LAPTOP-SB56SG4Q\86185
3 years ago
28 changed files with 3337 additions and 1 deletions
Binary file not shown.
Binary file not shown.
@ -1,3 +1,6 @@
|
||||
# open-JSD-7963 |
||||
|
||||
JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息 |
||||
JSD-7963 复合单点登录+登录时增量更新用户组织和权限信息\ |
||||
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\ |
||||
仅作为开发者学习参考使用!禁止用于任何商业用途!\ |
||||
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。 |
@ -0,0 +1,29 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> |
||||
<plugin> |
||||
<id>com.fr.plugin.sln5591</id> |
||||
<name><![CDATA[单点登录]]></name> |
||||
<active>yes</active> |
||||
<version>1.8.0</version> |
||||
<env-version>10.0</env-version> |
||||
<jartime>2019-03-10</jartime> |
||||
<vendor>fr.open</vendor> |
||||
<description><![CDATA[拦截器]]></description> |
||||
<change-notes> |
||||
|
||||
</change-notes> |
||||
<main-package>com.fr.plugin</main-package> |
||||
<function-recorder class="com.fr.plugin.FRloginFilter"/> |
||||
<extra-decision> |
||||
<!--插件注入HttpHandler--> |
||||
<HttpHandlerProvider class="com.fr.plugin.JHHttpHander"/> |
||||
<!--<WebResourceProvider class="com.fr.plugin.LanLinJSHander"/>--> |
||||
<URLAliasProvider class="com.fr.plugin.JHUrlAliasProvider"/> |
||||
<EmbedRequestFilterProvider class="com.fr.plugin.RemoteFilter"/> |
||||
<!--这个是真实的--> |
||||
<GlobalRequestFilterProvider class="com.fr.plugin.LastloginFilter"/> |
||||
<!--这个是代理--> |
||||
<GlobalRequestFilterProvider class="com.fr.plugin.GlobalRequestFilterPlaceHolder"/> |
||||
<GlobalRequestFilterProvider class="com.fr.plugin.DataFilterPlaceHolder"/> |
||||
<LogInOutEventProvider class="com.fr.plugin.LoginOutEventProvider"/> |
||||
</extra-decision> |
||||
</plugin> |
@ -0,0 +1,38 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.BaseHttpHandler; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.springframework.web.bind.annotation.RequestMethod; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
public class ChangeConfigHander extends BaseHttpHandler { |
||||
@Override |
||||
public RequestMethod getMethod() { |
||||
return null; |
||||
} |
||||
|
||||
@Override |
||||
public String getPath() { |
||||
return "/change1"; |
||||
} |
||||
|
||||
@Override |
||||
public boolean isPublic() { |
||||
return true; |
||||
} |
||||
|
||||
@Override |
||||
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { |
||||
String config = req.getParameter("config"); |
||||
FilterMeConfig instance = FilterMeConfig.getInstance(); |
||||
if (StringUtils.isBlank(config)) { |
||||
instance.setAdminFlags(""); |
||||
} else { |
||||
instance.setAdminFlags(config); |
||||
} |
||||
WebUtils.printAsString(res, "success"); |
||||
} |
||||
} |
@ -0,0 +1,38 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.BaseHttpHandler; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.springframework.web.bind.annotation.RequestMethod; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
public class ChangeDesignConfigHander extends BaseHttpHandler { |
||||
@Override |
||||
public RequestMethod getMethod() { |
||||
return null; |
||||
} |
||||
|
||||
@Override |
||||
public String getPath() { |
||||
return "/change2"; |
||||
} |
||||
|
||||
@Override |
||||
public boolean isPublic() { |
||||
return true; |
||||
} |
||||
|
||||
@Override |
||||
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { |
||||
String designConfig = req.getParameter("config"); |
||||
FilterMeConfig instance = FilterMeConfig.getInstance(); |
||||
if (StringUtils.isBlank(designConfig)) { |
||||
instance.setDesignFlags(""); |
||||
} else { |
||||
instance.setDesignFlags(designConfig); |
||||
} |
||||
WebUtils.printAsString(res, "success"); |
||||
} |
||||
} |
@ -0,0 +1,108 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.stable.StringUtils; |
||||
|
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.io.PrintWriter; |
||||
import java.io.StringWriter; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.net.URLDecoder; |
||||
import java.util.Iterator; |
||||
|
||||
public class DataFilterPlaceHolder extends AbstractGlobalRequestFilterProvider { |
||||
@Override |
||||
public String filterName() { |
||||
return "a1data"; |
||||
} |
||||
|
||||
@Override |
||||
public String[] urlPatterns() { |
||||
return new String[]{ |
||||
"/*" |
||||
}; |
||||
} |
||||
|
||||
@Override |
||||
public void init(FilterConfig filterConfig) { |
||||
FilterMeConfig.getInstance(); |
||||
super.init(filterConfig); |
||||
} |
||||
|
||||
@Override |
||||
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) { |
||||
if (request.getMethod().equalsIgnoreCase("POST")) { |
||||
if (request.getPathInfo() != null && request.getPathInfo().endsWith("v5/design/widget/data")) { |
||||
String header = request.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(header)) { |
||||
RequestWrapper wrapper = new RequestWrapper(request); |
||||
String bodyString = wrapper.getBodyString(); |
||||
JSONObject entries = new JSONObject(bodyString); |
||||
try { |
||||
delJSON(header, entries); |
||||
// FineLoggerFactory.getLogger().info("设置到body中 :{}", entries);
|
||||
wrapper.setBody(entries.toString().getBytes()); |
||||
filterChain.doFilter(wrapper, httpServletResponse); |
||||
} catch (IOException e) { |
||||
printException2FrLog(e); |
||||
} catch (ServletException e) { |
||||
printException2FrLog(e); |
||||
} |
||||
return; |
||||
} |
||||
} |
||||
} |
||||
try { |
||||
filterChain.doFilter(request, httpServletResponse); |
||||
} catch (IOException e) { |
||||
printException2FrLog(e); |
||||
} catch (ServletException e) { |
||||
printException2FrLog(e); |
||||
} |
||||
} |
||||
|
||||
private void delJSON(String head, JSONObject req) { |
||||
try { |
||||
head = URLDecoder.decode(head, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
FineLoggerFactory.getLogger().error("收到的 Context:{}", head); |
||||
JSONObject jsonObject = new JSONObject(head); |
||||
Iterator<String> keys = jsonObject.keys(); |
||||
if (req.has("parameter")) { |
||||
JSONObject parameter = req.getJSONObject("parameter"); |
||||
while (keys.hasNext()) { |
||||
String key = keys.next(); |
||||
String value = jsonObject.getString(key); |
||||
if (!parameter.has(key)) { |
||||
setData(key, value, parameter); |
||||
} |
||||
} |
||||
} |
||||
|
||||
} |
||||
|
||||
private void setData(String name, String data, JSONObject parameter) { |
||||
JSONObject jsonObject = new JSONObject(); |
||||
jsonObject.put("type", 97);//URL参数
|
||||
jsonObject.put("value", data); |
||||
parameter.put(name, jsonObject); |
||||
} |
||||
|
||||
public static void printException2FrLog(Throwable e) { |
||||
StringWriter writer = new StringWriter(); |
||||
e.printStackTrace(new PrintWriter(writer)); |
||||
String s = writer.toString(); |
||||
FineLoggerFactory.getLogger().error("错误:{}", s); |
||||
} |
||||
|
||||
|
||||
} |
@ -0,0 +1,347 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType; |
||||
import com.fr.decision.authority.controller.CustomRoleController; |
||||
import com.fr.decision.authority.controller.UserController; |
||||
import com.fr.decision.authority.data.CustomRole; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.decision.privilege.encrpt.PasswordValidator; |
||||
import com.fr.decision.webservice.utils.UserSourceFactory; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.general.ComparatorUtils; |
||||
import com.fr.general.IOUtils; |
||||
import com.fr.io.utils.ResourceIOUtils; |
||||
import com.fr.json.JSONArray; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.plugin.IpUtils; |
||||
import com.fr.plugin.transform.FunctionRecorder; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import javax.servlet.http.HttpSession; |
||||
import java.io.IOException; |
||||
import java.io.InputStream; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.net.URLDecoder; |
||||
import java.util.ArrayList; |
||||
import java.util.Arrays; |
||||
import java.util.Collections; |
||||
import java.util.Enumeration; |
||||
import java.util.HashMap; |
||||
import java.util.List; |
||||
import java.util.Map; |
||||
import java.util.Properties; |
||||
import java.util.Set; |
||||
import java.util.UUID; |
||||
|
||||
@FunctionRecorder(localeKey = "fr2") |
||||
public class FR2loginFilter extends AbstractEmbedRequestFilterProvider { |
||||
@Override |
||||
public void init(FilterConfig filterConfig) { |
||||
super.init(filterConfig); |
||||
|
||||
} |
||||
|
||||
private static String[] filterUrls = new String[]{ |
||||
"v5/design/report/", |
||||
"view/report", |
||||
"view/form" |
||||
}; |
||||
|
||||
private void sendRedirect(HttpServletResponse res, String url) { |
||||
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); |
||||
res.setHeader("Location", url); |
||||
} |
||||
|
||||
private boolean needFilter(String url) { |
||||
if (StringUtils.isNotBlank(url)) { |
||||
for (String filterUrl : filterUrls) { |
||||
if (url.contains(filterUrl)) { |
||||
return true; |
||||
} |
||||
} |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
private void login(HttpServletRequest req, HttpServletResponse res, String username) { |
||||
HttpSession session = req.getSession(true); |
||||
String token = null; |
||||
try { |
||||
token = LoginService.getInstance().login(req, res, username); |
||||
req.setAttribute("fine_auth_token", token); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
||||
FineLoggerFactory.getLogger().error("login failed"); |
||||
} |
||||
FineLoggerFactory.getLogger().error("login success"); |
||||
} |
||||
|
||||
private boolean ipblackCheck(String ip) { |
||||
String[] blackIps = new String[]{}; |
||||
try { |
||||
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties"); |
||||
if (inputStream != null) { |
||||
String lines = IOUtils.inputStream2String(inputStream); |
||||
blackIps = lines.split("\n"); |
||||
} |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
if ("0:0:0:0:0:0:0:1".equals(ip)) { |
||||
return true; |
||||
} |
||||
for (String blackIp : blackIps) { |
||||
if (!blackIp.contains("-")) { |
||||
if (ip.equals(blackIp)) { |
||||
return true; |
||||
} |
||||
} else { |
||||
String trim = blackIp.trim(); |
||||
String[] split = trim.split("-"); |
||||
if (split.length > 1) { |
||||
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) { |
||||
return true; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
private void writerOurError(HttpServletResponse httpServletResponse) { |
||||
try { |
||||
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap()); |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private boolean isLogin(HttpServletRequest req) { |
||||
return LoginService.getInstance().isLogged(req); |
||||
} |
||||
|
||||
@Override |
||||
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException { |
||||
String uri = request.getRequestURI(); |
||||
String ip = IpUtils.getIp(request); |
||||
if (!ipblackCheck(ip)) { |
||||
writerOurError(httpServletResponse); |
||||
return; |
||||
} |
||||
if (request.getMethod().equalsIgnoreCase("GET")) { |
||||
//直接return 就开始执行原来的逻辑
|
||||
if (request.getParameter("sendTwo") != null) { |
||||
return; |
||||
} |
||||
|
||||
//需要特殊处理的url按照特殊处理
|
||||
if (needFilter(uri)) { |
||||
sendRedirect(httpServletResponse, getUrl(request)); |
||||
return; |
||||
} |
||||
|
||||
String loginUrl = request.getContextPath() + request.getServletPath() + "/login"; |
||||
String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true"; |
||||
if (loginUrl.equals(uri)) { |
||||
String manualOut = request.getParameter("manual"); |
||||
if (!ComparatorUtils.equals(manualOut, "true")) { |
||||
String header = request.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(header) && !isLogin(request)) { |
||||
tokenLogin(request, httpServletResponse); |
||||
sendRedirect(httpServletResponse, home); |
||||
} |
||||
} |
||||
} |
||||
} |
||||
return; |
||||
} |
||||
|
||||
private void tokenLogin(HttpServletRequest req, HttpServletResponse res) { |
||||
String header = req.getHeader("X-Context"); |
||||
try { |
||||
header = URLDecoder.decode(header, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header); |
||||
JSONObject entries = new JSONObject(header); |
||||
String usrNm = entries.getString("usrNm"); |
||||
JSONArray rlNoList = entries.getJSONArray("rlNoList"); |
||||
try { |
||||
User user = UserService.getInstance().getUserByUserName(usrNm); |
||||
UserController userController = AuthorityContext.getInstance().getUserController(); |
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
if (user == null) { |
||||
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm); |
||||
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator(); |
||||
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString())) |
||||
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true); |
||||
userController.add(user); |
||||
} |
||||
String userId = user.getId(); |
||||
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create()); |
||||
boolean isAdminRoleFlag = false; |
||||
List<String> adminFlags = getAdminFlags(); |
||||
FineLoggerFactory.getLogger().info("当前的管理员标识符 :{}", adminFlags); |
||||
List<String> remoteRoles = new ArrayList<>(); |
||||
try { |
||||
int size = rlNoList.size(); |
||||
for (int i = 0; i < size; i++) { |
||||
String name = rlNoList.getString(i); |
||||
remoteRoles.add(name); |
||||
FineLoggerFactory.getLogger().info("传送过来的角色:{}", name); |
||||
if (isAdminFlags(name, adminFlags)) { |
||||
isAdminRoleFlag = true; |
||||
} |
||||
} |
||||
|
||||
//先判断传过来的的角色是不是本地都有,没有要加上
|
||||
for (String role : remoteRoles) { |
||||
boolean find = false; |
||||
for (CustomRole customRole : roles) { |
||||
if (ComparatorUtils.equals(customRole.getName(), role)) { |
||||
find = true; |
||||
} |
||||
} |
||||
if (!find) { |
||||
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
|
||||
// List<CustomRole> roleList = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
|
||||
