hugh
/
open-JSD-7963
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

提交开源任务材料

10.0
LAPTOP-SB56SG4Q\86185 3 years ago
parent
6a0e10118d
commit
83d8e26ad5
28 changed files with 3337 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      5591-5860-6693使用文档.docx
  2. BIN
      JSD-7963-需求确认书V1.docx
  3. 5
      README.md
  4. 29
      plugin.xml
  5. 38
      src/com/fr/plugin/ChangeConfigHander.java
  6. 38
      src/com/fr/plugin/ChangeDesignConfigHander.java
  7. 108
      src/com/fr/plugin/DataFilterPlaceHolder.java
  8. 347
      src/com/fr/plugin/FR2loginFilter.java
  9. 165
      src/com/fr/plugin/FRloginFilter.java
  10. 82
      src/com/fr/plugin/FilterMeConfig.java
  11. 110
      src/com/fr/plugin/GlobalRequestFilterPlaceHolder.java
  12. 130
      src/com/fr/plugin/HttpApi.java
  13. 62
      src/com/fr/plugin/IpUtils.java
  14. 14
      src/com/fr/plugin/JHHttpHander.java
  15. 17
      src/com/fr/plugin/JHUrlAliasProvider.java
  16. 28
      src/com/fr/plugin/JSONUtils.java
  17. 647
      src/com/fr/plugin/LastloginFilter.java
  18. 150
      src/com/fr/plugin/LoginFilter.java
  19. 25
      src/com/fr/plugin/LoginOutEventProvider.java
  20. 139
      src/com/fr/plugin/PostionImportgHander.java
  21. 348
      src/com/fr/plugin/RemoteFilter.java
  22. 128
      src/com/fr/plugin/RequestWrapper.java
  23. 97
      src/com/fr/plugin/XContentRequestWrapper.java
  24. 16
      src/com/fr/plugin/error.html
  25. 90
      src/com/fr/plugin/util/LogUtils.java
  26. 26
      src/com/fr/plugin/util/RequestUtils.java
  27. 35
      src/com/fr/plugin/util/ResponseUtils.java
  28. 464
      src/com/fr/sso/cas/FRAccessFilter.java

BIN
5591-5860-6693使用文档.docx
View File

Binary file not shown.

BIN
JSD-7963-需求确认书V1.docx
View File

Binary file not shown.

5
README.md
Unescape View File

@ -1,3 +1,6 @@
# open-JSD-7963 # open-JSD-7963
JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息 JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息\
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
仅作为开发者学习参考使用!禁止用于任何商业用途!\
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。

29
plugin.xml
Unescape View File

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<plugin>
<id>com.fr.plugin.sln5591</id>
<name><![CDATA[单点登录]]></name>
<active>yes</active>
<version>1.8.0</version>
<env-version>10.0</env-version>
<jartime>2019-03-10</jartime>
<vendor>fr.open</vendor>
<description><![CDATA[拦截器]]></description>
<change-notes>
</change-notes>
<main-package>com.fr.plugin</main-package>
<function-recorder class="com.fr.plugin.FRloginFilter"/>
<extra-decision>
<!--插件注入HttpHandler-->
<HttpHandlerProvider class="com.fr.plugin.JHHttpHander"/>
<!--<WebResourceProvider class="com.fr.plugin.LanLinJSHander"/>-->
<URLAliasProvider class="com.fr.plugin.JHUrlAliasProvider"/>
<EmbedRequestFilterProvider class="com.fr.plugin.RemoteFilter"/>
<!--这个是真实的-->
<GlobalRequestFilterProvider class="com.fr.plugin.LastloginFilter"/>
<!--这个是代理-->
<GlobalRequestFilterProvider class="com.fr.plugin.GlobalRequestFilterPlaceHolder"/>
<GlobalRequestFilterProvider class="com.fr.plugin.DataFilterPlaceHolder"/>
<LogInOutEventProvider class="com.fr.plugin.LoginOutEventProvider"/>
</extra-decision>
</plugin>

38
src/com/fr/plugin/ChangeConfigHander.java
Unescape View File

@ -0,0 +1,38 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ChangeConfigHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return null;
}
@Override
public String getPath() {
return "/change1";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
String config = req.getParameter("config");
FilterMeConfig instance = FilterMeConfig.getInstance();
if (StringUtils.isBlank(config)) {
instance.setAdminFlags("");
} else {
instance.setAdminFlags(config);
}
WebUtils.printAsString(res, "success");
}
}

38
src/com/fr/plugin/ChangeDesignConfigHander.java
Unescape View File

@ -0,0 +1,38 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ChangeDesignConfigHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return null;
}
@Override
public String getPath() {
return "/change2";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
String designConfig = req.getParameter("config");
FilterMeConfig instance = FilterMeConfig.getInstance();
if (StringUtils.isBlank(designConfig)) {
instance.setDesignFlags("");
} else {
instance.setDesignFlags(designConfig);
}
WebUtils.printAsString(res, "success");
}
}

108
src/com/fr/plugin/DataFilterPlaceHolder.java
Unescape View File

@ -0,0 +1,108 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Iterator;
public class DataFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "a1data";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/*"
};
}
@Override
public void init(FilterConfig filterConfig) {
FilterMeConfig.getInstance();
super.init(filterConfig);
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
if (request.getMethod().equalsIgnoreCase("POST")) {
if (request.getPathInfo() != null && request.getPathInfo().endsWith("v5/design/widget/data")) {
String header = request.getHeader("X-Context");
if (StringUtils.isNotBlank(header)) {
RequestWrapper wrapper = new RequestWrapper(request);
String bodyString = wrapper.getBodyString();
JSONObject entries = new JSONObject(bodyString);
try {
delJSON(header, entries);
// FineLoggerFactory.getLogger().info("设置到body中 :{}", entries);
wrapper.setBody(entries.toString().getBytes());
filterChain.doFilter(wrapper, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
}
}
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
}
private void delJSON(String head, JSONObject req) {
try {
head = URLDecoder.decode(head, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().error("收到的 Context:{}", head);
JSONObject jsonObject = new JSONObject(head);
Iterator<String> keys = jsonObject.keys();
if (req.has("parameter")) {
JSONObject parameter = req.getJSONObject("parameter");
while (keys.hasNext()) {
String key = keys.next();
String value = jsonObject.getString(key);
if (!parameter.has(key)) {
setData(key, value, parameter);
}
}
}
}
private void setData(String name, String data, JSONObject parameter) {
JSONObject jsonObject = new JSONObject();
jsonObject.put("type", 97);//URL参数
jsonObject.put("value", data);
parameter.put(name, jsonObject);
}
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
}

347
src/com/fr/plugin/FR2loginFilter.java
Unescape View File

@ -0,0 +1,347 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.general.IOUtils;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.IpUtils;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
@FunctionRecorder(localeKey = "fr2")
public class FR2loginFilter extends AbstractEmbedRequestFilterProvider {
@Override
public void init(FilterConfig filterConfig) {
super.init(filterConfig);
}
private static String[] filterUrls = new String[]{
"v5/design/report/",
"view/report",
"view/form"
};
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private boolean needFilter(String url) {
if (StringUtils.isNotBlank(url)) {
for (String filterUrl : filterUrls) {
if (url.contains(filterUrl)) {
return true;
}
}
}
return false;
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
HttpSession session = req.getSession(true);
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
private boolean ipblackCheck(String ip) {
String[] blackIps = new String[]{};
try {
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
if (inputStream != null) {
String lines = IOUtils.inputStream2String(inputStream);
blackIps = lines.split("\n");
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
if ("0:0:0:0:0:0:0:1".equals(ip)) {
return true;
}
for (String blackIp : blackIps) {
if (!blackIp.contains("-")) {
if (ip.equals(blackIp)) {
return true;
}
} else {
String trim = blackIp.trim();
String[] split = trim.split("-");
if (split.length > 1) {
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
return true;
}
}
}
}
return false;
}
private void writerOurError(HttpServletResponse httpServletResponse) {
try {
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
} catch (IOException e) {
e.printStackTrace();
}
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
String ip = IpUtils.getIp(request);
if (!ipblackCheck(ip)) {
writerOurError(httpServletResponse);
return;
}
if (request.getMethod().equalsIgnoreCase("GET")) {
//直接return 就开始执行原来的逻辑
if (request.getParameter("sendTwo") != null) {
return;
}
//需要特殊处理的url按照特殊处理
if (needFilter(uri)) {
sendRedirect(httpServletResponse, getUrl(request));
return;
}
String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
if (loginUrl.equals(uri)) {
String manualOut = request.getParameter("manual");
if (!ComparatorUtils.equals(manualOut, "true")) {
String header = request.getHeader("X-Context");
if (StringUtils.isNotBlank(header) && !isLogin(request)) {
tokenLogin(request, httpServletResponse);
sendRedirect(httpServletResponse, home);
}
}
}
}
return;
}
private void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
String header = req.getHeader("X-Context");
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
try {
User user = UserService.getInstance().getUserByUserName(usrNm);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
String userId = user.getId();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
boolean isAdminRoleFlag = false;
List<String> adminFlags = getAdminFlags();
FineLoggerFactory.getLogger().info("当前的管理员标识符 :{}", adminFlags);
List<String> remoteRoles = new ArrayList<>();
try {
int size = rlNoList.size();
for (int i = 0; i < size; i++) {
String name = rlNoList.getString(i);
remoteRoles.add(name);
FineLoggerFactory.getLogger().info("传送过来的角色:{}", name);
if (isAdminFlags(name, adminFlags)) {
isAdminRoleFlag = true;
}
}
//先判断传过来的的角色是不是本地都有,没有要加上
for (String role : remoteRoles) {
boolean find = false;
for (CustomRole customRole : roles) {
if (ComparatorUtils.equals(customRole.getName(), role)) {
find = true;
}
}
if (!find) {
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
// List<CustomRole> roleList = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
// FineLoggerFactory.getLogger().info("通过角色名称{} 查询出来的本地角色:{}", role, roleList.size());
// for (CustomRole customRole : roleList) {
// FineLoggerFactory.getLogger().info("给用户新增角色:{}", customRole.getId());
// userController.addUserToCustomRole(userId, customRole.getId());
// }
FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
CustomRole addRole = new CustomRole();
addRole.setName(role);
addRole.setAlias(role);
addRole.setId(UUID.randomUUID().toString());
addRole.setDescription("通过xcontent添加");
customRoleController.add(addRole);
userController.addUserToCustomRole(userId, addRole.getId());
}
}
//在判断本地的角色是不是远程没有了,要移除掉
for (CustomRole customRole : roles) {
if (!remoteRoles.contains(customRole.getName())) {
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
} catch (Exception e) {
e.printStackTrace();
}
//如果是管理员标志就直接登录admin账号
if (isAdminRoleFlag) {
FineLoggerFactory.getLogger().info("本次为管理员登录");
login(req, res, "admin");
} else {
FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
login(req, res, usrNm);
}
} catch (Exception e) {
e.printStackTrace();
}
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

