提交开源任务材料

README.md

@@ -1,3 +1,6 @@
 # open-JSD-9236
 
-JSD-9236 泛微单点集成
+JSD-9236 泛微单点集成\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系hugh处理。

plugin.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.eco.plugin.xxxx.fwsso</id>
+    <name><![CDATA[单点登录]]></name>
+    <active>yes</active>
+    <version>1.0.2</version>
+    <env-version>10.0</env-version>
+    <jartime>2018-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[单点登录]]></description>
+    <change-notes><![CDATA[
+    ]]></change-notes>
+    <main-package>com.eco.plugin.xxxx.fwsso</main-package>
+    <lifecycle-monitor class="com.eco.plugin.xxxx.fwsso.config.InitializeMonitor"/>
+
+    <extra-decision>
+		<GlobalRequestFilterProvider class="com.eco.plugin.xxxx.fwsso.filter.SSOFilter"/>
+        <HttpHandlerProvider class="com.eco.plugin.xxxx.fwsso.handler.ExtendAttrHandlerProvider"/>
+        <URLAliasProvider class="com.eco.plugin.xxxx.fwsso.handler.URLAliasProvide"/>
+        <WebResourceProvider class="com.eco.plugin.xxxx.fwsso.webresource.WebResourceProvider"/>
+    </extra-decision>
+    <function-recorder class="com.eco.plugin.xxxx.fwsso.config.PluginSimpleConfig"/>
+</plugin>

src/main/java/com/eco/plugin/xxxx/fwsso/config/InitializeMonitor.java

@@ -0,0 +1,21 @@
+package com.eco.plugin.xxxx.fwsso.config;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author fr.open
+ * @version 10.0
+ * Created by fr.open on 2018-12-04
+ */
+public class InitializeMonitor extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun(PluginContext pluginContext) {
+        PluginSimpleConfig.getInstance();
+    }
+
+    @Override
+    public void beforeStop(PluginContext pluginContext) {
+
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/config/PluginSimpleConfig.java

@@ -0,0 +1,52 @@
+package com.eco.plugin.xxxx.fwsso.config;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.record.analyzer.EnableMetrics;
+
+@Visualization(category = "单点登录配置")
+@EnableMetrics
+public class PluginSimpleConfig extends DefaultConfiguration {
+
+    private static volatile PluginSimpleConfig config = null;
+
+    @Focus(id="com.eco.plugin.xxxx.prsso.config", text = "单点登录配置", source = Original.PLUGIN)
+    public static PluginSimpleConfig getInstance() {
+        if (config == null) {
+            config = ConfigContext.getConfigInstance(PluginSimpleConfig.class);
+        }
+        return config;
+    }
+
+    @Identifier(value = "key", name = "解密key", description = "解密key", status = Status.SHOW)
+    private Conf<String> key = Holders.simple("xxxx");
+
+    @Identifier(value = "release", name = "放行登录页", description = "放行登录页", status = Status.SHOW)
+    private Conf<Boolean> release =Holders.simple(false);
+
+    public String getKey() {
+        return key.get();
+    }
+
+    public void setKey(String url) {
+        this.key.set(url);
+    }
+
+    public Boolean getRelease() {
+        return release.get();
+    }
+
+    public void setRelease(Boolean url) {
+        this.release.set(url);
+    }
+
+    @Override
+    public Object clone() throws CloneNotSupportedException {
+        PluginSimpleConfig cloned = (PluginSimpleConfig) super.clone();
+        return cloned;
+    }
+
+}

src/main/java/com/eco/plugin/xxxx/fwsso/filter/SSOFilter.java

@@ -0,0 +1,65 @@
+package com.eco.plugin.xxxx.fwsso.filter;
+
+import com.eco.plugin.xxxx.fwsso.config.PluginSimpleConfig;
+import com.eco.plugin.xxxx.fwsso.utils.FRUtils;
+import com.eco.plugin.xxxx.fwsso.utils.KeysUtils;
+import com.eco.plugin.xxxx.fwsso.utils.Utils;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.stable.fun.Authorize;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@EnableMetrics
+@Authorize(callSignKey = "com.eco.plugin.xxxx.fwsso")
+public class SSOFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "fwssoFilter";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/*"};
+    }
+
+    @Override
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){
+        if(PluginContexts.currentContext().isAvailable()){
+            String username = req.getParameter("username");
+            String url = FRUtils.getAllUrl(req);
+            if(Utils.isNotNullStr(username) && !url.contains("remote") && !url.contains("isAdmin")){
+                String decryptUserName = getUserName(username);
+                FRUtils.login(req,res,decryptUserName,"");
+            }
+        }
+
+        release(req,res,chain);
+    }
+
+    private String getUserName(String username) {
+        String key = PluginSimpleConfig.getInstance().getKey();
+
+        String decryptUserName = null;
+        try {
+            decryptUserName = KeysUtils.decrypt(username,key);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("解密异常:"+e.getMessage());
+        }
+
+        return decryptUserName;
+    }
+
+    //放行拦截器
+    private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
+        try{
+            chain.doFilter(req,res);
+        }catch (Exception e){
+            FRUtils.FRLogInfo("拦截失败");
+        }
+    }
+}
+

src/main/java/com/eco/plugin/xxxx/fwsso/handler/ExtendAttrHandlerProvider.java

@@ -0,0 +1,13 @@
+package com.eco.plugin.xxxx.fwsso.handler;
+
+import com.fr.decision.fun.HttpHandler;
+import com.fr.decision.fun.impl.AbstractHttpHandlerProvider;
+
+public class ExtendAttrHandlerProvider extends AbstractHttpHandlerProvider {
+    @Override
+    public HttpHandler[] registerHandlers() {
+        return new HttpHandler[]{
+                new IsAdmin()
+        };
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/handler/IsAdmin.java

@@ -0,0 +1,58 @@
+package com.eco.plugin.xxxx.fwsso.handler;
+
+import com.eco.plugin.xxxx.fwsso.config.PluginSimpleConfig;
+import com.eco.plugin.xxxx.fwsso.utils.FRUserUtils;
+import com.eco.plugin.xxxx.fwsso.utils.FRUtils;
+import com.eco.plugin.xxxx.fwsso.utils.ResponseUtils;
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@FunctionRecorder
+public class IsAdmin extends BaseHttpHandler {
+
+
+    public IsAdmin() {
+    }
+
+    @Override
+    public RequestMethod getMethod() {
+        return RequestMethod.GET;
+    }
+
+    @Override
+    public String getPath() {
+        return "/isAdmin";
+    }
+
+    @Override
+    public boolean isPublic() {
+        return true;
+    }
+
+    @Override
+    public void handle(HttpServletRequest req, HttpServletResponse res) {
+
+        if(PluginSimpleConfig.getInstance().getRelease()){
+            ResponseUtils.successResponse(res, "0" );
+            return ;
+        }
+
+        //获取请求参数
+        String username = req.getParameter("username");
+
+        try {
+            ResponseUtils.successResponse(res,FRUserUtils.isAdmin(username) ? "0" : "1");
+        } catch (Exception e) {
+            FRUtils.FRLogError("获取admin异常:"+e.getMessage());
+            ResponseUtils.successResponse(res,"1");
+        }
+    }
+
+
+
+
+}
+

src/main/java/com/eco/plugin/xxxx/fwsso/handler/URLAliasProvide.java

@@ -0,0 +1,14 @@
+package com.eco.plugin.xxxx.fwsso.handler;
+
+import com.fr.decision.fun.impl.AbstractURLAliasProvider;
+import com.fr.decision.webservice.url.alias.URLAlias;
+import com.fr.decision.webservice.url.alias.URLAliasFactory;
+
+public class URLAliasProvide extends AbstractURLAliasProvider {
+    @Override
+    public URLAlias[] registerAlias() {
+        return new URLAlias[]{
+                URLAliasFactory.createPluginAlias("/isAdmin","/isAdmin",true),
+        };
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/FRUserUtils.java

@@ -0,0 +1,166 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.privilege.TransmissionTool;
+import com.fr.decision.webservice.bean.user.DepRoleBean;
+import com.fr.decision.webservice.bean.user.UserBean;
+import com.fr.decision.webservice.bean.user.UserRolesBean;
+import com.fr.decision.webservice.bean.user.UserUpdateBean;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+public class FRUserUtils {
+
+    /**
+     * 获取用户Service
+     * @return
+     */
+    public static UserService getUserService(){
+        return UserService.getInstance();
+    }
+
+    /**
+     * 添加用户
+     * @param userBean
+     */
+    public static void addUser(UserBean userBean) throws Exception {
+        userBean.setPassword(TransmissionTool.defaultEncrypt(userBean.getPassword()));
+        getUserService().addUser(userBean);
+    }
+
+    /**
+     * 删除用户
+     * @param userBean
+     */
+    public static void updateUser(UserBean userBean) throws Exception {
+        getUserService().editUser(userBean,"");
+    }
+
+    /**
+     * 删除用户
+     * @param user
+     * @return
+     */
+    public static int deleteUser(User user) throws Exception {
+        String userId = user.getId();
+
+        UserUpdateBean userUpdateBean = new UserUpdateBean();
+        userUpdateBean.setRemoveUserIds(new String[]{userId});
+
+        return getUserService().deleteUsers(userUpdateBean);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static User getUserByUserName(String userName) throws Exception {
+        return getUserService().getUserByUserName(userName);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static UserBean getUserBeanByUserName(String userName ) throws Exception {
+        String id = getUserService().getUserByUserName(userName).getId();
+        return getUser(id);
+    }
+
+    /**
+     * 根据id获取用户
+     * @param id
+     * @return
+     * @throws Exception
+     */
+    public static UserBean getUser(String id) throws Exception {
+       return getUserService().getUser(id);
+    }
+
+    /**
+     * 判断是否是管理员
+     * @param username
+     * @return
+     */
+    public static boolean isAdmin(String username) throws Exception{
+        return getUserService().isAdmin(getUserByUserName(username).getId());
+    }
+
+    /**
+     * 禁用启用用户
+     * @param userId
+     * @param state false 禁用 true 启用
+     * @throws Exception 异常说明失败
+     */
+    public static void forbidUser(String userId,boolean state) throws Exception {
+        getUserService().forbidUser(userId,state);
+    }
+
+    /**
+     * 修改用户部门
+     * @param departmentId
+     * @param postId
+     * @param ud
+     * @throws Exception
+     */
+    public static void updateDepartmentPostUsers(String departmentId, String postId, UserUpdateBean ud) throws Exception {
+        getUserService().updateDepartmentPostUsers(departmentId,"",ud);
+    }
+
+
+//    /**
+//     * 验证密码是否正确
+//     * @param psd   明文密码
+//     * @param user  根据用户名获取得用户对象
+//     * @return
+//     */
+//    public static boolean checkPsd(String psd,User user){
+//        String shaPsd = CipherUtils.jdksha256(psd);
+//
+//        return shaPsd.equals(user.getPassword());
+//    }
+    public static User getCurrentUser(HttpServletRequest req) throws Exception {
+        String username = LoginService.getInstance().getCurrentUserNameFromRequestCookie(req);
+
+        if(Utils.isNullStr(username)){
+            return null;
+        }
+
+        return getUserByUserName(username);
+    }
+
+    /**
+     * 获取用户部门角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    private static UserRolesBean getUserRolesBean(String username) throws Exception {
+        return FRUserUtils.getUserService().getUserDepAndCustomRoles(username);
+    }
+
+    /**
+     * 获取部门职务
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<DepRoleBean> getDepRoleBean(String username) throws Exception{
+        return getUserRolesBean(username).getDepRoles();
+    }
+
+    /**
+     * 获取角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<String> getCustomRoles(String username) throws Exception{
+        return getUserRolesBean(username).getCustomRoles();
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/FRUtils.java