// FineLoggerFactory.getLogger().info("通过角色名称{} 查询出来的本地角色:{}", role, roleList.size());
|
||||
// for (CustomRole customRole : roleList) {
|
||||
// FineLoggerFactory.getLogger().info("给用户新增角色:{}", customRole.getId());
|
||||
// userController.addUserToCustomRole(userId, customRole.getId());
|
||||
// }
|
||||
FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role); |
||||
CustomRole addRole = new CustomRole(); |
||||
addRole.setName(role); |
||||
addRole.setAlias(role); |
||||
addRole.setId(UUID.randomUUID().toString()); |
||||
addRole.setDescription("通过xcontent添加"); |
||||
customRoleController.add(addRole); |
||||
userController.addUserToCustomRole(userId, addRole.getId()); |
||||
} |
||||
} |
||||
//在判断本地的角色是不是远程没有了,要移除掉
|
||||
for (CustomRole customRole : roles) { |
||||
if (!remoteRoles.contains(customRole.getName())) { |
||||
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName()); |
||||
userController.removeUserFromCustomRole(userId, customRole.getId()); |
||||
} |
||||
} |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
//如果是管理员标志就直接登录admin账号
|
||||
if (isAdminRoleFlag) { |
||||
FineLoggerFactory.getLogger().info("本次为管理员登录"); |
||||
login(req, res, "admin"); |
||||
} else { |
||||
FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm); |
||||
login(req, res, usrNm); |
||||
} |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private static boolean isAdminFlags(String flag, List<String> flags) { |
||||
return flags.contains(flag); |
||||
} |
||||
|
||||
private List<String> getAdminFlags() { |
||||
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties"); |
||||
if (inputStream != null) { |
||||
Properties properties = new Properties(); |
||||
try { |
||||
properties.load(inputStream); |
||||
String adminflag = properties.getProperty("adminflag"); |
||||
if (StringUtils.isNotBlank(adminflag)) { |
||||
String[] split = adminflag.split(","); |
||||
return Arrays.asList(split); |
||||
} |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private String getUrl(HttpServletRequest request) { |
||||
String url = "/"; |
||||
try { |
||||
url = "http://" + request.getServerName()//服务器地址
|
||||
+ ":" |
||||
+ request.getServerPort() + request.getRequestURI(); |
||||
Enumeration<String> parameterNames = request.getParameterNames(); |
||||
Map<String, String> reqParams = new HashMap<>(); |
||||
while (parameterNames.hasMoreElements()) { |
||||
String key = parameterNames.nextElement(); |
||||
reqParams.put(key, request.getParameter(key)); |
||||
} |
||||
Map<String, String> parmas = header2url(request); |
||||
reqParams.putAll(parmas); |
||||
String header2url = map2String(reqParams); |
||||
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url); |
||||
if (url.contains("?")) { |
||||
url += header2url; |
||||
} else { |
||||
url += "?a=1" + header2url; |
||||
} |
||||
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
url += "&sendTwo=true"; |
||||
return url; |
||||
} |
||||
|
||||
|
||||
private Map<String, String> header2url(HttpServletRequest request) { |
||||
Map<String, String> params = new HashMap<>(); |
||||
String context = request.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(context)) { |
||||
try { |
||||
context = URLDecoder.decode(context, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
JSONObject jsonObject = new JSONObject(context); |
||||
String userNo = jsonObject.getString("usrNo"); |
||||
String userNm = jsonObject.getString("usrNm"); |
||||
String pstNo = jsonObject.getString("pstNo"); |
||||
String instNo = jsonObject.getString("instNo"); |
||||
String accInstNo = jsonObject.getString("accInstNo"); |
||||
String admnInstNo = jsonObject.getString("admnInstNo"); |
||||
params.put("usrNo", userNo); |
||||
params.put("usrNm", userNm); |
||||
params.put("pstNo", pstNo); |
||||
params.put("instNo", instNo); |
||||
params.put("accInstNo", accInstNo); |
||||
params.put("admnInstNo", admnInstNo); |
||||
} |
||||
params.put("sendTwo", "true"); |
||||
return params; |
||||
} |
||||
|
||||
private String map2String(Map<String, String> params) { |
||||
StringBuffer buffer = new StringBuffer(); |
||||
Set<String> strings = params.keySet(); |
||||
for (String key : strings) { |
||||
buffer.append("&").append(key).append("=").append(params.get(key)); |
||||
} |
||||
return buffer.toString(); |
||||
} |
||||
|
||||
} |
@ -0,0 +1,165 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.plugin.transform.FunctionRecorder; |
||||
import com.fr.stable.StringUtils; |
||||
|
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.io.PrintWriter; |
||||
import java.io.StringWriter; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.net.URLDecoder; |
||||
import java.util.Enumeration; |
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
import java.util.Set; |
||||
|
||||
@FunctionRecorder(localeKey = "frfilter") |
||||
public class FRloginFilter extends AbstractEmbedRequestFilterProvider { |
||||
|
||||
private void sendRedirect(HttpServletResponse res, String url) { |
||||
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); |
||||
res.setHeader("Location", url); |
||||
} |
||||
|
||||
@Override |
||||
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException { |
||||
String uri = request.getRequestURI(); |
||||
if (uri != null && uri.contains("v5/design/report/share") && request.getMethod().equalsIgnoreCase("GET")) { |
||||
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,需要跳转share {}", uri); |
||||
if (request.getParameter("sendTwo") != null) { |
||||
return; |
||||
} |
||||
String url = getUrl(request); |
||||
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,跳转出来的 {}", url); |
||||
sendRedirect(httpServletResponse, url); |
||||
} |
||||
} |
||||
|
||||
//
|
||||
// private String getUrl(HttpServletRequest request){
|
||||
// String url = "/";
|
||||
// try {
|
||||
// url = "http://" + request.getServerName()//服务器地址
|
||||
// + ":"
|
||||
// + request.getServerPort() + request.getRequestURI() ;
|
||||
// String queryString = request.getQueryString();
|
||||
// String header2url = header2url(request);
|
||||
// if (StringUtils.isNotBlank(queryString)) {
|
||||
// url+= "?"+queryString+header2url;
|
||||
// }else{
|
||||
// url+="?a=1"+header2url;
|
||||
// }
|
||||
// if(url.contains("?")){
|
||||
// url+="&sendTwo=true";
|
||||
// }else{
|
||||
// url+="?sendTwo=true";
|
||||
// }
|
||||
// } catch (Exception e) {
|
||||
// printException2Frlog(e);
|
||||
// }
|
||||
// return url;
|
||||
// }
|
||||
public static void printException2Frlog(Exception e) { |
||||
StringWriter writer = new StringWriter(); |
||||
e.printStackTrace(new PrintWriter(writer)); |
||||
String s = writer.toString(); |
||||
FineLoggerFactory.getLogger().error("错误:{}", s); |
||||
} |
||||
//
|
||||
// private String header2url(HttpServletRequest request){
|
||||
// StringBuffer buffer=new StringBuffer();
|
||||
// String context = request.getHeader("X-Context");
|
||||
// if (StringUtils.isNotBlank(context)) {
|
||||
// try {
|
||||
// context = URLDecoder.decode(context, "UTF-8");
|
||||
// } catch (UnsupportedEncodingException e) {
|
||||
// e.printStackTrace();
|
||||
// }
|
||||
// JSONObject jsonObject = new JSONObject(context);
|
||||
// String userNo = jsonObject.getString("usrNo");
|
||||
// String userNm = jsonObject.getString("usrNm");
|
||||
// String pstNo = jsonObject.getString("pstNo");
|
||||
// String instNo = jsonObject.getString("instNo");
|
||||
// String accInstNo = jsonObject.getString("accInstNo");
|
||||
// String admnInstNo = jsonObject.getString("admnInstNo");
|
||||
// buffer.append("&userNo=").append(userNo).append("&userNm=").append(userNm).append("&pstNo=").append(pstNo).append("&instNo=").append(instNo)
|
||||
// .append("&accInstNo=").append(accInstNo).append("&admnInstNo=").append(admnInstNo);
|
||||
// }
|
||||
//
|
||||
// buffer.append("&sendTwo=true");
|
||||
// return buffer.toString();
|
||||
// }
|
||||
|
||||
private String getUrl(HttpServletRequest request) { |
||||
String url = "/"; |
||||
try { |
||||
url = "http://" + request.getServerName()//服务器地址
|
||||
+ ":" |
||||
+ request.getServerPort() + request.getRequestURI(); |
||||
Enumeration<String> parameterNames = request.getParameterNames(); |
||||
Map<String, String> reqParams = new HashMap<>(); |
||||
while (parameterNames.hasMoreElements()) { |
||||
String key = parameterNames.nextElement(); |
||||
reqParams.put(key, request.getParameter(key)); |
||||
} |
||||
Map<String, String> parmas = header2url(request); |
||||
reqParams.putAll(parmas); |
||||
String header2url = map2String(reqParams); |
||||
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url); |
||||
if (url.contains("?")) { |
||||
url += header2url; |
||||
} else { |
||||
url += "?a=1" + header2url; |
||||
} |
||||
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
url += "&sendTwo=true"; |
||||
return url; |
||||
} |
||||
|
||||
|
||||
private Map<String, String> header2url(HttpServletRequest request) { |
||||
Map<String, String> params = new HashMap<>(); |
||||
String context = request.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(context)) { |
||||
try { |
||||
context = URLDecoder.decode(context, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
JSONObject jsonObject = new JSONObject(context); |
||||
String userNo = jsonObject.getString("usrNo"); |
||||
String userNm = jsonObject.getString("usrNm"); |
||||
String pstNo = jsonObject.getString("pstNo"); |
||||
String instNo = jsonObject.getString("instNo"); |
||||
String accInstNo = jsonObject.getString("accInstNo"); |
||||
String admnInstNo = jsonObject.getString("admnInstNo"); |
||||
params.put("usrNo", userNo); |
||||
params.put("usrNm", userNm); |
||||
params.put("pstNo", pstNo); |
||||
params.put("instNo", instNo); |
||||
params.put("accInstNo", accInstNo); |
||||
params.put("admnInstNo", admnInstNo); |
||||
} |
||||
params.put("sendTwo", "true"); |
||||
return params; |
||||
} |
||||
|
||||
private String map2String(Map<String, String> params) { |
||||
StringBuffer buffer = new StringBuffer(); |
||||
Set<String> strings = params.keySet(); |
||||
for (String key : strings) { |
||||
buffer.append("&").append(key).append("=").append(params.get(key)); |
||||
} |
||||
return buffer.toString(); |
||||
} |
||||
|
||||
} |
@ -0,0 +1,82 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.config.*; |
||||
import com.fr.config.holder.Conf; |
||||
import com.fr.config.holder.factory.Holders; |
||||
|
||||
@Visualization(category = "系统接口地址配置") |
||||
public class FilterMeConfig extends DefaultConfiguration { |
||||
private static volatile FilterMeConfig config = null; |
||||
|
||||
public static FilterMeConfig getInstance() { |
||||
if (config == null) { |
||||
config = ConfigContext.getConfigInstance(FilterMeConfig.class); |
||||
} |
||||
return config; |
||||
} |
||||
|
||||
@Identifier(value = "baseUrl", name = "接口地址", description = "", status = Status.SHOW) |
||||
private Conf<String> baseUrl = Holders.simple("http://localhost:8080/"); |
||||
|
||||
@Identifier(value = "adminFlags", name = "管理员标识符rlNoList", description = "使用分号分隔", status = Status.SHOW) |
||||
private Conf<String> adminFlags = Holders.simple(""); |
||||
@Identifier(value = "adminFlagsNm", name = "管理员标识符usrNm", description = "使用分号分隔", status = Status.SHOW) |
||||
private Conf<String> adminFlagsNm = Holders.simple(""); |
||||
@Identifier(value = "designFlags", name = "设计用户标识符", description = "使用分号分隔", status = Status.SHOW) |
||||
private Conf<String> designFlags = Holders.simple(""); |
||||
@Identifier(value = "needflush", name = "是否需要刷新权限", description = "使用分号分隔", status = Status.SHOW) |
||||
private Conf<Boolean> needflush = Holders.simple(true); |
||||
|
||||
public String getDesignFlags() { |
||||
return designFlags.get(); |
||||
} |
||||
|
||||
public void setDesignFlags(String designFlags) { |
||||
this.designFlags.set(designFlags); |
||||
} |
||||
|
||||
public String getAdminFlags() { |
||||
return adminFlags.get(); |
||||
} |
||||
|
||||
public void setAdminFlags(String adminFlags) { |
||||
this.adminFlags.set(adminFlags); |
||||
} |
||||
|
||||
public String getBaseUrl() { |
||||
return baseUrl.get(); |
||||
} |
||||
|
||||
|
||||
public void setBaseUrl(String baseUrl) { |
||||
this.baseUrl.set(baseUrl); |
||||
} |
||||
|
||||
public String getAdminFlagsNm() { |
||||
return adminFlagsNm.get(); |
||||
} |
||||
|
||||
public void setAdminFlagsNm(String adminFlagsNm) { |
||||
this.adminFlagsNm.set(adminFlagsNm); |
||||
; |
||||
} |
||||
|
||||
public Boolean getNeedflush() { |
||||
return needflush.get(); |
||||
} |
||||
|
||||
public void setNeedflush(Boolean needflush) { |
||||
this.needflush.set(needflush); |
||||
} |
||||
|
||||
@Override |
||||
public Object clone() throws CloneNotSupportedException { |
||||
FilterMeConfig cloned = (FilterMeConfig) super.clone(); |
||||
cloned.baseUrl = (Conf<String>) baseUrl.clone(); |
||||
cloned.adminFlags = (Conf<String>) adminFlags.clone(); |
||||
cloned.designFlags = (Conf<String>) designFlags.clone(); |
||||
cloned.adminFlagsNm = (Conf<String>) adminFlagsNm.clone(); |
||||
cloned.needflush = (Conf<Boolean>) needflush.clone(); |
||||
return cloned; |
||||
} |
||||
} |
@ -0,0 +1,110 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.ExtraDecisionClassManager; |
||||
import com.fr.decision.fun.GlobalRequestFilterProvider; |
||||
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
||||
import com.fr.event.Event; |
||||
import com.fr.event.EventDispatcher; |
||||
import com.fr.event.Listener; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.plugin.context.PluginContext; |
||||
import com.fr.plugin.injectable.PluginModule; |
||||
import com.fr.plugin.observer.PluginEventType; |
||||
import com.fr.stable.StringUtils; |
||||
|
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.util.Set; |
||||
|
||||
/** |
||||
* @author fr.open |
||||
*/ |
||||
public class GlobalRequestFilterPlaceHolder extends AbstractGlobalRequestFilterProvider { |
||||
