open-JSD-10117/src/main/java/com/fr/plugin/oauth/http/OauthLoginHandler.java

package com.fr.plugin.oauth.http;

import com.fanruan.api.json.JSONKit;
import com.finebi.constant.Constants;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import com.fr.plugin.oauth.LoginFilter;
import com.fr.plugin.oauth.W2Config;
import com.fr.plugin.oauth.utils.CookieUtils;
import com.fr.plugin.oauth.utils.HtmlUtils;
import com.fr.plugin.oauth.utils.HttpUtils;
import com.fr.plugin.oauth.utils.RedirectUtils;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.*;

public class OauthLoginHandler extends BaseHttpHandler {
    FineLoggerProvider logger = FineLoggerFactory.getLogger();

    @Override
    public RequestMethod getMethod() {
        return RequestMethod.GET;
    }

    @Override
    public String getPath() {
        return "/authLogin";
    }

    @Override
    public boolean isPublic() {
        return true;
    }

    @Override
    public void handle(HttpServletRequest req, HttpServletResponse resp) throws Exception {
        W2Config w2Config = W2Config.getInstance();

        String accessToken = req.getParameter("ssoTokenId");
        if (StringUtils.isBlank(accessToken)) {
            WebUtils.printAsString(resp, new String("未能获取token，登陆失败!".getBytes("gbk"), "utf-8"));
            return;
        }

        String userName = getUserName(accessToken);
        String token = login(req, resp, userName);

        if (StringUtils.isBlank(token)) {
            WebUtils.printAsString(resp, userName + new String("该用户没有本系统权限".getBytes("gbk"), "utf-8"));
            return;
        }

        CookieUtils.setLoginCookie(resp);

        String iframeUrl = req.getParameter("iframeurl");
        String redirecturl = req.getParameter("redirecturl");
        if (StringUtils.isNotBlank(iframeUrl)) {
            // 跳转至报表链接
            gotoFormLink(req, resp, iframeUrl);
        } else if (StringUtils.isNotBlank(redirecturl)) {
            HtmlUtils.sendRedirect(userName, redirecturl, token, resp, "/com/fr/plugin/oauth/web/redirectbyrole.html");
        } else {
            // 跳转至报表管理平台
            RedirectUtils.redirect(userName, w2Config, token, resp);
        }
        //RedirectUtils.redirect(userName, w2Config, token, resp);
    }


    private String getUserName(String accessToken) {
        //String url = String.format(API_GET_USERINFO, W2Config.getInstance().getIdf());
        String url = String.format(W2Config.getInstance().getApiUserInfo(), W2Config.getInstance().getIdf());
        Map<String, String> params = new HashMap<>();
        params.put("tokenId", accessToken);
        String json = null;
        try {
            //json = HttpKit.get(url, params);
            json = HttpUtils.get(url, params);
            logger.info("get user info response:" + json);
            JSONObject jsonObject = JSONKit.create(json);
            if (jsonObject != null && StringUtils.equals(jsonObject.getString("responseCode"), "000000")) {
                JSONObject user = jsonObject.getJSONObject("data");
                String um = user.getString("umAccount");
                FineLoggerFactory.getLogger().info("have got user name :" + um);
                if (StringUtils.isNotBlank(um)) {
                    return um.toUpperCase();
                }
            }

            FineLoggerFactory.getLogger().info("have not got user name");
            return "";
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage());
        }
        return "";
    }

    /**
     * 后台登录方法
     */
    private String login(HttpServletRequest req, HttpServletResponse res, String username) {
        HttpSession session = req.getSession(true);
        try {
            return LoginService.getInstance().login(req, res, username);
//            session.removeAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("login failed");
        }
//        session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
        return "";
    }

    /**
     * 跳转至报表链接
     * 该链接放在iframe中，为了写入cookie，需要特殊处理
     */
    private void gotoFormLink(HttpServletRequest req, HttpServletResponse resp, String url) {
        boolean resetCookie = false;
        String userAgent = req.getHeader("User-Agent");
        if (StringUtils.isNotBlank(userAgent) && userAgent.contains("Chrome")) {
            resetCookie = true;
        }

        Collection<String> collection = resp.getHeaders("Set-Cookie");
        if (collection != null && collection.size() > 0) {
            HashMap hashMap = new HashMap();
            String cookies = "";
            if (resetCookie) {
                for (String c : collection) {
                    cookies = cookies + c + ";Secure;SameSite=None;@@";
                }
            }
            hashMap.put("cookies", cookies);
            hashMap.put("callBack", url);

            try {
                WebUtils.writeOutTemplate("/com/fr/plugin/oauth/web/redirectcook.html", resp, hashMap);
            } catch (IOException e) {
                FineLoggerFactory.getLogger().error(e.getMessage());
            }
        } else {
            FineLoggerFactory.getLogger().error("login failed, there must be cookies");
        }
    }

}
open 3 years ago			`package com.fr.plugin.oauth.http;`

			`import com.fanruan.api.json.JSONKit;`
			`import com.finebi.constant.Constants;`
			`import com.fr.decision.fun.impl.BaseHttpHandler;`
			`import com.fr.decision.webservice.v10.login.LoginService;`
			`import com.fr.json.JSONArray;`
			`import com.fr.json.JSONObject;`
			`import com.fr.log.FineLoggerFactory;`
			`import com.fr.log.FineLoggerProvider;`
			`import com.fr.plugin.oauth.LoginFilter;`
			`import com.fr.plugin.oauth.W2Config;`
			`import com.fr.plugin.oauth.utils.CookieUtils;`
			`import com.fr.plugin.oauth.utils.HtmlUtils;`
			`import com.fr.plugin.oauth.utils.HttpUtils;`
			`import com.fr.plugin.oauth.utils.RedirectUtils;`
			`import com.fr.stable.StringUtils;`
			`import com.fr.third.springframework.web.bind.annotation.RequestMethod;`
			`import com.fr.web.utils.WebUtils;`

