Browse Source

提交开源任务材料

master
LAPTOP-SB56SG4Q\86185 3 years ago
parent
commit
4715e8ab45
  1. BIN
      JSD-9581-需求确认书V1.docx
  2. BIN
      JSD-9581配置使用文档.docx
  3. 5
      README.md
  4. BIN
      lib/commons-beanutils-1.8.0.jar
  5. BIN
      lib/commons-collections-3.2.1.jar
  6. BIN
      lib/commons-lang-2.5.jar
  7. BIN
      lib/commons-logging-1.1.1.jar
  8. BIN
      lib/finekit-10.0.jar
  9. BIN
      lib/json-lib-2.4-jdk15.jar
  10. 27
      plugin.xml
  11. 55
      src/main/java/com/fr/plugin/hdmu/CustomLogInOut.java
  12. 32
      src/main/java/com/fr/plugin/hdmu/JSCSSBridge.java
  13. 37
      src/main/java/com/fr/plugin/hdmu/LocaleFinder.java
  14. 60
      src/main/java/com/fr/plugin/hdmu/PluginMonitor.java
  15. 107
      src/main/java/com/fr/plugin/hdmu/bean/SsoUserJobConstructor.java
  16. 152
      src/main/java/com/fr/plugin/hdmu/config/SsoConfig.java
  17. 90
      src/main/java/com/fr/plugin/hdmu/helper/SsoUserScheduleHelper.java
  18. 35
      src/main/java/com/fr/plugin/hdmu/job/SsoUserCheckIamJob.java
  19. 34
      src/main/java/com/fr/plugin/hdmu/job/SsoUserSyncMemberJob.java
  20. 87
      src/main/java/com/fr/plugin/hdmu/kit/DepartmentServiceKit.java
  21. 54
      src/main/java/com/fr/plugin/hdmu/kit/PositionServiceKit.java
  22. 197
      src/main/java/com/fr/plugin/hdmu/kit/UserServiceKit.java
  23. 32
      src/main/java/com/fr/plugin/hdmu/request/HttpAuthorizeBridge.java
  24. 269
      src/main/java/com/fr/plugin/hdmu/request/OAuthLogin.java
  25. 382
      src/main/java/com/fr/plugin/hdmu/user/SsoUserManager.java
  26. 131
      src/main/java/com/fr/plugin/hdmu/utils/AESOperator.java
  27. 555
      src/main/java/com/fr/plugin/hdmu/utils/HttpRequestUtil.java
  28. 32
      src/main/java/com/fr/plugin/hdmu/web/WebResourceComponent.java
  29. 25
      src/main/resources/com/fr/plugin/hdmu/locale/lang.properties
  30. 25
      src/main/resources/com/fr/plugin/hdmu/locale/lang_zh_CN.properties
  31. 14
      src/main/resources/com/fr/plugin/hdmu/web/hdmu.js

BIN
JSD-9581-需求确认书V1.docx

Binary file not shown.

BIN
JSD-9581配置使用文档.docx

Binary file not shown.

5
README.md

@ -1,3 +1,6 @@
# open-JSD-9581
JSD-9581 OAuth2单点+用户同步
JSD-9581 OAuth2单点+用户同步\
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\
仅作为开发者学习参考使用!禁止用于任何商业用途!\
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系hugh处理。

BIN
lib/commons-beanutils-1.8.0.jar

Binary file not shown.

BIN
lib/commons-collections-3.2.1.jar

Binary file not shown.

BIN
lib/commons-lang-2.5.jar

Binary file not shown.

BIN
lib/commons-logging-1.1.1.jar

Binary file not shown.

BIN
lib/finekit-10.0.jar

Binary file not shown.

BIN
lib/json-lib-2.4-jdk15.jar

Binary file not shown.

27
plugin.xml

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<plugin>
<id>com.fr.plugin.hdmu.sso</id>
<name><![CDATA[单点登陆用户同步]]></name>
<active>yes</active>
<version>1.4.4</version>
<env-version>10.0</env-version>
<jartime>2018-07-31</jartime>
<vendor>fr.open</vendor>
<description><![CDATA[单点登陆用户同步]]></description>
<change-notes><![CDATA[单点登陆用户同步]]></change-notes>
<main-package>com.fr.plugin.hdmu</main-package>
<prefer-packages>
<prefer-package>com.fanruan.api</prefer-package>
</prefer-packages>
<lifecycle-monitor class="com.fr.plugin.hdmu.PluginMonitor"/>
<extra-core>
<LocaleFinder class="com.fr.plugin.hdmu.LocaleFinder"/>
</extra-core>
<extra-decision>
<GlobalRequestFilterProvider class="com.fr.plugin.hdmu.request.OAuthLogin"/>
<HttpAuthorizeProvider class="com.fr.plugin.hdmu.request.HttpAuthorizeBridge"/>
<LogInOutEventProvider class="com.fr.plugin.hdmu.CustomLogInOut"/>
<WebResourceProvider class="com.fr.plugin.hdmu.JSCSSBridge"/>
</extra-decision>
<function-recorder class="com.fr.plugin.hdmu.LocaleFinder"/>
</plugin>

55
src/main/java/com/fr/plugin/hdmu/CustomLogInOut.java

@ -0,0 +1,55 @@
/**
* Copyright (C), 2015-2021
* FileName: CustomLogInOut
* Author: Louis
* Date: 2019/6/19 16:25
* Description: CustomLogInOut
* History:
* <author> <time> <version> <desc>
*/
package com.fr.plugin.hdmu;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
import com.fr.decision.webservice.login.LogInOutResultInfo;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.stable.fun.Authorize;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* Function Description<br>
* CustomLogInOut
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public class CustomLogInOut extends AbstractLogInOutEventProvider {
public static final String LOGOUT_PATH = "/logout";
private final SsoConfig config;
public CustomLogInOut() {
this.config = SsoConfig.getInstance();
}
/**
* 用户登出处理
*
* @param result
* @return
*/
@Override
public String logoutAction(LogInOutResultInfo result) {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return null;
}
String url = this.config.getUriBase() + LOGOUT_PATH + "?service=" + this.config.getFrUri();
LogKit.info("hdmu-CustomLogInOut-logoutAction-logoutUrl:{}", url);
return url;
}
}

32
src/main/java/com/fr/plugin/hdmu/JSCSSBridge.java

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: JSCSSBridge
* Author: Louis
* Date: 2020/8/31 16:34
*/
package com.fr.plugin.hdmu;
import com.fr.decision.fun.impl.AbstractWebResourceProvider;
import com.fr.decision.web.MainComponent;
import com.fr.plugin.hdmu.web.WebResourceComponent;
import com.fr.web.struct.Atom;
/**
* <Function Description><br>
* <平台组件定制JSCSSBridge>
*
* @author fr.open
* @since 1.0.0
*/
public class JSCSSBridge extends AbstractWebResourceProvider {
@Override
public Atom attach() {
return MainComponent.KEY;
}
@Override
public Atom client() {
return WebResourceComponent.KEY;
}
}

37
src/main/java/com/fr/plugin/hdmu/LocaleFinder.java

@ -0,0 +1,37 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: LocaleFinder
* Author: Louis
* Date: 2020/8/31 22:19
*/
package com.fr.plugin.hdmu;
import com.fr.intelli.record.Focus;
import com.fr.intelli.record.Original;
import com.fr.record.analyzer.EnableMetrics;
import com.fr.stable.fun.impl.AbstractLocaleFinder;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* <Function Description><br>
* <LocaleFinder>
*
* @author fr.open
* @since 1.0.0
*/
@EnableMetrics
public class LocaleFinder extends AbstractLocaleFinder {
@Override
@Focus(id = PLUGIN_ID, text = "Plugin-hdmu", source = Original.PLUGIN)
public String find() {
return "com/fr/plugin/hdmu/locale/lang";
}
@Override
public int currentAPILevel() {
return CURRENT_LEVEL;
}
}

60
src/main/java/com/fr/plugin/hdmu/PluginMonitor.java

@ -0,0 +1,60 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: PluginMonitor
* Author: Louis
* Date: 2021/3/30 15:10
*/
package com.fr.plugin.hdmu;
import com.fanruan.api.log.LogKit;
import com.fr.plugin.context.PluginContext;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.helper.SsoUserScheduleHelper;
import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
import static com.fr.plugin.hdmu.helper.SsoUserScheduleHelper.*;
/**
* <Function Description><br>
* <PluginMonitor>
*
* @author fr.open
* @since 1.0.0
*/
public class PluginMonitor extends AbstractPluginLifecycleMonitor {
public PluginMonitor() {
}
@Override
public void afterRun(PluginContext pluginContext) {
SsoConfig.getInstance();
this.reStartSchedule();
// 测试执行
// try {
// SsoUserManager.getInstance().synSSODepartments();
// } catch (Exception e) {
// LogKit.error(e.getMessage(), e);
// }
}
@Override
public void beforeStop(PluginContext pluginContext) {
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME, SSO_USER_SCHEDULE_SYN_MEMBER_GROUP);
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME, SSO_USER_SCHEDULE_CHECK_IAM_GROUP);
}
private void reStartSchedule() {
try {
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME, SSO_USER_SCHEDULE_SYN_MEMBER_GROUP);
SsoUserScheduleHelper.getInstance().stopSchedule(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME, SSO_USER_SCHEDULE_CHECK_IAM_GROUP);
String cronCondition = SsoConfig.getInstance().getCronCondition();
String checkIamCron = SsoConfig.getInstance().getCheckIamCron();
SsoUserScheduleHelper.getInstance().startSynMemberSchedule(cronCondition);
SsoUserScheduleHelper.getInstance().startCheckIamSchedule(checkIamCron);
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

