diff --git a/5591-5860-6693使用文档.docx b/5591-5860-6693使用文档.docx
new file mode 100644
index 0000000..2eaa152
Binary files /dev/null and b/5591-5860-6693使用文档.docx differ
diff --git a/JSD-7963-需求确认书V1.docx b/JSD-7963-需求确认书V1.docx
new file mode 100644
index 0000000..f1daa21
Binary files /dev/null and b/JSD-7963-需求确认书V1.docx differ
diff --git a/README.md b/README.md
index cf46e2d..6dc79ec 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,6 @@
# open-JSD-7963
-JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息
\ No newline at end of file
+JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息\
+免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
+仅作为开发者学习参考使用!禁止用于任何商业用途!\
+为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。
\ No newline at end of file
diff --git a/plugin.xml b/plugin.xml
new file mode 100644
index 0000000..3ddac92
--- /dev/null
+++ b/plugin.xml
@@ -0,0 +1,29 @@
+
+
+ com.fr.plugin.sln5591
+
+ yes
+ 1.8.0
+ 10.0
+ 2019-03-10
+ fr.open
+
+
+
+
+ com.fr.plugin
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/src/com/fr/plugin/ChangeConfigHander.java b/src/com/fr/plugin/ChangeConfigHander.java
new file mode 100644
index 0000000..5c1aabe
--- /dev/null
+++ b/src/com/fr/plugin/ChangeConfigHander.java
@@ -0,0 +1,38 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.stable.StringUtils;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class ChangeConfigHander extends BaseHttpHandler {
+ @Override
+ public RequestMethod getMethod() {
+ return null;
+ }
+
+ @Override
+ public String getPath() {
+ return "/change1";
+ }
+
+ @Override
+ public boolean isPublic() {
+ return true;
+ }
+
+ @Override
+ public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
+ String config = req.getParameter("config");
+ FilterMeConfig instance = FilterMeConfig.getInstance();
+ if (StringUtils.isBlank(config)) {
+ instance.setAdminFlags("");
+ } else {
+ instance.setAdminFlags(config);
+ }
+ WebUtils.printAsString(res, "success");
+ }
+}
\ No newline at end of file
diff --git a/src/com/fr/plugin/ChangeDesignConfigHander.java b/src/com/fr/plugin/ChangeDesignConfigHander.java
new file mode 100644
index 0000000..ce8cc75
--- /dev/null
+++ b/src/com/fr/plugin/ChangeDesignConfigHander.java
@@ -0,0 +1,38 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.stable.StringUtils;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class ChangeDesignConfigHander extends BaseHttpHandler {
+ @Override
+ public RequestMethod getMethod() {
+ return null;
+ }
+
+ @Override
+ public String getPath() {
+ return "/change2";
+ }
+
+ @Override
+ public boolean isPublic() {
+ return true;
+ }
+
+ @Override
+ public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
+ String designConfig = req.getParameter("config");
+ FilterMeConfig instance = FilterMeConfig.getInstance();
+ if (StringUtils.isBlank(designConfig)) {
+ instance.setDesignFlags("");
+ } else {
+ instance.setDesignFlags(designConfig);
+ }
+ WebUtils.printAsString(res, "success");
+ }
+}
\ No newline at end of file
diff --git a/src/com/fr/plugin/DataFilterPlaceHolder.java b/src/com/fr/plugin/DataFilterPlaceHolder.java
new file mode 100644
index 0000000..b2ebcc2
--- /dev/null
+++ b/src/com/fr/plugin/DataFilterPlaceHolder.java
@@ -0,0 +1,108 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.Iterator;
+
+public class DataFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
+ @Override
+ public String filterName() {
+ return "a1data";
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/*"
+ };
+ }
+
+ @Override
+ public void init(FilterConfig filterConfig) {
+ FilterMeConfig.getInstance();
+ super.init(filterConfig);
+ }
+
+ @Override
+ public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
+ if (request.getMethod().equalsIgnoreCase("POST")) {
+ if (request.getPathInfo() != null && request.getPathInfo().endsWith("v5/design/widget/data")) {
+ String header = request.getHeader("X-Context");
+ if (StringUtils.isNotBlank(header)) {
+ RequestWrapper wrapper = new RequestWrapper(request);
+ String bodyString = wrapper.getBodyString();
+ JSONObject entries = new JSONObject(bodyString);
+ try {
+ delJSON(header, entries);
+// FineLoggerFactory.getLogger().info("设置到body中 :{}", entries);
+ wrapper.setBody(entries.toString().getBytes());
+ filterChain.doFilter(wrapper, httpServletResponse);
+ } catch (IOException e) {
+ printException2FrLog(e);
+ } catch (ServletException e) {
+ printException2FrLog(e);
+ }
+ return;
+ }
+ }
+ }
+ try {
+ filterChain.doFilter(request, httpServletResponse);
+ } catch (IOException e) {
+ printException2FrLog(e);
+ } catch (ServletException e) {
+ printException2FrLog(e);
+ }
+ }
+
+ private void delJSON(String head, JSONObject req) {
+ try {
+ head = URLDecoder.decode(head, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ FineLoggerFactory.getLogger().error("收到的 Context:{}", head);
+ JSONObject jsonObject = new JSONObject(head);
+ Iterator keys = jsonObject.keys();
+ if (req.has("parameter")) {
+ JSONObject parameter = req.getJSONObject("parameter");
+ while (keys.hasNext()) {
+ String key = keys.next();
+ String value = jsonObject.getString(key);
+ if (!parameter.has(key)) {
+ setData(key, value, parameter);
+ }
+ }
+ }
+
+ }
+
+ private void setData(String name, String data, JSONObject parameter) {
+ JSONObject jsonObject = new JSONObject();
+ jsonObject.put("type", 97);//URL参数
+ jsonObject.put("value", data);
+ parameter.put(name, jsonObject);
+ }
+
+ public static void printException2FrLog(Throwable e) {
+ StringWriter writer = new StringWriter();
+ e.printStackTrace(new PrintWriter(writer));
+ String s = writer.toString();
+ FineLoggerFactory.getLogger().error("错误:{}", s);
+ }
+
+
+}
diff --git a/src/com/fr/plugin/FR2loginFilter.java b/src/com/fr/plugin/FR2loginFilter.java
new file mode 100644
index 0000000..1bcf0f9
--- /dev/null
+++ b/src/com/fr/plugin/FR2loginFilter.java
@@ -0,0 +1,347 @@
+package com.fr.plugin;
+
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.controller.CustomRoleController;
+import com.fr.decision.authority.controller.UserController;
+import com.fr.decision.authority.data.CustomRole;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.general.ComparatorUtils;
+import com.fr.general.IOUtils;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONArray;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.IpUtils;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+import java.util.UUID;
+
+@FunctionRecorder(localeKey = "fr2")
+public class FR2loginFilter extends AbstractEmbedRequestFilterProvider {
+ @Override
+ public void init(FilterConfig filterConfig) {
+ super.init(filterConfig);
+
+ }
+
+ private static String[] filterUrls = new String[]{
+ "v5/design/report/",
+ "view/report",
+ "view/form"
+ };
+
+ private void sendRedirect(HttpServletResponse res, String url) {
+ res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+ res.setHeader("Location", url);
+ }
+
+ private boolean needFilter(String url) {
+ if (StringUtils.isNotBlank(url)) {
+ for (String filterUrl : filterUrls) {
+ if (url.contains(filterUrl)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ private void login(HttpServletRequest req, HttpServletResponse res, String username) {
+ HttpSession session = req.getSession(true);
+ String token = null;
+ try {
+ token = LoginService.getInstance().login(req, res, username);
+ req.setAttribute("fine_auth_token", token);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().error(e.getMessage(), e);
+ FineLoggerFactory.getLogger().error("login failed");
+ }
+ FineLoggerFactory.getLogger().error("login success");
+ }
+
+ private boolean ipblackCheck(String ip) {
+ String[] blackIps = new String[]{};
+ try {
+ InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
+ if (inputStream != null) {
+ String lines = IOUtils.inputStream2String(inputStream);
+ blackIps = lines.split("\n");
+ }
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ if ("0:0:0:0:0:0:0:1".equals(ip)) {
+ return true;
+ }
+ for (String blackIp : blackIps) {
+ if (!blackIp.contains("-")) {
+ if (ip.equals(blackIp)) {
+ return true;
+ }
+ } else {
+ String trim = blackIp.trim();
+ String[] split = trim.split("-");
+ if (split.length > 1) {
+ if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ private void writerOurError(HttpServletResponse httpServletResponse) {
+ try {
+ WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ private boolean isLogin(HttpServletRequest req) {
+ return LoginService.getInstance().isLogged(req);
+ }
+
+ @Override
+ public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
+ String uri = request.getRequestURI();
+ String ip = IpUtils.getIp(request);
+ if (!ipblackCheck(ip)) {
+ writerOurError(httpServletResponse);
+ return;
+ }
+ if (request.getMethod().equalsIgnoreCase("GET")) {
+ //直接return 就开始执行原来的逻辑
+ if (request.getParameter("sendTwo") != null) {
+ return;
+ }
+
+ //需要特殊处理的url按照特殊处理
+ if (needFilter(uri)) {
+ sendRedirect(httpServletResponse, getUrl(request));
+ return;
+ }
+
+ String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
+ String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
+ if (loginUrl.equals(uri)) {
+ String manualOut = request.getParameter("manual");
+ if (!ComparatorUtils.equals(manualOut, "true")) {
+ String header = request.getHeader("X-Context");
+ if (StringUtils.isNotBlank(header) && !isLogin(request)) {
+ tokenLogin(request, httpServletResponse);
+ sendRedirect(httpServletResponse, home);
+ }
+ }
+ }
+ }
+ return;
+ }
+
+ private void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
+ String header = req.getHeader("X-Context");
+ try {
+ header = URLDecoder.decode(header, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
+ JSONObject entries = new JSONObject(header);
+ String usrNm = entries.getString("usrNm");
+ JSONArray rlNoList = entries.getJSONArray("rlNoList");
+ try {
+ User user = UserService.getInstance().getUserByUserName(usrNm);
+ UserController userController = AuthorityContext.getInstance().getUserController();
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+ if (user == null) {
+ FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
+ PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+ user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
+ .creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
+ userController.add(user);
+ }
+ String userId = user.getId();
+ List roles = customRoleController.findByUser(userId, QueryFactory.create());
+ boolean isAdminRoleFlag = false;
+ List adminFlags = getAdminFlags();
+ FineLoggerFactory.getLogger().info("当前的管理员标识符 :{}", adminFlags);
+ List remoteRoles = new ArrayList<>();
+ try {
+ int size = rlNoList.size();
+ for (int i = 0; i < size; i++) {
+ String name = rlNoList.getString(i);
+ remoteRoles.add(name);
+ FineLoggerFactory.getLogger().info("传送过来的角色:{}", name);
+ if (isAdminFlags(name, adminFlags)) {
+ isAdminRoleFlag = true;
+ }
+ }
+
+ //先判断传过来的的角色是不是本地都有,没有要加上
+ for (String role : remoteRoles) {
+ boolean find = false;
+ for (CustomRole customRole : roles) {
+ if (ComparatorUtils.equals(customRole.getName(), role)) {
+ find = true;
+ }
+ }
+ if (!find) {
+// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
+// List roleList = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
+// FineLoggerFactory.getLogger().info("通过角色名称{} 查询出来的本地角色:{}", role, roleList.size());
+// for (CustomRole customRole : roleList) {
+// FineLoggerFactory.getLogger().info("给用户新增角色:{}", customRole.getId());
+// userController.addUserToCustomRole(userId, customRole.getId());
+// }
+ FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
+ CustomRole addRole = new CustomRole();
+ addRole.setName(role);
+ addRole.setAlias(role);
+ addRole.setId(UUID.randomUUID().toString());
+ addRole.setDescription("通过xcontent添加");
+ customRoleController.add(addRole);
+ userController.addUserToCustomRole(userId, addRole.getId());
+ }
+ }
+ //在判断本地的角色是不是远程没有了,要移除掉
+ for (CustomRole customRole : roles) {
+ if (!remoteRoles.contains(customRole.getName())) {
+ FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
