open-JSD-8253/src/main/java/com/fr/plugin/sso/request/OAuthLogin.java

 /*
  * Copyright (C), 2018-2021
  * Project: starter
  * FileName: TokenLogin
  * Author:   Louis
  * Date:     2021/3/30 22:09
  */
 package com.fr.plugin.sso.request;

 import com.fanruan.api.decision.login.LoginKit;
import com.fanruan.api.decision.user.UserKit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.net.NetworkKit;
import com.fanruan.api.net.http.HttpKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.json.JSONObject;
import com.fr.plugin.sso.config.SsoConfig;
import com.fr.third.org.apache.http.client.utils.URIBuilder;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;

 /**
  * <Function Description><br>
  * <TokenLogin>
  *
  * @author fr.open
  * @since 1.0.0
  */
 public class OAuthLogin extends AbstractGlobalRequestFilterProvider {
     public static final String REMOTE_DESIGN = "/remote/design";
     public static final String RESOURCES_PATH = "/resources";
     public static final String FILE_PATH = "/file";
     public static final String SYSTEM_INFO = "/system/info";
     public static final String MATERIALS_MIN_JS_MAP = "/materials.min.js.map";
     public static final String LOGIN_PATH = "/login";
     public static final String LOGIN_OTHER = "/login/";
     public static final String LOGOUT_PATH = "/logout";
     public static final String USER_LANGUAGE = "/v10/user/language";
     public static final String USER_SYN = "/syn";

     public static final String CODE_URL = "/sso/oauth/authorize";
     public static final String TOKEN_URL = "/sso/oauth/accessToken";
     public static final String USER_URL = "/sso/oauth/userInfo";
     public static final String CODE = "code";

     private SsoConfig config;

     /**
      * 过滤器名称
      *
      * @return
      */
     @Override
     public String filterName() {
         return "SsoFilter";
     }

     /**
      * 过滤规则
      *
      * @return
      */
     @Override
     public String[] urlPatterns() {
         return new String[]{"/*"};
     }

     /**
      * 过滤器初始化
      *
      * @param filterConfig
      */
     @Override
     public void init(FilterConfig filterConfig) {
         this.config = SsoConfig.getInstance();
         super.init(filterConfig);
     }

     /**
      * 过滤器处理
      *
      * @param request
      * @param response
      * @param filterChain
      */
     @Override
     public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
         try {
             if (operation(request, response)) {
                 filterChain.doFilter(request, response);
             }
         } catch (Exception e) {
             LogKit.error(e.getMessage(), e);
         }
     }

     /**
      * 用户验证登陆操作
      *
      * @param req
      * @param res
      * @throws Exception
      */
     private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception {
         String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : StringKit.EMPTY;
         LogKit.info("sso-OAuthLogin-operation-pathInfo:{}", pathInfo);
         if (pathInfo.startsWith(REMOTE_DESIGN) || pathInfo.startsWith(LOGIN_OTHER)
                 || StringKit.equals(LOGIN_PATH, pathInfo) || pathInfo.startsWith(USER_SYN)
                 || pathInfo.startsWith(RESOURCES_PATH) || pathInfo.startsWith(LOGOUT_PATH)
                 || pathInfo.startsWith(SYSTEM_INFO) || pathInfo.startsWith(MATERIALS_MIN_JS_MAP)
                 || pathInfo.startsWith(USER_LANGUAGE) || pathInfo.startsWith(FILE_PATH)) {
             return true;
         }
         // 已登录
         if (LoginService.getInstance().isLogged(req)) {
             return true;
         }
         String code = NetworkKit.getHTTPRequestParameter(req, CODE);
         LogKit.info("sso-OAuthLogin-operation-code:{}", code);
         if (StringKit.isBlank(code)) {
             res.sendRedirect(getLoginUrl(req));
             return false;
         }
         String accessToken = getAccessToken(code);
         if (StringKit.isEmpty(accessToken)) {
             res.sendRedirect(getLoginUrl(req));
             return false;
         }
         String username = getUsername(accessToken);
         if (StringKit.isEmpty(username) || !UserKit.existUsername(username)) {
             return true;
         }
         String tokenFR = LoginKit.login(req, res, username);
         req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR);
         return true;
     }

     /**
      * 通过凭证获得username
      *
      * @param accessToken
      * @return
      */
     private String getUsername(String accessToken) throws IOException {
         Map<String, String> userInfoParams = new HashMap<>();
         userInfoParams.put("access_token", accessToken);
         String userRes = HttpKit.get(this.config.getUriBase() + USER_URL, userInfoParams);
         LogKit.info("sso-OAuthLogin-getUsername-userRes:{}", userRes);
         return new JSONObject(userRes).getString("loginName");
     }

     /**
      * 获取access_token
      *
      * @param code
      * @return
      * @throws Exception
      */
     private String getAccessToken(String code) throws Exception {
         Map<String, String> params = new HashMap<>();
         params.put("client_id", this.config.getClientId());
         params.put("client_secret", this.config.getClientSecret());
         params.put("grant_type", "authorization_code");
         params.put("oauth_timestamp", String.valueOf(System.currentTimeMillis()));
         params.put("redirect_uri", this.config.getFrUri());
         params.put("code", code);
         String url = this.config.getUriBase() + TOKEN_URL;
         String res = HttpKit.post(url, params);
         LogKit.info("sso-OAuthLogin-getAccessToken-res:{}", res);
         if (StringKit.isEmpty(res)) {
             return StringKit.EMPTY;
         }
         String token = new JSONObject(res).getString("access_token");
         if (StringKit.isNotBlank(token)) {
             return token;
         }
         return StringKit.EMPTY;
     }

     /**
      * 获取login_url
      *
      * @return
      */
     private String getLoginUrl(HttpServletRequest request) {
         String url = SsoConfig.getInstance().getUriBase() + CODE_URL;
         Map<String, String> params = new HashMap<>();
         params.put("response_type", "code");
         params.put("client_id", SsoConfig.getInstance().getClientId());
         params.put("redirect_uri", this.config.getFrUri());
         String loginUrl = buildUrl(url, params);
         LogKit.info("sso-OAuthLogin-getLoginUrl-loginUrl:{}", loginUrl);
         return loginUrl;
     }

     private String buildUrl(String url, Map<String, String> params) {
         if (params == null || params.isEmpty()) {
             return url;
         }
         try {
             URIBuilder builder = new URIBuilder(url);
             for (Map.Entry<String, String> entry : params.entrySet()) {
                 builder.setParameter(entry.getKey(), entry.getValue());
             }
             return builder.build().toString();
         } catch (URISyntaxException e) {
             LogKit.debug("Error to build url, please check the arguments.");
             return url;
         }
     }
 }