107
src/main/java/com/fr/plugin/hdmu/bean/SsoUserJobConstructor.java

@ -0,0 +1,107 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserJobConstructor
* Author: Louis
* Date: 2021/4/21 15:58
*/
package com.fr.plugin.hdmu.bean;
import com.fr.scheduler.job.FineScheduleJob;
/**
* <Function Description><br>
* <SsoUserJobConstructor>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserJobConstructor {
private String cron;
private String jobName;
private String jobGroup;
private String triggerName;
private String triggerGroup;
private Class<? extends FineScheduleJob> jobClazz;
public SsoUserJobConstructor() {
}
public SsoUserJobConstructor cron(String var1) {
this.setCron(var1);
return this;
}
public String getCron() {
return this.cron;
}
public void setCron(String var1) {
this.cron = var1;
}
public SsoUserJobConstructor jobName(String var1) {
this.setJobName(var1);
return this;
}
public String getJobName() {
return this.jobName;
}
public void setJobName(String var1) {
this.jobName = var1;
}
public SsoUserJobConstructor jobGroup(String var1) {
this.setJobGroup(var1);
return this;
}
public String getJobGroup() {
return this.jobGroup;
}
public void setJobGroup(String var1) {
this.jobGroup = var1;
}
public SsoUserJobConstructor triggerName(String var1) {
this.setTriggerName(var1);
return this;
}
public String getTriggerName() {
return this.triggerName;
}
public void setTriggerName(String var1) {
this.triggerName = var1;
}
public SsoUserJobConstructor triggerGroup(String var1) {
this.setTriggerGroup(var1);
return this;
}
public String getTriggerGroup() {
return this.triggerGroup;
}
public void setTriggerGroup(String var1) {
this.triggerGroup = var1;
}
public SsoUserJobConstructor jobClazz(Class<? extends FineScheduleJob> var1) {
this.setJobClazz(var1);
return this;
}
public Class<? extends FineScheduleJob> getJobClazz() {
return this.jobClazz;
}
public void setJobClazz(Class<? extends FineScheduleJob> var1) {
this.jobClazz = var1;
}
}

152
src/main/java/com/fr/plugin/hdmu/config/SsoConfig.java

@ -0,0 +1,152 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoConfig
* Author: Louis
* Date: 2021/3/30 9:38
*/
package com.fr.plugin.hdmu.config;
import com.fanruan.api.util.StringKit;
import com.fr.config.*;
import com.fr.config.holder.Conf;
import com.fr.config.holder.factory.Holders;
import com.fr.intelli.record.Focus;
import com.fr.intelli.record.Original;
/**
* <Function Description><br>
* <SsoConfig>
*
* @author fr.open
* @since 1.0.0
*/
@Visualization(category = "Plugin-hdmu_Group")
public class SsoConfig extends DefaultConfiguration {
public static final String PLUGIN_ID = "com.fr.plugin.hdmu.sso";
public static final String BASE_URI = "https://127.0.0";
public static final String URI_IAM = "xxxx";
// 每天中午十二点触发
public static final String CRON_CONDITION = "0 0 12 * * ?";
public static final String ROOT_DEP_ID = "ROOT";
private static volatile SsoConfig config = null;
@Identifier(value = "clientId", name = "Plugin-hdmu_Config_ClientId", description = "Plugin-hdmu_Config_ClientId_Description", status = Status.SHOW)
private Conf<String> clientId = Holders.simple(StringKit.EMPTY);
@Identifier(value = "clientSecret", name = "Plugin-hdmu_Config_ClientSecret", description = "Plugin-hdmu_Config_ClientSecret_Description", status = Status.SHOW)
private Conf<String> clientSecret = Holders.simple(StringKit.EMPTY);
@Identifier(value = "uriBase", name = "Plugin-hdmu_Config_UriBase", description = "Plugin-hdmu_Config_UriBase_Description", status = Status.SHOW)
private Conf<String> uriBase = Holders.simple(BASE_URI);
@Identifier(value = "frUri", name = "Plugin-hdmu_Config_FrUri", description = "Plugin-hdmu_Config_FrUri_Description", status = Status.SHOW)
private Conf<String> frUri = Holders.simple(StringKit.EMPTY);
@Identifier(value = "appID", name = "Plugin-hdmu_Config_AppID", description = "Plugin-hdmu_Config_AppID_Description", status = Status.SHOW)
private Conf<String> appID = Holders.simple(StringKit.EMPTY);
@Identifier(value = "cronCondition", name = "Plugin-hdmu_Config_CronCondition", description = "Plugin-hdmu_Config_CronCondition_Description", status = Status.SHOW)
private Conf<String> cronCondition = Holders.simple(CRON_CONDITION);
@Identifier(value = "uriIam", name = "Plugin-hdmu_Config_UriIam", description = "Plugin-hdmu_Config_UriIam_Description", status = Status.SHOW)
private Conf<String> uriIam = Holders.simple(URI_IAM);
@Identifier(value = "appIamKey", name = "Plugin-hdmu_Config_AppIamKey", description = "Plugin-hdmu_Config_AppIamKey_Description", status = Status.SHOW)
private Conf<String> appIamKey = Holders.simple(StringKit.EMPTY);
@Identifier(value = "checkIamCron", name = "Plugin-hdmu_Config_CheckIamCron", description = "Plugin-hdmu_Config_CheckIamCron_Description", status = Status.SHOW)
private Conf<String> checkIamCron = Holders.simple(CRON_CONDITION);
@Identifier(value = "iamStatus", name = "Plugin-hdmu_Config_IamStatus", description = "Plugin-hdmu_Config_IamStatus_Description", status = Status.SHOW)
private Conf<Boolean> iamStatus = Holders.simple(Boolean.TRUE);
@Identifier(value = "updateTime", name = "Plugin-hdmu_Config_UpdateTime", description = "Plugin-hdmu_Config_UpdateTime_Description", status = Status.SHOW)
private Conf<String> updateTime = Holders.simple(StringKit.EMPTY);
@Focus(id = PLUGIN_ID, text = "Plugin-hdmu", source = Original.PLUGIN)
public static SsoConfig getInstance() {
if (config == null) {
config = ConfigContext.getConfigInstance(SsoConfig.class);
}
return config;
}
public String getClientId() {
return clientId.get();
}
public void setClientId(String clientId) {
this.clientId.set(clientId);
}
public String getClientSecret() {
return clientSecret.get();
}
public void setClientSecret(String clientSecret) {
this.clientSecret.set(clientSecret);
}
public String getUriBase() {
return uriBase.get();
}
public void setUriBase(String uriBase) {
this.uriBase.set(uriBase);
}
public String getFrUri() {
return frUri.get();
}
public void setFrUri(String frUri) {
this.frUri.set(frUri);
}
public String getCronCondition() {
return cronCondition.get();
}
public void setCronCondition(String cronCondition) {
this.cronCondition.set(cronCondition);
}
public String getAppID() {
return appID.get();
}
public void setAppID(String appID) {
this.appID.set(appID);
}
public String getUriIam() {
return uriIam.get();
}
public void setUriIam(String uriIam) {
this.uriIam.set(uriIam);
}
public String getAppIamKey() {
return appIamKey.get();
}
public void setAppIamKey(String appIamKey) {
this.appIamKey.set(appIamKey);
}
public String getCheckIamCron() {
return checkIamCron.get();
}
public void setCheckIamCron(String checkIamCron) {
this.checkIamCron.set(checkIamCron);
}
public Boolean getIamStatus() {
return iamStatus.get();
}
public void setIamStatus(Boolean iamStatus) {
this.iamStatus.set(iamStatus);
}
public String getUpdateTime() {
return updateTime.get();
}
public void setUpdateTime(String updateTime) {
this.updateTime.set(updateTime);
}
}

90
src/main/java/com/fr/plugin/hdmu/helper/SsoUserScheduleHelper.java

@ -0,0 +1,90 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserScheduleHelper
* Author: Louis
* Date: 2021/4/21 15:52
*/
package com.fr.plugin.hdmu.helper;
import com.fr.plugin.hdmu.bean.SsoUserJobConstructor;
import com.fr.plugin.hdmu.job.SsoUserCheckIamJob;
import com.fr.plugin.hdmu.job.SsoUserSyncMemberJob;
import com.fr.scheduler.ScheduleJobManager;
import com.fr.third.v2.org.quartz.CronScheduleBuilder;
import com.fr.third.v2.org.quartz.TriggerBuilder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.TimeZone;
/**
* <Function Description><br>
* <SsoUserScheduleHelper>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserScheduleHelper {
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME = "MqhSsoUserSynDepMemberJob";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_NAME = "MqhSsoUserSynDepMemberTrigger";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_GROUP = "MqhSsoUserSynDepMemberGroup";
public static final String SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_GROUP = "MqhSsoUserSynDepMemberTriggerGroup";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME = "MqhSsoUserCheckIamJob";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_NAME = "MqhSsoUserCheckIamTrigger";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_GROUP = "MqhSsoUserCheckIamGroup";
public static final String SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_GROUP = "MqhSsoUserCheckIamTriggerGroup";
private SsoUserScheduleHelper() {
}
public static SsoUserScheduleHelper getInstance() {
return HOLDER.INSTANCE;
}
public void startCheckIamSchedule(String cronCondition) throws Exception {
SsoUserJobConstructor jobConstructor = (new SsoUserJobConstructor())
.cron(cronCondition).jobName(SSO_USER_SCHEDULE_CHECK_IAM_JOB_NAME)
.jobGroup(SSO_USER_SCHEDULE_CHECK_IAM_GROUP).triggerName(SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_NAME)
.triggerGroup(SSO_USER_SCHEDULE_CHECK_IAM_TRIGGER_GROUP).jobClazz(SsoUserCheckIamJob.class);
this.startSchedule(jobConstructor);
}
public void startSynMemberSchedule(String cronCondition) throws Exception {
SsoUserJobConstructor jobConstructor = (new SsoUserJobConstructor())
.cron(cronCondition).jobName(SSO_USER_SCHEDULE_SYN_MEMBER_JOB_NAME)
.jobGroup(SSO_USER_SCHEDULE_SYN_MEMBER_GROUP).triggerName(SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_NAME)
.triggerGroup(SSO_USER_SCHEDULE_SYN_MEMBER_TRIGGER_GROUP).jobClazz(SsoUserSyncMemberJob.class);
this.startSchedule(jobConstructor);
}
public void startSchedule(SsoUserJobConstructor var1) throws Exception {
if (var1 != null) {
String var2 = var1.getCron();
String var3 = var1.getTriggerName();
String var4 = var1.getTriggerGroup();
String var5 = var1.getJobName();
String var6 = var1.getJobGroup();
Class var7 = var1.getJobClazz();
TriggerBuilder var8 = TriggerBuilder.newTrigger();
var8.withIdentity(var3, var4);
var8.withSchedule(CronScheduleBuilder.cronSchedule(var2).withMisfireHandlingInstructionFireAndProceed().inTimeZone(TimeZone.getTimeZone(TimeZone.getDefault().getID()))).startNow();
var8.forJob(var5, var6);
ArrayList var9 = new ArrayList();
var9.add(var8.build());
ScheduleJobManager.getInstance().removeJob(var5, var6);
ScheduleJobManager.getInstance().addJob(var5, var6, "jobDescription", var7, var9, new HashMap());
}
}
public void stopSchedule(String var1, String var2) {
ScheduleJobManager.getInstance().removeJob(var1, var2);
}
public static class HOLDER {
private static final SsoUserScheduleHelper INSTANCE = new SsoUserScheduleHelper();
public HOLDER() {
}
}
}

