提交开源任务材料

README.md

@@ -1,3 +1,6 @@
 # open-JSD-8289
 
-JSD-8289 开源任务材料
+JSD-8289 开源任务材料\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系hugh处理。

plugin.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<plugin>
+    <id>com.fr.plugin.xxx.sso</id>
+    <name><![CDATA[单点登录]]></name>
+    <active>yes</active>
+    <version>1.3</version>
+    <env-version>10.0</env-version>
+    <jartime>2018-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[单点登录]]></description>
+    <change-notes><![CDATA[]]></change-notes>
+    <extra-decision>
+        <GlobalRequestFilterProvider class="com.fr.plugin.xxx.sso.SsoFilter"/>
+    </extra-decision>
+    <function-recorder class="com.fr.plugin.xxx.sso.SsoFilter"/>
+</plugin>

readme.txt

@@ -0,0 +1,7 @@
+此次完成功能如下
+	a、单点登录
+
+1、将压缩文件解压后的xxx.properties配置文件拷贝至 %部署路径%/WEB-INF/resources
+2、将xxx-sso.html文件拷贝至 %部署路径%/webroot/
+3、安装本插件，插件安装见连接http://help.finereport.com/doc-view-2198.html
+4、进入系统测试单点登录，访问地址为http://ip:port/webroot/xxx-sso.html

src/main/java/com/fr/plugin/xxx/sso/SsoFilter.java

@@ -0,0 +1,171 @@
+package com.fr.plugin.xxx.sso;
+
+import com.fr.base.PropertiesUtils;
+import com.fr.common.util.Assert;
+import com.fr.data.NetworkHelper;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.decision.mobile.terminal.TerminalHandler;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.general.http.HttpToolbox;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.stable.web.Device;
+import com.fr.stable.StringUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.util.Collections;
+import java.util.Properties;
+import java.util.stream.Stream;
+
+/**
+ * @author fr.open
+ * @since 2021/7/12
+ */
+@FunctionRecorder
+public class SsoFilter extends AbstractGlobalRequestFilterProvider {
+
+    private final String loginSuccess;
+
+    private final String apiGetUser;
+
+    private static String[] NOT_FILTER = {
+            "/decision/file",
+            "/decision/resources",
+            "/system",
+            "/materials.min.js.map",
+            "/remote",
+            "/login",
+            "/login/config",
+            "xxx-sso.html",
+    };
+
+    public SsoFilter() {
+        Properties props = PropertiesUtils.getProperties("xxx");
+        this.apiGetUser = getValue(props, "api.get-user");
+        loginSuccess = props.getProperty("login.success.redirect", com.fr.stable.StringUtils.EMPTY);
+    }
+
+    private String getValue(Properties props, String key) {
+        String value = props.getProperty(key);
+        Assert.hasText(value, "配置项[" + key + "]不能为空");
+        return value;
+    }
+
+
+    private boolean isAccept(HttpServletRequest request) {
+        String url = request.getRequestURL().toString();
+        return isLogin(request) || Stream.of(NOT_FILTER).anyMatch(url::contains);
+    }
+
+    @Override
+    public String filterName() {
+        return "xxxSso";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/*"};
+    }
+
+    @Override
+    public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
+
+        if (isAccept(request)) {
+            next(request, response, chain);
+            return;
+        }
+
+        String token = request.getParameter("token");
+        if (StringUtils.isNotBlank(token)) {
+            String username = getUsername(token);
+            if (StringUtils.isNotBlank(username)) {
+                FineLoggerFactory.getLogger().info("获取到的用户名为: \"{}\"", username);
+                if (login(username, request, response)) {
+                    if (StringUtils.isNotBlank(loginSuccess)) {
+                        FineLoggerFactory.getLogger().info("配置了登录成功跳转页面， 跳转到指定页面\"{}\"", loginSuccess);
+                        try {
+                            response.sendRedirect(loginSuccess);
+                            return;
+                        } catch (IOException ignored) {
+                        }
+                    }
+                }
+            }
+        }
+        next(request, response, chain);
+    }
+
+    private String getUsername(String token) {
+        try {
+            String api = String.format("%s?request_data=%s", apiGetUser, URLEncoder.encode("{\"token\": \"" + token + "\"}", "utf-8"));
+            String res = HttpToolbox.post(api, Collections.emptyMap());
+            FineLoggerFactory.getLogger().info("获取用户信息接口返回内容为: \"{}\"", res);
+            JSONObject body = new JSONObject(res);
+            if (body.has("success") && body.getBoolean("success")) {
+                return body.getJSONObject("result_data").getString("employee_number");
+            }
+            FineLoggerFactory.getLogger().error("token验证失败, 详见接口返回内容");
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error("token验证失败", e);
+        }
+        return null;
+    }
+
+    private boolean login(String username, HttpServletRequest request, HttpServletResponse response) {
+        try {
+            User user = UserService.getInstance().getUserByUserName(username);
+            if (user == null) {
+                FineLoggerFactory.getLogger().error("sso >> User \"{}\" does not exist", username);
+                return false;
+            }
+            String token = LoginService.getInstance().login(request, response, username);
+            request.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
+            FineLoggerFactory.getLogger().info("sso >> User[{}] login successfully", username);
+            return true;
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error("sso >> Failed to login with[" + username + "]", e);
+        }
+        return false;
+    }
+
+
+    private boolean isLogin(HttpServletRequest request) {
+        String oldToken = TokenResource.COOKIE.getToken(request);
+        return oldToken != null && checkTokenValid(request, (String) oldToken);
+    }
+
+    private boolean checkTokenValid(HttpServletRequest req, String token) {
+        try {
+            Device device = NetworkHelper.getDevice(req);
+            LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
+            return true;
+        } catch (Exception ignore) {
+        }
+        return false;
+    }
+
+    /**
+     * 跳转到过滤器链中的下一个过滤器
+     *
+     * @param request
+     * @param response
+     * @param chain
+     */
+    private void next(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
+        try {
+            chain.doFilter(request, response);
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+}

src/main/resources/xxx.properties

@@ -0,0 +1,10 @@
+#\u767B\u5F55\u6210\u529F\u540E\u8DF3\u8F6C\u9875\u9762, \u53EF\u4EE5\u4E3A\u7A7A\uFF0C\u4E3A\u7A7A\u65F6\u8DF3\u8F6C\u5230\u9ED8\u8BA4\u9875\u9762
+login.success.redirect=http://www.baidu.com
+
+api.app-id=40000007
+api.app-key=jLXF8dA
+api.env=RX_UAT
+
+
+# \u83B7\u53D6\u7528\u6237\u4FE1\u606F\u7684\u63A5\u53E3
+api.get-user=http://ip:port/V1/get_user_by_token