hugh
/
open-JSD-9581
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

提交开源任务材料

master
LAPTOP-SB56SG4Q\86185 2 years ago
parent
98a2cc11e5
commit
4715e8ab45
31 changed files with 2436 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. BIN
      JSD-9581-需求确认书V1.docx
  2. BIN
      JSD-9581配置使用文档.docx
  3. 5
      README.md
  4. BIN
      lib/commons-beanutils-1.8.0.jar
  5. BIN
      lib/commons-collections-3.2.1.jar
  6. BIN
      lib/commons-lang-2.5.jar
  7. BIN
      lib/commons-logging-1.1.1.jar
  8. BIN
      lib/finekit-10.0.jar
  9. BIN
      lib/json-lib-2.4-jdk15.jar
  10. 27
      plugin.xml
  11. 55
      src/main/java/com/fr/plugin/hdmu/CustomLogInOut.java
  12. 32
      src/main/java/com/fr/plugin/hdmu/JSCSSBridge.java
  13. 37
      src/main/java/com/fr/plugin/hdmu/LocaleFinder.java
  14. 60
      src/main/java/com/fr/plugin/hdmu/PluginMonitor.java
  15. 107
      src/main/java/com/fr/plugin/hdmu/bean/SsoUserJobConstructor.java
  16. 152
      src/main/java/com/fr/plugin/hdmu/config/SsoConfig.java
  17. 90
      src/main/java/com/fr/plugin/hdmu/helper/SsoUserScheduleHelper.java
  18. 35
      src/main/java/com/fr/plugin/hdmu/job/SsoUserCheckIamJob.java
  19. 34
      src/main/java/com/fr/plugin/hdmu/job/SsoUserSyncMemberJob.java
  20. 87
      src/main/java/com/fr/plugin/hdmu/kit/DepartmentServiceKit.java
  21. 54
      src/main/java/com/fr/plugin/hdmu/kit/PositionServiceKit.java
  22. 197
      src/main/java/com/fr/plugin/hdmu/kit/UserServiceKit.java
  23. 32
      src/main/java/com/fr/plugin/hdmu/request/HttpAuthorizeBridge.java
  24. 269
      src/main/java/com/fr/plugin/hdmu/request/OAuthLogin.java
  25. 382
      src/main/java/com/fr/plugin/hdmu/user/SsoUserManager.java
  26. 131
      src/main/java/com/fr/plugin/hdmu/utils/AESOperator.java
  27. 555
      src/main/java/com/fr/plugin/hdmu/utils/HttpRequestUtil.java
  28. 32
      src/main/java/com/fr/plugin/hdmu/web/WebResourceComponent.java
  29. 25
      src/main/resources/com/fr/plugin/hdmu/locale/lang.properties
  30. 25
      src/main/resources/com/fr/plugin/hdmu/locale/lang_zh_CN.properties
  31. 14
      src/main/resources/com/fr/plugin/hdmu/web/hdmu.js

BIN
JSD-9581-需求确认书V1.docx
View File

Binary file not shown.

BIN
JSD-9581配置使用文档.docx
View File

Binary file not shown.

5
README.md
Unescape View File

@ -1,3 +1,6 @@
# open-JSD-9581 # open-JSD-9581
JSD-9581 OAuth2单点+用户同步 JSD-9581 OAuth2单点+用户同步\
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
仅作为开发者学习参考使用!禁止用于任何商业用途!\
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。

BIN
lib/commons-beanutils-1.8.0.jar
View File

Binary file not shown.

BIN
lib/commons-collections-3.2.1.jar
View File

Binary file not shown.

BIN
lib/commons-lang-2.5.jar
View File

Binary file not shown.

BIN
lib/commons-logging-1.1.1.jar
View File

Binary file not shown.

BIN
lib/finekit-10.0.jar
View File

Binary file not shown.

BIN
lib/json-lib-2.4-jdk15.jar
View File

Binary file not shown.

27
plugin.xml
Unescape View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<plugin>
<id>com.fr.plugin.hdmu.sso</id>
<name><![CDATA[单点登陆用户同步]]></name>
<active>yes</active>
<version>1.4.4</version>
<env-version>10.0</env-version>
<jartime>2018-07-31</jartime>
<vendor>fr.open</vendor>
<description><![CDATA[单点登陆用户同步]]></description>
<change-notes><![CDATA[单点登陆用户同步]]></change-notes>
<main-package>com.fr.plugin.hdmu</main-package>
<prefer-packages>
<prefer-package>com.fanruan.api</prefer-package>
</prefer-packages>
<lifecycle-monitor class="com.fr.plugin.hdmu.PluginMonitor"/>
<extra-core>
<LocaleFinder class="com.fr.plugin.hdmu.LocaleFinder"/>
</extra-core>
<extra-decision>
<GlobalRequestFilterProvider class="com.fr.plugin.hdmu.request.OAuthLogin"/>
<HttpAuthorizeProvider class="com.fr.plugin.hdmu.request.HttpAuthorizeBridge"/>
<LogInOutEventProvider class="com.fr.plugin.hdmu.CustomLogInOut"/>
<WebResourceProvider class="com.fr.plugin.hdmu.JSCSSBridge"/>
</extra-decision>
<function-recorder class="com.fr.plugin.hdmu.LocaleFinder"/>
</plugin>

55
src/main/java/com/fr/plugin/hdmu/CustomLogInOut.java
Unescape View File

@ -0,0 +1,55 @@
/**
* Copyright (C), 2015-2021
* FileName: CustomLogInOut
* Author: Louis
* Date: 2019/6/19 16:25
* Description: CustomLogInOut
* History:
* <author> <time> <version> <desc>
*/
package com.fr.plugin.hdmu;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
import com.fr.decision.webservice.login.LogInOutResultInfo;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.stable.fun.Authorize;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* Function Description<br>
* CustomLogInOut
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public class CustomLogInOut extends AbstractLogInOutEventProvider {
public static final String LOGOUT_PATH = "/logout";
private final SsoConfig config;
public CustomLogInOut() {
this.config = SsoConfig.getInstance();
}
/**
* 用户登出处理
*
* @param result
* @return
*/
@Override
public String logoutAction(LogInOutResultInfo result) {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return null;
}
String url = this.config.getUriBase() + LOGOUT_PATH + "?service=" + this.config.getFrUri();
LogKit.info("hdmu-CustomLogInOut-logoutAction-logoutUrl:{}", url);
return url;
}
}

32
src/main/java/com/fr/plugin/hdmu/JSCSSBridge.java
Unescape View File

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: JSCSSBridge
* Author: Louis
* Date: 2020/8/31 16:34
*/
package com.fr.plugin.hdmu;
import com.fr.decision.fun.impl.AbstractWebResourceProvider;
import com.fr.decision.web.MainComponent;
import com.fr.plugin.hdmu.web.WebResourceComponent;
import com.fr.web.struct.Atom;
/**
* <Function Description><br>
* <平台组件定制JSCSSBridge>
*
* @author fr.open
* @since 1.0.0
*/
public class JSCSSBridge extends AbstractWebResourceProvider {
@Override
public Atom attach() {
return MainComponent.KEY;
}
@Override
public Atom client() {
return WebResourceComponent.KEY;
}
}

37
src/main/java/com/fr/plugin/hdmu/LocaleFinder.java
Unescape View File

@ -0,0 +1,37 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: LocaleFinder
* Author: Louis
* Date: 2020/8/31 22:19
*/
package com.fr.plugin.hdmu;
import com.fr.intelli.record.Focus;
import com.fr.intelli.record.Original;
import com.fr.record.analyzer.EnableMetrics;
import com.fr.stable.fun.impl.AbstractLocaleFinder;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* <Function Description><br>
* <LocaleFinder>
*
* @author fr.open
* @since 1.0.0
*/
@EnableMetrics
public class LocaleFinder extends AbstractLocaleFinder {
@Override
@Focus(id = PLUGIN_ID, text = "Plugin-hdmu", source = Original.PLUGIN)
public String find() {
return "com/fr/plugin/hdmu/locale/lang";
}
@Override
public int currentAPILevel() {
return CURRENT_LEVEL;
}
}

60
src/main/java/com/fr/plugin/hdmu/PluginMonitor.java
Unescape View File

@ -0,0 +1,60 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: PluginMonitor
* Author: Louis
* Date: 2021/3/30 15:10
*/
package com.fr.plugin.hdmu;
import com.fanruan.api.log.LogKit;
import com.fr.plugin.context.PluginContext;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.helper.SsoUserScheduleHelper;
import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
import static com.fr.plugin.hdmu.helper.SsoUserScheduleHelper.*;
/**
* <Function Description><br>
* <PluginMonitor>
*
* @author fr.open
* @since 1.0.0
*/
public class PluginMonitor extends AbstractPluginLifecycleMonitor {
public PluginMonitor() {
}
@Override
public void afterRun(PluginContext pluginContext) {
SsoConfig.getInstance();
this.reStartSchedule();
// 测试执行
// try {
// SsoUserManager.getInstance().synSSODepartments();
// } catch (Exception e) {
// LogKit.error(e.getMessage(), e);
// }
}
@Override
public void beforeStop(PluginContext pluginContext) {
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME, SSO_USER_SCHEDULE_SYN_MEMBER_GROUP);
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME, SSO_USER_SCHEDULE_CHECK_IAM_GROUP);
}
private void reStartSchedule() {
try {
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME, SSO_USER_SCHEDULE_SYN_MEMBER_GROUP);
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME, SSO_USER_SCHEDULE_CHECK_IAM_GROUP);
String cronCondition = SsoConfig.getInstance().getCronCondition();
String checkIamCron = SsoConfig.getInstance().getCheckIamCron();
SsoUserScheduleHelper.getInstance().startSynMemberSchedule(cronCondition);
SsoUserScheduleHelper.getInstance().startCheckIamSchedule(checkIamCron);
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