35
src/main/java/com/fr/plugin/hdmu/job/SsoUserCheckIamJob.java

@ -0,0 +1,35 @@
/*
* Copyright (C), 2018-2022
* Project: starter
* FileName: SsoUserCheckIamJob
* Author: Louis
* Date: 2022/1/30 10:44
*/
package com.fr.plugin.hdmu.job;
import com.fanruan.api.log.LogKit;
import com.fr.cluster.core.ClusterNode;
import com.fr.plugin.hdmu.user.SsoUserManager;
import com.fr.scheduler.job.FineScheduleJob;
import com.fr.third.v2.org.quartz.JobExecutionContext;
/**
* <Function Description><br>
* <SsoUserCheckIamJob>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserCheckIamJob extends FineScheduleJob {
public SsoUserCheckIamJob() {
}
@Override
public void run(JobExecutionContext jobExecutionContext, ClusterNode clusterNode) throws Exception {
try {
SsoUserManager.getInstance().checkIamService();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

34
src/main/java/com/fr/plugin/hdmu/job/SsoUserSyncMemberJob.java

@ -0,0 +1,34 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserSyncMemberJob
* Author: Louis
* Date: 2021/4/21 16:02
*/
package com.fr.plugin.hdmu.job;
import com.fanruan.api.log.LogKit;
import com.fr.cluster.core.ClusterNode;
import com.fr.plugin.hdmu.user.SsoUserManager;
import com.fr.scheduler.job.FineScheduleJob;
import com.fr.third.v2.org.quartz.JobExecutionContext;
/**
* <Function Description><br>
* <SsoUserSyncMemberJob>
*
* @author fr.open
* @since 1.0.0
*/
public class SsoUserSyncMemberJob extends FineScheduleJob {
public SsoUserSyncMemberJob() {
}
public void run(JobExecutionContext jobExecutionContext, ClusterNode clusterNode) {
try {
SsoUserManager.getInstance().synSSODepartments();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}

87
src/main/java/com/fr/plugin/hdmu/kit/DepartmentServiceKit.java

@ -0,0 +1,87 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: DepartmentServiceKit
* Author: Louis
* Date: 2021/5/14 9:38
*/
package com.fr.plugin.hdmu.kit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.Department;
import com.fr.decision.webservice.exception.general.DuplicatedNameException;
import com.fr.decision.webservice.v10.user.DepartmentService;
import com.fr.general.ComparatorUtils;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.condition.QueryCondition;
import com.fr.stable.query.restriction.Restriction;
import com.fr.stable.query.restriction.RestrictionFactory;
import static com.fr.decision.authority.base.AuthorityConstants.DECISION_DEP_ROOT;
/**
* <Function Description><br>
* <DepartmentServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class DepartmentServiceKit extends DepartmentService {
private static volatile DepartmentServiceKit departmentServiceKit = null;
public DepartmentServiceKit() {
}
public static DepartmentServiceKit getInstance() {
if (departmentServiceKit == null) {
departmentServiceKit = new DepartmentServiceKit();
}
return departmentServiceKit;
}
/**
* 根部门与FR根部门转换
*
* @param parentId
* @return
*/
public String changeRootId(String parentId) {
if (StringKit.isBlank(parentId) || StringKit.equals(parentId, SsoConfig.ROOT_DEP_ID)) {
return DECISION_DEP_ROOT;
}
return parentId;
}
public void addDepartment(String id, String pId, String depName) throws Exception {
if (StringKit.equals(pId, DECISION_DEP_ROOT)) {
pId = null;
}
this.checkDuplicatedDepartmentName(pId, depName);
Department department = (new Department()).id(id).name(depName).parentId(pId).creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true);
AuthorityContext.getInstance().getDepartmentController().add(department);
}
private void checkDuplicatedDepartmentName(String parentId, String depName) throws Exception {
QueryCondition condition = QueryFactory.create().addRestriction(RestrictionFactory.and(new Restriction[]{RestrictionFactory.eq("name", depName), RestrictionFactory.eq("parentId", parentId)}));
Department sameNameDep = AuthorityContext.getInstance().getDepartmentController().findOne(condition);
if (sameNameDep != null) {
throw new DuplicatedNameException();
}
}
public void editDepartment(String departmentId, String depName, String pId) throws Exception {
if (StringKit.equals(pId, DECISION_DEP_ROOT)) {
pId = null;
}
Department department = AuthorityContext.getInstance().getDepartmentController().getById(departmentId);
if (!ComparatorUtils.equals(department.getName(), depName) || !ComparatorUtils.equals(department.getParentId(), pId)) {
this.checkDuplicatedDepartmentName(pId, depName);
department.setName(depName);
department.setParentId(pId);
AuthorityContext.getInstance().getDepartmentController().update(department);
}
}
}

54
src/main/java/com/fr/plugin/hdmu/kit/PositionServiceKit.java

@ -0,0 +1,54 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: PositionServiceKit
* Author: Louis
* Date: 2021/8/18 15:38
*/
package com.fr.plugin.hdmu.kit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.SoftRoleType;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.Post;
import com.fr.decision.record.OperateMessage;
import com.fr.decision.webservice.v10.user.PositionService;
import com.fr.intelli.record.MetricRegistry;
import com.fr.stable.query.QueryFactory;
import com.fr.stable.query.condition.QueryCondition;
import com.fr.stable.query.restriction.Restriction;
import com.fr.stable.query.restriction.RestrictionFactory;
/**
* <Function Description><br>
* <PositionServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class PositionServiceKit extends PositionService {
private static volatile PositionServiceKit positionServiceKit = null;
public PositionServiceKit() {
}
public static PositionServiceKit getInstance() {
if (positionServiceKit == null) {
positionServiceKit = new PositionServiceKit();
}
return positionServiceKit;
}
public String addPosition(String id, String name, String desc) throws Exception {
Post post = (new Post()).id(id).name(name).creationType(ManualOperationType.KEY).lastOperationType(ManualOperationType.KEY).enable(true).description(desc);
AuthorityContext.getInstance().getPostController().add(post);
this.deleteSoftData(post.getName());
MetricRegistry.getMetric().submit(OperateMessage.build("Dec-Module-User_Manager", "Dec-Post", name, "Dec-Log_Add"));
return post.getId();
}
private void deleteSoftData(String var1) throws Exception {
QueryCondition var2 = QueryFactory.create().addRestriction(RestrictionFactory.and(new Restriction[]{RestrictionFactory.eq("deletedName", var1), RestrictionFactory.eq("type", SoftRoleType.POST)}));
AuthorityContext.getInstance().getSoftDataController().remove(var2);
}
}

