Browse Source

提交开源任务材料

10.0
LAPTOP-SB56SG4Q\86185 3 years ago
parent
commit
d5adb42c58
  1. BIN
      5591-5860-6693使用文档.docx
  2. BIN
      JSD-8232-需求确认书V1.docx
  3. 5
      README.md
  4. 29
      plugin.xml
  5. 38
      src/main/java/com/fr/plugin/ChangeConfigHander.java
  6. 38
      src/main/java/com/fr/plugin/ChangeDesignConfigHander.java
  7. 487
      src/main/java/com/fr/plugin/DataFilterPlaceHolder.java
  8. 344
      src/main/java/com/fr/plugin/FR2loginFilter.java
  9. 165
      src/main/java/com/fr/plugin/FRloginFilter.java
  10. 160
      src/main/java/com/fr/plugin/FilterMeConfig.java
  11. 110
      src/main/java/com/fr/plugin/GlobalRequestFilterPlaceHolder.java
  12. 130
      src/main/java/com/fr/plugin/HttpApi.java
  13. 62
      src/main/java/com/fr/plugin/IpUtils.java
  14. 14
      src/main/java/com/fr/plugin/JHHttpHander.java
  15. 17
      src/main/java/com/fr/plugin/JHUrlAliasProvider.java
  16. 28
      src/main/java/com/fr/plugin/JSONUtils.java
  17. 794
      src/main/java/com/fr/plugin/LastloginFilter.java
  18. 150
      src/main/java/com/fr/plugin/LoginFilter.java
  19. 25
      src/main/java/com/fr/plugin/LoginOutEventProvider.java
  20. 139
      src/main/java/com/fr/plugin/PostionImportgHander.java
  21. 405
      src/main/java/com/fr/plugin/RemoteFilter.java
  22. 128
      src/main/java/com/fr/plugin/RequestWrapper.java
  23. 97
      src/main/java/com/fr/plugin/XContentRequestWrapper.java
  24. 90
      src/main/java/com/fr/plugin/util/LogUtils.java
  25. 26
      src/main/java/com/fr/plugin/util/RequestUtils.java
  26. 35
      src/main/java/com/fr/plugin/util/ResponseUtils.java
  27. 464
      src/main/java/com/fr/sso/cas/FRAccessFilter.java
  28. 16
      src/main/resources/com/fr/plugin/error.html
  29. BIN
      集成Filter需求文档.docx

BIN
5591-5860-6693使用文档.docx

Binary file not shown.

BIN
JSD-8232-需求确认书V1.docx

Binary file not shown.

5
README.md

@ -1,3 +1,6 @@
# open-JSD-8232
JSD-8232 开源任务材料
JSD-8232 开源任务材料\
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
仅作为开发者学习参考使用!禁止用于任何商业用途!\
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。

29
plugin.xml

@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<plugin>
<id>com.fr.plugin.sln5591</id>
<name><![CDATA[单点登录]]></name>
<active>yes</active>
<version>1.8.8</version>
<env-version>10.0</env-version>
<jartime>2019-03-10</jartime>
<vendor>fr.open</vendor>
<description><![CDATA[拦截器]]></description>
<change-notes>
</change-notes>
<main-package>com.fr.plugin</main-package>
<function-recorder class="com.fr.plugin.FRloginFilter"/>
<extra-decision>
<!--插件注入HttpHandler-->
<HttpHandlerProvider class="com.fr.plugin.JHHttpHander"/>
<!--<WebResourceProvider class="com.fr.plugin.LanLinJSHander"/>-->
<URLAliasProvider class="com.fr.plugin.JHUrlAliasProvider"/>
<EmbedRequestFilterProvider class="com.fr.plugin.RemoteFilter"/>
<!--这个是真实的-->
<GlobalRequestFilterProvider class="com.fr.plugin.LastloginFilter"/>
<!--这个是代理-->
<GlobalRequestFilterProvider class="com.fr.plugin.GlobalRequestFilterPlaceHolder"/>
<GlobalRequestFilterProvider class="com.fr.plugin.DataFilterPlaceHolder"/>
<LogInOutEventProvider class="com.fr.plugin.LoginOutEventProvider"/>
</extra-decision>
</plugin>

38
src/main/java/com/fr/plugin/ChangeConfigHander.java

@ -0,0 +1,38 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ChangeConfigHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return null;
}
@Override
public String getPath() {
return "/change1";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
String config = req.getParameter("config");
FilterMeConfig instance = FilterMeConfig.getInstance();
if (StringUtils.isBlank(config)) {
instance.setAdminFlags("");
} else {
instance.setAdminFlags(config);
}
WebUtils.printAsString(res, "success");
}
}

38
src/main/java/com/fr/plugin/ChangeDesignConfigHander.java

@ -0,0 +1,38 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ChangeDesignConfigHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return null;
}
@Override
public String getPath() {
return "/change2";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
String designConfig = req.getParameter("config");
FilterMeConfig instance = FilterMeConfig.getInstance();
if (StringUtils.isBlank(designConfig)) {
// instance.setDesignFlags("");
} else {
// instance.setDesignFlags(designConfig);
}
WebUtils.printAsString(res, "success");
}
}

487
src/main/java/com/fr/plugin/DataFilterPlaceHolder.java

@ -0,0 +1,487 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Iterator;
public class DataFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "a1data";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/*"
};
}
@Override
public void init(FilterConfig filterConfig) {
FilterMeConfig.getInstance();
super.init(filterConfig);
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
if (request.getMethod().equalsIgnoreCase("POST")) {
if (request.getPathInfo() != null && request.getPathInfo().endsWith("v5/design/widget/data")) {
String header = request.getHeader("X-Context");
if (StringUtils.isNotBlank(header)) {
RequestWrapper wrapper = new RequestWrapper(request);
String bodyString = wrapper.getBodyString();
JSONObject entries = new JSONObject(bodyString);
try {
delJSON(header, entries);
// FineLoggerFactory.getLogger().info("设置到body中 :{}", entries);
wrapper.setBody(entries.toString().getBytes());
filterChain.doFilter(wrapper, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
}
}
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
}
private void delJSON(String head, JSONObject req) {
try {
head = URLDecoder.decode(head, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().error("收到的 Context:{}", head);
JSONObject jsonObject = new JSONObject(head);
Iterator<String> keys = jsonObject.keys();
if (req.has("parameter")) {
JSONObject parameter = req.getJSONObject("parameter");
while (keys.hasNext()) {
String key = keys.next();
String value = jsonObject.getString(key);
if (!parameter.has(key)) {
setData(key, value, parameter);
}
}
}
// else {
// JSONObject parameter = new JSONObject();
// while (keys.hasNext()) {
// String key = keys.next();
// String value = jsonObject.getString(key);
// if (!parameter.has(key)) {
// setData(key, value, parameter);
// }
// }
// req.put("parameter", parameter);
// }
// String userNo = jsonObject.getString("usrNo");
// String userNm = jsonObject.getString("usrNm");
// String pstNo = jsonObject.getString("pstNo");
// String instNo = jsonObject.getString("instNo");
// String accInstNo = jsonObject.getString("accInstNo");
// String admnInstNo = jsonObject.getString("admnInstNo");
// if (!parameter.has(userNo)) {
// setData("usrNo", userNo, parameter);
// }
// if (!parameter.has(userNm)) {
// setData("userNm", userNm, parameter);
// }
// if (!parameter.has(pstNo)) {
// setData("pstNo", pstNo, parameter);
// }
// if (!parameter.has(instNo)) {
// setData("instNo", instNo, parameter);
// }
// if (!parameter.has(accInstNo)) {
// setData("accInstNo", accInstNo, parameter);
// }
// if (!parameter.has(admnInstNo)) {
// setData("admnInstNo", admnInstNo, parameter);
// }
}
private void setData(String name, String data, JSONObject parameter) {
JSONObject jsonObject = new JSONObject();
jsonObject.put("type", 97);//URL参数
jsonObject.put("value", data);
parameter.put(name, jsonObject);
}
// /**
// * 判断是否是远程设计请求
// */
// private boolean isRemoteDesignRequest(HttpServletRequest request) {
// String pathInfo = request.getPathInfo();
// return StringUtils.isNotEmpty(pathInfo) && pathInfo.startsWith("/remote/design");
// }
//
//
// private void adminLogin(HttpServletRequest request) {
//
// }
//
// /**
// * 判断是否是资源文件请求
// */
// private boolean isResourceFileRequest(HttpServletRequest request) {
// String pathInfo = request.getPathInfo();
// if (StringUtils.isEmpty(pathInfo)) {
// return false;
// }
//
// return pathInfo.startsWith("/resources") || pathInfo.startsWith("/file");
// }
//
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
//
// private void sendRedirect(HttpServletResponse res, String url) {
// res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
// res.setHeader("Location", url);
// }
//
//
// private void login(HttpServletRequest req, HttpServletResponse res, String username) {
// HttpSession session = req.getSession(true);
// String token = null;
// try {
// token = LoginService.getInstance().login(req, res, username);
//// session.setAttribute("fine_auth_token", token);
// } catch (Exception e) {
// FineLoggerFactory.getLogger().error(e.getMessage(), e);
// FineLoggerFactory.getLogger().error("login failed");
// }
// FineLoggerFactory.getLogger().error("login success");
// }
//
// private boolean ipblackCheck(String ip) {
// String[] blackIps = new String[]{};
// try {
// InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
// if (inputStream != null) {
// String lines = IOUtils.inputStream2String(inputStream);
// blackIps = lines.split("\n");
// }
// } catch (IOException e) {
// LogUtils.error(e.getMessage(), e);
// }
// if ("0:0:0:0:0:0:0:1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv6 地址: {},直接放行。", ip);
// return true;
// }
// if ("127.0.0.1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv4 地址: {},直接放行。", ip);
// return true;
// }
// for (String blackIp : blackIps) {
// if (!blackIp.contains("-")) {
// if (ip.equals(blackIp)) {
// return true;
// }
// } else {
// String trim = blackIp.trim();
// String[] split = trim.split("-");
// if (split.length > 1) {
// if (IpUtils.ipExistsInRange(ip, split[0], split[1])) {
// return true;
// }
// }
// }
// }
// return false;
// }
//
// private void writerOurError(HttpServletResponse httpServletResponse) {
// try {
// WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
// } catch (IOException e) {
// e.printStackTrace();
// }
// }
//
// private boolean isLogin(HttpServletRequest req) {
// return LoginService.getInstance().isLogged(req);
// }
////
//// public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
//// String uri = request.getRequestURI();
//// String ip = IpUtils.getIp(request);
//// if (!ipblackCheck(ip)) {
//// writerOurError(httpServletResponse);
//// return;
//// }
//// if (request.getMethod().equalsIgnoreCase("GET")) {
//// String header = request.getHeader("X-Context");
//// if (StringUtils.isNotBlank(header)) {
//// XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
////// String a = wrapper.getParameter("a");
////// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
//// if (isLogin(wrapper)) {
//// String usrNm = wrapper.getParameter("usrNm");
//// String userNameFromRequest = LoginService.getInstance().getUserNameFromRequestCookie(request);
//// //如果登录的用户和content的中不一致则切换登录用户
//// if (!ComparatorUtils.equals(userNameFromRequest, usrNm)) {
//// tokenLogin(request, httpServletResponse);
//// }
//// } else {
//// tokenLogin(request, httpServletResponse);
//// return;
//// }
////
//// String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
//// String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
//// if (loginUrl.equals(uri)) {
//// String manualOut = request.getParameter("manual");
//// if (!ComparatorUtils.equals(manualOut, "true")) {
////// String header = request.getHeader("X-Context");
//// if (StringUtils.isNotBlank(header) && !isLogin(request)) {
//// tokenLogin(request, httpServletResponse);
//// sendRedirect(httpServletResponse, home);
//// }
//// }
//// }
//// }
//// }
//// return;
//// }
////
//// private void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
//// String header = req.getHeader("X-Context");
//// try {
//// header = URLDecoder.decode(header, "UTF-8");
//// } catch (UnsupportedEncodingException e) {
//// e.printStackTrace();
//// }
//// FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
//// JSONObject entries = new JSONObject(header);
//// String usrNm = entries.getString("usrNm");
////
//// try {
//// User user = UserService.getInstance().getUserByUserName(usrNm);
//// UserController userController = AuthorityContext.getInstance().getUserController();
//// if (user == null) {
//// FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
//// PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
//// user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, "123456"))
//// .creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
//// userController.add(user);
//// }
//// String userId = user.getId();
//// dealCustomRole(req, userId);
//// //在判断本地的角色是不是远程没有了,要移除掉
//// CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
////
//// List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
//// boolean isAdmin = false;
//// List<String> adminFlags = getAdminFlags();
//// if (!adminFlags.isEmpty()) {
//// for (CustomRole role : roles) {
//// String name = role.getName();
//// if (isAdminFlags(name, adminFlags)) {
//// isAdmin = true;
//// break;
//// }
//// }
//// }
//// if (isAdmin) {
//// FineLoggerFactory.getLogger().info("本次为管理员登录 ");
//// login(req, res, "admin");
//// } else {
//// FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
//// login(req, res, usrNm);
//// }
////
//// } catch (Exception e) {
//// e.printStackTrace();
//// }
//// }
////
//// private void dealCustomRole(HttpServletRequest req, String userId) throws Exception {
//// UserController userController = AuthorityContext.getInstance().getUserController();
//// String header = req.getHeader("X-Context");
//// CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
////
////
//// try {
////
//// header = URLDecoder.decode(header, "UTF-8");
//// } catch (UnsupportedEncodingException e) {
//// e.printStackTrace();
//// }
//// FineLoggerFactory.getLogger().info("开始同步角色信息x-content :{}", header);
//// JSONObject entries = new JSONObject(header);
//// String usrNm = entries.getString("usrNm");
//// JSONArray rlNoList = entries.getJSONArray("rlNoList");
//// List<String> remoteRoles = new ArrayList<>();
////
//// try {
//// int size = rlNoList.size();
//// for (int i = 0; i < size; i++) {
//// String name = rlNoList.getString(i);
//// remoteRoles.add(name);
//// FineLoggerFactory.getLogger().info("传送过来的角色:{}", name);
//// }
//// //先判断传过来的的角色是不是本地都有,没有要加上
//// for (String role : remoteRoles) {
//// List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
//// if (!controllerOne.isEmpty()) {
//// try {
//// CustomRole customRole = controllerOne.get(0);
//// userController.addUserToCustomRole(userId, customRole.getId());
//// } catch (Exception e) {
//// }
//// } else {
//// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
//// CustomRole addRole = new CustomRole();
//// addRole.setId(role);
//// addRole.setName(role);
//// addRole.setAlias(role);
//// addRole.setEnable(true);
//// addRole.setDescription("通过xcontent添加");
//// try {
//// customRoleController.add(addRole);
//// userController.addUserToCustomRole(userId, addRole.getId());
//// } catch (Exception e) {
//// }
//// }
////// for (CustomRole customRole : roles) {
////// FineLoggerFactory.getLogger().info("远程角色:{} 本地:{}", role,customRole.getName());
////// if (ComparatorUtils.equals(customRole.getName(), role)) {
////// find = true;
////// try {
////// userController.addUserToCustomRole(userId, customRole.getId());
////// } catch (Exception e){
//////
////// }
////// }
////// }
////
//// }
//// //在判断本地的角色是不是远程没有了,要移除掉
//// List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
////
//// for (CustomRole customRole : roles) {
//// if (!remoteRoles.contains(customRole.getName())) {
//// if ("superusers".equals((customRole.getName()))) {
//// continue;
//// }
//// FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
//// userController.removeUserFromCustomRole(userId, customRole.getId());
//// }
//// }
//// } catch (Exception e) {
//// e.printStackTrace();
//// }
//// }
////
//// private static boolean isAdminFlags(String flag, List<String> flags) {
//// return flags.contains(flag);
//// }
////
//// private List<String> getAdminFlags() {
//// String adminFlags = FilterMeConfig.getInstance().getAdminFlags();
//// FineLoggerFactory.getLogger().info("本地管理员角色获取:{}", adminFlags);
//// if (StringUtils.isNotBlank(adminFlags)) {
//// String[] split = adminFlags.split(";");
//// return Arrays.asList(split);
//// }
//// return Collections.emptyList();
//// }
////
//// private String getUrl(HttpServletRequest request) {
//// String url = "/";
//// try {
//// url = "http://" + request.getServerName()//服务器地址
//// + ":"
//// + request.getServerPort() + request.getRequestURI();
//// Enumeration<String> parameterNames = request.getParameterNames();
//// Map<String, String> reqParams = new HashMap<>();
//// while (parameterNames.hasMoreElements()) {
//// String key = parameterNames.nextElement();
//// reqParams.put(key, request.getParameter(key));
//// }
//// Map<String, String> parmas = header2url(request);
//// reqParams.putAll(parmas);
//// String header2url = map2String(reqParams);
//// FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
//// if (url.contains("?")) {
//// url += header2url;
//// } else {
//// url += "?a=1" + header2url;
//// }
////
//// } catch (Exception e) {
//// e.printStackTrace();
//// }
//// url += "&sendTwo=true";
//// return url;
//// }
////
////
//// private Map<String, String> header2url(HttpServletRequest request) {
//// Map<String, String> params = new HashMap<>();
//// String context = request.getHeader("X-Context");
//// if (StringUtils.isNotBlank(context)) {
//// try {
//// context = URLDecoder.decode(context, "UTF-8");
//// } catch (UnsupportedEncodingException e) {
//// e.printStackTrace();
//// }
//// JSONObject jsonObject = new JSONObject(context);
//// String userNo = jsonObject.getString("usrNo");
//// String userNm = jsonObject.getString("usrNm");
//// String pstNo = jsonObject.getString("pstNo");
// String instNo = jsonObject.getString("instNo");
// String accInstNo = jsonObject.getString("accInstNo");
// String admnInstNo = jsonObject.getString("admnInstNo");
// params.put("usrNo", userNo);
// params.put("usrNm", userNm);
// params.put("pstNo", pstNo);
// params.put("instNo", instNo);
// params.put("accInstNo", accInstNo);
// params.put("admnInstNo", admnInstNo);
// }
// params.put("sendTwo", "true");
// return params;
// }
//
// private String map2String(Map<String, String> params) {
// StringBuffer buffer = new StringBuffer();
// Set<String> strings = params.keySet();
// for (String key : strings) {
// buffer.append("&").append(key).append("=").append(params.get(key));
// }
// return buffer.toString();
// }
}