165
src/com/fr/plugin/FRloginFilter.java
Unescape View File

@ -0,0 +1,165 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
@FunctionRecorder(localeKey = "frfilter")
public class FRloginFilter extends AbstractEmbedRequestFilterProvider {
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
if (uri != null && uri.contains("v5/design/report/share") && request.getMethod().equalsIgnoreCase("GET")) {
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,需要跳转share {}", uri);
if (request.getParameter("sendTwo") != null) {
return;
}
String url = getUrl(request);
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,跳转出来的 {}", url);
sendRedirect(httpServletResponse, url);
}
}
//
// private String getUrl(HttpServletRequest request){
// String url = "/";
// try {
// url = "http://" + request.getServerName()//服务器地址
// + ":"
// + request.getServerPort() + request.getRequestURI() ;
// String queryString = request.getQueryString();
// String header2url = header2url(request);
// if (StringUtils.isNotBlank(queryString)) {
// url+= "?"+queryString+header2url;
// }else{
// url+="?a=1"+header2url;
// }
// if(url.contains("?")){
// url+="&sendTwo=true";
// }else{
// url+="?sendTwo=true";
// }
// } catch (Exception e) {
// printException2Frlog(e);
// }
// return url;
// }
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
//
// private String header2url(HttpServletRequest request){
// StringBuffer buffer=new StringBuffer();
// String context = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(context)) {
// try {
// context = URLDecoder.decode(context, "UTF-8");
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// }
// JSONObject jsonObject = new JSONObject(context);
// String userNo = jsonObject.getString("usrNo");
// String userNm = jsonObject.getString("usrNm");
// String pstNo = jsonObject.getString("pstNo");
// String instNo = jsonObject.getString("instNo");
// String accInstNo = jsonObject.getString("accInstNo");
// String admnInstNo = jsonObject.getString("admnInstNo");
// buffer.append("&userNo=").append(userNo).append("&userNm=").append(userNm).append("&pstNo=").append(pstNo).append("&instNo=").append(instNo)
// .append("&accInstNo=").append(accInstNo).append("&admnInstNo=").append(admnInstNo);
// }
//
// buffer.append("&sendTwo=true");
// return buffer.toString();
// }
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

82
src/com/fr/plugin/FilterMeConfig.java
Unescape View File

@ -0,0 +1,82 @@
package com.fr.plugin;
import com.fr.config.*;
import com.fr.config.holder.Conf;
import com.fr.config.holder.factory.Holders;
@Visualization(category = "系统接口地址配置")
public class FilterMeConfig extends DefaultConfiguration {
private static volatile FilterMeConfig config = null;
public static FilterMeConfig getInstance() {
if (config == null) {
config = ConfigContext.getConfigInstance(FilterMeConfig.class);
}
return config;
}
@Identifier(value = "baseUrl", name = "接口地址", description = "", status = Status.SHOW)
private Conf<String> baseUrl = Holders.simple("http://localhost:8080/");
@Identifier(value = "adminFlags", name = "管理员标识符rlNoList", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> adminFlags = Holders.simple("");
@Identifier(value = "adminFlagsNm", name = "管理员标识符usrNm", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> adminFlagsNm = Holders.simple("");
@Identifier(value = "designFlags", name = "设计用户标识符", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> designFlags = Holders.simple("");
@Identifier(value = "needflush", name = "是否需要刷新权限", description = "使用分号分隔", status = Status.SHOW)
private Conf<Boolean> needflush = Holders.simple(true);
public String getDesignFlags() {
return designFlags.get();
}
public void setDesignFlags(String designFlags) {
this.designFlags.set(designFlags);
}
public String getAdminFlags() {
return adminFlags.get();
}
public void setAdminFlags(String adminFlags) {
this.adminFlags.set(adminFlags);
}
public String getBaseUrl() {
return baseUrl.get();
}
public void setBaseUrl(String baseUrl) {
this.baseUrl.set(baseUrl);
}
public String getAdminFlagsNm() {
return adminFlagsNm.get();
}
public void setAdminFlagsNm(String adminFlagsNm) {
this.adminFlagsNm.set(adminFlagsNm);
;
}
public Boolean getNeedflush() {
return needflush.get();
}
public void setNeedflush(Boolean needflush) {
this.needflush.set(needflush);
}
@Override
public Object clone() throws CloneNotSupportedException {
FilterMeConfig cloned = (FilterMeConfig) super.clone();
cloned.baseUrl = (Conf<String>) baseUrl.clone();
cloned.adminFlags = (Conf<String>) adminFlags.clone();
cloned.designFlags = (Conf<String>) designFlags.clone();
cloned.adminFlagsNm = (Conf<String>) adminFlagsNm.clone();
cloned.needflush = (Conf<Boolean>) needflush.clone();
return cloned;
}
}

110
src/com/fr/plugin/GlobalRequestFilterPlaceHolder.java
Unescape View File

@ -0,0 +1,110 @@
package com.fr.plugin;
import com.fr.decision.ExtraDecisionClassManager;
import com.fr.decision.fun.GlobalRequestFilterProvider;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.event.Event;
import com.fr.event.EventDispatcher;
import com.fr.event.Listener;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.context.PluginContext;
import com.fr.plugin.injectable.PluginModule;
import com.fr.plugin.observer.PluginEventType;
import com.fr.stable.StringUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Set;
/**
* @author fr.open
*/
public class GlobalRequestFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
private static final String CURRENT_PLUGIN_ID = "com.fr.plugin.sln5591";//需要求个这两个配置
private static final String CURRENT_FILTER_NAME = "lastLogin";
private static GlobalRequestFilterProvider PLACE_HOLDER_IMPL_FILTER;
@Override
public void init(FilterConfig filterConfig) {
Set<GlobalRequestFilterProvider> providers = ExtraDecisionClassManager.getInstance().getArray(GlobalRequestFilterProvider.MARK_STRING);
if (providers != null) {
for (GlobalRequestFilterProvider provider : providers) {
String filterName = provider.filterName();
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
PLACE_HOLDER_IMPL_FILTER = provider;
break;
}
}
}
com.fr.stable.Filter<PluginContext> filter = new com.fr.stable.Filter<PluginContext>() {
@Override
public boolean accept(PluginContext context) {
String pluginId = context.getID();
return context.contain(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING) && CURRENT_PLUGIN_ID.equals(pluginId);
}
};
EventDispatcher.listen(PluginEventType.AfterRun, new Listener<PluginContext>() {
@Override
public void on(Event event, PluginContext context) {
Set<GlobalRequestFilterProvider> providers = context.getRuntime().get(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING);
if (providers != null) {
for (GlobalRequestFilterProvider provider : providers) {
String filterName = provider.filterName();
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
PLACE_HOLDER_IMPL_FILTER = provider;
break;
}
}
}
}
}, filter);
EventDispatcher.listen(PluginEventType.BeforeStop, new Listener<PluginContext>() {
@Override
public void on(Event event, PluginContext context) {
PLACE_HOLDER_IMPL_FILTER = null;
}
}, filter);
}
@Override
public String filterName() {
return "GlobalRequestFilterPlaceHolder";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/*"
};
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
try {
process(request, response, filterChain);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e, e.getMessage());
try {
filterChain.doFilter(request, response);
} catch (Exception ex) {
FineLoggerFactory.getLogger().error(ex, ex.getMessage());
}
}
}
public void process(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception {
if (PLACE_HOLDER_IMPL_FILTER == null) {
if(FineLoggerFactory.getLogger().isDebugEnabled()) {
FineLoggerFactory.getLogger().debug("[GlobalRequestFilterPlaceHolder] placeHolderImplFilter 为 null");
}
filterChain.doFilter(request, response);
} else {
PLACE_HOLDER_IMPL_FILTER.doFilter(request, response, filterChain);
}
}
}