private static final String CURRENT_PLUGIN_ID = "com.fr.plugin.sln5591";//需要求个这两个配置
|
||||
private static final String CURRENT_FILTER_NAME = "lastLogin"; |
||||
private static GlobalRequestFilterProvider PLACE_HOLDER_IMPL_FILTER; |
||||
|
||||
@Override |
||||
public void init(FilterConfig filterConfig) { |
||||
Set<GlobalRequestFilterProvider> providers = ExtraDecisionClassManager.getInstance().getArray(GlobalRequestFilterProvider.MARK_STRING); |
||||
if (providers != null) { |
||||
for (GlobalRequestFilterProvider provider : providers) { |
||||
String filterName = provider.filterName(); |
||||
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) { |
||||
PLACE_HOLDER_IMPL_FILTER = provider; |
||||
break; |
||||
} |
||||
} |
||||
} |
||||
|
||||
com.fr.stable.Filter<PluginContext> filter = new com.fr.stable.Filter<PluginContext>() { |
||||
@Override |
||||
public boolean accept(PluginContext context) { |
||||
String pluginId = context.getID(); |
||||
return context.contain(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING) && CURRENT_PLUGIN_ID.equals(pluginId); |
||||
} |
||||
}; |
||||
|
||||
EventDispatcher.listen(PluginEventType.AfterRun, new Listener<PluginContext>() { |
||||
@Override |
||||
public void on(Event event, PluginContext context) { |
||||
Set<GlobalRequestFilterProvider> providers = context.getRuntime().get(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING); |
||||
if (providers != null) { |
||||
for (GlobalRequestFilterProvider provider : providers) { |
||||
String filterName = provider.filterName(); |
||||
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) { |
||||
PLACE_HOLDER_IMPL_FILTER = provider; |
||||
break; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
}, filter); |
||||
|
||||
EventDispatcher.listen(PluginEventType.BeforeStop, new Listener<PluginContext>() { |
||||
@Override |
||||
public void on(Event event, PluginContext context) { |
||||
PLACE_HOLDER_IMPL_FILTER = null; |
||||
} |
||||
}, filter); |
||||
} |
||||
|
||||
@Override |
||||
public String filterName() { |
||||
return "GlobalRequestFilterPlaceHolder"; |
||||
} |
||||
|
||||
@Override |
||||
public String[] urlPatterns() { |
||||
return new String[]{ |
||||
"/*" |
||||
}; |
||||
} |
||||
|
||||
@Override |
||||
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) { |
||||
try { |
||||
process(request, response, filterChain); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error(e, e.getMessage()); |
||||
try { |
||||
filterChain.doFilter(request, response); |
||||
} catch (Exception ex) { |
||||
FineLoggerFactory.getLogger().error(ex, ex.getMessage()); |
||||
} |
||||
} |
||||
} |
||||
|
||||
public void process(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception { |
||||
if (PLACE_HOLDER_IMPL_FILTER == null) { |
||||
if(FineLoggerFactory.getLogger().isDebugEnabled()) { |
||||
FineLoggerFactory.getLogger().debug("[GlobalRequestFilterPlaceHolder] placeHolderImplFilter 为 null"); |
||||
} |
||||
filterChain.doFilter(request, response); |
||||
} else { |
||||
PLACE_HOLDER_IMPL_FILTER.doFilter(request, response, filterChain); |
||||
} |
||||
} |
||||
} |
@ -0,0 +1,130 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.base.ServerConfig; |
||||
import com.fr.json.JSONObject; |
||||
|
||||
import java.io.BufferedReader; |
||||
import java.io.InputStreamReader; |
||||
import java.io.PrintWriter; |
||||
import java.net.HttpURLConnection; |
||||
import java.net.URL; |
||||
import java.net.URLEncoder; |
||||
import java.util.Iterator; |
||||
import java.util.Map; |
||||
import java.util.Set; |
||||
|
||||
public class HttpApi { |
||||
|
||||
|
||||
|
||||
private static String getParam(Map<String, Object> var0, String enc) { |
||||
String var1 = ""; |
||||
Set var2 = var0.keySet(); |
||||
Iterator var3 = var2.iterator(); |
||||
|
||||
while (var3.hasNext()) { |
||||
String var4 = (String) var3.next(); |
||||
String var5 = var0.get(var4) + ""; |
||||
|
||||
try { |
||||
var1 = var1 + (var1.length() == 0 ? "" : "&") + URLEncoder.encode(var4, enc) + "=" + URLEncoder.encode(var5, enc); |
||||
} catch (Exception var7) { |
||||
; |
||||
} |
||||
} |
||||
|
||||
return var1; |
||||
} |
||||
public static String post(String path, Map<String, Object> param) { |
||||
String var3 = getParam(param, ServerConfig.getInstance().getServerCharset()); |
||||
PrintWriter var4 = null; |
||||
BufferedReader var5 = null; |
||||
String var6 = ""; |
||||
|
||||
try { |
||||
URL var7 = new URL(path); |
||||
HttpURLConnection var8 = (HttpURLConnection) var7.openConnection(); |
||||
var8.setRequestProperty("accept", "*/*"); |
||||
var8.setRequestProperty("connection", "Keep-Alive"); |
||||
var8.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); |
||||
// var8.setRequestProperty("Accept-Charset", "UTF-8");
|
||||
var8.setRequestMethod("POST"); |
||||
var8.setDoOutput(true); |
||||
var8.setDoInput(true); |
||||
var4 = new PrintWriter(var8.getOutputStream()); |
||||
var4.print(var3); |
||||
var4.flush(); |
||||
|
||||
String var9; |
||||
for (var5 = new BufferedReader(new InputStreamReader(var8.getInputStream(), "UTF-8")); (var9 = var5.readLine()) != null; var6 = var6 + var9) { |
||||
; |
||||
} |
||||
} catch (Exception var18) { |
||||
var18.printStackTrace(); |
||||
} finally { |
||||
try { |
||||
if (var4 != null) { |
||||
var4.close(); |
||||
} |
||||
|
||||
if (var5 != null) { |
||||
var5.close(); |
||||
} |
||||
} catch (Exception var17) { |
||||
; |
||||
} |
||||
|
||||
} |
||||
|
||||
return var6; |
||||
} |
||||
|
||||
public static String sendJsonPost(String var0, JSONObject var1, String var2) { |
||||
PrintWriter var3 = null; |
||||
BufferedReader var4 = null; |
||||
HttpURLConnection var5 = null; |
||||
String var6 = ""; |
||||
|
||||
try { |
||||
URL var7 = new URL(var0); |
||||
var5 = (HttpURLConnection) var7.openConnection(); |
||||
var5.setRequestProperty("Content-Type", "application/json;charset=utf8"); |
||||
// var5.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=utf8");
|
||||
var5.setRequestProperty("accept", "*/*"); |
||||
var5.setRequestProperty("connection", "Keep-Alive"); |
||||
var5.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); |
||||
var5.setRequestProperty("Accept-Charset", var2); |
||||
var5.setRequestMethod("POST"); |
||||
var5.setDoOutput(true); |
||||
var5.setDoInput(true); |
||||
var3 = new PrintWriter(var5.getOutputStream()); |
||||
var3.print(var1.toString()); |
||||
var3.flush(); |
||||
|
||||
String var8; |
||||
for (var4 = new BufferedReader(new InputStreamReader(var5.getInputStream(), var2)); (var8 = var4.readLine()) != null; var6 = var6 + var8) { |
||||
; |
||||
} |
||||
} catch (Exception var17) { |
||||
var17.printStackTrace(); |
||||
} finally { |
||||
try { |
||||
if (var3 != null) { |
||||
var3.close(); |
||||
} |
||||
|
||||
if (var4 != null) { |
||||
var4.close(); |
||||
} |
||||
} catch (Exception var16) { |
||||
; |
||||
} |
||||
|
||||
var5.disconnect(); |
||||
} |
||||
|
||||
System.out.println(var6); |
||||
return var6; |
||||
} |
||||
|
||||
} |
@ -0,0 +1,62 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
|
||||
public class IpUtils { |
||||
/** |
||||
* 将字符串形式IP地址127.0.0.1转换10234564321 |
||||
* |
||||
* @param strIP |
||||
* @return |
||||
*/ |
||||
public static long ip2Long(String strIP) { |
||||
long[] ip = new long[4]; |
||||
// 先找到IP地址字符串中.的位置
|
||||
int position1 = strIP.indexOf("."); |
||||
int position2 = strIP.indexOf(".", position1 + 1); |
||||
int position3 = strIP.indexOf(".", position2 + 1); |
||||
// 将每个.之间的字符串转换成整型
|
||||
ip[0] = Long.parseLong(strIP.substring(0, position1)); |
||||
ip[1] = Long.parseLong(strIP.substring(position1 + 1, position2)); |
||||
ip[2] = Long.parseLong(strIP.substring(position2 + 1, position3)); |
||||
ip[3] = Long.parseLong(strIP.substring(position3 + 1)); |
||||
return (ip[0] << 24) + (ip[1] << 16) + (ip[2] << 8) + ip[3]; |
||||
} |
||||
|
||||
public static String getIp(HttpServletRequest request) { |
||||
String remoteIp = request.getRemoteAddr(); |
||||
|
||||
// 多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
|
||||
if (remoteIp != null && remoteIp.length() > 15) { |
||||
if (remoteIp.indexOf(",") > 0) { |
||||
remoteIp = remoteIp.substring(0, remoteIp.indexOf(",")); |
||||
} |
||||
} |
||||
return remoteIp; |
||||
} |
||||
|
||||
/** |
||||
* 将字符串形式IP地址转换long类型 |
||||
* @param ip |
||||
* @return |
||||
*/ |
||||
public static long getIp2long(String ip) { |
||||
ip = ip.trim(); |
||||
String[] ips = ip.split("\\."); |
||||
long ip1 = Integer.parseInt(ips[0]); |
||||
long ip2 = Integer.parseInt(ips[1]); |
||||
long ip3 = Integer.parseInt(ips[2]); |
||||
long ip4 = Integer.parseInt(ips[3]); |
||||
return ip1 * 256 * 256 * 256 + ip2 * 256 * 256 + ip3 * 256 + ip4; |
||||
} |
||||
/** |
||||
* 判断一个ip地址是否在某个ip段范围内 |
||||
* @param ip |
||||
* @param startIP |
||||
* @param endIP |
||||
* @return |
||||
*/ |
||||
public static boolean ipExistsInRange(String ip, String startIP, String endIP) { |
||||
return (getIp2long(startIP)<=getIp2long(ip)) && (getIp2long(ip)<=getIp2long(endIP)); |
||||
} |
||||
} |
@ -0,0 +1,14 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.HttpHandler; |
||||
import com.fr.decision.fun.impl.AbstractHttpHandlerProvider; |
||||
|
||||
public class JHHttpHander extends AbstractHttpHandlerProvider { |
||||
|
||||
private HttpHandler[] actions = new HttpHandler[]{new ChangeConfigHander() ,new ChangeDesignConfigHander(),new PostionImportgHander() }; |
||||
|
||||
@Override |
||||
public HttpHandler[] registerHandlers() { |
||||
return actions; |
||||
} |
||||
} |
@ -0,0 +1,17 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractURLAliasProvider; |
||||
import com.fr.decision.webservice.url.alias.URLAlias; |
||||
import com.fr.decision.webservice.url.alias.URLAliasFactory; |
||||
|
||||
public class JHUrlAliasProvider extends AbstractURLAliasProvider { |
||||
@Override |
||||
public URLAlias[] registerAlias() { |
||||
return new URLAlias[]{ |
||||
//第一个参数就是就是别名地址,第二个就是HttpHandler中设置的地址,第三个参数就是设置该请求是否公开(需要和对应的HttpHandler.isPublic方法返回一直,要不然会报错404),返回的是一个非通配
|
||||
URLAliasFactory.createPluginAlias("/config/admin", "/change1", true), |
||||
URLAliasFactory.createPluginAlias("/config/import", "/depAndPosImport", true), |
||||
URLAliasFactory.createPluginAlias("/config/design", "/change2", true) |
||||
}; |
||||
} |
||||
} |
@ -0,0 +1,28 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.third.fasterxml.jackson.core.JsonGenerationException; |
||||
import com.fr.third.fasterxml.jackson.databind.JsonMappingException; |
||||
import com.fr.third.fasterxml.jackson.databind.ObjectMapper; |
||||
|
||||
import java.io.IOException; |
||||
import java.io.StringWriter; |
||||
import java.io.Writer; |
||||
|
||||
/** |
||||
* JSON序列化和反序列化相关操作类 |
||||
*/ |
||||
public class JSONUtils { |
||||
private static ObjectMapper objectMapper = new ObjectMapper(); |
||||
|
||||
public static String serialize(Object object) { |
||||
Writer write = new StringWriter(); |
||||
try { |
||||
objectMapper.writeValue(write, object); |
||||
} catch (JsonGenerationException e) { |
||||
} catch (JsonMappingException e) { |
||||
} catch (IOException e) { |
||||
} |
||||
return write.toString(); |
||||
} |
||||
|
||||
} |
@ -0,0 +1,647 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType; |
||||
import com.fr.decision.authority.controller.CustomRoleController; |
||||
import com.fr.decision.authority.controller.DepartmentController; |
||||
import com.fr.decision.authority.controller.PostController; |
||||
import com.fr.decision.authority.controller.UserController; |
||||
import com.fr.decision.authority.data.CustomRole; |
||||
import com.fr.decision.authority.data.Department; |
||||
import com.fr.decision.authority.data.Post; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
||||
import com.fr.decision.privilege.encrpt.PasswordValidator; |
||||
import com.fr.decision.webservice.impl.user.type.UserProductType; |
||||
import com.fr.decision.webservice.utils.UserSourceFactory; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.general.ComparatorUtils; |
||||
import com.fr.general.IOUtils; |
||||
import com.fr.io.utils.ResourceIOUtils; |
||||
import com.fr.json.JSONArray; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.plugin.transform.FunctionRecorder; |
||||
import com.fr.plugin.util.LogUtils; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
import com.fr.stable.query.restriction.RestrictionFactory; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import javax.servlet.http.HttpSession; |
||||
import java.io.*; |
||||
import java.net.URLDecoder; |
||||
import java.util.*; |
||||
|
||||
@FunctionRecorder(localeKey = "fr2") |
||||
public class LastloginFilter extends AbstractGlobalRequestFilterProvider { |
||||
@Override |
||||
public String filterName() { |
||||
return "lastLogin"; |
||||
} |
||||
|
||||
@Override |
||||
public String[] urlPatterns() { |
||||
return new String[]{ |
||||
"/oookkkk" |
||||
}; |
||||
} |
||||
|
||||
@Override |
||||
public void init(FilterConfig filterConfig) { |
||||
FilterMeConfig.getInstance(); |
||||
super.init(filterConfig); |
||||
} |
||||
|
||||
@Override |
||||
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) { |
||||
String uri = request.getRequestURI(); |
||||
String ip = com.fr.plugin.IpUtils.getIp(request); |
||||
String header = request.getHeader("X-Context"); |
||||
// try {
|
||||
// FineLoggerFactory.getLogger().info("Context:{}", URLDecoder.decode(header, "utf-8"));
|
||||
// } catch (UnsupportedEncodingException e) {
|
||||
// e.printStackTrace();
|
||||
// }
|
||||
// printCookies(request);
|
||||
// FineLoggerFactory.getLogger().info("请求url:{}", WebUtils.getOriginalURL(request));
|
||||
if (isRemoteDesignRequest(request) || isResourceFileRequest(request)) { |
||||
try { |
||||
filterChain.doFilter(request, httpServletResponse); |
||||
} catch (IOException e) { |
||||
printException2FrLog(e); |
||||
