提交开源任务材料

README.md

@@ -1,3 +1,6 @@
 # open-JSD-9103
 
-JSD-9103 4A单点集成
+JSD-9103 4A单点集成\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系hugh处理。

plugin.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.eco.plugin.xxxx.ticket.login</id>
+    <name><![CDATA[移动端认证插件]]></name>
+    <active>yes</active>
+    <version>1.0.0</version>
+    <env-version>10.0</env-version>
+    <jartime>2020-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[移动端认证插件]]></description>
+    <change-notes><![CDATA[
+    ]]></change-notes>
+    <extra-decision>
+        <GlobalRequestFilterProvider class="com.fr.plugin.TKloginFilter"/>
+    </extra-decision>
+    <function-recorder class="com.fr.plugin.TKloginFilter"/>
+</plugin>

src/main/java/com/fr/plugin/TKConfig.java

@@ -0,0 +1,70 @@
+package com.fr.plugin;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+
+@Visualization(category = "OAUTH2插件配置")
+public class TKConfig extends DefaultConfiguration {
+
+    private static volatile TKConfig config = null;
+
+    public static TKConfig getInstance() {
+        if (config == null) {
+            config = ConfigContext.getConfigInstance(TKConfig.class);
+        }
+        return config;
+    }
+
+    @Identifier(value = "valAddr", name = "接口地址", description = "接口地址", status = Status.SHOW)
+    private Conf<String> valAddr = Holders.simple("");
+    @Identifier(value = "frUrl", name = "报表地址", description = "报表地址", status = Status.SHOW)
+    private Conf<String> frUrl = Holders.simple("http://localhost:8075/webroot/decision");
+    @Identifier(value = "appId", name = "clientId", description = "clientId", status = Status.HIDE)
+    private Conf<String> appId = Holders.simple("");
+    @Identifier(value = "clientSecret", name = "clientSecret", description = "clientSecret", status = Status.HIDE)
+    private Conf<String> clientSecret = Holders.simple("");
+
+    public String getFrUrl() {
+        return frUrl.get();
+    }
+
+    public void setFrUrl(String frUrl) {
+        this.frUrl.set(frUrl);
+    }
+
+    public String getAppId() {
+        return appId.get();
+    }
+
+    public void setAppId(String appId) {
+        this.appId.set(appId);
+    }
+
+    public String getClientSecret() {
+        return clientSecret.get();
+    }
+
+    public void setClientSecret(String clientSecret) {
+        this.clientSecret.set(clientSecret);
+    }
+
+    public String getValAddr() {
+        return valAddr.get();
+    }
+
+    public void setValAddr(String valAddr) {
+        this.valAddr.set(valAddr);
+    }
+
+    @Override
+    public Object clone() throws CloneNotSupportedException {
+        TKConfig cloned = (TKConfig) super.clone();
+        cloned.valAddr = (Conf<String>) valAddr.clone();
+        cloned.appId = (Conf<String>) appId.clone();
+        cloned.clientSecret = (Conf<String>) clientSecret.clone();
+        cloned.frUrl = (Conf<String>) frUrl.clone();
+        return cloned;
+    }
+
+}