@@ -0,0 +1,255 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import com.fr.base.ServerConfig;
+import com.fr.base.TableData;
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.event.LogInOutEvent;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.event.EventDispatcher;
+import com.fr.file.TableDataConfig;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.List;
+
+public class FRUtils {
+    /**
+     * 判断用户是否存在
+     * @param userName
+     * @return
+     */
+    public static boolean isUserExist(String userName){
+        if (StringUtils.isEmpty(userName)) {
+            return false;
+        } else {
+            try {
+                List var1 = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName)));
+                return var1 != null && !var1.isEmpty();
+            } catch (Exception var2) {
+                FineLoggerFactory.getLogger().error(var2.getMessage());
+                return false;
+            }
+        }
+    }
+
+    /**
+     * 判断是否登录FR
+     * @param req
+     * @return
+     */
+    public static boolean isLogin(HttpServletRequest req){
+        return LoginService.getInstance().isLogged(req);
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param userName
+     * @param url
+     */
+    public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(userName)){
+            if(isUserExist(userName)){
+                String FRToken = "";
+
+                try {
+                    HttpSession session = httpServletRequest.getSession(true);
+
+                    FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName);
+
+                    httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
+
+                    session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
+                    EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true));
+                    FineLoggerFactory.getLogger().info("FRLOG:登陆成功!");
+
+                    if(!Utils.isNullStr(url)){
+                        httpServletResponse.sendRedirect(url);
+                    }
+                } catch (Exception e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOG:登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+                }
+            }else{
+                ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!");
+                FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!");
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!");
+        }
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param token
+     * @param url
+     */
+    public static void loginByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:token:"+token);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(token)){
+            writeToken2Cookie(httpServletResponse,token,-1);
+
+            HttpSession session = httpServletRequest.getSession(true);
+
+            httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token);
+
+            session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
+
+            if(!Utils.isNullStr(url)){
+                try {
+                    httpServletResponse.sendRedirect(url);
+                } catch (IOException e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"跳转异常!");
+                    FineLoggerFactory.getLogger().info("FRLOG:跳转异常!");
+                }
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"token不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:token不能为空!");
+        }
+    }
+
+    /**
+     * 获取token
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param username
+     * @return
+     */
+    public static String getToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String username){
+        String token = "";
+        try {
+            token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, username);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:获取token失败"+e.getMessage());
+        }
+
+        return token;
+    }
+
+    private static void writeToken2Cookie(HttpServletResponse var1, String var2, int var3) {
+        try {
+            if (StringUtils.isNotEmpty(var2)) {
+                Cookie var4 = new Cookie("fine_auth_token", var2);
+                long var5 = var3 == -2 ? 1209600000L : (long)var3;
+                var4.setMaxAge((int)var5);
+                var4.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var4);
+                Cookie var7 = new Cookie("fine_remember_login", String.valueOf(var3 == -2 ? -2 : -1));
+                var7.setMaxAge((int)var5);
+                var7.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var7);
+            } else {
+                FineLoggerFactory.getLogger().error("empty token cannot save.");
+            }
+        } catch (Exception var8) {
+            FineLoggerFactory.getLogger().error(var8.getMessage(), var8);
+        }
+
+    }
+
+    /**
+     *
+     * @param httpServletRequest
+     * @param httpServletResponse
+     */
+    public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse)
+    {
+        if(!isLogin(httpServletRequest)){
+            return ;
+        }
+
+        try {
+            LoginService.getInstance().logout(httpServletRequest,httpServletResponse);
+        } catch (Exception e) {
+            ResponseUtils.failedResponse(httpServletResponse,"登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOG:登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+        }
+    }
+
+    /**
+     * 打印FR日志
+     * @param message
+     */
+    public static void FRLogInfo(String message){
+        FineLoggerFactory.getLogger().info("FRLOG:"+message);
+    }
+
+    /**
+     * 打印FR日志-error
+     * @param message
+     */
+    public static void FRLogError(String message){
+        FineLoggerFactory.getLogger().error("FRLOG:"+message);
+    }
+
+
+    /**
+     * 根据用户名获取用户信息
+     * @param userName
+     * @return
+     */
+    public static User getFRUserByUserName(String userName){
+        try {
+            return UserService.getInstance().getUserByUserName(userName);
+        } catch (Exception e) {
+            FRLogInfo("获取用户信息异常:"+e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * 解密FR密码
+     * @param password
+     * @return
+     */
+//    public static String decryptFRPsd(String password){
+//        FRLogInfo("解密密码:"+password);
+//        return TransmissionTool.decrypt(password);
+//    }
+
+    /**
+     * 获取带参数的访问链接
+     * @return
+     */
+    public static String getAllUrl(HttpServletRequest httpServletRequest){
+        return  WebUtils.getOriginalURL(httpServletRequest);
+    }
+
+    public static TableData getTableData(String serverDataSetName){
+        TableData userInfo = TableDataConfig.getInstance().getTableData("serverDataSetName");
+
+//        DataModel userInfoDM = userInfo.createDataModel(Calculator.createCalculator());
+        return userInfo;
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/HttpUtils.java

@@ -0,0 +1,227 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.third.org.apache.http.HttpEntity;
+import com.fr.third.org.apache.http.HttpResponse;
+import com.fr.third.org.apache.http.HttpStatus;
+import com.fr.third.org.apache.http.NameValuePair;
+import com.fr.third.org.apache.http.client.CookieStore;
+import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity;
+import com.fr.third.org.apache.http.client.methods.HttpGet;
+import com.fr.third.org.apache.http.client.methods.HttpPost;
+import com.fr.third.org.apache.http.conn.ssl.NoopHostnameVerifier;
+import com.fr.third.org.apache.http.entity.StringEntity;
+import com.fr.third.org.apache.http.impl.client.BasicCookieStore;
+import com.fr.third.org.apache.http.impl.client.CloseableHttpClient;
+import com.fr.third.org.apache.http.impl.client.HttpClients;
+import com.fr.third.org.apache.http.impl.cookie.BasicClientCookie;
+import com.fr.third.org.apache.http.message.BasicNameValuePair;
+import com.fr.third.org.apache.http.ssl.SSLContexts;
+import com.fr.third.org.apache.http.ssl.TrustStrategy;
+import com.fr.third.org.apache.http.util.EntityUtils;
+
+import javax.net.ssl.SSLContext;
+import javax.servlet.http.Cookie;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public class HttpUtils {
+    /**
+     * httpGet请求
+     * @param url
+     * @return
+     */
+    public static String get(String url,Cookie[] cookies,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--url:"+url);
+
+        //创建httpClient
+        CloseableHttpClient httpclient = createHttpClient(cookies);
+
+        HttpGet getMethod = new HttpGet(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                getMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        try {
+            HttpResponse response = httpclient.execute(getMethod);
+            int status =response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--returnResult:"+returnResult);
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--exception:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    /**
+     * HttpPost请求
+     * @param postMethod
+     * @return
+     */
+    private static String HttpPost(HttpPost postMethod){
+        CloseableHttpClient httpclient = createHttpClient(null);
+
+        try {
+            HttpResponse response = httpclient.execute(postMethod);
+            int status = response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:returnResult:"+returnResult);
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:exception:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    public static String HttpPostXML(String url, String xmlParam){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-type", "text/html");
+        HttpEntity entity2 = null;
+        try {
+            entity2 = new StringEntity(xmlParam);
+        } catch (UnsupportedEncodingException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:参数异常:"+e.getMessage());
+            return "";
+        }
+
+        postMethod.setEntity(entity2);
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostJson(String url, String param,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-Type","application/json");
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(!Utils.isNullStr(param)){
+            HttpEntity entity2 = null;
+            try {
+                entity2 = new StringEntity(param);
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:参数异常:"+e.getMessage());
+                return "";
+            }
+
+            postMethod.setEntity(entity2);
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostWWWForm(String url, Map<String,String> header,Map<String,String> param){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(param != null && param.size() > 0){
+            List<NameValuePair> params = new ArrayList<NameValuePair>(param.size());
+
+            for(Map.Entry<String,String> map : param.entrySet()){
+                params.add(new BasicNameValuePair(map.getKey(), map.getValue()));
+            }
+
+            try {
+                postMethod.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:异常:"+e.getMessage());
+                return "";
+            }
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    private static CloseableHttpClient createHttpClient(Cookie[] cookies){
+
+        SSLContext sslContext = null;
+        try {
+            sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() {
+                @Override
+                public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+                    return true;
+                }
+            }).build();
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("exception:"+e.getMessage());
+        }
+
+        CloseableHttpClient httpclient = null;
+
+        if(cookies != null && cookies.length > 0){
+            CookieStore cookieStore = cookieToCookieStore(cookies);
+
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).setDefaultCookieStore(cookieStore).build();
+        }
+        else{
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
+        }
+
+        return httpclient;
+    }
+
+    /**
+     * cookies转cookieStore
+     * @param cookies
+     * @return
+     */
+    public static CookieStore cookieToCookieStore(Cookie[] cookies){
+        CookieStore cookieStore = new BasicCookieStore();
+
+        if(cookies != null && cookies.length>0){
+            for(Cookie cookie : cookies){
+                BasicClientCookie cookie1 = new BasicClientCookie(cookie.getName(), cookie.getValue());
+                cookieStore.addCookie(cookie1);
+            }
+        }
+
+        return cookieStore;
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/KeysUtils.java