+ userController.removeUserFromCustomRole(userId, customRole.getId());
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ //如果是管理员标志就直接登录admin账号
+ if (isAdminRoleFlag) {
+ FineLoggerFactory.getLogger().info("本次为管理员登录");
+ login(req, res, "admin");
+ } else {
+ FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
+ login(req, res, usrNm);
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ private static boolean isAdminFlags(String flag, List flags) {
+ return flags.contains(flag);
+ }
+
+ private List getAdminFlags() {
+ InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
+ if (inputStream != null) {
+ Properties properties = new Properties();
+ try {
+ properties.load(inputStream);
+ String adminflag = properties.getProperty("adminflag");
+ if (StringUtils.isNotBlank(adminflag)) {
+ String[] split = adminflag.split(",");
+ return Arrays.asList(split);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ return Collections.emptyList();
+ }
+
+ private String getUrl(HttpServletRequest request) {
+ String url = "/";
+ try {
+ url = "http://" + request.getServerName()//服务器地址
+ + ":"
+ + request.getServerPort() + request.getRequestURI();
+ Enumeration parameterNames = request.getParameterNames();
+ Map reqParams = new HashMap<>();
+ while (parameterNames.hasMoreElements()) {
+ String key = parameterNames.nextElement();
+ reqParams.put(key, request.getParameter(key));
+ }
+ Map parmas = header2url(request);
+ reqParams.putAll(parmas);
+ String header2url = map2String(reqParams);
+ FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
+ if (url.contains("?")) {
+ url += header2url;
+ } else {
+ url += "?a=1" + header2url;
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ url += "&sendTwo=true";
+ return url;
+ }
+
+
+ private Map header2url(HttpServletRequest request) {
+ Map params = new HashMap<>();
+ String context = request.getHeader("X-Context");
+ if (StringUtils.isNotBlank(context)) {
+ try {
+ context = URLDecoder.decode(context, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ JSONObject jsonObject = new JSONObject(context);
+ String userNo = jsonObject.getString("usrNo");
+ String userNm = jsonObject.getString("usrNm");
+ String pstNo = jsonObject.getString("pstNo");
+ String instNo = jsonObject.getString("instNo");
+ String accInstNo = jsonObject.getString("accInstNo");
+ String admnInstNo = jsonObject.getString("admnInstNo");
+ params.put("usrNo", userNo);
+ params.put("usrNm", userNm);
+ params.put("pstNo", pstNo);
+ params.put("instNo", instNo);
+ params.put("accInstNo", accInstNo);
+ params.put("admnInstNo", admnInstNo);
+ }
+ params.put("sendTwo", "true");
+ return params;
+ }
+
+ private String map2String(Map params) {
+ StringBuffer buffer = new StringBuffer();
+ Set strings = params.keySet();
+ for (String key : strings) {
+ buffer.append("&").append(key).append("=").append(params.get(key));
+ }
+ return buffer.toString();
+ }
+
+}
diff --git a/src/com/fr/plugin/FRloginFilter.java b/src/com/fr/plugin/FRloginFilter.java
new file mode 100644
index 0000000..82ba782
--- /dev/null
+++ b/src/com/fr/plugin/FRloginFilter.java
@@ -0,0 +1,165 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+@FunctionRecorder(localeKey = "frfilter")
+public class FRloginFilter extends AbstractEmbedRequestFilterProvider {
+
+ private void sendRedirect(HttpServletResponse res, String url) {
+ res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+ res.setHeader("Location", url);
+ }
+
+ @Override
+ public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
+ String uri = request.getRequestURI();
+ if (uri != null && uri.contains("v5/design/report/share") && request.getMethod().equalsIgnoreCase("GET")) {
+ FineLoggerFactory.getLogger().info("拦截器捕获一个请求,需要跳转share {}", uri);
+ if (request.getParameter("sendTwo") != null) {
+ return;
+ }
+ String url = getUrl(request);
+ FineLoggerFactory.getLogger().info("拦截器捕获一个请求,跳转出来的 {}", url);
+ sendRedirect(httpServletResponse, url);
+ }
+ }
+
+ //
+// private String getUrl(HttpServletRequest request){
+// String url = "/";
+// try {
+// url = "http://" + request.getServerName()//服务器地址
+// + ":"
+// + request.getServerPort() + request.getRequestURI() ;
+// String queryString = request.getQueryString();
+// String header2url = header2url(request);
+// if (StringUtils.isNotBlank(queryString)) {
+// url+= "?"+queryString+header2url;
+// }else{
+// url+="?a=1"+header2url;
+// }
+// if(url.contains("?")){
+// url+="&sendTwo=true";
+// }else{
+// url+="?sendTwo=true";
+// }
+// } catch (Exception e) {
+// printException2Frlog(e);
+// }
+// return url;
+// }
+ public static void printException2Frlog(Exception e) {
+ StringWriter writer = new StringWriter();
+ e.printStackTrace(new PrintWriter(writer));
+ String s = writer.toString();
+ FineLoggerFactory.getLogger().error("错误:{}", s);
+ }
+//
+// private String header2url(HttpServletRequest request){
+// StringBuffer buffer=new StringBuffer();
+// String context = request.getHeader("X-Context");
+// if (StringUtils.isNotBlank(context)) {
+// try {
+// context = URLDecoder.decode(context, "UTF-8");
+// } catch (UnsupportedEncodingException e) {
+// e.printStackTrace();
+// }
+// JSONObject jsonObject = new JSONObject(context);
+// String userNo = jsonObject.getString("usrNo");
+// String userNm = jsonObject.getString("usrNm");
+// String pstNo = jsonObject.getString("pstNo");
+// String instNo = jsonObject.getString("instNo");
+// String accInstNo = jsonObject.getString("accInstNo");
+// String admnInstNo = jsonObject.getString("admnInstNo");
+// buffer.append("&userNo=").append(userNo).append("&userNm=").append(userNm).append("&pstNo=").append(pstNo).append("&instNo=").append(instNo)
+// .append("&accInstNo=").append(accInstNo).append("&admnInstNo=").append(admnInstNo);
+// }
+//
+// buffer.append("&sendTwo=true");
+// return buffer.toString();
+// }
+
+ private String getUrl(HttpServletRequest request) {
+ String url = "/";
+ try {
+ url = "http://" + request.getServerName()//服务器地址
+ + ":"
+ + request.getServerPort() + request.getRequestURI();
+ Enumeration parameterNames = request.getParameterNames();
+ Map reqParams = new HashMap<>();
+ while (parameterNames.hasMoreElements()) {
+ String key = parameterNames.nextElement();
+ reqParams.put(key, request.getParameter(key));
+ }
+ Map parmas = header2url(request);
+ reqParams.putAll(parmas);
+ String header2url = map2String(reqParams);
+ FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
+ if (url.contains("?")) {
+ url += header2url;
+ } else {
+ url += "?a=1" + header2url;
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ url += "&sendTwo=true";
+ return url;
+ }
+
+
+ private Map header2url(HttpServletRequest request) {
+ Map params = new HashMap<>();
+ String context = request.getHeader("X-Context");
+ if (StringUtils.isNotBlank(context)) {
+ try {
+ context = URLDecoder.decode(context, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ JSONObject jsonObject = new JSONObject(context);
+ String userNo = jsonObject.getString("usrNo");
+ String userNm = jsonObject.getString("usrNm");
+ String pstNo = jsonObject.getString("pstNo");
+ String instNo = jsonObject.getString("instNo");
+ String accInstNo = jsonObject.getString("accInstNo");
+ String admnInstNo = jsonObject.getString("admnInstNo");
+ params.put("usrNo", userNo);
+ params.put("usrNm", userNm);
+ params.put("pstNo", pstNo);
+ params.put("instNo", instNo);
+ params.put("accInstNo", accInstNo);
+ params.put("admnInstNo", admnInstNo);
+ }
+ params.put("sendTwo", "true");
+ return params;
+ }
+
+ private String map2String(Map params) {
+ StringBuffer buffer = new StringBuffer();
+ Set strings = params.keySet();
+ for (String key : strings) {
+ buffer.append("&").append(key).append("=").append(params.get(key));
+ }
+ return buffer.toString();
+ }
+
+}
diff --git a/src/com/fr/plugin/FilterMeConfig.java b/src/com/fr/plugin/FilterMeConfig.java
new file mode 100644
index 0000000..acacdc2
--- /dev/null
+++ b/src/com/fr/plugin/FilterMeConfig.java
@@ -0,0 +1,82 @@
+package com.fr.plugin;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+
+@Visualization(category = "系统接口地址配置")
+public class FilterMeConfig extends DefaultConfiguration {
+ private static volatile FilterMeConfig config = null;
+
+ public static FilterMeConfig getInstance() {
+ if (config == null) {
+ config = ConfigContext.getConfigInstance(FilterMeConfig.class);
+ }
+ return config;
+ }
+
+ @Identifier(value = "baseUrl", name = "接口地址", description = "", status = Status.SHOW)
+ private Conf baseUrl = Holders.simple("http://localhost:8080/");
+
+ @Identifier(value = "adminFlags", name = "管理员标识符rlNoList", description = "使用分号分隔", status = Status.SHOW)
+ private Conf adminFlags = Holders.simple("");
+ @Identifier(value = "adminFlagsNm", name = "管理员标识符usrNm", description = "使用分号分隔", status = Status.SHOW)
+ private Conf adminFlagsNm = Holders.simple("");
+ @Identifier(value = "designFlags", name = "设计用户标识符", description = "使用分号分隔", status = Status.SHOW)
+ private Conf designFlags = Holders.simple("");
+ @Identifier(value = "needflush", name = "是否需要刷新权限", description = "使用分号分隔", status = Status.SHOW)
+ private Conf needflush = Holders.simple(true);
+
+ public String getDesignFlags() {
+ return designFlags.get();
+ }
+
+ public void setDesignFlags(String designFlags) {
+ this.designFlags.set(designFlags);
+ }
+
+ public String getAdminFlags() {
+ return adminFlags.get();
+ }
+
+ public void setAdminFlags(String adminFlags) {
+ this.adminFlags.set(adminFlags);
+ }
+
+ public String getBaseUrl() {
+ return baseUrl.get();
+ }
+
+
+ public void setBaseUrl(String baseUrl) {
+ this.baseUrl.set(baseUrl);
+ }
+
+ public String getAdminFlagsNm() {
+ return adminFlagsNm.get();
+ }
+
+ public void setAdminFlagsNm(String adminFlagsNm) {
+ this.adminFlagsNm.set(adminFlagsNm);
+ ;
+ }
+
+ public Boolean getNeedflush() {
+ return needflush.get();
+ }
+
+ public void setNeedflush(Boolean needflush) {
+ this.needflush.set(needflush);
+ }
+
+ @Override
+ public Object clone() throws CloneNotSupportedException {
+ FilterMeConfig cloned = (FilterMeConfig) super.clone();
+ cloned.baseUrl = (Conf) baseUrl.clone();
+ cloned.adminFlags = (Conf) adminFlags.clone();
+ cloned.designFlags = (Conf) designFlags.clone();
+ cloned.adminFlagsNm = (Conf) adminFlagsNm.clone();
+ cloned.needflush = (Conf) needflush.clone();
+ return cloned;
+ }
+}
diff --git a/src/com/fr/plugin/GlobalRequestFilterPlaceHolder.java b/src/com/fr/plugin/GlobalRequestFilterPlaceHolder.java
new file mode 100644
index 0000000..5db0f34
--- /dev/null
+++ b/src/com/fr/plugin/GlobalRequestFilterPlaceHolder.java
@@ -0,0 +1,110 @@
+package com.fr.plugin;
+
+import com.fr.decision.ExtraDecisionClassManager;
+import com.fr.decision.fun.GlobalRequestFilterProvider;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.event.Event;
+import com.fr.event.EventDispatcher;
+import com.fr.event.Listener;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.injectable.PluginModule;
+import com.fr.plugin.observer.PluginEventType;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Set;
+
+/**
+ * @author fr.open
+ */
+public class GlobalRequestFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
+ private static final String CURRENT_PLUGIN_ID = "com.fr.plugin.sln5591";//需要求个这两个配置
+ private static final String CURRENT_FILTER_NAME = "lastLogin";
+ private static GlobalRequestFilterProvider PLACE_HOLDER_IMPL_FILTER;
+
+ @Override
+ public void init(FilterConfig filterConfig) {
+ Set providers = ExtraDecisionClassManager.getInstance().getArray(GlobalRequestFilterProvider.MARK_STRING);
+ if (providers != null) {
+ for (GlobalRequestFilterProvider provider : providers) {
+ String filterName = provider.filterName();
+ if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
+ PLACE_HOLDER_IMPL_FILTER = provider;
+ break;
+ }
+ }
+ }
+
+ com.fr.stable.Filter filter = new com.fr.stable.Filter() {
+ @Override
+ public boolean accept(PluginContext context) {
+ String pluginId = context.getID();
