diff --git a/README.md b/README.md index fc5debe..a8fc9c1 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,6 @@ # open-JSD-7844 -JSD-7844 OAuth2 + 基于时间戳签名的单点 \ No newline at end of file +JSD-7844 OAuth2 + 基于时间戳签名的单点\ +免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\ +仅作为开发者学习参考使用!禁止用于任何商业用途!\ +为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。 \ No newline at end of file diff --git a/lib/finekit-10.0.jar b/lib/finekit-10.0.jar new file mode 100644 index 0000000..611c8f5 Binary files /dev/null and b/lib/finekit-10.0.jar differ diff --git a/plugin.xml b/plugin.xml new file mode 100644 index 0000000..40893ae --- /dev/null +++ b/plugin.xml @@ -0,0 +1,17 @@ + + + com.fr.plugin.third.party.jsd7844 + + yes + 0.1 + 10.0 + 2019-01-01 + 追心 + + + + + + + + \ No newline at end of file diff --git a/src/main/java/com/fr/plugin/third/party/jsdhiee/config/CustomDataConfig.java b/src/main/java/com/fr/plugin/third/party/jsdhiee/config/CustomDataConfig.java new file mode 100644 index 0000000..2de39e1 --- /dev/null +++ b/src/main/java/com/fr/plugin/third/party/jsdhiee/config/CustomDataConfig.java @@ -0,0 +1,184 @@ +package com.fr.plugin.third.party.jsdhiee.config; + + +import com.fanruan.api.util.StringKit; +import com.fr.config.*; +import com.fr.config.holder.Conf; +import com.fr.config.holder.factory.Holders; + +import java.util.concurrent.ConcurrentHashMap; + +/** + * 配置数据保存 + */ +@Visualization(category = "融创集成登录配置") +public class CustomDataConfig extends DefaultConfiguration { + private static ConcurrentHashMap URL_MAP = new ConcurrentHashMap(); + + /** + * 添加链接 + * @param key + * @param url + */ + public static void addUrl(String key, String url) { + URL_MAP.put(key, url); + } + + /** + * 获取链接并销毁保存 + * @param key + * @return + */ + public static String getUrlAndDestroy(String key) { + String url = URL_MAP.get(key); + URL_MAP.remove(key); + return url; + } + + + private static volatile CustomDataConfig config = null; + + public static CustomDataConfig getInstance() { + if (config == null) { + config = ConfigContext.getConfigInstance(CustomDataConfig.class); + } + return config; + } + + @Identifier(value = "appValidityDuration", name = "移动端有效期时长(分钟)", description = "单位:分钟", status = Status.SHOW) + private Conf appValidityDuration = Holders.simple(720); + + + @Identifier(value = "appSecurityKey", name = "移动端密钥(securityKey)", description = "", status = Status.SHOW) + private Conf appSecurityKey = Holders.simple(StringKit.EMPTY); + + + @Identifier(value = "idmClientId", name = "IDM系统应用唯一标识(client_id)", description = "", status = Status.SHOW) + private Conf idmClientId = Holders.simple("49e24f65da354dae8ed3a7e55633aaf3"); + + + @Identifier(value = "idmClientSecret", name = "IDM系统应用密钥(client_secret)", description = "", status = Status.SHOW) + private Conf idmClientSecret = Holders.simple("ZZTFCvXcLkdCUH"); + + + @Identifier(value = "frUrl", name = "报表地址(redirect_uri)", description = "", status = Status.SHOW) + private Conf frUrl = Holders.simple("http://10.199.201.108/webroot/decision"); + + + @Identifier(value = "oAuthCodeUrl", name = "获取OAuth Code地址", description = "", status = Status.SHOW) + private Conf oAuthCodeUrl = Holders.simple("http://oamdev.sunac.com.cn/ms_oauth/oauth2/endpoints/oauthservice/authorize"); + + + @Identifier(value = "accessTokenUrl", name = "获取Access Token地址", description = "", status = Status.SHOW) + private Conf accessTokenUrl = Holders.simple("http://oamdev.sunac.com.cn/ms_oauth/oauth2/endpoints/oauthservice/tokens"); + + + @Identifier(value = "userUrl", name = "获取用户信息地址", description = "", status = Status.SHOW) + private Conf userUrl = Holders.simple("http://oamdev.sunac.com.cn/ms_oauth/resources/userprofile/me"); + + + @Identifier(value = "loginTypeNameParameter", name = "登录类型参数名称", description = "", status = Status.SHOW) + private Conf loginTypeNameParameter = Holders.simple("loginType"); + + + @Identifier(value = "loginTypeValue", name = "登录类型值", description = "", status = Status.SHOW) + private Conf loginTypeValue = Holders.simple("IDM_OAUTH"); + + + public int getAppValidityDuration() { + return appValidityDuration.get(); + } + + public void setAppValidityDuration(int appValidityDuration) { + this.appValidityDuration.set(appValidityDuration); + } + + public String getAppSecurityKey() { + return appSecurityKey.get(); + } + + public void setAppSecurityKey(String appSecurityKey) { + this.appSecurityKey.set(appSecurityKey); + } + + + public String getIdmClientId() { + return idmClientId.get(); + } + + public void setIdmClientId(String idmClientId) { + this.idmClientId.set(idmClientId); + } + + public String getIdmClientSecret() { + return idmClientSecret.get(); + } + + public void setIdmClientSecret(String idmClientSecret) { + this.idmClientSecret.set(idmClientSecret); + } + + public String getFrUrl() { + return frUrl.get(); + } + + public void setFrUrl(String frUrl) { + this.frUrl.set(frUrl); + } + + public String getoAuthCodeUrl() { + return oAuthCodeUrl.get(); + } + + public void setoAuthCodeUrl(String oAuthCodeUrl) { + this.oAuthCodeUrl.set(oAuthCodeUrl); + } + + public String getAccessTokenUrl() { + return accessTokenUrl.get(); + } + + public void setAccessTokenUrl(String accessTokenUrl) { + this.accessTokenUrl.set(accessTokenUrl); + } + + public String getUserUrl() { + return userUrl.get(); + } + + public void setUserUrl(String userUrl) { + this.userUrl.set(userUrl); + } + + public String getLoginTypeNameParameter() { + return loginTypeNameParameter.get(); + } + + public void setLoginTypeNameParameter(String loginTypeNameParameter) { + this.loginTypeNameParameter.set(loginTypeNameParameter); + } + + public String getLoginTypeValue() { + return loginTypeValue.get(); + } + + public void setLoginTypeValue(String loginTypeValue) { + this.loginTypeValue.set(loginTypeValue); + } + + @Override + public Object clone() throws CloneNotSupportedException { + CustomDataConfig cloned = (CustomDataConfig) super.clone(); + cloned.appValidityDuration = (Conf) appValidityDuration.clone(); + cloned.appSecurityKey = (Conf) appSecurityKey.clone(); + cloned.idmClientId = (Conf) idmClientId.clone(); + cloned.idmClientSecret = (Conf) idmClientSecret.clone(); + cloned.frUrl = (Conf) frUrl.clone(); + cloned.oAuthCodeUrl = (Conf) oAuthCodeUrl.clone(); + cloned.accessTokenUrl = (Conf) accessTokenUrl.clone(); + cloned.userUrl = (Conf) userUrl.clone(); + cloned.loginTypeNameParameter = (Conf) loginTypeNameParameter.clone(); + cloned.loginTypeValue = (Conf) loginTypeValue.clone(); + return cloned; + } +} diff --git a/src/main/java/com/fr/plugin/third/party/jsdhiee/config/DataConfigInitializeMonitor.java b/src/main/java/com/fr/plugin/third/party/jsdhiee/config/DataConfigInitializeMonitor.java new file mode 100644 index 0000000..fd97700 --- /dev/null +++ b/src/main/java/com/fr/plugin/third/party/jsdhiee/config/DataConfigInitializeMonitor.java @@ -0,0 +1,24 @@ +package com.fr.plugin.third.party.jsdhiee.config; + +import com.fr.intelli.record.Focus; +import com.fr.intelli.record.Original; +import com.fr.plugin.context.PluginContext; +import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor; +import com.fr.record.analyzer.EnableMetrics; + +/** + * 配置信息初始化 + */ +@EnableMetrics +public class DataConfigInitializeMonitor extends AbstractPluginLifecycleMonitor { + @Override + @Focus(id = "com.fr.plugin.third.party.jsd7844", text = "plugin-jsd-7844", source = Original.PLUGIN) + public void afterRun(PluginContext pluginContext) { + CustomDataConfig.getInstance(); + } + + @Override + public void beforeStop(PluginContext pluginContext) { + + } +} \ No newline at end of file diff --git a/src/main/java/com/fr/plugin/third/party/jsdhiee/http/SessionGlobalRequestFilterProvider.java b/src/main/java/com/fr/plugin/third/party/jsdhiee/http/SessionGlobalRequestFilterProvider.java new file mode 100644 index 0000000..bd582fb --- /dev/null +++ b/src/main/java/com/fr/plugin/third/party/jsdhiee/http/SessionGlobalRequestFilterProvider.java @@ -0,0 +1,554 @@ +package com.fr.plugin.third.party.jsdhiee.http; + +import com.fanruan.api.log.LogKit; +import com.fanruan.api.util.StringKit; +import com.fr.data.NetworkHelper; +import com.fr.decision.authority.AuthorityContext; +import com.fr.decision.authority.data.User; +import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; +import com.fr.decision.mobile.terminal.TerminalHandler; +import com.fr.decision.webservice.v10.login.LoginService; +import com.fr.decision.webservice.v10.login.TokenResource; +import com.fr.decision.webservice.v10.user.UserService; +import com.fr.general.ComparatorUtils; +import com.fr.json.JSONObject; +import com.fr.log.FineLoggerFactory; +import com.fr.plugin.third.party.jsdhiee.config.CustomDataConfig; +import com.fr.stable.StringUtils; +import com.fr.stable.query.QueryFactory; +import com.fr.third.org.apache.commons.codec.digest.DigestUtils; +import com.fr.third.org.apache.http.HttpEntity; +import com.fr.third.org.apache.http.HttpHeaders; +import com.fr.third.org.apache.http.HttpStatus; +import com.fr.third.org.apache.http.NameValuePair; +import com.fr.third.org.apache.http.client.config.RequestConfig; +import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity; +import com.fr.third.org.apache.http.client.methods.CloseableHttpResponse; +import com.fr.third.org.apache.http.client.methods.HttpGet; +import com.fr.third.org.apache.http.client.methods.HttpPost; +import com.fr.third.org.apache.http.impl.client.CloseableHttpClient; +import com.fr.third.org.apache.http.impl.client.HttpClients; +import com.fr.third.org.apache.http.message.BasicNameValuePair; +import com.fr.third.org.apache.http.util.EntityUtils; +import com.fr.web.utils.WebUtils; + +import javax.servlet.FilterChain; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.