} catch (ServletException e) { |
||||
printException2FrLog(e); |
||||
} |
||||
return; |
||||
} |
||||
|
||||
if (!ipblackCheck(ip)) { |
||||
writerOurError(httpServletResponse); |
||||
return; |
||||
} |
||||
|
||||
if (request.getMethod().equalsIgnoreCase("GET")) { |
||||
|
||||
if (StringUtils.isNotBlank(header)) { |
||||
XContentRequestWrapper wrapper = new XContentRequestWrapper(request); |
||||
// wrapper.getParameterMap();
|
||||
// String a = wrapper.getParameter("a");
|
||||
// wrapper.getParameterNames();
|
||||
// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
|
||||
if (isLogin(wrapper)) { |
||||
// String usrNm = wrapper.getParameter("usrNm");
|
||||
//从2021-01-29开始的需求, SLN-6585开始修改用户名使用userNo代替
|
||||
String usrNo = wrapper.getParameter("usrNo"); |
||||
String instNo = wrapper.getParameter("instNo"); |
||||
String realUserName = usrNo + "_" + instNo; |
||||
// FineLoggerFactory.getLogger().info("登录信息:{}", realUserName);
|
||||
User logindUser = null; |
||||
try { |
||||
logindUser = UserService.getInstance().getUserByRequestCookie(request); |
||||
UserService instance = UserService.getInstance(); |
||||
// FineLoggerFactory.getLogger().info("当前登录的用户名称:{}", logindUser.getUserName());
|
||||
//如果登录过并且不是管理员就判断是否是同一个用户
|
||||
if (!instance.isAdmin(logindUser.getId())) { |
||||
//如果登录的用户和content的中不一致则切换登录用户
|
||||
if (!ComparatorUtils.equals(logindUser.getUserName(), realUserName)) { |
||||
FineLoggerFactory.getLogger().info("当前登录的用户和xcontent的不一致,切换用户为:{}", realUserName); |
||||
tokenLogin(request, httpServletResponse); |
||||
} else { |
||||
//如果一致则判断角色是否变化
|
||||
try { |
||||
FineLoggerFactory.getLogger().info("当前用户已经登录,进行权限适配:{}", realUserName); |
||||
dealCustomRole(wrapper, logindUser.getId()); |
||||
} catch (Exception e) { |
||||
printException2FrLog(e); |
||||
} |
||||
} |
||||
} |
||||
} catch (Exception e) { |
||||
printException2FrLog(e); |
||||
} |
||||
} else { |
||||
FineLoggerFactory.getLogger().info("xc1当前未登录开始登录"); |
||||
tokenLogin(request, httpServletResponse); |
||||
} |
||||
try { |
||||
filterChain.doFilter(wrapper, httpServletResponse); |
||||
} catch (IOException e) { |
||||
printException2FrLog(e); |
||||
} catch (ServletException e) { |
||||
printException2FrLog(e); |
||||
} |
||||
return; |
||||
} |
||||
} |
||||
try { |
||||
filterChain.doFilter(request, httpServletResponse); |
||||
} catch (IOException e) { |
||||
printException2FrLog(e); |
||||
} catch (ServletException e) { |
||||
printException2FrLog(e); |
||||
} |
||||
} |
||||
|
||||
// private void printCookies(HttpServletRequest request) {
|
||||
// Cookie[] cookies = request.getCookies();
|
||||
// if (null != cookies) {
|
||||
// for (Cookie cookie : cookies) {
|
||||
// FineLoggerFactory.getLogger().info("收到的cookies name {} value:{}", cookie.getName(), cookie.getValue());
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
|
||||
/** |
||||
* 判断是否是远程设计请求 |
||||
*/ |
||||
private boolean isRemoteDesignRequest(HttpServletRequest request) { |
||||
String pathInfo = request.getPathInfo(); |
||||
return StringUtils.isNotEmpty(pathInfo) && pathInfo.startsWith("/remote/design"); |
||||
} |
||||
|
||||
|
||||
private void adminLogin(HttpServletRequest request) { |
||||
|
||||
} |
||||
|
||||
/** |
||||
* 判断是否是资源文件请求 |
||||
*/ |
||||
private boolean isResourceFileRequest(HttpServletRequest request) { |
||||
String pathInfo = request.getPathInfo(); |
||||
if (StringUtils.isEmpty(pathInfo)) { |
||||
return false; |
||||
} |
||||
|
||||
return pathInfo.startsWith("/resources") || pathInfo.startsWith("/file"); |
||||
} |
||||
|
||||
public static void printException2FrLog(Throwable e) { |
||||
StringWriter writer = new StringWriter(); |
||||
e.printStackTrace(new PrintWriter(writer)); |
||||
String s = writer.toString(); |
||||
FineLoggerFactory.getLogger().error("错误:{}", s); |
||||
} |
||||
|
||||
private void sendRedirect(HttpServletResponse res, String url) { |
||||
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); |
||||
res.setHeader("Location", url); |
||||
} |
||||
|
||||
|
||||
private static void login(HttpServletRequest req, HttpServletResponse res, String username) { |
||||
HttpSession session = req.getSession(true); |
||||
String token = null; |
||||
try { |
||||
token = LoginService.getInstance().login(req, res, username); |
||||
req.setAttribute("fine_auth_token", token); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
||||
FineLoggerFactory.getLogger().error("login failed"); |
||||
} |
||||
FineLoggerFactory.getLogger().error("login success"); |
||||
} |
||||
|
||||
private boolean ipblackCheck(String ip) { |
||||
String[] blackIps = new String[]{}; |
||||
try { |
||||
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties"); |
||||
if (inputStream != null) { |
||||
String lines = IOUtils.inputStream2String(inputStream); |
||||
blackIps = lines.split("\n"); |
||||
} |
||||
} catch (IOException e) { |
||||
LogUtils.error(e.getMessage(), e); |
||||
} |
||||
if ("0:0:0:0:0:0:0:1".equals(ip)) { |
||||
// LogUtils.info("IP 地址为服务器本机 IPv6 地址: {},直接放行。", ip);
|
||||
return true; |
||||
} |
||||
if ("127.0.0.1".equals(ip)) { |
||||
// LogUtils.info("IP 地址为服务器本机 IPv4 地址: {},直接放行。", ip);
|
||||
return true; |
||||
} |
||||
for (String blackIp : blackIps) { |
||||
if (!blackIp.contains("-")) { |
||||
if (ip.equals(blackIp)) { |
||||
return true; |
||||
} |
||||
} else { |
||||
String trim = blackIp.trim(); |
||||
String[] split = trim.split("-"); |
||||
if (split.length > 1) { |
||||
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) { |
||||
return true; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
private void writerOurError(HttpServletResponse httpServletResponse) { |
||||
try { |
||||
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap()); |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private boolean isLogin(HttpServletRequest req) { |
||||
return LoginService.getInstance().isLogged(req); |
||||
} |
||||
|
||||
// public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
|
||||
// String uri = request.getRequestURI();
|
||||
// String ip = IpUtils.getIp(request);
|
||||
// if (!ipblackCheck(ip)) {
|
||||
// writerOurError(httpServletResponse);
|
||||
// return;
|
||||
// }
|
||||
// if (request.getMethod().equalsIgnoreCase("GET")) {
|
||||
// String header = request.getHeader("X-Context");
|
||||
// if (StringUtils.isNotBlank(header)) {
|
||||
// XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
|
||||
//// String a = wrapper.getParameter("a");
|
||||
//// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
|
||||
// if (isLogin(wrapper)) {
|
||||
// String usrNm = wrapper.getParameter("usrNm");
|
||||
// String userNameFromRequest = LoginService.getInstance().getUserNameFromRequestCookie(request);
|
||||
// //如果登录的用户和content的中不一致则切换登录用户
|
||||
// if (!ComparatorUtils.equals(userNameFromRequest, usrNm)) {
|
||||
// tokenLogin(request, httpServletResponse);
|
||||
// }
|
||||
// } else {
|
||||
// tokenLogin(request, httpServletResponse);
|
||||
// return;
|
||||
// }
|
||||
//
|
||||
// String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
|
||||
// String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
|
||||
// if (loginUrl.equals(uri)) {
|
||||
// String manualOut = request.getParameter("manual");
|
||||
// if (!ComparatorUtils.equals(manualOut, "true")) {
|
||||
//// String header = request.getHeader("X-Context");
|
||||
// if (StringUtils.isNotBlank(header) && !isLogin(request)) {
|
||||
// tokenLogin(request, httpServletResponse);
|
||||
// sendRedirect(httpServletResponse, home);
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// }
|
||||
// return;
|
||||
// }
|
||||
|
||||
public static void tokenLogin(HttpServletRequest req, HttpServletResponse res) { |
||||
String header = req.getHeader("X-Context"); |
||||
try { |
||||
header = URLDecoder.decode(header, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
FineLoggerFactory.getLogger().info("xf拦截器捕获一个请求 x-content :{}", header); |
||||
JSONObject entries = new JSONObject(header); |
||||
JSONArray rlNoList = entries.getJSONArray("rlNoList"); |
||||
int size = rlNoList.size(); |
||||
List<String> adminFlags = getAdminFlagsRolList(); |
||||
boolean isAdmin = false; |
||||
for (int i = 0; i < size; i++) { |
||||
String adminPost = rlNoList.getString(i); |
||||
if (isAdminFlags(adminPost, adminFlags)) { |
||||
FineLoggerFactory.getLogger().info("本次使用rlNoList管理员登录 "); |
||||
isAdmin = true; |
||||
break; |
||||
} |
||||
} |
||||
List<String> adminFlagsNmList = getAdminFlagsNmList(); |
||||
String usrNm = entries.getString("usrNm"); |
||||
for (String adminName : adminFlagsNmList) { |
||||
if(StringUtils.equals(adminName,usrNm)){ |
||||
FineLoggerFactory.getLogger().info("本次使用usrNm管理员登录 "); |
||||
isAdmin=true; |
||||
break; |
||||
} |
||||
} |
||||
if (isAdmin) { |
||||
FineLoggerFactory.getLogger().info("本次为管理员登录 "); |
||||
login(req, res, "admin"); |
||||
return; |
||||
} |
||||
// String usrNm = entries.getString("usrNm");
|
||||
//从 SLN-6585开始usrNm更新成userNo
|
||||
//如果usrNo的用户名存在则把这个用户的userName改成realUserName
|
||||
String usrNo = entries.getString("usrNo"); |
||||
String instNo = entries.getString("instNo");//部门id
|
||||
String realUserName = usrNo + "_" + instNo;//更改后的用户名
|
||||
String fullName = entries.getString("fullName"); |
||||
String alias = fullName + "(" + realUserName + ")"; |
||||
try { |
||||
User user = UserService.getInstance().getUserByUserName(usrNo); |
||||
UserController userController = AuthorityContext.getInstance().getUserController(); |
||||
if (user == null) { |
||||
//如果usrNo的用户不存在则检查realUserName的用户是否存在
|
||||
user = UserService.getInstance().getUserByUserName(realUserName); |
||||
if (user == null) { |
||||
// FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
|
||||
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator(); |
||||
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString())) |
||||
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true); |
||||
userController.add(user); |
||||
} |
||||
} |
||||
// FineLoggerFactory.getLogger().info(" 拦截的用户更新:{}", fullName);
|
||||
user.setRealName(fullName); |
||||
user.setUserName(realUserName); |
||||
try { |
||||
userController.update(user); |
||||
} catch (Exception e) { |
||||
} |
||||
String userId = user.getId(); |
||||
dealCustomRole(req, userId); |
||||
//在判断本地的角色是不是远程没有了,要移除掉
|
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
|
||||
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create()); |
||||
List<String> designFlags = getDesignFlags(); |
||||
boolean isDesignUser = false; |
||||
if (!designFlags.isEmpty()) { |
||||
for (CustomRole role : roles) { |
||||
String name = role.getName(); |
||||
//如果是有
|
||||
if (isAdminFlags(name, designFlags)) { |
||||
isDesignUser = true; |
||||
break; |
||||
} |
||||
} |
||||
} |
||||
try { |
||||
UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
|
||||
if (isDesignUser) { |
||||
// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
|
||||
userController.addUserProductType(userId, userProductType.transProductKey()); |
||||
} else { |
||||
// FineLoggerFactory.getLogger().info("查找到当前用户有对应角色的设计标志:");
|
||||
userController.removeUserProductType(userId, userProductType.transProductKey()); |
||||
} |
||||
} catch (Exception e) { |
||||
// FineLoggerFactory.getLogger().error("数据处理配置出错:{}", e);
|
||||
} |
||||
// if (isAdmin) {
|
||||
// FineLoggerFactory.getLogger().info("本次为管理员登录 ");
|
||||
// login(req, res, "admin");
|
||||
// } else {
|
||||
// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
|
||||
// login(req, res, usrNm);
|
||||
// }
|
||||
// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", realUserName);
|
||||
login(req, res, realUserName); |
||||
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private static void dealCustomRole(HttpServletRequest req, String userId) throws Exception { |
||||
UserController userController = AuthorityContext.getInstance().getUserController(); |
||||
Boolean needflush = FilterMeConfig.getInstance().getNeedflush(); |
||||
String header = req.getHeader("X-Context"); |
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
try { |
||||
header = URLDecoder.decode(header, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
FineLoggerFactory.getLogger().info("开始同步角色信息x-content :{}", header); |
||||
JSONObject entries = new JSONObject(header); |
||||
List<String> remoteRoles = new ArrayList<>(); |
||||
String pstNo = entries.getString("pstNo");//角色id
|
||||
String pstNm = entries.getString("pstNm");//角色名称
|
||||
String realRoleName = pstNm + "(" + pstNo + ")"; |
||||
remoteRoles.add(pstNo); |
||||
try { |
||||
//先判断传过来的的角色是不是本地都有,没有要加上
|
||||
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo))); |
||||
if (!controllerOne.isEmpty()) { |
||||
try { |
||||
// FineLoggerFactory.getLogger().info("传送过来的角色已存在开始更新,添加关联用户:{}", pstNo, userId);
|
||||
CustomRole customRole = controllerOne.get(0); |
||||
customRole.setName(realRoleName); |
||||
customRole.setAlias(pstNo); |
||||
customRole.setEnable(true); |
||||
customRole.setDescription("通过xcontent添加"); |
||||
customRoleController.update(customRole); |
||||
} catch (Exception e) { |
||||
} |
||||
} else { |
||||
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", pstNo);
|
||||
CustomRole addRole = new CustomRole(); |
||||
addRole.setId(pstNo); |
||||
addRole.setName(realRoleName); |
||||
addRole.setAlias(pstNo); |
||||
addRole.setEnable(true); |
||||
addRole.setDescription("通过xcontent添加"); |
||||
try { |
||||
customRoleController.add(addRole); |
||||
} catch (Exception e) { |
||||
} |
||||
} |
||||
//在判断本地的角色是不是远程没有了,要移除掉
|
||||
if(needflush){ |
||||
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create()); |
||||
for (CustomRole customRole : roles) { |
||||
if ("superusers".equals((customRole.getName()))) { |
||||
continue; |
||||
} |
||||
userController.removeUserFromCustomRole(userId, customRole.getId()); |
||||
} |
||||
