open

2 years ago · 5dc4104b14
10 changed files with 1256 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,6 @@
+# open-JSD-10314
+ 
+JSD-10314 单点集成\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系【pioneer】处理。
--- a/plugin.xml
+++ b/plugin.xml
@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.eco.plugin.xx.hysso</id>
+    <name><![CDATA[单点登录]]></name>
+    <active>yes</active>
+    <version>1.0.1</version>
+    <env-version>10.0</env-version>
+    <jartime>2018-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[单点登录]]></description>
+    <change-notes><![CDATA[
+    ]]></change-notes>
+    <main-package>com.eco.plugin.xx.hysso</main-package>
+    <lifecycle-monitor class="com.eco.plugin.xx.hysso.config.InitializeMonitor"/>
+
+    <extra-decision>
+		<ControllerRegisterProvider class="com.eco.plugin.xx.hysso.login.ControllerRegisterProvider"/>
+    </extra-decision>
+
+    <function-recorder class="com.eco.plugin.xx.hysso.config.PluginSimpleConfig"/>
+
+</plugin>
--- a/src/main/java/com/eco/plugin/xx/hysso/config/InitializeMonitor.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/config/InitializeMonitor.java
@ -0,0 +1,21 @@
+package com.eco.plugin.xx.hysso.config;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author xx
+ * @version 10.0
+ * Created by xx on 2021-12-03
+ */
+public class InitializeMonitor extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun(PluginContext pluginContext) {
+        PluginSimpleConfig.getInstance();
+    }
+
+    @Override
+    public void beforeStop(PluginContext pluginContext) {
+
+    }
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/config/PluginSimpleConfig.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/config/PluginSimpleConfig.java
@ -0,0 +1,52 @@
+package com.eco.plugin.xx.hysso.config;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.record.analyzer.EnableMetrics;
+
+@Visualization(category = "单点登录配置")
+@EnableMetrics
+public class PluginSimpleConfig extends DefaultConfiguration {
+
+    private static volatile PluginSimpleConfig config = null;
+
+    @Focus(id="com.eco.plugin.xx.hysso.config", text = "单点登录配置", source = Original.PLUGIN)
+    public static PluginSimpleConfig getInstance() {
+        if (config == null) {
+            config = ConfigContext.getConfigInstance(PluginSimpleConfig.class);
+        }
+        return config;
+    }
+
+    @Identifier(value = "privatekey", name = "私钥", description = "私钥", status = Status.SHOW)
+    private Conf<String> privatekey = Holders.simple("");
+
+    @Identifier(value = "timeout", name = "超时时间", description = "超时时间", status = Status.SHOW)
+    private Conf<Integer> timeout = Holders.simple(0);
+
+    public String getPrivatekey() {
+        return privatekey.get();
+    }
+
+    public void setPrivatekey(String url) {
+        this.privatekey.set(url);
+    }
+
+    public Integer getTimeout() {
+        return timeout.get();
+    }
+
+    public void setTimeout(Integer url) {
+        this.timeout.set(url);
+    }
+
+    @Override
+    public Object clone() throws CloneNotSupportedException {
+        PluginSimpleConfig cloned = (PluginSimpleConfig) super.clone();
+        return cloned;
+    }
+
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/login/ControllerRegisterProvider.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/login/ControllerRegisterProvider.java
@ -0,0 +1,14 @@
+package com.eco.plugin.xx.hysso.login;
+
+import com.fr.decision.fun.impl.AbstractControllerRegisterProvider;
+import com.fr.plugin.transform.FunctionRecorder;
+
+@FunctionRecorder
+public class ControllerRegisterProvider extends AbstractControllerRegisterProvider {
+    @Override
+    public Class<?>[] getControllers() {
+        return new Class[]{
+                ControllerSelf.class
+        };
+    }
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/login/ControllerSelf.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/login/ControllerSelf.java
@ -0,0 +1,62 @@
+package com.eco.plugin.xx.hysso.login;
+
+import com.eco.plugin.xx.hysso.config.PluginSimpleConfig;
+import com.eco.plugin.xx.hysso.utils.EncryptUtils;
+import com.eco.plugin.xx.hysso.utils.FRUtils;
+import com.eco.plugin.xx.hysso.utils.ResponseUtils;
+import com.eco.plugin.xx.hysso.utils.Utils;
+import com.fr.decision.webservice.annotation.LoginStatusChecker;