344
src/main/java/com/fr/plugin/FR2loginFilter.java

@ -0,0 +1,344 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.general.IOUtils;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
@FunctionRecorder(localeKey = "fr2")
public class FR2loginFilter extends AbstractEmbedRequestFilterProvider {
@Override
public void init(FilterConfig filterConfig) {
super.init(filterConfig);
}
private static String[] filterUrls = new String[]{
"v5/design/report/",
"view/report",
"view/form"
};
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private boolean needFilter(String url) {
if (StringUtils.isNotBlank(url)) {
for (String filterUrl : filterUrls) {
if (url.contains(filterUrl)) {
return true;
}
}
}
return false;
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
HttpSession session = req.getSession(true);
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
private boolean ipblackCheck(String ip) {
String[] blackIps = new String[]{};
try {
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
if (inputStream != null) {
String lines = IOUtils.inputStream2String(inputStream);
blackIps = lines.split("\n");
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
if ("0:0:0:0:0:0:0:1".equals(ip)) {
return true;
}
for (String blackIp : blackIps) {
if (!blackIp.contains("-")) {
if (ip.equals(blackIp)) {
return true;
}
} else {
String trim = blackIp.trim();
String[] split = trim.split("-");
if (split.length > 1) {
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
return true;
}
}
}
}
return false;
}
private void writerOurError(HttpServletResponse httpServletResponse) {
try {
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
} catch (IOException e) {
e.printStackTrace();
}
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
String ip = IpUtils.getIp(request);
if (!ipblackCheck(ip)) {
writerOurError(httpServletResponse);
return;
}
if (request.getMethod().equalsIgnoreCase("GET")) {
//直接return 就开始执行原来的逻辑
if (request.getParameter("sendTwo") != null) {
return;
}
//需要特殊处理的url按照特殊处理
if (needFilter(uri)) {
sendRedirect(httpServletResponse, getUrl(request));
return;
}
String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
if (loginUrl.equals(uri)) {
String manualOut = request.getParameter("manual");
if (!ComparatorUtils.equals(manualOut, "true")) {
String header = request.getHeader("X-Context");
if (StringUtils.isNotBlank(header) && !isLogin(request)) {
tokenLogin(request, httpServletResponse);
sendRedirect(httpServletResponse, home);
}
}
}
}
return;
}
private void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
String header = req.getHeader("X-Context");
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
try {
User user = UserService.getInstance().getUserByUserName(usrNm);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
String userId = user.getId();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
boolean isAdminRoleFlag = false;
List<String> adminFlags = getAdminFlags();
FineLoggerFactory.getLogger().info("当前的管理员标识符 :{}", adminFlags);
List<String> remoteRoles = new ArrayList<>();
try {
int size = rlNoList.size();
for (int i = 0; i < size; i++) {
String name = rlNoList.getString(i);
remoteRoles.add(name);
FineLoggerFactory.getLogger().info("传送过来的角色:{}", name);
if (isAdminFlags(name, adminFlags)) {
isAdminRoleFlag = true;
}
}
//先判断传过来的的角色是不是本地都有,没有要加上
for (String role : remoteRoles) {
boolean find = false;
for (CustomRole customRole : roles) {
if (ComparatorUtils.equals(customRole.getName(), role)) {
find = true;
}
}
if (!find) {
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
// List<CustomRole> roleList = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
// FineLoggerFactory.getLogger().info("通过角色名称{} 查询出来的本地角色:{}", role, roleList.size());
// for (CustomRole customRole : roleList) {
// FineLoggerFactory.getLogger().info("给用户新增角色:{}", customRole.getId());
// userController.addUserToCustomRole(userId, customRole.getId());
// }
FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
CustomRole addRole = new CustomRole();
addRole.setName(role);
addRole.setAlias(role);
addRole.setId(UUID.randomUUID().toString());
addRole.setDescription("通过xcontent添加");
customRoleController.add(addRole);
userController.addUserToCustomRole(userId, addRole.getId());
}
}
//在判断本地的角色是不是远程没有了,要移除掉
for (CustomRole customRole : roles) {
if (!remoteRoles.contains(customRole.getName())) {
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
} catch (Exception e) {
e.printStackTrace();
}
//如果是管理员标志就直接登录admin账号
if (isAdminRoleFlag) {
FineLoggerFactory.getLogger().info("本次为管理员登录");
login(req, res, "admin");
} else {
FineLoggerFactory.getLogger().info("本次为普通用户登录:{}", usrNm);
login(req, res, usrNm);
}
} catch (Exception e) {
e.printStackTrace();
}
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

165
src/main/java/com/fr/plugin/FRloginFilter.java

@ -0,0 +1,165 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
@FunctionRecorder(localeKey = "frfilter")
public class FRloginFilter extends AbstractEmbedRequestFilterProvider {
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
if (uri != null && uri.contains("v5/design/report/share") && request.getMethod().equalsIgnoreCase("GET")) {
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,需要跳转share {}", uri);
if (request.getParameter("sendTwo") != null) {
return;
}
String url = getUrl(request);
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,跳转出来的 {}", url);
sendRedirect(httpServletResponse, url);
}
}
//
// private String getUrl(HttpServletRequest request){
// String url = "/";
// try {
// url = "http://" + request.getServerName()//服务器地址
// + ":"
// + request.getServerPort() + request.getRequestURI() ;
// String queryString = request.getQueryString();
// String header2url = header2url(request);
// if (StringUtils.isNotBlank(queryString)) {
// url+= "?"+queryString+header2url;
// }else{
// url+="?a=1"+header2url;
// }
// if(url.contains("?")){
// url+="&sendTwo=true";
// }else{
// url+="?sendTwo=true";
// }
// } catch (Exception e) {
// printException2Frlog(e);
// }
// return url;
// }
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
//
// private String header2url(HttpServletRequest request){
// StringBuffer buffer=new StringBuffer();
// String context = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(context)) {
// try {
// context = URLDecoder.decode(context, "UTF-8");
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// }
// JSONObject jsonObject = new JSONObject(context);
// String userNo = jsonObject.getString("usrNo");
// String userNm = jsonObject.getString("usrNm");
// String pstNo = jsonObject.getString("pstNo");
// String instNo = jsonObject.getString("instNo");
// String accInstNo = jsonObject.getString("accInstNo");
// String admnInstNo = jsonObject.getString("admnInstNo");
// buffer.append("&userNo=").append(userNo).append("&userNm=").append(userNm).append("&pstNo=").append(pstNo).append("&instNo=").append(instNo)
// .append("&accInstNo=").append(accInstNo).append("&admnInstNo=").append(admnInstNo);
// }
//
// buffer.append("&sendTwo=true");
// return buffer.toString();
// }
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