} |
||||
|
||||
try { |
||||
userController.addUserToCustomRole(userId, pstNo); |
||||
// FineLoggerFactory.getLogger().info("添加{} 到新角色:{}", userId, pstNo);
|
||||
} catch (Exception e) { |
||||
|
||||
} |
||||
|
||||
|
||||
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController(); |
||||
//移除原来的部门
|
||||
if(needflush){ |
||||
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create()); |
||||
for (Department department : departmentList) { |
||||
userController.removeUserFromDepartment(userId, department.getId()); |
||||
} |
||||
} |
||||
String instNm = entries.getString("instNm"); |
||||
String instNo = entries.getString("instNo");//部门id
|
||||
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo))); |
||||
if (department == null) { |
||||
department = new Department(); |
||||
department.setName(instNm + "(" + instNo + ")"); |
||||
department.setId(instNo); |
||||
department.setEnable(true); |
||||
department.description("通过x-content创建"); |
||||
departmentController.add(department); |
||||
// FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
|
||||
} else { |
||||
// department.setName(instNm + "(" + instNo + ")");
|
||||
// department.setEnable(true);
|
||||
// departmentController.update(department);
|
||||
// FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
|
||||
} |
||||
|
||||
PostController postController = AuthorityContext.getInstance().getPostController(); |
||||
List<Post> byUser = postController.findByUser(userId, QueryFactory.create()); |
||||
//移除原来职位
|
||||
if(needflush){ |
||||
for (Post post : byUser) { |
||||
List<Department> byPost = departmentController.findByPost(post.getId(), QueryFactory.create()); |
||||
for (Department department1 : byPost) { |
||||
// FineLoggerFactory.getLogger().info("---->>>>移除用户职位 职位id {} 部门id{}", post.getId(), department1.getId());
|
||||
try { |
||||
userController.removeUserFromDepartmentAndPost(userId, department1.getId(), post.getId()); |
||||
// FineLoggerFactory.getLogger().info("^^^^^^移除用户职位成功 职位id {} 部门id{}", post.getId(), department1.getId());
|
||||
} catch (Exception e) { |
||||
// FineLoggerFactory.getLogger().info("vvvvvv移除用户职位失败 职位id {} 部门id{}", post.getId(), department1.getId());
|
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo))); |
||||
if (post == null) { |
||||
post = new Post(); |
||||
post.setId(pstNo); |
||||
post.setName(pstNm + "(" + pstNo + ")"); |
||||
post.setEnable(true); |
||||
postController.add(post); |
||||
// FineLoggerFactory.getLogger().info("新增职位,post: {}: name {}", post.getId(), post.getName());
|
||||
} else { |
||||
// post.setName(pstNm + "(" + pstNo + ")");
|
||||
// post.setEnable(true);
|
||||
// postController.update(post);
|
||||
// FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
|
||||
} |
||||
try { |
||||
// FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
|
||||
postController.addPostToDepartment(pstNo, instNo); |
||||
} catch (Exception e) { |
||||
} |
||||
try { |
||||
// FineLoggerFactory.getLogger().info("添加用户到职位 到部门,post: {}: dep {},userId:{} ", pstNo, instNo, realRoleName);
|
||||
userController.addUserToDepartmentAndPost(userId, instNo, pstNo); |
||||
} catch (Exception e) { |
||||
} |
||||
} catch (Exception e) { |
||||
printException2FrLog(e); |
||||
} |
||||
} |
||||
|
||||
private static boolean isAdminFlags(String flag, List<String> flags) { |
||||
return flags.contains(flag); |
||||
} |
||||
|
||||
private static List<String> getAdminFlagsRolList() { |
||||
String adminFlags = FilterMeConfig.getInstance().getAdminFlags(); |
||||
FineLoggerFactory.getLogger().info("本地role管理员角色获取:{}", adminFlags); |
||||
if (StringUtils.isNotBlank(adminFlags)) { |
||||
String[] split = adminFlags.split(";"); |
||||
return Arrays.asList(split); |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
private static List<String> getAdminFlagsNmList() { |
||||
String adminFlags = FilterMeConfig.getInstance().getAdminFlagsNm(); |
||||
FineLoggerFactory.getLogger().info("本地管理员Nm角色获取:{}", adminFlags); |
||||
if (StringUtils.isNotBlank(adminFlags)) { |
||||
String[] split = adminFlags.split(";"); |
||||
return Arrays.asList(split); |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private static List<String> getDesignFlags() { |
||||
String adminFlags = FilterMeConfig.getInstance().getDesignFlags(); |
||||
FineLoggerFactory.getLogger().info("本地设计角色获取:{}", adminFlags); |
||||
if (StringUtils.isNotBlank(adminFlags)) { |
||||
String[] split = adminFlags.split(";"); |
||||
return Arrays.asList(split); |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private String getUrl(HttpServletRequest request) { |
||||
String url = "/"; |
||||
try { |
||||
url = "http://" + request.getServerName()//服务器地址
|
||||
+ ":" |
||||
+ request.getServerPort() + request.getRequestURI(); |
||||
Enumeration<String> parameterNames = request.getParameterNames(); |
||||
Map<String, String> reqParams = new HashMap<>(); |
||||
while (parameterNames.hasMoreElements()) { |
||||
String key = parameterNames.nextElement(); |
||||
reqParams.put(key, request.getParameter(key)); |
||||
} |
||||
Map<String, String> parmas = header2url(request); |
||||
reqParams.putAll(parmas); |
||||
String header2url = map2String(reqParams); |
||||
// FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
|
||||
if (url.contains("?")) { |
||||
url += header2url; |
||||
} else { |
||||
url += "?a=1" + header2url; |
||||
} |
||||
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
url += "&sendTwo=true"; |
||||
return url; |
||||
} |
||||
|
||||
|
||||
private Map<String, String> header2url(HttpServletRequest request) { |
||||
Map<String, String> params = new HashMap<>(); |
||||
String context = request.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(context)) { |
||||
try { |
||||
context = URLDecoder.decode(context, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
JSONObject jsonObject = new JSONObject(context); |
||||
String userNo = jsonObject.getString("usrNo"); |
||||
String userNm = jsonObject.getString("usrNm"); |
||||
String pstNo = jsonObject.getString("pstNo"); |
||||
String instNo = jsonObject.getString("instNo"); |
||||
String accInstNo = jsonObject.getString("accInstNo"); |
||||
String admnInstNo = jsonObject.getString("admnInstNo"); |
||||
params.put("usrNo", userNo); |
||||
params.put("usrNm", userNm); |
||||
params.put("pstNo", pstNo); |
||||
params.put("instNo", instNo); |
||||
params.put("accInstNo", accInstNo); |
||||
params.put("admnInstNo", admnInstNo); |
||||
} |
||||
params.put("sendTwo", "true"); |
||||
return params; |
||||
} |
||||
|
||||
private String map2String(Map<String, String> params) { |
||||
StringBuffer buffer = new StringBuffer(); |
||||
Set<String> strings = params.keySet(); |
||||
for (String key : strings) { |
||||
buffer.append("&").append(key).append("=").append(params.get(key)); |
||||
} |
||||
return buffer.toString(); |
||||
} |
||||
|
||||
} |
@ -0,0 +1,150 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType; |
||||
import com.fr.decision.authority.controller.CustomRoleController; |
||||
import com.fr.decision.authority.controller.UserController; |
||||
import com.fr.decision.authority.data.CustomRole; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.decision.privilege.encrpt.PasswordValidator; |
||||
import com.fr.decision.webservice.utils.UserSourceFactory; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.io.utils.ResourceIOUtils; |
||||
import com.fr.json.JSONArray; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
|
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import javax.servlet.http.HttpSession; |
||||
import java.io.IOException; |
||||
import java.io.InputStream; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.net.URLDecoder; |
||||
import java.util.*; |
||||
|
||||
/** |
||||
* 废弃 |
||||
*/ |
||||
public class LoginFilter extends AbstractEmbedRequestFilterProvider { |
||||
|
||||
private boolean isLogin(HttpServletRequest req){ |
||||
return LoginService.getInstance().isLogged(req); |
||||
} |
||||
@Override |
||||
public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException { |
||||
String header = req.getHeader("X-Context"); |
||||
if (StringUtils.isNotBlank(header) && !isLogin(req)) { |
||||
try { |
||||
header = URLDecoder.decode(header, "UTF-8"); |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header); |
||||
JSONObject entries = new JSONObject(header); |
||||
String usrNm = entries.getString("usrNm"); |
||||
JSONArray rlNoList = entries.getJSONArray("rlNoList"); |
||||
try { |
||||
User user = UserService.getInstance().getUserByUserName(usrNm); |
||||
UserController userController = AuthorityContext.getInstance().getUserController(); |
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
if (user == null) { |
||||
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm); |
||||
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator(); |
||||
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString())) |
||||
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true); |
||||
userController.add(user); |
||||
} |
||||
String userId = user.getId(); |
||||
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create()); |
||||
List<String> localRoles = new ArrayList<>(); |
||||
boolean isAdminRoleFlag = false; |
||||
List<String> adminFlags = getAdminFlags(); |
||||
for (CustomRole role : roles) { |
||||
String name = role.getName(); |
||||
localRoles.add(name); |
||||
if(isAdminFlags(name,adminFlags)){ |
||||
isAdminRoleFlag = true; |
||||
} |
||||
} |
||||
List<String> remoteRoles = new ArrayList<>(); |
||||
try { |
||||
int size = rlNoList.size(); |
||||
for (int i = 0; i < size; i++) { |
||||
String name = rlNoList.getString(i); |
||||
remoteRoles.add(name); |
||||
} |
||||
//先判断传过来的的角色是不是本地都有,没有要加上
|
||||
for (String role : remoteRoles) { |
||||
if (!localRoles.contains(role)) { |
||||
userController.addUserToCustomRole(userId, role); |
||||
} |
||||
} |
||||
//在判断本地的角色是不是远程没有了,要移除掉
|
||||
for (String localRole : localRoles) { |
||||
if (!remoteRoles.contains(localRole)) { |
||||
userController.removeUserFromCustomRole(userId, localRole); |
||||
} |
||||
} |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
//如果是管理员标志就直接登录admin账号
|
||||
if(isAdminRoleFlag){ |
||||
login(req, res, "admin"); |
||||
}else { |
||||
login(req, res, usrNm); |
||||
} |
||||
String home = req.getContextPath() + req.getServletPath(); |
||||
sendRedirect(res, home); |
||||
return; |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
return; |
||||
} |
||||
|
||||
private static boolean isAdminFlags(String flag,List<String> flags){ |
||||
return flags.contains(flag); |
||||
} |
||||
private List<String> getAdminFlags() { |
||||
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties"); |
||||
if (inputStream != null) { |
||||
Properties properties = new Properties(); |
||||
try { |
||||
properties.load(inputStream); |
||||
String adminflag = properties.getProperty("adminflag"); |
||||
if (StringUtils.isNotBlank(adminflag)) { |
||||
String[] split = adminflag.split(","); |
||||
return Arrays.asList(split); |
||||
} |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private void sendRedirect(HttpServletResponse res, String url) { |
||||
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); |
||||
res.setHeader("Location", url); |
||||
} |
||||
|
||||
private void login(HttpServletRequest req, HttpServletResponse res, String username) { |
||||
String token = null; |
||||
try { |
||||
token = LoginService.getInstance().login(req, res, username); |
||||
req.setAttribute("fine_auth_token", token); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
||||
FineLoggerFactory.getLogger().error("login failed"); |
||||
} |
||||
FineLoggerFactory.getLogger().error("login success"); |
||||
} |
||||
} |
@ -0,0 +1,25 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractLogInOutEventProvider; |
||||
import com.fr.decision.webservice.login.LogInOutResultInfo; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpSession; |
||||
|
||||
public class LoginOutEventProvider extends AbstractLogInOutEventProvider { |
||||
|
||||
@Override |
||||
public String logoutAction(LogInOutResultInfo result) { |
||||
HttpServletRequest request = result.getRequest(); |
||||
|
||||
HttpSession session = request.getSession(); |
||||
if (session != null) { |
||||
session.removeAttribute("fine_auth_token"); |
||||
} |
||||
String servletPath = request.getServletPath(); |
||||
String contextPath = request.getContextPath(); |
||||
String url = contextPath + servletPath + "/login?manual=true"; |
||||
return url; |
||||
} |
||||
} |
@ -0,0 +1,139 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.controller.CustomRoleController; |
||||
import com.fr.decision.authority.controller.DepartmentController; |
||||
import com.fr.decision.authority.controller.PostController; |
||||
import com.fr.decision.authority.data.CustomRole; |
||||
import com.fr.decision.authority.data.Department; |
||||
import com.fr.decision.authority.data.Post; |
||||
import com.fr.decision.fun.impl.BaseHttpHandler; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
import com.fr.stable.query.restriction.RestrictionFactory; |
||||
import com.fr.third.org.apache.commons.io.IOUtils; |
||||
import com.fr.third.springframework.web.bind.annotation.RequestMethod; |
||||
import com.fr.web.utils.WebUtils; |
||||
import org.json.JSONArray; |
||||
import org.json.JSONObject; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
public class PostionImportgHander extends BaseHttpHandler { |
||||
@Override |
||||
public RequestMethod getMethod() { |
||||
return RequestMethod.POST; |
||||
} |
||||
|
||||
@Override |
||||
public String getPath() { |
||||
return "/depAndPosImport"; |
||||
} |
||||
|
||||
@Override |
||||
public boolean isPublic() { |
||||
return true; |
||||
} |
||||
|
||||
@Override |
||||
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { |
||||
// 传入的json格式
|
||||
/** |