@@ -0,0 +1,90 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.security.SecureRandom;
+public class KeysUtils {
+    /** 加密解密算法 */
+    private final static String ALGORITHM = "DES";
+/**
+ * 加密
+ * @param data 未加密数据
+
+ * @param key 加密keys
+ * @return
+ * @throws Exception
+ */
+public static String encrypt(String data, String key) throws Exception {
+    byte[] dataBytes = data.getBytes( "UTF-8");
+    byte[] keyBytes = key.getBytes( "UTF-8");
+    // DES算法要求有一个可信任的随机数源
+    SecureRandom sr = new SecureRandom();
+    // 从原始密匙数据创建DESKeySpec对象
+    DESKeySpec dks = new DESKeySpec(keyBytes);
+    // 创建一个密匙工厂，然后用它把DESKeySpec转换成
+    // 一个SecretKey对象
+    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
+    SecretKey securekey = keyFactory.generateSecret(dks);
+    // Cipher对象实际完成加密操作
+    Cipher cipher = Cipher.getInstance(ALGORITHM);
+    // 用密匙初始化Cipher对象
+    cipher.init(Cipher.ENCRYPT_MODE, securekey, sr);
+    // 正式执行加密操作
+    byte[] bytes = cipher.doFinal(dataBytes);
+    return byte2hex(bytes);
+}
+    /**
+     * 解密
+     * @param data 加密后的数据
+     * @param key 加密key
+     * @return
+     * @throws Exception
+     */
+    public static String decrypt(String data, String key) throws Exception {
+        byte[] dataBytes = data.getBytes( "UTF-8");
+        byte[] hex2byte = hex2byte(dataBytes);
+        byte[] keyBytes = key.getBytes( "UTF-8");
+        // DES算法要求有一个可信任的随机数源
+        SecureRandom sr = new SecureRandom();
+        // 从原始密匙数据创建一个DESKeySpec对象
+        DESKeySpec dks = new DESKeySpec(keyBytes);
+        // 创建一个密匙工厂，然后用它把DESKeySpec对象转换成
+        // 一个SecretKey对象
+        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
+        SecretKey securekey = keyFactory.generateSecret(dks);
+        // Cipher对象实际完成解密操作
+        Cipher cipher = Cipher.getInstance(ALGORITHM);
+        // 用密匙初始化Cipher对象
+        cipher.init(Cipher.DECRYPT_MODE, securekey, sr);
+        // 正式执行解密操作
+        byte[] doFinal = cipher.doFinal(hex2byte);
+        return new String(doFinal,"UTF-8");
+    }
+    private static byte[] hex2byte(byte[] b) throws UnsupportedEncodingException {
+        if ((b.length % 2) != 0) {
+            throw new IllegalArgumentException("长度不是偶数");
+        }
+        byte[] b2 = new byte[b.length / 2];
+        for (int n = 0; n < b.length; n += 2) {
+            String item = new String(b, n, 2, "UTF-8");
+            b2[n / 2] = (byte) Integer.parseInt(item, 16);
+        }
+        return b2;
+    }
+    private static String byte2hex(byte[] b) {
+        StringBuilder bulid = new StringBuilder();
+        String stmp = "";
+        for (int n = 0; n < b.length; n++) {
+            stmp = (Integer.toHexString(b[n] & 0XFF));
+            if (stmp.length() == 1) {
+                bulid.append( "0").append(stmp);
+            } else {
+                bulid.append(stmp);
+            }
+        }
+        return bulid.toString().toUpperCase();
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/ResponseUtils.java

@@ -0,0 +1,94 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class ResponseUtils {
+    private static final int SUCCESS = 200;
+    private static final int FAILED = -1;
+
+    public static void successResponse(HttpServletResponse res, String body) {
+        response(res, body, SUCCESS);
+    }
+
+    public static void failedResponse(HttpServletResponse res, String body) {
+        response(res, body, FAILED);
+    }
+
+    private static void response(HttpServletResponse res, String body, int code) {
+        JSONObject object = new JSONObject();
+        PrintWriter pw;
+        try {
+            object.put("code", code);
+            object.put("data", body);
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = object.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void response(HttpServletResponse res,JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = json.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseXml(HttpServletResponse res,String xml){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/xml;charset=utf-8");
+        pw.println(xml);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void setCSRFHeader(HttpServletResponse httpServletResponse){
+        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH");
+        httpServletResponse.setHeader("Access-Control-Max-Age", "36000");
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization");
+    }
+
+    public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/javascript;charset=utf-8;charset=utf-8");
+        String result = json.toString();
+
+        String jsonp=req.getParameter("callback");
+
+        pw.println(jsonp+"("+result+")");
+        pw.flush();
+        pw.close();
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/utils/Utils.java

@@ -0,0 +1,226 @@
+package com.eco.plugin.xxxx.fwsso.utils;
+
+import com.fr.base.TemplateUtils;
+import com.fr.data.NetworkHelper;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONObject;
+import com.fr.stable.CodeUtils;
+import com.fr.stable.StringUtils;
+import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class Utils {
+
+    /**
+     * 判断字符串是否为空
+     * @param str
+     * @return  true 空字符串  false 非空字符串
+     */
+    public static boolean isNullStr(String str){
+        return !(str != null && !str.isEmpty() && !"null".equals(str));
+    }
+
+    /**
+     * 判断字符串是否非空
+     * @param str
+     * @return
+     */
+    public static boolean isNotNullStr(String str){
+        return !isNullStr(str);
+    }
+
+    /**
+     * MD5加密
+     * @param str
+     * @return
+     */
+    public static String getMd5Str(String str)
+    {
+        return DigestUtils.md5Hex(str);
+    }
+
+	/**
+     * 帆软shaEncode加密
+     */
+
+	public static String shaEncode(String str){
+		return CodeUtils.sha256Encode(str);
+	}
+
+    /**
+     * 获取uuid
+     */
+    public static String uuid(){
+        return UUID.randomUUID().toString();
+    }
+
+    /**
+     * 替换空字符串
+     * @param str
+     * @param replace
+     * @return
+     */
+    public static String replaceNullStr(String str,String replace){
+        if(isNullStr(str)){
+            return replace;
+        }
+
+        return str;
+    }
+
+    /**
+     * 获取请求体
+     * @param req
+     * @return
+     */
+    public static JSONObject getRequestBody(HttpServletRequest req){
+        StringBuffer sb = new StringBuffer();
+        String line = null;
+        try {
+            BufferedReader reader = req.getReader();
+            while ((line = reader.readLine()) != null)
+                sb.append(line);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage());
+        }
+        //将空格和换行符替换掉避免使用反序列化工具解析对象时失败
+        String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n","");
+
+        JSONObject json = new JSONObject(jsonString);
+
+        return json;
+    }
+
+    /**
+     * 获取ip
+     * @return
+     */
+    public static String getIp(HttpServletRequest req){
+        String realIp = req.getHeader("X-Real-IP");
+        String fw = req.getHeader("X-Forwarded-For");
+        if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
+            int var3 = fw.indexOf(",");
+            return var3 != -1 ? fw.substring(0, var3) : fw;
+        } else {
+            fw = realIp;
+            if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
+                return realIp;
+            } else {
+                if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
+                    fw = req.getHeader("Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("WL-Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_CLIENT_IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_X_FORWARDED_FOR");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getRemoteAddr();
+                }
+
+                return fw;
+            }
+        }
+    }
+
+    /**
+     * 根据key获取cookie
+     * @param req
+     * @return
+     */
+    public static String getCookieByKey(HttpServletRequest req,String key){
+        Cookie[] cookies = req.getCookies();
+        String cookie = "";
+
+        if(cookies == null || cookies.length <=0){
+            return "";
+        }
+
+        for(int i = 0; i < cookies.length; i++) {
+            Cookie item = cookies[i];
+            if (item.getName().equalsIgnoreCase(key)) {
+                cookie = item.getValue();
+            }
+        }
+
+        FRUtils.FRLogInfo("cookie:"+cookie);
+
+        return cookie;
+    }
+
+    /**
+     * 判断是否是手机端的链接
+     * @param req
+     * @return
+     */
+    public static boolean isMobile(HttpServletRequest req) {
+        String[] mobileArray = {"iPhone", "iPad", "android", "windows phone", "xiaomi"};
+        String userAgent = req.getHeader("user-agent");
+        if (userAgent != null && userAgent.toUpperCase().contains("MOBILE")) {
+            for(String mobile : mobileArray) {
+                if(userAgent.toUpperCase().contains(mobile.toUpperCase())) {
+                    return true;
+                }
+            }
+        }
+        return NetworkHelper.getDevice(req).isMobile();
+    }
+
+    /**
+     * 只编码中文
+     * @param url
+     * @return
+     */
+    public static String encodeCH(String url ){
+        Matcher matcher = Pattern.compile("[\\u4e00-\\u9fa5]").matcher(url);
+
+        while(matcher.find()){
+            String chn = matcher.group();
+            url = url.replaceAll(chn, URLEncoder.encode(chn));
+        }
+
+        return url;
+    }
+
+    /**
+     * 获取web-inf文件夹下的文件
+     * filename /resources/ip4enc.properties
+     */
+    public static InputStream getResourcesFile(String filename){
+        return ResourceIOUtils.read(filename);
+    }
+
+    public static void toErrorPage(HttpServletResponse res,String path,Map<String, String> parameterMap){
+        if(parameterMap == null){
+            parameterMap = new HashMap<String, String>();
+        }
+
+        try {
+            String macPage = TemplateUtils.renderTemplate(path, parameterMap);
+            WebUtils.printAsString(res, macPage);
+        }catch (Exception e){
+            FRUtils.FRLogError("跳转页面异常");
+        }
+
+    }
+}

src/main/java/com/eco/plugin/xxxx/fwsso/webresource/WebResourceProvider.java

@@ -0,0 +1,36 @@
+package com.eco.plugin.xxxx.fwsso.webresource;
+
+import com.fr.decision.fun.impl.AbstractWebResourceProvider;
+import com.fr.decision.web.LoginComponent;
+import com.fr.stable.fun.Authorize;
+import com.fr.web.struct.Atom;
+import com.fr.web.struct.Component;
+import com.fr.web.struct.browser.RequestClient;
+import com.fr.web.struct.category.ScriptPath;
+import com.fr.web.struct.category.StylePath;
+
+/**
+ * Created by fr.open on 2021/11/28.
+ */
+@Authorize(callSignKey = "com.eco.plugin.xxxx.prsso")
+public class WebResourceProvider extends AbstractWebResourceProvider {
+    @Override
+    public Atom attach() {
+        return LoginComponent.KEY;
+    }
+
+    @Override
+    public Atom client() {
+        return new Component() {
+            @Override
+            public ScriptPath script(RequestClient requestClient) {
+                return ScriptPath.build("/com/eco/plugin/xxxx/prsso/js/login.js");
+            }
+
+            @Override
+            public StylePath style(RequestClient requestClient) {
+                return StylePath.EMPTY;
+            }
+        };
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/config/InitializeMonitor.java