+import com.fr.json.JSONObject;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.stable.fun.Authorize;
+import com.fr.third.springframework.stereotype.Controller;
+import com.fr.third.springframework.web.bind.annotation.GetMapping;
+import com.fr.third.springframework.web.bind.annotation.ResponseBody;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@Controller
+@LoginStatusChecker(required = false)
+@Authorize(callSignKey = "com.eco.plugin.xx.hysso")
+public class ControllerSelf {
+
+    @GetMapping(value = "/ssologin")
+    @ResponseBody
+    public void ssologin(HttpServletRequest req,HttpServletResponse res){
+        if(!PluginContexts.currentContext().isAvailable()){
+            ResponseUtils.failedResponse(res,"插件授权过期，请联系管理员！");
+            return ;
+        }
+
+        String token = req.getParameter("ssotoken");
+        String redirect = req.getParameter("redirect");
+        PluginSimpleConfig psc = PluginSimpleConfig.getInstance();
+
+        String plaintext = null;
+        try {
+            plaintext = EncryptUtils.rsaDecrypt(token,psc.getPrivatekey());
+        } catch (Exception e) {
+            ResponseUtils.failedResponse(res,"token解析失败，请联系管理员！错误信息:"+e.getMessage());
+            return ;
+        }
+
+        if(Utils.isNullStr(plaintext)){
+            ResponseUtils.failedResponse(res,"token解析失败，请联系管理员！");
+            return ;
+        }
+
+        JSONObject json = new JSONObject(plaintext);
+        String username = json.getString("username");
+        Long timestamp = json.getLong("timestamp");
+        Long now = System.currentTimeMillis();
+
+        if((now - timestamp)/1000 > psc.getTimeout()){
+            ResponseUtils.failedResponse(res,"token超时，请重新生成！");
+            return ;
+        }
+
+        redirect = Utils.encodeCH(redirect);
+
+        FRUtils.login(req,res,username,redirect);
+    }
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/utils/EncryptUtils.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/utils/EncryptUtils.java
@ -0,0 +1,333 @@
+package com.eco.plugin.xx.hysso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import sun.misc.BASE64Decoder;
+import sun.misc.BASE64Encoder;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.security.*;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.HashMap;
+import java.util.Map;
+
+public class EncryptUtils {
+
+    /**
+     * sha 加密
+     * @param str
+     * @return
+     */
+    public static String sha(String str){
+        String sha256Str = "";
+
+        try {
+            MessageDigest sha256Deget = MessageDigest.getInstance("SHA-256");
+            byte[] sha256Encode = sha256Deget.digest(str.getBytes());
+            sha256Str = ByteToHexStr(sha256Encode);
+        }catch (Exception e){
+            FineLoggerFactory.getLogger().info("FRLOG:SHA256加密异常:"+e.getMessage());
+        }
+
+        return sha256Str;
+    }
+
+    /**
+     * byte数组转16进制字符串
+     * @param bytes
+     * @return
+     */
+    private static String ByteToHexStr(byte[] bytes)
+    {
+        String hexStr = "";
+
+        for(int i =0;i<bytes.length;i++)
+        {
+            int temp = bytes[i] & 0xff;
+            String tempHex = Integer.toHexString(temp);
+            if(tempHex.length() < 2)
+            {
+                hexStr += "0"+tempHex;
+            }
+            else {
+                hexStr += tempHex;
+            }
+        }
+
+        return hexStr;
+    }
+
+    /**
+     * aes 加密
+     * @param str
+     * @param privateKey
+     * @return
+     */
+    public static String aesEncrypt(String str,String privateKey){
+        try {
+            // 生成密钥对象
+            SecretKey secKey = generateAesKey(privateKey.getBytes());
+
+            // 获取 AES 密码器
+            Cipher cipher = Cipher.getInstance("AES");
+            // 初始化密码器（加密模型）
+            cipher.init(Cipher.ENCRYPT_MODE, secKey);
+
+            // 加密数据, 返回密文
+            byte[] cipherBytes = cipher.doFinal(str.getBytes());
+            return new BASE64Encoder().encodeBuffer(cipherBytes);
+        } catch (Throwable e) {
+            FRUtils.FRLogInfo("aes 加密异常 " + e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * 生成密钥对象
+     */
+    private static SecretKey generateAesKey(byte[] key) throws Exception {
+        // 创建安全随机数生成器
+        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+        // 设置 密钥key的字节数组 作为安全随机数生成器的种子
+        random.setSeed(key);