107
src/main/java/com/fr/plugin/hdmu/bean/SsoUserJobConstructor.java
Unescape View File

@ -0,0 +1,107 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserJobConstructor
* Author: Louis
* Date: 2021/4/21 15:58
*/
package com.fr.plugin.hdmu.bean;
import com.fr.scheduler.job.FineScheduleJob;
/**
* <Function Description><br>
* <SsoUserJobConstructor>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserJobConstructor {
private String cron;
private String jobName;
private String jobGroup;
private String triggerName;
private String triggerGroup;
private Class<? extends FineScheduleJob> jobClazz;
public SsoUserJobConstructor() {
}
public SsoUserJobConstructor cron(String var1) {
this.setCron(var1);
return this;
}
public String getCron() {
return this.cron;
}
public void setCron(String var1) {
this.cron = var1;
}
public SsoUserJobConstructor jobName(String var1) {
this.setJobName(var1);
return this;
}
public String getJobName() {
return this.jobName;
}
public void setJobName(String var1) {
this.jobName = var1;
}
public SsoUserJobConstructor jobGroup(String var1) {
this.setJobGroup(var1);
return this;
}
public String getJobGroup() {
return this.jobGroup;
}
public void setJobGroup(String var1) {
this.jobGroup = var1;
}
public SsoUserJobConstructor triggerName(String var1) {
this.setTriggerName(var1);
return this;
}
public String getTriggerName() {
return this.triggerName;
}
public void setTriggerName(String var1) {
this.triggerName = var1;
}
public SsoUserJobConstructor triggerGroup(String var1) {
this.setTriggerGroup(var1);
return this;
}
public String getTriggerGroup() {
return this.triggerGroup;
}
public void setTriggerGroup(String var1) {
this.triggerGroup = var1;
}
public SsoUserJobConstructor jobClazz(Class<? extends FineScheduleJob> var1) {
this.setJobClazz(var1);
return this;
}
public Class<? extends FineScheduleJob> getJobClazz() {
return this.jobClazz;
}
public void setJobClazz(Class<? extends FineScheduleJob> var1) {
this.jobClazz = var1;
}
}

152
src/main/java/com/fr/plugin/hdmu/config/SsoConfig.java
Unescape View File

@ -0,0 +1,152 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoConfig
* Author: Louis
* Date: 2021/3/30 9:38
*/
package com.fr.plugin.hdmu.config;
import com.fanruan.api.util.StringKit;
import com.fr.config.*;
import com.fr.config.holder.Conf;
import com.fr.config.holder.factory.Holders;
import com.fr.intelli.record.Focus;
import com.fr.intelli.record.Original;
/**
* <Function Description><br>
* <SsoConfig>
*
* @author fr.open
* @since 1.0.0
*/
@Visualization(category = "Plugin-hdmu_Group")
public class SsoConfig extends DefaultConfiguration {
public static final String PLUGIN_ID = "com.fr.plugin.hdmu.sso";
public static final String BASE_URI = "https://127.0.0";
public static final String URI_IAM = "xxxx";
// 每天中午十二点触发
public static final String CRON_CONDITION = "0 0 12 * * ?";
public static final String ROOT_DEP_ID = "ROOT";
private static volatile SsoConfig config = null;
@Identifier(value = "clientId", name = "Plugin-hdmu_Config_ClientId", description = "Plugin-hdmu_Config_ClientId_Description", status = Status.SHOW)
private Conf<String> clientId = Holders.simple(StringKit.EMPTY);
@Identifier(value = "clientSecret", name = "Plugin-hdmu_Config_ClientSecret", description = "Plugin-hdmu_Config_ClientSecret_Description", status = Status.SHOW)
private Conf<String> clientSecret = Holders.simple(StringKit.EMPTY);
@Identifier(value = "uriBase", name = "Plugin-hdmu_Config_UriBase", description = "Plugin-hdmu_Config_UriBase_Description", status = Status.SHOW)
private Conf<String> uriBase = Holders.simple(BASE_URI);
@Identifier(value = "frUri", name = "Plugin-hdmu_Config_FrUri", description = "Plugin-hdmu_Config_FrUri_Description", status = Status.SHOW)
private Conf<String> frUri = Holders.simple(StringKit.EMPTY);
@Identifier(value = "appID", name = "Plugin-hdmu_Config_AppID", description = "Plugin-hdmu_Config_AppID_Description", status = Status.SHOW)
private Conf<String> appID = Holders.simple(StringKit.EMPTY);
@Identifier(value = "cronCondition", name = "Plugin-hdmu_Config_CronCondition", description = "Plugin-hdmu_Config_CronCondition_Description", status = Status.SHOW)
private Conf<String> cronCondition = Holders.simple(CRON_CONDITION);
@Identifier(value = "uriIam", name = "Plugin-hdmu_Config_UriIam", description = "Plugin-hdmu_Config_UriIam_Description", status = Status.SHOW)
private Conf<String> uriIam = Holders.simple(URI_IAM);
@Identifier(value = "appIamKey", name = "Plugin-hdmu_Config_AppIamKey", description = "Plugin-hdmu_Config_AppIamKey_Description", status = Status.SHOW)
private Conf<String> appIamKey = Holders.simple(StringKit.EMPTY);
@Identifier(value = "checkIamCron", name = "Plugin-hdmu_Config_CheckIamCron", description = "Plugin-hdmu_Config_CheckIamCron_Description", status = Status.SHOW)
private Conf<String> checkIamCron = Holders.simple(CRON_CONDITION);
@Identifier(value = "iamStatus", name = "Plugin-hdmu_Config_IamStatus", description = "Plugin-hdmu_Config_IamStatus_Description", status = Status.SHOW)
private Conf<Boolean> iamStatus = Holders.simple(Boolean.TRUE);
@Identifier(value = "updateTime", name = "Plugin-hdmu_Config_UpdateTime", description = "Plugin-hdmu_Config_UpdateTime_Description", status = Status.SHOW)
private Conf<String> updateTime = Holders.simple(StringKit.EMPTY);
@Focus(id = PLUGIN_ID, text = "Plugin-hdmu", source = Original.PLUGIN)
public static SsoConfig getInstance() {
if (config == null) {
config = ConfigContext.getConfigInstance(SsoConfig.class);
}
return config;
}
public String getClientId() {
return clientId.get();
}
public void setClientId(String clientId) {
this.clientId.set(clientId);
}
public String getClientSecret() {
return clientSecret.get();
}
public void setClientSecret(String clientSecret) {
this.clientSecret.set(clientSecret);
}
public String getUriBase() {
return uriBase.get();
}
public void setUriBase(String uriBase) {
this.uriBase.set(uriBase);
}
public String getFrUri() {
return frUri.get();
}
public void setFrUri(String frUri) {
this.frUri.set(frUri);
}
public String getCronCondition() {
return cronCondition.get();
}
public void setCronCondition(String cronCondition) {
this.cronCondition.set(cronCondition);
}
public String getAppID() {
return appID.get();
}
public void setAppID(String appID) {
this.appID.set(appID);
}
public String getUriIam() {
return uriIam.get();
}
public void setUriIam(String uriIam) {
this.uriIam.set(uriIam);
}
public String getAppIamKey() {
return appIamKey.get();
}
public void setAppIamKey(String appIamKey) {
this.appIamKey.set(appIamKey);
}
public String getCheckIamCron() {
return checkIamCron.get();
}
public void setCheckIamCron(String checkIamCron) {
this.checkIamCron.set(checkIamCron);
}
public Boolean getIamStatus() {
return iamStatus.get();
}
public void setIamStatus(Boolean iamStatus) {
this.iamStatus.set(iamStatus);
}
public String getUpdateTime() {
return updateTime.get();
}
public void setUpdateTime(String updateTime) {
this.updateTime.set(updateTime);
}
}

90
src/main/java/com/fr/plugin/hdmu/helper/SsoUserScheduleHelper.java
Unescape View File