+ return context.contain(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING) && CURRENT_PLUGIN_ID.equals(pluginId);
+ }
+ };
+
+ EventDispatcher.listen(PluginEventType.AfterRun, new Listener() {
+ @Override
+ public void on(Event event, PluginContext context) {
+ Set providers = context.getRuntime().get(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING);
+ if (providers != null) {
+ for (GlobalRequestFilterProvider provider : providers) {
+ String filterName = provider.filterName();
+ if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
+ PLACE_HOLDER_IMPL_FILTER = provider;
+ break;
+ }
+ }
+ }
+ }
+ }, filter);
+
+ EventDispatcher.listen(PluginEventType.BeforeStop, new Listener() {
+ @Override
+ public void on(Event event, PluginContext context) {
+ PLACE_HOLDER_IMPL_FILTER = null;
+ }
+ }, filter);
+ }
+
+ @Override
+ public String filterName() {
+ return "GlobalRequestFilterPlaceHolder";
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/*"
+ };
+ }
+
+ @Override
+ public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
+ try {
+ process(request, response, filterChain);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().error(e, e.getMessage());
+ try {
+ filterChain.doFilter(request, response);
+ } catch (Exception ex) {
+ FineLoggerFactory.getLogger().error(ex, ex.getMessage());
+ }
+ }
+ }
+
+ public void process(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception {
+ if (PLACE_HOLDER_IMPL_FILTER == null) {
+ if(FineLoggerFactory.getLogger().isDebugEnabled()) {
+ FineLoggerFactory.getLogger().debug("[GlobalRequestFilterPlaceHolder] placeHolderImplFilter 为 null");
+ }
+ filterChain.doFilter(request, response);
+ } else {
+ PLACE_HOLDER_IMPL_FILTER.doFilter(request, response, filterChain);
+ }
+ }
+}
diff --git a/src/com/fr/plugin/HttpApi.java b/src/com/fr/plugin/HttpApi.java
new file mode 100644
index 0000000..ec13789
--- /dev/null
+++ b/src/com/fr/plugin/HttpApi.java
@@ -0,0 +1,130 @@
+package com.fr.plugin;
+
+import com.fr.base.ServerConfig;
+import com.fr.json.JSONObject;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.net.URLEncoder;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+public class HttpApi {
+
+
+
+ private static String getParam(Map var0, String enc) {
+ String var1 = "";
+ Set var2 = var0.keySet();
+ Iterator var3 = var2.iterator();
+
+ while (var3.hasNext()) {
+ String var4 = (String) var3.next();
+ String var5 = var0.get(var4) + "";
+
+ try {
+ var1 = var1 + (var1.length() == 0 ? "" : "&") + URLEncoder.encode(var4, enc) + "=" + URLEncoder.encode(var5, enc);
+ } catch (Exception var7) {
+ ;
+ }
+ }
+
+ return var1;
+ }
+ public static String post(String path, Map param) {
+ String var3 = getParam(param, ServerConfig.getInstance().getServerCharset());
+ PrintWriter var4 = null;
+ BufferedReader var5 = null;
+ String var6 = "";
+
+ try {
+ URL var7 = new URL(path);
+ HttpURLConnection var8 = (HttpURLConnection) var7.openConnection();
+ var8.setRequestProperty("accept", "*/*");
+ var8.setRequestProperty("connection", "Keep-Alive");
+ var8.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
+// var8.setRequestProperty("Accept-Charset", "UTF-8");
+ var8.setRequestMethod("POST");
+ var8.setDoOutput(true);
+ var8.setDoInput(true);
+ var4 = new PrintWriter(var8.getOutputStream());
+ var4.print(var3);
+ var4.flush();
+
+ String var9;
+ for (var5 = new BufferedReader(new InputStreamReader(var8.getInputStream(), "UTF-8")); (var9 = var5.readLine()) != null; var6 = var6 + var9) {
+ ;
+ }
+ } catch (Exception var18) {
+ var18.printStackTrace();
+ } finally {
+ try {
+ if (var4 != null) {
+ var4.close();
+ }
+
+ if (var5 != null) {
+ var5.close();
+ }
+ } catch (Exception var17) {
+ ;
+ }
+
+ }
+
+ return var6;
+ }
+
+ public static String sendJsonPost(String var0, JSONObject var1, String var2) {
+ PrintWriter var3 = null;
+ BufferedReader var4 = null;
+ HttpURLConnection var5 = null;
+ String var6 = "";
+
+ try {
+ URL var7 = new URL(var0);
+ var5 = (HttpURLConnection) var7.openConnection();
+ var5.setRequestProperty("Content-Type", "application/json;charset=utf8");
+// var5.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=utf8");
+ var5.setRequestProperty("accept", "*/*");
+ var5.setRequestProperty("connection", "Keep-Alive");
+ var5.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
+ var5.setRequestProperty("Accept-Charset", var2);
+ var5.setRequestMethod("POST");
+ var5.setDoOutput(true);
+ var5.setDoInput(true);
+ var3 = new PrintWriter(var5.getOutputStream());
+ var3.print(var1.toString());
+ var3.flush();
+
+ String var8;
+ for (var4 = new BufferedReader(new InputStreamReader(var5.getInputStream(), var2)); (var8 = var4.readLine()) != null; var6 = var6 + var8) {
+ ;
+ }
+ } catch (Exception var17) {
+ var17.printStackTrace();
+ } finally {
+ try {
+ if (var3 != null) {
+ var3.close();
+ }
+
+ if (var4 != null) {
+ var4.close();
+ }
+ } catch (Exception var16) {
+ ;
+ }
+
+ var5.disconnect();
+ }
+
+ System.out.println(var6);
+ return var6;
+ }
+
+}
diff --git a/src/com/fr/plugin/IpUtils.java b/src/com/fr/plugin/IpUtils.java
new file mode 100644
index 0000000..6bfe7ba
--- /dev/null
+++ b/src/com/fr/plugin/IpUtils.java
@@ -0,0 +1,62 @@
+package com.fr.plugin;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class IpUtils {
+ /**
+ * 将字符串形式IP地址127.0.0.1转换10234564321
+ *
+ * @param strIP
+ * @return
+ */
+ public static long ip2Long(String strIP) {
+ long[] ip = new long[4];
+// 先找到IP地址字符串中.的位置
+ int position1 = strIP.indexOf(".");
+ int position2 = strIP.indexOf(".", position1 + 1);
+ int position3 = strIP.indexOf(".", position2 + 1);
+// 将每个.之间的字符串转换成整型
+ ip[0] = Long.parseLong(strIP.substring(0, position1));
+ ip[1] = Long.parseLong(strIP.substring(position1 + 1, position2));
+ ip[2] = Long.parseLong(strIP.substring(position2 + 1, position3));
+ ip[3] = Long.parseLong(strIP.substring(position3 + 1));
+ return (ip[0] << 24) + (ip[1] << 16) + (ip[2] << 8) + ip[3];
+ }
+
+ public static String getIp(HttpServletRequest request) {
+ String remoteIp = request.getRemoteAddr();
+
+ // 多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
+ if (remoteIp != null && remoteIp.length() > 15) {
+ if (remoteIp.indexOf(",") > 0) {
+ remoteIp = remoteIp.substring(0, remoteIp.indexOf(","));
+ }
+ }
+ return remoteIp;
+ }
+
+ /**
+ * 将字符串形式IP地址转换long类型
+ * @param ip
+ * @return
+ */
+ public static long getIp2long(String ip) {
+ ip = ip.trim();
+ String[] ips = ip.split("\\.");
+ long ip1 = Integer.parseInt(ips[0]);
+ long ip2 = Integer.parseInt(ips[1]);
+ long ip3 = Integer.parseInt(ips[2]);
+ long ip4 = Integer.parseInt(ips[3]);
+ return ip1 * 256 * 256 * 256 + ip2 * 256 * 256 + ip3 * 256 + ip4;
+ }
+ /**
+ * 判断一个ip地址是否在某个ip段范围内
+ * @param ip
+ * @param startIP
+ * @param endIP
+ * @return
+ */
+ public static boolean ipExistsInRange(String ip, String startIP, String endIP) {
+ return (getIp2long(startIP)<=getIp2long(ip)) && (getIp2long(ip)<=getIp2long(endIP));
+ }
+}
diff --git a/src/com/fr/plugin/JHHttpHander.java b/src/com/fr/plugin/JHHttpHander.java
new file mode 100644
index 0000000..454cde1
--- /dev/null
+++ b/src/com/fr/plugin/JHHttpHander.java
@@ -0,0 +1,14 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.HttpHandler;
+import com.fr.decision.fun.impl.AbstractHttpHandlerProvider;
+
+public class JHHttpHander extends AbstractHttpHandlerProvider {
+
+ private HttpHandler[] actions = new HttpHandler[]{new ChangeConfigHander() ,new ChangeDesignConfigHander(),new PostionImportgHander() };
+
+ @Override
+ public HttpHandler[] registerHandlers() {
+ return actions;
+ }
+}
diff --git a/src/com/fr/plugin/JHUrlAliasProvider.java b/src/com/fr/plugin/JHUrlAliasProvider.java
new file mode 100644
index 0000000..cd673ad
--- /dev/null
+++ b/src/com/fr/plugin/JHUrlAliasProvider.java
@@ -0,0 +1,17 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.AbstractURLAliasProvider;
+import com.fr.decision.webservice.url.alias.URLAlias;
+import com.fr.decision.webservice.url.alias.URLAliasFactory;
+
+public class JHUrlAliasProvider extends AbstractURLAliasProvider {
+ @Override
+ public URLAlias[] registerAlias() {
+ return new URLAlias[]{
+ //第一个参数就是就是别名地址,第二个就是HttpHandler中设置的地址,第三个参数就是设置该请求是否公开(需要和对应的HttpHandler.isPublic方法返回一直,要不然会报错404),返回的是一个非通配
+ URLAliasFactory.createPluginAlias("/config/admin", "/change1", true),
+ URLAliasFactory.createPluginAlias("/config/import", "/depAndPosImport", true),
+ URLAliasFactory.createPluginAlias("/config/design", "/change2", true)
+ };
+ }
+}
\ No newline at end of file
diff --git a/src/com/fr/plugin/JSONUtils.java b/src/com/fr/plugin/JSONUtils.java
new file mode 100644
index 0000000..fc66f61
--- /dev/null
+++ b/src/com/fr/plugin/JSONUtils.java
@@ -0,0 +1,28 @@
+package com.fr.plugin;
+
+import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
+import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
+import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.io.Writer;
+
+/**
+ * JSON序列化和反序列化相关操作类
+ */
+public class JSONUtils {
+ private static ObjectMapper objectMapper = new ObjectMapper();
+
+ public static String serialize(Object object) {
+ Writer write = new StringWriter();
+ try {
+ objectMapper.writeValue(write, object);
+ } catch (JsonGenerationException e) {
+ } catch (JsonMappingException e) {
+ } catch (IOException e) {
+ }
+ return write.toString();
+ }
+
+}
diff --git a/src/com/fr/plugin/LastloginFilter.java b/src/com/fr/plugin/LastloginFilter.java
new file mode 100644
index 0000000..2141ea9
--- /dev/null
+++ b/src/com/fr/plugin/LastloginFilter.java
@@ -0,0 +1,647 @@
+package com.fr.plugin;
+
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.controller.CustomRoleController;
+import com.fr.decision.authority.controller.DepartmentController;
+import com.fr.decision.authority.controller.PostController;
+import com.fr.decision.authority.controller.UserController;
+import com.fr.decision.authority.data.CustomRole;
+import com.fr.decision.authority.data.Department;
+import com.fr.decision.authority.data.Post;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.impl.user.type.UserProductType;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.general.ComparatorUtils;
+import com.fr.general.IOUtils;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONArray;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.plugin.util.LogUtils;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.*;
+import java.net.URLDecoder;
+import java.util.*;
+
+@FunctionRecorder(localeKey = "fr2")
+public class LastloginFilter extends AbstractGlobalRequestFilterProvider {
+ @Override
+ public String filterName() {
+ return "lastLogin";
+ }
+
+ @Override
+ public String[] urlPatterns() {
+ return new String[]{
+ "/oookkkk"
+ };
+ }
+
+ @Override
+ public void init(FilterConfig filterConfig) {
+ FilterMeConfig.getInstance();
+ super.init(filterConfig);
+ }
+
+ @Override
+ public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
+ String uri = request.getRequestURI();
+ String ip = com.fr.plugin.IpUtils.getIp(request);
+ String header = request.getHeader("X-Context");
+// try {
+// FineLoggerFactory.getLogger().info("Context:{}", URLDecoder.decode(header, "utf-8"));
+// } catch (UnsupportedEncodingException e) {
+// e.printStackTrace();
+// }
+// printCookies(request);
+// FineLoggerFactory.getLogger().info("请求url:{}", WebUtils.getOriginalURL(request));
+ if (isRemoteDesignRequest(request) || isResourceFileRequest(request)) {
+ try {
+ filterChain.doFilter(request, httpServletResponse);
+ } catch (IOException e) {
+ printException2FrLog(e);
+ } catch (ServletException e) {
+ printException2FrLog(e);
+ }
+ return;
+ }
+
+ if (!ipblackCheck(ip)) {
+ writerOurError(httpServletResponse);
+ return;
+ }
+
+ if (request.getMethod().equalsIgnoreCase("GET")) {
+
+ if (StringUtils.isNotBlank(header)) {
+ XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
+// wrapper.getParameterMap();
+// String a = wrapper.getParameter("a");
+// wrapper.getParameterNames();
+// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
+ if (isLogin(wrapper)) {
+// String usrNm = wrapper.getParameter("usrNm");