+
+        // 创建 AES算法生成器
+        KeyGenerator gen = KeyGenerator.getInstance("AES");
+        // 初始化算法生成器
+        gen.init(128, random);
+
+        // 生成 AES密钥对象, 也可以直接创建密钥对象: return new SecretKeySpec(key, ALGORITHM);
+        return gen.generateKey();
+    }
+
+    /**
+     * aes 解密
+     * @param str
+     * @param privateKey
+     * @return
+     */
+    public static String aesDecrypt(String str,String privateKey){
+        try {
+            // 生成密钥对象
+            SecretKey secKey = generateAesKey(privateKey.getBytes());
+
+            // 获取 AES 密码器
+            Cipher cipher = Cipher.getInstance("AES");
+            // 初始化密码器（加密模型）
+            cipher.init(Cipher.DECRYPT_MODE, secKey);
+
+            // 加密数据, 返回密文
+            byte[] cipherBytes = cipher.doFinal(new BASE64Decoder().decodeBuffer(str));
+            return new String(cipherBytes);
+        } catch (Throwable e) {
+            FRUtils.FRLogInfo("aes 解密异常 " + e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * base64加密
+     * @param key
+     * @return
+     */
+    public static String base64Encode(String key){
+        return (new BASE64Encoder()).encodeBuffer(key.getBytes());
+    }
+
+    /**
+     * base64加密
+     * @param key
+     * @return
+     */
+    public static String base64Encode(byte[] key){
+        return (new BASE64Encoder()).encodeBuffer(key);
+    }
+
+    /**
+     * base64解密
+     * @param key
+     * @return
+     */
+    public static String base64Decode(String key){
+        String result = "";
+        try {
+            result = new String((new BASE64Decoder()).decodeBuffer(key));
+        } catch (IOException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:BASE64解密异常:"+e.getMessage());
+        }
+
+        return result;
+    }
+
+    /**
+     * base64解密
+     * @param key
+     * @return
+     */
+    public static byte[] base64DecodeB(String key){
+        byte[] result = null;
+        try {
+            result = (new BASE64Decoder()).decodeBuffer(key);
+        } catch (IOException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:BASE64解密异常:"+e.getMessage());
+        }
+
+        return result;
+    }
+
+    /**
+     * 是否被base64加密过
+     * @param str
+     * @return
+     */
+    public static boolean isBase64(String str) {
+        if (str == null || str.trim().length() == 0) {
+            return false;
+        }
+        else {
+            if (str.length() % 4 != 0) {
+                return false;
+            }
+
+            char[] strChars = str.toCharArray();
+
+            for (char c:strChars) {
+                if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9')
+                        || c == '+' || c == '/' || c == '=') {
+                    continue;
+                }
+                else {
+                    return false;
+                }
+            }
+
+            return true;
+        }
+    }
+
+    /**
+     * des加密
+     * @param datasource
+     * @param password
+     * @return
+     */
+    public static String desEncrypt(String datasource, String password) {
+        try {
+            SecureRandom random = new SecureRandom();
+            DESKeySpec desKey = new DESKeySpec(password.getBytes());
+            // 创建一个密匙工厂，然后用它把DESKeySpec转换成
+            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
+            SecretKey securekey = keyFactory.generateSecret(desKey);
+            // Cipher对象实际完成加密操作
+            Cipher cipher = Cipher.getInstance("DES");
+            // 用密匙初始化Cipher对象
+            cipher.init(Cipher.ENCRYPT_MODE, securekey, random);
+            // 现在，获取数据并加密
+            // 正式执行加密操作
+            return base64Encode(cipher.doFinal(datasource.getBytes()));
+        } catch (Throwable e) {
+            FRUtils.FRLogInfo("des 加密异常 " + e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * des 解密
+     * @param src
+     * @param password
+     * @return
+     * @throws Exception
+     */
+    public static String desDecrypt(String src, String password) throws Exception {
+        // DES算法要求有一个可信任的随机数源
+        SecureRandom random = new SecureRandom();
+        // 创建一个DESKeySpec对象
+        DESKeySpec desKey = new DESKeySpec(password.getBytes("UTF-8"));
+        // 创建一个密匙工厂
+        SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES");
+        // 将DESKeySpec对象转换成SecretKey对象