160
src/main/java/com/fr/plugin/FilterMeConfig.java

@ -0,0 +1,160 @@
package com.fr.plugin;
import com.fr.config.*;
import com.fr.config.holder.Conf;
import com.fr.config.holder.factory.Holders;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.web.utils.WebUtils;
import static com.fr.plugin.PostionImportgHander.saveDep;
import static com.fr.plugin.PostionImportgHander.savePosition;
@Visualization(category = "系统接口地址配置")
public class FilterMeConfig extends DefaultConfiguration {
private static volatile FilterMeConfig config = null;
public static FilterMeConfig getInstance() {
if (config == null) {
config = ConfigContext.getConfigInstance(FilterMeConfig.class);
}
return config;
}
@Identifier(value = "baseUrl", name = "接口地址", description = "", status = Status.SHOW)
private Conf<String> baseUrl = Holders.simple("http://localhost:8080/");
@Identifier(value = "adminFlags", name = "管理员标识符rlNoList", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> adminFlags = Holders.simple("");
@Identifier(value = "adminFlagsNm", name = "管理员标识符usrNm", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> adminFlagsNm = Holders.simple("");
@Identifier(value = "disposeRlNoListFlags", name = "数据处理用户标识符(rlNoList)", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> disposeRlNoListFlags = Holders.simple("");
@Identifier(value = "disposeUsrNmFlags", name = "数据处理用户标识符(usrNm)", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> disposeUsrNmFlags = Holders.simple("");
@Identifier(value = "analyseRlNoListFlags", name = "数据分析用户标识符(rlNoList)", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> analyseRlNoListFlags = Holders.simple("");
@Identifier(value = "analyseDesignFlags", name = "数据分析用户标识符(usrNm)", description = "使用分号分隔", status = Status.SHOW)
private Conf<String> analyseDesignFlags = Holders.simple("");
@Identifier(value = "adminImport", name = "导入机构部门角色", description = "导入机构部门角色", status = Status.SHOW)
private Conf<String> adminImport = Holders.simple("");
@Identifier(value = "needflush", name = "是否需要刷新权限", description = "使用分号分隔", status = Status.SHOW)
private Conf<Boolean> needflush = Holders.simple(true);
public String getDisposeRlNoListFlags() {
return disposeRlNoListFlags.get();
}
public void setDisposeRlNoListFlags(String disposeRlNoListFlags) {
this.disposeRlNoListFlags.set(disposeRlNoListFlags);
}
public String getDisposeUsrNmFlags() {
return disposeUsrNmFlags.get();
}
public void setDisposeUsrNmFlags(String disposeUsrNmFlags) {
this.disposeUsrNmFlags.set(disposeUsrNmFlags);
}
public String getAnalyseRlNoListFlags() {
return analyseRlNoListFlags.get();
}
public void setAnalyseRlNoListFlags(String analyseRlNoListFlags) {
this.analyseRlNoListFlags .set(analyseRlNoListFlags);
}
public String getAnalyseDesignFlags() {
return analyseDesignFlags.get();
}
public void setAnalyseDesignFlags(String analyseDesignFlags) {
this.analyseDesignFlags .set(analyseDesignFlags);
}
public String getAdminImport() {
return adminImport.get();
}
public void setAdminImport( String adminImport) {
//执行导入操作
this.adminImport.set("");
try {
FineLoggerFactory.getLogger().error("----------------开始保存管理员标识:{}",adminImport);
JSONArray jsonArray = new JSONArray(adminImport);
int length = jsonArray.length();
for (int i = 0; i < length; i++) {
JSONObject jsonObject = jsonArray.getJSONObject(i);
String fInstNo = jsonObject.getString("fInstNo");
String instNo = jsonObject.getString("instNo");//部门id
String instNm = jsonObject.getString("instNm");//部门名称
String pstNo = jsonObject.getString("pstNo");//职务编号
String pstNm = jsonObject.getString("pstNm");//职务名
saveDep(fInstNo, instNo, instNm);
savePosition(instNo, pstNo, pstNm);
}
FineLoggerFactory.getLogger().error("+++++++++++++++结束保存管理员标识:{}",adminImport);
} catch (Exception e) {
FineLoggerFactory.getLogger().error("====++++通过配置接口导入数据出错:",e);
}
}
public String getAdminFlags() {
return adminFlags.get();
}
public void setAdminFlags(String adminFlags) {
this.adminFlags.set(adminFlags);
}
public String getBaseUrl() {
return baseUrl.get();
}
public void setBaseUrl(String baseUrl) {
this.baseUrl.set(baseUrl);
}
public String getAdminFlagsNm() {
return adminFlagsNm.get();
}
public void setAdminFlagsNm(String adminFlagsNm) {
this.adminFlagsNm.set(adminFlagsNm);
}
public Boolean getNeedflush() {
return needflush.get();
}
public void setNeedflush(Boolean needflush) {
this.needflush.set(needflush);
}
@Override
public Object clone() throws CloneNotSupportedException {
FilterMeConfig cloned = (FilterMeConfig) super.clone();
cloned.baseUrl = (Conf<String>) baseUrl.clone();
cloned.adminFlags = (Conf<String>) adminFlags.clone();
cloned.adminFlagsNm = (Conf<String>) adminFlagsNm.clone();
// cloned.designFlags = (Conf<String>) designFlags.clone();
cloned.disposeRlNoListFlags = (Conf<String>) disposeRlNoListFlags.clone();
cloned.disposeUsrNmFlags = (Conf<String>) disposeUsrNmFlags.clone();
cloned.analyseRlNoListFlags = (Conf<String>) analyseRlNoListFlags.clone();
cloned.analyseDesignFlags = (Conf<String>) analyseDesignFlags.clone();
cloned.needflush = (Conf<Boolean>) needflush.clone();
cloned.adminImport = (Conf<String>) adminImport.clone();
return cloned;
}
}

110
src/main/java/com/fr/plugin/GlobalRequestFilterPlaceHolder.java

@ -0,0 +1,110 @@
package com.fr.plugin;
import com.fr.decision.ExtraDecisionClassManager;
import com.fr.decision.fun.GlobalRequestFilterProvider;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.event.Event;
import com.fr.event.EventDispatcher;
import com.fr.event.Listener;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.context.PluginContext;
import com.fr.plugin.injectable.PluginModule;
import com.fr.plugin.observer.PluginEventType;
import com.fr.stable.StringUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Set;
/**
* @author Peng
*/
public class GlobalRequestFilterPlaceHolder extends AbstractGlobalRequestFilterProvider {
private static final String CURRENT_PLUGIN_ID = "com.fr.plugin.sln5591";//需要求个这两个配置
private static final String CURRENT_FILTER_NAME = "lastLogin";
private static GlobalRequestFilterProvider PLACE_HOLDER_IMPL_FILTER;
@Override
public void init(FilterConfig filterConfig) {
Set<GlobalRequestFilterProvider> providers = ExtraDecisionClassManager.getInstance().getArray(GlobalRequestFilterProvider.MARK_STRING);
if (providers != null) {
for (GlobalRequestFilterProvider provider : providers) {
String filterName = provider.filterName();
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
PLACE_HOLDER_IMPL_FILTER = provider;
break;
}
}
}
com.fr.stable.Filter<PluginContext> filter = new com.fr.stable.Filter<PluginContext>() {
@Override
public boolean accept(PluginContext context) {
String pluginId = context.getID();
return context.contain(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING) && CURRENT_PLUGIN_ID.equals(pluginId);
}
};
EventDispatcher.listen(PluginEventType.AfterRun, new Listener<PluginContext>() {
@Override
public void on(Event event, PluginContext context) {
Set<GlobalRequestFilterProvider> providers = context.getRuntime().get(PluginModule.ExtraDecision, GlobalRequestFilterProvider.MARK_STRING);
if (providers != null) {
for (GlobalRequestFilterProvider provider : providers) {
String filterName = provider.filterName();
if (StringUtils.isNotEmpty(filterName) && CURRENT_FILTER_NAME.equals(filterName)) {
PLACE_HOLDER_IMPL_FILTER = provider;
break;
}
}
}
}
}, filter);
EventDispatcher.listen(PluginEventType.BeforeStop, new Listener<PluginContext>() {
@Override
public void on(Event event, PluginContext context) {
PLACE_HOLDER_IMPL_FILTER = null;
}
}, filter);
}
@Override
public String filterName() {
return "GlobalRequestFilterPlaceHolder";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/*"
};
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
try {
process(request, response, filterChain);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e, e.getMessage());
try {
filterChain.doFilter(request, response);
} catch (Exception ex) {
FineLoggerFactory.getLogger().error(ex, ex.getMessage());
}
}
}
public void process(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws Exception {
if (PLACE_HOLDER_IMPL_FILTER == null) {
if(FineLoggerFactory.getLogger().isDebugEnabled()) {
FineLoggerFactory.getLogger().debug("[GlobalRequestFilterPlaceHolder] placeHolderImplFilter 为 null");
}
filterChain.doFilter(request, response);
} else {
PLACE_HOLDER_IMPL_FILTER.doFilter(request, response, filterChain);
}
}
}

130
src/main/java/com/fr/plugin/HttpApi.java

@ -0,0 +1,130 @@
package com.fr.plugin;
import com.fr.base.ServerConfig;
import com.fr.json.JSONObject;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
public class HttpApi {
private static String getParam(Map<String, Object> var0, String enc) {
String var1 = "";
Set var2 = var0.keySet();
Iterator var3 = var2.iterator();
while (var3.hasNext()) {
String var4 = (String) var3.next();
String var5 = var0.get(var4) + "";
try {
var1 = var1 + (var1.length() == 0 ? "" : "&") + URLEncoder.encode(var4, enc) + "=" + URLEncoder.encode(var5, enc);
} catch (Exception var7) {
;
}
}
return var1;
}
public static String post(String path, Map<String, Object> param) {
String var3 = getParam(param, ServerConfig.getInstance().getServerCharset());
PrintWriter var4 = null;
BufferedReader var5 = null;
String var6 = "";
try {
URL var7 = new URL(path);
HttpURLConnection var8 = (HttpURLConnection) var7.openConnection();
var8.setRequestProperty("accept", "*/*");
var8.setRequestProperty("connection", "Keep-Alive");
var8.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
// var8.setRequestProperty("Accept-Charset", "UTF-8");
var8.setRequestMethod("POST");
var8.setDoOutput(true);
var8.setDoInput(true);
var4 = new PrintWriter(var8.getOutputStream());
var4.print(var3);
var4.flush();
String var9;
for (var5 = new BufferedReader(new InputStreamReader(var8.getInputStream(), "UTF-8")); (var9 = var5.readLine()) != null; var6 = var6 + var9) {
;
}
} catch (Exception var18) {
var18.printStackTrace();
} finally {
try {
if (var4 != null) {
var4.close();
}
if (var5 != null) {
var5.close();
}
} catch (Exception var17) {
;
}
}
return var6;
}
public static String sendJsonPost(String var0, JSONObject var1, String var2) {
PrintWriter var3 = null;
BufferedReader var4 = null;
HttpURLConnection var5 = null;
String var6 = "";
try {
URL var7 = new URL(var0);
var5 = (HttpURLConnection) var7.openConnection();
var5.setRequestProperty("Content-Type", "application/json;charset=utf8");
// var5.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=utf8");
var5.setRequestProperty("accept", "*/*");
var5.setRequestProperty("connection", "Keep-Alive");
var5.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)");
var5.setRequestProperty("Accept-Charset", var2);
var5.setRequestMethod("POST");
var5.setDoOutput(true);
var5.setDoInput(true);
var3 = new PrintWriter(var5.getOutputStream());
var3.print(var1.toString());
var3.flush();
String var8;
for (var4 = new BufferedReader(new InputStreamReader(var5.getInputStream(), var2)); (var8 = var4.readLine()) != null; var6 = var6 + var8) {
;
}
} catch (Exception var17) {
var17.printStackTrace();
} finally {
try {
if (var3 != null) {
var3.close();
}
if (var4 != null) {
var4.close();
}
} catch (Exception var16) {
;
}
var5.disconnect();
}
System.out.println(var6);
return var6;
}
}

62
src/main/java/com/fr/plugin/IpUtils.java

@ -0,0 +1,62 @@
package com.fr.plugin;
import javax.servlet.http.HttpServletRequest;
public class IpUtils {
/**
* 将字符串形式IP地址127.0.0.1转换10234564321
*
* @param strIP
* @return
*/
public static long ip2Long(String strIP) {
long[] ip = new long[4];
// 先找到IP地址字符串中.的位置
int position1 = strIP.indexOf(".");
int position2 = strIP.indexOf(".", position1 + 1);
int position3 = strIP.indexOf(".", position2 + 1);
// 将每个.之间的字符串转换成整型
ip[0] = Long.parseLong(strIP.substring(0, position1));
ip[1] = Long.parseLong(strIP.substring(position1 + 1, position2));
ip[2] = Long.parseLong(strIP.substring(position2 + 1, position3));
ip[3] = Long.parseLong(strIP.substring(position3 + 1));
return (ip[0] << 24) + (ip[1] << 16) + (ip[2] << 8) + ip[3];
}
public static String getIp(HttpServletRequest request) {
String remoteIp = request.getRemoteAddr();
// 多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if (remoteIp != null && remoteIp.length() > 15) {
if (remoteIp.indexOf(",") > 0) {
remoteIp = remoteIp.substring(0, remoteIp.indexOf(","));
}
}
return remoteIp;
}
/**
* 将字符串形式IP地址转换long类型
* @param ip
* @return
*/
public static long getIp2long(String ip) {
ip = ip.trim();
String[] ips = ip.split("\\.");
long ip1 = Integer.parseInt(ips[0]);
long ip2 = Integer.parseInt(ips[1]);
long ip3 = Integer.parseInt(ips[2]);
long ip4 = Integer.parseInt(ips[3]);
return ip1 * 256 * 256 * 256 + ip2 * 256 * 256 + ip3 * 256 + ip4;
}
/**
* 判断一个ip地址是否在某个ip段范围内
* @param ip
* @param startIP
* @param endIP
* @return
*/
public static boolean ipExistsInRange(String ip, String startIP, String endIP) {
return (getIp2long(startIP)<=getIp2long(ip)) && (getIp2long(ip)<=getIp2long(endIP));
}
}