130
src/com/fr/plugin/HttpApi.java
Unescape View File

@ -0,0 +1,130 @@
package com.fr.plugin;
import com.fr.base.ServerConfig;
import com.fr.json.JSONObject;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
public class HttpApi {
private static String getParam(Map<String, Object> var0, String enc) {
String var1 = "";
Set var2 = var0.keySet();
Iterator var3 = var2.iterator();
while (var3.hasNext()) {
String var4 = (String) var3.next();
String var5 = var0.get(var4) + "";
try {
var1 = var1 + (var1.length() == 0 ? "" : "&") + URLEncoder.encode(var4, enc) + "=" + URLEncoder.encode(var5, enc);
} catch (Exception var7) {
;
}
}
return var1;
}
public static String post(String path, Map<String, Object> param) {
String var3 = getParam(param, ServerConfig.getInstance().getServerCharset());
PrintWriter var4 = null;
BufferedReader var5 = null;
String var6 = "";
try {
URL var7 = new URL(path);
HttpURLConnection var8 = (HttpURLConnection) var7.openConnection();
var8.setRequestProperty("accept", "*/*");
var8.setRequestProperty("connection", "Keep-Alive");
var8.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
// var8.setRequestProperty("Accept-Charset", "UTF-8");
var8.setRequestMethod("POST");
var8.setDoOutput(true);
var8.setDoInput(true);
var4 = new PrintWriter(var8.getOutputStream());
var4.print(var3);
var4.flush();
String var9;
for (var5 = new BufferedReader(new InputStreamReader(var8.getInputStream(), "UTF-8")); (var9 = var5.readLine()) != null; var6 = var6 + var9) {
;
}
} catch (Exception var18) {
var18.printStackTrace();
} finally {
try {
if (var4 != null) {
var4.close();
}
if (var5 != null) {
var5.close();
}
} catch (Exception var17) {
;
}
}
return var6;
}
public static String sendJsonPost(String var0, JSONObject var1, String var2) {
PrintWriter var3 = null;
BufferedReader var4 = null;
HttpURLConnection var5 = null;
String var6 = "";
try {
URL var7 = new URL(var0);
var5 = (HttpURLConnection) var7.openConnection();
var5.setRequestProperty("Content-Type", "application/json;charset=utf8");
// var5.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=utf8");
var5.setRequestProperty("accept", "*/*");
var5.setRequestProperty("connection", "Keep-Alive");
var5.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
var5.setRequestProperty("Accept-Charset", var2);
var5.setRequestMethod("POST");
var5.setDoOutput(true);
var5.setDoInput(true);
var3 = new PrintWriter(var5.getOutputStream());
var3.print(var1.toString());
var3.flush();
String var8;
for (var4 = new BufferedReader(new InputStreamReader(var5.getInputStream(), var2)); (var8 = var4.readLine()) != null; var6 = var6 + var8) {
;
}
} catch (Exception var17) {
var17.printStackTrace();
} finally {
try {
if (var3 != null) {
var3.close();
}
if (var4 != null) {
var4.close();
}
} catch (Exception var16) {
;
}
var5.disconnect();
}
System.out.println(var6);
return var6;
}
}

62
src/com/fr/plugin/IpUtils.java
Unescape View File

@ -0,0 +1,62 @@
package com.fr.plugin;
import javax.servlet.http.HttpServletRequest;
public class IpUtils {
/**
* 将字符串形式IP地址127.0.0.1转换10234564321
*
* @param strIP
* @return
*/
public static long ip2Long(String strIP) {
long[] ip = new long[4];
// 先找到IP地址字符串中.的位置
int position1 = strIP.indexOf(".");
int position2 = strIP.indexOf(".", position1 + 1);
int position3 = strIP.indexOf(".", position2 + 1);
// 将每个.之间的字符串转换成整型
ip[0] = Long.parseLong(strIP.substring(0, position1));
ip[1] = Long.parseLong(strIP.substring(position1 + 1, position2));
ip[2] = Long.parseLong(strIP.substring(position2 + 1, position3));
ip[3] = Long.parseLong(strIP.substring(position3 + 1));
return (ip[0] << 24) + (ip[1] << 16) + (ip[2] << 8) + ip[3];
}
public static String getIp(HttpServletRequest request) {
String remoteIp = request.getRemoteAddr();
// 多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if (remoteIp != null && remoteIp.length() > 15) {
if (remoteIp.indexOf(",") > 0) {
remoteIp = remoteIp.substring(0, remoteIp.indexOf(","));
}
}
return remoteIp;
}
/**
* 将字符串形式IP地址转换long类型
* @param ip
* @return
*/
public static long getIp2long(String ip) {
ip = ip.trim();
String[] ips = ip.split("\\.");
long ip1 = Integer.parseInt(ips[0]);
long ip2 = Integer.parseInt(ips[1]);
long ip3 = Integer.parseInt(ips[2]);
long ip4 = Integer.parseInt(ips[3]);
return ip1 * 256 * 256 * 256 + ip2 * 256 * 256 + ip3 * 256 + ip4;
}
/**
* 判断一个ip地址是否在某个ip段范围内
* @param ip
* @param startIP
* @param endIP
* @return
*/
public static boolean ipExistsInRange(String ip, String startIP, String endIP) {
return (getIp2long(startIP)<=getIp2long(ip)) && (getIp2long(ip)<=getIp2long(endIP));
}
}

14
src/com/fr/plugin/JHHttpHander.java
Unescape View File

@ -0,0 +1,14 @@
package com.fr.plugin;
import com.fr.decision.fun.HttpHandler;
import com.fr.decision.fun.impl.AbstractHttpHandlerProvider;
public class JHHttpHander extends AbstractHttpHandlerProvider {
private HttpHandler[] actions = new HttpHandler[]{new ChangeConfigHander() ,new ChangeDesignConfigHander(),new PostionImportgHander() };
@Override
public HttpHandler[] registerHandlers() {
return actions;
}
}

17
src/com/fr/plugin/JHUrlAliasProvider.java
Unescape View File

@ -0,0 +1,17 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractURLAliasProvider;
import com.fr.decision.webservice.url.alias.URLAlias;
import com.fr.decision.webservice.url.alias.URLAliasFactory;
public class JHUrlAliasProvider extends AbstractURLAliasProvider {
@Override
public URLAlias[] registerAlias() {
return new URLAlias[]{
//第一个参数就是就是别名地址,第二个就是HttpHandler中设置的地址,第三个参数就是设置该请求是否公开(需要和对应的HttpHandler.isPublic方法返回一直,要不然会报错404),返回的是一个非通配
URLAliasFactory.createPluginAlias("/config/admin", "/change1", true),
URLAliasFactory.createPluginAlias("/config/import", "/depAndPosImport", true),
URLAliasFactory.createPluginAlias("/config/design", "/change2", true)
};
}
}

28
src/com/fr/plugin/JSONUtils.java
Unescape View File

@ -0,0 +1,28 @@
package com.fr.plugin;
import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.StringWriter;
import java.io.Writer;
/**
* JSON序列化和反序列化相关操作类
*/
public class JSONUtils {
private static ObjectMapper objectMapper = new ObjectMapper();
public static String serialize(Object object) {
Writer write = new StringWriter();
try {
objectMapper.writeValue(write, object);
} catch (JsonGenerationException e) {
} catch (JsonMappingException e) {
} catch (IOException e) {
}
return write.toString();
}
}

