14 changed files with 1109 additions and 1 deletions
@ -1,3 +1,6 @@
|
||||
# open-JSD-8648 |
||||
|
||||
JSD-8648 |
||||
JSD-8648 OAuth2单点 开源任务材料\ |
||||
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\ |
||||
仅作为开发者学习参考使用!禁止用于任何商业用途!\ |
||||
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。 |
Binary file not shown.
@ -0,0 +1,17 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?> |
||||
<plugin> |
||||
<id>com.fr.plugin.third.party.jsdigei</id> |
||||
<name><![CDATA[集成登录]]></name> |
||||
<active>yes</active> |
||||
<version>0.2</version> |
||||
<env-version>10.0</env-version> |
||||
<jartime>2019-01-01</jartime> |
||||
<vendor>fr.open</vendor> |
||||
<description><![CDATA[]]></description> |
||||
<change-notes><![CDATA[]]></change-notes> |
||||
<extra-decision> |
||||
<GlobalRequestFilterProvider class="com.fr.plugin.third.party.jsdigei.http.SessionGlobalRequestFilterProvider"/> |
||||
</extra-decision> |
||||
<function-recorder class="com.fr.plugin.third.party.jsdigei.config.DataConfigInitializeMonitor"/> |
||||
<lifecycle-monitor class="com.fr.plugin.third.party.jsdigei.config.DataConfigInitializeMonitor"/> |
||||
</plugin> |
@ -0,0 +1,177 @@
|
||||
package com.fr.plugin.third.party.jsdigei; |
||||
|
||||
import com.fanruan.api.log.LogKit; |
||||
import com.fanruan.api.util.StringKit; |
||||
import com.fr.third.org.apache.http.HttpEntity; |
||||
import com.fr.third.org.apache.http.HttpStatus; |
||||
import com.fr.third.org.apache.http.client.config.RequestConfig; |
||||
import com.fr.third.org.apache.http.client.methods.CloseableHttpResponse; |
||||
import com.fr.third.org.apache.http.client.methods.HttpGet; |
||||
import com.fr.third.org.apache.http.client.methods.HttpPost; |
||||
import com.fr.third.org.apache.http.conn.ssl.NoopHostnameVerifier; |
||||
import com.fr.third.org.apache.http.conn.ssl.SSLConnectionSocketFactory; |
||||
import com.fr.third.org.apache.http.entity.StringEntity; |
||||
import com.fr.third.org.apache.http.impl.client.CloseableHttpClient; |
||||
import com.fr.third.org.apache.http.impl.client.HttpClients; |
||||
import com.fr.third.org.apache.http.ssl.SSLContextBuilder; |
||||
import com.fr.third.org.apache.http.ssl.TrustStrategy; |
||||
import com.fr.third.org.apache.http.util.EntityUtils; |
||||
|
||||
import javax.net.ssl.HostnameVerifier; |
||||
import javax.net.ssl.SSLContext; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.security.cert.CertificateException; |
||||
import java.security.cert.X509Certificate; |
||||
import java.util.UUID; |
||||
|
||||
public class Utils { |
||||
public static String DEFAULT_USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"; |
||||
public static RequestConfig REQUEST_CONFIG = RequestConfig.custom() |
||||
.setConnectionRequestTimeout(30000) |
||||
.setSocketTimeout(30000) // 服务端相应超时
|
||||
.setConnectTimeout(30000) // 建立socket链接超时时间
|
||||
.build(); |
||||
|
||||
public static CloseableHttpClient createSSLClientDefault() { |
||||
try { |
||||
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { |
||||
|
||||
@Override |
||||
public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { |
||||
return true; |
||||
} |
||||
}).build(); |
||||
HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE; |
||||
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, hostnameVerifier); |
||||
return HttpClients.custom().setSSLSocketFactory(sslsf).build(); |
||||
} catch (Exception e) { |
||||
LogKit.error(e.getMessage(), e); |
||||
} |
||||
return HttpClients.createDefault(); |
||||
} |
||||
|
||||
public static synchronized CloseableHttpClient createHttpClient(String url) { |
||||
CloseableHttpClient httpClient = null; |
||||
if (StringKit.isEmpty(url)) { |
||||
httpClient = HttpClients.createDefault(); |
||||
return httpClient; |
||||
} |
||||
|
||||
if (url.startsWith("https://")) { |
||||
httpClient = createSSLClientDefault(); |
||||
return httpClient; |
||||
} |
||||
httpClient = HttpClients.createDefault(); |
||||
return httpClient; |
||||
} |
||||
|
||||
public static synchronized String createHttpGetContent(CloseableHttpClient httpClient, String url) throws IOException { |
||||
if ((httpClient == null) || (StringKit.isEmpty(url))) { |
||||
return ""; |
||||
} |
||||
|
||||
HttpGet httpGet = new HttpGet(url); |
||||
httpGet.addHeader("User-Agent", Utils.DEFAULT_USER_AGENT); |
||||
httpGet.setConfig(Utils.REQUEST_CONFIG); |
||||
CloseableHttpResponse response = httpClient.execute(httpGet); |
||||
int statusCode = response.getStatusLine().getStatusCode(); |
||||
if (statusCode != HttpStatus.SC_OK) { |
||||
response.close(); |
||||
LogKit.info("http请求出错,http status:" + statusCode); |
||||
return ""; |