14
src/main/java/com/fr/plugin/JHHttpHander.java

@ -0,0 +1,14 @@
package com.fr.plugin;
import com.fr.decision.fun.HttpHandler;
import com.fr.decision.fun.impl.AbstractHttpHandlerProvider;
public class JHHttpHander extends AbstractHttpHandlerProvider {
private HttpHandler[] actions = new HttpHandler[]{new ChangeConfigHander() ,new ChangeDesignConfigHander(),new PostionImportgHander() };
@Override
public HttpHandler[] registerHandlers() {
return actions;
}
}

17
src/main/java/com/fr/plugin/JHUrlAliasProvider.java

@ -0,0 +1,17 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractURLAliasProvider;
import com.fr.decision.webservice.url.alias.URLAlias;
import com.fr.decision.webservice.url.alias.URLAliasFactory;
public class JHUrlAliasProvider extends AbstractURLAliasProvider {
@Override
public URLAlias[] registerAlias() {
return new URLAlias[]{
//第一个参数就是就是别名地址,第二个就是HttpHandler中设置的地址,第三个参数就是设置该请求是否公开(需要和对应的HttpHandler.isPublic方法返回一直,要不然会报错404),返回的是一个非通配
URLAliasFactory.createPluginAlias("/config/admin", "/change1", true),
URLAliasFactory.createPluginAlias("/config/import", "/depAndPosImport", true),
URLAliasFactory.createPluginAlias("/config/design", "/change2", true)
};
}
}

28
src/main/java/com/fr/plugin/JSONUtils.java

@ -0,0 +1,28 @@
package com.fr.plugin;
import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.StringWriter;
import java.io.Writer;
/**
* JSON序列化和反序列化相关操作类
*/
public class JSONUtils {
private static ObjectMapper objectMapper = new ObjectMapper();
public static String serialize(Object object) {
Writer write = new StringWriter();
try {
objectMapper.writeValue(write, object);
} catch (JsonGenerationException e) {
} catch (JsonMappingException e) {
} catch (IOException e) {
}
return write.toString();
}
}

794
src/main/java/com/fr/plugin/LastloginFilter.java

@ -0,0 +1,794 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.impl.user.type.UserProductType;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.general.IOUtils;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.plugin.util.LogUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.*;
import java.net.URLDecoder;
import java.util.*;
@FunctionRecorder(localeKey = "fr2")
public class LastloginFilter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "lastLogin";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/oookkkk"
};
}
@Override
public void init(FilterConfig filterConfig) {
FilterMeConfig.getInstance();
super.init(filterConfig);
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
String uri = request.getRequestURI();
String ip = com.fr.plugin.IpUtils.getIp(request);
String header = request.getHeader("X-Context");
// try {
// FineLoggerFactory.getLogger().info("Context:{}", URLDecoder.decode(header, "utf-8"));
// } catch (UnsupportedEncodingException e) {
// e.printStackTrace();
// }
// printCookies(request);
// FineLoggerFactory.getLogger().info("请求url:{}", WebUtils.getOriginalURL(request));
if (isRemoteDesignRequest(request) || isResourceFileRequest(request)) {
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
if (!ipblackCheck(ip)) {
writerOurError(httpServletResponse);
return;
}
if (request.getMethod().equalsIgnoreCase("GET")) {
if (StringUtils.isNotBlank(header)) {
XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
// wrapper.getParameterMap();
// String a = wrapper.getParameter("a");
// wrapper.getParameterNames();
// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
if (isLogin(wrapper)) {
// String usrNm = wrapper.getParameter("usrNm");
//从2021-01-29开始的需求, SLN-6585开始修改用户名使用userNo代替
String usrNo = wrapper.getParameter("usrNo");
String instNo = wrapper.getParameter("instNo");
String realUserName = usrNo + "_" + instNo;
// FineLoggerFactory.getLogger().info("登录信息:{}", realUserName);
User logindUser = null;
try {
logindUser = UserService.getInstance().getUserByRequestCookie(request);
UserService instance = UserService.getInstance();
// FineLoggerFactory.getLogger().info("当前登录的用户名称:{}", logindUser.getUserName());
//如果登录过并且不是管理员就判断是否是同一个用户
if (!instance.isAdmin(logindUser.getId())) {
//如果登录的用户和content的中不一致则切换登录用户
if (!ComparatorUtils.equals(logindUser.getUserName(), realUserName)) {
FineLoggerFactory.getLogger().info("当前登录的用户和xcontent的不一致,切换用户为:{}", realUserName);
tokenLogin(request, httpServletResponse);
} else {
//如果一致则判断角色是否变化
try {
FineLoggerFactory.getLogger().info("当前用户已经登录,进行权限适配:{}", realUserName);
dealCustomRole(wrapper, logindUser.getId());
} catch (Exception e) {
printException2FrLog(e);
}
}
}
} catch (Exception e) {
printException2FrLog(e);
}
} else {
FineLoggerFactory.getLogger().info("xc1当前未登录开始登录");
tokenLogin(request, httpServletResponse);
}
try {
filterChain.doFilter(wrapper, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
return;
}
}
try {
filterChain.doFilter(request, httpServletResponse);
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
}
}
// private void printCookies(HttpServletRequest request) {
// Cookie[] cookies = request.getCookies();
// if (null != cookies) {
// for (Cookie cookie : cookies) {
// FineLoggerFactory.getLogger().info("收到的cookies name {} value:{}", cookie.getName(), cookie.getValue());
// }
// }
// }
/**
* 判断是否是远程设计请求
*/
private boolean isRemoteDesignRequest(HttpServletRequest request) {
String pathInfo = request.getPathInfo();
return StringUtils.isNotEmpty(pathInfo) && pathInfo.startsWith("/remote/design");
}
private void adminLogin(HttpServletRequest request) {
}
/**
* 判断是否是资源文件请求
*/
private boolean isResourceFileRequest(HttpServletRequest request) {
String pathInfo = request.getPathInfo();
if (StringUtils.isEmpty(pathInfo)) {
return false;
}
return pathInfo.startsWith("/resources") || pathInfo.startsWith("/file");
}
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private static void login(HttpServletRequest req, HttpServletResponse res, String username) {
HttpSession session = req.getSession(true);
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
private boolean ipblackCheck(String ip) {
String[] blackIps = new String[]{};
try {
InputStream inputStream = ResourceIOUtils.read("/config-all/whitelist.properties");
if (inputStream != null) {
String lines = IOUtils.inputStream2String(inputStream);
blackIps = lines.split("\n");
}
} catch (IOException e) {
LogUtils.error(e.getMessage(), e);
}
if ("0:0:0:0:0:0:0:1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv6 地址: {},直接放行。", ip);
return true;
}
if ("127.0.0.1".equals(ip)) {
// LogUtils.info("IP 地址为服务器本机 IPv4 地址: {},直接放行。", ip);
return true;
}
for (String blackIp : blackIps) {
if (!blackIp.contains("-")) {
if (ip.equals(blackIp)) {
return true;
}
} else {
String trim = blackIp.trim();
String[] split = trim.split("-");
if (split.length > 1) {
if (com.fr.plugin.IpUtils.ipExistsInRange(ip, split[0], split[1])) {
return true;
}
}
}
}
return false;
}
private void writerOurError(HttpServletResponse httpServletResponse) {
try {
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
} catch (IOException e) {
e.printStackTrace();
}
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
// public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
// String uri = request.getRequestURI();
// String ip = IpUtils.getIp(request);
// if (!ipblackCheck(ip)) {
// writerOurError(httpServletResponse);
// return;
// }
// if (request.getMethod().equalsIgnoreCase("GET")) {
// String header = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(header)) {
// XContentRequestWrapper wrapper = new XContentRequestWrapper(request);
//// String a = wrapper.getParameter("a");
//// FineLoggerFactory.getLogger().error("获取的A :{} ", a);
// if (isLogin(wrapper)) {
// String usrNm = wrapper.getParameter("usrNm");
// String userNameFromRequest = LoginService.getInstance().getUserNameFromRequestCookie(request);
// //如果登录的用户和content的中不一致则切换登录用户
// if (!ComparatorUtils.equals(userNameFromRequest, usrNm)) {
// tokenLogin(request, httpServletResponse);
// }
// } else {
// tokenLogin(request, httpServletResponse);
// return;
// }
//
// String loginUrl = request.getContextPath() + request.getServletPath() + "/login";
// String home = request.getContextPath() + request.getServletPath() + "?sendTwo=true";
// if (loginUrl.equals(uri)) {
// String manualOut = request.getParameter("manual");
// if (!ComparatorUtils.equals(manualOut, "true")) {
//// String header = request.getHeader("X-Context");
// if (StringUtils.isNotBlank(header) && !isLogin(request)) {
// tokenLogin(request, httpServletResponse);
// sendRedirect(httpServletResponse, home);
// }
// }
// }
// }
// }
// return;
// }
public static void tokenLogin(HttpServletRequest req, HttpServletResponse res) {
String header = req.getHeader("X-Context");
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("xf拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
JSONArray rlNoList = entries.getJSONArray("rlNoList");
int size = rlNoList.size();
List<String> adminFlags = getAdminFlagsRolList();
boolean isAdmin = false;
for (int i = 0; i < size; i++) {
String adminPost = rlNoList.getString(i);
if (isAdminFlags(adminPost, adminFlags)) {
FineLoggerFactory.getLogger().info("本次使用rlNoList管理员登录 ");
isAdmin = true;
break;
}
}
List<String> adminFlagsNmList = getAdminFlagsNmList();
String usrNm = entries.getString("usrNm");
for (String adminName : adminFlagsNmList) {
if (StringUtils.equals(adminName, usrNm)) {
FineLoggerFactory.getLogger().info("本次使用usrNm管理员登录 ");
isAdmin = true;
break;
}
}
if (isAdmin) {
FineLoggerFactory.getLogger().info("本次为管理员登录 ");
login(req, res, "admin");
return;
}
// String usrNm = entries.getString("usrNm");
//从 SLN-6585开始usrNm更新成userNo
//如果usrNo的用户名存在则把这个用户的userName改成realUserName
String usrNo = entries.getString("usrNo");
String instNo = entries.getString("instNo");//部门id
String realUserName = usrNo + "_" + instNo;//更改后的用户名
String fullName = entries.getString("fullName");
String alias = fullName + "(" + realUserName + ")";
try {
User user = UserService.getInstance().getUserByUserName(usrNo);
UserController userController = AuthorityContext.getInstance().getUserController();
if (user == null) {
//如果usrNo的用户不存在则检查realUserName的用户是否存在
user = UserService.getInstance().getUserByUserName(realUserName);
if (user == null) {
// FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
}
// FineLoggerFactory.getLogger().info(" 拦截的用户更新:{}", fullName);
user.setRealName(fullName);
user.setUserName(realUserName);
try {
userController.update(user);
} catch (Exception e) {
}
String userId = user.getId();
dealCustomRole(req, userId);
// CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
// List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
login(req, res, realUserName);
} catch (Exception e) {
e.printStackTrace();
}
}
private static List<String> getUserRlNoListAnalyseFlags() {
String adminFlags = FilterMeConfig.getInstance().getAnalyseRlNoListFlags();
FineLoggerFactory.getLogger().info("本地分析角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getUserProcessFlags() {
String adminFlags = FilterMeConfig.getInstance().getDisposeRlNoListFlags();
FineLoggerFactory.getLogger().info("本地数据处理角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getAnalyseFlagsNmList() {
String adminFlags = FilterMeConfig.getInstance().getAnalyseDesignFlags();
FineLoggerFactory.getLogger().info("本地analyseNm角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getProcessFlagsNmList() {
String adminFlags = FilterMeConfig.getInstance().getDisposeUsrNmFlags();
FineLoggerFactory.getLogger().info("本地analyseNm角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static void dealUserBiProductType(List<String> list, String userName, String userId, int uProductType) {
boolean isDesignUser = false;
UserController userController = AuthorityContext.getInstance().getUserController();
if (!list.isEmpty()) {
for (String nm : list) {
if (StringUtils.equals(nm, userName)) {
isDesignUser = true;
break;
}
}
}
try {
UserProductType userProductType = UserProductType.fromInteger(uProductType);//数据处理用户
if (isDesignUser) {
userController.addUserProductType(userId, userProductType.transProductKey());
} else {
userController.removeUserProductType(userId, userProductType.transProductKey());
}
} catch (Exception e) {
}
}
private static void dealUserBiProductType(List<String> usrNmList, List<String> rolesLists, JSONArray rlNoList, String userId, String usrNm, int uProductType) {
boolean isDesignUser = false;
UserController userController = AuthorityContext.getInstance().getUserController();
FineLoggerFactory.getLogger().info("远程rolist:{} 本地:{}", rlNoList, rolesLists);
if (!rolesLists.isEmpty()) {
for (int i = 0; i < rlNoList.size(); i++) {
String name = rlNoList.getString(i);
for (String designFlag : rolesLists) {
if (StringUtils.equals(designFlag, name)) {
isDesignUser = true;
break;
}
}
}
}
FineLoggerFactory.getLogger().info("通过rolList判断是否为对应用户:{}", isDesignUser);
if (!isDesignUser) {
for (String name : usrNmList) {
if (StringUtils.equals(name, usrNm)) {
isDesignUser = true;
break;
}
}
}
FineLoggerFactory.getLogger().info("通过usrNm判断是否为对应用户:{}", isDesignUser);
try {
UserProductType userProductType = UserProductType.fromInteger(uProductType);//数据处理用户
if (isDesignUser) {
userController.addUserProductType(userId, userProductType.transProductKey());
} else {
userController.removeUserProductType(userId, userProductType.transProductKey());
}
} catch (Exception e) {
FineLoggerFactory.getLogger().error("添加执行权限失败:", e);
printException2FrLog(e);
}
}
private interface BIProductType {
int BIDataMiningProductType = 7;
int BIDataAnalysisProductType = 5;
int BIDataProcessProductType = 6;
int BIDesignProductType = 3;
int BIViewProductType = 2;
int DefaultUserProductType = 0;
int DecisionUserProductType = 1;
int MobileUserProductType = 4;
}
private static void dealCustomRole(HttpServletRequest req, String userId) throws Exception {
UserController userController = AuthorityContext.getInstance().getUserController();
Boolean needflush = FilterMeConfig.getInstance().getNeedflush();
String header = req.getHeader("X-Context");
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("开始同步角色信息x-content :{}", header);
JSONObject entries = new JSONObject(header);
List<String> remoteRoles = new ArrayList<>();
String pstNo = entries.getString("pstNo");//角色id
String pstNm = entries.getString("pstNm");//角色名称
String usrNm = entries.getString("usrNm");//用户名
String realRoleName = pstNm + "(" + pstNo + ")";
if (StringUtils.isNotBlank(pstNo)) {
//先判断传过来的的角色是不是本地都有,没有要加上
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (controllerOne.isEmpty()) {
CustomRole addRole = new CustomRole();
addRole.setId(pstNo);
addRole.setName(realRoleName);
if (StringUtils.isBlank(pstNm)) {
addRole.setName(realRoleName);
}
addRole.setAlias(pstNo);
addRole.setEnable(true);
addRole.setDescription("通过xcontent添加");
try {
customRoleController.add(addRole);
} catch (Exception e) {
}
} else {
try {
// FineLoggerFactory.getLogger().info("传送过来的角色已存在开始更新,添加关联用户:{}", pstNo, userId);
CustomRole customRole = controllerOne.get(0);
customRole.setName(realRoleName);
if (StringUtils.isBlank(pstNm)) {
customRole.setName(realRoleName);
}
customRole.setAlias(pstNo);
customRole.setEnable(true);
customRole.setDescription("通过xcontent添加");
customRoleController.update(customRole);
} catch (Exception e) {
}
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", pstNo);
}
//在判断本地的角色是不是远程没有了,要移除掉
List<CustomRole> thatUserAllRole = customRoleController.findByUser(userId, QueryFactory.create());
if (needflush) {
List<CustomRole> roles = thatUserAllRole;
for (CustomRole customRole : roles) {
if ("superusers".equals((customRole.getName()))) {
continue;
}
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
try {
boolean needAdd = false;
for (CustomRole customRole : thatUserAllRole) {
if (StringUtils.equals(customRole.getId(), pstNo)) {
needAdd = true;
break;
}
}
if (!needAdd) {
userController.addUserToCustomRole(userId, pstNo);
}
} catch (Exception e) {
}
}
JSONArray rlNoList = entries.getJSONArray("rlNoList");//角色列表
remoteRoles.add(pstNo);
try {
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
String instNm = entries.getString("instNm");
String instNo = entries.getString("instNo");//部门id
String pInstNo = entries.getString("pInstNo");//父级部门id
if (StringUtils.isNotBlank(instNo)) {
//移除原来的部门
if (needflush) {
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create());
for (Department department : departmentList) {
userController.removeUserFromDepartment(userId, department.getId());
}
}
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
if (department == null) {
department = new Department();
department.setName(instNm + "(" + instNo + ")");
if (StringUtils.isNotBlank(instNm)) {
department.setName(instNo);
}
department.setId(instNo);
department.setEnable(true);
if (StringUtils.isNotBlank(pInstNo)) {
department.setParentId(pInstNo);
}
department.description("通过x-content创建");
departmentController.add(department);
// FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
} else {
if (StringUtils.isNotBlank(instNm)) {
department.setName(instNm + "(" + instNo + ")");
FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
if (StringUtils.isNotBlank(pInstNo)) {
department.setParentId(pInstNo);
FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}更新父级id:{}", department.getId(), department.getName(), pInstNo);
}
department.setEnable(true);
departmentController.update(department);
}
}
PostController postController = AuthorityContext.getInstance().getPostController();
List<Post> byUser = postController.findByUser(userId, QueryFactory.create());
//移除原来职位
if (needflush) {
for (Post post : byUser) {
List<Department> byPost = departmentController.findByPost(post.getId(), QueryFactory.create());
for (Department department1 : byPost) {
// FineLoggerFactory.getLogger().info("---->>>>移除用户职位 职位id {} 部门id{}", post.getId(), department1.getId());
try {
userController.removeUserFromDepartmentAndPost(userId, department1.getId(), post.getId());
// FineLoggerFactory.getLogger().info("^^^^^^移除用户职位成功 职位id {} 部门id{}", post.getId(), department1.getId());
} catch (Exception e) {
// FineLoggerFactory.getLogger().info("vvvvvv移除用户职位失败 职位id {} 部门id{}", post.getId(), department1.getId());
}
}
}
}
if (StringUtils.isNotBlank(pstNo)) {
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (post == null) {
post = new Post();
post.setId(pstNo);
if (StringUtils.isNotBlank(pstNm)) {
post.setName(pstNm + "(" + pstNo + ")");
} else {
post.setName(pstNo);
}
post.setEnable(true);
postController.add(post);
FineLoggerFactory.getLogger().info("新增职位,post: {}: name {}", post.getId(), post.getName());
} else {
if (StringUtils.isNotBlank(pstNm)) {
post.setName(pstNm + "(" + pstNo + ")");
} else {
post.setName(pstNo);
}
post.setEnable(true);
postController.update(post);
FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
}
try {
List<Post> byDepartment = postController.findByDepartment(instNo, QueryFactory.create());
boolean needAddMe = false;
for (Post me : byDepartment) {
if (StringUtils.equals(me.getId(), pstNo)) {
needAddMe = true;
break;
}
}
if (!needAddMe) {
postController.addPostToDepartment(pstNo, instNo);
FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
}
} catch (Exception e) {
}
try {
// FineLoggerFactory.getLogger().info("添加用户到职位 到部门,post: {}: dep {},userId:{} ", pstNo, instNo, realRoleName);
userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
} catch (Exception e) {
}
}
List<String> analyseFlagsRolList = getUserRlNoListAnalyseFlags();
List<String> analyseFlagsNmList = getAnalyseFlagsNmList();
dealUserBiProductType(analyseFlagsNmList, analyseFlagsRolList, rlNoList, userId, usrNm, BIProductType.BIDataAnalysisProductType);
List<String> processFlagsRolist = getUserProcessFlags();
List<String> processFlagsNmList = getProcessFlagsNmList();
dealUserBiProductType(processFlagsNmList, processFlagsRolist, rlNoList, userId, usrNm, BIProductType.BIDataProcessProductType);
} catch (Exception e) {
printException2FrLog(e);
}
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private static List<String> getAdminFlagsRolList() {
String adminFlags = FilterMeConfig.getInstance().getAdminFlags();
FineLoggerFactory.getLogger().info("本地role管理员角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
private static List<String> getAdminFlagsNmList() {
String adminFlags = FilterMeConfig.getInstance().getAdminFlagsNm();
FineLoggerFactory.getLogger().info("本地管理员Nm角色获取:{}", adminFlags);
if (StringUtils.isNotBlank(adminFlags)) {
String[] split = adminFlags.split(";");
return Arrays.asList(split);
}
return Collections.emptyList();
}
//
// private static List<String> getDesignFlags() {
// //这里要调整
// String adminFlags = FilterMeConfig.getInstance().getAdminFlagsNm();
// FineLoggerFactory.getLogger().info("本地设计角色获取:{}", adminFlags);
// if (StringUtils.isNotBlank(adminFlags)) {
// String[] split = adminFlags.split(";");
// return Arrays.asList(split);
// }
// return Collections.emptyList();
// }
private String getUrl(HttpServletRequest request) {
String url = "/";
try {
url = "http://" + request.getServerName()//服务器地址
+ ":"
+ request.getServerPort() + request.getRequestURI();
Enumeration<String> parameterNames = request.getParameterNames();
Map<String, String> reqParams = new HashMap<>();
while (parameterNames.hasMoreElements()) {
String key = parameterNames.nextElement();
reqParams.put(key, request.getParameter(key));
}
Map<String, String> parmas = header2url(request);
reqParams.putAll(parmas);
String header2url = map2String(reqParams);
// FineLoggerFactory.getLogger().info("转换之后的url参数:{}", header2url);
if (url.contains("?")) {
url += header2url;
} else {
url += "?a=1" + header2url;
}
} catch (Exception e) {
e.printStackTrace();
}
url += "&sendTwo=true";
return url;
}
private Map<String, String> header2url(HttpServletRequest request) {
Map<String, String> params = new HashMap<>();
String context = request.getHeader("X-Context");
if (StringUtils.isNotBlank(context)) {
try {
context = URLDecoder.decode(context, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
JSONObject jsonObject = new JSONObject(context);
String userNo = jsonObject.getString("usrNo");
String userNm = jsonObject.getString("usrNm");
String pstNo = jsonObject.getString("pstNo");
String instNo = jsonObject.getString("instNo");
String accInstNo = jsonObject.getString("accInstNo");
String admnInstNo = jsonObject.getString("admnInstNo");
params.put("usrNo", userNo);
params.put("usrNm", userNm);
params.put("pstNo", pstNo);
params.put("instNo", instNo);
params.put("accInstNo", accInstNo);
params.put("admnInstNo", admnInstNo);
}
params.put("sendTwo", "true");
return params;
}
private String map2String(Map<String, String> params) {
StringBuffer buffer = new StringBuffer();
Set<String> strings = params.keySet();
for (String key : strings) {
buffer.append("&").append(key).append("=").append(params.get(key));
}
return buffer.toString();
}
}