647
src/com/fr/plugin/LastloginFilter.java
Unescape View File

@ -0,0 +1,647 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.impl.user.type.UserProductType;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.general.IOUtils;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.plugin.util.LogUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.*;
import java.net.URLDecoder;
import java.util.*;
@FunctionRecorder(localeKey = "fr2")
public class LastloginFilter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "lastLogin";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/oookkkk"
};
}
@Override
public void init(FilterConfig filterConfig) {
FilterMeConfig.getInstance();
super.init(filterConfig);
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
String uri = request.getRequestURI();
String ip = com.fr.plugin.IpUtils.getIp(request);
String header = request.getHeader("X-Context");
// try {
// FineLoggerFactory.getLogger().info("Context:{}", URLDecoder.decode(header, "utf-8"));
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// }
// printCookies(request);
// FineLoggerFactory.getLogger().info("请求url:{}", WebUtils.getOriginalURL(request));
if (isRemoteDesignRequest(request) || isResourceFileRequest(request)) {
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
if (!ipblackCheck(ip)) {
writerOurError(httpServletResponse);
return;
}
if (request.getMethod().equalsIgnoreCase("GET")) {
if (StringUtils.isNotBlank(header)) {
XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
// wrapper.getParameterMap();
// String a = wrapper.getParameter("a");
// wrapper.getParameterNames();
// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
if (isLogin(wrapper)) {
// String usrNm = wrapper.getParameter("usrNm");
//从2021-01-29开始的需求, SLN-6585开始修改用户名使用userNo代替
String usrNo = wrapper.getParameter("usrNo");
String instNo = wrapper.getParameter("instNo");
String realUserName = usrNo + "_" + instNo;
// FineLoggerFactory.getLogger().info("登录信息:{}", realUserName);
User logindUser = null;
try {
logindUser = UserService.getInstance().getUserByRequestCookie(request);
UserService instance = UserService.getInstance();
// FineLoggerFactory.getLogger().info("当前登录的用户名称:{}", logindUser.getUserName());
//如果登录过并且不是管理员就判断是否是同一个用户
if (!instance.isAdmin(logindUser.getId())) {
//如果登录的用户和content的中不一致则切换登录用户
if (!ComparatorUtils.equals(logindUser.getUserName(), realUserName)) {
FineLoggerFactory.getLogger().info("当前登录的用户和xcontent的不一致,切换用户为:{}", realUserName);
tokenLogin(request, httpServletResponse);
} else {
//如果一致则判断角色是否变化
try {
FineLoggerFactory.getLogger().info("当前用户已经登录,进行权限适配:{}", realUserName);
dealCustomRole(wrapper, logindUser.getId());
} catch (Exception e) {
printException2FrLog(e);
}
}
}
} catch (Exception e) {
printException2FrLog(e);
}
} else {
FineLoggerFactory.getLogger().info("xc1当前未登录开始登录");
tokenLogin(request, httpServletResponse);
}
try {
filterChain.doFilter(wrapper, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
}
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
}
// private void printCookies(HttpServletRequest request) {
// Cookie[] cookies = request.getCookies();
// if (null != cookies) {
// for (Cookie cookie : cookies) {
// FineLoggerFactory.getLogger().info("收到的cookies name {} value:{}", cookie.getName(), cookie.getValue());
// }
// }
// }
/**
* 判断是否是远程设计请求
*/
private boolean isRemoteDesignRequest(HttpServletRequest request) {
String pathInfo = request.getPathInfo();
return StringUtils.isNotEmpty(pathInfo) && pathInfo.startsWith("/remote/design");
}
private void adminLogin(HttpServletRequest request) {
}
/**
* 判断是否是资源文件请求
*/
private boolean isResourceFileRequest(HttpServletRequest request) {
String pathInfo = request.getPathInfo();
if (StringUtils.isEmpty(pathInfo)) {
return false;
}
return pathInfo.startsWith("/resources") || pathInfo.startsWith("/file");
}
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private static void login(HttpServletRequest req, HttpServletResponse res, String username) {
HttpSession session = req.getSession(true);
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
private boolean ipblackCheck(String ip) {
String[] blackIps = new String[]{};
try {
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
if (inputStream != null) {
String lines = IOUtils.inputStream2String(inputStream);
blackIps = lines.split("\n");
}
} catch (IOException e) {
LogUtils.error(e.getMessage(), e);
}
if ("0:0:0:0:0:0:0:1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv6 地址: {},直接放行。", ip);
return true;
}
if ("127.0.0.1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv4 地址: {},直接放行。", ip);
return true;
}
for (String blackIp : blackIps) {
if (!blackIp.contains("-")) {
if (ip.equals(blackIp)) {
return true;
}
} else {
String trim = blackIp.trim();
String[] split = trim.split("-");
if (split.length > 1) {
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
return true;
}
}
}
}
return false;
}
private void writerOurError(HttpServletResponse httpServletResponse) {
try {
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
} catch (IOException e) {
e.printStackTrace();
}
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
// public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
// String uri = request.getRequestURI();
// String ip = IpUtils.getIp(request);
// if (!ipblackCheck(ip)) {
// writerOurError(httpServletResponse);
// return;
// }
// if (request.getMethod().equalsIgnoreCase("GET")) {
// String header = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(header)) {
// XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
//// String a = wrapper.getParameter("a");
//// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
// if (isLogin(wrapper)) {
// String usrNm = wrapper.getParameter("usrNm");
// String userNameFromRequest = LoginService.getInstance().getUserNameFromRequestCookie(request);
// //如果登录的用户和content的中不一致则切换登录用户
// if (!ComparatorUtils.equals(userNameFromRequest, usrNm)) {
// tokenLogin(request, httpServletResponse);
// }
// } else {
// tokenLogin(request, httpServletResponse);
// return;
// }
//
// String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
// String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
// if (loginUrl.equals(uri)) {
// String manualOut = request.getParameter("manual");
// if (!ComparatorUtils.equals(manualOut, "true")) {
//// String header = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(header) && !isLogin(request)) {
// tokenLogin(request, httpServletResponse);
// sendRedirect(httpServletResponse, home);
// }
// }
// }
// }
// }
// return;
// }
public static void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
String header = req.getHeader("X-Context");
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("xf拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
JSONArray rlNoList = entries.getJSONArray("rlNoList");
int size = rlNoList.size();
List<String> adminFlags = getAdminFlagsRolList();
boolean isAdmin = false;
for (int i = 0; i < size; i++) {
String adminPost = rlNoList.getString(i);
if (isAdminFlags(adminPost, adminFlags)) {
FineLoggerFactory.getLogger().info("本次使用rlNoList管理员登录 ");
isAdmin = true;
break;
}
}
List<String> adminFlagsNmList = getAdminFlagsNmList();
String usrNm = entries.getString("usrNm");
for (String adminName : adminFlagsNmList) {
if(StringUtils.equals(adminName,usrNm)){
FineLoggerFactory.getLogger().info("本次使用usrNm管理员登录 ");
isAdmin=true;
break;
}
}
if (isAdmin) {
FineLoggerFactory.getLogger().info("本次为管理员登录 ");
login(req, res, "admin");
return;
}
// String usrNm = entries.getString("usrNm");
//从 SLN-6585开始usrNm更新成userNo
//如果usrNo的用户名存在则把这个用户的userName改成realUserName
String usrNo = entries.getString("usrNo");
String instNo = entries.getString("instNo");//部门id
String realUserName = usrNo + "_" + instNo;//更改后的用户名
String fullName = entries.getString("fullName");
String alias = fullName + "(" + realUserName + ")";
try {
User user = UserService.getInstance().getUserByUserName(usrNo);
UserController userController = AuthorityContext.getInstance().getUserController();
if (user == null) {
//如果usrNo的用户不存在则检查realUserName的用户是否存在
user = UserService.getInstance().getUserByUserName(realUserName);
if (user == null) {
// FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
}
// FineLoggerFactory.getLogger().info(" 拦截的用户更新:{}", fullName);
user.setRealName(fullName);
user.setUserName(realUserName);
try {
userController.update(user);
} catch (Exception e) {
}
String userId = user.getId();
dealCustomRole(req, userId);
//在判断本地的角色是不是远程没有了,要移除掉
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
List<String> designFlags = getDesignFlags();
boolean isDesignUser = false;
if (!designFlags.isEmpty()) {
for (CustomRole role : roles) {
String name = role.getName();
//如果是有
if (isAdminFlags(name, designFlags)) {
isDesignUser = true;
break;
}
}
}
try {
UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
if (isDesignUser) {
// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
userController.addUserProductType(userId, userProductType.transProductKey());
} else {
// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
userController.removeUserProductType(userId, userProductType.transProductKey());
}
} catch (Exception e) {
// FineLoggerFactory.getLogger().error("数据处理配置出错:{}", e);
}
// if (isAdmin) {
// FineLoggerFactory.getLogger().info("本次为管理员登录 ");
// login(req, res, "admin");
// } else {
// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
// login(req, res, usrNm);
// }
// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", realUserName);
login(req, res, realUserName);
} catch (Exception e) {
e.printStackTrace();
}
}
private static void dealCustomRole(HttpServletRequest req, String userId) throws Exception {
UserController userController = AuthorityContext.getInstance().getUserController();
Boolean needflush = FilterMeConfig.getInstance().getNeedflush();
String header = req.getHeader("X-Context");
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("开始同步角色信息x-content :{}", header);
JSONObject entries = new JSONObject(header);
List<String> remoteRoles = new ArrayList<>();
String pstNo = entries.getString("pstNo");//角色id
String pstNm = entries.getString("pstNm");//角色名称
String realRoleName = pstNm + "(" + pstNo + ")";
remoteRoles.add(pstNo);
try {
//先判断传过来的的角色是不是本地都有,没有要加上
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (!controllerOne.isEmpty()) {
try {
// FineLoggerFactory.getLogger().info("传送过来的角色已存在开始更新,添加关联用户:{}", pstNo, userId);
CustomRole customRole = controllerOne.get(0);
customRole.setName(realRoleName);
customRole.setAlias(pstNo);
customRole.setEnable(true);
customRole.setDescription("通过xcontent添加");
customRoleController.update(customRole);
} catch (Exception e) {
}
} else {
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", pstNo);
CustomRole addRole = new CustomRole();
addRole.setId(pstNo);
addRole.setName(realRoleName);
addRole.setAlias(pstNo);
addRole.setEnable(true);
addRole.setDescription("通过xcontent添加");
try {
customRoleController.add(addRole);
} catch (Exception e) {
}
}
//在判断本地的角色是不是远程没有了,要移除掉
if(needflush){
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
for (CustomRole customRole : roles) {
if ("superusers".equals((customRole.getName()))) {
continue;
}
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
try {
userController.addUserToCustomRole(userId, pstNo);
// FineLoggerFactory.getLogger().info("添加{} 到新角色:{}", userId, pstNo);
} catch (Exception e) {
}
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
//移除原来的部门
if(needflush){
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create());
for (Department department : departmentList) {
userController.removeUserFromDepartment(userId, department.getId());
}
}
String instNm = entries.getString("instNm");
String instNo = entries.getString("instNo");//部门id
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
if (department == null) {
department = new Department();
department.setName(instNm + "(" + instNo + ")");
department.setId(instNo);
department.setEnable(true);
department.description("通过x-content创建");
departmentController.add(department);
// FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
} else {
// department.setName(instNm + "(" + instNo + ")");
// department.setEnable(true);
// departmentController.update(department);
// FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
PostController postController = AuthorityContext.getInstance().getPostController();
List<Post> byUser = postController.findByUser(userId, QueryFactory.create());
//移除原来职位
if(needflush){
for (Post post : byUser) {
List<Department> byPost = departmentController.findByPost(post.getId(), QueryFactory.create());
for (Department department1 : byPost) {
// FineLoggerFactory.getLogger().info("---->>>>移除用户职位 职位id {} 部门id{}", post.getId(), department1.getId());
try {
userController.removeUserFromDepartmentAndPost(userId, department1.getId(), post.getId());
// FineLoggerFactory.getLogger().info("^^^^^^移除用户职位成功 职位id {} 部门id{}", post.getId(), department1.getId());
} catch (Exception e) {
// FineLoggerFactory.getLogger().info("vvvvvv移除用户职位失败 职位id {} 部门id{}", post.getId(), department1.getId());
}
}
}
}
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (post == null) {
post = new Post();
post.setId(pstNo);
post.setName(pstNm + "(" + pstNo + ")");
post.setEnable(true);
postController.add(post);
// FineLoggerFactory.getLogger().info("新增职位,post: {}: name {}", post.getId(), post.getName());
} else {
// post.setName(pstNm + "(" + pstNo + ")");
// post.setEnable(true);
// postController.update(post);
// FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
}
try {
// FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
postController.addPostToDepartment(pstNo, instNo);
} catch (Exception e) {
}
try {
// FineLoggerFactory.getLogger().info("添加用户到职位 到部门,post: {}: dep {},userId:{} ", pstNo, instNo, realRoleName);
userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
} catch (Exception e) {
}
} catch (Exception e) {
printException2FrLog(e);
}
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private static List<String> getAdminFlagsRolList() {
String adminFlags = FilterMeConfig.getInstance().getAdminFlags();
FineLoggerFactory.getLogger().info("本地role管理员角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getAdminFlagsNmList() {
String adminFlags = FilterMeConfig.getInstance().getAdminFlagsNm();
FineLoggerFactory.getLogger().info("本地管理员Nm角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getDesignFlags() {
String adminFlags = FilterMeConfig.getInstance().getDesignFlags();
FineLoggerFactory.getLogger().info("本地设计角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
// FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