+ //从2021-01-29开始的需求, SLN-6585开始修改用户名使用userNo代替
+ String usrNo = wrapper.getParameter("usrNo");
+ String instNo = wrapper.getParameter("instNo");
+ String realUserName = usrNo + "_" + instNo;
+// FineLoggerFactory.getLogger().info("登录信息:{}", realUserName);
+ User logindUser = null;
+ try {
+ logindUser = UserService.getInstance().getUserByRequestCookie(request);
+ UserService instance = UserService.getInstance();
+// FineLoggerFactory.getLogger().info("当前登录的用户名称:{}", logindUser.getUserName());
+ //如果登录过并且不是管理员就判断是否是同一个用户
+ if (!instance.isAdmin(logindUser.getId())) {
+ //如果登录的用户和content的中不一致则切换登录用户
+ if (!ComparatorUtils.equals(logindUser.getUserName(), realUserName)) {
+ FineLoggerFactory.getLogger().info("当前登录的用户和xcontent的不一致,切换用户为:{}", realUserName);
+ tokenLogin(request, httpServletResponse);
+ } else {
+ //如果一致则判断角色是否变化
+ try {
+ FineLoggerFactory.getLogger().info("当前用户已经登录,进行权限适配:{}", realUserName);
+ dealCustomRole(wrapper, logindUser.getId());
+ } catch (Exception e) {
+ printException2FrLog(e);
+ }
+ }
+ }
+ } catch (Exception e) {
+ printException2FrLog(e);
+ }
+ } else {
+ FineLoggerFactory.getLogger().info("xc1当前未登录开始登录");
+ tokenLogin(request, httpServletResponse);
+ }
+ try {
+ filterChain.doFilter(wrapper, httpServletResponse);
+ } catch (IOException e) {
+ printException2FrLog(e);
+ } catch (ServletException e) {
+ printException2FrLog(e);
+ }
+ return;
+ }
+ }
+ try {
+ filterChain.doFilter(request, httpServletResponse);
+ } catch (IOException e) {
+ printException2FrLog(e);
+ } catch (ServletException e) {
+ printException2FrLog(e);
+ }
+ }
+
+// private void printCookies(HttpServletRequest request) {
+// Cookie[] cookies = request.getCookies();
+// if (null != cookies) {
+// for (Cookie cookie : cookies) {
+// FineLoggerFactory.getLogger().info("收到的cookies name {} value:{}", cookie.getName(), cookie.getValue());
+// }
+// }
+// }
+
+ /**
+ * 判断是否是远程设计请求
+ */
+ private boolean isRemoteDesignRequest(HttpServletRequest request) {
+ String pathInfo = request.getPathInfo();
+ return StringUtils.isNotEmpty(pathInfo) && pathInfo.startsWith("/remote/design");
+ }
+
+
+ private void adminLogin(HttpServletRequest request) {
+
+ }
+
+ /**
+ * 判断是否是资源文件请求
+ */
+ private boolean isResourceFileRequest(HttpServletRequest request) {
+ String pathInfo = request.getPathInfo();
+ if (StringUtils.isEmpty(pathInfo)) {
+ return false;
+ }
+
+ return pathInfo.startsWith("/resources") || pathInfo.startsWith("/file");
+ }
+
+ public static void printException2FrLog(Throwable e) {
+ StringWriter writer = new StringWriter();
+ e.printStackTrace(new PrintWriter(writer));
+ String s = writer.toString();
+ FineLoggerFactory.getLogger().error("错误:{}", s);
+ }
+
+ private void sendRedirect(HttpServletResponse res, String url) {
+ res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+ res.setHeader("Location", url);
+ }
+
+
+ private static void login(HttpServletRequest req, HttpServletResponse res, String username) {
+ HttpSession session = req.getSession(true);
+ String token = null;
+ try {
+ token = LoginService.getInstance().login(req, res, username);
+ req.setAttribute("fine_auth_token", token);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().error(e.getMessage(), e);
+ FineLoggerFactory.getLogger().error("login failed");
+ }
+ FineLoggerFactory.getLogger().error("login success");
+ }
+
+ private boolean ipblackCheck(String ip) {
+ String[] blackIps = new String[]{};
+ try {
+ InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
+ if (inputStream != null) {
+ String lines = IOUtils.inputStream2String(inputStream);
+ blackIps = lines.split("\n");
+ }
+ } catch (IOException e) {
+ LogUtils.error(e.getMessage(), e);
+ }
+ if ("0:0:0:0:0:0:0:1".equals(ip)) {
+// LogUtils.info("IP 地址为服务器本机 IPv6 地址: {},直接放行。", ip);
+ return true;
+ }
+ if ("127.0.0.1".equals(ip)) {
+// LogUtils.info("IP 地址为服务器本机 IPv4 地址: {},直接放行。", ip);
+ return true;
+ }
+ for (String blackIp : blackIps) {
+ if (!blackIp.contains("-")) {
+ if (ip.equals(blackIp)) {
+ return true;
+ }
+ } else {
+ String trim = blackIp.trim();
+ String[] split = trim.split("-");
+ if (split.length > 1) {
+ if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ private void writerOurError(HttpServletResponse httpServletResponse) {
+ try {
+ WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ private boolean isLogin(HttpServletRequest req) {
+ return LoginService.getInstance().isLogged(req);
+ }
+
+// public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
+// String uri = request.getRequestURI();
+// String ip = IpUtils.getIp(request);
+// if (!ipblackCheck(ip)) {
+// writerOurError(httpServletResponse);
+// return;
+// }
+// if (request.getMethod().equalsIgnoreCase("GET")) {
+// String header = request.getHeader("X-Context");
+// if (StringUtils.isNotBlank(header)) {
+// XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
+//// String a = wrapper.getParameter("a");
+//// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
+// if (isLogin(wrapper)) {
+// String usrNm = wrapper.getParameter("usrNm");
+// String userNameFromRequest = LoginService.getInstance().getUserNameFromRequestCookie(request);
+// //如果登录的用户和content的中不一致则切换登录用户
+// if (!ComparatorUtils.equals(userNameFromRequest, usrNm)) {
+// tokenLogin(request, httpServletResponse);
+// }
+// } else {
+// tokenLogin(request, httpServletResponse);
+// return;
+// }
+//
+// String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
+// String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
+// if (loginUrl.equals(uri)) {
+// String manualOut = request.getParameter("manual");
+// if (!ComparatorUtils.equals(manualOut, "true")) {
+//// String header = request.getHeader("X-Context");
+// if (StringUtils.isNotBlank(header) && !isLogin(request)) {
+// tokenLogin(request, httpServletResponse);
+// sendRedirect(httpServletResponse, home);
+// }
+// }
+// }
+// }
+// }
+// return;
+// }
+
+ public static void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
+ String header = req.getHeader("X-Context");
+ try {
+ header = URLDecoder.decode(header, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ FineLoggerFactory.getLogger().info("xf拦截器捕获一个请求 x-content :{}", header);
+ JSONObject entries = new JSONObject(header);
+ JSONArray rlNoList = entries.getJSONArray("rlNoList");
+ int size = rlNoList.size();
+ List adminFlags = getAdminFlagsRolList();
+ boolean isAdmin = false;
+ for (int i = 0; i < size; i++) {
+ String adminPost = rlNoList.getString(i);
+ if (isAdminFlags(adminPost, adminFlags)) {
+ FineLoggerFactory.getLogger().info("本次使用rlNoList管理员登录 ");
+ isAdmin = true;
+ break;
+ }
+ }
+ List adminFlagsNmList = getAdminFlagsNmList();
+ String usrNm = entries.getString("usrNm");
+ for (String adminName : adminFlagsNmList) {
+ if(StringUtils.equals(adminName,usrNm)){
+ FineLoggerFactory.getLogger().info("本次使用usrNm管理员登录 ");
+ isAdmin=true;
+ break;
+ }
+ }
+ if (isAdmin) {
+ FineLoggerFactory.getLogger().info("本次为管理员登录 ");
+ login(req, res, "admin");
+ return;
+ }
+// String usrNm = entries.getString("usrNm");
+ //从 SLN-6585开始usrNm更新成userNo
+ //如果usrNo的用户名存在则把这个用户的userName改成realUserName
+ String usrNo = entries.getString("usrNo");
+ String instNo = entries.getString("instNo");//部门id
+ String realUserName = usrNo + "_" + instNo;//更改后的用户名
+ String fullName = entries.getString("fullName");
+ String alias = fullName + "(" + realUserName + ")";
+ try {
+ User user = UserService.getInstance().getUserByUserName(usrNo);
+ UserController userController = AuthorityContext.getInstance().getUserController();
+ if (user == null) {
+ //如果usrNo的用户不存在则检查realUserName的用户是否存在
+ user = UserService.getInstance().getUserByUserName(realUserName);
+ if (user == null) {
+// FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
+ PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+ user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
+ .creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
+ userController.add(user);
+ }
+ }
+// FineLoggerFactory.getLogger().info(" 拦截的用户更新:{}", fullName);
+ user.setRealName(fullName);
+ user.setUserName(realUserName);
+ try {
+ userController.update(user);
+ } catch (Exception e) {
+ }
+ String userId = user.getId();
+ dealCustomRole(req, userId);
+ //在判断本地的角色是不是远程没有了,要移除掉
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+
+ List roles = customRoleController.findByUser(userId, QueryFactory.create());
+ List designFlags = getDesignFlags();
+ boolean isDesignUser = false;
+ if (!designFlags.isEmpty()) {
+ for (CustomRole role : roles) {
+ String name = role.getName();
+ //如果是有
+ if (isAdminFlags(name, designFlags)) {
+ isDesignUser = true;
+ break;
+ }
+ }
+ }
+ try {
+ UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
+ if (isDesignUser) {
+// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
+ userController.addUserProductType(userId, userProductType.transProductKey());
+ } else {
+// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
+ userController.removeUserProductType(userId, userProductType.transProductKey());
+ }
+ } catch (Exception e) {
+// FineLoggerFactory.getLogger().error("数据处理配置出错:{}", e);
+ }
+// if (isAdmin) {
+// FineLoggerFactory.getLogger().info("本次为管理员登录 ");
+// login(req, res, "admin");
+// } else {
+// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
+// login(req, res, usrNm);
+// }
+// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", realUserName);
+ login(req, res, realUserName);
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ private static void dealCustomRole(HttpServletRequest req, String userId) throws Exception {
+ UserController userController = AuthorityContext.getInstance().getUserController();
+ Boolean needflush = FilterMeConfig.getInstance().getNeedflush();
+ String header = req.getHeader("X-Context");
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+ try {
+ header = URLDecoder.decode(header, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ FineLoggerFactory.getLogger().info("开始同步角色信息x-content :{}", header);
+ JSONObject entries = new JSONObject(header);
+ List remoteRoles = new ArrayList<>();
+ String pstNo = entries.getString("pstNo");//角色id
+ String pstNm = entries.getString("pstNm");//角色名称
+ String realRoleName = pstNm + "(" + pstNo + ")";
+ remoteRoles.add(pstNo);
+ try {
+ //先判断传过来的的角色是不是本地都有,没有要加上
+ List controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
+ if (!controllerOne.isEmpty()) {
+ try {
+// FineLoggerFactory.getLogger().info("传送过来的角色已存在开始更新,添加关联用户:{}", pstNo, userId);
+ CustomRole customRole = controllerOne.get(0);
+ customRole.setName(realRoleName);
+ customRole.setAlias(pstNo);
+ customRole.setEnable(true);
+ customRole.setDescription("通过xcontent添加");
+ customRoleController.update(customRole);
+ } catch (Exception e) {
+ }
+ } else {
+// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", pstNo);
+ CustomRole addRole = new CustomRole();
+ addRole.setId(pstNo);
+ addRole.setName(realRoleName);
+ addRole.setAlias(pstNo);
+ addRole.setEnable(true);
+ addRole.setDescription("通过xcontent添加");
+ try {
+ customRoleController.add(addRole);
+ } catch (Exception e) {
+ }
+ }
+ //在判断本地的角色是不是远程没有了,要移除掉
+ if(needflush){
+ List roles = customRoleController.findByUser(userId, QueryFactory.create());
+ for (CustomRole customRole : roles) {
+ if ("superusers".equals((customRole.getName()))) {
+ continue;
+ }
+ userController.removeUserFromCustomRole(userId, customRole.getId());
+ }
+ }
+
+ try {
+ userController.addUserToCustomRole(userId, pstNo);
+// FineLoggerFactory.getLogger().info("添加{} 到新角色:{}", userId, pstNo);
+ } catch (Exception e) {
+
+ }
+
+
+ DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
+ //移除原来的部门
+ if(needflush){
+ List departmentList = departmentController.findByUser(userId, QueryFactory.create());
+ for (Department department : departmentList) {
+ userController.removeUserFromDepartment(userId, department.getId());
+ }
+ }
+ String instNm = entries.getString("instNm");
+ String instNo = entries.getString("instNo");//部门id
+ Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