150
src/main/java/com/fr/plugin/LoginFilter.java

@ -0,0 +1,150 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.*;
/**
* 废弃
*/
public class LoginFilter extends AbstractEmbedRequestFilterProvider {
private boolean isLogin(HttpServletRequest req){
return LoginService.getInstance().isLogged(req);
}
@Override
public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
String header = req.getHeader("X-Context");
if (StringUtils.isNotBlank(header) && !isLogin(req)) {
try {
header = URLDecoder.decode(header, "UTF-8");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
FineLoggerFactory.getLogger().info("拦截器捕获一个请求 x-content :{}", header);
JSONObject entries = new JSONObject(header);
String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
try {
User user = UserService.getInstance().getUserByUserName(usrNm);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 :{}", usrNm);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(usrNm).realName(usrNm).password(passwordValidator.encode(usrNm, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
String userId = user.getId();
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
List<String> localRoles = new ArrayList<>();
boolean isAdminRoleFlag = false;
List<String> adminFlags = getAdminFlags();
for (CustomRole role : roles) {
String name = role.getName();
localRoles.add(name);
if(isAdminFlags(name,adminFlags)){
isAdminRoleFlag = true;
}
}
List<String> remoteRoles = new ArrayList<>();
try {
int size = rlNoList.size();
for (int i = 0; i < size; i++) {
String name = rlNoList.getString(i);
remoteRoles.add(name);
}
//先判断传过来的的角色是不是本地都有,没有要加上
for (String role : remoteRoles) {
if (!localRoles.contains(role)) {
userController.addUserToCustomRole(userId, role);
}
}
//在判断本地的角色是不是远程没有了,要移除掉
for (String localRole : localRoles) {
if (!remoteRoles.contains(localRole)) {
userController.removeUserFromCustomRole(userId, localRole);
}
}
} catch (Exception e) {
e.printStackTrace();
}
//如果是管理员标志就直接登录admin账号
if(isAdminRoleFlag){
login(req, res, "admin");
}else {
login(req, res, usrNm);
}
String home = req.getContextPath() + req.getServletPath();
sendRedirect(res, home);
return;
} catch (Exception e) {
e.printStackTrace();
}
}
return;
}
private static boolean isAdminFlags(String flag,List<String> flags){
return flags.contains(flag);
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
FineLoggerFactory.getLogger().error("login success");
}
}