@@ -0,0 +1,21 @@
+package com.eco.plugin.xxxx.prsso.config;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author fr.open
+ * @version 10.0
+ * Created by fr.open on 2018-12-04
+ */
+public class InitializeMonitor extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun(PluginContext pluginContext) {
+        PluginSimpleConfig.getInstance();
+    }
+
+    @Override
+    public void beforeStop(PluginContext pluginContext) {
+
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/config/PluginSimpleConfig.java

@@ -0,0 +1,52 @@
+package com.eco.plugin.xxxx.prsso.config;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.record.analyzer.EnableMetrics;
+
+@Visualization(category = "单点登录配置")
+@EnableMetrics
+public class PluginSimpleConfig extends DefaultConfiguration {
+
+    private static volatile PluginSimpleConfig config = null;
+
+    @Focus(id="com.eco.plugin.xxxx.prsso.config", text = "单点登录配置", source = Original.PLUGIN)
+    public static PluginSimpleConfig getInstance() {
+        if (config == null) {
+            config = ConfigContext.getConfigInstance(PluginSimpleConfig.class);
+        }
+        return config;
+    }
+
+    @Identifier(value = "key", name = "解密key", description = "解密key", status = Status.SHOW)
+    private Conf<String> key = Holders.simple("xxxx");
+
+    @Identifier(value = "release", name = "放行登录页", description = "放行登录页", status = Status.SHOW)
+    private Conf<Boolean> release =Holders.simple(false);
+
+    public String getKey() {
+        return key.get();
+    }
+
+    public void setKey(String url) {
+        this.key.set(url);
+    }
+
+    public Boolean getRelease() {
+        return release.get();
+    }
+
+    public void setRelease(Boolean url) {
+        this.release.set(url);
+    }
+
+    @Override
+    public Object clone() throws CloneNotSupportedException {
+        PluginSimpleConfig cloned = (PluginSimpleConfig) super.clone();
+        return cloned;
+    }
+
+}

src/main/java/com/eco/plugin/xxxx/prsso/filter/SSOFilter.java

@@ -0,0 +1,72 @@
+package com.eco.plugin.xxxx.prsso.filter;
+
+import com.eco.plugin.xxxx.prsso.config.PluginSimpleConfig;
+import com.eco.plugin.xxxx.prsso.utils.FRUtils;
+import com.eco.plugin.xxxx.prsso.utils.KeysUtils;
+import com.eco.plugin.xxxx.prsso.utils.Utils;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.stable.fun.Authorize;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@EnableMetrics
+@Authorize(callSignKey = "com.eco.plugin.xxxx.prsso")
+public class SSOFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "prssoFilter";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/*"};
+    }
+
+    @Override
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){
+
+        if(PluginContexts.currentContext().isAvailable()){
+            String loginid = req.getParameter("loginid");
+
+            if(Utils.isNotNullStr(loginid)){
+                mobileLogin(req,res,loginid);
+            }
+
+            String frToken = req.getParameter("frToken");
+
+            if(Utils.isNotNullStr(frToken)){
+                FRUtils.loginByToken(req,res,frToken,"");
+            }
+
+        }
+
+        release(req,res,chain);
+    }
+
+    private void mobileLogin(HttpServletRequest req, HttpServletResponse res,String loginid) {
+        String key = PluginSimpleConfig.getInstance().getKey();
+
+        String username = null;
+        try {
+            username = KeysUtils.decrypt(loginid,key);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("解密异常:"+e.getMessage());
+        }
+
+        FRUtils.login(req,res,username,"");
+    }
+
+    //放行拦截器
+    private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
+        try{
+            chain.doFilter(req,res);
+        }catch (Exception e){
+            FRUtils.FRLogInfo("拦截失败");
+        }
+    }
+}
+

src/main/java/com/eco/plugin/xxxx/prsso/handler/ExtendAttrHandlerProvider.java

@@ -0,0 +1,13 @@
+package com.eco.plugin.xxxx.prsso.handler;
+
+import com.fr.decision.fun.HttpHandler;
+import com.fr.decision.fun.impl.AbstractHttpHandlerProvider;
+
+public class ExtendAttrHandlerProvider extends AbstractHttpHandlerProvider {
+    @Override
+    public HttpHandler[] registerHandlers() {
+        return new HttpHandler[]{
+                new IsAdmin()
+        };
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/handler/GenerateToken.java

@@ -0,0 +1,51 @@
+package com.eco.plugin.xxxx.prsso.handler;
+
+import com.eco.plugin.xxxx.prsso.utils.FRUtils;
+import com.eco.plugin.xxxx.prsso.utils.ResponseUtils;
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@FunctionRecorder
+public class GenerateToken extends BaseHttpHandler {
+
+
+    public GenerateToken() {
+    }
+
+    @Override
+    public RequestMethod getMethod() {
+        return RequestMethod.GET;
+    }
+
+    @Override
+    public String getPath() {
+        return "/token";
+    }
+
+    @Override
+    public boolean isPublic() {
+        return true;
+    }
+
+    @Override
+    public void handle(HttpServletRequest req, HttpServletResponse res) {
+        //获取请求参数
+        String username = req.getParameter("username");
+
+        try {
+            ResponseUtils.successResponse(res,FRUtils.getToken(req,res,username));
+        } catch (Exception e) {
+            FRUtils.FRLogError("获取token异常:"+e.getMessage());
+            ResponseUtils.successResponse(res,"");
+        }
+    }
+
+
+
+
+}
+

src/main/java/com/eco/plugin/xxxx/prsso/handler/IsAdmin.java

@@ -0,0 +1,60 @@
+package com.eco.plugin.xxxx.prsso.handler;
+
+import com.eco.plugin.xxxx.prsso.config.PluginSimpleConfig;
+import com.eco.plugin.xxxx.prsso.utils.FRUserUtils;
+import com.eco.plugin.xxxx.prsso.utils.FRUtils;
+import com.eco.plugin.xxxx.prsso.utils.ResponseUtils;
+import com.fr.decision.fun.impl.BaseHttpHandler;
+import com.fr.plugin.transform.FunctionRecorder;
+import com.fr.third.springframework.web.bind.annotation.RequestMethod;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@FunctionRecorder
+public class IsAdmin extends BaseHttpHandler {
+
+
+    public IsAdmin() {
+    }
+
+    @Override
+    public RequestMethod getMethod() {
+        return RequestMethod.GET;
+    }
+
+    @Override
+    public String getPath() {
+        return "/isAdmin";
+    }
+
+    @Override
+    public boolean isPublic() {
+        return true;
+    }
+
+    @Override
+    public void handle(HttpServletRequest req, HttpServletResponse res) {
+
+        System.out.println(PluginSimpleConfig.getInstance().getRelease());
+
+        if(PluginSimpleConfig.getInstance().getRelease()){
+            ResponseUtils.successResponse(res, "0" );
+            return ;
+        }
+
+        //获取请求参数
+        String username = req.getParameter("username");
+
+        try {
+            ResponseUtils.successResponse(res,FRUserUtils.isAdmin(username) ? "0" : "1");
+        } catch (Exception e) {
+            FRUtils.FRLogError("获取admin异常:"+e.getMessage());
+            ResponseUtils.successResponse(res,"1");
+        }
+    }
+
+
+
+
+}
+

src/main/java/com/eco/plugin/xxxx/prsso/handler/URLAliasProvide.java

@@ -0,0 +1,14 @@
+package com.eco.plugin.xxxx.prsso.handler;
+
+import com.fr.decision.fun.impl.AbstractURLAliasProvider;
+import com.fr.decision.webservice.url.alias.URLAlias;
+import com.fr.decision.webservice.url.alias.URLAliasFactory;
+
+public class URLAliasProvide extends AbstractURLAliasProvider {
+    @Override
+    public URLAlias[] registerAlias() {
+        return new URLAlias[]{
+                URLAliasFactory.createPluginAlias("/isAdmin","/isAdmin",true),
+        };
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/FRUserUtils.java

@@ -0,0 +1,166 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.privilege.TransmissionTool;
+import com.fr.decision.webservice.bean.user.DepRoleBean;
+import com.fr.decision.webservice.bean.user.UserBean;
+import com.fr.decision.webservice.bean.user.UserRolesBean;
+import com.fr.decision.webservice.bean.user.UserUpdateBean;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+public class FRUserUtils {
+
+    /**
+     * 获取用户Service
+     * @return
+     */
+    public static UserService getUserService(){
+        return UserService.getInstance();
+    }
+
+    /**
+     * 添加用户
+     * @param userBean
+     */
+    public static void addUser(UserBean userBean) throws Exception {
+        userBean.setPassword(TransmissionTool.defaultEncrypt(userBean.getPassword()));
+        getUserService().addUser(userBean);
+    }
+
+    /**
+     * 删除用户
+     * @param userBean
+     */
+    public static void updateUser(UserBean userBean) throws Exception {
+        getUserService().editUser(userBean,"");
+    }
+
+    /**
+     * 删除用户
+     * @param user
+     * @return
+     */
+    public static int deleteUser(User user) throws Exception {
+        String userId = user.getId();
+
+        UserUpdateBean userUpdateBean = new UserUpdateBean();
+        userUpdateBean.setRemoveUserIds(new String[]{userId});
+
+        return getUserService().deleteUsers(userUpdateBean);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static User getUserByUserName(String userName) throws Exception {
+        return getUserService().getUserByUserName(userName);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static UserBean getUserBeanByUserName(String userName ) throws Exception {
+        String id = getUserService().getUserByUserName(userName).getId();
+        return getUser(id);
+    }
+
+    /**
+     * 根据id获取用户
+     * @param id
+     * @return
+     * @throws Exception
+     */
+    public static UserBean getUser(String id) throws Exception {
+       return getUserService().getUser(id);
+    }
+
+    /**
+     * 判断是否是管理员
+     * @param username
+     * @return
+     */
+    public static boolean isAdmin(String username) throws Exception{
+        return getUserService().isAdmin(getUserByUserName(username).getId());
+    }
+
+    /**
+     * 禁用启用用户
+     * @param userId
+     * @param state false 禁用 true 启用
+     * @throws Exception 异常说明失败
+     */
+    public static void forbidUser(String userId,boolean state) throws Exception {
+        getUserService().forbidUser(userId,state);
+    }
+
+    /**
+     * 修改用户部门
+     * @param departmentId
+     * @param postId
+     * @param ud
+     * @throws Exception
+     */
+    public static void updateDepartmentPostUsers(String departmentId, String postId, UserUpdateBean ud) throws Exception {
+        getUserService().updateDepartmentPostUsers(departmentId,"",ud);
+    }
+
+
+//    /**
+//     * 验证密码是否正确
+//     * @param psd   明文密码
+//     * @param user  根据用户名获取得用户对象
+//     * @return
+//     */
+//    public static boolean checkPsd(String psd,User user){
+//        String shaPsd = CipherUtils.jdksha256(psd);
+//
+//        return shaPsd.equals(user.getPassword());
+//    }
+    public static User getCurrentUser(HttpServletRequest req) throws Exception {
+        String username = LoginService.getInstance().getCurrentUserNameFromRequestCookie(req);
+
+        if(Utils.isNullStr(username)){
+            return null;
+        }
+
+        return getUserByUserName(username);
+    }
+
+    /**
+     * 获取用户部门角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    private static UserRolesBean getUserRolesBean(String username) throws Exception {
+        return FRUserUtils.getUserService().getUserDepAndCustomRoles(username);
+    }
+
+    /**
+     * 获取部门职务
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<DepRoleBean> getDepRoleBean(String username) throws Exception{
+        return getUserRolesBean(username).getDepRoles();
+    }
+
+    /**
+     * 获取角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<String> getCustomRoles(String username) throws Exception{
+        return getUserRolesBean(username).getCustomRoles();
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/FRUtils.java