+ if (department == null) {
+ department = new Department();
+ department.setName(instNm + "(" + instNo + ")");
+ department.setId(instNo);
+ department.setEnable(true);
+ department.description("通过x-content创建");
+ departmentController.add(department);
+// FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
+ } else {
+// department.setName(instNm + "(" + instNo + ")");
+// department.setEnable(true);
+// departmentController.update(department);
+// FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
+ }
+
+ PostController postController = AuthorityContext.getInstance().getPostController();
+ List byUser = postController.findByUser(userId, QueryFactory.create());
+ //移除原来职位
+ if(needflush){
+ for (Post post : byUser) {
+ List byPost = departmentController.findByPost(post.getId(), QueryFactory.create());
+ for (Department department1 : byPost) {
+// FineLoggerFactory.getLogger().info("---->>>>移除用户职位 职位id {} 部门id{}", post.getId(), department1.getId());
+ try {
+ userController.removeUserFromDepartmentAndPost(userId, department1.getId(), post.getId());
+// FineLoggerFactory.getLogger().info("^^^^^^移除用户职位成功 职位id {} 部门id{}", post.getId(), department1.getId());
+ } catch (Exception e) {
+// FineLoggerFactory.getLogger().info("vvvvvv移除用户职位失败 职位id {} 部门id{}", post.getId(), department1.getId());
+ }
+ }
+ }
+ }
+
+ Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
+ if (post == null) {
+ post = new Post();
+ post.setId(pstNo);
+ post.setName(pstNm + "(" + pstNo + ")");
+ post.setEnable(true);
+ postController.add(post);
+// FineLoggerFactory.getLogger().info("新增职位,post: {}: name {}", post.getId(), post.getName());
+ } else {
+// post.setName(pstNm + "(" + pstNo + ")");
+// post.setEnable(true);
+// postController.update(post);
+// FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
+ }
+ try {
+// FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
+ postController.addPostToDepartment(pstNo, instNo);
+ } catch (Exception e) {
+ }
+ try {
+// FineLoggerFactory.getLogger().info("添加用户到职位 到部门,post: {}: dep {},userId:{} ", pstNo, instNo, realRoleName);
+ userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
+ } catch (Exception e) {
+ }
+ } catch (Exception e) {
+ printException2FrLog(e);
+ }
+ }
+
+ private static boolean isAdminFlags(String flag, List flags) {
+ return flags.contains(flag);
+ }
+
+ private static List getAdminFlagsRolList() {
+ String adminFlags = FilterMeConfig.getInstance().getAdminFlags();
+ FineLoggerFactory.getLogger().info("本地role管理员角色获取:{}", adminFlags);
+ if (StringUtils.isNotBlank(adminFlags)) {
+ String[] split = adminFlags.split(";");
+ return Arrays.asList(split);
+ }
+ return Collections.emptyList();
+ }
+ private static List getAdminFlagsNmList() {
+ String adminFlags = FilterMeConfig.getInstance().getAdminFlagsNm();
+ FineLoggerFactory.getLogger().info("本地管理员Nm角色获取:{}", adminFlags);
+ if (StringUtils.isNotBlank(adminFlags)) {
+ String[] split = adminFlags.split(";");
+ return Arrays.asList(split);
+ }
+ return Collections.emptyList();
+ }
+
+ private static List getDesignFlags() {
+ String adminFlags = FilterMeConfig.getInstance().getDesignFlags();
+ FineLoggerFactory.getLogger().info("本地设计角色获取:{}", adminFlags);
+ if (StringUtils.isNotBlank(adminFlags)) {
+ String[] split = adminFlags.split(";");
+ return Arrays.asList(split);
+ }
+ return Collections.emptyList();
+ }
+
+ private String getUrl(HttpServletRequest request) {
+ String url = "/";
+ try {
+ url = "http://" + request.getServerName()//服务器地址
+ + ":"
+ + request.getServerPort() + request.getRequestURI();
+ Enumeration parameterNames = request.getParameterNames();
+ Map reqParams = new HashMap<>();
+ while (parameterNames.hasMoreElements()) {
+ String key = parameterNames.nextElement();
+ reqParams.put(key, request.getParameter(key));
+ }
+ Map parmas = header2url(request);
+ reqParams.putAll(parmas);
+ String header2url = map2String(reqParams);
+// FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
+ if (url.contains("?")) {
+ url += header2url;
+ } else {
+ url += "?a=1" + header2url;
+ }
+
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ url += "&sendTwo=true";
+ return url;
+ }
+
+
+ private Map header2url(HttpServletRequest request) {
+ Map params = new HashMap<>();
+ String context = request.getHeader("X-Context");
+ if (StringUtils.isNotBlank(context)) {
+ try {
+ context = URLDecoder.decode(context, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ JSONObject jsonObject = new JSONObject(context);
+ String userNo = jsonObject.getString("usrNo");
+ String userNm = jsonObject.getString("usrNm");
+ String pstNo = jsonObject.getString("pstNo");
+ String instNo = jsonObject.getString("instNo");
+ String accInstNo = jsonObject.getString("accInstNo");
+ String admnInstNo = jsonObject.getString("admnInstNo");
+ params.put("usrNo", userNo);
+ params.put("usrNm", userNm);
+ params.put("pstNo", pstNo);
+ params.put("instNo", instNo);
+ params.put("accInstNo", accInstNo);
+ params.put("admnInstNo", admnInstNo);
+ }
+ params.put("sendTwo", "true");
+ return params;
+ }
+
+ private String map2String(Map params) {
+ StringBuffer buffer = new StringBuffer();
+ Set strings = params.keySet();
+ for (String key : strings) {
+ buffer.append("&").append(key).append("=").append(params.get(key));
+ }
+ return buffer.toString();
+ }
+
+}
diff --git a/src/com/fr/plugin/LoginFilter.java b/src/com/fr/plugin/LoginFilter.java
new file mode 100644
index 0000000..b6d09ae
--- /dev/null
+++ b/src/com/fr/plugin/LoginFilter.java
@@ -0,0 +1,150 @@
+package com.fr.plugin;
+
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.controller.CustomRoleController;
+import com.fr.decision.authority.controller.UserController;
+import com.fr.decision.authority.data.CustomRole;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONArray;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.*;
+
+/**
+ * 废弃
+ */
+public class LoginFilter extends AbstractEmbedRequestFilterProvider {
+
+ private boolean isLogin(HttpServletRequest req){
+ return LoginService.getInstance().isLogged(req);
+ }
+ @Override
+ public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
+ String header = req.getHeader("X-Context");
+ if (StringUtils.isNotBlank(header) && !isLogin(req)) {
+ try {
+ header = URLDecoder.decode(header, "UTF-8");
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
+ JSONObject entries = new JSONObject(header);
+ String usrNm = entries.getString("usrNm");
+ JSONArray rlNoList = entries.getJSONArray("rlNoList");
+ try {
+ User user = UserService.getInstance().getUserByUserName(usrNm);
+ UserController userController = AuthorityContext.getInstance().getUserController();
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+ if (user == null) {
+ FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
+ PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+ user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
+ .creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
+ userController.add(user);
+ }
+ String userId = user.getId();
+ List roles = customRoleController.findByUser(userId, QueryFactory.create());
+ List localRoles = new ArrayList<>();
+ boolean isAdminRoleFlag = false;
+ List adminFlags = getAdminFlags();
+ for (CustomRole role : roles) {
+ String name = role.getName();
+ localRoles.add(name);
+ if(isAdminFlags(name,adminFlags)){
+ isAdminRoleFlag = true;
+ }
+ }
+ List remoteRoles = new ArrayList<>();
+ try {
+ int size = rlNoList.size();
+ for (int i = 0; i < size; i++) {
+ String name = rlNoList.getString(i);
+ remoteRoles.add(name);
+ }
+ //先判断传过来的的角色是不是本地都有,没有要加上
+ for (String role : remoteRoles) {
+ if (!localRoles.contains(role)) {
+ userController.addUserToCustomRole(userId, role);
+ }
+ }
+ //在判断本地的角色是不是远程没有了,要移除掉
+ for (String localRole : localRoles) {
+ if (!remoteRoles.contains(localRole)) {
+ userController.removeUserFromCustomRole(userId, localRole);
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ //如果是管理员标志就直接登录admin账号
+ if(isAdminRoleFlag){
+ login(req, res, "admin");
+ }else {
+ login(req, res, usrNm);
+ }
+ String home = req.getContextPath() + req.getServletPath();
+ sendRedirect(res, home);
+ return;
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+ return;
+ }
+
+ private static boolean isAdminFlags(String flag,List flags){
+ return flags.contains(flag);
+ }
+ private List getAdminFlags() {
+ InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
+ if (inputStream != null) {
+ Properties properties = new Properties();
+ try {
+ properties.load(inputStream);
+ String adminflag = properties.getProperty("adminflag");
+ if (StringUtils.isNotBlank(adminflag)) {
+ String[] split = adminflag.split(",");
+ return Arrays.asList(split);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ return Collections.emptyList();
+ }
+
+ private void sendRedirect(HttpServletResponse res, String url) {
+ res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+ res.setHeader("Location", url);
+ }
+
+ private void login(HttpServletRequest req, HttpServletResponse res, String username) {
+ String token = null;
+ try {
+ token = LoginService.getInstance().login(req, res, username);
+ req.setAttribute("fine_auth_token", token);
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().error(e.getMessage(), e);
+ FineLoggerFactory.getLogger().error("login failed");
+ }
+ FineLoggerFactory.getLogger().error("login success");
+ }
+}
diff --git a/src/com/fr/plugin/LoginOutEventProvider.java b/src/com/fr/plugin/LoginOutEventProvider.java
new file mode 100644
index 0000000..935a957
--- /dev/null
+++ b/src/com/fr/plugin/LoginOutEventProvider.java
@@ -0,0 +1,25 @@
+package com.fr.plugin;
+
+import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.v10.user.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+public class LoginOutEventProvider extends AbstractLogInOutEventProvider {
+
+ @Override
+ public String logoutAction(LogInOutResultInfo result) {
+ HttpServletRequest request = result.getRequest();
+
+ HttpSession session = request.getSession();
+ if (session != null) {
+ session.removeAttribute("fine_auth_token");
+ }
+ String servletPath = request.getServletPath();
+ String contextPath = request.getContextPath();
+ String url = contextPath + servletPath + "/login?manual=true";
+ return url;
+ }
+}
diff --git a/src/com/fr/plugin/PostionImportgHander.java b/src/com/fr/plugin/PostionImportgHander.java
new file mode 100644
index 0000000..afbab61
--- /dev/null
+++ b/src/com/fr/plugin/PostionImportgHander.java
@@ -0,0 +1,139 @@
+package com.fr.plugin;
+
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.controller.CustomRoleController;
+import com.fr.decision.authority.controller.DepartmentController;
+import com.fr.decision.authority.controller.PostController;
+import com.fr.decision.authority.data.CustomRole;
+import com.fr.decision.authority.data.Department;
+import com.fr.decision.authority.data.Post;
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.third.org.apache.commons.io.IOUtils;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+import com.fr.web.utils.WebUtils;
+import org.json.JSONArray;
+import org.json.JSONObject;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class PostionImportgHander extends BaseHttpHandler {
+ @Override
+ public RequestMethod getMethod() {
+ return RequestMethod.POST;
+ }
+
+ @Override
+ public String getPath() {
+ return "/depAndPosImport";
+ }
+
+ @Override
+ public boolean isPublic() {
+ return true;
+ }
+
+ @Override
+ public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
+// 传入的json格式
+ /**
+ * [
+ * {
+ * "fInstNo": "", //父级id
+ * "instNo": "A01",
+ * "instNm": "部门一",
+ * "pstNo": "X1",
+ * "pstNm": "职务一"
+ * }
+ * ]
+ */
+ String body = IOUtils.toString(req.getReader());
+ FineLoggerFactory.getLogger().info("批量添加部门信息接口收到:{}", body);
+ try {
+ JSONArray jsonArray = new JSONArray(body);
+ int length = jsonArray.length();
+ for (int i = 0; i < length; i++) {
+ JSONObject jsonObject = jsonArray.getJSONObject(i);
+ String fInstNo = jsonObject.getString("fInstNo");