25
src/main/java/com/fr/plugin/LoginOutEventProvider.java

@ -0,0 +1,25 @@
package com.fr.plugin;
import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
import com.fr.decision.webservice.login.LogInOutResultInfo;
import com.fr.decision.webservice.v10.user.UserService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
public class LoginOutEventProvider extends AbstractLogInOutEventProvider {
@Override
public String logoutAction(LogInOutResultInfo result) {
HttpServletRequest request = result.getRequest();
HttpSession session = request.getSession();
if (session != null) {
session.removeAttribute("fine_auth_token");
}
String servletPath = request.getServletPath();
String contextPath = request.getContextPath();
String url = contextPath + servletPath + "/login?manual=true";
return url;
}
}

139
src/main/java/com/fr/plugin/PostionImportgHander.java

@ -0,0 +1,139 @@
package com.fr.plugin;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.third.org.apache.commons.io.IOUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class PostionImportgHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return RequestMethod.POST;
}
@Override
public String getPath() {
return "/depAndPosImport";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
// 传入的json格式
/**
* [
* {
* "fInstNo": "", //父级id
* "instNo": "A01",
* "instNm": "部门一",
* "pstNo": "X1",
* "pstNm": "职务一"
* }
* ]
*/
String body = IOUtils.toString(req.getReader());
FineLoggerFactory.getLogger().info("批量添加部门信息接口收到:{}", body);
try {
JSONArray jsonArray = new JSONArray(body);
int length = jsonArray.length();
for (int i = 0; i < length; i++) {
JSONObject jsonObject = jsonArray.getJSONObject(i);
String fInstNo = jsonObject.getString("fInstNo");
String instNo = jsonObject.getString("instNo");//部门id
String instNm = jsonObject.getString("instNm");//部门名称
String pstNo = jsonObject.getString("pstNo");//职务编号
String pstNm = jsonObject.getString("pstNm");//职务名
saveDep(fInstNo, instNo, instNm);
savePosition(instNo, pstNo, pstNm);
}
} catch (Exception e) {
WebUtils.printAsString(res, "json format error");
}
WebUtils.printAsString(res, "success");
}
public static void savePosition(String did, String pid, String name) {
PostController postController = AuthorityContext.getInstance().getPostController();
Post post;
try {
post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
if (post == null) {
post = new Post();
post.setId(pid);
post.setName(name + "(" + pid + ")");
post.setEnable(true);
postController.add(post);
FineLoggerFactory.getLogger().info("从接口新增职位,post: {}: name {}", post.getId(), post.getName());
} else {
post.setName(name + "(" + pid + ")");
post.setEnable(true);
postController.update(post);
FineLoggerFactory.getLogger().info("已存在职位,post: {}: name {}", post.getId(), post.getName());
}
postController.addPostToDepartment(pid, did);
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
CustomRole customRole = customRoleController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pid)));
if (customRole == null) {
customRole = new CustomRole();
customRole.id(pid).name(name + "(" + pid + ")").enable(true);
customRoleController.add(customRole);
FineLoggerFactory.getLogger().info("从接口新增角色,id: {}: name {}", customRole.getId(), customRole.getName());
} else {
customRole.name(name + "(" + pid + ")").enable(true);
customRoleController.update(customRole);
FineLoggerFactory.getLogger().info("已存在角色,id: {}: name {}", customRole.getId(), customRole.getName());
}
} catch (Exception e) {
FineLoggerFactory.getLogger().info("添加职位异常: 职位id :{} 部门id:{}: name {}", pid, did, name);
}
}
public static void saveDep(String pid, String id, String name) {
try {
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", id)));
if (StringUtils.isBlank(pid)) {
pid = null;
}
if (department == null) {
department = new Department();
department.setName(name + "(" + id + ")");
department.setId(id);
department.setParentId(pid);
department.setEnable(true);
department.description("通过x-content创建");
departmentController.add(department);
FineLoggerFactory.getLogger().info("新增部门,dep: {}: name {}", department.getId(), department.getName());
} else {
department.setName(name + "(" + id + ")");
department.setParentId(pid);
department.setEnable(true);
departmentController.update(department);
FineLoggerFactory.getLogger().info("已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
} catch (Exception e) {
FineLoggerFactory.getLogger().error("添加部门:{} 异常", id, e);
}
}
}

405
src/main/java/com/fr/plugin/RemoteFilter.java

@ -0,0 +1,405 @@
package com.fr.plugin;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.controller.CustomRoleController;
import com.fr.decision.authority.controller.DepartmentController;
import com.fr.decision.authority.controller.PostController;
import com.fr.decision.authority.controller.UserController;
import com.fr.decision.authority.data.CustomRole;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.impl.user.type.UserProductType;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.exception.RemoteDesignPermissionDeniedException;
import com.fr.io.utils.ResourceIOUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.restriction.RestrictionFactory;
import com.fr.web.service.RemoteDesignAuthorityDataService;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.*;
public class RemoteFilter extends AbstractEmbedRequestFilterProvider {
@Override
public void init(FilterConfig filterConfig) {
FineLoggerFactory.getLogger().info("RemoteFilter 拦截器启动");
FilterMeConfig instance = FilterMeConfig.getInstance();
}
@Override
public void filter(HttpServletRequest request, HttpServletResponse httpServletResponse) throws IOException, ServletException {
String uri = request.getRequestURI();
if (uri != null && uri.contains("remote/design/token") && request.getMethod().equalsIgnoreCase("GET")) {
FineLoggerFactory.getLogger().info("拦截器捕获一个请求,design/token {}", uri);
String username = NetworkHelper.getHTTPRequestParameter(request, "username");
String password = NetworkHelper.getHTTPRequestParameter(request, "password");
try {
FineLoggerFactory.getLogger().info("登录的用户名{} 密码:{}", username, password);
JSONObject apilogin = apilogin(username, password);
if (apilogin != null) {
String remoteToken = tokenLogin(apilogin);
FineLoggerFactory.getLogger().info("响应的token: {} ", remoteToken);
if (StringUtils.isNotBlank(remoteToken)) {
WebUtils.printAsString(httpServletResponse, com.fr.plugin.JSONUtils.serialize(Response.ok(remoteToken)));
return;
}
FineLoggerFactory.getLogger().info("登录异常{}", remoteToken);
} else {
renderError(httpServletResponse, "21300007", "User password error!");
}
} catch (Exception e) {
printException2Frlog(e);
if (e instanceof RemoteDesignPermissionDeniedException) {
renderError(httpServletResponse, "31300101", "Fine-Engine_Remote_Design_Permission_Denied");
}
}
}
return;
}
private List<String> getAdminFlags() {
InputStream inputStream = ResourceIOUtils.read("/config-all/adminflag.properties");
if (inputStream != null) {
Properties properties = new Properties();
try {
properties.load(inputStream);
String adminflag = properties.getProperty("adminflag");
if (StringUtils.isNotBlank(adminflag)) {
String[] split = adminflag.split(",");
return Arrays.asList(split);
}
} catch (IOException e) {
e.printStackTrace();
}
}
return Collections.emptyList();
}
private static boolean isAdminFlags(String flag, List<String> flags) {
return flags.contains(flag);
}
private String tokenLogin(JSONObject jsonObject) {
JSONObject entries = jsonObject.getJSONObject("data");
// String usrNm = entries.getString("usrNm");
JSONArray rlNoList = entries.getJSONArray("rlNoList");
int size = rlNoList.size();
List<String> adminFlags = getAdminFlags();
boolean isAdmin = false;
for (int i = 0; i < size; i++) {
String adminPost = rlNoList.getString(i);
if (isAdminFlags(adminPost, adminFlags)) {
isAdmin = true;
break;
}
}
if (isAdmin) {
FineLoggerFactory.getLogger().info("remote 本次为管理员登录 ");
try {
return getRemoteToken("admin");
} catch (Exception e) {
printException2Frlog(e);
}
}
String usrNo = entries.getString("usrNo");
String instNo = entries.getString("instNo");//部门id
String realUserName = usrNo + "_" + instNo;//更改后的用户名
String fullName = entries.getString("fullName");
String alias = fullName + "(" + realUserName + ")";
try {
User user = UserService.getInstance().getUserByUserName(realUserName);
UserController userController = AuthorityContext.getInstance().getUserController();
CustomRoleController customRoleController = AuthorityContext.getInstance().getCustomRoleController();
if (user == null) {
FineLoggerFactory.getLogger().info("设计器拦截 拦截器新增一个用户 :{}", usrNo);
//如果usrNo的用户不存在则检查realUserName的用户是否存在
user = UserService.getInstance().getUserByUserName(realUserName);
if (user == null) {
FineLoggerFactory.getLogger().info("拦截器新增一个用户 用户名称 :{}", realUserName);
PasswordValidator passwordValidator = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
user = (new User()).userName(realUserName).userAlias(alias).realName(fullName).password(passwordValidator.encode(realUserName, UUID.randomUUID().toString()))
.creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
userController.add(user);
}
}
String userId = user.getId();
// List<String> adminFlags = getAdminFlags();
FineLoggerFactory.getLogger().info(" 设计器拦截 当前的管理员标识符 :{}", adminFlags);
List<String> remoteRoles = new ArrayList<>();
String pstNo = entries.getString("pstNo");//角色id
String pstNm = entries.getString("pstNm");//角色名称
String realRoleName = pstNm + "(" + pstNo + ")";
remoteRoles.add(pstNo);
//先判断传过来的的角色是不是本地都有,没有要加上
List<CustomRole> controllerOne = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", pstNo)));
if (!controllerOne.isEmpty()) {
try {
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地已存在,添加到用户{} 到角色:{}", userId, pstNo);
CustomRole customRole = controllerOne.get(0);
customRole.setName(realRoleName);
customRole.setAlias(pstNo);
customRole.setEnable(true);
customRole.setDescription("通过xcontent添加");
customRoleController.update(customRole);
userController.addUserToCustomRole(userId, customRole.getId());
} catch (Exception e) {
}
} else {
FineLoggerFactory.getLogger().info(" 设计器拦截 传送过来的角色在本地不存在,添加到本地:{}", pstNo);
CustomRole addRole = new CustomRole();
addRole.setId(pstNo);
addRole.setName(realRoleName);
addRole.setAlias(pstNo);
addRole.setEnable(true);
addRole.setDescription("通过xcontent添加");
try {
customRoleController.add(addRole);
userController.addUserToCustomRole(userId, addRole.getId());
} catch (Exception e) {
}
}
//在判断本地的角色是不是远程没有了,要移除掉
List<CustomRole> roles = customRoleController.findByUser(userId, QueryFactory.create());
for (CustomRole customRole : roles) {
if (!remoteRoles.contains(customRole.getId())) {
if ("superusers".equals((customRole.getName()))) {
continue;
}
FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getName());
userController.removeUserFromCustomRole(userId, customRole.getId());
}
}
DepartmentController departmentController = AuthorityContext.getInstance().getDepartmentController();
//移除原来的部门
List<Department> departmentList = departmentController.findByUser(userId, QueryFactory.create());
for (Department department : departmentList) {
userController.removeUserFromDepartment(userId, department.getId());
}
String instNm = entries.getString("instNm");
Department department = departmentController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", instNo)));
if (department == null) {
FineLoggerFactory.getLogger().info("添加 部门,dep: {}: name {}", instNo, instNo, instNm + "(" + pstNo + "" + ")");
department = new Department();
department.setName(instNm + "(" + pstNo + ")");
department.setId(instNo);
department.setEnable(true);
department.description("通过x-content创建");
departmentController.add(department);
} else {
department.setName(instNm + "(" + pstNo + ")");
department.setParentId(null);
department.setEnable(true);
departmentController.update(department);
FineLoggerFactory.getLogger().info("设计器节点 已存在部门,dep: {}: name {}", department.getId(), department.getName());
}
PostController postController = AuthorityContext.getInstance().getPostController();
List<Post> byUser = postController.findByUser(userId, QueryFactory.create());
//移除原来职位
for (Post post : byUser) {
userController.removeUserFromPost(userId, post.getId());
}
Post post = postController.findOne(QueryFactory.create().addRestriction(RestrictionFactory.eq("id", pstNo)));
if (post == null) {
post = new Post();
post.setId(pstNo);
post.setName(pstNm + "(" + pstNo + ")");
post.setEnable(true);
postController.add(post);
} else {
post.setName(pstNm + "(" + pstNo + ")");
post.setEnable(true);
postController.update(post);
}
try {
FineLoggerFactory.getLogger().info("添加职位到部门,post: {}: dep {}", pstNo, instNo);
postController.addPostToDepartment(pstNo, instNo);
} catch (Exception e) {
}
try {
FineLoggerFactory.getLogger().info("添加用户到部门,post: {}: dep {} ,userId:{}", pstNo, instNo, userId);
userController.addUserToDepartmentAndPost(userId, instNo, pstNo);
} catch (Exception e) {
}
// try {
// int size = rlNoList.size();
// for (int i = 0; i < size; i++) {
// String name = rlNoList.getString(i);
// remoteRoles.add(name);
// FineLoggerFactory.getLogger().info("传送过来的角色:{}", name);
// if (isAdminFlags(name, adminFlags)) {
// isAdminRoleFlag = true;
// }
// }
// //先判断传过来的的角色是不是本地都有,没有要加上
// for (String role : remoteRoles) {
// boolean find = false;
// for (CustomRole customRole : roles) {
// if (ComparatorUtils.equals(customRole.getName(), role)) {
// find = true;
// }
// }
// if (!find) {
// FineLoggerFactory.getLogger().info("传送过来的角色在本地不存在,添加到本地:{}", role);
// CustomRole addRole = new CustomRole();
// addRole.setName(role);
// addRole.setAlias(role);
// addRole.setId(UUID.randomUUID().toString());
// addRole.setDescription("通过xcontent添加");
// customRoleController.add(addRole);
// userController.addUserToCustomRole(userId, addRole.getId());
//// List<CustomRole> roleList = customRoleController.find(QueryFactory.create().addRestriction(RestrictionFactory.eq("name", role)));
//// FineLoggerFactory.getLogger().info("通过角色名称{} 查询出来的本地角色:{}", role, roleList.size());
//// for (CustomRole customRole : roleList) {
//// FineLoggerFactory.getLogger().info("给用户新增角色:{}", customRole.getId());
////
//// }
// }
// }
// //在判断本地的角色是不是远程没有了,要移除掉
// for (CustomRole customRole : roles) {
// if (!remoteRoles.contains(customRole.getName())) {
// FineLoggerFactory.getLogger().info("远端没有的角色本地移除:{}", customRole.getId());
// userController.removeUserFromCustomRole(userId, customRole.getId());
// }
// }
// } catch (Exception e) {
// printException2Frlog(e);
// }
//如果是管理员标志就直接登录admin账号
//在判断本地的角色是不是远程没有了,要移除掉
// boolean isAdmin = false;
// if (!adminFlags.isEmpty()) {
// for (CustomRole role : roles) {
// String name = role.getName();
// if (isAdminFlags(name, adminFlags)) {
// isAdmin = true;
// break;
// }
// }
// }
boolean isDesignUser = false;
// List<String> designFlags = getDesignFlags();
// if (!designFlags.isEmpty()) {
// for (CustomRole role : roles) {
// String name = role.getName();
// //如果是有
// if (isAdminFlags(name, designFlags)) {
// isDesignUser = true;
// break;
// }
// }
// }
// try {
// UserProductType userProductType = UserProductType.fromInteger(6);//数据处理用户
// if (isDesignUser) {
// userController.addUserProductType(userId, userProductType.transProductKey());
// } else {
// userController.removeUserProductType(userId, userProductType.transProductKey());
// }
// } catch (Exception e) {
// }
// if (isAdmin) {
// FineLoggerFactory.getLogger().info("设计器拦截 本次为管理员登录");
// return getRemoteToken("admin");
// } else {
FineLoggerFactory.getLogger().info("设计器拦截 本次为普通用户登录:{}", realUserName);
return getRemoteToken(realUserName);
// }
} catch (Exception e) {
e.printStackTrace();
}
return "";
}
//
// private static List<String> getDesignFlags() {
// String adminFlags = FilterMeConfig.getInstance().getDesignFlags();
// FineLoggerFactory.getLogger().info("remote本地设计角色获取:{}", adminFlags);
// if (StringUtils.isNotBlank(adminFlags)) {
// String[] split = adminFlags.split(";");
// return Arrays.asList(split);
// }
// return Collections.emptyList();
// }
private void renderError(HttpServletResponse httpServletResponse, String code, String msg) {
try {
WebUtils.printAsString(httpServletResponse, JSONUtils.serialize(Response.error(code, msg)));
} catch (Exception e) {
e.printStackTrace();
}
}
private JSONObject apilogin(String username, String pwd) throws Exception {
String baseUrl = getBaseUrl();
if (StringUtils.isBlank(baseUrl)) {
throw new Exception("未配置接口地址");
}
String api = getBaseUrl() + "check/pwd/finebi";
FineLoggerFactory.getLogger().info("remote访问的接口地址为 {}", api);
JSONObject parm = new JSONObject();
parm.put("userName", username);
parm.put("verifyCode", pwd);
String resp = HttpApi.sendJsonPost(api, parm, "UTF-8");
FineLoggerFactory.getLogger().info("接口响应 {}", resp);
JSONObject jsonObject = new JSONObject(resp);
return jsonObject;
}
public String getRemoteToken(String var1) throws Exception {
User var4 = UserService.getInstance().getUserByUserName(var1);
if (var4 != null && RemoteDesignAuthorityDataService.getInstance().hasAuthority(var4.getId())) {
return JwtUtils.createDefaultJWT(var1);
} else {
throw new RemoteDesignPermissionDeniedException();
}
}
private String getBaseUrl() {
FilterMeConfig instance = FilterMeConfig.getInstance();
String baseUrl = instance.getBaseUrl();
if (StringUtils.isNotBlank(baseUrl)) {
String[] split = baseUrl.split(";");
List<String> strings = Arrays.asList(split);
Collections.shuffle(strings);
return strings.get(0);
}
return "";
}
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
}