			`import javax.servlet.http.HttpServletRequest;`
			`import javax.servlet.http.HttpServletResponse;`
			`import javax.servlet.http.HttpSession;`
			`import java.io.IOException;`
			`import java.util.*;`

			`public class OauthLoginHandler extends BaseHttpHandler {`
			`FineLoggerProvider logger = FineLoggerFactory.getLogger();`

			`@Override`
			`public RequestMethod getMethod() {`
			`return RequestMethod.GET;`
			`}`

			`@Override`
			`public String getPath() {`
			`return "/authLogin";`
			`}`

			`@Override`
			`public boolean isPublic() {`
			`return true;`
			`}`

			`@Override`
			`public void handle(HttpServletRequest req, HttpServletResponse resp) throws Exception {`
			`W2Config w2Config = W2Config.getInstance();`

			`String accessToken = req.getParameter("ssoTokenId");`
			`if (StringUtils.isBlank(accessToken)) {`
			`WebUtils.printAsString(resp, new String("未能获取token，登陆失败!".getBytes("gbk"), "utf-8"));`
			`return;`
			`}`

			`String userName = getUserName(accessToken);`
			`String token = login(req, resp, userName);`

			`if (StringUtils.isBlank(token)) {`
			`WebUtils.printAsString(resp, userName + new String("该用户没有本系统权限".getBytes("gbk"), "utf-8"));`
			`return;`
			`}`

			`CookieUtils.setLoginCookie(resp);`

			`String iframeUrl = req.getParameter("iframeurl");`
			`String redirecturl = req.getParameter("redirecturl");`
			`if (StringUtils.isNotBlank(iframeUrl)) {`
			`// 跳转至报表链接`
			`gotoFormLink(req, resp, iframeUrl);`
			`} else if (StringUtils.isNotBlank(redirecturl)) {`
			`HtmlUtils.sendRedirect(userName, redirecturl, token, resp, "/com/fr/plugin/oauth/web/redirectbyrole.html");`
			`} else {`
			`// 跳转至报表管理平台`
			`RedirectUtils.redirect(userName, w2Config, token, resp);`
			`}`
			`//RedirectUtils.redirect(userName, w2Config, token, resp);`
			`}`


			`private String getUserName(String accessToken) {`
			`//String url = String.format(API_GET_USERINFO, W2Config.getInstance().getIdf());`
			`String url = String.format(W2Config.getInstance().getApiUserInfo(), W2Config.getInstance().getIdf());`
			`Map<String, String> params = new HashMap<>();`
			`params.put("tokenId", accessToken);`
			`String json = null;`
			`try {`
			`//json = HttpKit.get(url, params);`
			`json = HttpUtils.get(url, params);`
			`logger.info("get user info response:" + json);`
			`JSONObject jsonObject = JSONKit.create(json);`
			`if (jsonObject != null && StringUtils.equals(jsonObject.getString("responseCode"), "000000")) {`
			`JSONObject user = jsonObject.getJSONObject("data");`
			`String um = user.getString("umAccount");`
			`FineLoggerFactory.getLogger().info("have got user name :" + um);`
			`if (StringUtils.isNotBlank(um)) {`
			`return um.toUpperCase();`
			`}`
			`}`

			`FineLoggerFactory.getLogger().info("have not got user name");`
			`return "";`
			`} catch (Exception e) {`
			`FineLoggerFactory.getLogger().error(e.getMessage());`
			`}`
			`return "";`
			`}`

			`/**`
			`* 后台登录方法`
			`*/`
			`private String login(HttpServletRequest req, HttpServletResponse res, String username) {`
			`HttpSession session = req.getSession(true);`
			`try {`
			`return LoginService.getInstance().login(req, res, username);`
			`// session.removeAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME);`
			`} catch (Exception e) {`
			`FineLoggerFactory.getLogger().error(e.getMessage(), e);`
			`FineLoggerFactory.getLogger().error("login failed");`
			`}`
			`// session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);`
			`return "";`
			`}`

			`/**`
			`* 跳转至报表链接`
			`* 该链接放在iframe中，为了写入cookie，需要特殊处理`
			`*/`
			`private void gotoFormLink(HttpServletRequest req, HttpServletResponse resp, String url) {`
			`boolean resetCookie = false;`
			`String userAgent = req.getHeader("User-Agent");`
			`if (StringUtils.isNotBlank(userAgent) && userAgent.contains("Chrome")) {`
			`resetCookie = true;`
			`}`

			`Collection<String> collection = resp.getHeaders("Set-Cookie");`
			`if (collection != null && collection.size() > 0) {`
			`HashMap hashMap = new HashMap();`
			`String cookies = "";`
			`if (resetCookie) {`
			`for (String c : collection) {`
			`cookies = cookies + c + ";Secure;SameSite=None;@@";`
			`}`
			`}`
			`hashMap.put("cookies", cookies);`
			`hashMap.put("callBack", url);`

			`try {`
			`WebUtils.writeOutTemplate("/com/fr/plugin/oauth/web/redirectcook.html", resp, hashMap);`
			`} catch (IOException e) {`
			`FineLoggerFactory.getLogger().error(e.getMessage());`
			`}`
			`} else {`
			`FineLoggerFactory.getLogger().error("login failed, there must be cookies");`
			`}`
			`}`

			`}`