@ -0,0 +1,90 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserScheduleHelper
* Author: Louis
* Date: 2021/4/21 15:52
*/
package com.fr.plugin.hdmu.helper;
import com.fr.plugin.hdmu.bean.SsoUserJobConstructor;
import com.fr.plugin.hdmu.job.SsoUserCheckIamJob;
import com.fr.plugin.hdmu.job.SsoUserSyncMemberJob;
import com.fr.scheduler.ScheduleJobManager;
import com.fr.third.v2.org.quartz.CronScheduleBuilder;
import com.fr.third.v2.org.quartz.TriggerBuilder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.TimeZone;
/**
* <Function Description><br>
* <SsoUserScheduleHelper>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserScheduleHelper {
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME = "MqhSsoUserSynDepMemberJob";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_NAME = "MqhSsoUserSynDepMemberTrigger";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_GROUP = "MqhSsoUserSynDepMemberGroup";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_GROUP = "MqhSsoUserSynDepMemberTriggerGroup";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME = "MqhSsoUserCheckIamJob";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_NAME = "MqhSsoUserCheckIamTrigger";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_GROUP = "MqhSsoUserCheckIamGroup";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_GROUP = "MqhSsoUserCheckIamTriggerGroup";
private SsoUserScheduleHelper() {
}
public static SsoUserScheduleHelper getInstance() {
return HOLDER.INSTANCE;
}
public void startCheckIamSchedule(String cronCondition) throws Exception {
SsoUserJobConstructor jobConstructor = (new SsoUserJobConstructor())
.cron(cronCondition).jobName(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME)
.jobGroup(SSO_USER_SCHEDULE_CHECK_IAM_GROUP).triggerName(SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_NAME)
.triggerGroup(SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_GROUP).jobClazz(SsoUserCheckIamJob.class);
this.startSchedule(jobConstructor);
}
public void startSynMemberSchedule(String cronCondition) throws Exception {
SsoUserJobConstructor jobConstructor = (new SsoUserJobConstructor())
.cron(cronCondition).jobName(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME)
.jobGroup(SSO_USER_SCHEDULE_SYN_MEMBER_GROUP).triggerName(SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_NAME)
.triggerGroup(SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_GROUP).jobClazz(SsoUserSyncMemberJob.class);
this.startSchedule(jobConstructor);
}
public void startSchedule(SsoUserJobConstructor var1) throws Exception {
if (var1 != null) {
String var2 = var1.getCron();
String var3 = var1.getTriggerName();
String var4 = var1.getTriggerGroup();
String var5 = var1.getJobName();
String var6 = var1.getJobGroup();
Class var7 = var1.getJobClazz();
TriggerBuilder var8 = TriggerBuilder.newTrigger();
var8.withIdentity(var3, var4);
var8.withSchedule(CronScheduleBuilder.cronSchedule(var2).withMisfireHandlingInstructionFireAndProceed().inTimeZone(TimeZone.getTimeZone(TimeZone.getDefault().getID()))).startNow();
var8.forJob(var5, var6);
ArrayList var9 = new ArrayList();
var9.add(var8.build());
ScheduleJobManager.getInstance().removeJob(var5, var6);
ScheduleJobManager.getInstance().addJob(var5, var6, "jobDescription", var7, var9, new HashMap());
}
}
public void stopSchedule(String var1, String var2) {
ScheduleJobManager.getInstance().removeJob(var1, var2);
}
public static class HOLDER {
private static final SsoUserScheduleHelper INSTANCE = new SsoUserScheduleHelper();
public HOLDER() {
}
}
}

35
src/main/java/com/fr/plugin/hdmu/job/SsoUserCheckIamJob.java
Unescape View File

@ -0,0 +1,35 @@
/*
* Copyright (C), 2018-2022
* Project: starter
* FileName: SsoUserCheckIamJob
* Author: Louis
* Date: 2022/1/30 10:44
*/
package com.fr.plugin.hdmu.job;
import com.fanruan.api.log.LogKit;
import com.fr.cluster.core.ClusterNode;
import com.fr.plugin.hdmu.user.SsoUserManager;
import com.fr.scheduler.job.FineScheduleJob;
import com.fr.third.v2.org.quartz.JobExecutionContext;
/**
* <Function Description><br>
* <SsoUserCheckIamJob>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserCheckIamJob extends FineScheduleJob {
public SsoUserCheckIamJob() {
}
@Override
public void run(JobExecutionContext jobExecutionContext, ClusterNode clusterNode) throws Exception {
try {
SsoUserManager.getInstance().checkIamService();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

34
src/main/java/com/fr/plugin/hdmu/job/SsoUserSyncMemberJob.java
Unescape View File

@ -0,0 +1,34 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserSyncMemberJob
* Author: Louis
* Date: 2021/4/21 16:02
*/
package com.fr.plugin.hdmu.job;
import com.fanruan.api.log.LogKit;
import com.fr.cluster.core.ClusterNode;
import com.fr.plugin.hdmu.user.SsoUserManager;
import com.fr.scheduler.job.FineScheduleJob;
import com.fr.third.v2.org.quartz.JobExecutionContext;
/**
* <Function Description><br>
* <SsoUserSyncMemberJob>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserSyncMemberJob extends FineScheduleJob {
public SsoUserSyncMemberJob() {
}
public void run(JobExecutionContext jobExecutionContext, ClusterNode clusterNode) {
try {
SsoUserManager.getInstance().synSSODepartments();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

87
src/main/java/com/fr/plugin/hdmu/kit/DepartmentServiceKit.java
Unescape View File

@ -0,0 +1,87 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: DepartmentServiceKit
* Author: Louis
* Date: 2021/5/14 9:38
*/
package com.fr.plugin.hdmu.kit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.Department;
import com.fr.decision.webservice.exception.general.DuplicatedNameException;
import com.fr.decision.webservice.v10.user.DepartmentService;
import com.fr.general.ComparatorUtils;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.condition.QueryCondition;
import com.fr.stable.query.restriction.Restriction;
import com.fr.stable.query.restriction.RestrictionFactory;
import static com.fr.decision.authority.base.AuthorityConstants.DECISION_DEP_ROOT;
/**
* <Function Description><br>
* <DepartmentServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class DepartmentServiceKit extends DepartmentService {
private static volatile DepartmentServiceKit departmentServiceKit = null;
public DepartmentServiceKit() {
}
public static DepartmentServiceKit getInstance() {
if (departmentServiceKit == null) {
departmentServiceKit = new DepartmentServiceKit();
}
return departmentServiceKit;
}
/**
* 根部门与FR根部门转换
*
* @param parentId
* @return
*/
public String changeRootId(String parentId) {
if (StringKit.isBlank(parentId) || StringKit.equals(parentId, SsoConfig.ROOT_DEP_ID)) {
return DECISION_DEP_ROOT;
}
return parentId;
}
public void addDepartment(String id, String pId, String depName) throws Exception {
if (StringKit.equals(pId, DECISION_DEP_ROOT)) {
pId = null;
}
this.checkDuplicatedDepartmentName(pId, depName);
Department department = (new Department()).id(id).name(depName).parentId(pId).creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
AuthorityContext.getInstance().getDepartmentController().add(department);
}
private void checkDuplicatedDepartmentName(String parentId, String depName) throws Exception {
QueryCondition condition = QueryFactory.create().addRestriction(RestrictionFactory.and(new Restriction[]{RestrictionFactory.eq("name", depName), RestrictionFactory.eq("parentId", parentId)}));
Department sameNameDep = AuthorityContext.getInstance().getDepartmentController().findOne(condition);
if (sameNameDep != null) {
throw new DuplicatedNameException();
}
}
public void editDepartment(String departmentId, String depName, String pId) throws Exception {
if (StringKit.equals(pId, DECISION_DEP_ROOT)) {
pId = null;
}
Department department = AuthorityContext.getInstance().getDepartmentController().getById(departmentId);
if (!ComparatorUtils.equals(department.getName(), depName) || !ComparatorUtils.equals(department.getParentId(), pId)) {
this.checkDuplicatedDepartmentName(pId, depName);
department.setName(depName);
department.setParentId(pId);
AuthorityContext.getInstance().getDepartmentController().update(department);
}
}
}

54
src/main/java/com/fr/plugin/hdmu/kit/PositionServiceKit.java
Unescape View File

@ -0,0 +1,54 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: PositionServiceKit
* Author: Louis
* Date: 2021/8/18 15:38
*/
package com.fr.plugin.hdmu.kit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.SoftRoleType;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.Post;
import com.fr.decision.record.OperateMessage;
import com.fr.decision.webservice.v10.user.PositionService;
import com.fr.intelli.record.MetricRegistry;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.condition.QueryCondition;
import com.fr.stable.query.restriction.Restriction;
import com.fr.stable.query.restriction.RestrictionFactory;
/**
* <Function Description><br>
* <PositionServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class PositionServiceKit extends PositionService {
private static volatile PositionServiceKit positionServiceKit = null;
public PositionServiceKit() {
}
public static PositionServiceKit getInstance() {
if (positionServiceKit == null) {
positionServiceKit = new PositionServiceKit();
}
return positionServiceKit;
}
public String addPosition(String id, String name, String desc) throws Exception {
Post post = (new Post()).id(id).name(name).creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true).description(desc);
AuthorityContext.getInstance().getPostController().add(post);
this.deleteSoftData(post.getName());
MetricRegistry.getMetric().submit(OperateMessage.build("Dec-Module-User_Manager", "Dec-Post", name, "Dec-Log_Add"));
return post.getId();
}
private void deleteSoftData(String var1) throws Exception {
QueryCondition var2 = QueryFactory.create().addRestriction(RestrictionFactory.and(new Restriction[]{RestrictionFactory.eq("deletedName", var1), RestrictionFactory.eq("type", SoftRoleType.POST)}));
AuthorityContext.getInstance().getSoftDataController().remove(var2);
}
}

