open-JSD-7604/src/main/java/com/fr/plugin/sso/filter/SSOFilter.java

package com.fr.plugin.sso.filter;

import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.json.JSONObject;
import com.fr.plugin.sso.config.simple.account.PluginSimpleConfig;
import com.fr.plugin.sso.utils.FRUtils;
import com.fr.plugin.sso.utils.HttpUtils;
import com.fr.plugin.sso.utils.ResponseUtils;
import com.fr.plugin.sso.utils.Utils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;

public class SSOFilter extends AbstractEmbedRequestFilterProvider {

    @Override
    public void filter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        boolean isLogin = FRUtils.isLogin(httpServletRequest);
        String url = FRUtils.getAllUrl(httpServletRequest);

        PluginSimpleConfig psc = PluginSimpleConfig.getInstance();
        String clientId = psc.getClientId();
        String clientSecret= psc.getSecret();
        //认证中心地址
        String authUrl = psc.getAuthUrl();
        //获取token地址
        String tokenUrl = psc.getTokenUrl();
        //获取用户地址
        String userInfoUrl = psc.getUserInfoUrl();

        //开放接口放行
        if(url.contains("/addOrg") || url.contains("/addUser") || url.contains("/changeOrg") ||
                url.contains("/deleteUser") || url.contains("/forbidOrg") || url.contains("/forbidUser") ||
                url.contains("/openUser") || url.contains("/updateOrg") || url.contains("/updateUser") ||
                url.contains("/userGroup")  ||url.contains("test")||url.contains("heartbeat")){
            return ;
        }

        //如果已经登录则放行
        if(isLogin){
            return ;
        }

        //如果是自带登录页资源则放行
        if(url.contains("login")||url.contains("decision/file")||url.contains("decision/resource")||url.contains("decision/system")||url.contains("query/ip")){
            return;
        }

        if(url.contains("remote")){
            return;
        }

        //获取code
        String code = httpServletRequest.getParameter("code");
        if(Utils.isNullStr(code)){
            String redirectURL = "";
            try {
                redirectURL= URLEncoder.encode(url,"utf-8");
            } catch (UnsupportedEncodingException e) {
                FRUtils.FRLogInfo("url编码异常:"+e.getMessage());
                return;
            }

            authUrl+= "?redirect_uri="+redirectURL+"&client_id="+clientId+"&response_type=code";
            FRUtils.FRLogInfo("authUrl:"+authUrl);
            try {
                httpServletResponse.sendRedirect(authUrl);
            } catch (IOException e) {
                FRUtils.FRLogInfo("跳转异常:"+e.getMessage());
            }

            return ;
        }

        String redirectURL = "";
        if(url.contains("?code")){
            redirectURL =  url.substring(0,url.indexOf("?code"));
        }else{
            redirectURL =  url.substring(0,url.indexOf("&code"));
        }

        //获取token
        Map<String,String> tokenParam = new HashMap<String,String>();
        tokenParam.put("client_id",clientId);
        tokenParam.put("client_secret",clientSecret);
        tokenParam.put("code",code);
        tokenParam.put("grant_type","authorization_code");
        tokenParam.put("redirect_uri",redirectURL);

        String tokenUrl2 = tokenUrl + "?client_id="+clientId+"&client_secret="+clientSecret+"&grant_type=authorization_code&redirect_uri="+redirectURL+"&code="+code;

//        String tokenParamStr = tokenParam.toString();

        String tokenResult = HttpUtils.HttpPostWWWForm(tokenUrl,null,tokenParam);

        if(Utils.isNullStr(tokenResult)){
            FRUtils.FRLogInfo("获取token异常");
            ResponseUtils.failedResponse(httpServletResponse,"获取token异常");

            return;
        }

        JSONObject tokenResultJson = new JSONObject(tokenResult);
        String token = tokenResultJson.getString("access_token");

        if(Utils.isNullStr(token)){
            FRUtils.FRLogInfo("获取token异常:");
            ResponseUtils.failedResponse(httpServletResponse,"获取token异常");

            return;
        }

        //获取用户信息
        String uid = tokenResultJson.getString("uid");
        userInfoUrl+="?access_token="+token+"&client_id="+clientId+"&uid="+uid;

        String userInfoResult = HttpUtils.get(userInfoUrl,null);

        if(Utils.isNullStr(userInfoResult)){
            FRUtils.FRLogInfo("获取用户信息异常");
            ResponseUtils.failedResponse(httpServletResponse,"获取用户信息异常");

            return;
        }

        JSONObject userJsonObject = new JSONObject(userInfoResult);

        String loginName = userJsonObject.getString("accountNo");

        if(Utils.isNullStr(loginName)){
            FRUtils.FRLogInfo("获取用户信息异常:");
            ResponseUtils.failedResponse(httpServletResponse,"获取用户信息异常:");

            return;
        }

        FRUtils.login(httpServletRequest,httpServletResponse,loginName,"");
    }
}