hugh
/
open-JSD-9224
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
JSD-9224 OAuth2单点
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
90 KiB
Branch: 10.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '10.0'
${ noResults }
open-JSD-9224/src/main/java/com/fr/plugin/xxxx/gjdbjj/sso/LoginFilter.java

163 lines
6.1 KiB
Raw Permalink Normal View History Unescape

提交开源任务材料
3 years ago
package com.fr.plugin.xxxx.gjdbjj.sso;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.privilege.TransmissionTool;
import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean;
import com.fr.general.PropertiesUtils;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.xxxx.gjdbjj.sso.utils.HttpUtil;
import com.fr.plugin.xxxx.gjdbjj.sso.utils.LogUtils;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import com.fr.stable.fun.Authorize;
import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.stream.Stream;
import static com.fr.plugin.xxxx.gjdbjj.sso.utils.CommonUtils.next;
/**
* @author fr.open
* @since 2021/12/04
*/
@FunctionRecorder
@Authorize(callSignKey = PluginConstants.PLUGIN_ID)
public class LoginFilter extends AbstractGlobalRequestFilterProvider {
private String passLogin;
private String headerAuth;
private String extraUser;
private String tokenInfo;
private void initParams() {
Properties props = PropertiesUtils.getProperties("sso");
this.passLogin = props.getProperty("api.passLogin");
LogUtils.debug4plugin("get passLogin config is {}", passLogin);
this.headerAuth = props.getProperty("api.headerAuth");
LogUtils.debug4plugin("get headerAuth config is {}", headerAuth);
this.extraUser = props.getProperty("api.extraUser");
LogUtils.debug4plugin("get extraUser config is {}", extraUser);
this.tokenInfo = props.getProperty("api.tokenInfo");
LogUtils.debug4plugin("get tokenInfo config is {}", tokenInfo);
}
@Override
public void init(FilterConfig filterConfig) {
super.init(filterConfig);
initParams();
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) {
if (request.getMethod().equals("POST") &&
request.getRequestURI().equals("/webroot/decision/login")
&& WebUtils.getDevice(request).isMobile()
) {
try {
LogUtils.debug4plugin("current request is mobile request");
BodyReaderHttpServletRequestWrapper wrapper = new BodyReaderHttpServletRequestWrapper(request);
executeLogin(wrapper, response);
next(wrapper, response, chain);
return;
} catch (IOException e) {
LogUtils.error(e.getMessage(), e);
}
}
next(request, response, chain);
}
private void executeLogin(BodyReaderHttpServletRequestWrapper request, HttpServletResponse response) {
LoginRequestInfoBean info = getLoginInfo(request);
if (StringUtils.isNotBlank(extraUser) && Stream.of(extraUser.split(",")).anyMatch(e -> e.equals(info.getUsername()))) {
return;
}
Map<String, Object> header = new HashMap<>();
header.put("Content-Type", "application/x-www-form-urlencoded");
header.put("Authorization", "Basic " + headerAuth);
HashMap<String, Object> params = new HashMap<>();
params.put("password", DigestUtils.md5Hex(info.getPassword()).toLowerCase());
params.put("username", info.getUsername());
params.put("grant_type", "password");
String res = HttpUtil.doFormPost(passLogin, header, params, "UTF-8");
LogUtils.debug4plugin("valid password res is {} by param {} to {}", res, params, passLogin);
if (StringUtils.isNotBlank(res)) {
JSONObject object = new JSONObject(res);
if (object.getJSONObject("datas").get("access_token") != null) {
String pwd = getLogin(object.getJSONObject("datas").getString("access_token"));
info.setPassword(TransmissionTool.encrypt(pwd));
request.setBody(JSONObject.mapFrom(info).toString().getBytes(StandardCharsets.UTF_8));
}
}
}
private String getLogin(String token) {
String url = String.format("%s?token=%s", tokenInfo, token);
String res = HttpUtil.sendGet(url, null, null);
LogUtils.debug4plugin("token info res is {} by {}", res, url);
if (StringUtils.isNotBlank(res)) {
JSONObject object = new JSONObject(res);
if (object.getJSONObject("datas").get("frPwd") != null) {
return object.getJSONObject("datas").getString("frPwd");
}
}
return StringUtils.EMPTY;
}
public LoginRequestInfoBean getLoginInfo(HttpServletRequest req) {
try {
BufferedReader br = req.getReader();
String str = "";
String listString = "";
while ((str = br.readLine()) != null) {
listString += str;
}
JSONObject jsonObject = new JSONObject(listString);
LoginRequestInfoBean info = jsonObject.mapTo(LoginRequestInfoBean.class);
info.setPassword(TransmissionTool.decrypt(info.isEncrypted(), info.getPassword()));
return info;
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
}
return null;
}
@Override
public String filterName() {
return "gjdbjj";
}
@Override
public String[] urlPatterns() {
if (PluginContexts.currentContext().isAvailable()) {
return new String[]{
//"/decision/",
"/decision/login",
//"/decision",
//"/decision/view/report",
//"/decision/view/form"
};
}else {
return new String[0];
}
}
}