197
src/main/java/com/fr/plugin/hdmu/kit/UserServiceKit.java
Unescape View File

@ -0,0 +1,197 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: UserServiceKit
* Author: Louis
* Date: 2021/5/14 8:28
*/
package com.fr.plugin.hdmu.kit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.User;
import com.fr.decision.authority.data.extra.user.type.PasswordChangeTimeKey;
import com.fr.decision.base.util.UUIDUtil;
import com.fr.decision.privilege.TransmissionTool;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.bean.user.DepartmentPostBean;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.exception.login.UserPwdErrorException;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.kickout.KickOutConfig;
import com.fr.decision.webservice.v10.login.kickout.KickOutUserEvent;
import com.fr.decision.webservice.v10.login.lock.LoginLockService;
import com.fr.decision.webservice.v10.password.strategy.PasswordStrategyService;
import com.fr.decision.webservice.v10.user.PositionService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.event.EventDispatcher;
import com.fr.general.ComparatorUtils;
import com.fr.json.JSONObject;
import com.fr.stable.StringUtils;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import static com.fr.plugin.hdmu.user.SsoUserManager.JOB_CODE;
import static com.fr.plugin.hdmu.user.SsoUserManager.ORG_CODE;
/**
* <Function Description><br>
* <UserServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class UserServiceKit extends UserService {
public static final String USER_NAME = "prWorkNo";
public static final String REAL_NAME = "userName";
public static final String ENABLE = "status";
public static final String EMAIL = "email";
public static final String PASSWORD = "appPwd";
public static final String REQUEST_FLAG = "requestFlag";
private static volatile UserServiceKit userServiceKit = null;
public UserServiceKit() {
}
public static UserServiceKit getInstance() {
if (userServiceKit == null) {
userServiceKit = new UserServiceKit();
}
return userServiceKit;
}
@Override
public void resetPassword(UserBean var1) throws Exception {
User var2 = (User) AuthorityContext.getInstance().getUserController().getById(var1.getId());
String var3 = var2.getUserName();
String var4 = var2.getId();
String var5 = TransmissionTool.decrypt(var1.getPassword());
String var6 = var2.getPassword();
String var7 = "";
PasswordValidator var8 = UserSourceFactory.getInstance().getUserSource(var2).getPasswordValidator();
if (StringUtils.isNotEmpty(var5)) {
// AuthenticController var9 = ControllerFactory.getInstance().getAuthenticController(var2.getId());
// if (!var9.passwordChangeable(var2)) {
// throw new UserPasswordCanNotChangeException();
// }
var7 = var8.encode(var2.getUserName(), var5, var2.getSalt());
var2.setPassword(var7);
PasswordStrategyService.getInstance().checkPasswordHistoryList(var2, var7);
}
AuthorityContext.getInstance().getUserController().update(var2.lastOperationType(ManualOperationType.KEY));
if (StringUtils.isNotEmpty(var7) && !ComparatorUtils.equals(var6, var7)) {
var2.salt(UUIDUtil.generate());
var2.password(var8.encode(var2.getUserName(), var5, var2.getSalt()));
AuthorityContext.getInstance().getUserController().update(var2);
PasswordStrategyService.getInstance().updateUserPasswordHistoryList(var2, var6);
AuthorityContext.getInstance().getUserController().addPasswordChangeTime(var4, PasswordChangeTimeKey.KEY, (Date) null);
LoginLockService.getInstance().unlockByUserId(var4);
PasswordStrategyService.getInstance().unblockPasswordChangeByUser(var2);
EventDispatcher.fire(KickOutUserEvent.KickOutUser, new KickOutConfig(new UserPwdErrorException(), new String[]{var3}));
}
}
public UserBean createUserBean(JSONObject account) throws Exception {
UserBean userBean = new UserBean();
userBean.setUsername(account.getString(USER_NAME));
userBean.setRealName(account.getString(REAL_NAME));
userBean.setEnable(StringKit.equals(account.getJSONArray("userJobAttr").getJSONObject(0).getString(ENABLE), "1"));
userBean.setEmail(account.getString(EMAIL));
userBean.setPassword(TransmissionTool.defaultEncrypt(account.getString(PASSWORD)));
userBean.setPasswordChangeable(true);
String departmentId;
String position;
try {
departmentId = account.getString(ORG_CODE);
position = account.getString(JOB_CODE);
} catch (Exception e) {
departmentId = StringKit.EMPTY;
position = StringKit.EMPTY;
}
if (StringKit.isNotBlank(departmentId)) {
List<String> departmentPostIds = createDepartmentPostIds(departmentId, position);
userBean.setDepartmentPostIds(departmentPostIds);
}
return userBean;
}
/**
* 转为部门职务组合
*
* @param departmentPostId
* @param positionId
* @return
* @throws Exception
*/
private List<String> createDepartmentPostIds(String departmentPostId, String positionId) throws Exception {
List<String> departmentPostIds = new ArrayList<>();
if (StringKit.isBlank(departmentPostId) || StringKit.equals(departmentPostId, "null")) {
return departmentPostIds;
}
if (StringKit.isNotBlank(positionId)) {
String positionName = PositionServiceKit.getInstance().getPostNameById(positionId);
List<DepartmentPostBean> departmentPostBeanList = PositionService.getInstance().getPositionsUnderParentDepartment(getAdminUserId(), departmentPostId, positionName);
if (departmentPostBeanList == null || departmentPostBeanList.isEmpty()) {
try {
AuthorityContext.getInstance().getPostController().addPostToDepartment(positionId, departmentPostId);
} catch (Exception e) {
LogKit.info("sso-UserServiceKit-createDepartmentPostIds-addPostToDepartmentFailed-position:{}, departmentId:{}", positionId + positionName, departmentPostId);
LogKit.error(e.getMessage(), e);
}
}
departmentPostId = departmentPostId + "@@@" + positionId;
}
departmentPostIds.add(departmentPostId);
return departmentPostIds;
}
/**
* 获取管理员id
*
* @return
* @throws Exception
*/
public String getAdminUserId() throws Exception {
List<String> adminUserIdList = UserService.getInstance().getAdminUserIdList();
if (adminUserIdList.isEmpty()) {
return "admin";
}
return StringKit.isNotBlank(adminUserIdList.get(0)) ? adminUserIdList.get(0) : "admin";
}
public void editUser(UserBean userBean) throws Exception {
super.editUser(userBean, this.getAdminUserId());
}
public UserBean updateUserBean(JSONObject account) throws Exception {
User user = UserService.getInstance().getUserByUserName(account.getString(USER_NAME));
if (user == null) {
return null;
}
UserBean userBean = new UserBean();
userBean.setId(user.getId());
userBean.setUsername(user.getUserName());
userBean.setRealName(account.getString(REAL_NAME));
userBean.setEnable(user.isEnable());
userBean.setEmail(account.getString(EMAIL));
userBean.setPassword(TransmissionTool.defaultEncrypt(account.getString(PASSWORD)));
String departmentId;
String position;
try {
departmentId = account.getString(ORG_CODE);
position = account.getString(JOB_CODE);
} catch (Exception e) {
departmentId = StringKit.EMPTY;
position = StringKit.EMPTY;
}
if (StringKit.isNotBlank(departmentId)) {
List<String> departmentPostIds = createDepartmentPostIds(departmentId, position);
userBean.setDepartmentPostIds(departmentPostIds);
}
return userBean;
}
}

32
src/main/java/com/fr/plugin/hdmu/request/HttpAuthorizeBridge.java
Unescape View File

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: HttpAuthorizeBridge
* Author: Louis
* Date: 2021/8/24 13:55
*/
package com.fr.plugin.hdmu.request;
import com.fanruan.api.util.StringKit;
import com.fr.decision.fun.impl.AbstractHttpAuthorizeProvider;
import com.fr.security.SecurityToolbox;
/**
* <Function Description><br>
* <HttpAuthorizeBridge>
*
* @author fr.open
* @since 1.0.0
*/
public class HttpAuthorizeBridge extends AbstractHttpAuthorizeProvider {
@Override
public Scope scope() {
return Scope.REPLACE;
}
@Override
public boolean authorize(String inputUsername, String inputPassword, String savedPassword, String hashPassword) {
String encryptPwd = SecurityToolbox.sha256(SecurityToolbox.sha256(inputPassword));
return StringKit.equalsIgnoreCase(encryptPwd, savedPassword);
}
}