+        SecretKey securekey = keyFactory.generateSecret(desKey);
+        // Cipher对象实际完成解密操作
+        Cipher cipher = Cipher.getInstance("DES");
+        // 用密匙初始化Cipher对象
+        cipher.init(Cipher.DECRYPT_MODE, securekey, random);
+        // 真正开始解密操作
+        return new String(cipher.doFinal(base64DecodeB(src)));
+    }
+
+    /**
+     * 随机生成RSA密钥对
+     * @throws NoSuchAlgorithmException
+     * @return privateKey,publicKey
+     */
+    public static Map<String,String> genRSAKeyPair() throws NoSuchAlgorithmException {
+        // KeyPairGenerator类用于生成公钥和私钥对，基于RSA算法生成对象
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
+        // 初始化密钥对生成器，密钥大小为96-1024位
+        keyPairGen.initialize(1024,new SecureRandom());
+        // 生成一个密钥对，保存在keyPair中
+        KeyPair keyPair = keyPairGen.generateKeyPair();
+        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();   // 得到私钥
+        RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();  // 得到公钥
+        String publicKeyString = base64Encode(publicKey.getEncoded());
+        // 得到私钥字符串
+        String privateKeyString = base64Encode(privateKey.getEncoded());
+        // 将公钥和私钥保存到Map
+        Map<String,String> result = new HashMap<String,String>();
+        result.put("publicKey",publicKeyString.replaceAll("\n","").replace("\r","").trim());
+        result.put("privateKey",privateKeyString.replaceAll("\n","").replace("\r","").trim());
+
+        return result;
+    }
+
+    /**
+     * rsa 加密
+     * @param str
+     * @param publicKey
+     * @return
+     * @throws Exception
+     */
+    public static String rsaEncrypt(String str,String publicKey) throws Exception {
+        //base64编码的公钥
+        byte[] decoded = base64DecodeB(publicKey);
+        RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded));
+        //RSA加密
+        Cipher cipher = Cipher.getInstance("RSA");
+        cipher.init(Cipher.ENCRYPT_MODE, pubKey);
+        String outStr = base64Encode(cipher.doFinal(str.getBytes("UTF-8"))).replaceAll("\n","").replace("\r","").trim();
+        return outStr;
+    }
+
+    /**
+     * rsa解密
+     * @param str
+     * @param privateKey
+     * @return
+     * @throws Exception
+     */
+    public static String rsaDecrypt(String str,String privateKey) throws Exception {
+        //64位解码加密后的字符串
+        byte[] inputByte = base64DecodeB(str);
+        //base64编码的私钥
+        byte[] decoded = base64DecodeB(privateKey);
+        RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded));
+        //RSA解密
+        Cipher cipher = Cipher.getInstance("RSA");
+        cipher.init(Cipher.DECRYPT_MODE, priKey);
+        String outStr = new String(cipher.doFinal(inputByte));
+        return outStr;
+    }
+
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/utils/FRUtils.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/utils/FRUtils.java
@ -0,0 +1,310 @@
+package com.eco.plugin.xx.hysso.utils;
+
+import com.fr.base.ServerConfig;
+import com.fr.base.TableData;
+import com.fr.base.TemplateUtils;
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.base.util.UUIDUtil;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean;
+import com.fr.decision.webservice.interceptor.handler.ReportTemplateRequestChecker;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.utils.DecisionStatusService;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.event.LogInOutEvent;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.event.EventDispatcher;
+import com.fr.file.TableDataConfig;
+import com.fr.general.data.DataModel;
+import com.fr.log.FineLoggerFactory;
+import com.fr.script.Calculator;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.third.springframework.web.method.HandlerMethod;
+import com.fr.web.controller.ReportRequestService;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.List;
+
+public class FRUtils {
+    /**
+     * 判断用户是否存在
+     * @param userName
+     * @return
+     */
+    public static boolean isUserExist(String userName){
+        if (StringUtils.isEmpty(userName)) {
+            return false;
+        } else {
+            try {
+                List var1 = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName)));
+                return var1 != null && !var1.isEmpty();
+            } catch (Exception var2) {
+                FineLoggerFactory.getLogger().error(var2.getMessage());
+                return false;
+            }