||||
} |
||||
|
||||
HttpEntity httpEntity = response.getEntity(); |
||||
if (httpEntity == null) { |
||||
response.close(); |
||||
LogKit.info("http请求出错,http响应内容为空"); |
||||
return ""; |
||||
} |
||||
String responseContent = EntityUtils.toString(httpEntity, "UTF-8"); |
||||
response.close(); |
||||
if (StringKit.isEmpty(responseContent)) { |
||||
LogKit.info("http请求出错,http响应内容为空1"); |
||||
return ""; |
||||
} |
||||
return responseContent; |
||||
} |
||||
|
||||
public static synchronized String createHttpPostContent(CloseableHttpClient httpClient, String url, String bodyContent) throws IOException { |
||||
if ((httpClient == null) || (StringKit.isEmpty(url)) || (StringKit.isEmpty(bodyContent))) { |
||||
return ""; |
||||
} |
||||
|
||||
HttpPost httpPost = new HttpPost(url); |
||||
httpPost.addHeader("User-Agent", Utils.DEFAULT_USER_AGENT); |
||||
httpPost.setConfig(Utils.REQUEST_CONFIG); |
||||
StringEntity bodyEntity = new StringEntity(bodyContent, "UTF-8"); |
||||
httpPost.setEntity(bodyEntity); |
||||
CloseableHttpResponse response = httpClient.execute(httpPost); |
||||
int statusCode = response.getStatusLine().getStatusCode(); |
||||
if (statusCode != HttpStatus.SC_OK) { |
||||
response.close(); |
||||
LogKit.info("http请求出错,http status:" + statusCode); |
||||
return ""; |
||||
} |
||||
|
||||
HttpEntity httpEntity = response.getEntity(); |
||||
if (httpEntity == null) { |
||||
response.close(); |
||||
LogKit.info("http请求出错,http响应内容为空"); |
||||
return ""; |
||||
} |
||||
String responseContent = EntityUtils.toString(httpEntity, "UTF-8"); |
||||
response.close(); |
||||
if (StringKit.isEmpty(responseContent)) { |
||||
LogKit.info("http请求出错,http响应内容为空1"); |
||||
return ""; |
||||
} |
||||
return responseContent; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 获取完整请求链接 |
||||
* |
||||
* @param req 请求 |
||||
* @return |
||||
*/ |
||||
public static String getFullRequestUrl(HttpServletRequest req) { |
||||
if (req == null) { |
||||
return ""; |
||||
} |
||||
String url = req.getRequestURL().toString(); |
||||
String queryUrl = req.getQueryString(); |
||||
if ((queryUrl == null) || "null".equalsIgnoreCase(queryUrl)) { |
||||
queryUrl = ""; |
||||
} else { |
||||
queryUrl = "?" + queryUrl; |
||||
} |
||||
String fullUrl = url + queryUrl; |
||||
return fullUrl; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 重定向 |
||||
* @param res |
||||
* @param url |
||||
*/ |
||||
public static void sendRedirect(HttpServletResponse res, String url) { |
||||
if ((res == null) || (StringKit.isEmpty(url))) { |
||||
return; |
||||
} |
||||
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); |
||||
res.setHeader("Location", url); |
||||
} |
||||
|
||||
|
||||
public static synchronized String getUuid() { |
||||
String uuid = UUID.randomUUID().toString().replace("-", ""); |
||||
return uuid; |
||||
} |
||||
|
||||
|
||||
} |
@ -0,0 +1,171 @@
|
||||
package com.fr.plugin.third.party.jsdigei.config; |
||||
|
||||
import com.fr.config.*; |
||||
import com.fr.config.holder.Conf; |
||||
import com.fr.config.holder.factory.Holders; |
||||
|
||||
import java.util.concurrent.ConcurrentHashMap; |
||||
|
||||
/** |
||||
* 配置数据保存 |
||||
*/ |
||||
@Visualization(category = "集成登录配置") |
||||
public class CustomDataConfig extends DefaultConfiguration { |
||||
public String getNameSpace() { |
||||
return this.getClass().getName(); |
||||
} |
||||
|
||||
private static volatile CustomDataConfig config = null; |
||||
|
||||
public static CustomDataConfig getInstance() { |
||||
if (config == null) { |
||||
config = ConfigContext.getConfigInstance(CustomDataConfig.class); |
||||
} |
||||
return config; |
||||
} |
||||
private static ConcurrentHashMap<String, String> URL_MAP = new ConcurrentHashMap<String, String>(); |
||||
|
||||
/** |
||||
* 添加链接 |
||||
* @param key |
||||
* @param url |
||||
*/ |
||||
public static synchronized void addUrl(String key, String url) { |
||||
URL_MAP.put(key, url); |
||||
} |
||||
|
||||
/** |
||||
* 获取链接并销毁保存 |
||||
* @param key |
||||
* @return |
||||
*/ |
||||
public static synchronized String getUrlAndDestroy(String key) { |
||||
String url = URL_MAP.get(key); |
||||
URL_MAP.remove(key); |
||||
return url; |
||||
} |
||||
|
||||
|
||||
|
||||
@Identifier(value = "idmClientId", name = "客户端id(client_id)", description = "", status = Status.SHOW) |
||||
private Conf<String> idmClientId = Holders.simple(""); |
||||
|
||||
|
||||
@Identifier(value = "idmClientSecret", name = "客户端密钥(client_secret)", description = "", status = Status.SHOW) |
||||
private Conf<String> idmClientSecret = Holders.simple(""); |
||||
|
||||
|
||||
@Identifier(value = "frUrl", name = "报表地址(redirect_uri)", description = "", status = Status.SHOW) |