269
src/main/java/com/fr/plugin/hdmu/request/OAuthLogin.java
Unescape View File

@ -0,0 +1,269 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: OAuthLogin
* Author: Louis
* Date: 2021/3/30 22:09
*/
package com.fr.plugin.hdmu.request;
import com.fanruan.api.decision.login.LoginKit;
import com.fanruan.api.decision.user.UserKit;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.net.NetworkKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.json.JSONObject;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.utils.HttpRequestUtil;
import com.fr.stable.fun.Authorize;
import com.fr.third.org.apache.http.client.utils.URIBuilder;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* <Function Description><br>
* <OAuthLogin>
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public class OAuthLogin extends AbstractGlobalRequestFilterProvider {
public static final String REMOTE_DESIGN = "/remote/design";
public static final String RESOURCES_PATH = "/resources";
public static final String FILE_PATH = "/file";
public static final String SYSTEM_INFO = "/system/info";
public static final String MATERIALS_MIN_JS_MAP = "/materials.min.js.map";
public static final String LOGIN_PATH = "/login";
public static final String LOGIN_OTHER = "/login/";
public static final String LOGOUT_PATH = "/logout";
public static final String USER_LANGUAGE = "/v10/user/language";
public static final String SYSTEM_HEALTH = "/system/health";
public static final String USER_SYN = "/syn";
public static final String CODE_URL = "/profile/oauth2/authorize";
public static final String TOKEN_URL = "/profile/oauth2/accessToken";
public static final String USER_URL = "/profile/oauth2/profile";
public static final String CODE = "code";
public static final String STATE = "sso";
public static final String CONFIG_PASSWORD = "/v10/user/account";
public static final String TARGET_URI = "target_uri";
private SsoConfig config;
/**
* 过滤器名称
*
* @return
*/
@Override
public String filterName() {
return "hdmuFilter";
}
/**
* 过滤规则
*
* @return
*/
@Override
public String[] urlPatterns() {
// return new String[]{"/", "/decision", "/decision/view/form", "/decision/view/report", "/decision/v10/entry/access/*", "/decision/v10/user/account", "/decision/link/*"};
return new String[]{"/*"};
}
/**
* 过滤器初始化
*
* @param filterConfig
*/
@Override
public void init(FilterConfig filterConfig) {
this.config = SsoConfig.getInstance();
super.init(filterConfig);
}
/**
* 过滤器处理
*
* @param request
* @param response
* @param filterChain
*/
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
try {
if (operation(request, response)) {
filterChain.doFilter(request, response);
}
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
/**
* 用户验证登陆操作
*
* @param req
* @param res
* @throws Exception
*/
private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception {
String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : StringKit.EMPTY;
LogKit.info("hdmu-OAuthLogin-operation-pathInfo:{}", pathInfo);
if (pathInfo.startsWith(REMOTE_DESIGN) || pathInfo.startsWith(LOGIN_OTHER)
|| StringKit.equals(LOGIN_PATH, pathInfo) || pathInfo.startsWith(USER_SYN)
|| pathInfo.startsWith(RESOURCES_PATH) || pathInfo.startsWith(LOGOUT_PATH)
|| pathInfo.startsWith(SYSTEM_INFO) || pathInfo.startsWith(MATERIALS_MIN_JS_MAP) || pathInfo.startsWith(SYSTEM_HEALTH)
|| pathInfo.startsWith(USER_LANGUAGE) || pathInfo.startsWith(FILE_PATH)) {
return true;
}
// 禁止修改密码
if (StringKit.equals(pathInfo, CONFIG_PASSWORD)) {
UserBean userBean = UserService.getInstance().getUserAccount(LoginService.getInstance().getUserNameFromRequest(req));
userBean.setPasswordChangeable(false);
Response result = Response.ok(userBean);
WebUtils.printAsJSON(res, JSONObject.mapFrom(result));
return false;
}
// 已登录
if (LoginService.getInstance().isLogged(req)) {
return true;
}
String code = NetworkKit.getHTTPRequestParameter(req, CODE);
String state = NetworkKit.getHTTPRequestParameter(req, "state");
LogKit.info("hdmu-OAuthLogin-operation-code:{}", code);
if (StringKit.isBlank(code)) {
if (!this.config.getIamStatus()) {
return true;
}
res.sendRedirect(getLoginUrl(req));
return false;
}
if (!StringKit.equalsIgnoreCase(state, STATE)) {
return true;
}
String accessToken = getAccessToken(code);
if (StringKit.isEmpty(accessToken)) {
res.sendRedirect(getLoginUrl(req));
return false;
}
String username = getUsername(accessToken);
if (StringKit.isEmpty(username) || !UserKit.existUsername(username)) {
return true;
}
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return true;
}
String tokenFR = LoginKit.login(req, res, username);
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR);
String targetUri = NetworkKit.getHTTPRequestParameter(req, TARGET_URI);
if (StringKit.isNotBlank(targetUri)) {
res.sendRedirect(targetUri);
return false;
}
return true;
}
/**
* 通过凭证获得username
*
* @param accessToken
* @return
*/
private String getUsername(String accessToken) throws Exception {
String userParam = HttpRequestUtil.getUserParam(this.config.getClientId(), this.config.getClientSecret(), accessToken);
String userRes = HttpRequestUtil.getResult(this.config.getUriBase() + USER_URL, userParam);
LogKit.info("hdmu-OAuthLogin-getUsername-userRes:{}", userRes);
return new JSONObject(userRes).getString("workNo");
}
/**
* 获取access_token
*
* @param code
* @return
* @throws Exception
*/
private String getAccessToken(String code) throws Exception {
String tokenParams = HttpRequestUtil.getAccessTokenParam(this.config.getClientId(), this.config.getClientSecret(),
this.config.getFrUri(), code);
String res = HttpRequestUtil.getResult(this.config.getUriBase() + TOKEN_URL, tokenParams);
LogKit.info("hdmu-OAuthLogin-getAccessToken-res:{}", res);
if (StringKit.isEmpty(res)) {
return StringKit.EMPTY;
}
String token = new JSONObject(res).getString("access_token");
if (StringKit.isNotBlank(token)) {
return token;
}
return StringKit.EMPTY;
}
/**
* 获取login_url
*
* @return
*/
private String getLoginUrl(HttpServletRequest request) {
String url = SsoConfig.getInstance().getUriBase() + CODE_URL;
Map<String, String> params = new HashMap<>();
params.put("client_id", SsoConfig.getInstance().getClientId());
params.put("response_type", "code");
params.put("redirect_uri", this.config.getFrUri());
params.put("oauth_timestamp", String.valueOf(System.currentTimeMillis()));
params.put(TARGET_URI, getOriginalURL(request));
params.put("state", STATE);
String loginUrl = buildUrl(url, params);
LogKit.info("hdmu-OAuthLogin-getLoginUrl-loginUrl:{}", loginUrl);
return loginUrl;
}
/**
* 得到请求url和参数
*
* @param request
* @return
*/
private String getOriginalURL(HttpServletRequest request) {
StringBuffer url = request.getRequestURL();
if (StringKit.isNotBlank(request.getQueryString())) {
url.append("?").append(request.getQueryString());
}
return url.toString();
}
private String buildUrl(String url, Map<String, String> params) {
if (params == null || params.isEmpty()) {
return url;
}
try {
URIBuilder builder = new URIBuilder(url);
for (Map.Entry<String, String> entry : params.entrySet()) {
builder.setParameter(entry.getKey(), entry.getValue());
}
return builder.build().toString();
} catch (URISyntaxException e) {
LogKit.error("Error to build url, please check the arguments.");
return url;
}
}
}

