open

README.md

@@ -0,0 +1,6 @@
+# open-JSD-10342
+ 
+JSD-10342 单点集成\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系【pioneer】处理。

plugin.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<plugin>
+    <id>com.eco.plugin.xx.login.kyjd</id>
+    <name><![CDATA[单点]]></name>
+    <active>yes</active>
+    <version>1.0.0</version>
+    <env-version>10.0</env-version>
+    <jartime>2021-02-10</jartime>
+    <vendor>fr.open</vendor>
+    <main-package>com.fr.plugin</main-package>
+    <!--用来记录这个任务的创建时间-->
+    <description><![CDATA[
+
+        ]]></description>
+    <!--任务ID: 10342-->
+    <create-day>2022-6-4 22:26:00</create-day>
+        <extra-decision>
+            <GlobalRequestFilterProvider  class="com.fr.plugin.filter.KYJDDecision1Filter"/>
+        </extra-decision>
+    <lifecycle-monitor class="com.fr.plugin.KYJDLifeCycleMonitor"/>
+    <function-recorder class="com.fr.plugin.FunctionRecoder"/>
+</plugin>

src/main/java/com/fr/plugin/FunctionRecoder.java

@@ -0,0 +1,12 @@
+package com.fr.plugin;
+
+import com.fr.plugin.transform.ExecuteFunctionRecord;
+import com.fr.plugin.transform.FunctionRecorder;
+
+@FunctionRecorder
+public class FunctionRecoder {
+    @ExecuteFunctionRecord
+    public void exe(){
+        System.out.println("插件功能埋点，虽然不会执行，除非上架应用");
+    }
+}

src/main/java/com/fr/plugin/JwtUtil.java

@@ -0,0 +1,100 @@
+package com.fr.plugin;
+
+
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+
+import java.util.Date;
+
+/**
+ * 客户提供的类未做修改
+ * 
+ *
+ * @author zst
+ * @date 2022-06-02
+ */
+public class JwtUtil {
+    //JWT密钥
+    public static final String JWT_SECRET = "xx";
+
+    /**
+     * 验证token是否失效
+     *
+     * @param token
+     * @param secret
+     * @return true:过期 false:没过期
+     */
+    public static boolean isTokenExpired(String token, String secret) {
+        Date expiration = getExpirationDateFromToken(token, secret);
+        return expiration.before(new Date());
+    }
+
+    /**
+     * 从token中获取用户id
+     *
+     * @param token
+     * @param secret
+     * @return
+     */
+    public static String getUserIdFromToken(String token, String secret) {
+        return getClaimFromToken(token, secret).getSubject();
+    }
+
+    /**
+     * 获取token发布时间
+     *
+     * @param token
+     * @param secret
+     * @return
+     */
+    public static Date getIssuedAtDateFromToken(String token, String secret) {
+        return getClaimFromToken(token, secret).getIssuedAt();
+    }
+
+    /**
+     * 获取token失效时间
+     *
+     * @param token
+     * @param secret
+     * @return
+     */
+    public static Date getExpirationDateFromToken(String token, String secret) {
+        return getClaimFromToken(token, secret).getExpiration();
+    }
+
+    /**
+     * 获取token接收者
+     *
+     * @param token
+     * @param secret
+     * @return
+     */
+    public static String getAudienceFromToken(String token, String secret) {
+        return getClaimFromToken(token, secret).getAudience();
+    }
+
+    /**
+     * 获取私有claim
+     *
+     * @param token
+     * @param key
+     * @param secret
+     * @return
+     */
+    public static String getPrivateClaimFromToken(String token, String key, String secret) {
+        return getClaimFromToken(token, secret).get(key).toString();
+    }
+
+    /**
+     * 获取jwt的payload部分
+     *
+     * @param token
+     * @param secret
+     * @return
+     */
+    private static Claims getClaimFromToken(String token, String secret) {
+        return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+    }
+
+
+}

src/main/java/com/fr/plugin/KYJDLifeCycleMonitor.java

@@ -0,0 +1,17 @@
+package com.fr.plugin;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+import com.fr.stable.fun.Authorize;
+
+@Authorize
+public class KYJDLifeCycleMonitor extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun(PluginContext pluginContext) {
+    }
+
+    @Override
+    public void beforeStop(PluginContext pluginContext) {
+
+    }
+}

