hugh
/
open-JSD-8420
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
JSD-8420 开源任务材料 OAuth2单点
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
91 KiB
 
Tree: 14ae1b8c5f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '14ae1b8c5f'
${ noResults }
open-JSD-8420/src/main/java/com/fr/plugin/sunac/sso/MobileSsoFilter.java

87 lines
2.8 KiB
Raw Blame History

package com.fr.plugin.sunac.sso;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.PropertiesUtils;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.security.encryption.transmission.TransmissionEncryptors;
import com.fr.stable.CodeUtils;
import com.fr.utils.Base64;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.nio.charset.StandardCharsets;
import java.util.Objects;
import java.util.Properties;
import static com.fr.plugin.sunac.sso.CommonUtils.*;
/**
* @author fr.open
* @since 2021/8/10
*/
@FunctionRecorder
public class MobileSsoFilter extends AbstractGlobalRequestFilterProvider {
private final String securityKey;
private final String defaultPassword;
public MobileSsoFilter() {
Properties props = PropertiesUtils.getProperties("sunac");
securityKey = getProperty(props, "mobile.security.key", "", true);
defaultPassword = getProperty(props, "new.user.password", "MfMy8c96Aqyqzt6F", true);
}
@Override
public String filterName() {
return "mobileSSO";
}
@Override
public String[] urlPatterns() {
return new String[]{"/decision/url/mobile"};
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
if (isLogin(request)) {
next(request, response, chain);
return;
}
String timestamp = request.getParameter("timestamp");
String uid = request.getParameter("uid");
String token = request.getParameter("token");
try {
String value = encode(timestamp, uid);
if (Objects.equals(token, value)) {
try {
getUser(uid);
} catch (Exception e) {
UserBean bean = new UserBean();
bean.setEnable(true);
bean.setRealName(uid);
bean.setUsername(uid.toLowerCase());
bean.setPassword(TransmissionEncryptors.getInstance().encrypt(defaultPassword));
UserService.getInstance().addUser(bean);
}
login(uid, request, response);
next(request, response, chain);
return;
}
setError(response, "Token验证失败");
} catch (Exception e) {
setError(response, e.getMessage());
}
}
private String encode(String timestamp, String uid) {
String md5 = CodeUtils.md5Encode(uid + timestamp + securityKey, "", "MD5");
return Base64.getEncoder().encodeToString(md5.getBytes(StandardCharsets.UTF_8));
}
}