382
src/main/java/com/fr/plugin/hdmu/user/SsoUserManager.java
Unescape View File

@ -0,0 +1,382 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserManager
* Author: Louis
* Date: 2021/4/21 16:18
*/
package com.fr.plugin.hdmu.user;
import com.fanruan.api.decision.user.UserKit;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.DateUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONException;
import com.fr.json.JSONObject;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.kit.DepartmentServiceKit;
import com.fr.plugin.hdmu.kit.PositionServiceKit;
import com.fr.plugin.hdmu.kit.UserServiceKit;
import com.fr.plugin.hdmu.utils.HttpRequestUtil;
import com.fr.stable.fun.Authorize;
import java.io.IOException;
import java.util.Date;
import java.util.Map;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
import static com.fr.plugin.hdmu.kit.UserServiceKit.REQUEST_FLAG;
import static com.fr.plugin.hdmu.kit.UserServiceKit.USER_NAME;
import static com.fr.plugin.hdmu.utils.HttpRequestUtil.radomString;
/**
* <Function Description><br>
* <SsoUserManager>
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public final class SsoUserManager {
public static final String ORG_LIST_ALL = "/idm-api/dataSync/queryPagingOrgInfo";
public static final String POSITION_LIST_ALL = "/idm-api/dataSync/queryPagingJobInfo";
public static final String ACCOUNT_LIST = "/idm-api/dataSync/queryIncrePagingAccountInfo";
public static final String UPDATE_IAM_ACCOUNT_STATUS = "/idm-api/dataSync/updateIamAccountStatus";
public static final String ORG_UPDATE_STATUS = "updateStatus";
public static final String ORG_CODE = "orgCode";
public static final String PARENT_CODE = "parentCode";
public static final String ORG_NAME = "orgName";
public static final String JOB_CODE = "jobCode";
public static final String JOB_NAME = "jobName";
public static final String REQUEST_LOG_ID = "requestLogId";
private SsoConfig config;
public SsoUserManager() {
this.config = SsoConfig.getInstance();
}
public static SsoUserManager getInstance() {
return HOLDER.INSTANCE;
}
/**
* 检测心跳功能
*
* @throws Exception
*/
public synchronized void checkIamService() {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return;
}
LogKit.info("hdmu-SsoUserManager-checkIamService-start");
try {
String checkParam = HttpRequestUtil.getIAMServiceParam(this.config.getClientId(), this.config.getClientSecret());
String checkRes = HttpRequestUtil.getResult(this.config.getUriBase() + "/service/api/v1/oauth2/checkIamService", checkParam);
LogKit.info("hdmu-SsoUserManager-checkIamService-checkRes:{}", checkRes);
this.config.setIamStatus(checkRes.contains("OK"));
} catch (Exception e) {
this.config.setIamStatus(false);
LogKit.error(e.getMessage(), e);
}
LogKit.info("hdmu-SsoUserManager-checkIamService-end");
}
/**
* 同步更新部门
*
* @throws Exception
*/
public synchronized void synSSODepartments() throws Exception {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return;
}
LogKit.info("hdmu-SsoUserManager-synDepartments-start");
for (int i = 0; i < 20; i++) {
departmentSynLoop(i);
}
LogKit.info("hdmu-SsoUserManager-synDepartments-end");
LogKit.info("hdmu-SsoUserManager-synPositions-start");
for (int i = 0; i < 20; i++) {
positionSynLoop(i);
}
LogKit.info("hdmu-SsoUserManager-synPositions-end");
LogKit.info("hdmu-SsoUserManager-synUsers-start");
//每次同步1千重复40次
for (int i = 0; i < 40; i++) {
userSynLoop();
}
LogKit.info("hdmu-SsoUserManager-synUsers-end");
if (StringKit.isNotBlank(this.config.getUpdateTime())) {
this.config.setUpdateTime(DateUtils.getDate2LStr(new Date()));
}
}
private void userSynLoop() {
JSONArray userList = getUserList();
if (userList.isEmpty()) {
return;
}
// 同步用户信息
JSONArray requestLogIds = JSONArray.create();
String requestLogId;
JSONObject userJo;
for (int i = 0; i < userList.size(); i++) {
userJo = userList.optJSONObject(i);
try {
requestLogId = userJo.getString(REQUEST_LOG_ID);
if (StringKit.isBlank(requestLogId)) {
continue;
}
userSynOperation(userJo);
requestLogIds.add((new JSONObject()).put(REQUEST_LOG_ID, requestLogId));
} catch (Exception e) {
LogKit.error("hdmu-SsoUserManager-userSynLoop-userJo:{}", userJo.encode());
LogKit.error(e.getMessage(), e);
}
}
// 更新回调数据
if (requestLogIds.isEmpty()) {
return;
}
updateIamAccountStatus(requestLogIds);
}
/**
* 更新回调接口账户状态
*
* @param requestLogIds
* @throws Exception
*/
private void updateIamAccountStatus(JSONArray requestLogIds) {
try {
JSONObject params = getAuthParams();
params.put("requestlog_str", requestLogIds.encode());
String response = HttpRequestUtil.post(this.config.getUriIam() + UPDATE_IAM_ACCOUNT_STATUS, params.encode());
LogKit.info("hdmu-SsoUserManager-updateIamAccountStatus-response:{}", response);
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
/**
* 用户新增和更新操作
*
* @param userJo
*/
private void userSynOperation(JSONObject userJo) throws Exception {
UserBean userBean;
String requestFlag;
if (UserKit.existUsername(userJo.getString(USER_NAME))) {
userBean = UserServiceKit.getInstance().updateUserBean(userJo);
if (userBean == null) {
return;
}
requestFlag = userJo.getString(REQUEST_FLAG);
if (StringKit.equals(requestFlag, "1")) {
UserServiceKit.getInstance().editUser(userBean);
} else if (StringKit.equals(requestFlag, "5")) {
UserServiceKit.getInstance().resetPassword(userBean);
} else if (StringKit.equals(requestFlag, "2") || StringKit.equals(requestFlag, "4")) {
UserServiceKit.getInstance().forbidUser(userBean.getId(), false);
} else if (StringKit.equals(requestFlag, "3")) {
UserServiceKit.getInstance().forbidUser(userBean.getId(), true);
}
} else {
userBean = UserServiceKit.getInstance().createUserBean(userJo);
UserService.getInstance().addUser(userBean);
}
}
/**
* 通过接口获取用户列表
*
* @return
*/
private JSONArray getUserList() {
try {
JSONObject params = getAuthParams();
params.put("pageSize", "500");
params.put("pageIndex", "1");
LogKit.info("hdmu-SsoUserManager-getUserList-params:{}", params.encode());
String response = HttpRequestUtil.post(this.config.getUriIam() + ACCOUNT_LIST, params.encode());
LogKit.info("hdmu-SsoUserManager-getUserList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
return responseJo.getJSONArray("result");
}
return JSONArray.create();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
return JSONArray.create();
}
}
/**
* 按部门遍历子部门并同步人员信息
*
* @throws Exception
*/
private void departmentSynLoop(int pageNo) throws Exception {
JSONArray departmentList = getDepartmentList(pageNo);
// 同步部门信息
for (int i = 0; i < departmentList.size(); i++) {
try {
departmentSynOperation(departmentList.optJSONObject(i));
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}
/**
* 部门组织的新增更新操作
*
* @param departmentJo
* @throws Exception
*/
private void departmentSynOperation(JSONObject departmentJo) throws Exception {
LogKit.info("hdmu-SsoUserManager-departmentSynOperation-departmentJo:{}", departmentJo.encode());
String departmentId = departmentJo.getString(ORG_CODE);
if (StringKit.equals(departmentJo.getString(ORG_UPDATE_STATUS), "1")) {
String parentId = departmentJo.getString(PARENT_CODE);
parentId = DepartmentServiceKit.getInstance().changeRootId(parentId);
String depName = departmentJo.getString(ORG_NAME);
Department department = AuthorityContext.getInstance().getDepartmentController().getById(departmentId);
if (department == null) {
DepartmentServiceKit.getInstance().addDepartment(departmentId, parentId, depName);
} else {
DepartmentServiceKit.getInstance().editDepartment(department.getId(), depName, parentId);
}
}
if (StringKit.equals(departmentJo.getString(ORG_UPDATE_STATUS), "0")) {
DepartmentServiceKit.getInstance().deleteDepartment(departmentId);
}
}
/**
* 通过接口获取部门列表
*
* @return
* @throws IOException
*/
private JSONArray getDepartmentList(int pageNo) throws Exception {
JSONObject params = getQueryParams(pageNo);
String response = HttpRequestUtil.post(this.config.getUriIam() + ORG_LIST_ALL, params.encode());
LogKit.info("hdmu-SsoUserManager-getDepartmentList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
try {
return responseJo.getJSONArray("result");
} catch (JSONException e) {
return JSONArray.create();
}
}
return JSONArray.create();
}
private JSONObject getQueryParams(int pageNo) {
JSONObject params = getAuthParams();
if (StringKit.isNotBlank(this.config.getUpdateTime())) {
params.put("updateTime", this.config.getUpdateTime());
params.put("pageSize", "1000");
params.put("pageIndex", String.valueOf(pageNo + 1));
}
return params;
}
/**
* 岗位信息同步
*
* @throws Exception
*/
private void positionSynLoop(int pageNo) throws Exception {
JSONArray positionList = getPositionList(pageNo);
for (int i = 0; i < positionList.size(); i++) {
try {
positionSynOperation(positionList.optJSONObject(i));
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}
private void positionSynOperation(JSONObject positionJo) throws Exception {
LogKit.info("hdmu-SsoUserManager-positionSynOperation-positionJo:{}", positionJo.encode());
String positionId = positionJo.getString(JOB_CODE);
String positionName = positionJo.getString(JOB_NAME);
if (StringKit.equals(positionJo.getString(ORG_UPDATE_STATUS), "0")) {
PositionServiceKit.getInstance().deletePosition(positionId);
return;
}
if (StringKit.equals(positionJo.getString(ORG_UPDATE_STATUS), "1")) {
Post post = AuthorityContext.getInstance().getPostController().getById(positionId);
if (post == null) {
PositionServiceKit.getInstance().addPosition(positionId, positionName, positionName);
} else {
PositionServiceKit.getInstance().updatePosition(positionId, positionName, positionName);
}
}
}
/**
* 通过接口获取岗位列表
*
* @return
* @throws IOException
*/
private JSONArray getPositionList(int pageNo) throws Exception {
JSONObject params = getQueryParams(pageNo);
String response = HttpRequestUtil.post(this.config.getUriIam() + POSITION_LIST_ALL, params.encode());
LogKit.info("hdmu-SsoUserManager-getPositionList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
try {
return responseJo.getJSONArray("result");
} catch (JSONException e) {
return JSONArray.create();
}
}
return JSONArray.create();
}
/**
* 产生IAM sign
*
* @return
*/
private String getIamSign(String nonceStr, String timestamp) {
Map<String, String> params = HttpRequestUtil.getCommonAuthParamClient(this.config.getClientId(), this.config.getClientSecret(), nonceStr, timestamp);
return HttpRequestUtil.getSign(params, this.config.getAppIamKey() + this.config.getClientSecret());
}
/**
* 请求认证参数集合
*
* @return
*/
private JSONObject getAuthParams() {
JSONObject params = JSONObject.create();
String nonceStr = radomString();
String timestamp = String.valueOf(System.currentTimeMillis());
params.put("client_id", this.config.getClientId());
params.put("client_secret", this.config.getClientSecret());
params.put("nonce_str", nonceStr);
params.put("timestamp", timestamp);
params.put("sign", getIamSign(nonceStr, timestamp));
return params;
}
private static class HOLDER {
private static final SsoUserManager INSTANCE = new SsoUserManager();
}
}