+ String instNo = jsonObject.getString("instNo");//部门id
+ String instNm = jsonObject.getString("instNm");//部门名称
+ String pstNo = jsonObject.getString("pstNo");//职务编号
+ String pstNm = jsonObject.getString("pstNm");//职务名
+ saveDep(fInstNo, instNo, instNm);
+ savePosition(instNo, pstNo, pstNm);
+ }
+ } catch (Exception e) {
+ WebUtils.printAsString(res, "json format error");
+ }
+ WebUtils.printAsString(res, "success");
+ }
+
+ private void savePosition(String did, String pid, String name) {
+ PostController postController = AuthorityContext.getInstance().getPostController();
+ Post post;
+ try {
+ post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
+ if (post == null) {
+ post = new Post();
+ post.setId(pid);
+ post.setName(name + "(" + pid + ")");
+ post.setEnable(true);
+ postController.add(post);
+ FineLoggerFactory.getLogger().info("从接口新增职位,post: {}: name {}", post.getId(), post.getName());
+ } else {
+ post.setName(name + "(" + pid + ")");
+ post.setEnable(true);
+ postController.update(post);
+ FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
+ }
+ postController.addPostToDepartment(pid, did);
+
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+ CustomRole customRole = customRoleController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
+ if (customRole == null) {
+ customRole = new CustomRole();
+ customRole.id(pid).name(name + "(" + pid + ")").enable(true);
+ customRoleController.add(customRole);
+ FineLoggerFactory.getLogger().info("从接口新增角色,id: {}: name {}", customRole.getId(), customRole.getName());
+ } else {
+ customRole.name(name + "(" + pid + ")").enable(true);
+ customRoleController.update(customRole);
+ FineLoggerFactory.getLogger().info("已存在角色,id: {}: name {}", customRole.getId(), customRole.getName());
+ }
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().info("添加职位异常: 职位id :{} 部门id:{}: name {}", pid, did, name);
+ }
+ }
+
+ private void saveDep(String pid, String id, String name) {
+ try {
+ DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
+ Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", id)));
+ if (StringUtils.isBlank(pid)) {
+ pid = null;
+ }
+ if (department == null) {
+ department = new Department();
+ department.setName(name + "(" + id + ")");
+ department.setId(id);
+ department.setParentId(pid);
+ department.setEnable(true);
+ department.description("通过x-content创建");
+ departmentController.add(department);
+ FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
+ } else {
+ department.setName(name + "(" + id + ")");
+ department.setParentId(pid);
+ department.setEnable(true);
+ departmentController.update(department);
+ FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
+ }
+ } catch (Exception e) {
+ FineLoggerFactory.getLogger().error("添加部门:{} 异常", id, e);
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/com/fr/plugin/RemoteFilter.java b/src/com/fr/plugin/RemoteFilter.java
new file mode 100644
index 0000000..a5289e1
--- /dev/null
+++ b/src/com/fr/plugin/RemoteFilter.java
@@ -0,0 +1,348 @@
+package com.fr.plugin;
+
+import com.fr.data.NetworkHelper;
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.controller.CustomRoleController;
+import com.fr.decision.authority.controller.DepartmentController;
+import com.fr.decision.authority.controller.PostController;
+import com.fr.decision.authority.controller.UserController;
+import com.fr.decision.authority.data.CustomRole;
+import com.fr.decision.authority.data.Department;
+import com.fr.decision.authority.data.Post;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.Response;
+import com.fr.decision.webservice.impl.user.type.UserProductType;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.exception.RemoteDesignPermissionDeniedException;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONArray;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.security.JwtUtils;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.web.service.RemoteDesignAuthorityDataService;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.util.*;
+
+public class RemoteFilter extends AbstractEmbedRequestFilterProvider {
+
+ @Override
+ public void init(FilterConfig filterConfig) {
+ FineLoggerFactory.getLogger().info("RemoteFilter 拦截器启动");
+ FilterMeConfig instance = FilterMeConfig.getInstance();
+ }
+
+ @Override
+ public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
+ String uri = request.getRequestURI();
+ if (uri != null && uri.contains("remote/design/token") && request.getMethod().equalsIgnoreCase("GET")) {
+ FineLoggerFactory.getLogger().info("拦截器捕获一个请求,design/token {}", uri);
+ String username = NetworkHelper.getHTTPRequestParameter(request, "username");
+ String password = NetworkHelper.getHTTPRequestParameter(request, "password");
+ try {
+ FineLoggerFactory.getLogger().info("登录的用户名{} 密码:{}", username, password);
+ JSONObject apilogin = apilogin(username, password);
+ if (apilogin != null) {
+ String remoteToken = tokenLogin(apilogin);
+ FineLoggerFactory.getLogger().info("响应的token: {} ", remoteToken);
+ if (StringUtils.isNotBlank(remoteToken)) {
+ WebUtils.printAsString(httpServletResponse, com.fr.plugin.JSONUtils.serialize(Response.ok(remoteToken)));
+ return;
+ }
+ FineLoggerFactory.getLogger().info("登录异常{}", remoteToken);
+ } else {
+ renderError(httpServletResponse, "21300007", "User password error!");
+ }
+ } catch (Exception e) {
+ printException2Frlog(e);
+ if (e instanceof RemoteDesignPermissionDeniedException) {
+ renderError(httpServletResponse, "31300101", "Fine-Engine_Remote_Design_Permission_Denied");
+ }
+ }
+ }
+ return;
+ }
+
+ private List getAdminFlags() {
+ InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
+ if (inputStream != null) {
+ Properties properties = new Properties();
+ try {
+ properties.load(inputStream);
+ String adminflag = properties.getProperty("adminflag");
+ if (StringUtils.isNotBlank(adminflag)) {
+ String[] split = adminflag.split(",");
+ return Arrays.asList(split);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ return Collections.emptyList();
+ }
+
+ private static boolean isAdminFlags(String flag, List flags) {
+ return flags.contains(flag);
+ }
+
+ private String tokenLogin(JSONObject jsonObject) {
+ JSONObject entries = jsonObject.getJSONObject("data");
+// String usrNm = entries.getString("usrNm");
+ JSONArray rlNoList = entries.getJSONArray("rlNoList");
+ int size = rlNoList.size();
+ List adminFlags = getAdminFlags();
+ boolean isAdmin = false;
+ for (int i = 0; i < size; i++) {
+ String adminPost = rlNoList.getString(i);
+ if (isAdminFlags(adminPost, adminFlags)) {
+ isAdmin = true;
+ break;
+ }
+ }
+ if (isAdmin) {
+ FineLoggerFactory.getLogger().info("remote 本次为管理员登录 ");
+ try {
+ return getRemoteToken("admin");
+ } catch (Exception e) {
+ printException2Frlog(e);
+ }
+ }
+ String usrNo = entries.getString("usrNo");
+ String instNo = entries.getString("instNo");//部门id
+ String realUserName = usrNo + "_" + instNo;//更改后的用户名
+ String fullName = entries.getString("fullName");
+ String alias = fullName + "(" + realUserName + ")";
+ try {
+ User user = UserService.getInstance().getUserByUserName(realUserName);
+ UserController userController = AuthorityContext.getInstance().getUserController();
+ CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
+ if (user == null) {
+ FineLoggerFactory.getLogger().info("设计器拦截 拦截器新增一个用户 :{}", usrNo);
+ //如果usrNo的用户不存在则检查realUserName的用户是否存在
+ user = UserService.getInstance().getUserByUserName(realUserName);
+ if (user == null) {
+ FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
+ PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+ user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
+ .creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
+ userController.add(user);
+ }
+ }
+
+ String userId = user.getId();
+// List adminFlags = getAdminFlags();
+ FineLoggerFactory.getLogger().info(" 设计器拦截 当前的管理员标识符 :{}", adminFlags);
+ List remoteRoles = new ArrayList<>();
+ String pstNo = entries.getString("pstNo");//角色id
+ String pstNm = entries.getString("pstNm");//角色名称
+ String realRoleName = pstNm + "(" + pstNo + ")";
+ remoteRoles.add(pstNo);
+
+ //先判断传过来的的角色是不是本地都有,没有要加上
+ List controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", pstNo)));
+ if (!controllerOne.isEmpty()) {
+ try {
+ FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地已存在,添加到用户{} 到角色:{}", userId, pstNo);
+ CustomRole customRole = controllerOne.get(0);
+ customRole.setName(realRoleName);
+ customRole.setAlias(pstNo);
+ customRole.setEnable(true);
+ customRole.setDescription("通过xcontent添加");
+ customRoleController.update(customRole);
+ userController.addUserToCustomRole(userId, customRole.getId());
+ } catch (Exception e) {
+ }
+ } else {
+ FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地不存在,添加到本地:{}", pstNo);
+ CustomRole addRole = new CustomRole();
+ addRole.setId(pstNo);
+ addRole.setName(realRoleName);
+ addRole.setAlias(pstNo);
+ addRole.setEnable(true);
+ addRole.setDescription("通过xcontent添加");
+ try {
+ customRoleController.add(addRole);
+ userController.addUserToCustomRole(userId, addRole.getId());
+ } catch (Exception e) {
+ }
+ }
+ //在判断本地的角色是不是远程没有了,要移除掉
+ List roles = customRoleController.findByUser(userId, QueryFactory.create());
+
+ for (CustomRole customRole : roles) {
+ if (!remoteRoles.contains(customRole.getId())) {
+ if ("superusers".equals((customRole.getName()))) {
+ continue;
+ }
+ FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
+ userController.removeUserFromCustomRole(userId, customRole.getId());
+ }
+ }
+
+ DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
+ //移除原来的部门
+ List departmentList = departmentController.findByUser(userId, QueryFactory.create());
+ for (Department department : departmentList) {
+ userController.removeUserFromDepartment(userId, department.getId());
+ }
+ String instNm = entries.getString("instNm");
+ Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
+ if (department == null) {
+ FineLoggerFactory.getLogger().info("添加 部门,dep: {}: name {}", instNo, instNo, instNm + "(" + pstNo + "" + ")");
+ department = new Department();
+ department.setName(instNm + "(" + pstNo + ")");
+ department.setId(instNo);
+ department.setEnable(true);
+ department.description("通过x-content创建");
+ departmentController.add(department);
+ } else {
+ department.setName(instNm + "(" + pstNo + ")");
+ department.setParentId(null);
+ department.setEnable(true);
+ departmentController.update(department);
+ FineLoggerFactory.getLogger().info("设计器节点 已存在部门,dep: {}: name {}", department.getId(), department.getName());
+ }
+
+ PostController postController = AuthorityContext.getInstance().getPostController();
+ List byUser = postController.findByUser(userId, QueryFactory.create());
+ //移除原来职位
+ for (Post post : byUser) {
+ userController.removeUserFromPost(userId, post.getId());
+ }
+ Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
+ if (post == null) {
+ post = new Post();
+ post.setId(pstNo);
+ post.setName(pstNm + "(" + pstNo + ")");
+ post.setEnable(true);
+ postController.add(post);
+ } else {
+ post.setName(pstNm + "(" + pstNo + ")");
+ post.setEnable(true);
+ postController.update(post);
+ }
+ try {
+ FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
+ postController.addPostToDepartment(pstNo, instNo);
+ } catch (Exception e) {
+ }
+ try {
+ FineLoggerFactory.getLogger().info("添加用户到部门,post: {}: dep {} ,userId:{}", pstNo, instNo, userId);
+ userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
+ } catch (Exception e) {
+ }
+
+ boolean isDesignUser = false;
+ List designFlags = getDesignFlags();
+ if (!designFlags.isEmpty()) {
+ for (CustomRole role : roles) {
+ String name = role.getName();
+ //如果是有
+ if (isAdminFlags(name, designFlags)) {
+ isDesignUser = true;
+ break;
+ }
+ }
+ }
+ try {
+ UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
+ if (isDesignUser) {
+ userController.addUserProductType(userId, userProductType.transProductKey());
+ } else {
+ userController.removeUserProductType(userId, userProductType.transProductKey());
+ }