||||
private Conf<String> frUrl = Holders.simple(""); |
||||
|
||||
|
||||
@Identifier(value = "oAuthCodeUrl", name = "获取临时授权码接口地址", description = "", status = Status.SHOW) |
||||
private Conf<String> oAuthCodeUrl = Holders.simple("http://Portal地址/sso/oauth2.0/authorize"); |
||||
|
||||
|
||||
@Identifier(value = "accessTokenUrl", name = "获取Access Token接口地址", description = "", status = Status.SHOW) |
||||
private Conf<String> accessTokenUrl = Holders.simple("http://Portal地址/sso/oauth2.0/accessToken"); |
||||
|
||||
|
||||
@Identifier(value = "userUrl", name = "获取用户信息接口地址", description = "", status = Status.SHOW) |
||||
private Conf<String> userUrl = Holders.simple("http://Portal地址/sso/oauth2.0/profile"); |
||||
|
||||
@Identifier(value = "logoutUrl", name = "退出登录地址", description = "", status = Status.HIDE) |
||||
private Conf<String> logoutUrl = Holders.simple("http://xxxx/oauthLogout"); |
||||
|
||||
|
||||
@Identifier(value = "loginTypeNameParameter", name = "登录类型参数名称", description = "", status = Status.HIDE) |
||||
private Conf<String> loginTypeNameParameter = Holders.simple("loginType"); |
||||
|
||||
|
||||
@Identifier(value = "loginTypeValue", name = "登录类型值", description = "", status = Status.HIDE) |
||||
private Conf<String> loginTypeValue = Holders.simple("OAUTH"); |
||||
|
||||
public String getLogoutUrl() { |
||||
return logoutUrl.get(); |
||||
} |
||||
|
||||
public void setLogoutUrl(String logoutUrl) { |
||||
this.logoutUrl.set(logoutUrl); |
||||
} |
||||
|
||||
public String getIdmClientId() { |
||||
return idmClientId.get(); |
||||
} |
||||
|
||||
public void setIdmClientId(String idmClientId) { |
||||
this.idmClientId.set(idmClientId); |
||||
} |
||||
|
||||
public String getIdmClientSecret() { |
||||
return idmClientSecret.get(); |
||||
} |
||||
|
||||
public void setIdmClientSecret(String idmClientSecret) { |
||||
this.idmClientSecret.set(idmClientSecret); |
||||
} |
||||
|
||||
public String getFrUrl() { |
||||
return frUrl.get(); |
||||
} |
||||
|
||||
public void setFrUrl(String frUrl) { |
||||
this.frUrl.set(frUrl); |
||||
} |
||||
|
||||
public String getoAuthCodeUrl() { |
||||
return oAuthCodeUrl.get(); |
||||
} |
||||
|
||||
public void setoAuthCodeUrl(String oAuthCodeUrl) { |
||||
this.oAuthCodeUrl.set(oAuthCodeUrl); |
||||
} |
||||
|
||||
public String getAccessTokenUrl() { |
||||
return accessTokenUrl.get(); |
||||
} |
||||
|
||||
public void setAccessTokenUrl(String accessTokenUrl) { |
||||
this.accessTokenUrl.set(accessTokenUrl); |
||||
} |
||||
|
||||
public String getUserUrl() { |
||||
return userUrl.get(); |
||||
} |
||||
|
||||
public void setUserUrl(String userUrl) { |
||||
this.userUrl.set(userUrl); |
||||
} |
||||
|
||||
public String getLoginTypeNameParameter() { |
||||
return loginTypeNameParameter.get(); |
||||
} |
||||
|
||||
public void setLoginTypeNameParameter(String loginTypeNameParameter) { |
||||
this.loginTypeNameParameter.set(loginTypeNameParameter); |
||||
} |
||||
|
||||
public String getLoginTypeValue() { |
||||
return loginTypeValue.get(); |
||||
} |
||||
|
||||
public void setLoginTypeValue(String loginTypeValue) { |
||||
this.loginTypeValue.set(loginTypeValue); |
||||
} |
||||
|
||||
|
||||
@Override |
||||
public Object clone() throws CloneNotSupportedException { |
||||
CustomDataConfig cloned = (CustomDataConfig) super.clone(); |
||||
cloned.idmClientId = (Conf<String>) idmClientId.clone(); |
||||
cloned.idmClientSecret = (Conf<String>) idmClientSecret.clone(); |
||||
cloned.frUrl = (Conf<String>) frUrl.clone(); |
||||
cloned.oAuthCodeUrl = (Conf<String>) oAuthCodeUrl.clone(); |
||||
cloned.accessTokenUrl = (Conf<String>) accessTokenUrl.clone(); |
||||
cloned.userUrl = (Conf<String>) userUrl.clone(); |
||||
cloned.logoutUrl = (Conf<String>) logoutUrl.clone(); |
||||
cloned.loginTypeNameParameter = (Conf<String>) loginTypeNameParameter.clone(); |
||||
cloned.loginTypeValue = (Conf<String>) loginTypeValue.clone(); |
||||
return cloned; |
||||
} |
||||
} |
@ -0,0 +1,26 @@
|
||||
package com.fr.plugin.third.party.jsdigei.config; |
||||
|
||||
import com.fr.intelli.record.Focus; |
||||
import com.fr.intelli.record.Original; |
||||
import com.fr.plugin.context.PluginContext; |
||||
import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor; |
||||
import com.fr.record.analyzer.EnableMetrics; |
||||
import com.fr.stable.fun.Authorize; |
||||
|
||||
/** |
||||
* 配置信息初始化 |
||||
*/ |
||||
@EnableMetrics |
||||
@Authorize(callSignKey = "com.fr.plugin.third.party.jsdigei") |
||||
public class DataConfigInitializeMonitor extends AbstractPluginLifecycleMonitor { |
||||
@Override |
||||