131
src/main/java/com/fr/plugin/hdmu/utils/AESOperator.java
Unescape View File

@ -0,0 +1,131 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: AESOperator
* Author: Louis
* Date: 2021/8/6 14:31
*/
package com.fr.plugin.hdmu.utils;
import com.fr.base.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
/**
* <Function Description><br>
* <AESOperator>
*
* @author fr.open
* @since 1.0.0
*/
public class AESOperator {
private String sKey = "xxxx";//key,可自行修改
private String ivParameter = "xxxx";//偏移量,可自行修改
private static AESOperator instance = null;
private AESOperator() {
}
public static AESOperator getInstance() {
if (instance == null)
instance = new AESOperator();
return instance;
}
public static String Encrypt(String encData, String secretKey, String vector) throws Exception {
if (secretKey == null) {
return null;
}
if (secretKey.length() != 16) {
return null;
}
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] raw = secretKey.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
IvParameterSpec iv = new IvParameterSpec(vector.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(encData.getBytes("utf-8"));
return Base64.encode(encrypted);// 此处使用BASE64做转码。
}
// 加密
public String encrypt(String sSrc) throws Exception {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] raw = sKey.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
return Base64.encode(encrypted);// 此处使用BASE64做转码。
}
// 解密
public String decrypt(String sSrc) throws Exception {
try {
byte[] raw = sKey.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = Base64.decode(sSrc);// 先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception ex) {
return null;
}
}
public String decrypt(String sSrc, String key, String ivs) throws Exception {
try {
byte[] raw = key.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec iv = new IvParameterSpec(ivs.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = Base64.decode(sSrc);// 先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception ex) {
return null;
}
}
public static String encodeBytes(byte[] bytes) {
StringBuffer strBuf = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
strBuf.append((char) (((bytes[i] >> 4) & 0xF) + ((int) 'a')));
strBuf.append((char) (((bytes[i]) & 0xF) + ((int) 'a')));
}
return strBuf.toString();
}
public static void main(String[] args) throws Exception {
// 需要加密的字串
String cSrc = "P@ssw0rd@2018";
// 加密
long lStart = System.currentTimeMillis();
String enString = AESOperator.getInstance().encrypt(cSrc);
System.out.println("加密后的字串是:" + enString);
long lUseTime = System.currentTimeMillis() - lStart;
System.out.println("加密耗时:" + lUseTime + "毫秒");
// 解密
lStart = System.currentTimeMillis();
String DeString = AESOperator.getInstance().decrypt(enString);
System.out.println("解密后的字串是:" + DeString);
lUseTime = System.currentTimeMillis() - lStart;
System.out.println("解密耗时:" + lUseTime + "毫秒");
}
}

555
src/main/java/com/fr/plugin/hdmu/utils/HttpRequestUtil.java
Unescape View File

@ -0,0 +1,555 @@
package com.fr.plugin.hdmu.utils;
import com.fanruan.api.util.StringKit;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.*;
public class HttpRequestUtil {
public static final String CODE = "code";
public static final String REFRESH_TOKEN = "refresh_token";
public static final String AUTHORIZATION_CODE = "authorization_code";
public static final String APP_SECRET_KEY = "xxxx"; // 密钥,向IAM申请
static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
}
/**
* 根据请求的URL是https还是http请求数据
*
* @param sendUrl
* @param param
* @return
* @throws Exception
*/
public static String getResult(String sendUrl, String param)
throws Exception {
if (sendUrl.startsWith("https")) {
return getResultByHttps(sendUrl, param);
}
return getResultByHttp(sendUrl, param);
}
private static String getResultByHttps(String sendUrl, String param)
throws NoSuchAlgorithmException, KeyManagementException,
IOException {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
// javax.net.ssl.SSLContext sc =
// javax.net.ssl.SSLContext.getInstance("SSL");
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSLv3");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
OutputStream out = null;
BufferedReader reader = null;
String result = "";
URL url = null;
HttpsURLConnection conn = null;
try {
url = new URL(sendUrl);
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-type",
"application/x-www-form-urlencoded");
// 必须设置false,否则会自动redirect到重定向后的地址
conn.setInstanceFollowRedirects(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", "UTF-8");
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(15000);
conn.setReadTimeout(15000);
conn.connect();
out = conn.getOutputStream();
out.write(param.getBytes());
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, "UTF-8"));
String line = "";
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
if (conn != null) {
conn.disconnect();
}
if (out != null) {
out.close();
}
if (reader != null) {
reader.close();
}
}
return result;
}
private static String getResultByHttp(String sendUrl, String param)
throws NoSuchAlgorithmException, KeyManagementException,
IOException {
HttpURLConnection conn = null;
OutputStream out = null;
BufferedReader reader = null;
String result = "";
try {
URL url = new URL(sendUrl);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", "UTF-8");
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(15000);
conn.setReadTimeout(150000);
conn.connect();
out = conn.getOutputStream();
out.write(param.getBytes());
out.flush();
out.close();
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, "UTF-8"));
String line;
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (reader != null) {
reader.close();
}
out.close();
conn.disconnect();
}
return result;
}
public static String getSign(Map<String, String> params, String secret) {
String sign = "";
StringBuilder sb = new StringBuilder();
//排序
Set<String> keyset = params.keySet();
TreeSet<String> sortSet = new TreeSet<String>();
sortSet.addAll(keyset);
Iterator<String> it = sortSet.iterator();
//加密字符串
while (it.hasNext()) {
String key = it.next();
String value = params.get(key);
sb.append(key).append(value);
}
sb.append("appkey").append(secret);
try {
sign = DigestUtils.md5Hex(sb.toString()).toUpperCase();
} catch (Exception e) {
}
return sign;
}
/**
* 组装获取用户api参数含签名
*
* @param client_ID
* @param client_secret
* @param token
* @return
*/
public static String getUserParam(String client_ID, String client_secret, String token) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
if (token.contains("access_token=")) {
int strStartIndex = token.indexOf("access_token=");
int strEndIndex = token.indexOf("&expires");
String access_token = token.substring(strStartIndex, strEndIndex).substring("access_token=".length());
params.put("access_token", access_token);
} else {
params.put("access_token", token);
}
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
/**
* 组装检查心跳API参数含签名
*
* @param client_ID
* @param client_secret
* @return
*/
public static String getIAMServiceParam(String client_ID, String client_secret) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
public static String radomString() {
String result = "";
for (int i = 0; i < 10; i++) {
int intVal = (int) (Math.random() * 26 + 97);
result = result + (char) intVal;
}
return result;
}
/**
* 组装获取token api参数 含签名
*
* @param client_ID
* @param client_secret
* @param redirect_uri
* @param code
* @return
*/
public static String getAccessTokenParam(String client_ID, String client_secret, String redirect_uri, String code) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
params.put("code", code);
params.put("redirect_uri", redirect_uri);
params.put("grant_type", "authorization_code");
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
public static Map<String, String> getCommonAuthParamClient(String client_ID, String client_secret, String nonce_str, String timestamp) {
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("timestamp", timestamp);
return params;
}
public static String postGeneralUrl(String generalUrl, String contentType,
String params, String encoding, String hander) throws Exception {
URL url = new URL(generalUrl);
// 打开和URL之间的连接
HttpURLConnection connection = null;
String result = "";
OutputStream out = null;
BufferedReader in = null;
try {
connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
// 设置通用的请求属性
connection.setRequestProperty("Content-Type", contentType);
connection.setRequestProperty("Connection", "Keep-Alive");
connection.setUseCaches(false);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setConnectTimeout(5000);
if (hander != null) {
if (hander.equals("1")) {
connection.setRequestProperty("SOAPAction", "");
} else {
connection.setRequestProperty("Authorization", hander);
}
}
// 得到请求的输出流对象
out = connection.getOutputStream();
out.write(params.getBytes(encoding));
out.flush();
out.close();
// 建立实际的连接
connection.connect();
in = new BufferedReader(new InputStreamReader(connection
.getInputStream(), encoding));
result = "";
String getLine;
while ((getLine = in.readLine()) != null) {
result += getLine;
}
in.close();
} catch (Exception e) {
return e.getMessage();
} finally {
if (connection != null) {
connection.disconnect();
}
if (out != null) {
out.close();
}
if (in != null) {
in.close();
}
}
return result;
}
public static String postGeneralUrlByHttps(String generalUrl, String contentType,
String params, String encoding, String hander) throws Exception {
URL url = new URL(generalUrl);
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
// javax.net.ssl.SSLContext sc =
// javax.net.ssl.SSLContext.getInstance("SSL");
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSLv3");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
OutputStream out = null;
BufferedReader reader = null;
String result = "";
HttpsURLConnection conn = null;
try {
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-type", contentType);
// 必须设置false,否则会自动redirect到重定向后的地址
conn.setInstanceFollowRedirects(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", encoding);
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(5000);
if (hander != null) {
if (hander.equals("1")) {
conn.setRequestProperty("SOAPAction", "");
} else {
conn.setRequestProperty("Authorization", hander);
}
}
conn.connect();
out = conn.getOutputStream();
out.write(params.getBytes("UTF-8"));
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, encoding));
String line = "";
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
return e.getMessage();
} finally {
if (conn != null) {
conn.disconnect();
}
if (out != null) {
out.close();
}
if (reader != null) {
reader.close();
}
}
return result;
}
public static String post(String requestUrl, String params) throws Exception {
String url = requestUrl;
if (url.startsWith("https")) {
return HttpRequestUtil.postGeneralUrlByHttps(url, "application/json", params, "UTF-8", null);
}
return HttpRequestUtil.postGeneralUrl(url, "application/json", params, "UTF-8", null);
}
public static void main(String[] args) {
//key,由IAM提供,应用方保存,该 值与单点登录得key不一致
String key = "EEF3D161ADTRF900FEF15331AB8428ER3DB71F5845C036533555F99YU8";
//client_id, client_secret由IAM提供,应用方保存
String client_id = "6ca40SUju3";
String client_secret = "362ead09-238b-4a6a-a853-b88b24739cee";
String nonce_str = radomString();
String timestamp = String.valueOf(System.currentTimeMillis());
//1. 生成参与签名得参数
Map<String, String> params = HttpRequestUtil.getCommonAuthParamClient(client_id, client_secret, nonce_str, timestamp);
//2. 生成签名
String sign = HttpRequestUtil.getSign(params, key + client_secret);
//3. 组装调用接口得参数
params.put("sign", sign);
params.put("pageSize", "1000");//最大不超过1000
params.put("pageIndex", "1");
JSONObject jb = JSONObject.fromObject(params);
System.out.println("param:" + jb.toString());
//4. 调用接口
String queryAccUrl = "http://paraview.paraesc.com/iamquery/service/api/v1/accountSync/queryIncrePagingAccountInfo";
String reuslt = "";
try {
reuslt = HttpRequestUtil.post(queryAccUrl, jb.toString());
} catch (Exception e) {
}
System.out.println("result:" + reuslt);
//获取账号信息后需要回调IAM接口
//1. 解析获取后得数据
JSONObject jb_ret = JSONObject.fromObject(reuslt);
String acc_list = jb_ret.getString("result");
if (StringKit.isEmpty(acc_list)) {
return;
}
JSONArray json_arr = JSONArray.fromObject(acc_list);
JSONArray ja_call_arr = new JSONArray();
for (int i = 0; i < json_arr.size(); i++) {
JSONObject obj = (JSONObject) json_arr.get(i);
String requestLogId = obj.getString("requestLogId");
if (StringKit.isEmpty(requestLogId)) {
continue;
}
JSONObject jb_call = new JSONObject();
jb_call.put("requestLogId", requestLogId);
ja_call_arr.element(jb_call);
}
//2. 组装签名参数
String timestamp_call = String.valueOf(System.currentTimeMillis());
Map<String, String> params_call = HttpRequestUtil.getCommonAuthParamClient(client_id, client_secret, nonce_str, timestamp_call);
//3. 生成签名
String sign_call = HttpRequestUtil.getSign(params_call, key + client_secret);
params_call.put("sign", sign_call);
params_call.put("requestlog_str", ja_call_arr.toString());
JSONObject jb_call = JSONObject.fromObject(params_call);
System.out.println("param:" + jb_call.toString());
String callAccUrl = "http://paraview.paraesc.com/iamquery/service/api/v1/accountSync/updateIamAccountStatus";
String reuslt_call = "";
//4. 调用接口
try {
reuslt_call = HttpRequestUtil.post(callAccUrl, jb_call.toString());
} catch (Exception e) {
}
System.out.println("reuslt_call:" + reuslt_call);
}
}