*; + + +public class SessionGlobalRequestFilterProvider extends AbstractGlobalRequestFilterProvider { + private static CloseableHttpClient httpClient = HttpClients.createDefault(); + private static String DEFAULT_USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"; + + @Override + public String filterName() { + return "com.fr.plugin.third.party.jsd7844"; + } + + @Override + public String[] urlPatterns() { + return new String[]{"/decision", "/decision/*"}; + } + + @Override + public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { + try { + String fullUrl = req.getRequestURL().toString(); + String queryUrl = req.getQueryString(); + if ("null".equalsIgnoreCase(queryUrl)) { + queryUrl = ""; + } else { + queryUrl = "?" + queryUrl; + } + + String fullUrl1 = fullUrl + queryUrl; + String method = req.getMethod(); + LogKit.info("集成登录,记录访问地址:" + method + " " + fullUrl1); + if (fullUrl.indexOf("/remote/") >= 0) { + filterChain.doFilter(req, res); + return; + } + + if (!"GET".equalsIgnoreCase(method)) { + filterChain.doFilter(req, res); + return; + } + + // boolean option = isLogged(req); + // if (option) { + // filterChain.doFilter(req, res); + // return; + //} + if (isAllowIdmOAuthLogin(req)) { + String state = getUuid(); + String requestUrl = getRequestUrl(req); + LogKit.info("集成登录,访问地址," + requestUrl); + CustomDataConfig.addUrl(state, requestUrl); + String locationUrl = getOAuthCodeUrl(state); + res.sendRedirect(locationUrl); + return; + } + + String loginUsername = getIdmOAuthUsername(req); + boolean pcOption = false; + if (StringKit.isNotEmpty(loginUsername)) { + pcOption = true; + LogKit.info("集成登录,IDM OAuth 用户名:" + loginUsername); + } + if (StringKit.isEmpty(loginUsername)) { + filterChain.doFilter(req, res); + return; + } + loginUsername = loginUsername.toUpperCase(); + User user = UserService.getInstance().getUserByUserName(loginUsername); + boolean tipsOption = false; + String tipsContent = ""; + if (user == null) { + tipsOption = true; + LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台不存在"); + tipsContent = "在报表服务器上不存在"; + } else if (!user.isEnable()) { + tipsOption = true; + LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台上被禁用"); + tipsContent = "在报表平台上被禁用"; + } + + if (tipsOption) { + String jumpContent = "\n" + + "\n" + + " \n" + + " 提示\n" + + "\n" + + "\n" + + " \n" + + "
\n" + + " \n" + + "
\n" + + "\n" + + ""; + res.setContentType("text/html;charset=UTF-8"); + WebUtils.printAsString(res, jumpContent); + res.setStatus(200); + return; + } + + loginUsername = user.getUserName(); + LogKit.info("集成登录,报表平台用户名:" + loginUsername); + + String loginToken = LoginService.getInstance().login(req, res, loginUsername); + req.setAttribute("fine_auth_token", loginToken); + if (pcOption) { + String state = WebUtils.getHTTPRequestParameter(req, "state"); + String url = CustomDataConfig.getUrlAndDestroy(state); + LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台,state url:" + url); + url = changeUrlScheme(url); + if (StringKit.isNotEmpty(url)) { + LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台," + url); + res.sendRedirect(url); + return; + } + } + filterChain.doFilter(req, res); + } catch (Exception e) { + FineLoggerFactory.getLogger().error("融创集成登录出错," + e.getMessage(), e); + } + } + + private String changeUrlScheme(String url) { + if (StringKit.isEmpty(url)) { + return ""; + } + if ((!url.startsWith("http://")) && (!url.startsWith("https://"))) { + return url; + } + + String frUrl = CustomDataConfig.getInstance().getFrUrl(); + if (StringKit.isEmpty(frUrl)) { + return url; + } + + if ((url.startsWith("http://")) && (frUrl.startsWith("http://"))) { + return url; + } + if ((url.startsWith("https://")) && (frUrl.startsWith("https://"))) { + return url; + } + String tempUrl = url; + if ((url.startsWith("http://")) && (frUrl.startsWith("https://"))) { + tempUrl = "https://" + url.substring(7); + } + + if ((url.startsWith("https://")) && (frUrl.startsWith("http://"))) { + tempUrl = "http://" + url.substring(8); + } + return tempUrl; + } + + + public boolean isLogged(HttpServletRequest req) { + boolean logged = true; + + try { + String token = TokenResource.COOKIE.getToken(req); + LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, NetworkHelper.getDevice(req))); + } catch (Exception var4) { + logged = false; + } + + return logged; + } + + private String getOAuthCodeUrl(String state) { + String url = CustomDataConfig.getInstance().getoAuthCodeUrl() + "?client_id=" + CustomDataConfig.getInstance().getIdmClientId() + "&response_type=code&redirect_uri=" + CustomDataConfig.getInstance().getFrUrl() + "&scope=UserProfile.me&state=" + state; + return url; + } + + private String getUuid() { + String uuid = UUID.randomUUID().toString().replace("-", ""); + return uuid; + } + + + /** + * 判断app是否允许登录IDM OAuth + * + * @param req + * @return + */ + private boolean isAllowIdmOAuthLogin(HttpServletRequest req) { + if (req == null) { + return false; + } + String loginTypeNameParameter = CustomDataConfig.getInstance().getLoginTypeNameParameter(); + String loginTypeConfigValue = CustomDataConfig.getInstance().getLoginTypeValue(); + if (StringKit.isEmpty(loginTypeNameParameter) || StringKit.isEmpty(loginTypeConfigValue)) { + return false; + } + String loginTypeValue = WebUtils.getHTTPRequestParameter(req, loginTypeNameParameter); + return ComparatorUtils.equals(loginTypeConfigValue, loginTypeValue); + } + + /** + * 判断app是否允许登录 + * + * @param req + * @return + */ + private boolean isAllowAppLogin(HttpServletRequest req) { + if (req == null) { + return false; + } + + String appUsername = WebUtils.getHTTPRequestParameter(req, "uid"); + LogKit.debug("集成登录,移动端uid:" + appUsername); + if (StringKit.isEmpty(appUsername)) { + return false; + } + + String appTimestamp = WebUtils.getHTTPRequestParameter(req, "timestamp"); + LogKit.debug("集成登录,移动端timestamp:" + appTimestamp); + if (StringKit.isEmpty(appTimestamp)) { + return false; + } + + String appToken = WebUtils.getHTTPRequestParameter(req, "token"); + LogKit.debug("集成登录,移动端token:" + appToken); + if (StringKit.isEmpty(appToken)) { + return false; + } + return isAllowAppLogin(appUsername, appTimestamp, appToken); + } + + + /** + * 判断app是否允许登录 + * + * @param timestamp + * @param token + * @return + */ + private boolean isAllowAppLogin(String username, String timestamp, String token) { + if (StringKit.isEmpty(timestamp) || StringKit.isEmpty(token)) { + return false; + } + if (!isNumeric(timestamp)) { + LogKit.debug("集成登录,移动端timestamp:不是数字"); + return false; + } + long timestampValue = Long.valueOf(timestamp); + if (!isValidAppTimestamp(timestampValue)) { + LogKit.debug("集成登录,移动端timestamp:失效"); + return false; + } + + if (!isValidAppToken(username, timestamp, token)) { + LogKit.debug("集成登录,移动端token:无效"); + return false; + } + + return true; + } + + private boolean isValidAppTimestamp(long timestamp) { + if (timestamp <= 0) { + return false; + } + long currentTimestamp = System.currentTimeMillis(); + long endTimestamp = timestamp + CustomDataConfig.getInstance().getAppValidityDuration() * 6060 * 1000L; + if (endTimestamp >= currentTimestamp) { + return true; + } + return false; + } + + private boolean isValidAppToken(String username, String timestamp, String token) { + String tempToken = createToken(username, timestamp); + boolean option = ComparatorUtils.equals(tempToken, token); + return option; + } + + + private String createToken(String username, String timestamp) { + //=Base64(MD5(uid+timestamp+securityKey)) + if (StringKit.isEmpty(username)) { + username = ""; + } + + if (StringKit.isEmpty(timestamp)) { + timestamp = ""; + } + + String securityKey = CustomDataConfig.getInstance().getAppSecurityKey(); + if (StringKit.isEmpty(securityKey)) { + securityKey = ""; + } + + String tempValue = username + timestamp + securityKey; + String md5Value = DigestUtils.md5Hex(tempValue); + String token = Base64.getEncoder().encodeToString(md5Value.getBytes()); + return token; + } + + /** + * 判断字符串是否全是数字 + * + * @param str + * @return + */ + public static boolean isNumeric(String str) { + if (StringKit.isEmpty(str)) { + return false; + } + for (int i = str.length(); --i >= 0; ) { + if (!Character.isDigit(str.charAt(i))) { + + return false; + + } + } + return true; + } + + + /** + * 获取IDM OAuth 用户名 + * + * @param req + * @return + */ + private String getIdmOAuthUsername(HttpServletRequest req) { + try { + if (req == null) { + return ""; + } + String oAuthCode = WebUtils.getHTTPRequestParameter(req, "code"); + if (StringKit.isEmpty(oAuthCode)) { + return ""; + } + LogKit.info("集成登录,OAuth Code:" + oAuthCode); + + RequestConfig requestConfig = RequestConfig.custom() + .setConnectionRequestTimeout(10000) + .setSocketTimeout(10000) // 服务端相应超时 + .setConnectTimeout(10000) // 建立socket链接超时时间 + .build(); + + //获取Access Token + String accessTokenUrl = CustomDataConfig.getInstance().getAccessTokenUrl(); + HttpPost httpPost = new HttpPost(accessTokenUrl); + httpPost.addHeader("User-Agent", DEFAULT_USER_AGENT); + List params = new ArrayList(); + NameValuePair redirectUriNameValuePair = new BasicNameValuePair("redirect_uri", CustomDataConfig.getInstance().getFrUrl()); + NameValuePair codeNameValuePair = new BasicNameValuePair("code", oAuthCode); + NameValuePair grantTypeNameValuePair = new BasicNameValuePair("grant_type", "authorization_code"); + params.add(redirectUriNameValuePair); + params.add(codeNameValuePair); + params.add(grantTypeNameValuePair); + httpPost.setEntity(new UrlEncodedFormEntity(params, "UTF-8")); + httpPost.setHeader("Content-type", "application/x-www-form-urlencoded"); + + String auth = CustomDataConfig.getInstance().getIdmClientId() + ":" + CustomDataConfig.getInstance().getIdmClientSecret(); + String tempAuthValue = Base64.getEncoder().encodeToString(auth.getBytes()); + String authValue = "Basic " + tempAuthValue; + httpPost.setHeader(HttpHeaders.AUTHORIZATION, authValue); + httpPost.setConfig(requestConfig); + CloseableHttpResponse response = httpClient.execute(httpPost); + int statusCode = response.getStatusLine().getStatusCode(); + if (statusCode != HttpStatus.SC_OK) { + response.close(); + LogKit.info("集成登录,获取Access Token请求出错,http status:" + statusCode); + return ""; + } + + HttpEntity httpEntity = response.getEntity(); + if (httpEntity == null) { + response.close(); + LogKit.info("集成登录,获取Access Token请求出错,http响应内容为空"); + return ""; + } + String responseContent = EntityUtils.toString(httpEntity, "UTF-8"); + response.close(); + if (StringKit.isEmpty(responseContent)) { + LogKit.info("集成登录,获取Access Token请求出错,http响应内容为空1"); + return ""; + } + LogKit.info("集成登录,获取Access Token请求,http响应内容\n" + responseContent); + + JSONObject jsonObject = new JSONObject(responseContent); + String accessToken = jsonObject.getString("access_token"); + if (StringKit.isEmpty(accessToken)) { + LogKit.info("集成登录,获取Access Token请求出错,access_token为空"); + return ""; + } + LogKit.info("集成登录,Access Token:" + accessToken); + + String userUrl = CustomDataConfig.getInstance().getUserUrl(); + HttpGet httpGet = new HttpGet(userUrl); + httpGet.setHeader(HttpHeaders.AUTHORIZATION, accessToken); + httpGet.setConfig(requestConfig); + response = httpClient.execute(httpGet); + statusCode = response.getStatusLine().getStatusCode(); + if (statusCode != HttpStatus.SC_OK) { + response.close(); + LogKit.info("集成登录,获取用户信息请求出错,http status:" + statusCode); + return ""; + } + + httpEntity = response.getEntity(); + if (httpEntity == null) { + response.close(); + LogKit.info("集成登录,获取用户信息请求出错,http响应内容为空"); + return ""; + } + responseContent = EntityUtils.toString(httpEntity, "UTF-8"); + response.close(); + if (StringKit.isEmpty(responseContent)) { + LogKit.info("集成登录,获取用户信息请求出错,http响应内容为空1"); + return ""; + } + LogKit.info("集成登录,获取用户信息请求,http响应内容\n" + responseContent); + jsonObject = new JSONObject(responseContent); + String uid = jsonObject.getString("uid"); + if (StringKit.isEmpty(uid)) { + LogKit.info("集成登录,,获取用户信息请求出错,uid为空"); + return ""; + } + LogKit.info("集成登录,uid:" + uid); + + return uid; + } catch (Exception e) { + FineLoggerFactory.getLogger().error("集成登录获取用户名出错," + e.getMessage(), e); + } + return ""; + } + + + private String getRequestUrl(HttpServletRequest req) { + String fullUrl = req.getRequestURL().toString(); + Map paraMap = req.getParameterMap(); + String paraName; + String[] paraValues; + String loginTypeParaName = CustomDataConfig.getInstance().getLoginTypeNameParameter(); + String queryStr = ""; + for (Map.Entry entry : paraMap.entrySet()) { + paraName = entry.getKey(); + if (ComparatorUtils.equals(paraName, loginTypeParaName)) { + continue; + } + paraValues = entry.getValue(); + queryStr = addParaToQuery(queryStr, paraName, paraValues); + } + if (StringKit.isEmpty(queryStr)) { + return fullUrl; + } + fullUrl = fullUrl + "?" + queryStr; + return fullUrl; + } + + private String addParaToQuery(String query, String paraName, String[] paraValues) { + if (StringKit.isEmpty(paraName)) { + return query; + } + String fullQuery = query; + if ((paraValues == null) || (paraValues.length <= 0)) { + if (StringKit.isNotEmpty(fullQuery)) { + fullQuery = fullQuery + "&"; + } + fullQuery = paraName + "="; + return fullQuery; + } + for (int i = 0, max = paraValues.length - 1; i <= max; i++) { + if (StringKit.isNotEmpty(fullQuery)) { + fullQuery = fullQuery + "&"; + } + fullQuery = fullQuery + paraName + "=" + paraValues[i]; + } + return fullQuery; + } + + + /** + * 根据用户名获取用户忽略大小写 + * + * @param username + * @return + * @throws Exception + */ + public User getUserByUserNameIgnoreCase(String username) throws Exception { + if (StringUtils.isEmpty(username)) { + return null; + } + List users = AuthorityContext.getInstance().getUserController().find(QueryFactory.create()); + if ((users == null) || (users.size() <= 0)) { + return null; + } + User tempUser; + for (int i = 0, max = users.size() - 1; i <= max; i++) { + tempUser = users.get(i); + if (!username.equalsIgnoreCase(tempUser.getUserName())) { + continue; + } + + if (UserService.getInstance().isAdmin(tempUser.getId())) { + LogKit.info("集成登录,用户名:" + tempUser.getUserName() + "是管理员用户,不允许登录"); + return null; + } + return tempUser; + } + return null; + } + +}