@Focus(id = "com.fr.plugin.third.party.jsdigei", text = "plugin-jsdigei", source = Original.PLUGIN) |
||||
public void afterRun(PluginContext pluginContext) { |
||||
CustomDataConfig.getInstance(); |
||||
} |
||||
|
||||
@Override |
||||
public void beforeStop(PluginContext pluginContext) { |
||||
|
||||
} |
||||
} |
@ -0,0 +1,42 @@
|
||||
package com.fr.plugin.third.party.jsdigei.http; |
||||
|
||||
import com.fanruan.api.log.LogKit; |
||||
import com.fr.decision.fun.impl.BaseHttpHandler; |
||||
import com.fr.plugin.third.party.jsdigei.config.CustomDataConfig; |
||||
import com.fr.third.springframework.web.bind.annotation.RequestMethod; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
/** |
||||
* |
||||
*/ |
||||
public class CustomConfigHttpHandler extends BaseHttpHandler { |
||||
|
||||
@Override |
||||
public RequestMethod getMethod() { |
||||
return RequestMethod.POST; |
||||
} |
||||
|
||||
@Override |
||||
public String getPath() { |
||||
return "/jsd8061/oauth/config"; |
||||
} |
||||
|
||||
@Override |
||||
public boolean isPublic() { |
||||
return true; |
||||
} |
||||
|
||||
@Override |
||||
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { |
||||
res.setContentType("application/json; charset=utf-8"); |
||||
String loginUrl = CustomDataConfig.getInstance().getLogoutUrl() + "?client_id=" + CustomDataConfig.getInstance().getIdmClientId() + "&client_secret=" + CustomDataConfig.getInstance().getIdmClientSecret(); |
||||
LogKit.info("登录集成登录,退出SSO登录地址:" + loginUrl); |
||||
String content = "{\"loginUrl\":\"" + loginUrl + "\"}"; |
||||
WebUtils.printAsString(res, content); |
||||
} |
||||
|
||||
|
||||
} |
@ -0,0 +1,13 @@
|
||||
package com.fr.plugin.third.party.jsdigei.http; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractHttpHandlerProvider; |
||||
import com.fr.decision.fun.impl.BaseHttpHandler; |
||||
|
||||
public class CustomHttpHandlerProvider extends AbstractHttpHandlerProvider { |
||||
@Override |
||||
public BaseHttpHandler[] registerHandlers() { |
||||
return new BaseHttpHandler[]{ |
||||
new CustomConfigHttpHandler() |
||||
}; |
||||
} |
||||
} |
@ -0,0 +1,14 @@
|
||||
package com.fr.plugin.third.party.jsdigei.http; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractURLAliasProvider; |
||||
import com.fr.decision.webservice.url.alias.URLAlias; |
||||
import com.fr.decision.webservice.url.alias.URLAliasFactory; |
||||
|
||||
public class CustomURLAliasProvider extends AbstractURLAliasProvider { |
||||
@Override |
||||
public URLAlias[] registerAlias() { |
||||
return new URLAlias[]{ |
||||
URLAliasFactory.createPluginAlias("/jsd8061/oauth/config", "/jsd8061/oauth/config", true) |
||||
}; |
||||
} |
||||
} |
@ -0,0 +1,53 @@
|
||||
package com.fr.plugin.third.party.jsdigei.http; |
||||
|
||||
public class CustomUserInfo { |
||||
private boolean valid = false; |
||||
private String userId; |
||||
private String username; |
||||
private String email; |
||||
private String phone; |
||||
|
||||
public CustomUserInfo() { |
||||
setValid(false); |
||||
} |
||||
|
||||
public boolean isValid() { |
||||
return valid; |
||||
} |
||||
|
||||
public void setValid(boolean valid) { |
||||
this.valid = valid; |
||||
} |
||||
|
||||
public String getUserId() { |
||||
return userId; |
||||
} |
||||
|
||||
public void setUserId(String userId) { |
||||
this.userId = userId; |
||||
} |
||||
|
||||
public String getUsername() { |
||||
return username; |
||||
} |
||||
|
||||
public void setUsername(String username) { |
||||
this.username = username; |
||||
} |
||||
|
||||
public String getEmail() { |
||||
return email; |
||||
} |
||||
|
||||
public void setEmail(String email) { |
||||
this.email = email; |
||||
} |
||||
|
||||
public String getPhone() { |
||||
return phone; |
||||
} |
||||
|
||||
public void setPhone(String phone) { |
||||
this.phone = phone; |
||||
} |
||||
} |
@ -0,0 +1,511 @@
|
||||
package com.fr.plugin.third.party.jsdigei.http; |
||||
|
||||
import com.fanruan.api.log.LogKit; |
||||
import com.fanruan.api.util.StringKit; |
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
||||
import com.fr.decision.mobile.terminal.TerminalHandler; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.login.TokenResource; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.general.ComparatorUtils; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.plugin.context.PluginContexts; |
||||
import com.fr.plugin.third.party.jsdigei.Utils; |
||||
import com.fr.plugin.third.party.jsdigei.config.CustomDataConfig; |
||||
import com.fr.third.org.apache.http.HttpEntity; |
||||
import com.fr.third.org.apache.http.HttpHeaders; |
||||
import com.fr.third.org.apache.http.HttpStatus; |