150
src/com/fr/plugin/LoginFilter.java
Unescape View File

@ -0,0 +1,150 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.*;
/**
* 废弃
*/
public class LoginFilter extends AbstractEmbedRequestFilterProvider {
private boolean isLogin(HttpServletRequest req){
return LoginService.getInstance().isLogged(req);
}
@Override
public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
String header = req.getHeader("X-Context");
if (StringUtils.isNotBlank(header) && !isLogin(req)) {
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
try {
User user = UserService.getInstance().getUserByUserName(usrNm);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
String userId = user.getId();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
List<String> localRoles = new ArrayList<>();
boolean isAdminRoleFlag = false;
List<String> adminFlags = getAdminFlags();
for (CustomRole role : roles) {
String name = role.getName();
localRoles.add(name);
if(isAdminFlags(name,adminFlags)){
isAdminRoleFlag = true;
}
}
List<String> remoteRoles = new ArrayList<>();
try {
int size = rlNoList.size();
for (int i = 0; i < size; i++) {
String name = rlNoList.getString(i);
remoteRoles.add(name);
}
//先判断传过来的的角色是不是本地都有,没有要加上
for (String role : remoteRoles) {
if (!localRoles.contains(role)) {
userController.addUserToCustomRole(userId, role);
}
}
//在判断本地的角色是不是远程没有了,要移除掉
for (String localRole : localRoles) {
if (!remoteRoles.contains(localRole)) {
userController.removeUserFromCustomRole(userId, localRole);
}
}
} catch (Exception e) {
e.printStackTrace();
}
//如果是管理员标志就直接登录admin账号
if(isAdminRoleFlag){
login(req, res, "admin");
}else {
login(req, res, usrNm);
}
String home = req.getContextPath() + req.getServletPath();
sendRedirect(res, home);
return;
} catch (Exception e) {
e.printStackTrace();
}
}
return;
}
private static boolean isAdminFlags(String flag,List<String> flags){
return flags.contains(flag);
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
}

25
src/com/fr/plugin/LoginOutEventProvider.java
Unescape View File

@ -0,0 +1,25 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
import com.fr.decision.webservice.login.LogInOutResultInfo;
import com.fr.decision.webservice.v10.user.UserService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
public class LoginOutEventProvider extends AbstractLogInOutEventProvider {
@Override
public String logoutAction(LogInOutResultInfo result) {
HttpServletRequest request = result.getRequest();
HttpSession session = request.getSession();
if (session != null) {
session.removeAttribute("fine_auth_token");
}
String servletPath = request.getServletPath();
String contextPath = request.getContextPath();
String url = contextPath + servletPath + "/login?manual=true";
return url;
}
}

139
src/com/fr/plugin/PostionImportgHander.java
Unescape View File

@ -0,0 +1,139 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.third.org.apache.commons.io.IOUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class PostionImportgHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return RequestMethod.POST;
}
@Override
public String getPath() {
return "/depAndPosImport";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
// 传入的json格式
/**
* [
* {
* "fInstNo": "", //父级id
* "instNo": "A01",
* "instNm": "部门一",
* "pstNo": "X1",
* "pstNm": "职务一"
* }
* ]
*/
String body = IOUtils.toString(req.getReader());
FineLoggerFactory.getLogger().info("批量添加部门信息接口收到:{}", body);
try {
JSONArray jsonArray = new JSONArray(body);
int length = jsonArray.length();
for (int i = 0; i < length; i++) {
JSONObject jsonObject = jsonArray.getJSONObject(i);
String fInstNo = jsonObject.getString("fInstNo");
String instNo = jsonObject.getString("instNo");//部门id
String instNm = jsonObject.getString("instNm");//部门名称
String pstNo = jsonObject.getString("pstNo");//职务编号
String pstNm = jsonObject.getString("pstNm");//职务名
saveDep(fInstNo, instNo, instNm);
savePosition(instNo, pstNo, pstNm);
}
} catch (Exception e) {
WebUtils.printAsString(res, "json format error");
}
WebUtils.printAsString(res, "success");
}
private void savePosition(String did, String pid, String name) {
PostController postController = AuthorityContext.getInstance().getPostController();
Post post;
try {
post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
if (post == null) {
post = new Post();
post.setId(pid);
post.setName(name + "(" + pid + ")");
post.setEnable(true);
postController.add(post);
FineLoggerFactory.getLogger().info("从接口新增职位,post: {}: name {}", post.getId(), post.getName());
} else {
post.setName(name + "(" + pid + ")");
post.setEnable(true);
postController.update(post);
FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
}
postController.addPostToDepartment(pid, did);
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
CustomRole customRole = customRoleController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
if (customRole == null) {
customRole = new CustomRole();
customRole.id(pid).name(name + "(" + pid + ")").enable(true);
customRoleController.add(customRole);
FineLoggerFactory.getLogger().info("从接口新增角色,id: {}: name {}", customRole.getId(), customRole.getName());
} else {
customRole.name(name + "(" + pid + ")").enable(true);
customRoleController.update(customRole);
FineLoggerFactory.getLogger().info("已存在角色,id: {}: name {}", customRole.getId(), customRole.getName());
}
} catch (Exception e) {
FineLoggerFactory.getLogger().info("添加职位异常: 职位id :{} 部门id:{}: name {}", pid, did, name);
}
}
private void saveDep(String pid, String id, String name) {
try {
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", id)));
if (StringUtils.isBlank(pid)) {
pid = null;
}
if (department == null) {
department = new Department();
department.setName(name + "(" + id + ")");
department.setId(id);
department.setParentId(pid);
department.setEnable(true);
department.description("通过x-content创建");
departmentController.add(department);
FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
} else {
department.setName(name + "(" + id + ")");
department.setParentId(pid);
department.setEnable(true);
departmentController.update(department);
FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
} catch (Exception e) {
FineLoggerFactory.getLogger().error("添加部门:{} 异常", id, e);
}
}
}

