hugh
/
open-JSD-9103
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
JSD-9103 4A单点集成
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
442 KiB
Tree: 281d406122
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '281d406122'
${ noResults }
open-JSD-9103/src/main/java/com/fr/plugin/TKloginFilter.java

212 lines
8.1 KiB
Raw Normal View History Unescape

提交开源任务材料
3 years ago
package com.fr.plugin;
import com.fanruan.api.net.http.HttpKit;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.transform.ExecuteFunctionRecord;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import com.fr.stable.fun.Authorize;
import com.fr.third.org.apache.http.HttpEntity;
import com.fr.third.org.apache.http.HttpResponse;
import com.fr.third.org.apache.http.NameValuePair;
import com.fr.third.org.apache.http.client.HttpClient;
import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity;
import com.fr.third.org.apache.http.client.methods.HttpPost;
import com.fr.third.org.apache.http.conn.scheme.Scheme;
import com.fr.third.org.apache.http.conn.ssl.SSLSocketFactory;
import com.fr.third.org.apache.http.impl.client.HttpClientBuilder;
import com.fr.third.org.apache.http.message.BasicNameValuePair;
import com.fr.third.org.apache.http.util.EntityUtils;
import com.fr.web.utils.WebUtils;
import org.dom4j.Document;
import org.dom4j.DocumentException;
import org.dom4j.Element;
import org.dom4j.io.SAXReader;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.*;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.util.*;
@FunctionRecorder(localeKey = "fds")
@Authorize(callSignKey = "com.eco.plugin.xxxx.ticket.login")
public class TKloginFilter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "ticketCheck";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/*"
};
}
@Override
public void init(FilterConfig filterConfig) {
TKConfig.getInstance();
super.init(filterConfig);
}
private String getUuid() {
String uuid = UUID.randomUUID().toString().replace("-", "");
return uuid;
}
public static String getIp(HttpServletRequest req) {
String realIp = req.getHeader("X-Real-IP");
String fw = req.getHeader("X-Forwarded-For");
if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
int var3 = fw.indexOf(",");
return var3 != -1 ? fw.substring(0, var3) : fw;
} else {
fw = realIp;
if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
return realIp;
} else {
if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
fw = req.getHeader("Proxy-Client-IP");
}
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
fw = req.getHeader("WL-Proxy-Client-IP");
}
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
fw = req.getHeader("HTTP_CLIENT_IP");
}
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
fw = req.getHeader("HTTP_X_FORWARDED_FOR");
}
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
fw = req.getRemoteAddr();
}
return fw;
}
}
}
@Override
@ExecuteFunctionRecord
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
try {
if (needFilter(request) && !isLogin(request)) {
if (PluginContexts.currentContext().isAvailable()) {
String ticket = request.getParameter("ticket");
TKConfig tkConfig = TKConfig.getInstance();
String ip = getIp(request);
String url = String.format("%s/sso?method=qryUserByTicket", tkConfig.getValAddr());
HashMap<String, Object> objectHashMap = new HashMap<>();
objectHashMap.put("ticket", ticket);
objectHashMap.put("clientIp", ip);
String post = HttpKit.post(url, objectHashMap);
FineLoggerFactory.getLogger().error("请求:{} ,post response:{}", url, post);
String username = getAccountFromXML(post);
User user = UserService.getInstance().getUserByUserName(username);
if (user == null) {
WebUtils.printAsString(httpServletResponse, "用户 :" + username + " 在帆软系统中不存在,请联系管理员添加");
return;
}
login(request, httpServletResponse, username);
} else {
WebUtils.printAsString(httpServletResponse, "当前单点登录插件授权过期");
return;
}
}
filterChain.doFilter(request, httpServletResponse);
} catch (IOException | ServletException e) {
printException2FrLog(e);
} catch (Exception e) {
printException2FrLog(e);
}
}
private String login(HttpServletRequest req, HttpServletResponse res, String username) throws Exception {
String token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username);
return token;
}
/**
* <SSO>
* <RESULT>1</RESULT>
* <RESULT_MSG>成功</RESULT_MSG>
* <RESULT_MSGCODE>1000</RESULT_MSGCODE>
* <ACCOUNT>test</ACCOUNT>
* <TICKET>xxxxx</TICKET>
* </SSO>
*
* @param xml
* @return
*/
private static String getAccountFromXML(String xml) throws DocumentException {
//1.创建Reader对象
SAXReader reader = new SAXReader();
//2.加载xml
Document document = reader.read(new ByteArrayInputStream(xml.getBytes(StandardCharsets.UTF_8)));
//3.获取根节点
Element rootElement = document.getRootElement();
Iterator iterator = rootElement.elementIterator();
while (iterator.hasNext()) {
Element stu = (Element) iterator.next();
if (StringUtils.equals(stu.getName(), "ACCOUNT")) {
return stu.getText();
}
}
return "";
}
private boolean needFilter(HttpServletRequest request) {
String requestURI = request.getRequestURI();
String ticket = request.getParameter("ticket");
if (StringUtils.isNotBlank(requestURI) && request.getMethod().equals("GET") && StringUtils.isNotBlank(ticket)) {
if (requestURI.endsWith("decision")) {
return true;
}
if (requestURI.endsWith("decision/url/mobile")) {
return true;
}
if (requestURI.endsWith("/view/form") || requestURI.endsWith("/view/report")) {
if (StringUtils.isNotBlank(request.getParameter("viewlet"))) {
return true;
}
}
if (requestURI.contains("/v10/entry/access/") && request.getMethod().equals("GET")) {
return true;
}
if (requestURI.contains("/v5/design/report") && (requestURI.endsWith("/edit") || requestURI.endsWith("/view"))) {
return true;
}
}
return false;
}
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
}