+        }
+    }
+
+    /**
+     * 判断是否登录FR
+     * @param req
+     * @return
+     */
+    public static boolean isLogin(HttpServletRequest req){
+        return LoginService.getInstance().isLogged(req);
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param userName
+     * @param url
+     */
+    public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(userName)){
+            if(isUserExist(userName)){
+                String FRToken = "";
+
+                try {
+                    //HttpSession session = httpServletRequest.getSession(true);
+
+                    FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName);
+
+                    //httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
+
+                    //session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
+                    EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true));
+                    FineLoggerFactory.getLogger().info("FRLOG:登陆成功!");
+
+                    if(!Utils.isNullStr(url)){
+                        httpServletResponse.sendRedirect(url);
+                    }
+                } catch (Exception e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOG:登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+                }
+            }else{
+                ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!");
+                FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!");
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!");
+        }
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param token
+     * @param url
+     */
+    public static void loginByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:token:"+token);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(token)){
+            writeToken2Cookie(httpServletResponse,token,-1);
+
+            HttpSession session = httpServletRequest.getSession(true);
+
+            httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token);
+
+            session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
+
+            if(!Utils.isNullStr(url)){
+                try {
+                    httpServletResponse.sendRedirect(url);
+                } catch (IOException e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"跳转异常!");
+                    FineLoggerFactory.getLogger().info("FRLOG:跳转异常!");
+                }
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"token不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:token不能为空!");
+        }
+    }
+
+    /**
+     * 获取token
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param username
+     * @return
+     */
+    public static String getToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String username){
+        String token = "";
+        try {
+            token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, username);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:获取token失败"+e.getMessage());
+        }
+
+        return token;
+    }
+
+    private static void writeToken2Cookie(HttpServletResponse var1, String var2, int var3) {
+        try {
+            if (StringUtils.isNotEmpty(var2)) {
+                Cookie var4 = new Cookie("fine_auth_token", var2);
+                long var5 = var3 == -2 ? 1209600000L : (long)var3;
+                var4.setMaxAge((int)var5);
+                var4.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var4);
+                Cookie var7 = new Cookie("fine_remember_login", String.valueOf(var3 == -2 ? -2 : -1));
+                var7.setMaxAge((int)var5);
+                var7.setPath(ServerConfig.getInstance().getCookiePath());
+                var1.addCookie(var7);
+            } else {
+                FineLoggerFactory.getLogger().error("empty token cannot save.");
+            }
+        } catch (Exception var8) {
+            FineLoggerFactory.getLogger().error(var8.getMessage(), var8);
+        }
+
+    }
+
+    /**
+     *
+     * @param httpServletRequest
+     * @param httpServletResponse
+     */
+    public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse)
+    {
+        if(!isLogin(httpServletRequest)){
+            return ;
+        }
+
+        try {
+            LoginService.getInstance().logout(httpServletRequest,httpServletResponse);
+        } catch (Exception e) {