||||
import com.fr.third.org.apache.http.NameValuePair; |
||||
import com.fr.third.org.apache.http.client.config.RequestConfig; |
||||
import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity; |
||||
import com.fr.third.org.apache.http.client.methods.CloseableHttpResponse; |
||||
import com.fr.third.org.apache.http.client.methods.HttpGet; |
||||
import com.fr.third.org.apache.http.client.methods.HttpPost; |
||||
import com.fr.third.org.apache.http.impl.client.CloseableHttpClient; |
||||
import com.fr.third.org.apache.http.message.BasicNameValuePair; |
||||
import com.fr.third.org.apache.http.util.EntityUtils; |
||||
import com.fr.third.springframework.web.util.UriUtils; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.UnsupportedEncodingException; |
||||
import java.util.ArrayList; |
||||
import java.util.List; |
||||
import java.util.Map; |
||||
|
||||
|
||||
public class SessionGlobalRequestFilterProvider extends AbstractGlobalRequestFilterProvider { |
||||
private static String DEFAULT_USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"; |
||||
|
||||
@Override |
||||
public String filterName() { |
||||
return "com.fr.plugin.third.party.jsdigei"; |
||||
} |
||||
|
||||
@Override |
||||
public String[] urlPatterns() { |
||||
return new String[]{"/decision", "/decision/*"}; |
||||
} |
||||
|
||||
@Override |
||||
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { |
||||
try { |
||||
if (!PluginContexts.currentContext().isAvailable()) { |
||||
LogKit.info("集成登录,许可证过期"); |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
String reqUrl = req.getRequestURL().toString(); |
||||
String fullUrl = Utils.getFullRequestUrl(req); |
||||
String method = req.getMethod(); |
||||
LogKit.info("集成登录,记录访问地址:" + method + " " + fullUrl); |
||||
|
||||
if (!"GET".equalsIgnoreCase(method)) { |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
if (reqUrl.indexOf("/remote/") >= 0) { |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
if (reqUrl.indexOf("/decision/login") >= 0) { |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
if (fullUrl.indexOf("/weixin/") >= 0) { |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
|
||||
if (fullUrl.indexOf("/dingtalk/") >= 0) { |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
if (isAllowIdmOAuthLogin(req)) { |
||||
String state = Utils.getUuid(); |
||||
String requestUrl = getRequestUrl(req); |
||||
requestUrl = replaceUrl(requestUrl); |
||||
LogKit.info("集成登录,访问地址," + requestUrl); |
||||
CustomDataConfig.addUrl(state, requestUrl); |
||||
String locationUrl = getOAuthCodeUrl(state, requestUrl); |
||||
Utils.sendRedirect(res, locationUrl); |
||||
return; |
||||
} |
||||
|
||||
String loginUsername = getIdmOAuthUsername(req); |
||||
if (StringKit.isEmpty(loginUsername)) { |
||||
if (reqUrl.indexOf("/jsdigei-url/") >= 0) { |
||||
Utils.sendRedirect(res, CustomDataConfig.getInstance().getFrUrl()); |
||||
return; |
||||
} |
||||
filterChain.doFilter(req, res); |
||||
return; |
||||
} |
||||
|
||||
LogKit.info("集成登录, OAuth 用户名:" + loginUsername); |
||||
User user = UserService.getInstance().getUserByUserName(loginUsername); |
||||
boolean tipsOption = false; |
||||
String tipsContent = ""; |
||||
if (user == null) { |
||||
tipsOption = true; |
||||
LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台不存在"); |
||||
tipsContent = "在报表服务器上不存在"; |
||||
} else if (!user.isEnable()) { |
||||
tipsOption = true; |
||||
LogKit.info("集成登录,用户名:" + loginUsername + "在报表平台上被禁用"); |
||||
tipsContent = "在报表平台上被禁用"; |
||||
} |
||||
|
||||
if (tipsOption) { |
||||
String jumpContent = "<!doctype html>\n" + |
||||
"<head>\n" + |
||||
" <meta charset=\"utf-8\" />\n" + |
||||
" <title>提示</title>\n" + |
||||
"</head>\n" + |
||||
"<body>\n" + |
||||
" <script>\n" + |
||||
" var t = 20;\n" + |
||||
" var referI = setInterval(\"refer()\", 1000);\n" + |
||||
" function refer() {\n" + |
||||
" document.getElementById('show').innerHTML = \"用户:" + loginUsername + tipsContent + ",请联系管理员!<br>\" + t + \"秒后跳转到报表首页\"; \n" + |
||||
" t--;\n" + |
||||
" if (t <= 0) {\n" + |
||||
" clearInterval(referI);\n" + |
||||
" window.location = \"" + CustomDataConfig.getInstance().getFrUrl() + "\";\n" + |
||||
" }\n" + |
||||
" }\n" + |
||||
" </script>\n" + |
||||
" <div style=\"width: 100%;height:200px; line-height: 200px;font-size:30px;vertical-align:middle;text-align:center\">\n" + |
||||
" <span id=\"show\"></span>\n" + |
||||
" </div>\n" + |
||||
"</body>\n" + |
||||
"</html>"; |
||||
res.setContentType("text/html;charset=UTF-8"); |
||||
WebUtils.printAsString(res, jumpContent); |
||||
res.setStatus(200); |
||||
return; |
||||
} |
||||
|
||||