128
src/main/java/com/fr/plugin/RequestWrapper.java

@ -0,0 +1,128 @@
package com.fr.plugin;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.*;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
/**
* @author 01
* @program wrapper-demo
* @description 包装HttpServletRequest目的是让其输入流可重复读
* @create 2018-12-24 20:48
* @since 1.0
**/
public class RequestWrapper extends HttpServletRequestWrapper {
FineLoggerProvider log = FineLoggerFactory.getLogger();
/**
* 存储body数据的容器
*/
private byte[] body;
public RequestWrapper(HttpServletRequest request) {
super(request);
// 将body数据存储起来
String bodyStr = getBodyString(request);
body = bodyStr.getBytes(Charset.defaultCharset());
}
public void setBody(byte[] body) {
this.body = body;
}
/**
* 获取请求Body
*
* @param request request
* @return String
*/
private String getBodyString(final ServletRequest request) {
try {
return inputStream2String(request.getInputStream());
} catch (IOException e) {
log.error("", e);
throw new RuntimeException(e);
}
}
/**
* 获取请求Body
*
* @return String
*/
public String getBodyString() {
return new String(this.body, StandardCharsets.UTF_8);
}
/**
* 将inputStream里的数据读取出来并转换成字符串
*
* @param inputStream inputStream
* @return String
*/
private String inputStream2String(InputStream inputStream) {
StringBuilder sb = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
String line;
while ((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException e) {
log.error("", e);
throw new RuntimeException(e);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
log.error("", e);
}
}
}
return sb.toString();
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream inputStream = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return inputStream.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
}

97
src/main/java/com/fr/plugin/XContentRequestWrapper.java

@ -0,0 +1,97 @@
package com.fr.plugin;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.StringUtils;
import com.fr.third.jodd.util.collection.ArrayEnumeration;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.*;
public class XContentRequestWrapper extends HttpServletRequestWrapper {
JSONObject jsonObject = null;
public XContentRequestWrapper(HttpServletRequest request) {
super(request);
String header = request.getHeader("X-Context");
String url = WebUtils.getOriginalURL(request);
try {
if (StringUtils.isNotBlank(header)) {
header = URLDecoder.decode(header, "UTF-8");
jsonObject = new JSONObject(header);
FineLoggerFactory.getLogger().info("当前请求地址:{} \n X-Context :{} ", url, header);
} else {
FineLoggerFactory.getLogger().info("当前请求地址:{} 未携带 X-Context ", url);
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
@Override
public String getParameter(String name) {
String parameter = super.getParameter(name);
if (StringUtils.isBlank(parameter) && jsonObject != null) {
return jsonObject.getString(name);
}
return parameter;
}
@Override
public Map<String, String[]> getParameterMap() {
Map<String, String[]> parameterMap = super.getParameterMap();
Map<String, String[]> stringHashMap = new HashMap<>();
if (jsonObject != null) {
Iterator<String> keys = jsonObject.keys();
while (keys.hasNext()) {
String key = keys.next();
Object value = jsonObject.getValue(key);
if (value != null) {
stringHashMap.put(key, new String[]{
value.toString()
});
}
}
}
stringHashMap.putAll(parameterMap);
return stringHashMap;
}
@Override
public Enumeration<String> getParameterNames() {
Enumeration<String> parameterNames = super.getParameterNames();
if (jsonObject != null) {
Iterator<String> keys = jsonObject.keys();
ArrayList<String> arrayList = new ArrayList<>();
while (keys.hasNext()) {
String next = keys.next();
arrayList.add(next);
}
while (parameterNames.hasMoreElements()) {
String s = parameterNames.nextElement();
arrayList.add(s);
}
ArrayEnumeration<String> dayNames = new ArrayEnumeration<String>(arrayList.toArray(new String[0]));
return dayNames;
}
return parameterNames;
}
@Override
public String[] getParameterValues(String name) {
String[] parameterValues = super.getParameterValues(name);
if (parameterValues == null && jsonObject != null) {
Object stringObjectMap = jsonObject.getValue(name);
if (stringObjectMap != null) {
return new String[]{
stringObjectMap.toString()
};
}
}
return parameterValues;
}
}

90
src/main/java/com/fr/plugin/util/LogUtils.java

@ -0,0 +1,90 @@
package com.fr.plugin.util;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import com.fr.plugin.context.PluginContexts;
import com.fr.stable.StringUtils;
public final class LogUtils {
private static String LOG_PREFIX = "[单点登录] ";
private static final String PLUGIN_VERSION;
private static final FineLoggerProvider LOGGER = FineLoggerFactory.getLogger();
static {
String version = PluginContexts.currentContext().getMarker().getVersion();
if (StringUtils.isNotBlank(version)) {
PLUGIN_VERSION = "[v" + version + "] ";
} else {
PLUGIN_VERSION = "[unknown version] ";
}
LOG_PREFIX = LOG_PREFIX + PLUGIN_VERSION;
}
public static void setPrefix(String prefix) {
if (prefix != null) {
LOG_PREFIX = prefix;
}
}
public static boolean isDebugEnabled() {
return LOGGER.isDebugEnabled();
}
public static void debug(String s) {
LOGGER.debug(LOG_PREFIX + s);
}
public static void debug(String s, Object... objects) {
LOGGER.debug(LOG_PREFIX + s, objects);
}
public static void debug(String s, Throwable throwable) {
LOGGER.debug(LOG_PREFIX + s, throwable);
}
public static boolean isInfoEnabled() {
return LOGGER.isInfoEnabled();
}
public static void info(String s) {
LOGGER.info(LOG_PREFIX + s);
}
public static void info(String s, Object... objects) {
LOGGER.info(LOG_PREFIX + s, objects);
}
public static void warn(String s) {
LOGGER.warn(LOG_PREFIX + s);
}
public static void warn(String s, Object... objects) {
LOGGER.warn(LOG_PREFIX + s, objects);
}
public static void warn(String s, Throwable throwable) {
LOGGER.warn(LOG_PREFIX + s, throwable);
}
public static void warn(Throwable throwable, String s, Object... objects) {
LOGGER.warn(throwable, LOG_PREFIX + s, objects);
}
public static void error(String s) {
LOGGER.error(LOG_PREFIX + s);
}
public static void error(String s, Object... objects) {
LOGGER.error(LOG_PREFIX + s, objects);
}
public static void error(String s, Throwable throwable) {
LOGGER.error(LOG_PREFIX + s, throwable);
}
public static void error(Throwable throwable, String s, Object... objects) {
LOGGER.error(throwable, LOG_PREFIX + s, objects);
}
}

26
src/main/java/com/fr/plugin/util/RequestUtils.java

@ -0,0 +1,26 @@
package com.fr.plugin.util;
import com.fr.stable.StringUtils;
import javax.servlet.http.HttpServletRequest;
/**
* @author Peng
*/
public class RequestUtils {
/**
* todo 有待测试
* @param request
* @return
*/
public static String getFullUrl(HttpServletRequest request) {
String url = request.getRequestURI();
String queryString = request.getQueryString();
if (StringUtils.isNotEmpty(queryString)) {
url = url + "?" + queryString;
}
return url;
}
}

35
src/main/java/com/fr/plugin/util/ResponseUtils.java

@ -0,0 +1,35 @@
package com.fr.plugin.util;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.json.JSONObject;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletResponse;
public final class ResponseUtils {
/**
* 打印之前会自动处理 Content-Type
*/
public static void printAsJSON( HttpServletResponse response, JSONObject jsonObject) throws Exception {
// todo 这里的 charset 有没有可能是别的呢?
response.setContentType("application/json;charset=utf-8");
WebUtils.printAsJSON(response, jsonObject);
}
/**
* todo
*
* 参考方法签名
* generateUnavailableWebPage(String result, String reason, String solution)
* generateErrorWebPage(String result, String reason, String solution)
*
*/
public static void printErrorPage() {
// 可参考 ↓
// String errorHtml = WebServiceUtils.generateUnavailableWebPage("单点登录失败", reason, "");
// String errorHtml = WebServiceUtils.generateErrorWebPage("单点登录失败", reason, "");
// WebUtils.printAsString(response, errorHtml);
}
}