src/main/java/com/fr/plugin/filter/KYJDDecision1Filter.java

@@ -0,0 +1,172 @@
+package com.fr.plugin.filter;
+
+import com.fanruan.api.log.LogKit;
+import com.fr.base.ServerConfig;
+import com.fr.data.NetworkHelper;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.decision.mobile.terminal.TerminalHandler;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.JwtUtil;
+import com.fr.stable.StringUtils;
+import com.fr.stable.web.Device;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.net.URLEncoder;
+import java.util.Enumeration;
+
+public class KYJDDecision1Filter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "KYJDDecision1Filter";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{
+                "/decision",
+        };
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        super.init(filterConfig);
+    }
+
+    @Override
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) {
+        try {
+            String ucToken = req.getParameter("uc_token");
+            if (req.getMethod().equals("GET")&& StringUtils.isNotBlank(ucToken)) {
+                String userIdFromToken = JwtUtil.getUserIdFromToken(ucToken, JwtUtil.JWT_SECRET);
+                User user = UserService.getInstance().getUserByUserName(userIdFromToken);
+                if (user == null) {
+                    LogKit.error("解析的用户给在系统中未查到:{}",userIdFromToken);
+                }else{
+                    String url = getUrl(req);
+                    LogKit.info("解析JWT成功，用户信息：{} 跳转去:{} ",user.toString(),url);
+                    login(req,res,userIdFromToken);
+                    sendRedirect(res,url);
+                    return;
+                }
+            }
+            filterChain.doFilter(req, res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error(e.getMessage(), e);
+        }
+    }
+
+    private String getUrl(HttpServletRequest request) {
+        StringBuilder builder=new StringBuilder( );
+
+        String url = "/";
+        try {
+            url = request.getScheme()+"://" + request.getServerName()//服务器地址
+                    + ":"
+                    + request.getServerPort() + request.getRequestURI();
+            builder.append(url);
+            Enumeration<String> parameterNames = request.getParameterNames();
+            builder.append("?ttt=1");
+            while (parameterNames.hasMoreElements()) {
+                String key = parameterNames.nextElement();
+                if(StringUtils.equals(key,"uc_token")){
+                    continue;
+                }
+                builder.append("&").append(key).append("=").append(URLEncoder.encode(request.getParameter(key),"utf-8"));
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return builder.toString();
+    }
+    private boolean needFilter(HttpServletRequest request) {
+        String requestURI = request.getRequestURI();
+        String ticket = request.getParameter("sign");
+        if (StringUtils.isNotBlank(requestURI) && request.getMethod().equals("GET") && StringUtils.isNotBlank(ticket)) {
+            if (requestURI.endsWith("decision") || requestURI.endsWith("decision/")) {
+                return true;
+            }
+            if (requestURI.endsWith("/url/patch/web/page")) {
+                return true;
+            }
+            if (requestURI.endsWith("/view/form") || requestURI.endsWith("/view/report")) {
+                if (StringUtils.isNotBlank(request.getParameter("viewlet"))) {
+                    return true;
+                }
+            }
+            if (requestURI.contains("/v10/entry/access/") && request.getMethod().equals("GET")) {
+                return true;
+            }
+            if (requestURI.contains("/v5/design/report") && (requestURI.endsWith("/edit") || requestURI.endsWith("/view"))) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    private void sendRedirect(HttpServletResponse res, String url) {
+        res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+        res.setHeader("Location", url);
+    }
+
+    private void delLoginOut(HttpServletRequest req, HttpServletResponse res) {
+        try {
+            //执行帆软内部的退出
+            LoginService.getInstance().logout(req, res);
+            JSONObject jsonObject = new JSONObject();
+            jsonObject.put("data", "login");
+            //调用外部接口注销accessToken
+            WebUtils.printAsJSON(res, jsonObject);
+        } catch (Exception e) {
+        }
+    }
+
+    private boolean isLogOut(HttpServletRequest req) {
+        String url = WebUtils.getOriginalURL(req);
+        String servletNamePrefix = "/" + ServerConfig.getInstance().getServletName() + "/logout";
+        return url.contains(servletNamePrefix) && req.getMethod().equals("POST");
+    }
+
+    private void login(HttpServletRequest req, HttpServletResponse res, String username) {
+        String token = null;
+        try {
+            token = LoginService.getInstance().login(req, res, username);
+            req.setAttribute("fine_auth_token", token);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error(e.getMessage(), e);
+            FineLoggerFactory.getLogger().error("login failed");
+        }
+        FineLoggerFactory.getLogger().error("login success");
+    }
+
+    private boolean isLogin(HttpServletRequest request) {
+        String oldToken = TokenResource.COOKIE.getToken(request);
+        return oldToken != null && checkTokenValid(request, (String) oldToken);
+    }
+
+    private boolean checkTokenValid(HttpServletRequest req, String token) {
+        try {
+            Device device = NetworkHelper.getDevice(req);
+            LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
+            return true;
+        } catch (Exception ignore) {
+        }
+        return false;
+    }
+
+    private static void setCookie(HttpServletResponse response, String name, String value) {
+        Cookie cookie = new Cookie(name, value);
+        cookie.setPath("/");
+        response.addCookie(cookie);
+    }
+
+}