//loginUsername = user.getUserName();
|
||||
//LogKit.info("集成登录,报表平台用户名:" + loginUsername);
|
||||
|
||||
LogKit.info("集成登录,报表平台用户名:" + loginUsername + "生成 login token"); |
||||
String loginToken = LoginService.getInstance().login(req, res, loginUsername); |
||||
req.setAttribute("fine_auth_token", loginToken); |
||||
|
||||
String realUrl = getRealUrl(req); |
||||
if (StringKit.isNotEmpty(realUrl)) { |
||||
LogKit.info("集成登录,真实跳转地址:" + realUrl); |
||||
Utils.sendRedirect(res, realUrl); |
||||
return; |
||||
} |
||||
|
||||
filterChain.doFilter(req, res); |
||||
} catch (Exception e) { |
||||
LogKit.error("集成登录出错," + e.getMessage(), e); |
||||
} |
||||
} |
||||
|
||||
private String getRealUrl(HttpServletRequest req) { |
||||
if (req == null) { |
||||
return ""; |
||||
} |
||||
String state = getUrlId(req); |
||||
if (StringKit.isEmpty(state)) { |
||||
return ""; |
||||
} |
||||
String url = CustomDataConfig.getInstance().getUrlAndDestroy(state); |
||||
return url; |
||||
} |
||||
|
||||
String getUrlId(HttpServletRequest req) { |
||||
String reqUrl = req.getRequestURL().toString(); |
||||
int index = reqUrl.indexOf("/jsdigei-url/"); |
||||
if (index < 0) { |
||||
return ""; |
||||
} |
||||
int beginIndex = index + 13; |
||||
int endIndex = -1; |
||||
index = reqUrl.indexOf("?", beginIndex); |
||||
if (index > endIndex) { |
||||
endIndex = index; |
||||
} |
||||
|
||||
index = reqUrl.indexOf("/", beginIndex); |
||||
if (index > endIndex) { |
||||
endIndex = index; |
||||
} |
||||
String urlId = ""; |
||||
|
||||
if (endIndex >= 0) { |
||||
urlId = reqUrl.substring(beginIndex, endIndex); |
||||
} else { |
||||
urlId = reqUrl.substring(beginIndex); |
||||
} |
||||
urlId = StringKit.trim(urlId); |
||||
return urlId; |
||||
} |
||||
|
||||
public boolean isLogged(HttpServletRequest req) { |
||||
boolean logged = true; |
||||
|
||||
try { |
||||
String token = TokenResource.COOKIE.getToken(req); |
||||
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, NetworkHelper.getDevice(req))); |
||||
} catch (Exception var4) { |
||||
logged = false; |
||||
} |
||||
|
||||
return logged; |
||||
} |
||||
|
||||
private String getOAuthCodeUrl(String state, String url) throws UnsupportedEncodingException { |
||||
String mappingUrl = getMappingUrl(state); |
||||
String tempUrl = UriUtils.encodeQueryParam(mappingUrl, "UTF-8"); |
||||
; |
||||
LogKit.info("集成登录,授权报表地址:" + url); |
||||
String authUrl = CustomDataConfig.getInstance().getoAuthCodeUrl() + "?client_id=" + CustomDataConfig.getInstance().getIdmClientId() + "&redirect_uri=" + tempUrl + "&response_type=code"; |
||||
LogKit.info("集成登录,获取临时授权码地址:" + authUrl); |
||||
return authUrl; |
||||
} |
||||
|
||||
private String getMappingUrl(String id) { |
||||
String tempUrl = StringKit.trim(CustomDataConfig.getInstance().getFrUrl()); |
||||
if (!tempUrl.endsWith("/")) { |
||||
tempUrl = tempUrl + "/"; |
||||
} |
||||
|
||||
tempUrl = tempUrl + "jsdigei-url/" + id; |
||||
return tempUrl; |
||||
} |
||||
|
||||
|
||||
private String replaceUrl(String url) { |
||||
if (StringKit.isEmpty(url)) { |
||||
return CustomDataConfig.getInstance().getFrUrl(); |
||||
} |
||||
|
||||
if (url.indexOf("/decision/login") >= 0) { |
||||
return CustomDataConfig.getInstance().getFrUrl(); |
||||
} |
||||
|
||||
String tempUrl = CustomDataConfig.getInstance().getFrUrl(); |
||||
int index = tempUrl.indexOf("/decision"); |
||||
if (index < 0) { |
||||
return url; |
||||
} |
||||
|
||||
String pUrl = tempUrl.substring(0, index); |
||||
|
||||
index = url.indexOf("/decision"); |
||||
if (index < 0) { |
||||
return url; |
||||
} |
||||
String fullUrl = pUrl + url.substring(index); |
||||
return fullUrl; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 判断app是否允许登录IDM OAuth |
||||
* |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
private boolean isAllowIdmOAuthLogin(HttpServletRequest req) { |
||||
if (req == null) { |
||||
return false; |
||||
} |
||||
String loginTypeNameParameter = CustomDataConfig.getInstance().getLoginTypeNameParameter(); |
||||
String loginTypeConfigValue = CustomDataConfig.getInstance().getLoginTypeValue(); |
||||
if (StringKit.isEmpty(loginTypeNameParameter) || StringKit.isEmpty(loginTypeConfigValue)) { |
||||
return false; |
||||
} |
||||
String loginTypeValue = WebUtils.getHTTPRequestParameter(req, loginTypeNameParameter); |
||||
return ComparatorUtils.equals(loginTypeConfigValue, loginTypeValue); |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 判断字符串是否全是数字 |
||||
* |
||||
* @param str |
||||
* @return |
||||
*/ |
||||
public static boolean isNumeric(String str) { |
||||
if (StringKit.isEmpty(str)) { |
||||
return false; |
||||
} |
||||