+            ResponseUtils.failedResponse(httpServletResponse,"登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOG:登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+        }
+    }
+
+    /**
+     * 打印FR日志
+     * @param message
+     */
+    public static void FRLogInfo(String message){
+        FineLoggerFactory.getLogger().info("FRLOG:"+message);
+    }
+
+    /**
+     * 打印FR日志-error
+     * @param message
+     */
+    public static void FRLogError(String message){
+        FineLoggerFactory.getLogger().error("FRLOG:"+message);
+    }
+
+
+    /**
+     * 根据用户名获取用户信息
+     * @param userName
+     * @return
+     */
+    public static User getFRUserByUserName(String userName){
+        try {
+            return UserService.getInstance().getUserByUserName(userName);
+        } catch (Exception e) {
+            FRLogInfo("获取用户信息异常:"+e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * 根据明文密码生成数据库中的密码，用户密码校验用
+     * @return
+     */
+    public static String getDBPsd(String username,String password){
+        PasswordValidator pv = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+        String uuid = UUIDUtil.generate();
+
+        return pv.encode(username, password, uuid);
+    }
+
+    /**
+     * 获取带参数的访问链接
+     * @return
+     */
+    public static String getAllUrl(HttpServletRequest httpServletRequest){
+        return  WebUtils.getOriginalURL(httpServletRequest);
+    }
+
+	/**
+     * 根据originKey获取源链接
+     * @param originKey
+     * @return
+     * @throws Exception
+     */
+    public static String getOriginUrl(String originKey) throws Exception {
+        if (StringUtils.isNotEmpty(originKey)) {
+            OriginUrlResponseBean originUrlResponseBean = (OriginUrlResponseBean) DecisionStatusService.originUrlStatusService().get(originKey);
+            DecisionStatusService.originUrlStatusService().delete(originKey);
+            if (originUrlResponseBean != null) {
+                return originUrlResponseBean.getOriginUrl();
+            }
+        }
+
+        return new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}")).getOriginUrl();
+    }
+
+	/**
+     * 判断是否开启模板认证
+     * @param
+     * @return
+     * @throws Exception
+     */
+	public static boolean isTempAuth(HttpServletRequest req,HttpServletResponse res) throws Exception {
+        ReportTemplateRequestChecker checker = new ReportTemplateRequestChecker();
+        HandlerMethod hm = new HandlerMethod(new ReportRequestService(),ReportRequestService.class.getMethod("preview", HttpServletRequest.class, HttpServletResponse.class, String.class));
+        return checker.checkRequest(req,res,hm);
+    }
+
+    /**
+     * 获取数据集数据
+     * @param serverDataSetName
+     * @return
+     */
+    public static DataModel getTableData(String serverDataSetName){
+        TableData userInfo = TableDataConfig.getInstance().getTableData(serverDataSetName);
+        DataModel userInfoDM = userInfo.createDataModel(Calculator.createCalculator());
+//        userInfoDM.getRowCount();
+//        userInfoDM.getColumnIndex();
+//        userInfoDM.getValueAt()
+        return userInfoDM;
+    }
+	
+	public static String getIndex(HttpServletRequest req){
+		String url = req.getScheme()+"://"+req.getServerName()+":"+String.valueOf(req.getServerPort())+req.getRequestURI();
+        return url;
+	}
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/utils/ResponseUtils.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/utils/ResponseUtils.java
@ -0,0 +1,108 @@
+package com.eco.plugin.xx.hysso.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class ResponseUtils {
+    private static final int SUCCESS = 200;
+    private static final int FAILED = -1;
+
+    public static void successResponse(HttpServletResponse res, String body) {
+        response(res, body, SUCCESS);
+    }
+
+    public static void failedResponse(HttpServletResponse res, String body) {
+        response(res, body, FAILED);
+    }
+
+    private static void response(HttpServletResponse res, String body, int code) {
+        JSONObject object = new JSONObject();
+        PrintWriter pw;
+        try {
+            object.put("code", code);
+            object.put("data", body);
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = object.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void response(HttpServletResponse res,JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = json.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseText(HttpServletResponse res,String text){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/html;charset=utf-8");