464
src/main/java/com/fr/sso/cas/FRAccessFilter.java

@ -0,0 +1,464 @@
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package com.fr.sso.cas;
import com.fr.base.ServerConfig;
import com.fr.base.TemplateUtils;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.data.User;
import com.fr.decision.mobile.terminal.TerminalHandler;
import com.fr.decision.privilege.TransmissionTool;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
import com.fr.decision.webservice.bean.authentication.LoginResponseInfoBean;
import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean;
import com.fr.decision.webservice.exception.login.UserLoginException;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.login.TokenResource;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import com.fr.third.fasterxml.jackson.core.JsonGenerationException;
import com.fr.third.fasterxml.jackson.core.JsonParseException;
import com.fr.third.fasterxml.jackson.databind.JsonMappingException;
import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
import com.fr.third.fasterxml.jackson.databind.type.TypeFactory;
import com.fr.web.utils.WebUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.nio.charset.Charset;
import java.util.Hashtable;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class FRAccessFilter implements Filter {
public String[] loginPageNecessaryResources = new String[]{"fineui.min.css", "login.min.css", "fineui.min.js", "I18nTextGenerator", "ConstantGenerator", "login.min.js", "logo.png", "login.png", "login-img.png", "iconfont.woff"};
private String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName();
private String[] noFilterUrls;
private static ObjectMapper objectMapper = new ObjectMapper();
private static boolean isDev = true;
public FRAccessFilter() {
this.noFilterUrls = new String[]{this.servletNamePrefix + "/login", this.servletNamePrefix + "/login/config", this.servletNamePrefix + "/system/info", this.servletNamePrefix + "/login/cross/domain", this.servletNamePrefix + "/remote"};
}
public void init(FilterConfig filterConfig) throws ServletException {
}
private boolean isApp(HttpServletRequest request) {
String header = request.getHeader("User-Agent");
if (StringUtils.isNotBlank(header) && header.contains("FineReact")) {
return true;
} else {
String deviceType = request.getParameter("deviceType");
if (StringUtils.isNotBlank(deviceType)) {
return true;
} else {
String terminal = request.getHeader("terminal");
return StringUtils.isNotBlank(terminal) && terminal.equals("APP");
}
}
}
private boolean isMobLogin(HttpServletRequest request) {
if (this.isApp(request) && request.getMethod().equals("POST")) {
String requestURI = request.getRequestURI();
if (requestURI.endsWith("/login")) {
return true;
}
}
return false;
}
public static void printException2Frlog(Exception e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", new Object[]{s});
}
public boolean getAuthenticator(String useruid, String userPassword, String applicationUsername, String applicationPassword) throws NamingException {
boolean result = false;
boolean flag = false;
DirContext ctx = null;
Hashtable env = new Hashtable();
env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
if (isDev) {
env.put("java.naming.provider.url", "ldap://xxxx");
} else {
env.put("java.naming.provider.url", "ldap://xxxx");
}
env.put("java.naming.security.authentication", "simple");
env.put("java.naming.security.principal", applicationUsername);
env.put("java.naming.security.credentials", applicationPassword);
try {
ctx = new InitialDirContext(env);
FineLoggerFactory.getLogger().info("Applications Authentication Succeed");
flag = true;
} catch (NamingException var31) {
if (ctx != null) {
try {
ctx.close();
FineLoggerFactory.getLogger().info("------------------------------------------");
} catch (NamingException var26) {
FineLoggerFactory.getLogger().info("ctx close occur NamingException, error message:" + var26);
}
}
FineLoggerFactory.getLogger().info(" Applications Authentication Failed, error messgae: " + var31);
flag = false;
return false;
}
SearchControls constraints = new SearchControls();
if (flag) {
NamingEnumeration en = null;
try {
constraints.setSearchScope(2);
String[] returnAttrs = new String[]{"*"};
constraints.setReturningAttributes(returnAttrs);
String basedn = "dc=bizenit,dc=com";
String searchFilter = "(|(uid=" + useruid + ")(smart-alias=" + useruid + "))";
FineLoggerFactory.getLogger().info("filter:" + searchFilter);
en = ctx.search(basedn, searchFilter, constraints);
} catch (Exception var29) {
FineLoggerFactory.getLogger().info("search occur Exception, error message:" + var29);
printException2Frlog(var29);
}
if (en.hasMoreElements()) {
DirContext ctxUser = null;
Hashtable envUser = new Hashtable();
envUser.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
if (isDev) {
envUser.put("java.naming.provider.url", "xxxx");
} else {
envUser.put("java.naming.provider.url", "xxxx");
}
envUser.put("java.naming.security.authentication", "simple");
envUser.put("java.naming.security.principal", ((SearchResult)en.next()).getNameInNamespace());
envUser.put("java.naming.security.credentials", userPassword);
try {
Object o = envUser.get("java.naming.provider.url");
FineLoggerFactory.getLogger().info("LDAP认证服务器地址:{} 认证用户名:{}", new Object[]{o, envUser.get("java.naming.security.principal")});
ctxUser = new InitialDirContext(envUser);
FineLoggerFactory.getLogger().info("User Login Succeed");
result = true;
constraints.setTimeLimit(1000);
constraints.setDerefLinkFlag(false);
constraints.setReturningAttributes(new String[]{"*"});
} catch (NamingException var28) {
FineLoggerFactory.getLogger().info("user Authentication occured NamingException,error message:" + var28);
printException2Frlog(var28);
} finally {
if (ctxUser != null) {
try {
ctxUser.close();
} catch (NamingException var25) {
FineLoggerFactory.getLogger().info("ctxUser close occured NamingException,error message:" + var25);
}
}
}
} else {
result = false;
}
try {
if (en != null) {
en.close();
}
if (ctx != null) {
ctx.close();
}
} catch (NamingException var27) {
FineLoggerFactory.getLogger().info("close occured NamingException,error message:" + var27);
printException2Frlog(var27);
}
}
return result;
}
public static <T> T deserialize(String json, Class<T> clazz) {
Object object = null;
try {
object = objectMapper.readValue(json, TypeFactory.rawClass(clazz));
} catch (JsonParseException e) {
} catch (JsonMappingException e) {
} catch (IOException e) {
}
return (T) object;
}
private String inputStream2String(InputStream inputStream) {
StringBuilder sb = new StringBuilder();
BufferedReader reader = null;
try {
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.defaultCharset()));
String line;
while((line = reader.readLine()) != null) {
sb.append(line);
}
} catch (IOException var12) {
throw new RuntimeException(var12);
} finally {
if (reader != null) {
try {
reader.close();
} catch (IOException var11) {
}
}
}
return sb.toString();
}
public static String serialize(Object object) {
StringWriter write = new StringWriter();
try {
objectMapper.writeValue(write, object);
} catch (JsonGenerationException var3) {
} catch (JsonMappingException var4) {
} catch (IOException var5) {
}
return write.toString();
}
private void mobLogin(HttpServletRequest req, HttpServletResponse response, LoginRequestInfoBean loginReqInfo) throws Exception {
String password = TransmissionTool.decrypt(loginReqInfo.isEncrypted(), loginReqInfo.getPassword());
String username = loginReqInfo.getUsername();
if (WebServiceUtils.containSQLChars(username)) {
Response error = Response.error("21300015", "Special char prohibit!");
WebUtils.printAsString(response, serialize(error));
} else {
User user = UserService.getInstance().getUserByUserName(username);
if (user == null) {
throw new UserLoginException();
} else {
String adminName = "uid=lyfr_bind,ou=Application,ou=People,dc=bizenit,dc=com";
String adminPwd = "kihFNUQeae2U";
if (isDev) {
adminName = "uid=kk_bind,ou=Application,ou=People,dc=bizenit,dc=com";
adminPwd = "K0G3x4Gyf93Q";
}
if (this.getAuthenticator(username, password, adminName, adminPwd)) {
String token = this.login(req, response, username);
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
LoginResponseInfoBean infoBean = new LoginResponseInfoBean(token, originUrlResponseBean, user.getUserName(), loginReqInfo.getValidity());
WebUtils.printAsString(response, serialize(infoBean));
} else {
Response error = Response.error("21300007", "User not exist, or wrong password!");
WebUtils.printAsString(response, serialize(error));
}
}
}
}
public static boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
try {
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
return false;
} else {
Device device = NetworkHelper.getDevice(req);
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
return true;
}
} catch (Exception var4) {
return false;
}
}
private boolean isLogin(HttpServletRequest request) {
try {
return LoginService.getInstance().isLogged(request);
} catch (Exception var3) {
return false;
}
}
private String login(HttpServletRequest req, HttpServletResponse res, String username) {
try {
String oldToken = TokenResource.COOKIE.getToken(req);
if (oldToken == null || !checkTokenValid(req, oldToken, username)) {
HttpSession session = req.getSession(true);
String token = LoginService.getInstance().login(req, res, username);
// session.setAttribute("fine_auth_token", token);
req.setAttribute("fine_auth_token", token);
return token;
}
} catch (Exception var7) {
FineLoggerFactory.getLogger().error(var7.getMessage(), var7);
}
return null;
}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
servletRequest.setCharacterEncoding("UTF-8");
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String noIdmParameter = request.getParameter("no-idm");
String pathInfo;
if (this.isMobLogin(request)) {
pathInfo = this.inputStream2String(request.getInputStream());
try {
LoginRequestInfoBean infoBean = (LoginRequestInfoBean)deserialize(pathInfo, LoginRequestInfoBean.class);
if (this.isLogin(request)) {
String oldToken = TokenResource.COOKIE.getToken(request);
OriginUrlResponseBean originUrlResponseBean = new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}"));
LoginResponseInfoBean respBean = new LoginResponseInfoBean(oldToken, originUrlResponseBean, infoBean.getUsername(), infoBean.getValidity());
WebUtils.printAsString(response, serialize(respBean));
} else {
this.mobLogin(request, response, infoBean);
}
return;
} catch (Exception var13) {
FineLoggerFactory.getLogger().info("LDAP认证失败:" + var13.getMessage());
}
}
if (this.isApp(request)) {
setCookie(response, "no-idm", "true");
pathInfo = request.getPathInfo();
this.forwardRequest(request, response);
} else {
if (StringUtils.isNotEmpty(noIdmParameter)) {
boolean isNoIdm = Boolean.parseBoolean(noIdmParameter);
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
if (noIdmCookie != null) {
if (Boolean.parseBoolean(noIdmCookie.getValue()) != isNoIdm) {
if (isNoIdm) {
setCookie(response, "no-idm", "true");
} else {
setCookie(response, "no-idm", "false");
}
}
} else if (isNoIdm) {
setCookie(response, "no-idm", "true");
} else {
setCookie(response, "no-idm", "false");
}
} else {
Cookie noIdmCookie = com.fr.third.springframework.web.util.WebUtils.getCookie(request, "no-idm");
if (noIdmCookie == null) {
setCookie(response, "no-idm", "false");
}
}
if (!this.isNoFilterUrls(request) && !this.isRequestLoginPageNecessaryResources(request) && !this.isFromNoIdmPage(request)) {
User user = null;
try {
user = UserService.getInstance().getUserByRequestCookie(request);
} catch (Exception var12) {
}
if (user != null) {
this.forwardRequest(request, response);
} else if (StringUtils.isNotEmpty(noIdmParameter) && Boolean.parseBoolean(noIdmParameter)) {
this.forwardRequest(request, response);
} else {
filterChain.doFilter(request, response);
}
} else {
this.forwardRequest(request, response);
}
}
}
private static void setCookie(HttpServletResponse response, String name, String value) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
response.addCookie(cookie);
}
public void destroy() {
}
public boolean isNoFilterUrls(HttpServletRequest request) {
String requestURI = request.getRequestURI();
String[] var3 = this.noFilterUrls;
int var4 = var3.length;
for(int var5 = 0; var5 < var4; ++var5) {
String url = var3[var5];
if (requestURI.contains(url)) {
return true;
}
}
return false;
}
public boolean isRequestLoginPageNecessaryResources(HttpServletRequest request) {
String queryString = request.getQueryString();
if (StringUtils.isEmpty(queryString)) {
return false;
} else {
String[] var3 = this.loginPageNecessaryResources;
int var4 = var3.length;
for(int var5 = 0; var5 < var4; ++var5) {
String parameter = var3[var5];
if (queryString.contains(parameter)) {
return true;
}
}
return false;
}
}
private boolean isFromNoIdmPage(HttpServletRequest request) {
String referer = request.getHeader("Referer");
return StringUtils.isNotEmpty(referer) && referer.contains("no-idm=true");
}
private void forwardRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String contextPath = request.getContextPath();
String relativePath = request.getRequestURI().replace(contextPath, "");
request.getRequestDispatcher(relativePath).forward(request, response);
}
}

16
src/main/resources/com/fr/plugin/error.html

@ -0,0 +1,16 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport"
content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>无权访问</title>
</head>
<body>
<center>
<h2>用户不在白名单,访问被拒绝,请联系管理员处理</h2>
</center>
<hr/>
</body>
</html>

BIN
集成Filter需求文档.docx

Binary file not shown.
Loading…
Cancel
Save