for (int i = str.length(); --i >= 0; ) { |
||||
if (!Character.isDigit(str.charAt(i))) { |
||||
|
||||
return false; |
||||
|
||||
} |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 获取IDM OAuth 用户名 |
||||
* |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
private String getIdmOAuthUsername(HttpServletRequest req) { |
||||
try { |
||||
if (req == null) { |
||||
return ""; |
||||
} |
||||
String oAuthCode = WebUtils.getHTTPRequestParameter(req, "ticket"); |
||||
if (StringKit.isEmpty(oAuthCode)) { |
||||
return ""; |
||||
} |
||||
LogKit.info("集成登录,ticket:" + oAuthCode); |
||||
RequestConfig requestConfig = RequestConfig.custom() |
||||
.setConnectionRequestTimeout(10000) |
||||
.setSocketTimeout(10000) // 服务端相应超时
|
||||
.setConnectTimeout(10000) // 建立socket链接超时时间
|
||||
.build(); |
||||
|
||||
//获取Access Token
|
||||
//环境地址/getTokens
|
||||
String accessTokenUrl = CustomDataConfig.getInstance().getAccessTokenUrl() + "?client_id=" + CustomDataConfig.getInstance().getIdmClientId() + "&client_secret=" + CustomDataConfig.getInstance().getIdmClientSecret() + "&grant_type=authorization_code&code=" + oAuthCode + "&redirect_uri=" + CustomDataConfig.getInstance().getFrUrl(); |
||||
LogKit.info("集成登录,获取access_toke url:" + accessTokenUrl); |
||||
HttpGet httpGet = new HttpGet(accessTokenUrl); |
||||
httpGet.addHeader("User-Agent", DEFAULT_USER_AGENT); |
||||
|
||||
|
||||
|
||||
httpGet.setConfig(requestConfig); |
||||
CloseableHttpClient httpClient = Utils.createHttpClient(accessTokenUrl); |
||||
CloseableHttpResponse response = httpClient.execute(httpGet); |
||||
int statusCode = response.getStatusLine().getStatusCode(); |
||||
if (statusCode != HttpStatus.SC_OK) { |
||||
response.close(); |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取Access Token请求出错,http status:" + statusCode); |
||||
return ""; |
||||
} |
||||
|
||||
HttpEntity httpEntity = response.getEntity(); |
||||
if (httpEntity == null) { |
||||
response.close(); |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取Access Token请求出错,http响应内容为空"); |
||||
return ""; |
||||
} |
||||
String responseContent = EntityUtils.toString(httpEntity, "UTF-8"); |
||||
response.close(); |
||||
if (StringKit.isEmpty(responseContent)) { |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取Access Token请求出错,http响应内容为空1"); |
||||
return ""; |
||||
} |
||||
LogKit.info("集成登录,获取Access Token请求,http响应内容\n" + responseContent); |
||||
|
||||
String accessToken = getAccessToken(responseContent); |
||||
if (StringKit.isEmpty(accessToken)) { |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取Access Token请求出错,access_token为空"); |
||||
return ""; |
||||
} |
||||
LogKit.info("集成登录,Access Token:" + accessToken); |
||||
|
||||
|
||||
String userUrl = CustomDataConfig.getInstance().getUserUrl() + "?access_token=" + accessToken; |
||||
LogKit.info("集成登录,获取用户信息Url:" + userUrl); |
||||
httpGet = new HttpGet(userUrl); |
||||
httpGet.setConfig(requestConfig); |
||||
httpGet.addHeader("User-Agent", DEFAULT_USER_AGENT); |
||||
response = httpClient.execute(httpGet); |
||||
statusCode = response.getStatusLine().getStatusCode(); |
||||
if (statusCode != HttpStatus.SC_OK) { |
||||
response.close(); |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取用户信息请求出错,http status:" + statusCode); |
||||
return ""; |
||||
} |
||||
|
||||
httpEntity = response.getEntity(); |
||||
if (httpEntity == null) { |
||||
response.close(); |
||||
httpClient.close(); |
||||
LogKit.info("集成登录,获取用户信息请求出错,http响应内容为空"); |
||||
return ""; |
||||
} |
||||
responseContent = EntityUtils.toString(httpEntity, "UTF-8"); |
||||
response.close(); |
||||
httpClient.close(); |
||||
if (StringKit.isEmpty(responseContent)) { |
||||
LogKit.info("集成登录,获取用户信息请求出错,http响应内容为空1"); |
||||
return ""; |
||||
} |
||||
LogKit.info("集成登录,获取用户信息请求,http响应内容\n" + responseContent); |
||||
|
||||
String uid = getUsername(responseContent); |
||||
if (StringKit.isEmpty(uid)) { |
||||
LogKit.info("集成登录,获取用户信息请求出错,用户名为空"); |
||||
return ""; |
||||
} |
||||
LogKit.info("集成登录,用户名:" + uid); |
||||
return uid; |
||||
} catch (Exception e) { |
||||
LogKit.error("集成登录获取用户名出错," + e.getMessage(), e); |
||||
} |
||||
return ""; |
||||
} |
||||
|
||||
private String getAccessToken(String content) { |
||||
if (StringKit.isEmpty(content)) { |
||||
return ""; |
||||
} |
||||
JSONObject jsonObject = new JSONObject(content); |
||||
String msg = jsonObject.getString("msg"); |
||||
if (!StringKit.equalsIgnoreCase("SUCCESS", msg)) { |
||||
return ""; |
||||
} |
||||
String token = jsonObject.getString("access_token"); |
||||
return token; |
||||
} |
||||
|
||||
private String getUsername(String content) { |
||||
if (StringKit.isEmpty(content)) { |