+        pw.println(text);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseXml(HttpServletResponse res,String xml){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/xml;charset=utf-8");
+        pw.println(xml);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void setCSRFHeader(HttpServletResponse httpServletResponse){
+        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH");
+        httpServletResponse.setHeader("Access-Control-Max-Age", "36000");
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization");
+    }
+
+    public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/javascript;charset=utf-8;charset=utf-8");
+        String result = json.toString();
+
+        String jsonp=req.getParameter("callback");
+
+        pw.println(jsonp+"("+result+")");
+        pw.flush();
+        pw.close();
+    }
+}
--- a/src/main/java/com/eco/plugin/xx/hysso/utils/Utils.java
+++ b/src/main/java/com/eco/plugin/xx/hysso/utils/Utils.java
@ -0,0 +1,329 @@
+package com.eco.plugin.xx.hysso.utils;
+
+import com.fr.base.TemplateUtils;
+import com.fr.data.NetworkHelper;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONObject;
+import com.fr.stable.CodeUtils;
+import com.fr.stable.StringUtils;
+import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class Utils {
+
+    /**
+     * 判断字符串是否为空
+     * @param str
+     * @return  true 空字符串  false 非空字符串
+     */
+    public static boolean isNullStr(String str){
+        return !(str != null && !str.isEmpty() && !"null".equals(str));
+    }
+
+    /**
+     * 判断字符串是否非空
+     * @param str
+     * @return
+     */
+    public static boolean isNotNullStr(String str){
+        return !isNullStr(str);
+    }
+
+    /**
+     * MD5加密
+     * @param str
+     * @return
+     */
+    public static String getMd5Str(String str)
+    {
+        return DigestUtils.md5Hex(str);
+    }
+
+	/**
+     * 帆软shaEncode加密
+     */
+
+	public static String shaEncode(String str){
+		return CodeUtils.sha256Encode(str);
+	}
+
+    /**
+     * 获取uuid
+     */
+    public static String uuid(){
+        return UUID.randomUUID().toString();
+    }
+
+    /**
+     * 替换空字符串
+     * @param str
+     * @param replace
+     * @return
+     */
+    public static String replaceNullStr(String str,String replace){
+        if(isNullStr(str)){
+            return replace;
+        }
+
+        return str;
+    }
+
+    /**
+     * 获取请求体
+     * @param req
+     * @return
+     */
+    public static JSONObject getRequestBody(HttpServletRequest req){
+        StringBuffer sb = new StringBuffer();
+        String line = null;
+        try {
+            BufferedReader reader = req.getReader();
+            while ((line = reader.readLine()) != null)
+                sb.append(line);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage());
+        }
+        //将空格和换行符替换掉避免使用反序列化工具解析对象时失败
+        String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n","");
+
+        JSONObject json = new JSONObject(jsonString);
+
+        return json;
+    }
+
+    /**
+     * 获取ip
+     * @return
+     */
+    public static String getIp(HttpServletRequest req){
+        String realIp = req.getHeader("X-Real-IP");
+        String fw = req.getHeader("X-Forwarded-For");
+        if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
+            int var3 = fw.indexOf(",");
+            return var3 != -1 ? fw.substring(0, var3) : fw;
+        } else {
+            fw = realIp;
+            if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
+                return realIp;
+            } else {
+                if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
+                    fw = req.getHeader("Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("WL-Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_CLIENT_IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_X_FORWARDED_FOR");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getRemoteAddr();
+                }
+
+                return fw;
+            }
+        }
+    }
+
+    /**
+     * 根据key获取cookie
+     * @param req
+     * @return
+     */
+    public static String getCookieByKey(HttpServletRequest req,String key){