197
src/main/java/com/fr/plugin/hdmu/kit/UserServiceKit.java

@ -0,0 +1,197 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: UserServiceKit
* Author: Louis
* Date: 2021/5/14 8:28
*/
package com.fr.plugin.hdmu.kit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
import com.fr.decision.authority.data.User;
import com.fr.decision.authority.data.extra.user.type.PasswordChangeTimeKey;
import com.fr.decision.base.util.UUIDUtil;
import com.fr.decision.privilege.TransmissionTool;
import com.fr.decision.privilege.encrpt.PasswordValidator;
import com.fr.decision.webservice.bean.user.DepartmentPostBean;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.exception.login.UserPwdErrorException;
import com.fr.decision.webservice.utils.UserSourceFactory;
import com.fr.decision.webservice.v10.login.kickout.KickOutConfig;
import com.fr.decision.webservice.v10.login.kickout.KickOutUserEvent;
import com.fr.decision.webservice.v10.login.lock.LoginLockService;
import com.fr.decision.webservice.v10.password.strategy.PasswordStrategyService;
import com.fr.decision.webservice.v10.user.PositionService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.event.EventDispatcher;
import com.fr.general.ComparatorUtils;
import com.fr.json.JSONObject;
import com.fr.stable.StringUtils;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import static com.fr.plugin.hdmu.user.SsoUserManager.JOB_CODE;
import static com.fr.plugin.hdmu.user.SsoUserManager.ORG_CODE;
/**
* <Function Description><br>
* <UserServiceKit>
*
* @author fr.open
* @since 1.0.0
*/
public class UserServiceKit extends UserService {
public static final String USER_NAME = "prWorkNo";
public static final String REAL_NAME = "userName";
public static final String ENABLE = "status";
public static final String EMAIL = "email";
public static final String PASSWORD = "appPwd";
public static final String REQUEST_FLAG = "requestFlag";
private static volatile UserServiceKit userServiceKit = null;
public UserServiceKit() {
}
public static UserServiceKit getInstance() {
if (userServiceKit == null) {
userServiceKit = new UserServiceKit();
}
return userServiceKit;
}
@Override
public void resetPassword(UserBean var1) throws Exception {
User var2 = (User) AuthorityContext.getInstance().getUserController().getById(var1.getId());
String var3 = var2.getUserName();
String var4 = var2.getId();
String var5 = TransmissionTool.decrypt(var1.getPassword());
String var6 = var2.getPassword();
String var7 = "";
PasswordValidator var8 = UserSourceFactory.getInstance().getUserSource(var2).getPasswordValidator();
if (StringUtils.isNotEmpty(var5)) {
// AuthenticController var9 = ControllerFactory.getInstance().getAuthenticController(var2.getId());
// if (!var9.passwordChangeable(var2)) {
// throw new UserPasswordCanNotChangeException();
// }
var7 = var8.encode(var2.getUserName(), var5, var2.getSalt());
var2.setPassword(var7);
PasswordStrategyService.getInstance().checkPasswordHistoryList(var2, var7);
}
AuthorityContext.getInstance().getUserController().update(var2.lastOperationType(ManualOperationType.KEY));
if (StringUtils.isNotEmpty(var7) && !ComparatorUtils.equals(var6, var7)) {
var2.salt(UUIDUtil.generate());
var2.password(var8.encode(var2.getUserName(), var5, var2.getSalt()));
AuthorityContext.getInstance().getUserController().update(var2);
PasswordStrategyService.getInstance().updateUserPasswordHistoryList(var2, var6);
AuthorityContext.getInstance().getUserController().addPasswordChangeTime(var4, PasswordChangeTimeKey.KEY, (Date) null);
LoginLockService.getInstance().unlockByUserId(var4);
PasswordStrategyService.getInstance().unblockPasswordChangeByUser(var2);
EventDispatcher.fire(KickOutUserEvent.KickOutUser, new KickOutConfig(new UserPwdErrorException(), new String[]{var3}));
}
}
public UserBean createUserBean(JSONObject account) throws Exception {
UserBean userBean = new UserBean();
userBean.setUsername(account.getString(USER_NAME));
userBean.setRealName(account.getString(REAL_NAME));
userBean.setEnable(StringKit.equals(account.getJSONArray("userJobAttr").getJSONObject(0).getString(ENABLE), "1"));
userBean.setEmail(account.getString(EMAIL));
userBean.setPassword(TransmissionTool.defaultEncrypt(account.getString(PASSWORD)));
userBean.setPasswordChangeable(true);
String departmentId;
String position;
try {
departmentId = account.getString(ORG_CODE);
position = account.getString(JOB_CODE);
} catch (Exception e) {
departmentId = StringKit.EMPTY;
position = StringKit.EMPTY;
}
if (StringKit.isNotBlank(departmentId)) {
List<String> departmentPostIds = createDepartmentPostIds(departmentId, position);
userBean.setDepartmentPostIds(departmentPostIds);
}
return userBean;
}
/**
* 转为部门职务组合
*
* @param departmentPostId
* @param positionId
* @return
* @throws Exception
*/
private List<String> createDepartmentPostIds(String departmentPostId, String positionId) throws Exception {
List<String> departmentPostIds = new ArrayList<>();
if (StringKit.isBlank(departmentPostId) || StringKit.equals(departmentPostId, "null")) {
return departmentPostIds;
}
if (StringKit.isNotBlank(positionId)) {
String positionName = PositionServiceKit.getInstance().getPostNameById(positionId);
List<DepartmentPostBean> departmentPostBeanList = PositionService.getInstance().getPositionsUnderParentDepartment(getAdminUserId(), departmentPostId, positionName);
if (departmentPostBeanList == null || departmentPostBeanList.isEmpty()) {
try {
AuthorityContext.getInstance().getPostController().addPostToDepartment(positionId, departmentPostId);
} catch (Exception e) {
LogKit.info("sso-UserServiceKit-createDepartmentPostIds-addPostToDepartmentFailed-position:{}, departmentId:{}", positionId + positionName, departmentPostId);
LogKit.error(e.getMessage(), e);
}
}
departmentPostId = departmentPostId + "@@@" + positionId;
}
departmentPostIds.add(departmentPostId);
return departmentPostIds;
}
/**
* 获取管理员id
*
* @return
* @throws Exception
*/
public String getAdminUserId() throws Exception {
List<String> adminUserIdList = UserService.getInstance().getAdminUserIdList();
if (adminUserIdList.isEmpty()) {
return "admin";
}
return StringKit.isNotBlank(adminUserIdList.get(0)) ? adminUserIdList.get(0) : "admin";
}
public void editUser(UserBean userBean) throws Exception {
super.editUser(userBean, this.getAdminUserId());
}
public UserBean updateUserBean(JSONObject account) throws Exception {
User user = UserService.getInstance().getUserByUserName(account.getString(USER_NAME));
if (user == null) {
return null;
}
UserBean userBean = new UserBean();
userBean.setId(user.getId());
userBean.setUsername(user.getUserName());
userBean.setRealName(account.getString(REAL_NAME));
userBean.setEnable(user.isEnable());
userBean.setEmail(account.getString(EMAIL));
userBean.setPassword(TransmissionTool.defaultEncrypt(account.getString(PASSWORD)));
String departmentId;
String position;
try {
departmentId = account.getString(ORG_CODE);
position = account.getString(JOB_CODE);
} catch (Exception e) {
departmentId = StringKit.EMPTY;
position = StringKit.EMPTY;
}
if (StringKit.isNotBlank(departmentId)) {
List<String> departmentPostIds = createDepartmentPostIds(departmentId, position);
userBean.setDepartmentPostIds(departmentPostIds);
}
return userBean;
}
}

32
src/main/java/com/fr/plugin/hdmu/request/HttpAuthorizeBridge.java

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: HttpAuthorizeBridge
* Author: Louis
* Date: 2021/8/24 13:55
*/
package com.fr.plugin.hdmu.request;
import com.fanruan.api.util.StringKit;
import com.fr.decision.fun.impl.AbstractHttpAuthorizeProvider;
import com.fr.security.SecurityToolbox;
/**
* <Function Description><br>
* <HttpAuthorizeBridge>
*
* @author fr.open
* @since 1.0.0
*/
public class HttpAuthorizeBridge extends AbstractHttpAuthorizeProvider {
@Override
public Scope scope() {
return Scope.REPLACE;
}
@Override
public boolean authorize(String inputUsername, String inputPassword, String savedPassword, String hashPassword) {
String encryptPwd = SecurityToolbox.sha256(SecurityToolbox.sha256(inputPassword));
return StringKit.equalsIgnoreCase(encryptPwd, savedPassword);
}
}