src/main/java/com/fr/plugin/TKloginFilter.java

@@ -0,0 +1,211 @@
+package com.fr.plugin;
+
+import com.fanruan.api.net.http.HttpKit;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.plugin.transform.ExecuteFunctionRecord;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.stable.StringUtils;
+import com.fr.stable.fun.Authorize;
+import com.fr.third.org.apache.http.HttpEntity;
+import com.fr.third.org.apache.http.HttpResponse;
+import com.fr.third.org.apache.http.NameValuePair;
+import com.fr.third.org.apache.http.client.HttpClient;
+import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity;
+import com.fr.third.org.apache.http.client.methods.HttpPost;
+import com.fr.third.org.apache.http.conn.scheme.Scheme;
+import com.fr.third.org.apache.http.conn.ssl.SSLSocketFactory;
+import com.fr.third.org.apache.http.impl.client.HttpClientBuilder;
+import com.fr.third.org.apache.http.message.BasicNameValuePair;
+import com.fr.third.org.apache.http.util.EntityUtils;
+import com.fr.web.utils.WebUtils;
+import org.dom4j.Document;
+import org.dom4j.DocumentException;
+import org.dom4j.Element;
+import org.dom4j.io.SAXReader;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.*;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyStore;
+import java.util.*;
+
+@FunctionRecorder(localeKey = "fds")
+@Authorize(callSignKey = "com.eco.plugin.xxxx.ticket.login")
+public class TKloginFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "ticketCheck";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{
+                "/*"
+        };
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        TKConfig.getInstance();
+        super.init(filterConfig);
+    }
+
+    private String getUuid() {
+        String uuid = UUID.randomUUID().toString().replace("-", "");
+        return uuid;
+    }
+
+    public static String getIp(HttpServletRequest req) {
+        String realIp = req.getHeader("X-Real-IP");
+        String fw = req.getHeader("X-Forwarded-For");
+        if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
+            int var3 = fw.indexOf(",");
+            return var3 != -1 ? fw.substring(0, var3) : fw;
+        } else {
+            fw = realIp;
+            if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
+                return realIp;
+            } else {
+                if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
+                    fw = req.getHeader("Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("WL-Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_CLIENT_IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_X_FORWARDED_FOR");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getRemoteAddr();
+                }
+
+                return fw;
+            }
+        }
+    }
+
+    @Override
+    @ExecuteFunctionRecord
+    public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
+        try {
+            if (needFilter(request) && !isLogin(request)) {
+                if (PluginContexts.currentContext().isAvailable()) {
+                    String ticket = request.getParameter("ticket");
+                    TKConfig tkConfig = TKConfig.getInstance();
+                    String ip = getIp(request);
+                    String url = String.format("%s/sso?method=qryUserByTicket", tkConfig.getValAddr());
+                    HashMap<String, Object> objectHashMap = new HashMap<>();
+                    objectHashMap.put("ticket", ticket);
+                    objectHashMap.put("clientIp", ip);
+                    String post = HttpKit.post(url, objectHashMap);
+                    FineLoggerFactory.getLogger().error("请求:{} ,post response:{}", url, post);
+                    String username = getAccountFromXML(post);
+                    User user = UserService.getInstance().getUserByUserName(username);
+                    if (user == null) {
+                        WebUtils.printAsString(httpServletResponse, "用户 ：" + username + " 在帆软系统中不存在，请联系管理员添加");
+                        return;
+                    }
+                    login(request, httpServletResponse, username);
+                } else {
+                    WebUtils.printAsString(httpServletResponse, "当前单点登录插件授权过期");
+                    return;
+                }
+            }
+            filterChain.doFilter(request, httpServletResponse);
+        } catch (IOException | ServletException e) {
+            printException2FrLog(e);
+        } catch (Exception e) {
+            printException2FrLog(e);
+        }
+    }
+
+    private String login(HttpServletRequest req, HttpServletResponse res, String username) throws Exception {
+        String token = LoginService.getInstance().login(req, res, username);
+        req.setAttribute("fine_auth_token", token);
+        FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username);
+        return token;
+    }
+
+
+    /**
+     * <SSO>
+     * <RESULT>1</RESULT>
+     * <RESULT_MSG>成功</RESULT_MSG>
+     * <RESULT_MSGCODE>1000</RESULT_MSGCODE>
+     * <ACCOUNT>test</ACCOUNT>
+     * <TICKET>xxxxx</TICKET>
+     * </SSO>
+     *
+     * @param xml
+     * @return
+     */
+    private static String getAccountFromXML(String xml) throws DocumentException {
+        //1.创建Reader对象
+        SAXReader reader = new SAXReader();
+        //2.加载xml
+        Document document = reader.read(new ByteArrayInputStream(xml.getBytes(StandardCharsets.UTF_8)));
+        //3.获取根节点
+        Element rootElement = document.getRootElement();
+        Iterator iterator = rootElement.elementIterator();
+        while (iterator.hasNext()) {
+            Element stu = (Element) iterator.next();
+            if (StringUtils.equals(stu.getName(), "ACCOUNT")) {
+                return stu.getText();
+            }
+        }
+        return "";
+    }
+
+
+    private boolean needFilter(HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        String ticket = request.getParameter("ticket");
+        if (StringUtils.isNotBlank(requestURI) && request.getMethod().equals("GET") && StringUtils.isNotBlank(ticket)) {
+            if (requestURI.endsWith("decision")) {
+                return true;
+            }
+            if (requestURI.endsWith("decision/url/mobile")) {
+                return true;
+            }
+            if (requestURI.endsWith("/view/form") || requestURI.endsWith("/view/report")) {
+                if (StringUtils.isNotBlank(request.getParameter("viewlet"))) {
+                    return true;
+                }
+            }
+            if (requestURI.contains("/v10/entry/access/") && request.getMethod().equals("GET")) {
+                return true;
+            }
+            if (requestURI.contains("/v5/design/report") && (requestURI.endsWith("/edit") || requestURI.endsWith("/view"))) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public static void printException2FrLog(Throwable e) {
+        StringWriter writer = new StringWriter();
+        e.printStackTrace(new PrintWriter(writer));
+        String s = writer.toString();
+        FineLoggerFactory.getLogger().error("错误：{}", s);
+    }
+
+    private boolean isLogin(HttpServletRequest req) {
+        return LoginService.getInstance().isLogged(req);
+    }
+}

src/main/resources/com/fr/plugin/redirect.html

@@ -0,0 +1,11 @@
+<!doctype html>
+<html lang="en">
+<head>
+    <script type="text/javascript">
+        window.location.href = '${callBack}';
+    </script>
+</head>
+<body>
+<!--<h3>登陆成功${loginUser}，5秒后跳转到：${callBack}</h3>-->
+</body>
+</html>