open-JSD-10117/src/main/java/com/fr/plugin/oauth/http/OauthLoginHandler.java

package com.fr.plugin.oauth.http;

import com.fanruan.api.json.JSONKit;
import com.finebi.constant.Constants;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.json.JSONArray;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.log.FineLoggerProvider;
import com.fr.plugin.oauth.LoginFilter;
import com.fr.plugin.oauth.W2Config;
import com.fr.plugin.oauth.utils.CookieUtils;
import com.fr.plugin.oauth.utils.HtmlUtils;
import com.fr.plugin.oauth.utils.HttpUtils;
import com.fr.plugin.oauth.utils.RedirectUtils;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.*;

public class OauthLoginHandler extends BaseHttpHandler {
    FineLoggerProvider logger = FineLoggerFactory.getLogger();

    @Override
    public RequestMethod getMethod() {
        return RequestMethod.GET;
    }

    @Override
    public String getPath() {
        return "/authLogin";
    }

    @Override
    public boolean isPublic() {
        return true;
    }

    @Override
    public void handle(HttpServletRequest req, HttpServletResponse resp) throws Exception {
        W2Config w2Config = W2Config.getInstance();

        String accessToken = req.getParameter("ssoTokenId");
        if (StringUtils.isBlank(accessToken)) {
            WebUtils.printAsString(resp, new String("未能获取token，登陆失败!".getBytes("gbk"), "utf-8"));
            return;
        }

        String userName = getUserName(accessToken);
        String token = login(req, resp, userName);

        if (StringUtils.isBlank(token)) {
            WebUtils.printAsString(resp, userName + new String("该用户没有本系统权限".getBytes("gbk"), "utf-8"));
            return;
        }

        CookieUtils.setLoginCookie(resp);

        String iframeUrl = req.getParameter("iframeurl");
        String redirecturl = req.getParameter("redirecturl");
        if (StringUtils.isNotBlank(iframeUrl)) {
            // 跳转至报表链接
            gotoFormLink(req, resp, iframeUrl);
        } else if (StringUtils.isNotBlank(redirecturl)) {
            HtmlUtils.sendRedirect(userName, redirecturl, token, resp, "/com/fr/plugin/oauth/web/redirectbyrole.html");
        } else {
            // 跳转至报表管理平台
            RedirectUtils.redirect(userName, w2Config, token, resp);
        }
        //RedirectUtils.redirect(userName, w2Config, token, resp);
    }


    private String getUserName(String accessToken) {
        //String url = String.format(API_GET_USERINFO, W2Config.getInstance().getIdf());
        String url = String.format(W2Config.getInstance().getApiUserInfo(), W2Config.getInstance().getIdf());
        Map<String, String> params = new HashMap<>();
        params.put("tokenId", accessToken);
        String json = null;
        try {
            //json = HttpKit.get(url, params);
            json = HttpUtils.get(url, params);
            logger.info("get user info response:" + json);
            JSONObject jsonObject = JSONKit.create(json);
            if (jsonObject != null && StringUtils.equals(jsonObject.getString("responseCode"), "000000")) {
                JSONObject user = jsonObject.getJSONObject("data");
                String um = user.getString("umAccount");
                FineLoggerFactory.getLogger().info("have got user name :" + um);
                if (StringUtils.isNotBlank(um)) {
                    return um.toUpperCase();
                }
            }

            FineLoggerFactory.getLogger().info("have not got user name");
            return "";
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage());
        }
        return "";
    }

    /**
     * 后台登录方法
     */
    private String login(HttpServletRequest req, HttpServletResponse res, String username) {
        HttpSession session = req.getSession(true);
        try {
            return LoginService.getInstance().login(req, res, username);
//            session.removeAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
            FineLoggerFactory.getLogger().error("login failed");
        }
//        session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
        return "";
    }

    /**
     * 跳转至报表链接
     * 该链接放在iframe中，为了写入cookie，需要特殊处理
     */
    private void gotoFormLink(HttpServletRequest req, HttpServletResponse resp, String url) {
        boolean resetCookie = false;
        String userAgent = req.getHeader("User-Agent");
        if (StringUtils.isNotBlank(userAgent) && userAgent.contains("Chrome")) {
            resetCookie = true;
        }

        Collection<String> collection = resp.getHeaders("Set-Cookie");
        if (collection != null && collection.size() > 0) {
            HashMap hashMap = new HashMap();
            String cookies = "";
            if (resetCookie) {
                for (String c : collection) {
                    cookies = cookies + c + ";Secure;SameSite=None;@@";
                }
            }
            hashMap.put("cookies", cookies);
            hashMap.put("callBack", url);

            try {
                WebUtils.writeOutTemplate("/com/fr/plugin/oauth/web/redirectcook.html", resp, hashMap);
            } catch (IOException e) {
                FineLoggerFactory.getLogger().error(e.getMessage());
            }
        } else {
            FineLoggerFactory.getLogger().error("login failed, there must be cookies");
        }
    }

}