269
src/main/java/com/fr/plugin/hdmu/request/OAuthLogin.java

@ -0,0 +1,269 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: OAuthLogin
* Author: Louis
* Date: 2021/3/30 22:09
*/
package com.fr.plugin.hdmu.request;
import com.fanruan.api.decision.login.LoginKit;
import com.fanruan.api.decision.user.UserKit;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.net.NetworkKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.json.JSONObject;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.utils.HttpRequestUtil;
import com.fr.stable.fun.Authorize;
import com.fr.third.org.apache.http.client.utils.URIBuilder;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
/**
* <Function Description><br>
* <OAuthLogin>
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public class OAuthLogin extends AbstractGlobalRequestFilterProvider {
public static final String REMOTE_DESIGN = "/remote/design";
public static final String RESOURCES_PATH = "/resources";
public static final String FILE_PATH = "/file";
public static final String SYSTEM_INFO = "/system/info";
public static final String MATERIALS_MIN_JS_MAP = "/materials.min.js.map";
public static final String LOGIN_PATH = "/login";
public static final String LOGIN_OTHER = "/login/";
public static final String LOGOUT_PATH = "/logout";
public static final String USER_LANGUAGE = "/v10/user/language";
public static final String SYSTEM_HEALTH = "/system/health";
public static final String USER_SYN = "/syn";
public static final String CODE_URL = "/profile/oauth2/authorize";
public static final String TOKEN_URL = "/profile/oauth2/accessToken";
public static final String USER_URL = "/profile/oauth2/profile";
public static final String CODE = "code";
public static final String STATE = "sso";
public static final String CONFIG_PASSWORD = "/v10/user/account";
public static final String TARGET_URI = "target_uri";
private SsoConfig config;
/**
* 过滤器名称
*
* @return
*/
@Override
public String filterName() {
return "hdmuFilter";
}
/**
* 过滤规则
*
* @return
*/
@Override
public String[] urlPatterns() {
// return new String[]{"/", "/decision", "/decision/view/form", "/decision/view/report", "/decision/v10/entry/access/*", "/decision/v10/user/account", "/decision/link/*"};
return new String[]{"/*"};
}
/**
* 过滤器初始化
*
* @param filterConfig
*/
@Override
public void init(FilterConfig filterConfig) {
this.config = SsoConfig.getInstance();
super.init(filterConfig);
}
/**
* 过滤器处理
*
* @param request
* @param response
* @param filterChain
*/
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
try {
if (operation(request, response)) {
filterChain.doFilter(request, response);
}
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
/**
* 用户验证登陆操作
*
* @param req
* @param res
* @throws Exception
*/
private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception {
String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : StringKit.EMPTY;
LogKit.info("hdmu-OAuthLogin-operation-pathInfo:{}", pathInfo);
if (pathInfo.startsWith(REMOTE_DESIGN) || pathInfo.startsWith(LOGIN_OTHER)
|| StringKit.equals(LOGIN_PATH, pathInfo) || pathInfo.startsWith(USER_SYN)
|| pathInfo.startsWith(RESOURCES_PATH) || pathInfo.startsWith(LOGOUT_PATH)
|| pathInfo.startsWith(SYSTEM_INFO) || pathInfo.startsWith(MATERIALS_MIN_JS_MAP) || pathInfo.startsWith(SYSTEM_HEALTH)
|| pathInfo.startsWith(USER_LANGUAGE) || pathInfo.startsWith(FILE_PATH)) {
return true;
}
// 禁止修改密码
if (StringKit.equals(pathInfo, CONFIG_PASSWORD)) {
UserBean userBean = UserService.getInstance().getUserAccount(LoginService.getInstance().getUserNameFromRequest(req));
userBean.setPasswordChangeable(false);
Response result = Response.ok(userBean);
WebUtils.printAsJSON(res, JSONObject.mapFrom(result));
return false;
}
// 已登录
if (LoginService.getInstance().isLogged(req)) {
return true;
}
String code = NetworkKit.getHTTPRequestParameter(req, CODE);
String state = NetworkKit.getHTTPRequestParameter(req, "state");
LogKit.info("hdmu-OAuthLogin-operation-code:{}", code);
if (StringKit.isBlank(code)) {
if (!this.config.getIamStatus()) {
return true;
}
res.sendRedirect(getLoginUrl(req));
return false;
}
if (!StringKit.equalsIgnoreCase(state, STATE)) {
return true;
}
String accessToken = getAccessToken(code);
if (StringKit.isEmpty(accessToken)) {
res.sendRedirect(getLoginUrl(req));
return false;
}
String username = getUsername(accessToken);
if (StringKit.isEmpty(username) || !UserKit.existUsername(username)) {
return true;
}
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return true;
}
String tokenFR = LoginKit.login(req, res, username);
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR);
String targetUri = NetworkKit.getHTTPRequestParameter(req, TARGET_URI);
if (StringKit.isNotBlank(targetUri)) {
res.sendRedirect(targetUri);
return false;
}
return true;
}
/**
* 通过凭证获得username
*
* @param accessToken
* @return
*/
private String getUsername(String accessToken) throws Exception {
String userParam = HttpRequestUtil.getUserParam(this.config.getClientId(), this.config.getClientSecret(), accessToken);
String userRes = HttpRequestUtil.getResult(this.config.getUriBase() + USER_URL, userParam);
LogKit.info("hdmu-OAuthLogin-getUsername-userRes:{}", userRes);
return new JSONObject(userRes).getString("workNo");
}
/**
* 获取access_token
*
* @param code
* @return
* @throws Exception
*/
private String getAccessToken(String code) throws Exception {
String tokenParams = HttpRequestUtil.getAccessTokenParam(this.config.getClientId(), this.config.getClientSecret(),
this.config.getFrUri(), code);
String res = HttpRequestUtil.getResult(this.config.getUriBase() + TOKEN_URL, tokenParams);
LogKit.info("hdmu-OAuthLogin-getAccessToken-res:{}", res);
if (StringKit.isEmpty(res)) {
return StringKit.EMPTY;
}
String token = new JSONObject(res).getString("access_token");
if (StringKit.isNotBlank(token)) {
return token;
}
return StringKit.EMPTY;
}
/**
* 获取login_url
*
* @return
*/
private String getLoginUrl(HttpServletRequest request) {
String url = SsoConfig.getInstance().getUriBase() + CODE_URL;
Map<String, String> params = new HashMap<>();
params.put("client_id", SsoConfig.getInstance().getClientId());
params.put("response_type", "code");
params.put("redirect_uri", this.config.getFrUri());
params.put("oauth_timestamp", String.valueOf(System.currentTimeMillis()));
params.put(TARGET_URI, getOriginalURL(request));
params.put("state", STATE);
String loginUrl = buildUrl(url, params);
LogKit.info("hdmu-OAuthLogin-getLoginUrl-loginUrl:{}", loginUrl);
return loginUrl;
}
/**
* 得到请求url和参数
*
* @param request
* @return
*/
private String getOriginalURL(HttpServletRequest request) {
StringBuffer url = request.getRequestURL();
if (StringKit.isNotBlank(request.getQueryString())) {
url.append("?").append(request.getQueryString());
}
return url.toString();
}
private String buildUrl(String url, Map<String, String> params) {
if (params == null || params.isEmpty()) {
return url;
}
try {
URIBuilder builder = new URIBuilder(url);
for (Map.Entry<String, String> entry : params.entrySet()) {
builder.setParameter(entry.getKey(), entry.getValue());
}
return builder.build().toString();
} catch (URISyntaxException e) {
LogKit.error("Error to build url, please check the arguments.");
return url;
}
}
}