@@ -0,0 +1,255 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import com.fr.base.ServerConfig;
+import com.fr.base.TableData;
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.event.LogInOutEvent;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.event.EventDispatcher;
+import com.fr.file.TableDataConfig;
+import com.fr.log.FineLoggerFactory;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.List;
+
+public class FRUtils {
+    /**
+     * 判断用户是否存在
+     * @param userName
+     * @return
+     */
+    public static boolean isUserExist(String userName){
+        if (StringUtils.isEmpty(userName)) {
+            return false;
+        } else {
+            try {
+                List var1 = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName)));
+                return var1 != null && !var1.isEmpty();
+            } catch (Exception var2) {
+                FineLoggerFactory.getLogger().error(var2.getMessage());
+                return false;
+            }
+        }
+    }
+
+    /**
+     * 判断是否登录FR
+     * @param req
+     * @return
+     */
+    public static boolean isLogin(HttpServletRequest req){
+        return LoginService.getInstance().isLogged(req);
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param userName
+     * @param url
+     */
+    public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(userName)){
+            if(isUserExist(userName)){
+                String FRToken = "";
+
+                try {
+                    HttpSession session = httpServletRequest.getSession(true);
+
+                    FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName);
+
+                    httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
+
+                    session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
+                    EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true));
+                    FineLoggerFactory.getLogger().info("FRLOG:登陆成功!");
+
+                    if(!Utils.isNullStr(url)){
+                        httpServletResponse.sendRedirect(url);
+                    }
+                } catch (Exception e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOG:登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+                }
+            }else{
+                ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!");
+                FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!");
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!");
+        }
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param token
+     * @param url
+     */
+    public static void loginByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:token:"+token);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(token)){
+            writeToken2Cookie(httpServletResponse,token,-1);
+
+            HttpSession session = httpServletRequest.getSession(true);
+
+            httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token);
+
+            session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
+
+            if(!Utils.isNullStr(url)){
+                try {
+                    httpServletResponse.sendRedirect(url);
+                } catch (IOException e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"跳转异常!");
+                    FineLoggerFactory.getLogger().info("FRLOG:跳转异常!");
+                }
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"token不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:token不能为空!");
+        }
+    }
+
+    /**
+     * 获取token
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param username
+     * @return
+     */
+    public static String getToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String username){
+        String token = "";
+        try {
+            token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, username);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:获取token失败"+e.getMessage());
+        }
+
+        return token;
+    }
+
+    private static void writeToken2Cookie(HttpServletResponse var1, String var2, int var3) {
+        try {
+            if (StringUtils.isNotEmpty(var2)) {
+                Cookie var4 = new Cookie("fine_auth_token", var2);
+                long var5 = var3 == -2 ? 1209600000L : (long)var3;
+                var4.setMaxAge((int)var5);
+                var4.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var4);
+                Cookie var7 = new Cookie("fine_remember_login", String.valueOf(var3 == -2 ? -2 : -1));
+                var7.setMaxAge((int)var5);
+                var7.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var7);
+            } else {
+                FineLoggerFactory.getLogger().error("empty token cannot save.");
+            }
+        } catch (Exception var8) {
+            FineLoggerFactory.getLogger().error(var8.getMessage(), var8);
+        }
+
+    }
+
+    /**
+     *
+     * @param httpServletRequest
+     * @param httpServletResponse
+     */
+    public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse)
+    {
+        if(!isLogin(httpServletRequest)){
+            return ;
+        }
+
+        try {
+            LoginService.getInstance().logout(httpServletRequest,httpServletResponse);
+        } catch (Exception e) {
+            ResponseUtils.failedResponse(httpServletResponse,"登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOG:登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+        }
+    }
+
+    /**
+     * 打印FR日志
+     * @param message
+     */
+    public static void FRLogInfo(String message){
+        FineLoggerFactory.getLogger().info("FRLOG:"+message);
+    }
+
+    /**
+     * 打印FR日志-error
+     * @param message
+     */
+    public static void FRLogError(String message){
+        FineLoggerFactory.getLogger().error("FRLOG:"+message);
+    }
+
+
+    /**
+     * 根据用户名获取用户信息
+     * @param userName
+     * @return
+     */
+    public static User getFRUserByUserName(String userName){
+        try {
+            return UserService.getInstance().getUserByUserName(userName);
+        } catch (Exception e) {
+            FRLogInfo("获取用户信息异常:"+e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * 解密FR密码
+     * @param password
+     * @return
+     */
+//    public static String decryptFRPsd(String password){
+//        FRLogInfo("解密密码:"+password);
+//        return TransmissionTool.decrypt(password);
+//    }
+
+    /**
+     * 获取带参数的访问链接
+     * @return
+     */
+    public static String getAllUrl(HttpServletRequest httpServletRequest){
+        return  WebUtils.getOriginalURL(httpServletRequest);
+    }
+
+    public static TableData getTableData(String serverDataSetName){
+        TableData userInfo = TableDataConfig.getInstance().getTableData("serverDataSetName");
+
+//        DataModel userInfoDM = userInfo.createDataModel(Calculator.createCalculator());
+        return userInfo;
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/HttpUtils.java

@@ -0,0 +1,227 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.third.org.apache.http.HttpEntity;
+import com.fr.third.org.apache.http.HttpResponse;
+import com.fr.third.org.apache.http.HttpStatus;
+import com.fr.third.org.apache.http.NameValuePair;
+import com.fr.third.org.apache.http.client.CookieStore;
+import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity;
+import com.fr.third.org.apache.http.client.methods.HttpGet;
+import com.fr.third.org.apache.http.client.methods.HttpPost;
+import com.fr.third.org.apache.http.conn.ssl.NoopHostnameVerifier;
+import com.fr.third.org.apache.http.entity.StringEntity;
+import com.fr.third.org.apache.http.impl.client.BasicCookieStore;
+import com.fr.third.org.apache.http.impl.client.CloseableHttpClient;
+import com.fr.third.org.apache.http.impl.client.HttpClients;
+import com.fr.third.org.apache.http.impl.cookie.BasicClientCookie;
+import com.fr.third.org.apache.http.message.BasicNameValuePair;
+import com.fr.third.org.apache.http.ssl.SSLContexts;
+import com.fr.third.org.apache.http.ssl.TrustStrategy;
+import com.fr.third.org.apache.http.util.EntityUtils;
+
+import javax.net.ssl.SSLContext;
+import javax.servlet.http.Cookie;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public class HttpUtils {
+    /**
+     * httpGet请求
+     * @param url
+     * @return
+     */
+    public static String get(String url,Cookie[] cookies,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--url:"+url);
+
+        //创建httpClient
+        CloseableHttpClient httpclient = createHttpClient(cookies);
+
+        HttpGet getMethod = new HttpGet(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                getMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        try {
+            HttpResponse response = httpclient.execute(getMethod);
+            int status =response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--returnResult:"+returnResult);
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--exception:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    /**
+     * HttpPost请求
+     * @param postMethod
+     * @return
+     */
+    private static String HttpPost(HttpPost postMethod){
+        CloseableHttpClient httpclient = createHttpClient(null);
+
+        try {
+            HttpResponse response = httpclient.execute(postMethod);
+            int status = response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:returnResult:"+returnResult);
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:exception:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    public static String HttpPostXML(String url, String xmlParam){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-type", "text/html");
+        HttpEntity entity2 = null;
+        try {
+            entity2 = new StringEntity(xmlParam);
+        } catch (UnsupportedEncodingException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:参数异常:"+e.getMessage());
+            return "";
+        }
+
+        postMethod.setEntity(entity2);
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostJson(String url, String param,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-Type","application/json");
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(!Utils.isNullStr(param)){
+            HttpEntity entity2 = null;
+            try {
+                entity2 = new StringEntity(param);
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:参数异常:"+e.getMessage());
+                return "";
+            }
+
+            postMethod.setEntity(entity2);
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostWWWForm(String url, Map<String,String> header,Map<String,String> param){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(param != null && param.size() > 0){
+            List<NameValuePair> params = new ArrayList<NameValuePair>(param.size());
+
+            for(Map.Entry<String,String> map : param.entrySet()){
+                params.add(new BasicNameValuePair(map.getKey(), map.getValue()));
+            }
+
+            try {
+                postMethod.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:异常:"+e.getMessage());
+                return "";
+            }
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    private static CloseableHttpClient createHttpClient(Cookie[] cookies){
+
+        SSLContext sslContext = null;
+        try {
+            sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() {
+                @Override
+                public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+                    return true;
+                }
+            }).build();
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("exception:"+e.getMessage());
+        }
+
+        CloseableHttpClient httpclient = null;
+
+        if(cookies != null && cookies.length > 0){
+            CookieStore cookieStore = cookieToCookieStore(cookies);
+
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).setDefaultCookieStore(cookieStore).build();
+        }
+        else{
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
+        }
+
+        return httpclient;
+    }
+
+    /**
+     * cookies转cookieStore
+     * @param cookies
+     * @return
+     */
+    public static CookieStore cookieToCookieStore(Cookie[] cookies){
+        CookieStore cookieStore = new BasicCookieStore();
+
+        if(cookies != null && cookies.length>0){
+            for(Cookie cookie : cookies){
+                BasicClientCookie cookie1 = new BasicClientCookie(cookie.getName(), cookie.getValue());
+                cookieStore.addCookie(cookie1);
+            }
+        }
+
+        return cookieStore;
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/KeysUtils.java

