commit 3f40e85966df2fa572b661d29f559d16bb5d4e7c Author: pioneer Date: Mon Dec 12 15:46:05 2022 +0800 open diff --git a/README.md b/README.md new file mode 100644 index 0000000..c0ccdd9 --- /dev/null +++ b/README.md @@ -0,0 +1,6 @@ +# open-JSD-10342 + +JSD-10342 单点集成\ +免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\ +仅作为开发者学习参考使用!禁止用于任何商业用途!\ +为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系【pioneer】处理。 \ No newline at end of file diff --git a/lib/finekit-10.0-20220427.jar b/lib/finekit-10.0-20220427.jar new file mode 100644 index 0000000..6793f18 Binary files /dev/null and b/lib/finekit-10.0-20220427.jar differ diff --git a/lib/jackson-annotations-2.8.0.jar b/lib/jackson-annotations-2.8.0.jar new file mode 100644 index 0000000..d19b67b Binary files /dev/null and b/lib/jackson-annotations-2.8.0.jar differ diff --git a/lib/jackson-core-2.8.9.jar b/lib/jackson-core-2.8.9.jar new file mode 100644 index 0000000..5cfc729 Binary files /dev/null and b/lib/jackson-core-2.8.9.jar differ diff --git a/lib/jackson-databind-2.8.9.jar b/lib/jackson-databind-2.8.9.jar new file mode 100644 index 0000000..3e6b84b Binary files /dev/null and b/lib/jackson-databind-2.8.9.jar differ diff --git a/lib/jjwt-0.9.0.jar b/lib/jjwt-0.9.0.jar new file mode 100644 index 0000000..d180465 Binary files /dev/null and b/lib/jjwt-0.9.0.jar differ diff --git a/lib/uc-fanruan.jar b/lib/uc-fanruan.jar new file mode 100644 index 0000000..38bcf21 Binary files /dev/null and b/lib/uc-fanruan.jar differ diff --git a/plugin.xml b/plugin.xml new file mode 100644 index 0000000..0b548c7 --- /dev/null +++ b/plugin.xml @@ -0,0 +1,22 @@ + + + com.eco.plugin.xx.login.kyjd + + yes + 1.0.0 + 10.0 + 2021-02-10 + fr.open + com.fr.plugin + + + + 2022-6-4 22:26:00 + + + + + + \ No newline at end of file diff --git a/src/main/java/com/fr/plugin/FunctionRecoder.java b/src/main/java/com/fr/plugin/FunctionRecoder.java new file mode 100644 index 0000000..963ca84 --- /dev/null +++ b/src/main/java/com/fr/plugin/FunctionRecoder.java @@ -0,0 +1,12 @@ +package com.fr.plugin; + +import com.fr.plugin.transform.ExecuteFunctionRecord; +import com.fr.plugin.transform.FunctionRecorder; + +@FunctionRecorder +public class FunctionRecoder { + @ExecuteFunctionRecord + public void exe(){ + System.out.println("插件功能埋点,虽然不会执行,除非上架应用"); + } +} diff --git a/src/main/java/com/fr/plugin/JwtUtil.java b/src/main/java/com/fr/plugin/JwtUtil.java new file mode 100644 index 0000000..9ea0453 --- /dev/null +++ b/src/main/java/com/fr/plugin/JwtUtil.java @@ -0,0 +1,100 @@ +package com.fr.plugin; + + +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.Jwts; + +import java.util.Date; + +/** + * 客户提供的类未做修改 + * + * + * @author zst + * @date 2022-06-02 + */ +public class JwtUtil { + //JWT密钥 + public static final String JWT_SECRET = "xx"; + + /** + * 验证token是否失效 + * + * @param token + * @param secret + * @return true:过期 false:没过期 + */ + public static boolean isTokenExpired(String token, String secret) { + Date expiration = getExpirationDateFromToken(token, secret); + return expiration.before(new Date()); + } + + /** + * 从token中获取用户id + * + * @param token + * @param secret + * @return + */ + public static String getUserIdFromToken(String token, String secret) { + return getClaimFromToken(token, secret).getSubject(); + } + + /** + * 获取token发布时间 + * + * @param token + * @param secret + * @return + */ + public static Date getIssuedAtDateFromToken(String token, String secret) { + return getClaimFromToken(token, secret).getIssuedAt(); + } + + /** + * 获取token失效时间 + * + * @param token + * @param secret + * @return + */ + public static Date getExpirationDateFromToken(String token, String secret) { + return getClaimFromToken(token, secret).getExpiration(); + } + + /** + * 获取token接收者 + * + * @param token + * @param secret + * @return + */ + public static String getAudienceFromToken(String token, String secret) { + return getClaimFromToken(token, secret).getAudience(); + } + + /** + * 获取私有claim + * + * @param token + * @param key + * @param secret + * @return + */ + public static String getPrivateClaimFromToken(String token, String key, String secret) { + return getClaimFromToken(token, secret).get(key).toString(); + } + + /** + * 获取jwt的payload部分 + * + * @param token + * @param secret + * @return + */ + private static Claims getClaimFromToken(String token, String secret) { + return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); + } + + +} diff --git a/src/main/java/com/fr/plugin/KYJDLifeCycleMonitor.java b/src/main/java/com/fr/plugin/KYJDLifeCycleMonitor.java new file mode 100644 index 0000000..52adcc4 --- /dev/null +++ b/src/main/java/com/fr/plugin/KYJDLifeCycleMonitor.java @@ -0,0 +1,17 @@ +package com.fr.plugin; + +import com.fr.plugin.context.PluginContext; +import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor; +import com.fr.stable.fun.Authorize; + +@Authorize +public class KYJDLifeCycleMonitor extends AbstractPluginLifecycleMonitor { + @Override + public void afterRun(PluginContext pluginContext) { + } + + @Override + public void beforeStop(PluginContext pluginContext) { + + } +} diff --git a/src/main/java/com/fr/plugin/filter/KYJDDecision1Filter.java b/src/main/java/com/fr/plugin/filter/KYJDDecision1Filter.java new file mode 100644 index 0000000..d923a03 --- /dev/null +++ b/src/main/java/com/fr/plugin/filter/KYJDDecision1Filter.java @@ -0,0 +1,172 @@ +package com.fr.plugin.filter; + +import com.fanruan.api.log.LogKit; +import com.fr.base.ServerConfig; +import com.fr.data.NetworkHelper; +import com.fr.decision.authority.data.User; +import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; +import com.fr.decision.mobile.terminal.TerminalHandler; +import com.fr.decision.webservice.v10.login.LoginService; +import com.fr.decision.webservice.v10.login.TokenResource; +import com.fr.decision.webservice.v10.user.UserService; +import com.fr.json.JSONObject; +import com.fr.log.FineLoggerFactory; +import com.fr.plugin.JwtUtil; +import com.fr.stable.StringUtils; +import com.fr.stable.web.Device; +import com.fr.web.utils.WebUtils; + +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.net.URLEncoder; +import java.util.Enumeration; + +public class KYJDDecision1Filter extends AbstractGlobalRequestFilterProvider { + @Override + public String filterName() { + return "KYJDDecision1Filter"; + } + + @Override + public String[] urlPatterns() { + return new String[]{ + "/decision", + }; + } + + @Override + public void init(FilterConfig filterConfig) { + super.init(filterConfig); + } + + @Override + public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { + try { + String ucToken = req.getParameter("uc_token"); + if (req.getMethod().equals("GET")&& StringUtils.isNotBlank(ucToken)) { + String userIdFromToken = JwtUtil.getUserIdFromToken(ucToken, JwtUtil.JWT_SECRET); + User user = UserService.getInstance().getUserByUserName(userIdFromToken); + if (user == null) { + LogKit.error("解析的用户给在系统中未查到:{}",userIdFromToken); + }else{ + String url = getUrl(req); + LogKit.info("解析JWT成功,用户信息:{} 跳转去:{} ",user.toString(),url); + login(req,res,userIdFromToken); + sendRedirect(res,url); + return; + } + } + filterChain.doFilter(req, res); + } catch (Exception e) { + FineLoggerFactory.getLogger().error(e.getMessage(), e); + } + } + + private String getUrl(HttpServletRequest request) { + StringBuilder builder=new StringBuilder( ); + + String url = "/"; + try { + url = request.getScheme()+"://" + request.getServerName()//服务器地址 + + ":" + + request.getServerPort() + request.getRequestURI(); + builder.append(url); + Enumeration parameterNames = request.getParameterNames(); + builder.append("?ttt=1"); + while (parameterNames.hasMoreElements()) { + String key = parameterNames.nextElement(); + if(StringUtils.equals(key,"uc_token")){ + continue; + } + builder.append("&").append(key).append("=").append(URLEncoder.encode(request.getParameter(key),"utf-8")); + } + } catch (Exception e) { + e.printStackTrace(); + } + return builder.toString(); + } + private boolean needFilter(HttpServletRequest request) { + String requestURI = request.getRequestURI(); + String ticket = request.getParameter("sign"); + if (StringUtils.isNotBlank(requestURI) && request.getMethod().equals("GET") && StringUtils.isNotBlank(ticket)) { + if (requestURI.endsWith("decision") || requestURI.endsWith("decision/")) { + return true; + } + if (requestURI.endsWith("/url/patch/web/page")) { + return true; + } + if (requestURI.endsWith("/view/form") || requestURI.endsWith("/view/report")) { + if (StringUtils.isNotBlank(request.getParameter("viewlet"))) { + return true; + } + } + if (requestURI.contains("/v10/entry/access/") && request.getMethod().equals("GET")) { + return true; + } + if (requestURI.contains("/v5/design/report") && (requestURI.endsWith("/edit") || requestURI.endsWith("/view"))) { + return true; + } + } + return false; + } + + private void sendRedirect(HttpServletResponse res, String url) { + res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + res.setHeader("Location", url); + } + + private void delLoginOut(HttpServletRequest req, HttpServletResponse res) { + try { + //执行帆软内部的退出 + LoginService.getInstance().logout(req, res); + JSONObject jsonObject = new JSONObject(); + jsonObject.put("data", "login"); + //调用外部接口注销accessToken + WebUtils.printAsJSON(res, jsonObject); + } catch (Exception e) { + } + } + + private boolean isLogOut(HttpServletRequest req) { + String url = WebUtils.getOriginalURL(req); + String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName() + "/logout"; + return url.contains(servletNamePrefix) && req.getMethod().equals("POST"); + } + + private void login(HttpServletRequest req, HttpServletResponse res, String username) { + String token = null; + try { + token = LoginService.getInstance().login(req, res, username); + req.setAttribute("fine_auth_token", token); + } catch (Exception e) { + FineLoggerFactory.getLogger().error(e.getMessage(), e); + FineLoggerFactory.getLogger().error("login failed"); + } + FineLoggerFactory.getLogger().error("login success"); + } + + private boolean isLogin(HttpServletRequest request) { + String oldToken = TokenResource.COOKIE.getToken(request); + return oldToken != null && checkTokenValid(request, (String) oldToken); + } + + private boolean checkTokenValid(HttpServletRequest req, String token) { + try { + Device device = NetworkHelper.getDevice(req); + LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); + return true; + } catch (Exception ignore) { + } + return false; + } + + private static void setCookie(HttpServletResponse response, String name, String value) { + Cookie cookie = new Cookie(name, value); + cookie.setPath("/"); + response.addCookie(cookie); + } + +}