382
src/main/java/com/fr/plugin/hdmu/user/SsoUserManager.java

@ -0,0 +1,382 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: SsoUserManager
* Author: Louis
* Date: 2021/4/21 16:18
*/
package com.fr.plugin.hdmu.user;
import com.fanruan.api.decision.user.UserKit;
import com.fanruan.api.i18n.I18nKit;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.util.StringKit;
import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.data.Department;
import com.fr.decision.authority.data.Post;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.DateUtils;
import com.fr.json.JSONArray;
import com.fr.json.JSONException;
import com.fr.json.JSONObject;
import com.fr.plugin.context.PluginContexts;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.plugin.hdmu.kit.DepartmentServiceKit;
import com.fr.plugin.hdmu.kit.PositionServiceKit;
import com.fr.plugin.hdmu.kit.UserServiceKit;
import com.fr.plugin.hdmu.utils.HttpRequestUtil;
import com.fr.stable.fun.Authorize;
import java.io.IOException;
import java.util.Date;
import java.util.Map;
import static com.fr.plugin.hdmu.config.SsoConfig.PLUGIN_ID;
import static com.fr.plugin.hdmu.kit.UserServiceKit.REQUEST_FLAG;
import static com.fr.plugin.hdmu.kit.UserServiceKit.USER_NAME;
import static com.fr.plugin.hdmu.utils.HttpRequestUtil.radomString;
/**
* <Function Description><br>
* <SsoUserManager>
*
* @author fr.open
* @since 1.0.0
*/
@Authorize(callSignKey = PLUGIN_ID)
public final class SsoUserManager {
public static final String ORG_LIST_ALL = "/idm-api/dataSync/queryPagingOrgInfo";
public static final String POSITION_LIST_ALL = "/idm-api/dataSync/queryPagingJobInfo";
public static final String ACCOUNT_LIST = "/idm-api/dataSync/queryIncrePagingAccountInfo";
public static final String UPDATE_IAM_ACCOUNT_STATUS = "/idm-api/dataSync/updateIamAccountStatus";
public static final String ORG_UPDATE_STATUS = "updateStatus";
public static final String ORG_CODE = "orgCode";
public static final String PARENT_CODE = "parentCode";
public static final String ORG_NAME = "orgName";
public static final String JOB_CODE = "jobCode";
public static final String JOB_NAME = "jobName";
public static final String REQUEST_LOG_ID = "requestLogId";
private SsoConfig config;
public SsoUserManager() {
this.config = SsoConfig.getInstance();
}
public static SsoUserManager getInstance() {
return HOLDER.INSTANCE;
}
/**
* 检测心跳功能
*
* @throws Exception
*/
public synchronized void checkIamService() {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return;
}
LogKit.info("hdmu-SsoUserManager-checkIamService-start");
try {
String checkParam = HttpRequestUtil.getIAMServiceParam(this.config.getClientId(), this.config.getClientSecret());
String checkRes = HttpRequestUtil.getResult(this.config.getUriBase() + "/service/api/v1/oauth2/checkIamService", checkParam);
LogKit.info("hdmu-SsoUserManager-checkIamService-checkRes:{}", checkRes);
this.config.setIamStatus(checkRes.contains("OK"));
} catch (Exception e) {
this.config.setIamStatus(false);
LogKit.error(e.getMessage(), e);
}
LogKit.info("hdmu-SsoUserManager-checkIamService-end");
}
/**
* 同步更新部门
*
* @throws Exception
*/
public synchronized void synSSODepartments() throws Exception {
if (!PluginContexts.currentContext().isAvailable()) {
LogKit.error(I18nKit.getLocText("Plugin-hdmu_Licence_Expired"));
return;
}
LogKit.info("hdmu-SsoUserManager-synDepartments-start");
for (int i = 0; i < 20; i++) {
departmentSynLoop(i);
}
LogKit.info("hdmu-SsoUserManager-synDepartments-end");
LogKit.info("hdmu-SsoUserManager-synPositions-start");
for (int i = 0; i < 20; i++) {
positionSynLoop(i);
}
LogKit.info("hdmu-SsoUserManager-synPositions-end");
LogKit.info("hdmu-SsoUserManager-synUsers-start");
//每次同步1千重复40次
for (int i = 0; i < 40; i++) {
userSynLoop();
}
LogKit.info("hdmu-SsoUserManager-synUsers-end");
if (StringKit.isNotBlank(this.config.getUpdateTime())) {
this.config.setUpdateTime(DateUtils.getDate2LStr(new Date()));
}
}
private void userSynLoop() {
JSONArray userList = getUserList();
if (userList.isEmpty()) {
return;
}
// 同步用户信息
JSONArray requestLogIds = JSONArray.create();
String requestLogId;
JSONObject userJo;
for (int i = 0; i < userList.size(); i++) {
userJo = userList.optJSONObject(i);
try {
requestLogId = userJo.getString(REQUEST_LOG_ID);
if (StringKit.isBlank(requestLogId)) {
continue;
}
userSynOperation(userJo);
requestLogIds.add((new JSONObject()).put(REQUEST_LOG_ID, requestLogId));
} catch (Exception e) {
LogKit.error("hdmu-SsoUserManager-userSynLoop-userJo:{}", userJo.encode());
LogKit.error(e.getMessage(), e);
}
}
// 更新回调数据
if (requestLogIds.isEmpty()) {
return;
}
updateIamAccountStatus(requestLogIds);
}
/**
* 更新回调接口账户状态
*
* @param requestLogIds
* @throws Exception
*/
private void updateIamAccountStatus(JSONArray requestLogIds) {
try {
JSONObject params = getAuthParams();
params.put("requestlog_str", requestLogIds.encode());
String response = HttpRequestUtil.post(this.config.getUriIam() + UPDATE_IAM_ACCOUNT_STATUS, params.encode());
LogKit.info("hdmu-SsoUserManager-updateIamAccountStatus-response:{}", response);
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
/**
* 用户新增和更新操作
*
* @param userJo
*/
private void userSynOperation(JSONObject userJo) throws Exception {
UserBean userBean;
String requestFlag;
if (UserKit.existUsername(userJo.getString(USER_NAME))) {
userBean = UserServiceKit.getInstance().updateUserBean(userJo);
if (userBean == null) {
return;
}
requestFlag = userJo.getString(REQUEST_FLAG);
if (StringKit.equals(requestFlag, "1")) {
UserServiceKit.getInstance().editUser(userBean);
} else if (StringKit.equals(requestFlag, "5")) {
UserServiceKit.getInstance().resetPassword(userBean);
} else if (StringKit.equals(requestFlag, "2") || StringKit.equals(requestFlag, "4")) {
UserServiceKit.getInstance().forbidUser(userBean.getId(), false);
} else if (StringKit.equals(requestFlag, "3")) {
UserServiceKit.getInstance().forbidUser(userBean.getId(), true);
}
} else {
userBean = UserServiceKit.getInstance().createUserBean(userJo);
UserService.getInstance().addUser(userBean);
}
}
/**
* 通过接口获取用户列表
*
* @return
*/
private JSONArray getUserList() {
try {
JSONObject params = getAuthParams();
params.put("pageSize", "500");
params.put("pageIndex", "1");
LogKit.info("hdmu-SsoUserManager-getUserList-params:{}", params.encode());
String response = HttpRequestUtil.post(this.config.getUriIam() + ACCOUNT_LIST, params.encode());
LogKit.info("hdmu-SsoUserManager-getUserList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
return responseJo.getJSONArray("result");
}
return JSONArray.create();
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
return JSONArray.create();
}
}
/**
* 按部门遍历子部门并同步人员信息
*
* @throws Exception
*/
private void departmentSynLoop(int pageNo) throws Exception {
JSONArray departmentList = getDepartmentList(pageNo);
// 同步部门信息
for (int i = 0; i < departmentList.size(); i++) {
try {
departmentSynOperation(departmentList.optJSONObject(i));
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}
/**
* 部门组织的新增更新操作
*
* @param departmentJo
* @throws Exception
*/
private void departmentSynOperation(JSONObject departmentJo) throws Exception {
LogKit.info("hdmu-SsoUserManager-departmentSynOperation-departmentJo:{}", departmentJo.encode());
String departmentId = departmentJo.getString(ORG_CODE);
if (StringKit.equals(departmentJo.getString(ORG_UPDATE_STATUS), "1")) {
String parentId = departmentJo.getString(PARENT_CODE);
parentId = DepartmentServiceKit.getInstance().changeRootId(parentId);
String depName = departmentJo.getString(ORG_NAME);
Department department = AuthorityContext.getInstance().getDepartmentController().getById(departmentId);
if (department == null) {
DepartmentServiceKit.getInstance().addDepartment(departmentId, parentId, depName);
} else {
DepartmentServiceKit.getInstance().editDepartment(department.getId(), depName, parentId);
}
}
if (StringKit.equals(departmentJo.getString(ORG_UPDATE_STATUS), "0")) {
DepartmentServiceKit.getInstance().deleteDepartment(departmentId);
}
}
/**
* 通过接口获取部门列表
*
* @return
* @throws IOException
*/
private JSONArray getDepartmentList(int pageNo) throws Exception {
JSONObject params = getQueryParams(pageNo);
String response = HttpRequestUtil.post(this.config.getUriIam() + ORG_LIST_ALL, params.encode());
LogKit.info("hdmu-SsoUserManager-getDepartmentList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
try {
return responseJo.getJSONArray("result");
} catch (JSONException e) {
return JSONArray.create();
}
}
return JSONArray.create();
}
private JSONObject getQueryParams(int pageNo) {
JSONObject params = getAuthParams();
if (StringKit.isNotBlank(this.config.getUpdateTime())) {
params.put("updateTime", this.config.getUpdateTime());
params.put("pageSize", "1000");
params.put("pageIndex", String.valueOf(pageNo + 1));
}
return params;
}
/**
* 岗位信息同步
*
* @throws Exception
*/
private void positionSynLoop(int pageNo) throws Exception {
JSONArray positionList = getPositionList(pageNo);
for (int i = 0; i < positionList.size(); i++) {
try {
positionSynOperation(positionList.optJSONObject(i));
} catch (Exception e) {
LogKit.error(e.getMessage(), e);
}
}
}
private void positionSynOperation(JSONObject positionJo) throws Exception {
LogKit.info("hdmu-SsoUserManager-positionSynOperation-positionJo:{}", positionJo.encode());
String positionId = positionJo.getString(JOB_CODE);
String positionName = positionJo.getString(JOB_NAME);
if (StringKit.equals(positionJo.getString(ORG_UPDATE_STATUS), "0")) {
PositionServiceKit.getInstance().deletePosition(positionId);
return;
}
if (StringKit.equals(positionJo.getString(ORG_UPDATE_STATUS), "1")) {
Post post = AuthorityContext.getInstance().getPostController().getById(positionId);
if (post == null) {
PositionServiceKit.getInstance().addPosition(positionId, positionName, positionName);
} else {
PositionServiceKit.getInstance().updatePosition(positionId, positionName, positionName);
}
}
}
/**
* 通过接口获取岗位列表
*
* @return
* @throws IOException
*/
private JSONArray getPositionList(int pageNo) throws Exception {
JSONObject params = getQueryParams(pageNo);
String response = HttpRequestUtil.post(this.config.getUriIam() + POSITION_LIST_ALL, params.encode());
LogKit.info("hdmu-SsoUserManager-getPositionList-response:{}", response);
JSONObject responseJo = new JSONObject(response);
if (StringKit.equals(responseJo.getString("code"), "200")) {
try {
return responseJo.getJSONArray("result");
} catch (JSONException e) {
return JSONArray.create();
}
}
return JSONArray.create();
}
/**
* 产生IAM sign
*
* @return
*/
private String getIamSign(String nonceStr, String timestamp) {
Map<String, String> params = HttpRequestUtil.getCommonAuthParamClient(this.config.getClientId(), this.config.getClientSecret(), nonceStr, timestamp);
return HttpRequestUtil.getSign(params, this.config.getAppIamKey() + this.config.getClientSecret());
}
/**
* 请求认证参数集合
*
* @return
*/
private JSONObject getAuthParams() {
JSONObject params = JSONObject.create();
String nonceStr = radomString();
String timestamp = String.valueOf(System.currentTimeMillis());
params.put("client_id", this.config.getClientId());
params.put("client_secret", this.config.getClientSecret());
params.put("nonce_str", nonceStr);
params.put("timestamp", timestamp);
params.put("sign", getIamSign(nonceStr, timestamp));
return params;
}
private static class HOLDER {
private static final SsoUserManager INSTANCE = new SsoUserManager();
}
}

131
src/main/java/com/fr/plugin/hdmu/utils/AESOperator.java

@ -0,0 +1,131 @@
/*
* Copyright (C), 2018-2021
* Project: starter
* FileName: AESOperator
* Author: Louis
* Date: 2021/8/6 14:31
*/
package com.fr.plugin.hdmu.utils;
import com.fr.base.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
/**
* <Function Description><br>
* <AESOperator>
*
* @author fr.open
* @since 1.0.0
*/
public class AESOperator {
private String sKey = "xxxx";//key,可自行修改
private String ivParameter = "xxxx";//偏移量,可自行修改
private static AESOperator instance = null;
private AESOperator() {
}
public static AESOperator getInstance() {
if (instance == null)
instance = new AESOperator();
return instance;
}
public static String Encrypt(String encData, String secretKey, String vector) throws Exception {
if (secretKey == null) {
return null;
}
if (secretKey.length() != 16) {
return null;
}
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] raw = secretKey.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
IvParameterSpec iv = new IvParameterSpec(vector.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(encData.getBytes("utf-8"));
return Base64.encode(encrypted);// 此处使用BASE64做转码。
}
// 加密
public String encrypt(String sSrc) throws Exception {
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
byte[] raw = sKey.getBytes();
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());// 使用CBC模式,需要一个向量iv,可增加加密算法的强度
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));
return Base64.encode(encrypted);// 此处使用BASE64做转码。
}
// 解密
public String decrypt(String sSrc) throws Exception {
try {
byte[] raw = sKey.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec iv = new IvParameterSpec(ivParameter.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = Base64.decode(sSrc);// 先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception ex) {
return null;
}
}
public String decrypt(String sSrc, String key, String ivs) throws Exception {
try {
byte[] raw = key.getBytes("ASCII");
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
IvParameterSpec iv = new IvParameterSpec(ivs.getBytes());
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] encrypted1 = Base64.decode(sSrc);// 先用base64解密
byte[] original = cipher.doFinal(encrypted1);
String originalString = new String(original, "utf-8");
return originalString;
} catch (Exception ex) {
return null;
}
}
public static String encodeBytes(byte[] bytes) {
StringBuffer strBuf = new StringBuffer();
for (int i = 0; i < bytes.length; i++) {
strBuf.append((char) (((bytes[i] >> 4) & 0xF) + ((int) 'a')));
strBuf.append((char) (((bytes[i]) & 0xF) + ((int) 'a')));
}
return strBuf.toString();
}
public static void main(String[] args) throws Exception {
// 需要加密的字串
String cSrc = "P@ssw0rd@2018";
// 加密
long lStart = System.currentTimeMillis();
String enString = AESOperator.getInstance().encrypt(cSrc);
System.out.println("加密后的字串是:" + enString);
long lUseTime = System.currentTimeMillis() - lStart;
System.out.println("加密耗时:" + lUseTime + "毫秒");
// 解密
lStart = System.currentTimeMillis();
String DeString = AESOperator.getInstance().decrypt(enString);
System.out.println("解密后的字串是:" + DeString);
lUseTime = System.currentTimeMillis() - lStart;
System.out.println("解密耗时:" + lUseTime + "毫秒");
}
}