+        Cookie[] cookies = req.getCookies();
+        String cookie = "";
+
+        if(cookies == null || cookies.length <=0){
+            return "";
+        }
+
+        for(int i = 0; i < cookies.length; i++) {
+            Cookie item = cookies[i];
+            if (item.getName().equalsIgnoreCase(key)) {
+                cookie = item.getValue();
+            }
+        }
+
+        FRUtils.FRLogInfo("cookie:"+cookie);
+
+        return cookie;
+    }
+
+    /**
+     * 判断是否是手机端的链接
+     * @param req
+     * @return
+     */
+    public static boolean isMobile(HttpServletRequest req) {
+        String[] mobileArray = {"iPhone", "iPad", "android", "windows phone", "xiaomi"};
+        String userAgent = req.getHeader("user-agent");
+        if (userAgent != null && userAgent.toUpperCase().contains("MOBILE")) {
+            for(String mobile : mobileArray) {
+                if(userAgent.toUpperCase().contains(mobile.toUpperCase())) {
+                    return true;
+                }
+            }
+        }
+        return NetworkHelper.getDevice(req).isMobile();
+    }
+
+    /**
+     * 只编码中文
+     * @param url
+     * @return
+     */
+    public static String encodeCH(String url ){
+        Matcher matcher = Pattern.compile("[\\u4e00-\\u9fa5]").matcher(url);
+
+        while(matcher.find()){
+            String chn = matcher.group();
+            url = url.replaceAll(chn, URLEncoder.encode(chn));
+        }
+
+        return url;
+    }
+
+    /**
+     * 获取web-inf文件夹下的文件
+     * filename /resources/ip4enc.properties
+     */
+    public static InputStream getResourcesFile(String filename){
+        return ResourceIOUtils.read(filename);
+    }
+
+    /**
+     *
+     * @param res
+     * @param path /com/fr/plugin/loginAuth/html/getMac.html
+     * @param parameterMap
+     */
+    public static void toErrorPage(HttpServletResponse res,String path,Map<String, String> parameterMap){
+        if(parameterMap == null){
+            parameterMap = new HashMap<String, String>();
+        }
+
+        try {
+            String macPage = TemplateUtils.renderTemplate(path, parameterMap);
+            WebUtils.printAsString(res, macPage);
+        }catch (Exception e){
+            FRUtils.FRLogError("跳转页面异常");
+        }
+
+    }
+
+    /**
+     * 判断是否是管理员
+     * @param username
+     * @return
+     */
+    public static boolean isAdmin(String username) throws Exception{
+        return UserService.getInstance().isAdmin(UserService.getInstance().getUserByUserName(username).getId());
+    }
+
+    /**
+     * 去掉浏览器中的参数
+     * @param url
+     * @param param
+     * @return
+     */
+    public static String removeParam(String url,String param){
+        if(!url.contains("?"+param) && !url.contains("&"+param)){
+            return url;
+        }
+
+        return url.substring(0,url.indexOf(url.contains("?"+param) ? "?"+param : "&"+param));
+    }
+
+    /**
+     * 获取跳转链接
+     * @param req
+     * @param param
+     * @return
+     */
+    public static String getRedirectUrl(HttpServletRequest req,String param){
+        String url = FRUtils.getAllUrl(req);
+
+        if(isNotNullStr(param)){
+            url = removeParam(url,param);
+        }
+
+        url = encodeCH(url);
+
+        return url;
+    }
+
+    /**
+     * 去除空格换行
+     * @param str
+     * @return
+     */
+    public static String trim(String str){
+        return str.trim().replaceAll("\n","").replaceAll("\r","");
+    }
+
+    /**
+     * list 转化为指定字符分割的字符串
+     * @param list
+     * @param list
+     * @return
+     */
+    public static String listToStr(List<String> list, String split){
+        String result = "";
+
+        if(list == null || list.size() <= 0){
+            return result;
+        }
+
+        for(String str : list){
+            result+=","+str;
+        }
+
+        result = result.substring(1);
+
+        return result;
+    }
+
+    /**
+     * array 转化为指定字符分割的字符串
+     * @param list
+     * @param list
+     * @return
+     */
+    public static String arrayToStr(String[] list, String split){
+        String result = "";
+
+        if(list == null ||list.length <= 0){
+            return result;
+        }
+
+        for(int i=0;i<list.length;i++){
+            String str = list[i];
+            result+=","+str;
+        }
+
+        result = result.substring(1);
+
+        return result;
+    }
+}