348
src/com/fr/plugin/RemoteFilter.java
Unescape View File

@ -0,0 +1,348 @@
package com.fr.plugin;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.impl.user.type.UserProductType;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.exception.RemoteDesignPermissionDeniedException;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.web.service.RemoteDesignAuthorityDataService;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.*;
public class RemoteFilter extends AbstractEmbedRequestFilterProvider {
@Override
public void init(FilterConfig filterConfig) {
FineLoggerFactory.getLogger().info("RemoteFilter 拦截器启动");
FilterMeConfig instance = FilterMeConfig.getInstance();
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
if (uri != null && uri.contains("remote/design/token") && request.getMethod().equalsIgnoreCase("GET")) {
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,design/token {}", uri);
String username = NetworkHelper.getHTTPRequestParameter(request, "username");
String password = NetworkHelper.getHTTPRequestParameter(request, "password");
try {
FineLoggerFactory.getLogger().info("登录的用户名{} 密码:{}", username, password);
JSONObject apilogin = apilogin(username, password);
if (apilogin != null) {
String remoteToken = tokenLogin(apilogin);
FineLoggerFactory.getLogger().info("响应的token: {} ", remoteToken);
if (StringUtils.isNotBlank(remoteToken)) {
WebUtils.printAsString(httpServletResponse, com.fr.plugin.JSONUtils.serialize(Response.ok(remoteToken)));
return;
}
FineLoggerFactory.getLogger().info("登录异常{}", remoteToken);
} else {
renderError(httpServletResponse, "21300007", "User password error!");
}
} catch (Exception e) {
printException2Frlog(e);
if (e instanceof RemoteDesignPermissionDeniedException) {
renderError(httpServletResponse, "31300101", "Fine-Engine_Remote_Design_Permission_Denied");
}
}
}
return;
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private String tokenLogin(JSONObject jsonObject) {
JSONObject entries = jsonObject.getJSONObject("data");
// String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
int size = rlNoList.size();
List<String> adminFlags = getAdminFlags();
boolean isAdmin = false;
for (int i = 0; i < size; i++) {
String adminPost = rlNoList.getString(i);
if (isAdminFlags(adminPost, adminFlags)) {
isAdmin = true;
break;
}
}
if (isAdmin) {
FineLoggerFactory.getLogger().info("remote 本次为管理员登录 ");
try {
return getRemoteToken("admin");
} catch (Exception e) {
printException2Frlog(e);
}
}
String usrNo = entries.getString("usrNo");
String instNo = entries.getString("instNo");//部门id
String realUserName = usrNo + "_" + instNo;//更改后的用户名
String fullName = entries.getString("fullName");
String alias = fullName + "(" + realUserName + ")";
try {
User user = UserService.getInstance().getUserByUserName(realUserName);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("设计器拦截 拦截器新增一个用户 :{}", usrNo);
//如果usrNo的用户不存在则检查realUserName的用户是否存在
user = UserService.getInstance().getUserByUserName(realUserName);
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
}
String userId = user.getId();
// List<String> adminFlags = getAdminFlags();
FineLoggerFactory.getLogger().info(" 设计器拦截 当前的管理员标识符 :{}", adminFlags);
List<String> remoteRoles = new ArrayList<>();
String pstNo = entries.getString("pstNo");//角色id
String pstNm = entries.getString("pstNm");//角色名称
String realRoleName = pstNm + "(" + pstNo + ")";
remoteRoles.add(pstNo);
//先判断传过来的的角色是不是本地都有,没有要加上
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", pstNo)));
if (!controllerOne.isEmpty()) {
try {
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地已存在,添加到用户{} 到角色:{}", userId, pstNo);
CustomRole customRole = controllerOne.get(0);
customRole.setName(realRoleName);
customRole.setAlias(pstNo);
customRole.setEnable(true);
customRole.setDescription("通过xcontent添加");
customRoleController.update(customRole);
userController.addUserToCustomRole(userId, customRole.getId());
} catch (Exception e) {
}
} else {
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地不存在,添加到本地:{}", pstNo);
CustomRole addRole = new CustomRole();
addRole.setId(pstNo);
addRole.setName(realRoleName);
addRole.setAlias(pstNo);
addRole.setEnable(true);
addRole.setDescription("通过xcontent添加");
try {
customRoleController.add(addRole);
userController.addUserToCustomRole(userId, addRole.getId());
} catch (Exception e) {
}
}
//在判断本地的角色是不是远程没有了,要移除掉
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
for (CustomRole customRole : roles) {
if (!remoteRoles.contains(customRole.getId())) {
if ("superusers".equals((customRole.getName()))) {
continue;
}
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
//移除原来的部门
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create());
for (Department department : departmentList) {
userController.removeUserFromDepartment(userId, department.getId());
}
String instNm = entries.getString("instNm");
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
if (department == null) {
FineLoggerFactory.getLogger().info("添加 部门,dep: {}: name {}", instNo, instNo, instNm + "(" + pstNo + "" + ")");
department = new Department();
department.setName(instNm + "(" + pstNo + ")");
department.setId(instNo);
department.setEnable(true);
department.description("通过x-content创建");
departmentController.add(department);
} else {
department.setName(instNm + "(" + pstNo + ")");
department.setParentId(null);
department.setEnable(true);
departmentController.update(department);
FineLoggerFactory.getLogger().info("设计器节点 已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
PostController postController = AuthorityContext.getInstance().getPostController();
List<Post> byUser = postController.findByUser(userId, QueryFactory.create());
//移除原来职位
for (Post post : byUser) {
userController.removeUserFromPost(userId, post.getId());
}
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (post == null) {
post = new Post();
post.setId(pstNo);
post.setName(pstNm + "(" + pstNo + ")");
post.setEnable(true);
postController.add(post);
} else {
post.setName(pstNm + "(" + pstNo + ")");
post.setEnable(true);
postController.update(post);
}
try {
FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
postController.addPostToDepartment(pstNo, instNo);
} catch (Exception e) {
}
try {
FineLoggerFactory.getLogger().info("添加用户到部门,post: {}: dep {} ,userId:{}", pstNo, instNo, userId);
userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
} catch (Exception e) {
}
boolean isDesignUser = false;
List<String> designFlags = getDesignFlags();
if (!designFlags.isEmpty()) {
for (CustomRole role : roles) {
String name = role.getName();
//如果是有
if (isAdminFlags(name, designFlags)) {
isDesignUser = true;
break;
}
}
}
try {
UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
if (isDesignUser) {
userController.addUserProductType(userId, userProductType.transProductKey());
} else {
userController.removeUserProductType(userId, userProductType.transProductKey());
}
} catch (Exception e) {
}
// if (isAdmin) {
// FineLoggerFactory.getLogger().info("设计器拦截 本次为管理员登录");
// return getRemoteToken("admin");
// } else {
FineLoggerFactory.getLogger().info("设计器拦截 本次为普通用户登录:{}", realUserName);
return getRemoteToken(realUserName);
// }
} catch (Exception e) {
e.printStackTrace();
}
return "";
}
private static List<String> getDesignFlags() {
String adminFlags = FilterMeConfig.getInstance().getDesignFlags();
FineLoggerFactory.getLogger().info("remote本地设计角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private void renderError(HttpServletResponse httpServletResponse, String code, String msg) {
try {
WebUtils.printAsString(httpServletResponse, JSONUtils.serialize(Response.error(code, msg)));
} catch (Exception e) {
e.printStackTrace();
}
}
private JSONObject apilogin(String username, String pwd) throws Exception {
String baseUrl = getBaseUrl();
if (StringUtils.isBlank(baseUrl)) {
throw new Exception("未配置接口地址");
}
String api = getBaseUrl() + "check/pwd/finebi";
FineLoggerFactory.getLogger().info("remote访问的接口地址为 {}", api);
JSONObject parm = new JSONObject();
parm.put("userName", username);
parm.put("verifyCode", pwd);
String resp = HttpApi.sendJsonPost(api, parm, "UTF-8");
FineLoggerFactory.getLogger().info("接口响应 {}", resp);
JSONObject jsonObject = new JSONObject(resp);
return jsonObject;
}
public String getRemoteToken(String var1) throws Exception {
User var4 = UserService.getInstance().getUserByUserName(var1);
if (var4 != null && RemoteDesignAuthorityDataService.getInstance().hasAuthority(var4.getId())) {
return JwtUtils.createDefaultJWT(var1);
} else {
throw new RemoteDesignPermissionDeniedException();
}
}
private String getBaseUrl() {
FilterMeConfig instance = FilterMeConfig.getInstance();
String baseUrl = instance.getBaseUrl();
if (StringUtils.isNotBlank(baseUrl)) {
String[] split = baseUrl.split(";");
List<String> strings = Arrays.asList(split);
Collections.shuffle(strings);
return strings.get(0);
}
return "";
}
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
}

128
src/com/fr/plugin/RequestWrapper.java
Unescape View File

@ -0,0 +1,128 @@
package com.fr.plugin;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
/**
* @author 01
* @program wrapper-demo
* @description 包装HttpServletRequest目的是让其输入流可重复读
* @create 2018-12-24 20:48
* @since 1.0
**/
public class RequestWrapper extends HttpServletRequestWrapper {
FineLoggerProvider log = FineLoggerFactory.getLogger();
/**
* 存储body数据的容器
*/
private byte[] body;
public RequestWrapper(HttpServletRequest request) {
super(request);
// 将body数据存储起来
String bodyStr = getBodyString(request);
body = bodyStr.getBytes(Charset.defaultCharset());
}
public void setBody(byte[] body) {
this.body = body;
}
/**
* 获取请求Body
*
* @param request request
* @return String
*/
private String getBodyString(final ServletRequest request) {
try {
return inputStream2String(request.getInputStream());
} catch (IOException e) {
log.error("", e);
throw new RuntimeException(e);
}
}
/**
* 获取请求Body
*
* @return String
*/
public String getBodyString() {
return new String(this.body, StandardCharsets.UTF_8);
}
/**
* 将inputStream里的数据读取出来并转换成字符串
*
* @param inputStream inputStream
* @return String
*/
private String inputStream2String(InputStream inputStream) {
StringBuilder sb = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
String line;
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
log.error("", e);
throw new RuntimeException(e);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
log.error("", e);
}
}
}
return sb.toString();
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream inputStream = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return inputStream.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
}