555
src/main/java/com/fr/plugin/hdmu/utils/HttpRequestUtil.java

@ -0,0 +1,555 @@
package com.fr.plugin.hdmu.utils;
import com.fanruan.api.util.StringKit;
import com.fr.plugin.hdmu.config.SsoConfig;
import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.*;
public class HttpRequestUtil {
public static final String CODE = "code";
public static final String REFRESH_TOKEN = "refresh_token";
public static final String AUTHORIZATION_CODE = "authorization_code";
public static final String APP_SECRET_KEY = "xxxx"; // 密钥,向IAM申请
static class miTM implements javax.net.ssl.TrustManager,
javax.net.ssl.X509TrustManager {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return null;
}
public boolean isServerTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public boolean isClientTrusted(
java.security.cert.X509Certificate[] certs) {
return true;
}
public void checkServerTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
public void checkClientTrusted(
java.security.cert.X509Certificate[] certs, String authType)
throws java.security.cert.CertificateException {
return;
}
}
/**
* 根据请求的URL是https还是http请求数据
*
* @param sendUrl
* @param param
* @return
* @throws Exception
*/
public static String getResult(String sendUrl, String param)
throws Exception {
if (sendUrl.startsWith("https")) {
return getResultByHttps(sendUrl, param);
}
return getResultByHttp(sendUrl, param);
}
private static String getResultByHttps(String sendUrl, String param)
throws NoSuchAlgorithmException, KeyManagementException,
IOException {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
// javax.net.ssl.SSLContext sc =
// javax.net.ssl.SSLContext.getInstance("SSL");
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSLv3");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
OutputStream out = null;
BufferedReader reader = null;
String result = "";
URL url = null;
HttpsURLConnection conn = null;
try {
url = new URL(sendUrl);
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-type",
"application/x-www-form-urlencoded");
// 必须设置false,否则会自动redirect到重定向后的地址
conn.setInstanceFollowRedirects(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", "UTF-8");
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(15000);
conn.setReadTimeout(15000);
conn.connect();
out = conn.getOutputStream();
out.write(param.getBytes());
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, "UTF-8"));
String line = "";
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
} finally {
if (conn != null) {
conn.disconnect();
}
if (out != null) {
out.close();
}
if (reader != null) {
reader.close();
}
}
return result;
}
private static String getResultByHttp(String sendUrl, String param)
throws NoSuchAlgorithmException, KeyManagementException,
IOException {
HttpURLConnection conn = null;
OutputStream out = null;
BufferedReader reader = null;
String result = "";
try {
URL url = new URL(sendUrl);
conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", "UTF-8");
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(15000);
conn.setReadTimeout(150000);
conn.connect();
out = conn.getOutputStream();
out.write(param.getBytes());
out.flush();
out.close();
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, "UTF-8"));
String line;
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (reader != null) {
reader.close();
}
out.close();
conn.disconnect();
}
return result;
}
public static String getSign(Map<String, String> params, String secret) {
String sign = "";
StringBuilder sb = new StringBuilder();
//排序
Set<String> keyset = params.keySet();
TreeSet<String> sortSet = new TreeSet<String>();
sortSet.addAll(keyset);
Iterator<String> it = sortSet.iterator();
//加密字符串
while (it.hasNext()) {
String key = it.next();
String value = params.get(key);
sb.append(key).append(value);
}
sb.append("appkey").append(secret);
try {
sign = DigestUtils.md5Hex(sb.toString()).toUpperCase();
} catch (Exception e) {
}
return sign;
}
/**
* 组装获取用户api参数含签名
*
* @param client_ID
* @param client_secret
* @param token
* @return
*/
public static String getUserParam(String client_ID, String client_secret, String token) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
if (token.contains("access_token=")) {
int strStartIndex = token.indexOf("access_token=");
int strEndIndex = token.indexOf("&expires");
String access_token = token.substring(strStartIndex, strEndIndex).substring("access_token=".length());
params.put("access_token", access_token);
} else {
params.put("access_token", token);
}
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
/**
* 组装检查心跳API参数含签名
*
* @param client_ID
* @param client_secret
* @return
*/
public static String getIAMServiceParam(String client_ID, String client_secret) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
public static String radomString() {
String result = "";
for (int i = 0; i < 10; i++) {
int intVal = (int) (Math.random() * 26 + 97);
result = result + (char) intVal;
}
return result;
}
/**
* 组装获取token api参数 含签名
*
* @param client_ID
* @param client_secret
* @param redirect_uri
* @param code
* @return
*/
public static String getAccessTokenParam(String client_ID, String client_secret, String redirect_uri, String code) {
String nonce_str = radomString();
// String appkey = HttpRequestUtil.APP_SECRET_KEY;
String appkey = SsoConfig.getInstance().getAppID();
long timestamp = System.currentTimeMillis();
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("oauth_timestamp", String.valueOf(timestamp));
params.put("code", code);
params.put("redirect_uri", redirect_uri);
params.put("grant_type", "authorization_code");
String sign = getSign(params, appkey + client_secret);
StringBuffer tokenParam = new StringBuffer();
for (String key : params.keySet()) {
if (tokenParam.length() == 0) {
tokenParam.append(key).append("=").append(params.get(key));
} else {
tokenParam.append("&").append(key).append("=").append(params.get(key));
}
}
tokenParam.append("&sign=").append(sign);
return tokenParam.toString();
}
public static Map<String, String> getCommonAuthParamClient(String client_ID, String client_secret, String nonce_str, String timestamp) {
Map<String, String> params = new HashMap<String, String>();
params.put("client_id", client_ID);
params.put("client_secret", client_secret);
params.put("nonce_str", nonce_str);
params.put("timestamp", timestamp);
return params;
}
public static String postGeneralUrl(String generalUrl, String contentType,
String params, String encoding, String hander) throws Exception {
URL url = new URL(generalUrl);
// 打开和URL之间的连接
HttpURLConnection connection = null;
String result = "";
OutputStream out = null;
BufferedReader in = null;
try {
connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("POST");
// 设置通用的请求属性
connection.setRequestProperty("Content-Type", contentType);
connection.setRequestProperty("Connection", "Keep-Alive");
connection.setUseCaches(false);
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setConnectTimeout(5000);
if (hander != null) {
if (hander.equals("1")) {
connection.setRequestProperty("SOAPAction", "");
} else {
connection.setRequestProperty("Authorization", hander);
}
}
// 得到请求的输出流对象
out = connection.getOutputStream();
out.write(params.getBytes(encoding));
out.flush();
out.close();
// 建立实际的连接
connection.connect();
in = new BufferedReader(new InputStreamReader(connection
.getInputStream(), encoding));
result = "";
String getLine;
while ((getLine = in.readLine()) != null) {
result += getLine;
}
in.close();
} catch (Exception e) {
return e.getMessage();
} finally {
if (connection != null) {
connection.disconnect();
}
if (out != null) {
out.close();
}
if (in != null) {
in.close();
}
}
return result;
}
public static String postGeneralUrlByHttps(String generalUrl, String contentType,
String params, String encoding, String hander) throws Exception {
URL url = new URL(generalUrl);
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new miTM();
trustAllCerts[0] = tm;
// javax.net.ssl.SSLContext sc =
// javax.net.ssl.SSLContext.getInstance("SSL");
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext
.getInstance("SSLv3");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc
.getSocketFactory());
HostnameVerifier ignoreHostnameVerifier = new HostnameVerifier() {
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
};
HttpsURLConnection.setDefaultHostnameVerifier(ignoreHostnameVerifier);
OutputStream out = null;
BufferedReader reader = null;
String result = "";
HttpsURLConnection conn = null;
try {
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-type", contentType);
// 必须设置false,否则会自动redirect到重定向后的地址
conn.setInstanceFollowRedirects(false);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Charset", encoding);
conn.setRequestProperty("Connection", "Keep-Alive");
conn.setConnectTimeout(5000);
if (hander != null) {
if (hander.equals("1")) {
conn.setRequestProperty("SOAPAction", "");
} else {
conn.setRequestProperty("Authorization", hander);
}
}
conn.connect();
out = conn.getOutputStream();
out.write(params.getBytes("UTF-8"));
InputStream input = conn.getInputStream();
reader = new BufferedReader(new InputStreamReader(input, encoding));
String line = "";
StringBuffer sb = new StringBuffer();
while ((line = reader.readLine()) != null) {
sb.append(line);
}
result = sb.toString();
} catch (Exception e) {
return e.getMessage();
} finally {
if (conn != null) {
conn.disconnect();
}
if (out != null) {
out.close();
}
if (reader != null) {
reader.close();
}
}
return result;
}
public static String post(String requestUrl, String params) throws Exception {
String url = requestUrl;
if (url.startsWith("https")) {
return HttpRequestUtil.postGeneralUrlByHttps(url, "application/json", params, "UTF-8", null);
}
return HttpRequestUtil.postGeneralUrl(url, "application/json", params, "UTF-8", null);
}
public static void main(String[] args) {
//key,由IAM提供,应用方保存,该 值与单点登录得key不一致
String key = "EEF3D161ADTRF900FEF15331AB8428ER3DB71F5845C036533555F99YU8";
//client_id, client_secret由IAM提供,应用方保存
String client_id = "6ca40SUju3";
String client_secret = "362ead09-238b-4a6a-a853-b88b24739cee";
String nonce_str = radomString();
String timestamp = String.valueOf(System.currentTimeMillis());
//1. 生成参与签名得参数
Map<String, String> params = HttpRequestUtil.getCommonAuthParamClient(client_id, client_secret, nonce_str, timestamp);
//2. 生成签名
String sign = HttpRequestUtil.getSign(params, key + client_secret);
//3. 组装调用接口得参数
params.put("sign", sign);
params.put("pageSize", "1000");//最大不超过1000
params.put("pageIndex", "1");
JSONObject jb = JSONObject.fromObject(params);
System.out.println("param:" + jb.toString());
//4. 调用接口
String queryAccUrl = "http://paraview.paraesc.com/iamquery/service/api/v1/accountSync/queryIncrePagingAccountInfo";
String reuslt = "";
try {
reuslt = HttpRequestUtil.post(queryAccUrl, jb.toString());
} catch (Exception e) {
}
System.out.println("result:" + reuslt);
//获取账号信息后需要回调IAM接口
//1. 解析获取后得数据
JSONObject jb_ret = JSONObject.fromObject(reuslt);
String acc_list = jb_ret.getString("result");
if (StringKit.isEmpty(acc_list)) {
return;
}
JSONArray json_arr = JSONArray.fromObject(acc_list);
JSONArray ja_call_arr = new JSONArray();
for (int i = 0; i < json_arr.size(); i++) {
JSONObject obj = (JSONObject) json_arr.get(i);
String requestLogId = obj.getString("requestLogId");
if (StringKit.isEmpty(requestLogId)) {
continue;
}
JSONObject jb_call = new JSONObject();
jb_call.put("requestLogId", requestLogId);
ja_call_arr.element(jb_call);
}
//2. 组装签名参数
String timestamp_call = String.valueOf(System.currentTimeMillis());
Map<String, String> params_call = HttpRequestUtil.getCommonAuthParamClient(client_id, client_secret, nonce_str, timestamp_call);
//3. 生成签名
String sign_call = HttpRequestUtil.getSign(params_call, key + client_secret);
params_call.put("sign", sign_call);
params_call.put("requestlog_str", ja_call_arr.toString());
JSONObject jb_call = JSONObject.fromObject(params_call);
System.out.println("param:" + jb_call.toString());
String callAccUrl = "http://paraview.paraesc.com/iamquery/service/api/v1/accountSync/updateIamAccountStatus";
String reuslt_call = "";
//4. 调用接口
try {
reuslt_call = HttpRequestUtil.post(callAccUrl, jb_call.toString());
} catch (Exception e) {
}
System.out.println("reuslt_call:" + reuslt_call);
}
}