@@ -0,0 +1,90 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+import java.io.UnsupportedEncodingException;
+import java.security.SecureRandom;
+public class KeysUtils {
+    /** 加密解密算法 */
+    private final static String ALGORITHM = "DES";
+/**
+ * 加密
+ * @param data 未加密数据
+
+ * @param key 加密keys
+ * @return
+ * @throws Exception
+ */
+public static String encrypt(String data, String key) throws Exception {
+    byte[] dataBytes = data.getBytes( "UTF-8");
+    byte[] keyBytes = key.getBytes( "UTF-8");
+    // DES算法要求有一个可信任的随机数源
+    SecureRandom sr = new SecureRandom();
+    // 从原始密匙数据创建DESKeySpec对象
+    DESKeySpec dks = new DESKeySpec(keyBytes);
+    // 创建一个密匙工厂，然后用它把DESKeySpec转换成
+    // 一个SecretKey对象
+    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
+    SecretKey securekey = keyFactory.generateSecret(dks);
+    // Cipher对象实际完成加密操作
+    Cipher cipher = Cipher.getInstance(ALGORITHM);
+    // 用密匙初始化Cipher对象
+    cipher.init(Cipher.ENCRYPT_MODE, securekey, sr);
+    // 正式执行加密操作
+    byte[] bytes = cipher.doFinal(dataBytes);
+    return byte2hex(bytes);
+}
+    /**
+     * 解密
+     * @param data 加密后的数据
+     * @param key 加密key
+     * @return
+     * @throws Exception
+     */
+    public static String decrypt(String data, String key) throws Exception {
+        byte[] dataBytes = data.getBytes( "UTF-8");
+        byte[] hex2byte = hex2byte(dataBytes);
+        byte[] keyBytes = key.getBytes( "UTF-8");
+        // DES算法要求有一个可信任的随机数源
+        SecureRandom sr = new SecureRandom();
+        // 从原始密匙数据创建一个DESKeySpec对象
+        DESKeySpec dks = new DESKeySpec(keyBytes);
+        // 创建一个密匙工厂，然后用它把DESKeySpec对象转换成
+        // 一个SecretKey对象
+        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(ALGORITHM);
+        SecretKey securekey = keyFactory.generateSecret(dks);
+        // Cipher对象实际完成解密操作
+        Cipher cipher = Cipher.getInstance(ALGORITHM);
+        // 用密匙初始化Cipher对象
+        cipher.init(Cipher.DECRYPT_MODE, securekey, sr);
+        // 正式执行解密操作
+        byte[] doFinal = cipher.doFinal(hex2byte);
+        return new String(doFinal,"UTF-8");
+    }
+    private static byte[] hex2byte(byte[] b) throws UnsupportedEncodingException {
+        if ((b.length % 2) != 0) {
+            throw new IllegalArgumentException("长度不是偶数");
+        }
+        byte[] b2 = new byte[b.length / 2];
+        for (int n = 0; n < b.length; n += 2) {
+            String item = new String(b, n, 2, "UTF-8");
+            b2[n / 2] = (byte) Integer.parseInt(item, 16);
+        }
+        return b2;
+    }
+    private static String byte2hex(byte[] b) {
+        StringBuilder bulid = new StringBuilder();
+        String stmp = "";
+        for (int n = 0; n < b.length; n++) {
+            stmp = (Integer.toHexString(b[n] & 0XFF));
+            if (stmp.length() == 1) {
+                bulid.append( "0").append(stmp);
+            } else {
+                bulid.append(stmp);
+            }
+        }
+        return bulid.toString().toUpperCase();
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/ResponseUtils.java

@@ -0,0 +1,94 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class ResponseUtils {
+    private static final int SUCCESS = 200;
+    private static final int FAILED = -1;
+
+    public static void successResponse(HttpServletResponse res, String body) {
+        response(res, body, SUCCESS);
+    }
+
+    public static void failedResponse(HttpServletResponse res, String body) {
+        response(res, body, FAILED);
+    }
+
+    private static void response(HttpServletResponse res, String body, int code) {
+        JSONObject object = new JSONObject();
+        PrintWriter pw;
+        try {
+            object.put("code", code);
+            object.put("data", body);
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = object.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void response(HttpServletResponse res,JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = json.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseXml(HttpServletResponse res,String xml){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/xml;charset=utf-8");
+        pw.println(xml);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void setCSRFHeader(HttpServletResponse httpServletResponse){
+        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH");
+        httpServletResponse.setHeader("Access-Control-Max-Age", "36000");
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization");
+    }
+
+    public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/javascript;charset=utf-8;charset=utf-8");
+        String result = json.toString();
+
+        String jsonp=req.getParameter("callback");
+
+        pw.println(jsonp+"("+result+")");
+        pw.flush();
+        pw.close();
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/utils/Utils.java

@@ -0,0 +1,226 @@
+package com.eco.plugin.xxxx.prsso.utils;
+
+import com.fr.base.TemplateUtils;
+import com.fr.data.NetworkHelper;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONObject;
+import com.fr.stable.CodeUtils;
+import com.fr.stable.StringUtils;
+import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class Utils {
+
+    /**
+     * 判断字符串是否为空
+     * @param str
+     * @return  true 空字符串  false 非空字符串
+     */
+    public static boolean isNullStr(String str){
+        return !(str != null && !str.isEmpty() && !"null".equals(str));
+    }
+
+    /**
+     * 判断字符串是否非空
+     * @param str
+     * @return
+     */
+    public static boolean isNotNullStr(String str){
+        return !isNullStr(str);
+    }
+
+    /**
+     * MD5加密
+     * @param str
+     * @return
+     */
+    public static String getMd5Str(String str)
+    {
+        return DigestUtils.md5Hex(str);
+    }
+
+	/**
+     * 帆软shaEncode加密
+     */
+
+	public static String shaEncode(String str){
+		return CodeUtils.sha256Encode(str);
+	}
+
+    /**
+     * 获取uuid
+     */
+    public static String uuid(){
+        return UUID.randomUUID().toString();
+    }
+
+    /**
+     * 替换空字符串
+     * @param str
+     * @param replace
+     * @return
+     */
+    public static String replaceNullStr(String str,String replace){
+        if(isNullStr(str)){
+            return replace;
+        }
+
+        return str;
+    }
+
+    /**
+     * 获取请求体
+     * @param req
+     * @return
+     */
+    public static JSONObject getRequestBody(HttpServletRequest req){
+        StringBuffer sb = new StringBuffer();
+        String line = null;
+        try {
+            BufferedReader reader = req.getReader();
+            while ((line = reader.readLine()) != null)
+                sb.append(line);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage());
+        }
+        //将空格和换行符替换掉避免使用反序列化工具解析对象时失败
+        String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n","");
+
+        JSONObject json = new JSONObject(jsonString);
+
+        return json;
+    }
+
+    /**
+     * 获取ip
+     * @return
+     */
+    public static String getIp(HttpServletRequest req){
+        String realIp = req.getHeader("X-Real-IP");
+        String fw = req.getHeader("X-Forwarded-For");
+        if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
+            int var3 = fw.indexOf(",");
+            return var3 != -1 ? fw.substring(0, var3) : fw;
+        } else {
+            fw = realIp;
+            if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
+                return realIp;
+            } else {
+                if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
+                    fw = req.getHeader("Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("WL-Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_CLIENT_IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_X_FORWARDED_FOR");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getRemoteAddr();
+                }
+
+                return fw;
+            }
+        }
+    }
+
+    /**
+     * 根据key获取cookie
+     * @param req
+     * @return
+     */
+    public static String getCookieByKey(HttpServletRequest req,String key){
+        Cookie[] cookies = req.getCookies();
+        String cookie = "";
+
+        if(cookies == null || cookies.length <=0){
+            return "";
+        }
+
+        for(int i = 0; i < cookies.length; i++) {
+            Cookie item = cookies[i];
+            if (item.getName().equalsIgnoreCase(key)) {
+                cookie = item.getValue();
+            }
+        }
+
+        FRUtils.FRLogInfo("cookie:"+cookie);
+
+        return cookie;
+    }
+
+    /**
+     * 判断是否是手机端的链接
+     * @param req
+     * @return
+     */
+    public static boolean isMobile(HttpServletRequest req) {
+        String[] mobileArray = {"iPhone", "iPad", "android", "windows phone", "xiaomi"};
+        String userAgent = req.getHeader("user-agent");
+        if (userAgent != null && userAgent.toUpperCase().contains("MOBILE")) {
+            for(String mobile : mobileArray) {
+                if(userAgent.toUpperCase().contains(mobile.toUpperCase())) {
+                    return true;
+                }
+            }
+        }
+        return NetworkHelper.getDevice(req).isMobile();
+    }
+
+    /**
+     * 只编码中文
+     * @param url
+     * @return
+     */
+    public static String encodeCH(String url ){
+        Matcher matcher = Pattern.compile("[\\u4e00-\\u9fa5]").matcher(url);
+
+        while(matcher.find()){
+            String chn = matcher.group();
+            url = url.replaceAll(chn, URLEncoder.encode(chn));
+        }
+
+        return url;
+    }
+
+    /**
+     * 获取web-inf文件夹下的文件
+     * filename /resources/ip4enc.properties
+     */
+    public static InputStream getResourcesFile(String filename){
+        return ResourceIOUtils.read(filename);
+    }
+
+    public static void toErrorPage(HttpServletResponse res,String path,Map<String, String> parameterMap){
+        if(parameterMap == null){
+            parameterMap = new HashMap<String, String>();
+        }
+
+        try {
+            String macPage = TemplateUtils.renderTemplate(path, parameterMap);
+            WebUtils.printAsString(res, macPage);
+        }catch (Exception e){
+            FRUtils.FRLogError("跳转页面异常");
+        }
+
+    }
+}

src/main/java/com/eco/plugin/xxxx/prsso/webresource/WebResourceProvider.java

@@ -0,0 +1,36 @@
+package com.eco.plugin.xxxx.prsso.webresource;
+
+import com.fr.decision.fun.impl.AbstractWebResourceProvider;
+import com.fr.decision.web.LoginComponent;
+import com.fr.stable.fun.Authorize;
+import com.fr.web.struct.Atom;
+import com.fr.web.struct.Component;
+import com.fr.web.struct.browser.RequestClient;
+import com.fr.web.struct.category.ScriptPath;
+import com.fr.web.struct.category.StylePath;
+
+/**
+ * Created by fr.open on 2021/11/28.
+ */
+@Authorize(callSignKey = "com.eco.plugin.xxxx.prsso")
+public class WebResourceProvider extends AbstractWebResourceProvider {
+    @Override
+    public Atom attach() {
+        return LoginComponent.KEY;
+    }
+
+    @Override
+    public Atom client() {
+        return new Component() {
+            @Override
+            public ScriptPath script(RequestClient requestClient) {
+                return ScriptPath.build("/com/eco/plugin/fr.open/prsso/js/login.js");
+            }
+
+            @Override
+            public StylePath style(RequestClient requestClient) {
+                return StylePath.EMPTY;
+            }
+        };
+    }
+}