+ } catch (Exception e) {
+ }
+// if (isAdmin) {
+// FineLoggerFactory.getLogger().info("设计器拦截 本次为管理员登录");
+// return getRemoteToken("admin");
+// } else {
+ FineLoggerFactory.getLogger().info("设计器拦截 本次为普通用户登录:{}", realUserName);
+ return getRemoteToken(realUserName);
+// }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return "";
+ }
+
+ private static List getDesignFlags() {
+ String adminFlags = FilterMeConfig.getInstance().getDesignFlags();
+ FineLoggerFactory.getLogger().info("remote本地设计角色获取:{}", adminFlags);
+ if (StringUtils.isNotBlank(adminFlags)) {
+ String[] split = adminFlags.split(";");
+ return Arrays.asList(split);
+ }
+ return Collections.emptyList();
+ }
+
+ private void renderError(HttpServletResponse httpServletResponse, String code, String msg) {
+ try {
+ WebUtils.printAsString(httpServletResponse, JSONUtils.serialize(Response.error(code, msg)));
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ private JSONObject apilogin(String username, String pwd) throws Exception {
+ String baseUrl = getBaseUrl();
+ if (StringUtils.isBlank(baseUrl)) {
+ throw new Exception("未配置接口地址");
+ }
+ String api = getBaseUrl() + "check/pwd/finebi";
+ FineLoggerFactory.getLogger().info("remote访问的接口地址为 {}", api);
+ JSONObject parm = new JSONObject();
+ parm.put("userName", username);
+ parm.put("verifyCode", pwd);
+
+ String resp = HttpApi.sendJsonPost(api, parm, "UTF-8");
+ FineLoggerFactory.getLogger().info("接口响应 {}", resp);
+ JSONObject jsonObject = new JSONObject(resp);
+ return jsonObject;
+ }
+
+
+ public String getRemoteToken(String var1) throws Exception {
+ User var4 = UserService.getInstance().getUserByUserName(var1);
+ if (var4 != null && RemoteDesignAuthorityDataService.getInstance().hasAuthority(var4.getId())) {
+ return JwtUtils.createDefaultJWT(var1);
+ } else {
+ throw new RemoteDesignPermissionDeniedException();
+ }
+ }
+
+ private String getBaseUrl() {
+ FilterMeConfig instance = FilterMeConfig.getInstance();
+ String baseUrl = instance.getBaseUrl();
+ if (StringUtils.isNotBlank(baseUrl)) {
+ String[] split = baseUrl.split(";");
+ List strings = Arrays.asList(split);
+ Collections.shuffle(strings);
+ return strings.get(0);
+ }
+ return "";
+ }
+
+ public static void printException2Frlog(Exception e) {
+ StringWriter writer = new StringWriter();
+ e.printStackTrace(new PrintWriter(writer));
+ String s = writer.toString();
+ FineLoggerFactory.getLogger().error("错误:{}", s);
+ }
+
+}
diff --git a/src/com/fr/plugin/RequestWrapper.java b/src/com/fr/plugin/RequestWrapper.java
new file mode 100644
index 0000000..fb596b9
--- /dev/null
+++ b/src/com/fr/plugin/RequestWrapper.java
@@ -0,0 +1,128 @@
+package com.fr.plugin;
+
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.log.FineLoggerProvider;
+
+import javax.servlet.ReadListener;
+import javax.servlet.ServletInputStream;
+import javax.servlet.ServletRequest;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.*;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+
+/**
+ * @author 01
+ * @program wrapper-demo
+ * @description 包装HttpServletRequest,目的是让其输入流可重复读
+ * @create 2018-12-24 20:48
+ * @since 1.0
+ **/
+public class RequestWrapper extends HttpServletRequestWrapper {
+ FineLoggerProvider log = FineLoggerFactory.getLogger();
+ /**
+ * 存储body数据的容器
+ */
+ private byte[] body;
+
+ public RequestWrapper(HttpServletRequest request) {
+ super(request);
+ // 将body数据存储起来
+ String bodyStr = getBodyString(request);
+ body = bodyStr.getBytes(Charset.defaultCharset());
+ }
+
+ public void setBody(byte[] body) {
+ this.body = body;
+ }
+
+ /**
+ * 获取请求Body
+ *
+ * @param request request
+ * @return String
+ */
+ private String getBodyString(final ServletRequest request) {
+ try {
+ return inputStream2String(request.getInputStream());
+ } catch (IOException e) {
+ log.error("", e);
+ throw new RuntimeException(e);
+ }
+ }
+
+ /**
+ * 获取请求Body
+ *
+ * @return String
+ */
+ public String getBodyString() {
+ return new String(this.body, StandardCharsets.UTF_8);
+ }
+
+ /**
+ * 将inputStream里的数据读取出来并转换成字符串
+ *
+ * @param inputStream inputStream
+ * @return String
+ */
+ private String inputStream2String(InputStream inputStream) {
+ StringBuilder sb = new StringBuilder();
+ BufferedReader reader = null;
+
+ try {
+ reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
+ String line;
+ while ((line = reader.readLine()) != null) {
+ sb.append(line);
+ }
+ } catch (IOException e) {
+ log.error("", e);
+ throw new RuntimeException(e);
+ } finally {
+ if (reader != null) {
+ try {
+ reader.close();
+ } catch (IOException e) {
+ log.error("", e);
+ }
+ }
+ }
+
+ return sb.toString();
+ }
+
+ @Override
+ public BufferedReader getReader() throws IOException {
+ return new BufferedReader(new InputStreamReader(getInputStream()));
+ }
+
+ @Override
+ public ServletInputStream getInputStream() throws IOException {
+
+ final ByteArrayInputStream inputStream = new ByteArrayInputStream(body);
+
+ return new ServletInputStream() {
+ @Override
+ public int read() throws IOException {
+ return inputStream.read();
+ }
+
+ @Override
+ public boolean isFinished() {
+ return false;
+ }
+
+ @Override
+ public boolean isReady() {
+ return false;
+ }
+
+ @Override
+ public void setReadListener(ReadListener readListener) {
+ }
+ };
+ }
+}
\ No newline at end of file
diff --git a/src/com/fr/plugin/XContentRequestWrapper.java b/src/com/fr/plugin/XContentRequestWrapper.java
new file mode 100644
index 0000000..76da138
--- /dev/null
+++ b/src/com/fr/plugin/XContentRequestWrapper.java
@@ -0,0 +1,97 @@
+package com.fr.plugin;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.third.jodd.util.collection.ArrayEnumeration;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.*;
+
+public class XContentRequestWrapper extends HttpServletRequestWrapper {
+ JSONObject jsonObject = null;
+
+ public XContentRequestWrapper(HttpServletRequest request) {
+ super(request);
+ String header = request.getHeader("X-Context");
+ String url = WebUtils.getOriginalURL(request);
+ try {
+ if (StringUtils.isNotBlank(header)) {
+ header = URLDecoder.decode(header, "UTF-8");
+ jsonObject = new JSONObject(header);
+ FineLoggerFactory.getLogger().info("当前请求地址:{} \n X-Context :{} ", url, header);
+ } else {
+ FineLoggerFactory.getLogger().info("当前请求地址:{} 未携带 X-Context ", url);
+ }
+ } catch (UnsupportedEncodingException e) {
+ e.printStackTrace();
+ }
+ }
+
+ @Override
+ public String getParameter(String name) {
+ String parameter = super.getParameter(name);
+ if (StringUtils.isBlank(parameter) && jsonObject != null) {
+ return jsonObject.getString(name);
+ }
+ return parameter;
+ }
+
+ @Override
+ public Map getParameterMap() {
+ Map parameterMap = super.getParameterMap();
+ Map stringHashMap = new HashMap<>();
+ if (jsonObject != null) {
+ Iterator keys = jsonObject.keys();
+ while (keys.hasNext()) {
+ String key = keys.next();
+ Object value = jsonObject.getValue(key);
+ if (value != null) {
+ stringHashMap.put(key, new String[]{
+ value.toString()
+ });
+ }
+ }
+ }
+ stringHashMap.putAll(parameterMap);
+ return stringHashMap;
+ }
+
+ @Override
+ public Enumeration getParameterNames() {
+ Enumeration parameterNames = super.getParameterNames();
+ if (jsonObject != null) {
+ Iterator keys = jsonObject.keys();
+ ArrayList arrayList = new ArrayList<>();
+ while (keys.hasNext()) {
+ String next = keys.next();
+ arrayList.add(next);
+ }
+ while (parameterNames.hasMoreElements()) {
+ String s = parameterNames.nextElement();
+ arrayList.add(s);
+ }
+ ArrayEnumeration dayNames = new ArrayEnumeration(arrayList.toArray(new String[0]));
+ return dayNames;
+ }
+ return parameterNames;
+ }
+
+ @Override
+ public String[] getParameterValues(String name) {
+ String[] parameterValues = super.getParameterValues(name);
+ if (parameterValues == null && jsonObject != null) {
+ Object stringObjectMap = jsonObject.getValue(name);
+ if (stringObjectMap != null) {
+ return new String[]{
+ stringObjectMap.toString()
+ };
+ }
+ }
+ return parameterValues;
+ }
+}
diff --git a/src/com/fr/plugin/error.html b/src/com/fr/plugin/error.html
new file mode 100644
index 0000000..f5e45f8
--- /dev/null
+++ b/src/com/fr/plugin/error.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+ 无权访问
+
+
+
+ 用户不在白名单,访问被拒绝,请联系管理员处理
+
+
+
+
\ No newline at end of file
diff --git a/src/com/fr/plugin/util/LogUtils.java b/src/com/fr/plugin/util/LogUtils.java
new file mode 100644
index 0000000..e64cada
--- /dev/null
+++ b/src/com/fr/plugin/util/LogUtils.java
@@ -0,0 +1,90 @@
+package com.fr.plugin.util;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.log.FineLoggerProvider;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.stable.StringUtils;
+
+public final class LogUtils {
+ private static String LOG_PREFIX = "[单点登录] ";
+ private static final String PLUGIN_VERSION;
+
+ private static final FineLoggerProvider LOGGER = FineLoggerFactory.getLogger();
+
+ static {
+ String version = PluginContexts.currentContext().getMarker().getVersion();
+ if (StringUtils.isNotBlank(version)) {
+ PLUGIN_VERSION = "[v" + version + "] ";
+ } else {
+ PLUGIN_VERSION = "[unknown version] ";
+ }
+
+ LOG_PREFIX = LOG_PREFIX + PLUGIN_VERSION;
+ }
+
+ public static void setPrefix(String prefix) {
+ if (prefix != null) {
+ LOG_PREFIX = prefix;
+ }
+ }
+
+ public static boolean isDebugEnabled() {
+ return LOGGER.isDebugEnabled();
+ }
+
+ public static void debug(String s) {
+ LOGGER.debug(LOG_PREFIX + s);
+ }
+
+ public static void debug(String s, Object... objects) {
+ LOGGER.debug(LOG_PREFIX + s, objects);
+ }
+
+ public static void debug(String s, Throwable throwable) {
+ LOGGER.debug(LOG_PREFIX + s, throwable);
+ }
+
+ public static boolean isInfoEnabled() {
+ return LOGGER.isInfoEnabled();
+ }
+
+ public static void info(String s) {
+ LOGGER.info(LOG_PREFIX + s);
+ }
+
+ public static void info(String s, Object... objects) {
+ LOGGER.info(LOG_PREFIX + s, objects);
+ }
+
+ public static void warn(String s) {
+ LOGGER.warn(LOG_PREFIX + s);
+ }
+
+ public static void warn(String s, Object... objects) {
+ LOGGER.warn(LOG_PREFIX + s, objects);
+ }
+
+ public static void warn(String s, Throwable throwable) {
+ LOGGER.warn(LOG_PREFIX + s, throwable);
+ }
+
+ public static void warn(Throwable throwable, String s, Object... objects) {
+ LOGGER.warn(throwable, LOG_PREFIX + s, objects);
+ }
+
+ public static void error(String s) {
+ LOGGER.error(LOG_PREFIX + s);
+ }
+
+ public static void error(String s, Object... objects) {
+ LOGGER.error(LOG_PREFIX + s, objects);
+ }
+
+ public static void error(String s, Throwable throwable) {
+ LOGGER.error(LOG_PREFIX + s, throwable);
+ }
+
+ public static void error(Throwable throwable, String s, Object... objects) {
+ LOGGER.error(throwable, LOG_PREFIX + s, objects);
+ }
+}
diff --git a/src/com/fr/plugin/util/RequestUtils.java b/src/com/fr/plugin/util/RequestUtils.java
new file mode 100644
index 0000000..fc4540a
--- /dev/null
+++ b/src/com/fr/plugin/util/RequestUtils.java
@@ -0,0 +1,26 @@
+package com.fr.plugin.util;
+
+import com.fr.stable.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author Peng
+ */
+public class RequestUtils {
+
+ /**
+ * todo 有待测试
+ * @param request
+ * @return
+ */
+ public static String getFullUrl(HttpServletRequest request) {
+ String url = request.getRequestURI();
+ String queryString = request.getQueryString();
+ if (StringUtils.isNotEmpty(queryString)) {
+ url = url + "?" + queryString;
+ }
+
+ return url;
+ }
+}
diff --git a/src/com/fr/plugin/util/ResponseUtils.java b/src/com/fr/plugin/util/ResponseUtils.java
new file mode 100644
index 0000000..9c8223d
--- /dev/null
+++ b/src/com/fr/plugin/util/ResponseUtils.java
@@ -0,0 +1,35 @@
+package com.fr.plugin.util;
+
+import com.fr.decision.webservice.utils.WebServiceUtils;
+import com.fr.json.JSONObject;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletResponse;
+
+public final class ResponseUtils {
+
+ /**
+ * 打印之前会自动处理 Content-Type
+ */
+ public static void printAsJSON( HttpServletResponse response, JSONObject jsonObject) throws Exception {
+ // todo 这里的 charset 有没有可能是别的呢?
