根据用户名获取用户信息
+ * @param userName
+ * @return
+ */
+ public static User getFRUserByUserName(String userName){
+ try {
+ return UserService.getInstance().getUserByUserName(userName);
+ } catch (Exception e) {
+ FRLogInfo("获取用户信息异常:"+e.getMessage());
+ }
+
+ return null;
+ }
+
+ /**
+ * 解密FR密码
+ * @param password
+ * @return
+ */
+// public static String decryptFRPsd(String password){
+// FRLogInfo("解密密码:"+password);
+// return TransmissionTool.decrypt(password);
+// }
+
+ /**
+ * 获取带参数的访问链接
+ * @return
+ */
+ public static String getAllUrl(HttpServletRequest httpServletRequest){
+ return WebUtils.getOriginalURL(httpServletRequest);
+ }
+
+ public static String getCurrentUserName(HttpServletRequest httpServletRequest){
+ return LoginService.getInstance().getCurrentUserNameFromRequest(httpServletRequest);
+ }
+}
diff --git a/src/main/java/com/fr/plugin/sso/utils/ResponseUtils.java b/src/main/java/com/fr/plugin/sso/utils/ResponseUtils.java
new file mode 100644
index 0000000..2e4b2b8
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/utils/ResponseUtils.java
@@ -0,0 +1,82 @@
+package com.fr.plugin.sso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class ResponseUtils {
+ private static final int SUCCESS = 200;
+ private static final int FAILED = -1;
+
+ public static void successResponse(HttpServletResponse res, String body) {
+ response(res, body, SUCCESS);
+ }
+
+ public static void failedResponse(HttpServletResponse res, String body) {
+ response(res, body, FAILED);
+ }
+
+ private static void response(HttpServletResponse res, String body, int code) {
+ JSONObject object = new JSONObject();
+ PrintWriter pw;
+ try {
+ object.put("code", code);
+ object.put("data", body);
+ pw = WebUtils.createPrintWriter(res);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().info(e.getMessage());
+ return;
+ }
+// res.setContentType("application/json;charset=utf-8");
+ res.setContentType("text/html;charset=utf-8");
+ String result = object.toString();
+ pw.println(result);
+ pw.flush();
+ pw.close();
+ }
+
+ public static void response(HttpServletResponse res,JSONObject json){
+ PrintWriter pw;
+ try {
+ pw = WebUtils.createPrintWriter(res);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().info(e.getMessage());
+ return;
+ }
+// res.setContentType("application/json;charset=utf-8");
+ res.setContentType("text/html;charset=utf-8");
+ String result = json.toString();
+ pw.println(result);
+ pw.flush();
+ pw.close();
+ }
+
+ public static void setCSRFHeader(HttpServletResponse httpServletResponse){
+ httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+ httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH");
+ httpServletResponse.setHeader("Access-Control-Max-Age", "36000");
+ httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization");
+ }
+
+ public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){
+ PrintWriter pw;
+ try {
+ pw = WebUtils.createPrintWriter(res);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().info(e.getMessage());
+ return;
+ }
+ res.setContentType("text/javascript;charset=utf-8;charset=utf-8");
+ String result = json.toString();
+
+ String jsonp=req.getParameter("callback");
+
+ pw.println(jsonp+"("+result+")");
+ pw.flush();
+ pw.close();
+ }
+}
diff --git a/src/main/java/com/fr/plugin/sso/utils/Utils.java b/src/main/java/com/fr/plugin/sso/utils/Utils.java
new file mode 100644
index 0000000..68471ba
--- /dev/null
+++ b/src/main/java/com/fr/plugin/sso/utils/Utils.java
@@ -0,0 +1,92 @@
+package com.fr.plugin.sso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.CodeUtils;
+import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.security.MessageDigest;
+import java.util.UUID;
+
+public class Utils {
+
+ /**
+ * 判断字符串是否为空
+ * @param str
+ * @return true 空字符串 false 非空字符串
+ */
+ public static boolean isNullStr(String str){
+ return !(str != null && !str.isEmpty() && !"null".equals(str));
+ }
+
+ /**
+ * 判断字符串是否非空
+ * @param str
+ * @return
+ */
+ public static boolean isNotNullStr(String str){
+ return !isNullStr(str);
+ }
+
+ /**
+ * MD5加密
+ * @param str
+ * @return
+ */
+ public static String getMd5Str(String str)
+ {
+ return DigestUtils.md5Hex(str);
+ }
+
+
+ /**
+ * 获取完整的访问路径
+ */
+ public static String getAllUrl(HttpServletRequest req, String queryStr){
+ String url = req.getRequestURL().toString();
+
+ if(isNullStr(queryStr)){
+ return url;
+ }
+
+ return url+"?"+queryStr;
+ }
+
+ /**
+ * 帆软shaEncode加密
+ */
+
+ public static String shaEncode(String str){
+ return CodeUtils.sha256Encode(str);
+ }
+
+ /**
+ * 获取uuid
+ */
+ public static String uuid(){
+ return UUID.randomUUID().toString();
+ }
+
+ public static JSONObject getRequestBody(HttpServletRequest req){
+ StringBuffer sb = new StringBuffer();
+ String line = null;
+ try {
+ BufferedReader reader = req.getReader();
+ while ((line = reader.readLine()) != null)
+ sb.append(line);
+ } catch (Exception e) {
+ FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage());
+ }
+ //将空格和换行符替换掉避免使用反序列化工具解析对象时失败
+ String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n","");
+
+ JSONObject json = new JSONObject(jsonString);
+
+ return json;
+ }
+}
diff --git a/使用手册.docx b/使用手册.docx
new file mode 100644
index 0000000..00fce5b
Binary files /dev/null and b/使用手册.docx differ