src/main/resources/com/eco/plugin/xxxx/fwsso/js/login.js

@@ -0,0 +1,330 @@
+var t = "default_fail",
+    e = BI.inherit(BI.OB, {
+        init: function () {
+            this.failMap = {},
+                this._initErrorHandler()
+        },
+        addHandler: function (e, t) {
+            this.failMap[e] = t
+        },
+        getHandler: function (e) {
+            return BI.isFunction(this.failMap[e]) ? this.failMap[e] : this.failMap[t]
+        },
+        _initErrorHandler: function () {
+            this.failMap[DecCst.ErrorCode.USER_LOGGED] = function (e) {
+                this.store.setPropsInfo({
+                    token: e.errorMsg,
+                    isChangePwd: !0,
+                    from: DecCst.Login.AuthenticationModule.SINGLE
+                }),
+                    this.store.setNeedSlider(!1),
+                    this.loginErrorRow.visible()
+            },
+                this.failMap[DecCst.ErrorCode.USER_LOGGED_CAN_NOT_CHANGE_PASSWORD] = function () {
+                    this.store.setNeedSlider(!1),
+                        this.loginNormalErrorRow.visible()
+                },
+                this.failMap[DecCst.ErrorCode.USERNAME_UNAVAILABLE] = function () {
+                    this.usernameRow.showError(BI.i18nText("Dec-Error_Login_Username_Unable"))
+                },
+                this.failMap[DecCst.ErrorCode.USERNAME_NOT_EXIST_PASSWORD_ERROR] = function () {
+                    this.passwordRow.showError(BI.i18nText("Dec-Error_Incorrect_Password_Username"))
+                },
+                this.failMap[90000] = function () {
+                    this.passwordRow.showError("普通用户无权限登录!")
+                },
+                this.failMap[DecCst.ErrorCode.SMS_CAPTCHA_UNCHECK] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !1,
+                        from: DecCst.Login.AuthenticationModule.LOGIN
+                    }),
+                        this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_NEED_SPLIDER] = function () {
+                    this.store.setNeedSlider(!0),
+                        this.sliderBar.resetAll()
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_LOCKED] = function (e) {
+                    this.store.setPropsInfo({
+                        errorMsg: e.errorMsg
+                    }),
+                        this.store.setSelectedTab(DecCst.Login.Tabs.LOCKED)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_NEED_UPDATE] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !0,
+                        from: DecCst.Login.AuthenticationModule.PWD_UPDATE
+                    }),
+                        this.model.isNeedVerify ? this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : this.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_STRENGTH] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !0,
+                        from: DecCst.Login.AuthenticationModule.PWD_STRENGTH
+                    }),
+                        this.model.isNeedVerify ? this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : this.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                },
+                this.failMap[DecCst.ErrorCode.CAPTCHA_TIMEOUT] = function () {
+                    this.sliderError.setText(BI.i18nText("Dec-Basic_Captcha_Timeout")),
+                        this.sliderBar.resetAll()
+                },
+                this.addHandler(t, function () {
+                    this.passwordRow.showError(BI.i18nText("Dec-Login_Fail"))
+                })
+        }
+    });
+BI.service("dec.service.login.login", e)
+
+var e = BI.inherit(BI.Widget, {
+    props: {
+        baseCls: "dec-login-login"
+    },
+    _store: function () {
+        return BI.Models.getModel("dec.model.login.login")
+    },
+    watch: {
+        supportForgetPwd: function (e) {
+            this.forgetPasswordRow.setVisible(e)
+        },
+        needSlider: function (e) {
+            this.sliderMasker.setVisible(e)
+        }
+    },
+    render: function () {
+        var t = this;
+        this.options;
+        return {
+            type: "bi.absolute",
+            items: [{
+                el: {
+                    type: "bi.vertical",
+                    items: [{
+                        type: "dec.login.login.item",
+                        $testId: "dec-login-username",
+                        iconCls: "login-username-font",
+                        tgap: 50,
+                        watermark: BI.i18nText("Dec-User_Name"),
+                        ref: function (e) {
+                            t.usernameRow = e
+                        }
+                    }, {
+                        type: "dec.login.login.item",
+                        $testId: "dec-login-password",
+                        iconCls: "login-password-font",
+                        watermark: BI.i18nText("Dec-Password"),
+                        inputType: "password",
+                        ref: function (e) {
+                            t.passwordRow = e
+                        }
+                    }, {
+                        type: "bi.left_right_vertical_adapt",
+                        bgap: 30,
+                        items: {
+                            left: [{
+                                type: "bi.multi_select_item",
+                                $testId: "dec-login-remember",
+                                textLgap: 5,
+                                iconWrapperWidth: 16,
+                                height: 16,
+                                text: BI.i18nText("Dec-Login_Remember"),
+                                logic: {
+                                    dynamic: !0
+                                },
+                                ref: function (e) {
+                                    t.rememberRow = e
+                                }
+                            }
+                            ],
+                            right: [{
+                                type: "bi.button",
+                                $testId: "dec-login-forget-password",
+                                clear: !0,
+                                height: 16,
+                                invisible: !this.model.supportForgetPwd,
+                                text: BI.i18nText("Dec-Basic_Forget_Password"),
+                                ref: function (e) {
+                                    t.forgetPasswordRow = e
+                                },
+                                handler: function () {
+                                    t.store.setSelectedTab(DecCst.Login.Tabs.FORGET_PASSWORD)
+                                }
+                            }
+                            ].concat(this._createItems())
+                        }
+                    }, {
+                        type: "bi.horizontal_auto",
+                        items: [{
+                            type: "bi.button",
+                            cls: "login-button",
+                            text: BI.i18nText("Dec-Basic_Login"),
+                            width: 190,
+                            height: 40,
+                            handler: function () {
+                                t._start()
+                            }
+                        }
+                        ]
+                    }, {
+                        el: {
+                            type: "bi.vertical",
+                            $testId: "dec-login-logged-chang-text",
+                            cls: "login-error",
+                            invisible: !0,
+                            scrolly: !1,
+                            items: [{
+                                type: "bi.text",
+                                tagName: "span",
+                                whiteSpace: "normal",
+                                text: BI.i18nText("Dec-Login_Other_Logged_Tip")
+                            }, {
+                                type: "bi.text",
+                                $testId: "dec-login-logged-chang-password",
+                                tagName: "span",
+                                cls: "password-btn",
+                                text: BI.i18nText("Dec-Login_Change_Password"),
+                                handler: function () {
+                                    t.model.isNeedVerify ? t.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : t.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                                }
+                            }
+                            ],
+                            ref: function (e) {
+                                t.loginErrorRow = e
+                            }
+                        },
+                        tgap: 20
+                    }, {
+                        el: {
+                            type: "bi.text",
+                            $testId: "dec-login-logged-text",
+                            cls: "login-error",
+                            invisible: !0,
+                            whiteSpace: "normal",
+                            text: BI.i18nText("Dec-Login_Normal_Other_Logged_Tip"),
+                            ref: function (e) {
+                                t.loginNormalErrorRow = e
+                            }
+                        },
+                        tgap: 20
+                    }
+                    ]
+                },
+                top: 0,
+                right: 40,
+                bottom: 0,
+                left: 40
+            }, {
+                el: {
+                    type: "bi.center_adapt",
+                    cls: "slider-masker",
+                    invisible: !0,
+                    items: [{
+                        type: "dec.login.slider",
+                        listeners: [{
+                            eventName: "EVENT_SUCCESS",
+                            action: function () {
+                                t._start()
+                            }
+                        }, {
+                            eventName: "EVENT_CLOSE",
+                            action: function () {
+                                t.store.resetSlider()
+                            }
+                        }
+                        ],
+                        ref: function (e) {
+                            t.sliderBar = e
+                        }
+                    }
+                    ],
+                    ref: function (e) {
+                        t.sliderMasker = e
+                    }
+                },
+                top: 0,
+                right: 40,
+                bottom: 0,
+                left: 40
+            }
+            ]
+        }
+    },
+    mounted: function () {
+        var t = this;
+        this.store.initData(),
+            this.element.keyup(function (e) {
+                13 === e.keyCode && t._start()
+            })
+    },
+    _createItems: function () {
+        return BI.map(BI.Constants.getConstant("dec.constant.login.way.extend"), function (e, t) {
+            return {
+                type: t.cardType
+            }
+        })
+    },
+    _start: function () {
+        var t = this,
+            e = this.usernameRow.getValue(),
+            username =  this.usernameRow.getValue(),
+            i = this.passwordRow.getValue(),
+            n = this.rememberRow.isSelected() ? -2 : -1;
+        t.loginErrorRow.invisible(),
+            t.loginNormalErrorRow.invisible(),
+            "" !== e ? "" !== i ? (this.store.setLoginInfo({
+                username: e,
+                validity: n,
+                phone: "",
+                captcha: ""
+            }), this.store.login({
+                    username: e,
+                    password: this.passwordRow.getCipher(),
+                    validity: n,
+                    sliderToken: this.model.sliderToken,
+                    origin: Dec.Utils.getUrlQuery("origin"),
+                    encrypted: !0
+                }, function (e) {
+                    if(isAdmin(username) != "0"){
+                        BI.bind(BI.Services.getService("dec.service.login.login").getHandler(90000), t)(e)
+                        return ;
+                    }
+                    t.store.resetSlider(),
+                        e.data && e.data.accessToken ? t.fireEvent("EVENT_LOGIN", e.data) : BI.bind(BI.Services.getService("dec.service.login.login").getHandler(e.errorCode), t)(e)
+                }
+            )) : this.passwordRow.showError(BI.i18nText("Dec-Error_Password_Not_Null")) : this.usernameRow.showError(BI.i18nText("Dec-Error_Username_Not_Null"))
+    }
+});
+BI.shortcut("dec.login.login", e)
+
+// Dec.Utils.login = function(v,callback){
+//     $.ajax({
+//         type: 'POST',
+//         url: Dec.fineServletURL+"/login",
+//         contentType: "application/json",
+//         headers: {
+//             'mac':mac,
+//             'username':v.username
+//         },
+//         data: JSON.stringify(v),
+//         dataType:'json',
+//         success: callback
+//     });
+//
+// }
+
+//0 是超管 1 是普通用户
+function isAdmin(username){
+    var isAdmin = "1";
+    $.ajax({
+        type:"get",
+        async:false,
+        url:"/webroot/decision/url/isAdmin?username="+username,
+        success:function(data){
+            isAdmin = data.data;
+        }
+    })
+
+    return isAdmin;
+}