97
src/com/fr/plugin/XContentRequestWrapper.java
Unescape View File

@ -0,0 +1,97 @@
package com.fr.plugin;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.third.jodd.util.collection.ArrayEnumeration;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.*;
public class XContentRequestWrapper extends HttpServletRequestWrapper {
JSONObject jsonObject = null;
public XContentRequestWrapper(HttpServletRequest request) {
super(request);
String header = request.getHeader("X-Context");
String url = WebUtils.getOriginalURL(request);
try {
if (StringUtils.isNotBlank(header)) {
header = URLDecoder.decode(header, "UTF-8");
jsonObject = new JSONObject(header);
FineLoggerFactory.getLogger().info("当前请求地址:{} \n X-Context :{} ", url, header);
} else {
FineLoggerFactory.getLogger().info("当前请求地址:{} 未携带 X-Context ", url);
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
@Override
public String getParameter(String name) {
String parameter = super.getParameter(name);
if (StringUtils.isBlank(parameter) && jsonObject != null) {
return jsonObject.getString(name);
}
return parameter;
}
@Override
public Map<String, String[]> getParameterMap() {
Map<String, String[]> parameterMap = super.getParameterMap();
Map<String, String[]> stringHashMap = new HashMap<>();
if (jsonObject != null) {
Iterator<String> keys = jsonObject.keys();
while (keys.hasNext()) {
String key = keys.next();
Object value = jsonObject.getValue(key);
if (value != null) {
stringHashMap.put(key, new String[]{
value.toString()
});
}
}
}
stringHashMap.putAll(parameterMap);
return stringHashMap;
}
@Override
public Enumeration<String> getParameterNames() {
Enumeration<String> parameterNames = super.getParameterNames();
if (jsonObject != null) {
Iterator<String> keys = jsonObject.keys();
ArrayList<String> arrayList = new ArrayList<>();
while (keys.hasNext()) {
String next = keys.next();
arrayList.add(next);
}
while (parameterNames.hasMoreElements()) {
String s = parameterNames.nextElement();
arrayList.add(s);
}
ArrayEnumeration<String> dayNames = new ArrayEnumeration<String>(arrayList.toArray(new String[0]));
return dayNames;
}
return parameterNames;
}
@Override
public String[] getParameterValues(String name) {
String[] parameterValues = super.getParameterValues(name);
if (parameterValues == null && jsonObject != null) {
Object stringObjectMap = jsonObject.getValue(name);
if (stringObjectMap != null) {
return new String[]{
stringObjectMap.toString()
};
}
}
return parameterValues;
}
}

16
src/com/fr/plugin/error.html
Unescape View File

@ -0,0 +1,16 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>无权访问</title>
</head>
<body>
<center>
<h2>用户不在白名单,访问被拒绝,请联系管理员处理</h2>
</center>
<hr/>
</body>
</html>

90
src/com/fr/plugin/util/LogUtils.java
Unescape View File

@ -0,0 +1,90 @@
package com.fr.plugin.util;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import com.fr.plugin.context.PluginContexts;
import com.fr.stable.StringUtils;
public final class LogUtils {
private static String LOG_PREFIX = "[单点登录] ";
private static final String PLUGIN_VERSION;
private static final FineLoggerProvider LOGGER = FineLoggerFactory.getLogger();
static {
String version = PluginContexts.currentContext().getMarker().getVersion();
if (StringUtils.isNotBlank(version)) {
PLUGIN_VERSION = "[v" + version + "] ";
} else {
PLUGIN_VERSION = "[unknown version] ";
}
LOG_PREFIX = LOG_PREFIX + PLUGIN_VERSION;
}
public static void setPrefix(String prefix) {
if (prefix != null) {
LOG_PREFIX = prefix;
}
}
public static boolean isDebugEnabled() {
return LOGGER.isDebugEnabled();
}
public static void debug(String s) {
LOGGER.debug(LOG_PREFIX + s);
}
public static void debug(String s, Object... objects) {
LOGGER.debug(LOG_PREFIX + s, objects);
}
public static void debug(String s, Throwable throwable) {
LOGGER.debug(LOG_PREFIX + s, throwable);
}
public static boolean isInfoEnabled() {
return LOGGER.isInfoEnabled();
}
public static void info(String s) {
LOGGER.info(LOG_PREFIX + s);
}
public static void info(String s, Object... objects) {
LOGGER.info(LOG_PREFIX + s, objects);
}
public static void warn(String s) {
LOGGER.warn(LOG_PREFIX + s);
}
public static void warn(String s, Object... objects) {
LOGGER.warn(LOG_PREFIX + s, objects);
}
public static void warn(String s, Throwable throwable) {
LOGGER.warn(LOG_PREFIX + s, throwable);
}
public static void warn(Throwable throwable, String s, Object... objects) {
LOGGER.warn(throwable, LOG_PREFIX + s, objects);
}
public static void error(String s) {
LOGGER.error(LOG_PREFIX + s);
}
public static void error(String s, Object... objects) {
LOGGER.error(LOG_PREFIX + s, objects);
}
public static void error(String s, Throwable throwable) {
LOGGER.error(LOG_PREFIX + s, throwable);
}
public static void error(Throwable throwable, String s, Object... objects) {
LOGGER.error(throwable, LOG_PREFIX + s, objects);
}
}

26
src/com/fr/plugin/util/RequestUtils.java
Unescape View File

@ -0,0 +1,26 @@
package com.fr.plugin.util;
import com.fr.stable.StringUtils;
import javax.servlet.http.HttpServletRequest;
/**
* @author Peng
*/
public class RequestUtils {
/**
* todo 有待测试
* @param request
* @return
*/
public static String getFullUrl(HttpServletRequest request) {
String url = request.getRequestURI();
String queryString = request.getQueryString();
if (StringUtils.isNotEmpty(queryString)) {
url = url + "?" + queryString;
}
return url;
}
}

35
src/com/fr/plugin/util/ResponseUtils.java
Unescape View File

@ -0,0 +1,35 @@
package com.fr.plugin.util;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.json.JSONObject;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletResponse;
public final class ResponseUtils {
/**
* 打印之前会自动处理 Content-Type
*/
public static void printAsJSON( HttpServletResponse response, JSONObject jsonObject) throws Exception {
// todo 这里的 charset 有没有可能是别的呢?
response.setContentType("application/json;charset=utf-8");
WebUtils.printAsJSON(response, jsonObject);
}
/**
* todo
*
* 参考方法签名
* generateUnavailableWebPage(String result, String reason, String solution)
* generateErrorWebPage(String result, String reason, String solution)
*
*/
public static void printErrorPage() {
// 可参考 ↓
// String errorHtml = WebServiceUtils.generateUnavailableWebPage("单点登录失败", reason, "");
// String errorHtml = WebServiceUtils.generateErrorWebPage("单点登录失败", reason, "");
// WebUtils.printAsString(response, errorHtml);
}
}

