package com.fr.plugin; import com.fanruan.api.net.http.HttpKit; import com.fr.decision.authority.data.User; import com.fr.decision.fun.impl.BaseHttpHandler; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.user.UserService; import com.fr.json.JSONObject; import com.fr.log.FineLoggerFactory; import com.fr.plugin.context.PluginContexts; import com.fr.third.org.apache.commons.lang3.StringUtils; import com.fr.third.springframework.web.bind.annotation.RequestMethod; import com.fr.web.utils.WebUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.HashMap; import java.util.Map; public class MSAuthCallbackApi extends BaseHttpHandler { @Override public RequestMethod getMethod() { return null; } @Override public String getPath() { return "/authCallBack"; } @Override public boolean isPublic() { return true; } @Override public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception { String code = WebUtils.getHTTPRequestParameter(httpServletRequest, "code"); if (StringUtils.isBlank(code)) { WebUtils.printAsString(httpServletResponse, "授权码不存在"); return; } //第一步获取token MSConfig config = MSConfig.getInstance(); String valAddr = config.getValAddr(); String tokenUrl = String.format("%s/oauth/token?grant_type=authorization_code&code=%s&client_id=%s&client_secret=%s&redirect_uri=%s", valAddr, code, config.getAppId(), config.getClientSecret(), config.getFrUrl()+"/url/ms/authCallBack" ); if (!PluginContexts.currentContext().isAvailable()) { WebUtils.printAsString(httpServletResponse, "单点插件授权过期请联系帆软"); return; } String json = HttpKit.post(tokenUrl,new HashMap<>()); if (StringUtils.isBlank(json)) { WebUtils.printAsString(httpServletResponse, "访问授权服务器失败请检查服务器网络配置"); return; } FineLoggerFactory.getLogger().info("请求token返回:{}", json); JSONObject jsonObject = new JSONObject(json); if (jsonObject.has("access_token")) { String access_token = jsonObject.getString("access_token"); String uid = getUserInfo(access_token); User user = UserService.getInstance().getUserByUserName(uid); if (user == null) { WebUtils.printAsString(httpServletResponse, "登录失败:" + uid + " 在帆软用户体系不存在,请联系管理员添加"); return; } login(httpServletRequest, httpServletResponse, uid); Object callback = httpServletRequest.getSession().getAttribute("callback"); if (callback != null) { sendRedirect(httpServletResponse, callback.toString()); return; } sendRedirect(httpServletResponse, HttpUtils.getDefaultUrl(httpServletRequest)); return; } WebUtils.printAsString(httpServletResponse, "登录失败:" + jsonObject.getString("message")); } public String getUserInfo(String access_token) { Map params = new HashMap<>(); MSConfig oauth2Config = MSConfig.getInstance(); String valAddr = oauth2Config.getValAddr(); String url = String.format("%s/api/bff/v1.2/oauth2/userinfo?access_token=%s", valAddr, access_token); try { FineLoggerFactory.getLogger().info("进入token获取用户名=========参数 {} url:{}", params, url); String post = HttpKit.get(url); FineLoggerFactory.getLogger().info("进入token获取用户名=========参数 {} url:{} 响应:{}", params, url, post); JSONObject entries = new JSONObject(post); boolean success = entries.getBoolean("success"); if (success) { return entries.getJSONObject("data").getString("username"); } } catch (IOException e) { e.printStackTrace(); } return ""; } private String login(HttpServletRequest req, HttpServletResponse res, String username) throws Exception { String token = LoginService.getInstance().login(req, res, username); req.setAttribute("fine_auth_token", token); FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username); return token; } private void sendRedirect(HttpServletResponse res, String url) throws IOException { Map params = new HashMap<>(); params.put("callBack", url); WebUtils.writeOutTemplate("com/fr/plugin/redirect.html", res, params); } }