32
src/main/java/com/fr/plugin/hdmu/web/WebResourceComponent.java

@ -0,0 +1,32 @@
/*
* Copyright (C), 2018-2020
* Project: starter
* FileName: WebResourceComponent
* Author: Louis
* Date: 2020/8/31 16:39
*/
package com.fr.plugin.hdmu.web;
import com.fr.plugin.context.PluginContexts;
import com.fr.web.struct.Component;
import com.fr.web.struct.browser.RequestClient;
import com.fr.web.struct.category.ScriptPath;
/**
* <Function Description><br>
* <WebResourceComponent>
*
* @author fr.open
* @since 1.0.0
*/
public class WebResourceComponent extends Component {
public static final WebResourceComponent KEY = new WebResourceComponent();
@Override
public ScriptPath script(RequestClient requestClient) {
if (PluginContexts.currentContext().isAvailable()) {
return ScriptPath.build("/com/fr/plugin/hdmu/web/hdmu.js");
}
return ScriptPath.EMPTY;
}
}

25
src/main/resources/com/fr/plugin/hdmu/locale/lang.properties

@ -0,0 +1,25 @@
Plugin-hdmu=Sso Plugin
Plugin-hdmu_Group=Sso Plugin
Plugin-hdmu_Config_ClientId=Client Id
Plugin-hdmu_Config_ClientId_Description=Client Id
Plugin-hdmu_Config_ClientSecret=Client Secret
Plugin-hdmu_Config_ClientSecret_Description=Client Secret
Plugin-hdmu_Config_UriBase=Uri Base
Plugin-hdmu_Config_UriBase_Description=Uri Base
Plugin-hdmu_Config_FrUri=FR Uri
Plugin-hdmu_Config_FrUri_Description=FR Uri
Plugin-hdmu_Config_CronCondition=Cron Condition
Plugin-hdmu_Config_CronCondition_Description=Cron Condition
Plugin-hdmu_Config_AppID=SSO App ID
Plugin-hdmu_Config_AppID_Description=SSO App ID
Plugin-hdmu_Config_UriIam=Uri Iam
Plugin-hdmu_Config_UriIam_Description=Uri Iam
Plugin-hdmu_Config_AppIamKey=IAM\u7533\u8BF7\u88AB\u63A8App ID
Plugin-hdmu_Config_AppIamKey_Description=idm\u5E94\u7528\u914D\u7F6E\u7533\u8BF7\u7684\u88AB\u63A8App ID
Plugin-hdmu_Config_CheckIamCron=Check Iam Cron Condition
Plugin-hdmu_Config_CheckIamCron_Description=Check Iam Cron Condition
Plugin-hdmu_Config_IamStatus=Iam Status
Plugin-hdmu_Config_IamStatus_Description=Iam Status
Plugin-hdmu_Config_UpdateTime=Update Time
Plugin-hdmu_Config_UpdateTime_Description=Update Time, Format:2019-11-01 00:00:00
Plugin-hdmu_Licence_Expired=Sso Plugin Licence Expired

25
src/main/resources/com/fr/plugin/hdmu/locale/lang_zh_CN.properties

@ -0,0 +1,25 @@
Plugin-hdmu=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
Plugin-hdmu_Group=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
Plugin-hdmu_Config_ClientId=\u5E94\u7528\u6CE8\u518CID
Plugin-hdmu_Config_ClientId_Description=\u5E94\u7528\u6CE8\u518CID
Plugin-hdmu_Config_ClientSecret=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
Plugin-hdmu_Config_ClientSecret_Description=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
Plugin-hdmu_Config_UriBase=\u5355\u70B9\u63A5\u53E3
Plugin-hdmu_Config_UriBase_Description=\u5355\u70B9\u63A5\u53E3
Plugin-hdmu_Config_FrUri=\u5E06\u8F6F\u7CFB\u7EDFurl
Plugin-hdmu_Config_FrUri_Description=\u5E06\u8F6F\u7CFB\u7EDFurl
Plugin-hdmu_Config_CronCondition=\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_CronCondition_Description=\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_AppID=\u5355\u70B9\u767B\u9646App Key
Plugin-hdmu_Config_AppID_Description=\u5355\u70B9\u767B\u9646App Key
Plugin-hdmu_Config_UriIam=IAM\u540C\u6B65\u63A5\u53E3
Plugin-hdmu_Config_UriIam_Description=IAM\u540C\u6B65\u63A5\u53E3
Plugin-hdmu_Config_AppIamKey=IAM\u7533\u8BF7\u88AB\u63A8App Key
Plugin-hdmu_Config_AppIamKey_Description=idm\u5E94\u7528\u914D\u7F6E\u7533\u8BF7\u7684\u88AB\u63A8App Key
Plugin-hdmu_Config_CheckIamCron=\u68C0\u6D4B\u5FC3\u8DF3\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_CheckIamCron_Description=\u68C0\u6D4B\u5FC3\u8DF3\u5B9A\u65F6\u4EFB\u52A1\u8868\u8FBE\u5F0F
Plugin-hdmu_Config_IamStatus=Iam\u72B6\u6001
Plugin-hdmu_Config_IamStatus_Description=Iam\u72B6\u6001
Plugin-hdmu_Config_UpdateTime=\u540C\u6B65\u66F4\u65B0\u65F6\u95F4
Plugin-hdmu_Config_UpdateTime_Description=\u540C\u6B65\u66F4\u65B0\u65F6\u95F4\uFF0C\u683C\u5F0F\u4E3A2019-11-01 00:00:00
Plugin-hdmu_Licence_Expired=\u5355\u70B9\u767B\u9646\u63D2\u4EF6\u8BB8\u53EF\u8FC7\u671F

14
src/main/resources/com/fr/plugin/hdmu/web/hdmu.js

@ -0,0 +1,14 @@
!(function () {
BI.config("dec.constant.account.items", function (items) {
$.extend(items[items.length - 1], {
handler: function () {
Dec.Utils.logout((function (e) {
Dec.Utils.clearLoginToken();
window.parent.location.href = e;
}
));
}
})
return items;
});
})();
Loading…
Cancel
Save