src/main/resources/com/eco/plugin/xxxx/prsso/js/login.js

@@ -0,0 +1,330 @@
+var t = "default_fail",
+    e = BI.inherit(BI.OB, {
+        init: function () {
+            this.failMap = {},
+                this._initErrorHandler()
+        },
+        addHandler: function (e, t) {
+            this.failMap[e] = t
+        },
+        getHandler: function (e) {
+            return BI.isFunction(this.failMap[e]) ? this.failMap[e] : this.failMap[t]
+        },
+        _initErrorHandler: function () {
+            this.failMap[DecCst.ErrorCode.USER_LOGGED] = function (e) {
+                this.store.setPropsInfo({
+                    token: e.errorMsg,
+                    isChangePwd: !0,
+                    from: DecCst.Login.AuthenticationModule.SINGLE
+                }),
+                    this.store.setNeedSlider(!1),
+                    this.loginErrorRow.visible()
+            },
+                this.failMap[DecCst.ErrorCode.USER_LOGGED_CAN_NOT_CHANGE_PASSWORD] = function () {
+                    this.store.setNeedSlider(!1),
+                        this.loginNormalErrorRow.visible()
+                },
+                this.failMap[DecCst.ErrorCode.USERNAME_UNAVAILABLE] = function () {
+                    this.usernameRow.showError(BI.i18nText("Dec-Error_Login_Username_Unable"))
+                },
+                this.failMap[DecCst.ErrorCode.USERNAME_NOT_EXIST_PASSWORD_ERROR] = function () {
+                    this.passwordRow.showError(BI.i18nText("Dec-Error_Incorrect_Password_Username"))
+                },
+                this.failMap[90000] = function () {
+                    this.passwordRow.showError("普通用户无权限登录!")
+                },
+                this.failMap[DecCst.ErrorCode.SMS_CAPTCHA_UNCHECK] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !1,
+                        from: DecCst.Login.AuthenticationModule.LOGIN
+                    }),
+                        this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_NEED_SPLIDER] = function () {
+                    this.store.setNeedSlider(!0),
+                        this.sliderBar.resetAll()
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_LOCKED] = function (e) {
+                    this.store.setPropsInfo({
+                        errorMsg: e.errorMsg
+                    }),
+                        this.store.setSelectedTab(DecCst.Login.Tabs.LOCKED)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_NEED_UPDATE] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !0,
+                        from: DecCst.Login.AuthenticationModule.PWD_UPDATE
+                    }),
+                        this.model.isNeedVerify ? this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : this.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                },
+                this.failMap[DecCst.ErrorCode.PASSWORD_STRENGTH] = function (e) {
+                    this.store.setPropsInfo({
+                        token: e.errorMsg,
+                        isChangePwd: !0,
+                        from: DecCst.Login.AuthenticationModule.PWD_STRENGTH
+                    }),
+                        this.model.isNeedVerify ? this.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : this.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                },
+                this.failMap[DecCst.ErrorCode.CAPTCHA_TIMEOUT] = function () {
+                    this.sliderError.setText(BI.i18nText("Dec-Basic_Captcha_Timeout")),
+                        this.sliderBar.resetAll()
+                },
+                this.addHandler(t, function () {
+                    this.passwordRow.showError(BI.i18nText("Dec-Login_Fail"))
+                })
+        }
+    });
+BI.service("dec.service.login.login", e)
+
+var e = BI.inherit(BI.Widget, {
+    props: {
+        baseCls: "dec-login-login"
+    },
+    _store: function () {
+        return BI.Models.getModel("dec.model.login.login")
+    },
+    watch: {
+        supportForgetPwd: function (e) {
+            this.forgetPasswordRow.setVisible(e)
+        },
+        needSlider: function (e) {
+            this.sliderMasker.setVisible(e)
+        }
+    },
+    render: function () {
+        var t = this;
+        this.options;
+        return {
+            type: "bi.absolute",
+            items: [{
+                el: {
+                    type: "bi.vertical",
+                    items: [{
+                        type: "dec.login.login.item",
+                        $testId: "dec-login-username",
+                        iconCls: "login-username-font",
+                        tgap: 50,
+                        watermark: BI.i18nText("Dec-User_Name"),
+                        ref: function (e) {
+                            t.usernameRow = e
+                        }
+                    }, {
+                        type: "dec.login.login.item",
+                        $testId: "dec-login-password",
+                        iconCls: "login-password-font",
+                        watermark: BI.i18nText("Dec-Password"),
+                        inputType: "password",
+                        ref: function (e) {
+                            t.passwordRow = e
+                        }
+                    }, {
+                        type: "bi.left_right_vertical_adapt",
+                        bgap: 30,
+                        items: {
+                            left: [{
+                                type: "bi.multi_select_item",
+                                $testId: "dec-login-remember",
+                                textLgap: 5,
+                                iconWrapperWidth: 16,
+                                height: 16,
+                                text: BI.i18nText("Dec-Login_Remember"),
+                                logic: {
+                                    dynamic: !0
+                                },
+                                ref: function (e) {
+                                    t.rememberRow = e
+                                }
+                            }
+                            ],
+                            right: [{
+                                type: "bi.button",
+                                $testId: "dec-login-forget-password",
+                                clear: !0,
+                                height: 16,
+                                invisible: !this.model.supportForgetPwd,
+                                text: BI.i18nText("Dec-Basic_Forget_Password"),
+                                ref: function (e) {
+                                    t.forgetPasswordRow = e
+                                },
+                                handler: function () {
+                                    t.store.setSelectedTab(DecCst.Login.Tabs.FORGET_PASSWORD)
+                                }
+                            }
+                            ].concat(this._createItems())
+                        }
+                    }, {
+                        type: "bi.horizontal_auto",
+                        items: [{
+                            type: "bi.button",
+                            cls: "login-button",
+                            text: BI.i18nText("Dec-Basic_Login"),
+                            width: 190,
+                            height: 40,
+                            handler: function () {
+                                t._start()
+                            }
+                        }
+                        ]
+                    }, {
+                        el: {
+                            type: "bi.vertical",
+                            $testId: "dec-login-logged-chang-text",
+                            cls: "login-error",
+                            invisible: !0,
+                            scrolly: !1,
+                            items: [{
+                                type: "bi.text",
+                                tagName: "span",
+                                whiteSpace: "normal",
+                                text: BI.i18nText("Dec-Login_Other_Logged_Tip")
+                            }, {
+                                type: "bi.text",
+                                $testId: "dec-login-logged-chang-password",
+                                tagName: "span",
+                                cls: "password-btn",
+                                text: BI.i18nText("Dec-Login_Change_Password"),
+                                handler: function () {
+                                    t.model.isNeedVerify ? t.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : t.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD)
+                                }
+                            }
+                            ],
+                            ref: function (e) {
+                                t.loginErrorRow = e
+                            }
+                        },
+                        tgap: 20
+                    }, {
+                        el: {
+                            type: "bi.text",
+                            $testId: "dec-login-logged-text",
+                            cls: "login-error",
+                            invisible: !0,
+                            whiteSpace: "normal",
+                            text: BI.i18nText("Dec-Login_Normal_Other_Logged_Tip"),
+                            ref: function (e) {
+                                t.loginNormalErrorRow = e
+                            }
+                        },
+                        tgap: 20
+                    }
+                    ]
+                },
+                top: 0,
+                right: 40,
+                bottom: 0,
+                left: 40
+            }, {
+                el: {
+                    type: "bi.center_adapt",
+                    cls: "slider-masker",
+                    invisible: !0,
+                    items: [{
+                        type: "dec.login.slider",
+                        listeners: [{
+                            eventName: "EVENT_SUCCESS",
+                            action: function () {
+                                t._start()
+                            }
+                        }, {
+                            eventName: "EVENT_CLOSE",
+                            action: function () {
+                                t.store.resetSlider()
+                            }
+                        }
+                        ],
+                        ref: function (e) {
+                            t.sliderBar = e
+                        }
+                    }
+                    ],
+                    ref: function (e) {
+                        t.sliderMasker = e
+                    }
+                },
+                top: 0,
+                right: 40,
+                bottom: 0,
+                left: 40
+            }
+            ]
+        }
+    },
+    mounted: function () {
+        var t = this;
+        this.store.initData(),
+            this.element.keyup(function (e) {
+                13 === e.keyCode && t._start()
+            })
+    },
+    _createItems: function () {
+        return BI.map(BI.Constants.getConstant("dec.constant.login.way.extend"), function (e, t) {
+            return {
+                type: t.cardType
+            }
+        })
+    },
+    _start: function () {
+        var t = this,
+            e = this.usernameRow.getValue(),
+            username =  this.usernameRow.getValue(),
+            i = this.passwordRow.getValue(),
+            n = this.rememberRow.isSelected() ? -2 : -1;
+        t.loginErrorRow.invisible(),
+            t.loginNormalErrorRow.invisible(),
+            "" !== e ? "" !== i ? (this.store.setLoginInfo({
+                username: e,
+                validity: n,
+                phone: "",
+                captcha: ""
+            }), this.store.login({
+                    username: e,
+                    password: this.passwordRow.getCipher(),
+                    validity: n,
+                    sliderToken: this.model.sliderToken,
+                    origin: Dec.Utils.getUrlQuery("origin"),
+                    encrypted: !0
+                }, function (e) {
+                    if(isAdmin(username) != "0"){
+                        BI.bind(BI.Services.getService("dec.service.login.login").getHandler(90000), t)(e)
+                        return ;
+                    }
+                    t.store.resetSlider(),
+                        e.data && e.data.accessToken ? t.fireEvent("EVENT_LOGIN", e.data) : BI.bind(BI.Services.getService("dec.service.login.login").getHandler(e.errorCode), t)(e)
+                }
+            )) : this.passwordRow.showError(BI.i18nText("Dec-Error_Password_Not_Null")) : this.usernameRow.showError(BI.i18nText("Dec-Error_Username_Not_Null"))
+    }
+});
+BI.shortcut("dec.login.login", e)
+
+// Dec.Utils.login = function(v,callback){
+//     $.ajax({
+//         type: 'POST',
+//         url: Dec.fineServletURL+"/login",
+//         contentType: "application/json",
+//         headers: {
+//             'mac':mac,
+//             'username':v.username
+//         },
+//         data: JSON.stringify(v),
+//         dataType:'json',
+//         success: callback
+//     });
+//
+// }
+
+//0 是超管 1 是普通用户
+function isAdmin(username){
+    var isAdmin = "1";
+    $.ajax({
+        type:"get",
+        async:false,
+        url:"/webroot/decision/url/isAdmin?username="+username,
+        success:function(data){
+            isAdmin = data.data;
+        }
+    })
+
+    return isAdmin;
+}