||||
* [ |
||||
* { |
||||
* "fInstNo": "", //父级id
|
||||
* "instNo": "A01", |
||||
* "instNm": "部门一", |
||||
* "pstNo": "X1", |
||||
* "pstNm": "职务一" |
||||
* } |
||||
* ] |
||||
*/ |
||||
String body = IOUtils.toString(req.getReader()); |
||||
FineLoggerFactory.getLogger().info("批量添加部门信息接口收到:{}", body); |
||||
try { |
||||
JSONArray jsonArray = new JSONArray(body); |
||||
int length = jsonArray.length(); |
||||
for (int i = 0; i < length; i++) { |
||||
JSONObject jsonObject = jsonArray.getJSONObject(i); |
||||
String fInstNo = jsonObject.getString("fInstNo"); |
||||
String instNo = jsonObject.getString("instNo");//部门id
|
||||
String instNm = jsonObject.getString("instNm");//部门名称
|
||||
String pstNo = jsonObject.getString("pstNo");//职务编号
|
||||
String pstNm = jsonObject.getString("pstNm");//职务名
|
||||
saveDep(fInstNo, instNo, instNm); |
||||
savePosition(instNo, pstNo, pstNm); |
||||
} |
||||
} catch (Exception e) { |
||||
WebUtils.printAsString(res, "json format error"); |
||||
} |
||||
WebUtils.printAsString(res, "success"); |
||||
} |
||||
|
||||
private void savePosition(String did, String pid, String name) { |
||||
PostController postController = AuthorityContext.getInstance().getPostController(); |
||||
Post post; |
||||
try { |
||||
post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid))); |
||||
if (post == null) { |
||||
post = new Post(); |
||||
post.setId(pid); |
||||
post.setName(name + "(" + pid + ")"); |
||||
post.setEnable(true); |
||||
postController.add(post); |
||||
FineLoggerFactory.getLogger().info("从接口新增职位,post: {}: name {}", post.getId(), post.getName()); |
||||
} else { |
||||
post.setName(name + "(" + pid + ")"); |
||||
post.setEnable(true); |
||||
postController.update(post); |
||||
FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName()); |
||||
} |
||||
postController.addPostToDepartment(pid, did); |
||||
|
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
CustomRole customRole = customRoleController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid))); |
||||
if (customRole == null) { |
||||
customRole = new CustomRole(); |
||||
customRole.id(pid).name(name + "(" + pid + ")").enable(true); |
||||
customRoleController.add(customRole); |
||||
FineLoggerFactory.getLogger().info("从接口新增角色,id: {}: name {}", customRole.getId(), customRole.getName()); |
||||
} else { |
||||
customRole.name(name + "(" + pid + ")").enable(true); |
||||
customRoleController.update(customRole); |
||||
FineLoggerFactory.getLogger().info("已存在角色,id: {}: name {}", customRole.getId(), customRole.getName()); |
||||
} |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info("添加职位异常: 职位id :{} 部门id:{}: name {}", pid, did, name); |
||||
} |
||||
} |
||||
|
||||
private void saveDep(String pid, String id, String name) { |
||||
try { |
||||
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController(); |
||||
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", id))); |
||||
if (StringUtils.isBlank(pid)) { |
||||
pid = null; |
||||
} |
||||
if (department == null) { |
||||
department = new Department(); |
||||
department.setName(name + "(" + id + ")"); |
||||
department.setId(id); |
||||
department.setParentId(pid); |
||||
department.setEnable(true); |
||||
department.description("通过x-content创建"); |
||||
departmentController.add(department); |
||||
FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName()); |
||||
} else { |
||||
department.setName(name + "(" + id + ")"); |
||||
department.setParentId(pid); |
||||
department.setEnable(true); |
||||
departmentController.update(department); |
||||
FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName()); |
||||
} |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error("添加部门:{} 异常", id, e); |
||||
} |
||||
} |
||||
} |
@ -0,0 +1,348 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType; |
||||
import com.fr.decision.authority.controller.CustomRoleController; |
||||
import com.fr.decision.authority.controller.DepartmentController; |
||||
import com.fr.decision.authority.controller.PostController; |
||||
import com.fr.decision.authority.controller.UserController; |
||||
import com.fr.decision.authority.data.CustomRole; |
||||
import com.fr.decision.authority.data.Department; |
||||
import com.fr.decision.authority.data.Post; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
||||
import com.fr.decision.privilege.encrpt.PasswordValidator; |
||||
import com.fr.decision.webservice.Response; |
||||
import com.fr.decision.webservice.impl.user.type.UserProductType; |
||||
import com.fr.decision.webservice.utils.UserSourceFactory; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.exception.RemoteDesignPermissionDeniedException; |
||||
import com.fr.io.utils.ResourceIOUtils; |
||||
import com.fr.json.JSONArray; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.security.JwtUtils; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
import com.fr.stable.query.restriction.RestrictionFactory; |
||||
import com.fr.web.service.RemoteDesignAuthorityDataService; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.io.InputStream; |
||||
import java.io.PrintWriter; |
||||
import java.io.StringWriter; |
||||
import java.util.*; |
||||
|
||||
public class RemoteFilter extends AbstractEmbedRequestFilterProvider { |
||||
|
||||
@Override |
||||
public void init(FilterConfig filterConfig) { |
||||
FineLoggerFactory.getLogger().info("RemoteFilter 拦截器启动"); |
||||
FilterMeConfig instance = FilterMeConfig.getInstance(); |
||||
} |
||||
|
||||
@Override |
||||
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException { |
||||
String uri = request.getRequestURI(); |
||||
if (uri != null && uri.contains("remote/design/token") && request.getMethod().equalsIgnoreCase("GET")) { |
||||
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,design/token {}", uri); |
||||
String username = NetworkHelper.getHTTPRequestParameter(request, "username"); |
||||
String password = NetworkHelper.getHTTPRequestParameter(request, "password"); |
||||
try { |
||||
FineLoggerFactory.getLogger().info("登录的用户名{} 密码:{}", username, password); |
||||
JSONObject apilogin = apilogin(username, password); |
||||
if (apilogin != null) { |
||||
String remoteToken = tokenLogin(apilogin); |
||||
FineLoggerFactory.getLogger().info("响应的token: {} ", remoteToken); |
||||
if (StringUtils.isNotBlank(remoteToken)) { |
||||
WebUtils.printAsString(httpServletResponse, com.fr.plugin.JSONUtils.serialize(Response.ok(remoteToken))); |
||||
return; |
||||
} |
||||
FineLoggerFactory.getLogger().info("登录异常{}", remoteToken); |
||||
} else { |
||||
renderError(httpServletResponse, "21300007", "User password error!"); |
||||
} |
||||
} catch (Exception e) { |
||||
printException2Frlog(e); |
||||
if (e instanceof RemoteDesignPermissionDeniedException) { |
||||
renderError(httpServletResponse, "31300101", "Fine-Engine_Remote_Design_Permission_Denied"); |
||||
} |
||||
} |
||||
} |
||||
return; |
||||
} |
||||
|
||||
private List<String> getAdminFlags() { |
||||
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties"); |
||||
if (inputStream != null) { |
||||
Properties properties = new Properties(); |
||||
try { |
||||
properties.load(inputStream); |
||||
String adminflag = properties.getProperty("adminflag"); |
||||
if (StringUtils.isNotBlank(adminflag)) { |
||||
String[] split = adminflag.split(","); |
||||
return Arrays.asList(split); |
||||
} |
||||
} catch (IOException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private static boolean isAdminFlags(String flag, List<String> flags) { |
||||
return flags.contains(flag); |
||||
} |
||||
|
||||
private String tokenLogin(JSONObject jsonObject) { |
||||
JSONObject entries = jsonObject.getJSONObject("data"); |
||||
// String usrNm = entries.getString("usrNm");
|
||||
JSONArray rlNoList = entries.getJSONArray("rlNoList"); |
||||
int size = rlNoList.size(); |
||||
List<String> adminFlags = getAdminFlags(); |
||||
boolean isAdmin = false; |
||||
for (int i = 0; i < size; i++) { |
||||
String adminPost = rlNoList.getString(i); |
||||
if (isAdminFlags(adminPost, adminFlags)) { |
||||
isAdmin = true; |
||||
break; |
||||
} |
||||
} |
||||
if (isAdmin) { |
||||
FineLoggerFactory.getLogger().info("remote 本次为管理员登录 "); |
||||
try { |
||||
return getRemoteToken("admin"); |
||||
} catch (Exception e) { |
||||
printException2Frlog(e); |
||||
} |
||||
} |
||||
String usrNo = entries.getString("usrNo"); |
||||
String instNo = entries.getString("instNo");//部门id
|
||||
String realUserName = usrNo + "_" + instNo;//更改后的用户名
|
||||
String fullName = entries.getString("fullName"); |
||||
String alias = fullName + "(" + realUserName + ")"; |
||||
try { |
||||
User user = UserService.getInstance().getUserByUserName(realUserName); |
||||
UserController userController = AuthorityContext.getInstance().getUserController(); |
||||
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController(); |
||||
if (user == null) { |
||||
FineLoggerFactory.getLogger().info("设计器拦截 拦截器新增一个用户 :{}", usrNo); |
||||
//如果usrNo的用户不存在则检查realUserName的用户是否存在
|
||||
user = UserService.getInstance().getUserByUserName(realUserName); |
||||
if (user == null) { |
||||
FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName); |
||||
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator(); |
||||
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString())) |
||||
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true); |
||||
userController.add(user); |
||||
} |
||||
} |
||||
|
||||
String userId = user.getId(); |
||||
// List<String> adminFlags = getAdminFlags();
|
||||
FineLoggerFactory.getLogger().info(" 设计器拦截 当前的管理员标识符 :{}", adminFlags); |
||||
List<String> remoteRoles = new ArrayList<>(); |
||||
String pstNo = entries.getString("pstNo");//角色id
|
||||
String pstNm = entries.getString("pstNm");//角色名称
|
||||
String realRoleName = pstNm + "(" + pstNo + ")"; |
||||
remoteRoles.add(pstNo); |
||||
|
||||
//先判断传过来的的角色是不是本地都有,没有要加上
|
||||
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", pstNo))); |
||||
if (!controllerOne.isEmpty()) { |
||||
try { |
||||
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地已存在,添加到用户{} 到角色:{}", userId, pstNo); |
||||
CustomRole customRole = controllerOne.get(0); |
||||
customRole.setName(realRoleName); |
||||
customRole.setAlias(pstNo); |
||||
customRole.setEnable(true); |
||||
customRole.setDescription("通过xcontent添加"); |
||||
customRoleController.update(customRole); |
||||
userController.addUserToCustomRole(userId, customRole.getId()); |
||||
} catch (Exception e) { |
||||
} |
||||
} else { |
||||
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地不存在,添加到本地:{}", pstNo); |
||||
CustomRole addRole = new CustomRole(); |
||||
addRole.setId(pstNo); |
||||
addRole.setName(realRoleName); |
||||
addRole.setAlias(pstNo); |
||||
addRole.setEnable(true); |
||||
addRole.setDescription("通过xcontent添加"); |
||||
try { |
||||
customRoleController.add(addRole); |
||||
userController.addUserToCustomRole(userId, addRole.getId()); |
||||
} catch (Exception e) { |
||||
} |
||||
} |
||||
//在判断本地的角色是不是远程没有了,要移除掉
|
||||
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create()); |
||||
|
||||
for (CustomRole customRole : roles) { |
||||
if (!remoteRoles.contains(customRole.getId())) { |
||||
if ("superusers".equals((customRole.getName()))) { |
||||
continue; |
||||
} |
||||
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName()); |
||||
userController.removeUserFromCustomRole(userId, customRole.getId()); |
||||
} |
||||
} |
||||
|
||||
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController(); |
||||
//移除原来的部门
|
||||
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create()); |
||||
for (Department department : departmentList) { |
||||
userController.removeUserFromDepartment(userId, department.getId()); |
||||
} |
||||
String instNm = entries.getString("instNm"); |
||||
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo))); |
||||
if (department == null) { |
||||
FineLoggerFactory.getLogger().info("添加 部门,dep: {}: name {}", instNo, instNo, instNm + "(" + pstNo + "" + ")"); |
||||
department = new Department(); |
||||
department.setName(instNm + "(" + pstNo + ")"); |
||||
department.setId(instNo); |
||||
department.setEnable(true); |
||||
department.description("通过x-content创建"); |
||||
departmentController.add(department); |
||||
} else { |
||||
department.setName(instNm + "(" + pstNo + ")"); |
||||
department.setParentId(null); |
||||
department.setEnable(true); |
||||
departmentController.update(department); |
||||
FineLoggerFactory.getLogger().info("设计器节点 已存在部门,dep: {}: name {}", department.getId(), department.getName()); |
||||
} |
||||
|
||||
PostController postController = AuthorityContext.getInstance().getPostController(); |
||||
List<Post> byUser = postController.findByUser(userId, QueryFactory.create()); |
||||
//移除原来职位
|
||||
for (Post post : byUser) { |
||||
userController.removeUserFromPost(userId, post.getId()); |
||||
} |
||||
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo))); |
||||
if (post == null) { |
||||
post = new Post(); |
||||
post.setId(pstNo); |
||||
post.setName(pstNm + "(" + pstNo + ")"); |
||||
post.setEnable(true); |
||||
postController.add(post); |
||||
} else { |
||||
post.setName(pstNm + "(" + pstNo + ")"); |
||||
post.setEnable(true); |
||||
postController.update(post); |
||||
} |
||||
try { |
||||
FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo); |
||||
postController.addPostToDepartment(pstNo, instNo); |
||||
} catch (Exception e) { |
||||
} |
||||
try { |
||||
FineLoggerFactory.getLogger().info("添加用户到部门,post: {}: dep {} ,userId:{}", pstNo, instNo, userId); |
||||
userController.addUserToDepartmentAndPost(userId, instNo, pstNo); |
||||
} catch (Exception e) { |
||||
} |
||||
|
||||
boolean isDesignUser = false; |
||||
List<String> designFlags = getDesignFlags(); |
||||
if (!designFlags.isEmpty()) { |
||||
for (CustomRole role : roles) { |
||||
String name = role.getName(); |