||||
return ""; |
||||
} |
||||
JSONObject jsonObject = new JSONObject(content); |
||||
String msg = jsonObject.getString("msg"); |
||||
if (!StringKit.equalsIgnoreCase("SUCCESS", msg)) { |
||||
return ""; |
||||
} |
||||
String username = jsonObject.getString("id"); |
||||
return username; |
||||
} |
||||
|
||||
|
||||
private String getRequestUrl(HttpServletRequest req) throws UnsupportedEncodingException { |
||||
String fullUrl = req.getRequestURL().toString(); |
||||
Map<String, String[]> paraMap = req.getParameterMap(); |
||||
String paraName; |
||||
String[] paraValues; |
||||
String loginTypeParaName = CustomDataConfig.getInstance().getLoginTypeNameParameter(); |
||||
String queryStr = ""; |
||||
for (Map.Entry<String, String[]> entry : paraMap.entrySet()) { |
||||
paraName = entry.getKey(); |
||||
if (ComparatorUtils.equals(paraName, loginTypeParaName)) { |
||||
continue; |
||||
} |
||||
if (ComparatorUtils.equals(paraName, "code")) { |
||||
continue; |
||||
} |
||||
paraValues = entry.getValue(); |
||||
LogKit.info("集成登录,获取用户信息请求出错,login_name为空"); |
||||
queryStr = addParaToQuery(queryStr, paraName, paraValues); |
||||
} |
||||
if (StringKit.isEmpty(queryStr)) { |
||||
return fullUrl; |
||||
} |
||||
fullUrl = fullUrl + "?" + queryStr; |
||||
return fullUrl; |
||||
} |
||||
|
||||
private String addParaToQuery(String query, String paraName, String[] paraValues) throws UnsupportedEncodingException { |
||||
if (StringKit.isEmpty(paraName)) { |
||||
return query; |
||||
} |
||||
String fullQuery = query; |
||||
if ((paraValues == null) || (paraValues.length <= 0)) { |
||||
if (StringKit.isNotEmpty(fullQuery)) { |
||||
fullQuery = fullQuery + "&"; |
||||
} |
||||
fullQuery = paraName + "="; |
||||
return fullQuery; |
||||
} |
||||
String value; |
||||
for (int i = 0, max = paraValues.length - 1; i <= max; i++) { |
||||
if (StringKit.isNotEmpty(fullQuery)) { |
||||
fullQuery = fullQuery + "&"; |
||||
} |
||||
value = paraValues[i]; |
||||
if (StringKit.equals("viewlet", paraName) && (value.indexOf("%") < 0)) { |
||||
value = UriUtils.encodeQueryParam(value, "UTF-8"); |
||||
} |
||||
fullQuery = fullQuery + paraName + "=" + value; |
||||
} |
||||
return fullQuery; |
||||
} |
||||
|
||||
|
||||
} |
@ -0,0 +1,46 @@
|
||||
package com.fr.plugin.third.party.jsdigei.web; |
||||
|
||||
import com.fr.web.struct.Component; |
||||
import com.fr.web.struct.Filter; |
||||
import com.fr.web.struct.browser.RequestClient; |
||||
import com.fr.web.struct.category.ScriptPath; |
||||
import com.fr.web.struct.category.StylePath; |
||||
|
||||
public class MainFilesComponent extends Component { |
||||
public static final MainFilesComponent KEY = new MainFilesComponent(); |
||||
private MainFilesComponent(){} |
||||
/** |
||||
* 返回需要引入的JS脚本路径 |
||||
* @param client 请求客户端描述 |
||||
* @return JS脚本路径 |
||||
*/ |
||||
public ScriptPath script(RequestClient client ) { |
||||
//如果不需要就直接返回 ScriptPath.EMPTY
|
||||
return ScriptPath.build("com/fr/plugin/third/party/jsdiagb/web/main.js"); |
||||
} |
||||
|
||||
/** |
||||
* 返回需要引入的CSS样式路径 |
||||
* @param client 请求客户端描述 |
||||
* @return CSS样式路径 |
||||
*/ |
||||
public StylePath style(RequestClient client ) { |
||||
//如果不需要就直接返回 StylePath.EMPTY;
|
||||
//return StylePath.build("com/fr/plugin/jscssinput/demo/demo.css");
|
||||
return StylePath.EMPTY; |
||||
} |
||||
|
||||
/** |
||||
* 通过给定的资源过滤器控制是否加载这个资源 |
||||
* @return 资源过滤器 |
||||
*/ |
||||
public Filter filter() { |
||||
return new Filter(){ |
||||
@Override |
||||
public boolean accept() { |
||||
//任何情况下我们都在平台组件加载时加载我们的组件
|
||||
return true; |
||||
} |
||||
}; |
||||
} |
||||
} |
@ -0,0 +1,19 @@
|
||||
package com.fr.plugin.third.party.jsdigei.web; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractWebResourceProvider; |
||||
import com.fr.decision.web.MainComponent; |
||||
import com.fr.web.struct.Atom; |
||||
|
||||
public class MainWebResourceProvider extends AbstractWebResourceProvider { |
||||
@Override |
||||
public Atom attach() { |
||||
//在平台主组件加载时添加我们自己的组件
|
||||
return MainComponent.KEY; |
||||
} |
||||
|
||||
@Override |
||||
public Atom client() { |
||||
//我们自己要引入的组件
|
||||
return MainFilesComponent.KEY; |
||||
} |
||||
} |
@ -0,0 +1,16 @@
|
||||
$(function () { |
||||
var url = Dec.fineServletURL + "/url/jsd8061/oauth/config"; |
||||
$.post(url, |
||||
function (data, status) { |
||||
if (status == "success") { |
||||
debugger; |
||||
var a = Dec.Logout; |
||||
var logoutUrl = data.loginUrl; |
||||
Dec.Logout = function () { |
||||
a(); |
||||
//$.get(logoutUrl);
|
||||
window.location.href = logoutUrl; |
||||
} |
||||
} |
||||
}, "json"); |
||||
}); |
Loading…
Reference in new issue