hugh
/
open-JSD-7610
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
JSD-7610 SAML单点
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.9 MiB
 
Tree: 24473deb2b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '24473deb2b'
${ noResults }
open-JSD-7610/src/main/java/com/fr/plugin/xxxx/saml/xxxx/saml/filter/SAMLFilter.java

131 lines
4.7 KiB
Raw Blame History

package com.fr.plugin.xxxx.saml.xxxx.saml.filter;
import com.fr.plugin.xxxx.saml.xxxx.saml.SAMLException;
import com.fr.plugin.xxxx.saml.xxxx.saml.SAMLResponseValidator;
import com.fr.plugin.xxxx.saml.xxxx.saml.bean.UserInfoBean;
import com.fr.plugin.xxxx.saml.xxxx.saml.constant.SsoConstants;
import com.fr.plugin.xxxx.saml.xxxx.saml.impl.SAMLRequestImpl;
import com.fr.plugin.xxxx.saml.xxxx.saml.impl.SAMLResponseValidatorImpl;
import org.apache.commons.codec.binary.Base64;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
public class SAMLFilter implements Filter {
private static final String returnPage = "/WEB-INF/pages/index.jsp";
private static final String logon = "/WEB-INF/pages/logon.jsp";
private String[] exclusions;
public void init(FilterConfig filterConfig) throws ServletException {
String exclusionsStr = filterConfig.getInitParameter("exclusions");
if (exclusionsStr.trim().length() > 0) {
exclusions = exclusionsStr.split(",");
}
}
/**判断是否绕过过滤器**/
private boolean isexclusion(String currentURL) {
if (exclusions == null || exclusions.length < 1 || currentURL == null || currentURL.length() < 1)
return false;
for (int i = 0; i < exclusions.length; i++)
if (currentURL.matches(exclusions[i].replaceAll("\\*", "\\.\\*")))
return true;
return false;
}
public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
HttpSession session = request.getSession();
//绕过过滤器
if (request.getRequestURL() != null && isexclusion(request.getRequestURL().toString())) {
chain.doFilter(req, resp);
return;
}
// 判断是否已经建立用户
if (session == null || session.getAttribute(SsoConstants.SESSION_USER_INFO_KEY) == null) {
String samlResp = request.getParameter("SAMLResponse");
if (samlResp != null && !samlResp.equals("")) {
byte[] buffer = new Base64().decode(samlResp.getBytes(StandardCharsets.UTF_8));
try {
// System.out.println(new
// String(buffer,StandardCharsets.UTF_8));
SAMLResponseValidator vld = new SAMLResponseValidatorImpl(
new String(buffer, StandardCharsets.UTF_8));
vld.validate();
// 帐号
// System.err.println("登陆账号:" +vld.getNameId());
// 附加字段
UserInfoBean uiBean = vld.getUIBean();
// System.err.println("::::getCn=" + uiBean.getCn());
// System.err.println("::::getSn=" + uiBean.getSn());
// System.err.println("::::getGivenName=" +
// uiBean.getGivenName());
// System.err.println("::::getEmployeeNumber=" +
// uiBean.getEmployeeNumber());
// System.err.println("::::getEmployeeType=" +
// uiBean.getEmployeeType());
// 需要注意,默认W3账号只返回工号,外网帐号返回帐号名
// System.err.println("::::getUid=" + uiBean.getUid());
// System.err.println("::::getUuid=" +
// uiBean.getProperty("uuid"));
// System.err.println("::::getTelephoneNumber=" +
// uiBean.getProperty(UserInfoBean.KEY_TELEPHONENUMBER));
// System.err.println("::::getSource=" + vld.getSource());
// System.err.println("::::getMail=" +
// uiBean.getFirstEmail());
// System.err.println("::::getRegisterPhone=" +
// uiBean.getProperty("registerphone"));
session.setAttribute(SsoConstants.SESSION_USER_INFO_KEY, uiBean);
} catch (SAMLException e) {
e.printStackTrace();
request.setAttribute("error", e.getMessage());
}
} else {
try {
byte[] samlRequest = new SAMLRequestImpl().generate().getBytes(StandardCharsets.UTF_8);
samlRequest = new Base64().encode(samlRequest);
// System.out.println("samlRequest::::" + new
// String(samlRequest));
// System.out.println("samlRequest::==::" + new
// SAMLRequestImpl().generate());
request.setAttribute("SAMLRequest", new String(samlRequest, StandardCharsets.UTF_8));
request.getRequestDispatcher(returnPage).forward(request, response);
return;
} catch (SAMLException e) {
e.printStackTrace();
request.setAttribute("SAMLRequest", e.getMessage());
}
}
}
UserInfoBean uiBean = (UserInfoBean) session.getAttribute(SsoConstants.SESSION_USER_INFO_KEY);
if (uiBean != null) {
String nameId = uiBean.getNameId();
// System.err.println("uid=" + uid);
request.setAttribute("nameId",nameId);
}
request.getRequestDispatcher(logon).forward(request, response);
// chain.doFilter(req, resp);
}
public void destroy() {
}
}