32
src/main/java/com/fr/plugin/hdmu/web/WebResourceComponent.java
Unescape View File

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: WebResourceComponent
* Author: Louis
* Date: 2020/8/31 16:39
*/
package com.fr.plugin.hdmu.web;
import com.fr.plugin.context.PluginContexts;
import com.fr.web.struct.Component;
import com.fr.web.struct.browser.RequestClient;
import com.fr.web.struct.category.ScriptPath;
/**
* <Function Description><br>
* <WebResourceComponent>
*
* @author fr.open
* @since 1.0.0
*/
public class WebResourceComponent extends Component {
public static final WebResourceComponent KEY = new WebResourceComponent();
@Override
public ScriptPath script(RequestClient requestClient) {
if (PluginContexts.currentContext().isAvailable()) {
return ScriptPath.build("/com/fr/plugin/hdmu/web/hdmu.js");
}
return ScriptPath.EMPTY;
}
}

25
src/main/resources/com/fr/plugin/hdmu/locale/lang.properties
Unescape View File

@ -0,0 +1,25 @@
Plugin-hdmu=Sso Plugin
Plugin-hdmu_Group=Sso Plugin
Plugin-hdmu_Config_ClientId=Client Id
Plugin-hdmu_Config_ClientId_Description=Client Id
Plugin-hdmu_Config_ClientSecret=Client Secret
Plugin-hdmu_Config_ClientSecret_Description=Client Secret
Plugin-hdmu_Config_UriBase=Uri Base
Plugin-hdmu_Config_UriBase_Description=Uri Base
Plugin-hdmu_Config_FrUri=FR Uri
Plugin-hdmu_Config_FrUri_Description=FR Uri
Plugin-hdmu_Config_CronCondition=Cron Condition
Plugin-hdmu_Config_CronCondition_Description=Cron Condition
Plugin-hdmu_Config_AppID=SSO App ID
Plugin-hdmu_Config_AppID_Description=SSO App ID
Plugin-hdmu_Config_UriIam=Uri Iam
Plugin-hdmu_Config_UriIam_Description=Uri Iam
Plugin-hdmu_Config_AppIamKey=IAM\u7533\u8BF7\u88AB\u63A8App ID
Plugin-hdmu_Config_AppIamKey_Description=idm\u5E94\u7528\u914D\u7F6E\u7533\u8BF7\u7684\u88AB\u63A8App ID
Plugin-hdmu_Config_CheckIamCron=Check Iam Cron Condition
Plugin-hdmu_Config_CheckIamCron_Description=Check Iam Cron Condition
Plugin-hdmu_Config_IamStatus=Iam Status
Plugin-hdmu_Config_IamStatus_Description=Iam Status
Plugin-hdmu_Config_UpdateTime=Update Time
Plugin-hdmu_Config_UpdateTime_Description=Update Time, Format:2019-11-01 00:00:00
Plugin-hdmu_Licence_Expired=Sso Plugin Licence Expired

25
src/main/resources/com/fr/plugin/hdmu/locale/lang_zh_CN.properties
Unescape View File

@ -0,0 +1,25 @@
Plugin-hdmu=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
Plugin-hdmu_Group=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
Plugin-hdmu_Config_ClientId=\u5E94\u7528\u6CE8\u518CID
Plugin-hdmu_Config_ClientId_Description=\u5E94\u7528\u6CE8\u518CID
Plugin-hdmu_Config_ClientSecret=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
Plugin-hdmu_Config_ClientSecret_Description=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
Plugin-hdmu_Config_UriBase=\u5355\u70B9\u63A5\u53E3
Plugin-hdmu_Config_UriBase_Description=\u5355\u70B9\u63A5\u53E3
Plugin-hdmu_Config_FrUri=\u5E06\u8F6F\u7CFB\u7EDFurl
Plugin-hdmu_Config_FrUri_Description=\u5E06\u8F6F\u7CFB\u7EDFurl
Plugin-hdmu_Config_CronCondition=\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_CronCondition_Description=\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_AppID=\u5355\u70B9\u767B\u9646App Key
Plugin-hdmu_Config_AppID_Description=\u5355\u70B9\u767B\u9646App Key
Plugin-hdmu_Config_UriIam=IAM\u540C\u6B65\u63A5\u53E3
Plugin-hdmu_Config_UriIam_Description=IAM\u540C\u6B65\u63A5\u53E3
Plugin-hdmu_Config_AppIamKey=IAM\u7533\u8BF7\u88AB\u63A8App Key
Plugin-hdmu_Config_AppIamKey_Description=idm\u5E94\u7528\u914D\u7F6E\u7533\u8BF7\u7684\u88AB\u63A8App Key
Plugin-hdmu_Config_CheckIamCron=\u68C0\u6D4B\u5FC3\u8DF3\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_CheckIamCron_Description=\u68C0\u6D4B\u5FC3\u8DF3\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_IamStatus=Iam\u72B6\u6001
Plugin-hdmu_Config_IamStatus_Description=Iam\u72B6\u6001
Plugin-hdmu_Config_UpdateTime=\u540C\u6B65\u66F4\u65B0\u65F6\u95F4
Plugin-hdmu_Config_UpdateTime_Description=\u540C\u6B65\u66F4\u65B0\u65F6\u95F4\uFF0C\u683C\u5F0F\u4E3A2019-11-01 00:00:00
Plugin-hdmu_Licence_Expired=\u5355\u70B9\u767B\u9646\u63D2\u4EF6\u8BB8\u53EF\u8FC7\u671F

14
src/main/resources/com/fr/plugin/hdmu/web/hdmu.js
Unescape View File

@ -0,0 +1,14 @@
!(function () {
BI.config("dec.constant.account.items", function (items) {
$.extend(items[items.length - 1], {
handler: function () {
Dec.Utils.logout((function (e) {
Dec.Utils.clearLoginToken();
window.parent.location.href = e;
}
));
}
})
return items;
});
})();
Write Preview
Loading…
Cancel
Save