+ response.setContentType("application/json;charset=utf-8");
+ WebUtils.printAsJSON(response, jsonObject);
+ }
+
+ /**
+ * todo
+ *
+ * 参考方法签名:
+ * generateUnavailableWebPage(String result, String reason, String solution)
+ * generateErrorWebPage(String result, String reason, String solution)
+ *
+ */
+ public static void printErrorPage() {
+ // 可参考 ↓
+// String errorHtml = WebServiceUtils.generateUnavailableWebPage("单点登录失败", reason, "");
+// String errorHtml = WebServiceUtils.generateErrorWebPage("单点登录失败", reason, "");
+// WebUtils.printAsString(response, errorHtml);
+
+ }
+}
diff --git a/src/com/fr/sso/cas/FRAccessFilter.java b/src/com/fr/sso/cas/FRAccessFilter.java
new file mode 100644
index 0000000..1871ea2
--- /dev/null
+++ b/src/com/fr/sso/cas/FRAccessFilter.java
@@ -0,0 +1,464 @@
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by Fernflower decompiler)
+//
+
+package com.fr.sso.cas;
+
+import com.fr.base.ServerConfig;
+import com.fr.base.TemplateUtils;
+import com.fr.data.NetworkHelper;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.mobile.terminal.TerminalHandler;
+import com.fr.decision.privilege.TransmissionTool;
+import com.fr.decision.webservice.Response;
+import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
+import com.fr.decision.webservice.bean.authentication.LoginResponseInfoBean;
+import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean;
+import com.fr.decision.webservice.exception.login.UserLoginException;
+import com.fr.decision.webservice.utils.WebServiceUtils;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.general.ComparatorUtils;
+import com.fr.log.FineLoggerFactory;
+import com.fr.security.JwtUtils;
+import com.fr.stable.StringUtils;
+import com.fr.stable.web.Device;
+import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
+import com.fr.third.fasterxml.jackson.core.JsonParseException;
+import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
+import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
+import com.fr.third.fasterxml.jackson.databind.type.TypeFactory;
+import com.fr.web.utils.WebUtils;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.io.StringWriter;
+import java.nio.charset.Charset;
+import java.util.Hashtable;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+public class FRAccessFilter implements Filter {
+ public String[] loginPageNecessaryResources = new String[]{"fineui.min.css", "login.min.css", "fineui.min.js", "I18nTextGenerator", "ConstantGenerator", "login.min.js", "logo.png", "login.png", "login-img.png", "iconfont.woff"};
+ private String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName();
+ private String[] noFilterUrls;
+ private static ObjectMapper objectMapper = new ObjectMapper();
+ private static boolean isDev = true;
+
+ public FRAccessFilter() {
+ this.noFilterUrls = new String[]{this.servletNamePrefix + "/login", this.servletNamePrefix + "/login/config", this.servletNamePrefix + "/system/info", this.servletNamePrefix + "/login/cross/domain", this.servletNamePrefix + "/remote"};
+ }
+
+ public void init(FilterConfig filterConfig) throws ServletException {
+ }
+
+ private boolean isApp(HttpServletRequest request) {
+ String header = request.getHeader("User-Agent");
+ if (StringUtils.isNotBlank(header) && header.contains("FineReact")) {
+ return true;
+ } else {
+ String deviceType = request.getParameter("deviceType");
+ if (StringUtils.isNotBlank(deviceType)) {
+ return true;
+ } else {
+ String terminal = request.getHeader("terminal");
+ return StringUtils.isNotBlank(terminal) && terminal.equals("APP");
+ }
+ }
+ }
+
+ private boolean isMobLogin(HttpServletRequest request) {
+ if (this.isApp(request) && request.getMethod().equals("POST")) {
+ String requestURI = request.getRequestURI();
+ if (requestURI.endsWith("/login")) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ public static void printException2Frlog(Exception e) {
+ StringWriter writer = new StringWriter();
+ e.printStackTrace(new PrintWriter(writer));
+ String s = writer.toString();
+ FineLoggerFactory.getLogger().error("错误:{}", new Object[]{s});
+ }
+
+ public boolean getAuthenticator(String useruid, String userPassword, String applicationUsername, String applicationPassword) throws NamingException {
+ boolean result = false;
+ boolean flag = false;
+ DirContext ctx = null;
+ Hashtable env = new Hashtable();
+ env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ if (isDev) {
+ env.put("java.naming.provider.url", "ldap://XXXX");
+ } else {
+ env.put("java.naming.provider.url", "ldap://XXXX");
+ }
+
+ env.put("java.naming.security.authentication", "simple");
+ env.put("java.naming.security.principal", applicationUsername);
+ env.put("java.naming.security.credentials", applicationPassword);
+
+ try {
+ ctx = new InitialDirContext(env);
+ FineLoggerFactory.getLogger().info("Applications Authentication Succeed");
+ flag = true;
+ } catch (NamingException var31) {
+ if (ctx != null) {
+ try {
+ ctx.close();
+ FineLoggerFactory.getLogger().info("------------------------------------------");
+ } catch (NamingException var26) {
+ FineLoggerFactory.getLogger().info("ctx close occur NamingException, error message:" + var26);
+ }
+ }
+
+ FineLoggerFactory.getLogger().info(" Applications Authentication Failed, error messgae: " + var31);
+ flag = false;
+ return false;
+ }
+
+ SearchControls constraints = new SearchControls();
+ if (flag) {
+ NamingEnumeration en = null;
+
+ try {
+ constraints.setSearchScope(2);
+ String[] returnAttrs = new String[]{"*"};
+ constraints.setReturningAttributes(returnAttrs);
+ String basedn = "dc=bizenit,dc=com";
+ String searchFilter = "(|(uid=" + useruid + ")(smart-alias=" + useruid + "))";
+ FineLoggerFactory.getLogger().info("filter:" + searchFilter);
+ en = ctx.search(basedn, searchFilter, constraints);
+ } catch (Exception var29) {
+ FineLoggerFactory.getLogger().info("search occur Exception, error message:" + var29);
+ printException2Frlog(var29);
+ }
+
+ if (en.hasMoreElements()) {
+ DirContext ctxUser = null;
+ Hashtable envUser = new Hashtable();
+ envUser.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
+ if (isDev) {
+ envUser.put("java.naming.provider.url", "ldap://XXXX");
+ } else {
+ envUser.put("java.naming.provider.url", "ldap://XXXX");
+ }
+
+ envUser.put("java.naming.security.authentication", "simple");
+ envUser.put("java.naming.security.principal", ((SearchResult)en.next()).getNameInNamespace());
+ envUser.put("java.naming.security.credentials", userPassword);
+
+ try {
+ Object o = envUser.get("java.naming.provider.url");
+ FineLoggerFactory.getLogger().info("LDAP认证服务器地址:{} 认证用户名:{}", new Object[]{o, envUser.get("java.naming.security.principal")});
+ ctxUser = new InitialDirContext(envUser);
+ FineLoggerFactory.getLogger().info("User Login Succeed");
+ result = true;
+ constraints.setTimeLimit(1000);
+ constraints.setDerefLinkFlag(false);
+ constraints.setReturningAttributes(new String[]{"*"});
+ } catch (NamingException var28) {
+ FineLoggerFactory.getLogger().info("user Authentication occured NamingException,error message:" + var28);
+ printException2Frlog(var28);
+ } finally {
+ if (ctxUser != null) {
+ try {
+ ctxUser.close();
+ } catch (NamingException var25) {
+ FineLoggerFactory.getLogger().info("ctxUser close occured NamingException,error message:" + var25);
+ }
+ }
+
+ }
+ } else {
+ result = false;
+ }
+
+ try {
+ if (en != null) {
+ en.close();
+ }
+
+ if (ctx != null) {
+ ctx.close();
+ }
+ } catch (NamingException var27) {
+ FineLoggerFactory.getLogger().info("close occured NamingException,error message:" + var27);
+ printException2Frlog(var27);
+ }
+ }
+
+ return result;
+ }
+
+ public static T deserialize(String json, Class clazz) {
+ Object object = null;
+ try {
+ object = objectMapper.readValue(json, TypeFactory.rawClass(clazz));
+ } catch (JsonParseException e) {
+ } catch (JsonMappingException e) {
+ } catch (IOException e) {
+ }
+ return (T) object;
+ }
+
+ private String inputStream2String(InputStream inputStream) {
+ StringBuilder sb = new StringBuilder();
+ BufferedReader reader = null;
+
+ try {
+ reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
+
+ String line;
+ while((line = reader.readLine()) != null) {
+ sb.append(line);
+ }
+ } catch (IOException var12) {
+ throw new RuntimeException(var12);
+ } finally {
+ if (reader != null) {
+ try {
+ reader.close();
+ } catch (IOException var11) {
+ }
+ }
+
+ }
+
+ return sb.toString();
+ }
+
+ public static String serialize(Object object) {
+ StringWriter write = new StringWriter();
+
+ try {
+ objectMapper.writeValue(write, object);
+ } catch (JsonGenerationException var3) {
+ } catch (JsonMappingException var4) {
+ } catch (IOException var5) {
+ }
+
+ return write.toString();
+ }
+
+ private void mobLogin(HttpServletRequest req, HttpServletResponse response, LoginRequestInfoBean loginReqInfo) throws Exception {
+ String password = TransmissionTool.decrypt(loginReqInfo.isEncrypted(), loginReqInfo.getPassword());
+ String username = loginReqInfo.getUsername();
+ if (WebServiceUtils.containSQLChars(username)) {
+ Response error = Response.error("21300015", "Special char prohibit!");
+ WebUtils.printAsString(response, serialize(error));
+ } else {
+ User user = UserService.getInstance().getUserByUserName(username);
+ if (user == null) {
+ throw new UserLoginException();
+ } else {
+ String adminName = "XXXX";
+ String adminPwd = "XXXX";
+ if (isDev) {
+ adminName = "XXXX";
+ adminPwd = "XXXX";
+ }
+
+ if (this.getAuthenticator(username, password, adminName, adminPwd)) {
+ String token = this.login(req, response, username);
+ OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
+ LoginResponseInfoBean infoBean = new LoginResponseInfoBean(token, originUrlResponseBean, user.getUserName(), loginReqInfo.getValidity());
+ WebUtils.printAsString(response, serialize(infoBean));
+ } else {
+ Response error = Response.error("21300007", "User not exist, or wrong password!");
+ WebUtils.printAsString(response, serialize(error));
+ }
+ }
+ }
+ }
+
+ public static boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
+ try {
+ if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
+ FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
+ return false;
+ } else {
+ Device device = NetworkHelper.getDevice(req);
+ LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
+ return true;
+ }
+ } catch (Exception var4) {
+ return false;
+ }
+ }
+
+ private boolean isLogin(HttpServletRequest request) {
+ try {
+ return LoginService.getInstance().isLogged(request);
+ } catch (Exception var3) {
+ return false;
+ }
+ }
+
+ private String login(HttpServletRequest req, HttpServletResponse res, String username) {
+ try {
+ String oldToken = TokenResource.COOKIE.getToken(req);
+ if (oldToken == null || !checkTokenValid(req, oldToken, username)) {
+ HttpSession session = req.getSession(true);
+ String token = LoginService.getInstance().login(req, res, username);
+// session.setAttribute("fine_auth_token", token);
+ req.setAttribute("fine_auth_token", token);
+ return token;
+ }
+ } catch (Exception var7) {
+ FineLoggerFactory.getLogger().error(var7.getMessage(), var7);
+ }
+
+ return null;
+ }
+
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ servletRequest.setCharacterEncoding("UTF-8");
+ HttpServletRequest request = (HttpServletRequest)servletRequest;
+ HttpServletResponse response = (HttpServletResponse)servletResponse;
+ String noIdmParameter = request.getParameter("no-idm");
+ String pathInfo;
+ if (this.isMobLogin(request)) {
+ pathInfo = this.inputStream2String(request.getInputStream());
+
+ try {
+ LoginRequestInfoBean infoBean = (LoginRequestInfoBean)deserialize(pathInfo, LoginRequestInfoBean.class);
+ if (this.isLogin(request)) {
+ String oldToken = TokenResource.COOKIE.getToken(request);
+ OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
+ LoginResponseInfoBean respBean = new LoginResponseInfoBean(oldToken, originUrlResponseBean, infoBean.getUsername(), infoBean.getValidity());
+ WebUtils.printAsString(response, serialize(respBean));
+ } else {
+ this.mobLogin(request, response, infoBean);
+ }
+
+ return;
+ } catch (Exception var13) {
+ FineLoggerFactory.getLogger().info("LDAP认证失败:" + var13.getMessage());
+ }
+ }
+
+ if (this.isApp(request)) {
+ setCookie(response, "no-idm", "true");
+ pathInfo = request.getPathInfo();
+ this.forwardRequest(request, response);
+ } else {
+ if (StringUtils.isNotEmpty(noIdmParameter)) {
+ boolean isNoIdm = Boolean.parseBoolean(noIdmParameter);
+ Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
+ if (noIdmCookie != null) {
+ if (Boolean.parseBoolean(noIdmCookie.getValue()) != isNoIdm) {
+ if (isNoIdm) {
+ setCookie(response, "no-idm", "true");
+ } else {
+ setCookie(response, "no-idm", "false");
+ }
+ }
+ } else if (isNoIdm) {
+ setCookie(response, "no-idm", "true");
+ } else {
+ setCookie(response, "no-idm", "false");
+ }
+ } else {
+ Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
+ if (noIdmCookie == null) {
+ setCookie(response, "no-idm", "false");
+ }
+ }
+
+ if (!this.isNoFilterUrls(request) && !this.isRequestLoginPageNecessaryResources(request) && !this.isFromNoIdmPage(request)) {
+ User user = null;
+
+ try {
+ user = UserService.getInstance().getUserByRequestCookie(request);
+ } catch (Exception var12) {
+ }
+
+ if (user != null) {
+ this.forwardRequest(request, response);
+ } else if (StringUtils.isNotEmpty(noIdmParameter) && Boolean.parseBoolean(noIdmParameter)) {
+ this.forwardRequest(request, response);
+ } else {
+ filterChain.doFilter(request, response);
+ }
+ } else {
+ this.forwardRequest(request, response);
+ }
+ }
+ }
+
+ private static void setCookie(HttpServletResponse response, String name, String value) {
+ Cookie cookie = new Cookie(name, value);
+ cookie.setPath("/");
+ response.addCookie(cookie);
+ }
+
+ public void destroy() {
+ }
+
+ public boolean isNoFilterUrls(HttpServletRequest request) {
+ String requestURI = request.getRequestURI();
+ String[] var3 = this.noFilterUrls;
+ int var4 = var3.length;
+
+ for(int var5 = 0; var5 < var4; ++var5) {
+ String url = var3[var5];
+ if (requestURI.contains(url)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ public boolean isRequestLoginPageNecessaryResources(HttpServletRequest request) {
+ String queryString = request.getQueryString();
+ if (StringUtils.isEmpty(queryString)) {
+ return false;
+ } else {
+ String[] var3 = this.loginPageNecessaryResources;
+ int var4 = var3.length;
+
+ for(int var5 = 0; var5 < var4; ++var5) {
+ String parameter = var3[var5];
+ if (queryString.contains(parameter)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+ }
+
+ private boolean isFromNoIdmPage(HttpServletRequest request) {
+ String referer = request.getHeader("Referer");
+ return StringUtils.isNotEmpty(referer) && referer.contains("no-idm=true");
+ }
+
+ private void forwardRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ String contextPath = request.getContextPath();
+ String relativePath = request.getRequestURI().replace(contextPath, "");
+ request.getRequestDispatcher(relativePath).forward(request, response);
+ }
+}