||||
//如果是有
|
||||
if (isAdminFlags(name, designFlags)) { |
||||
isDesignUser = true; |
||||
break; |
||||
} |
||||
} |
||||
} |
||||
try { |
||||
UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
|
||||
if (isDesignUser) { |
||||
userController.addUserProductType(userId, userProductType.transProductKey()); |
||||
} else { |
||||
userController.removeUserProductType(userId, userProductType.transProductKey()); |
||||
} |
||||
} catch (Exception e) { |
||||
} |
||||
// if (isAdmin) {
|
||||
// FineLoggerFactory.getLogger().info("设计器拦截 本次为管理员登录");
|
||||
// return getRemoteToken("admin");
|
||||
// } else {
|
||||
FineLoggerFactory.getLogger().info("设计器拦截 本次为普通用户登录:{}", realUserName); |
||||
return getRemoteToken(realUserName); |
||||
// }
|
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
return ""; |
||||
} |
||||
|
||||
private static List<String> getDesignFlags() { |
||||
String adminFlags = FilterMeConfig.getInstance().getDesignFlags(); |
||||
FineLoggerFactory.getLogger().info("remote本地设计角色获取:{}", adminFlags); |
||||
if (StringUtils.isNotBlank(adminFlags)) { |
||||
String[] split = adminFlags.split(";"); |
||||
return Arrays.asList(split); |
||||
} |
||||
return Collections.emptyList(); |
||||
} |
||||
|
||||
private void renderError(HttpServletResponse httpServletResponse, String code, String msg) { |
||||
try { |
||||
WebUtils.printAsString(httpServletResponse, JSONUtils.serialize(Response.error(code, msg))); |
||||
} catch (Exception e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
private JSONObject apilogin(String username, String pwd) throws Exception { |
||||
String baseUrl = getBaseUrl(); |
||||
if (StringUtils.isBlank(baseUrl)) { |
||||
throw new Exception("未配置接口地址"); |
||||
} |
||||
String api = getBaseUrl() + "check/pwd/finebi"; |
||||
FineLoggerFactory.getLogger().info("remote访问的接口地址为 {}", api); |
||||
JSONObject parm = new JSONObject(); |
||||
parm.put("userName", username); |
||||
parm.put("verifyCode", pwd); |
||||
|
||||
String resp = HttpApi.sendJsonPost(api, parm, "UTF-8"); |
||||
FineLoggerFactory.getLogger().info("接口响应 {}", resp); |
||||
JSONObject jsonObject = new JSONObject(resp); |
||||
return jsonObject; |
||||
} |
||||
|
||||
|
||||
public String getRemoteToken(String var1) throws Exception { |
||||
User var4 = UserService.getInstance().getUserByUserName(var1); |
||||
if (var4 != null && RemoteDesignAuthorityDataService.getInstance().hasAuthority(var4.getId())) { |
||||
return JwtUtils.createDefaultJWT(var1); |
||||
} else { |
||||
throw new RemoteDesignPermissionDeniedException(); |
||||
} |
||||
} |
||||
|
||||
private String getBaseUrl() { |
||||
FilterMeConfig instance = FilterMeConfig.getInstance(); |
||||
String baseUrl = instance.getBaseUrl(); |
||||
if (StringUtils.isNotBlank(baseUrl)) { |
||||
String[] split = baseUrl.split(";"); |
||||
List<String> strings = Arrays.asList(split); |
||||
Collections.shuffle(strings); |
||||
return strings.get(0); |
||||
} |
||||
return ""; |
||||
} |
||||
|
||||
public static void printException2Frlog(Exception e) { |
||||
StringWriter writer = new StringWriter(); |
||||
e.printStackTrace(new PrintWriter(writer)); |
||||
String s = writer.toString(); |
||||
FineLoggerFactory.getLogger().error("错误:{}", s); |
||||
} |
||||
|
||||
} |
@ -0,0 +1,128 @@
|
||||
package com.fr.plugin; |
||||
|
||||
|
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.log.FineLoggerProvider; |
||||
|
||||
import javax.servlet.ReadListener; |
||||
import javax.servlet.ServletInputStream; |
||||
import javax.servlet.ServletRequest; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletRequestWrapper; |
||||
import java.io.*; |
||||
import java.nio.charset.Charset; |
||||
import java.nio.charset.StandardCharsets; |
||||
|
||||
/** |
||||
* @author 01 |
||||
* @program wrapper-demo |
||||
* @description 包装HttpServletRequest,目的是让其输入流可重复读 |
||||
* @create 2018-12-24 20:48 |
||||
* @since 1.0 |
||||
**/ |
||||
public class RequestWrapper extends HttpServletRequestWrapper { |
||||
FineLoggerProvider log = FineLoggerFactory.getLogger(); |
||||
/** |
||||
* 存储body数据的容器 |
||||
*/ |
||||
private byte[] body; |
||||
|
||||
public RequestWrapper(HttpServletRequest request) { |
||||
super(request); |
||||
// 将body数据存储起来
|
||||
String bodyStr = getBodyString(request); |
||||
body = bodyStr.getBytes(Charset.defaultCharset()); |
||||
} |
||||
|
||||
public void setBody(byte[] body) { |
||||
this.body = body; |
||||
} |
||||
|
||||
/** |
||||
* 获取请求Body |
||||
* |
||||
* @param request request |
||||
* @return String |
||||
*/ |
||||
private String getBodyString(final ServletRequest request) { |
||||
try { |
||||
return inputStream2String(request.getInputStream()); |
||||
} catch (IOException e) { |
||||
log.error("", e); |
||||
throw new RuntimeException(e); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 获取请求Body |
||||
* |
||||
* @return String |
||||
*/ |
||||
public String getBodyString() { |
||||
return new String(this.body, StandardCharsets.UTF_8); |
||||
} |
||||
|
||||
/** |
||||
* 将inputStream里的数据读取出来并转换成字符串 |
||||
* |
||||
* @param inputStream inputStream |
||||
* @return String |
||||
*/ |
||||
private String inputStream2String(InputStream inputStream) { |
||||
StringBuilder sb = new StringBuilder(); |
||||
BufferedReader reader = null; |
||||
|
||||
try { |
||||
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset())); |
||||
String line; |
||||
while ((line = reader.readLine()) != null) { |
||||
sb.append(line); |
||||
} |
||||
} catch (IOException e) { |
||||
log.error("", e); |
||||
throw new RuntimeException(e); |
||||
} finally { |
||||
if (reader != null) { |
||||
try { |
||||
reader.close(); |
||||
} catch (IOException e) { |
||||
log.error("", e); |
||||
} |
||||
} |
||||
} |
||||
|
||||
return sb.toString(); |
||||
} |
||||
|
||||
@Override |
||||
public BufferedReader getReader() throws IOException { |
||||
return new BufferedReader(new InputStreamReader(getInputStream())); |
||||
} |
||||
|
||||
@Override |
||||
public ServletInputStream getInputStream() throws IOException { |
||||
|
||||
final ByteArrayInputStream inputStream = new ByteArrayInputStream(body); |
||||
|
||||
return new ServletInputStream() { |
||||
@Override |
||||
public int read() throws IOException { |
||||
return inputStream.read(); |
||||
} |
||||
|
||||
@Override |
||||
public boolean isFinished() { |
||||
return false; |
||||
} |
||||
|
||||
@Override |
||||
public boolean isReady() { |
||||
return false; |
||||
} |
||||
|
||||
@Override |
||||
public void setReadListener(ReadListener readListener) { |
||||
} |
||||
}; |
||||
} |
||||
} |
@ -0,0 +1,97 @@
|
||||
package com.fr.plugin; |
||||
|
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.jodd.util.collection.ArrayEnumeration; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletRequestWrapper; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.net.URLDecoder; |
||||
import java.util.*; |
||||
|
||||
public class XContentRequestWrapper extends HttpServletRequestWrapper { |
||||
JSONObject jsonObject = null; |
||||
|
||||
public XContentRequestWrapper(HttpServletRequest request) { |
||||
super(request); |
||||
String header = request.getHeader("X-Context"); |
||||
String url = WebUtils.getOriginalURL(request); |
||||
try { |
||||
if (StringUtils.isNotBlank(header)) { |
||||
header = URLDecoder.decode(header, "UTF-8"); |
||||
jsonObject = new JSONObject(header); |
||||
FineLoggerFactory.getLogger().info("当前请求地址:{} \n X-Context :{} ", url, header); |
||||
} else { |
||||
FineLoggerFactory.getLogger().info("当前请求地址:{} 未携带 X-Context ", url); |
||||
} |
||||
} catch (UnsupportedEncodingException e) { |
||||
e.printStackTrace(); |
||||
} |
||||
} |
||||
|
||||
@Override |
||||
public String getParameter(String name) { |
||||
String parameter = super.getParameter(name); |
||||
if (StringUtils.isBlank(parameter) && jsonObject != null) { |
||||
return jsonObject.getString(name); |
||||
} |
||||
return parameter; |
||||
} |
||||
|
||||
@Override |
||||
public Map<String, String[]> getParameterMap() { |
||||
Map<String, String[]> parameterMap = super.getParameterMap(); |
||||
Map<String, String[]> stringHashMap = new HashMap<>(); |
||||
if (jsonObject != null) { |
||||
Iterator<String> keys = jsonObject.keys(); |
||||
while (keys.hasNext()) { |
||||
String key = keys.next(); |
||||
Object value = jsonObject.getValue(key); |
||||
if (value != null) { |
||||
stringHashMap.put(key, new String[]{ |
||||
value.toString() |
||||
}); |
||||
} |
||||
} |
||||
} |
||||
stringHashMap.putAll(parameterMap); |
||||
return stringHashMap; |
||||
} |
||||
|
||||
@Override |
||||
public Enumeration<String> getParameterNames() { |
||||
Enumeration<String> parameterNames = super.getParameterNames(); |
||||
if (jsonObject != null) { |
||||
Iterator<String> keys = jsonObject.keys(); |
||||
ArrayList<String> arrayList = new ArrayList<>(); |
||||
while (keys.hasNext()) { |
||||
String next = keys.next(); |
||||
arrayList.add(next); |
||||
} |
||||
while (parameterNames.hasMoreElements()) { |
||||
String s = parameterNames.nextElement(); |
||||
arrayList.add(s); |
||||
} |
||||
ArrayEnumeration<String> dayNames = new ArrayEnumeration<String>(arrayList.toArray(new String[0])); |
||||
return dayNames; |
||||
} |
||||
return parameterNames; |
||||
} |
||||
|
||||
@Override |
||||
public String[] getParameterValues(String name) { |
||||
String[] parameterValues = super.getParameterValues(name); |
||||
if (parameterValues == null && jsonObject != null) { |
||||
Object stringObjectMap = jsonObject.getValue(name); |
||||
if (stringObjectMap != null) { |
||||
return new String[]{ |
||||
stringObjectMap.toString() |
||||
}; |
||||
} |
||||
} |
||||
return parameterValues; |
||||
} |
||||
} |
@ -0,0 +1,16 @@
|
||||
<!doctype html> |
||||
<html lang="en"> |
||||
<head> |
||||
<meta charset="UTF-8"> |
||||
<meta name="viewport" |
||||
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> |
||||
<meta http-equiv="X-UA-Compatible" content="ie=edge"> |
||||
<title>无权访问</title> |
||||
</head> |
||||
<body> |
||||
<center> |
||||
<h2>用户不在白名单,访问被拒绝,请联系管理员处理</h2> |
||||
</center> |
||||
<hr/> |
||||
</body> |
||||
</html> |
@ -0,0 +1,90 @@
|
||||
package com.fr.plugin.util; |
||||
|
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.log.FineLoggerProvider; |
||||
import com.fr.plugin.context.PluginContexts; |
||||
import com.fr.stable.StringUtils; |
||||
|
||||
public final class LogUtils { |
||||
private static String LOG_PREFIX = "[单点登录] "; |
||||
private static final String PLUGIN_VERSION; |
||||
|
||||
private static final FineLoggerProvider LOGGER = FineLoggerFactory.getLogger(); |
||||
|
||||
static { |
||||
String version = PluginContexts.currentContext().getMarker().getVersion(); |
||||
if (StringUtils.isNotBlank(version)) { |
||||
PLUGIN_VERSION = "[v" + version + "] "; |
||||
} else { |
||||
PLUGIN_VERSION = "[unknown version] "; |
||||
} |
||||
|
||||
LOG_PREFIX = LOG_PREFIX + PLUGIN_VERSION; |
||||
} |
||||
|
||||
public static void setPrefix(String prefix) { |
||||
if (prefix != null) { |
||||
LOG_PREFIX = prefix; |
||||
} |
||||
} |
||||
|
||||
public static boolean isDebugEnabled() { |
||||
return LOGGER.isDebugEnabled(); |
||||
} |
||||
|
||||
public static void debug(String s) { |
||||
LOGGER.debug(LOG_PREFIX + s); |
||||
} |
||||
|
||||
public static void debug(String s, Object... objects) { |
||||
LOGGER.debug(LOG_PREFIX + s, objects); |
||||
} |
||||
|
||||
public static void debug(String s, Throwable throwable) { |
||||
LOGGER.debug(LOG_PREFIX + s, throwable); |
||||
} |
||||
|
||||
public static boolean isInfoEnabled() { |
||||
return LOGGER.isInfoEnabled(); |
||||
} |
||||
|
||||
public static void info(String s) { |
||||
LOGGER.info(LOG_PREFIX + s); |
||||
} |
||||
|
||||
public static void info(String s, Object... objects) { |
||||
LOGGER.info(LOG_PREFIX + s, objects); |
||||
} |
||||
|
||||
public static void warn(String s) { |
||||
LOGGER.warn(LOG_PREFIX + s); |
||||
} |
||||
|
||||
public static void warn(String s, Object... objects) { |
||||
LOGGER.warn(LOG_PREFIX + s, objects); |
||||
} |
||||
|
||||
public static void warn(String s, Throwable throwable) { |
||||
LOGGER.warn(LOG_PREFIX + s, throwable); |
||||
} |
||||
|
||||
public static void warn(Throwable throwable, String s, Object... objects) { |
||||
LOGGER.warn(throwable, LOG_PREFIX + s, objects); |
||||
} |
||||
|
||||
public static void error(String s) { |
||||
LOGGER.error(LOG_PREFIX + s); |
||||
} |
||||
|
||||
public static void error(String s, Object... objects) { |
||||
LOGGER.error(LOG_PREFIX + s, objects); |
||||
} |
||||
|
||||
public static void error(String s, Throwable throwable) { |
||||
LOGGER.error(LOG_PREFIX + s, throwable); |
||||
} |
||||
|
||||
public static void error(Throwable throwable, String s, Object... objects) { |
||||
LOGGER.error(throwable, LOG_PREFIX + s, objects); |
||||
} |
||||
} |
@ -0,0 +1,26 @@
|
||||
package com.fr.plugin.util; |
||||
|
||||
import com.fr.stable.StringUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
|
||||
/** |
||||
* @author Peng |
||||
*/ |
||||
public class RequestUtils { |
||||
|
||||
/** |
||||
* todo 有待测试 |
||||
* @param request |
||||
* @return |
||||
*/ |
||||
public static String getFullUrl(HttpServletRequest request) { |
||||
String url = request.getRequestURI(); |
||||
String queryString = request.getQueryString(); |
||||
if (StringUtils.isNotEmpty(queryString)) { |
||||
url = url + "?" + queryString; |
||||
} |
||||
|
||||
return url; |
||||
} |
||||
} |
@ -0,0 +1,35 @@
|
||||
package com.fr.plugin.util; |
||||
|
||||
import com.fr.decision.webservice.utils.WebServiceUtils; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
public final class ResponseUtils { |
||||
|
||||
/** |
||||
* 打印之前会自动处理 Content-Type |
||||
*/ |
||||
public static void printAsJSON( HttpServletResponse response, JSONObject jsonObject) throws Exception { |
||||
// todo 这里的 charset 有没有可能是别的呢?