464
src/com/fr/sso/cas/FRAccessFilter.java
Unescape View File

@ -0,0 +1,464 @@
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package com.fr.sso.cas;
import com.fr.base.ServerConfig;
import com.fr.base.TemplateUtils;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.data.User;
import com.fr.decision.mobile.terminal.TerminalHandler;
import com.fr.decision.privilege.TransmissionTool;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
import com.fr.decision.webservice.bean.authentication.LoginResponseInfoBean;
import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean;
import com.fr.decision.webservice.exception.login.UserLoginException;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.login.TokenResource;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
import com.fr.third.fasterxml.jackson.core.JsonParseException;
import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
import com.fr.third.fasterxml.jackson.databind.type.TypeFactory;
import com.fr.web.utils.WebUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.nio.charset.Charset;
import java.util.Hashtable;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class FRAccessFilter implements Filter {
public String[] loginPageNecessaryResources = new String[]{"fineui.min.css", "login.min.css", "fineui.min.js", "I18nTextGenerator", "ConstantGenerator", "login.min.js", "logo.png", "login.png", "login-img.png", "iconfont.woff"};
private String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName();
private String[] noFilterUrls;
private static ObjectMapper objectMapper = new ObjectMapper();
private static boolean isDev = true;
public FRAccessFilter() {
this.noFilterUrls = new String[]{this.servletNamePrefix + "/login", this.servletNamePrefix + "/login/config", this.servletNamePrefix + "/system/info", this.servletNamePrefix + "/login/cross/domain", this.servletNamePrefix + "/remote"};
}
public void init(FilterConfig filterConfig) throws ServletException {
}
private boolean isApp(HttpServletRequest request) {
String header = request.getHeader("User-Agent");
if (StringUtils.isNotBlank(header) && header.contains("FineReact")) {
return true;
} else {
String deviceType = request.getParameter("deviceType");
if (StringUtils.isNotBlank(deviceType)) {
return true;
} else {
String terminal = request.getHeader("terminal");
return StringUtils.isNotBlank(terminal) && terminal.equals("APP");
}
}
}
private boolean isMobLogin(HttpServletRequest request) {
if (this.isApp(request) && request.getMethod().equals("POST")) {
String requestURI = request.getRequestURI();
if (requestURI.endsWith("/login")) {
return true;
}
}
return false;
}
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", new Object[]{s});
}
public boolean getAuthenticator(String useruid, String userPassword, String applicationUsername, String applicationPassword) throws NamingException {
boolean result = false;
boolean flag = false;
DirContext ctx = null;
Hashtable env = new Hashtable();
env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
if (isDev) {
env.put("java.naming.provider.url", "ldap://XXXX");
} else {
env.put("java.naming.provider.url", "ldap://XXXX");
}
env.put("java.naming.security.authentication", "simple");
env.put("java.naming.security.principal", applicationUsername);
env.put("java.naming.security.credentials", applicationPassword);
try {
ctx = new InitialDirContext(env);
FineLoggerFactory.getLogger().info("Applications Authentication Succeed");
flag = true;
} catch (NamingException var31) {
if (ctx != null) {
try {
ctx.close();
FineLoggerFactory.getLogger().info("------------------------------------------");
} catch (NamingException var26) {
FineLoggerFactory.getLogger().info("ctx close occur NamingException, error message:" + var26);
}
}
FineLoggerFactory.getLogger().info(" Applications Authentication Failed, error messgae: " + var31);
flag = false;
return false;
}
SearchControls constraints = new SearchControls();
if (flag) {
NamingEnumeration en = null;
try {
constraints.setSearchScope(2);
String[] returnAttrs = new String[]{"*"};
constraints.setReturningAttributes(returnAttrs);
String basedn = "dc=bizenit,dc=com";
String searchFilter = "(|(uid=" + useruid + ")(smart-alias=" + useruid + "))";
FineLoggerFactory.getLogger().info("filter:" + searchFilter);
en = ctx.search(basedn, searchFilter, constraints);
} catch (Exception var29) {
FineLoggerFactory.getLogger().info("search occur Exception, error message:" + var29);
printException2Frlog(var29);
}
if (en.hasMoreElements()) {
DirContext ctxUser = null;
Hashtable envUser = new Hashtable();
envUser.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
if (isDev) {
envUser.put("java.naming.provider.url", "ldap://XXXX");
} else {
envUser.put("java.naming.provider.url", "ldap://XXXX");
}
envUser.put("java.naming.security.authentication", "simple");
envUser.put("java.naming.security.principal", ((SearchResult)en.next()).getNameInNamespace());
envUser.put("java.naming.security.credentials", userPassword);
try {
Object o = envUser.get("java.naming.provider.url");
FineLoggerFactory.getLogger().info("LDAP认证服务器地址:{} 认证用户名:{}", new Object[]{o, envUser.get("java.naming.security.principal")});
ctxUser = new InitialDirContext(envUser);
FineLoggerFactory.getLogger().info("User Login Succeed");
result = true;
constraints.setTimeLimit(1000);
constraints.setDerefLinkFlag(false);
constraints.setReturningAttributes(new String[]{"*"});
} catch (NamingException var28) {
FineLoggerFactory.getLogger().info("user Authentication occured NamingException,error message:" + var28);
printException2Frlog(var28);
} finally {
if (ctxUser != null) {
try {
ctxUser.close();
} catch (NamingException var25) {
FineLoggerFactory.getLogger().info("ctxUser close occured NamingException,error message:" + var25);
}
}
}
} else {
result = false;
}
try {
if (en != null) {
en.close();
}
if (ctx != null) {
ctx.close();
}
} catch (NamingException var27) {
FineLoggerFactory.getLogger().info("close occured NamingException,error message:" + var27);
printException2Frlog(var27);
}
}
return result;
}
public static <T> T deserialize(String json, Class<T> clazz) {
Object object = null;
try {
object = objectMapper.readValue(json, TypeFactory.rawClass(clazz));
} catch (JsonParseException e) {
} catch (JsonMappingException e) {
} catch (IOException e) {
}
return (T) object;
}
private String inputStream2String(InputStream inputStream) {
StringBuilder sb = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
String line;
while((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException var12) {
throw new RuntimeException(var12);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException var11) {
}
}
}
return sb.toString();
}
public static String serialize(Object object) {
StringWriter write = new StringWriter();
try {
objectMapper.writeValue(write, object);
} catch (JsonGenerationException var3) {
} catch (JsonMappingException var4) {
} catch (IOException var5) {
}
return write.toString();
}
private void mobLogin(HttpServletRequest req, HttpServletResponse response, LoginRequestInfoBean loginReqInfo) throws Exception {
String password = TransmissionTool.decrypt(loginReqInfo.isEncrypted(), loginReqInfo.getPassword());
String username = loginReqInfo.getUsername();
if (WebServiceUtils.containSQLChars(username)) {
Response error = Response.error("21300015", "Special char prohibit!");
WebUtils.printAsString(response, serialize(error));
} else {
User user = UserService.getInstance().getUserByUserName(username);
if (user == null) {
throw new UserLoginException();
} else {
String adminName = "XXXX";
String adminPwd = "XXXX";
if (isDev) {
adminName = "XXXX";
adminPwd = "XXXX";
}
if (this.getAuthenticator(username, password, adminName, adminPwd)) {
String token = this.login(req, response, username);
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
LoginResponseInfoBean infoBean = new LoginResponseInfoBean(token, originUrlResponseBean, user.getUserName(), loginReqInfo.getValidity());
WebUtils.printAsString(response, serialize(infoBean));
} else {
Response error = Response.error("21300007", "User not exist, or wrong password!");
WebUtils.printAsString(response, serialize(error));
}
}
}
}
public static boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
try {
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
return false;
} else {
Device device = NetworkHelper.getDevice(req);
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
return true;
}
} catch (Exception var4) {
return false;
}
}
private boolean isLogin(HttpServletRequest request) {
try {
return LoginService.getInstance().isLogged(request);
} catch (Exception var3) {
return false;
}
}
private String login(HttpServletRequest req, HttpServletResponse res, String username) {
try {
String oldToken = TokenResource.COOKIE.getToken(req);
if (oldToken == null || !checkTokenValid(req, oldToken, username)) {
HttpSession session = req.getSession(true);
String token = LoginService.getInstance().login(req, res, username);
// session.setAttribute("fine_auth_token", token);
req.setAttribute("fine_auth_token", token);
return token;
}
} catch (Exception var7) {
FineLoggerFactory.getLogger().error(var7.getMessage(), var7);
}
return null;
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletRequest.setCharacterEncoding("UTF-8");
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String noIdmParameter = request.getParameter("no-idm");
String pathInfo;
if (this.isMobLogin(request)) {
pathInfo = this.inputStream2String(request.getInputStream());
try {
LoginRequestInfoBean infoBean = (LoginRequestInfoBean)deserialize(pathInfo, LoginRequestInfoBean.class);
if (this.isLogin(request)) {
String oldToken = TokenResource.COOKIE.getToken(request);
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
LoginResponseInfoBean respBean = new LoginResponseInfoBean(oldToken, originUrlResponseBean, infoBean.getUsername(), infoBean.getValidity());
WebUtils.printAsString(response, serialize(respBean));
} else {
this.mobLogin(request, response, infoBean);
}
return;
} catch (Exception var13) {
FineLoggerFactory.getLogger().info("LDAP认证失败:" + var13.getMessage());
}
}
if (this.isApp(request)) {
setCookie(response, "no-idm", "true");
pathInfo = request.getPathInfo();
this.forwardRequest(request, response);
} else {
if (StringUtils.isNotEmpty(noIdmParameter)) {
boolean isNoIdm = Boolean.parseBoolean(noIdmParameter);
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
if (noIdmCookie != null) {
if (Boolean.parseBoolean(noIdmCookie.getValue()) != isNoIdm) {
if (isNoIdm) {
setCookie(response, "no-idm", "true");
} else {
setCookie(response, "no-idm", "false");
}
}
} else if (isNoIdm) {
setCookie(response, "no-idm", "true");
} else {
setCookie(response, "no-idm", "false");
}
} else {
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
if (noIdmCookie == null) {
setCookie(response, "no-idm", "false");
}
}
if (!this.isNoFilterUrls(request) && !this.isRequestLoginPageNecessaryResources(request) && !this.isFromNoIdmPage(request)) {
User user = null;
try {
user = UserService.getInstance().getUserByRequestCookie(request);
} catch (Exception var12) {
}
if (user != null) {
this.forwardRequest(request, response);
} else if (StringUtils.isNotEmpty(noIdmParameter) && Boolean.parseBoolean(noIdmParameter)) {
this.forwardRequest(request, response);
} else {
filterChain.doFilter(request, response);
}
} else {
this.forwardRequest(request, response);
}
}
}
private static void setCookie(HttpServletResponse response, String name, String value) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
response.addCookie(cookie);
}
public void destroy() {
}
public boolean isNoFilterUrls(HttpServletRequest request) {
String requestURI = request.getRequestURI();
String[] var3 = this.noFilterUrls;
int var4 = var3.length;
for(int var5 = 0; var5 < var4; ++var5) {
String url = var3[var5];
if (requestURI.contains(url)) {
return true;
}
}
return false;
}
public boolean isRequestLoginPageNecessaryResources(HttpServletRequest request) {
String queryString = request.getQueryString();
if (StringUtils.isEmpty(queryString)) {
return false;
} else {
String[] var3 = this.loginPageNecessaryResources;
int var4 = var3.length;
for(int var5 = 0; var5 < var4; ++var5) {
String parameter = var3[var5];
if (queryString.contains(parameter)) {
return true;
}
}
return false;
}
}
private boolean isFromNoIdmPage(HttpServletRequest request) {
String referer = request.getHeader("Referer");
return StringUtils.isNotEmpty(referer) && referer.contains("no-idm=true");
}
private void forwardRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String contextPath = request.getContextPath();
String relativePath = request.getRequestURI().replace(contextPath, "");
request.getRequestDispatcher(relativePath).forward(request, response);
}
}
Write Preview
Loading…
Cancel
Save