|
||||
response.setContentType("application/json;charset=utf-8"); |
||||
WebUtils.printAsJSON(response, jsonObject); |
||||
} |
||||
|
||||
/** |
||||
* todo |
||||
* |
||||
* 参考方法签名: |
||||
* generateUnavailableWebPage(String result, String reason, String solution) |
||||
* generateErrorWebPage(String result, String reason, String solution) |
||||
* |
||||
*/ |
||||
public static void printErrorPage() { |
||||
// 可参考 ↓
|
||||
// String errorHtml = WebServiceUtils.generateUnavailableWebPage("单点登录失败", reason, "");
|
||||
// String errorHtml = WebServiceUtils.generateErrorWebPage("单点登录失败", reason, "");
|
||||
// WebUtils.printAsString(response, errorHtml);
|
||||
|
||||
} |
||||
} |
@ -0,0 +1,464 @@
|
||||
//
|
||||
// Source code recreated from a .class file by IntelliJ IDEA
|
||||
// (powered by Fernflower decompiler)
|
||||
//
|
||||
|
||||
package com.fr.sso.cas; |
||||
|
||||
import com.fr.base.ServerConfig; |
||||
import com.fr.base.TemplateUtils; |
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.mobile.terminal.TerminalHandler; |
||||
import com.fr.decision.privilege.TransmissionTool; |
||||
import com.fr.decision.webservice.Response; |
||||
import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean; |
||||
import com.fr.decision.webservice.bean.authentication.LoginResponseInfoBean; |
||||
import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean; |
||||
import com.fr.decision.webservice.exception.login.UserLoginException; |
||||
import com.fr.decision.webservice.utils.WebServiceUtils; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.login.TokenResource; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.general.ComparatorUtils; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.security.JwtUtils; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.web.Device; |
||||
import com.fr.third.fasterxml.jackson.core.JsonGenerationException; |
||||
import com.fr.third.fasterxml.jackson.core.JsonParseException; |
||||
import com.fr.third.fasterxml.jackson.databind.JsonMappingException; |
||||
import com.fr.third.fasterxml.jackson.databind.ObjectMapper; |
||||
import com.fr.third.fasterxml.jackson.databind.type.TypeFactory; |
||||
import com.fr.web.utils.WebUtils; |
||||
import java.io.BufferedReader; |
||||
import java.io.IOException; |
||||
import java.io.InputStream; |
||||
import java.io.InputStreamReader; |
||||
import java.io.PrintWriter; |
||||
import java.io.StringWriter; |
||||
import java.nio.charset.Charset; |
||||
import java.util.Hashtable; |
||||
import javax.naming.NamingEnumeration; |
||||
import javax.naming.NamingException; |
||||
import javax.naming.directory.DirContext; |
||||
import javax.naming.directory.InitialDirContext; |
||||
import javax.naming.directory.SearchControls; |
||||
import javax.naming.directory.SearchResult; |
||||
import javax.servlet.Filter; |
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.FilterConfig; |
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.ServletRequest; |
||||
import javax.servlet.ServletResponse; |
||||
import javax.servlet.http.Cookie; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import javax.servlet.http.HttpSession; |
||||
|
||||
public class FRAccessFilter implements Filter { |
||||
public String[] loginPageNecessaryResources = new String[]{"fineui.min.css", "login.min.css", "fineui.min.js", "I18nTextGenerator", "ConstantGenerator", "login.min.js", "logo.png", "login.png", "login-img.png", "iconfont.woff"}; |
||||
private String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName(); |
||||
private String[] noFilterUrls; |
||||
private static ObjectMapper objectMapper = new ObjectMapper(); |
||||
private static boolean isDev = true; |
||||
|
||||
public FRAccessFilter() { |
||||
this.noFilterUrls = new String[]{this.servletNamePrefix + "/login", this.servletNamePrefix + "/login/config", this.servletNamePrefix + "/system/info", this.servletNamePrefix + "/login/cross/domain", this.servletNamePrefix + "/remote"}; |
||||
} |
||||
|
||||
public void init(FilterConfig filterConfig) throws ServletException { |
||||
} |
||||
|
||||
private boolean isApp(HttpServletRequest request) { |
||||
String header = request.getHeader("User-Agent"); |
||||
if (StringUtils.isNotBlank(header) && header.contains("FineReact")) { |
||||
return true; |
||||
} else { |
||||
String deviceType = request.getParameter("deviceType"); |
||||
if (StringUtils.isNotBlank(deviceType)) { |
||||
return true; |
||||
} else { |
||||
String terminal = request.getHeader("terminal"); |
||||
return StringUtils.isNotBlank(terminal) && terminal.equals("APP"); |
||||
} |
||||
} |
||||
} |
||||
|
||||
private boolean isMobLogin(HttpServletRequest request) { |
||||
if (this.isApp(request) && request.getMethod().equals("POST")) { |
||||
String requestURI = request.getRequestURI(); |
||||
if (requestURI.endsWith("/login")) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
|
||||
public static void printException2Frlog(Exception e) { |
||||
StringWriter writer = new StringWriter(); |
||||
e.printStackTrace(new PrintWriter(writer)); |
||||
String s = writer.toString(); |
||||
FineLoggerFactory.getLogger().error("错误:{}", new Object[]{s}); |
||||
} |
||||
|
||||
public boolean getAuthenticator(String useruid, String userPassword, String applicationUsername, String applicationPassword) throws NamingException { |
||||
boolean result = false; |
||||
boolean flag = false; |
||||
DirContext ctx = null; |
||||
Hashtable env = new Hashtable(); |
||||
env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); |
||||
if (isDev) { |
||||
env.put("java.naming.provider.url", "ldap://XXXX"); |
||||
} else { |
||||
env.put("java.naming.provider.url", "ldap://XXXX"); |
||||
} |
||||
|
||||
env.put("java.naming.security.authentication", "simple"); |
||||
env.put("java.naming.security.principal", applicationUsername); |
||||
env.put("java.naming.security.credentials", applicationPassword); |
||||
|
||||
try { |
||||
ctx = new InitialDirContext(env); |
||||
FineLoggerFactory.getLogger().info("Applications Authentication Succeed"); |
||||
flag = true; |
||||
} catch (NamingException var31) { |
||||
if (ctx != null) { |
||||
try { |
||||
ctx.close(); |
||||
FineLoggerFactory.getLogger().info("------------------------------------------"); |
||||
} catch (NamingException var26) { |
||||
FineLoggerFactory.getLogger().info("ctx close occur NamingException, error message:" + var26); |
||||
} |
||||
} |
||||
|
||||
FineLoggerFactory.getLogger().info(" Applications Authentication Failed, error messgae: " + var31); |
||||
flag = false; |
||||
return false; |
||||
} |
||||
|
||||
SearchControls constraints = new SearchControls(); |
||||
if (flag) { |
||||
NamingEnumeration en = null; |
||||
|
||||
try { |
||||
constraints.setSearchScope(2); |
||||
String[] returnAttrs = new String[]{"*"}; |
||||
constraints.setReturningAttributes(returnAttrs); |
||||
String basedn = "dc=bizenit,dc=com"; |
||||
String searchFilter = "(|(uid=" + useruid + ")(smart-alias=" + useruid + "))"; |
||||
FineLoggerFactory.getLogger().info("filter:" + searchFilter); |
||||
en = ctx.search(basedn, searchFilter, constraints); |
||||
} catch (Exception var29) { |
||||
FineLoggerFactory.getLogger().info("search occur Exception, error message:" + var29); |
||||
printException2Frlog(var29); |
||||
} |
||||
|
||||
if (en.hasMoreElements()) { |
||||
DirContext ctxUser = null; |
||||
Hashtable envUser = new Hashtable(); |
||||
envUser.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); |
||||
if (isDev) { |
||||
envUser.put("java.naming.provider.url", "ldap://XXXX"); |
||||
} else { |
||||
envUser.put("java.naming.provider.url", "ldap://XXXX"); |
||||
} |
||||
|
||||
envUser.put("java.naming.security.authentication", "simple"); |
||||
envUser.put("java.naming.security.principal", ((SearchResult)en.next()).getNameInNamespace()); |
||||
envUser.put("java.naming.security.credentials", userPassword); |
||||
|
||||
try { |
||||
Object o = envUser.get("java.naming.provider.url"); |
||||
FineLoggerFactory.getLogger().info("LDAP认证服务器地址:{} 认证用户名:{}", new Object[]{o, envUser.get("java.naming.security.principal")}); |
||||
ctxUser = new InitialDirContext(envUser); |
||||
FineLoggerFactory.getLogger().info("User Login Succeed"); |
||||
result = true; |
||||
constraints.setTimeLimit(1000); |
||||
constraints.setDerefLinkFlag(false); |
||||
constraints.setReturningAttributes(new String[]{"*"}); |
||||
} catch (NamingException var28) { |
||||
FineLoggerFactory.getLogger().info("user Authentication occured NamingException,error message:" + var28); |
||||
printException2Frlog(var28); |
||||
} finally { |
||||
if (ctxUser != null) { |
||||
try { |
||||
ctxUser.close(); |
||||
} catch (NamingException var25) { |
||||
FineLoggerFactory.getLogger().info("ctxUser close occured NamingException,error message:" + var25); |
||||
} |
||||
} |
||||
|
||||
} |
||||
} else { |
||||
result = false; |
||||
} |
||||
|
||||
try { |
||||
if (en != null) { |
||||
en.close(); |
||||
} |
||||
|
||||
if (ctx != null) { |
||||
ctx.close(); |
||||
} |
||||
} catch (NamingException var27) { |
||||
FineLoggerFactory.getLogger().info("close occured NamingException,error message:" + var27); |
||||
printException2Frlog(var27); |
||||
} |
||||
} |
||||
|
||||
return result; |
||||
} |
||||
|
||||
public static <T> T deserialize(String json, Class<T> clazz) { |
||||
Object object = null; |
||||
try { |
||||
object = objectMapper.readValue(json, TypeFactory.rawClass(clazz)); |
||||
} catch (JsonParseException e) { |
||||
} catch (JsonMappingException e) { |
||||
} catch (IOException e) { |
||||
} |
||||
return (T) object; |
||||
} |
||||
|
||||
private String inputStream2String(InputStream inputStream) { |
||||
StringBuilder sb = new StringBuilder(); |
||||
BufferedReader reader = null; |
||||
|
||||
try { |
||||
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset())); |
||||
|
||||
String line; |
||||
while((line = reader.readLine()) != null) { |
||||
sb.append(line); |
||||
} |
||||
} catch (IOException var12) { |
||||
throw new RuntimeException(var12); |
||||
} finally { |
||||
if (reader != null) { |
||||
try { |
||||
reader.close(); |
||||
} catch (IOException var11) { |
||||
} |
||||
} |
||||
|
||||
} |
||||
|
||||
return sb.toString(); |
||||
} |
||||
|
||||
public static String serialize(Object object) { |
||||
StringWriter write = new StringWriter(); |
||||
|
||||
try { |
||||
objectMapper.writeValue(write, object); |
||||
} catch (JsonGenerationException var3) { |
||||
} catch (JsonMappingException var4) { |
||||
} catch (IOException var5) { |
||||
} |
||||
|
||||
return write.toString(); |
||||
} |
||||
|
||||
private void mobLogin(HttpServletRequest req, HttpServletResponse response, LoginRequestInfoBean loginReqInfo) throws Exception { |
||||
String password = TransmissionTool.decrypt(loginReqInfo.isEncrypted(), loginReqInfo.getPassword()); |
||||
String username = loginReqInfo.getUsername(); |
||||
if (WebServiceUtils.containSQLChars(username)) { |
||||
Response error = Response.error("21300015", "Special char prohibit!"); |
||||
WebUtils.printAsString(response, serialize(error)); |
||||
} else { |
||||
User user = UserService.getInstance().getUserByUserName(username); |
||||
if (user == null) { |
||||
throw new UserLoginException(); |
||||
} else { |
||||
String adminName = "XXXX"; |
||||
String adminPwd = "XXXX"; |
||||
if (isDev) { |
||||
adminName = "XXXX"; |
||||
adminPwd = "XXXX"; |
||||
} |
||||
|
||||
if (this.getAuthenticator(username, password, adminName, adminPwd)) { |
||||
String token = this.login(req, response, username); |
||||
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}")); |
||||
LoginResponseInfoBean infoBean = new LoginResponseInfoBean(token, originUrlResponseBean, user.getUserName(), loginReqInfo.getValidity()); |
||||
WebUtils.printAsString(response, serialize(infoBean)); |
||||
} else { |
||||
Response error = Response.error("21300007", "User not exist, or wrong password!"); |
||||
WebUtils.printAsString(response, serialize(error)); |
||||
} |
||||
} |
||||
} |
||||
} |
||||
|
||||
public static boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) { |
||||
try { |
||||
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) { |
||||
FineLoggerFactory.getLogger().info("username changed:" + currentUserName); |
||||
return false; |
||||
} else { |
||||
Device device = NetworkHelper.getDevice(req); |
||||
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); |
||||
return true; |
||||
} |
||||
} catch (Exception var4) { |
||||
return false; |
||||
} |
||||
} |
||||
|
||||
private boolean isLogin(HttpServletRequest request) { |
||||
try { |
||||
return LoginService.getInstance().isLogged(request); |
||||
} catch (Exception var3) { |
||||
return false; |
||||
} |
||||
} |
||||
|
||||
private String login(HttpServletRequest req, HttpServletResponse res, String username) { |
||||
try { |
||||
String oldToken = TokenResource.COOKIE.getToken(req); |
||||
if (oldToken == null || !checkTokenValid(req, oldToken, username)) { |
||||
HttpSession session = req.getSession(true); |
||||
String token = LoginService.getInstance().login(req, res, username); |
||||
// session.setAttribute("fine_auth_token", token);
|
||||
req.setAttribute("fine_auth_token", token); |
||||
return token; |
||||
} |
||||
} catch (Exception var7) { |
||||
FineLoggerFactory.getLogger().error(var7.getMessage(), var7); |
||||
} |
||||
|
||||
return null; |
||||
} |
||||
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { |
||||
servletRequest.setCharacterEncoding("UTF-8"); |
||||
HttpServletRequest request = (HttpServletRequest)servletRequest; |
||||
HttpServletResponse response = (HttpServletResponse)servletResponse; |
||||
String noIdmParameter = request.getParameter("no-idm"); |
||||
String pathInfo; |
||||
if (this.isMobLogin(request)) { |
||||
pathInfo = this.inputStream2String(request.getInputStream()); |
||||
|
||||
try { |
||||
LoginRequestInfoBean infoBean = (LoginRequestInfoBean)deserialize(pathInfo, LoginRequestInfoBean.class); |
||||
if (this.isLogin(request)) { |
||||
String oldToken = TokenResource.COOKIE.getToken(request); |
||||
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}")); |
||||
LoginResponseInfoBean respBean = new LoginResponseInfoBean(oldToken, originUrlResponseBean, infoBean.getUsername(), infoBean.getValidity()); |
||||
WebUtils.printAsString(response, serialize(respBean)); |
||||
} else { |
||||
this.mobLogin(request, response, infoBean); |
||||
} |
||||
|
||||
return; |
||||
} catch (Exception var13) { |
||||
FineLoggerFactory.getLogger().info("LDAP认证失败:" + var13.getMessage()); |
||||
} |
||||
} |
||||
|
||||
if (this.isApp(request)) { |
||||
setCookie(response, "no-idm", "true"); |
||||
pathInfo = request.getPathInfo(); |
||||
this.forwardRequest(request, response); |
||||
} else { |
||||
if (StringUtils.isNotEmpty(noIdmParameter)) { |
||||
boolean isNoIdm = Boolean.parseBoolean(noIdmParameter); |
||||
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm"); |
||||
if (noIdmCookie != null) { |
||||
if (Boolean.parseBoolean(noIdmCookie.getValue()) != isNoIdm) { |
||||
if (isNoIdm) { |
||||
setCookie(response, "no-idm", "true"); |
||||
} else { |
||||
setCookie(response, "no-idm", "false"); |
||||
} |
||||
} |
||||
} else if (isNoIdm) { |
||||
setCookie(response, "no-idm", "true"); |
||||
} else { |
||||
setCookie(response, "no-idm", "false"); |
||||
} |
||||
} else { |
||||
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm"); |
||||
if (noIdmCookie == null) { |
||||
setCookie(response, "no-idm", "false"); |
||||
} |
||||
} |
||||
|
||||
if (!this.isNoFilterUrls(request) && !this.isRequestLoginPageNecessaryResources(request) && !this.isFromNoIdmPage(request)) { |
||||
User user = null; |
||||
|
||||
try { |
||||
user = UserService.getInstance().getUserByRequestCookie(request); |
||||
} catch (Exception var12) { |
||||
} |
||||
|
||||
if (user != null) { |
||||
this.forwardRequest(request, response); |
||||
} else if (StringUtils.isNotEmpty(noIdmParameter) && Boolean.parseBoolean(noIdmParameter)) { |
||||
this.forwardRequest(request, response); |
||||
} else { |
||||
filterChain.doFilter(request, response); |
||||
} |
||||
} else { |
||||
this.forwardRequest(request, response); |
||||
} |
||||
} |
||||
} |
||||
|
||||
private static void setCookie(HttpServletResponse response, String name, String value) { |
||||
Cookie cookie = new Cookie(name, value); |
||||
cookie.setPath("/"); |
||||
response.addCookie(cookie); |
||||
} |
||||
|
||||
public void destroy() { |
||||
} |
||||
|
||||
public boolean isNoFilterUrls(HttpServletRequest request) { |
||||
String requestURI = request.getRequestURI(); |
||||
String[] var3 = this.noFilterUrls; |
||||
int var4 = var3.length; |
||||
|
||||
for(int var5 = 0; var5 < var4; ++var5) { |
||||
String url = var3[var5]; |
||||
if (requestURI.contains(url)) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
|
||||
public boolean isRequestLoginPageNecessaryResources(HttpServletRequest request) { |
||||
String queryString = request.getQueryString(); |
||||
if (StringUtils.isEmpty(queryString)) { |
||||
return false; |
||||
} else { |
||||
String[] var3 = this.loginPageNecessaryResources; |
||||
int var4 = var3.length; |
||||
|
||||
for(int var5 = 0; var5 < var4; ++var5) { |
||||
String parameter = var3[var5]; |
||||
if (queryString.contains(parameter)) { |
||||
return true; |
||||
} |
||||
} |
||||
|
||||
return false; |
||||
} |
||||
} |
||||
|
||||
private boolean isFromNoIdmPage(HttpServletRequest request) { |
||||
String referer = request.getHeader("Referer"); |
||||
return StringUtils.isNotEmpty(referer) && referer.contains("no-idm=true"); |
||||
} |
||||
|
||||
private void forwardRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { |
||||
String contextPath = request.getContextPath(); |
||||
String relativePath = request.getRequestURI().replace(contextPath, ""); |
||||
request.getRequestDispatcher(relativePath).forward(request, response); |
||||
} |
||||
} |
Loading…
Reference in new issue