open

2 years ago · 038246f732
7 changed files with 369 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,6 @@
+# open-JSD-10371
+ 
+JSD-10371 单点集成，用户集成\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系【pioneer】处理。
--- a/plugin.xml
+++ b/plugin.xml
@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<plugin>
+    <id>com.fr.plugin.jsd3449.auth</id>
+    <name><![CDATA[jsd3449单点登陆]]></name>
+    <active>yes</active>
+    <version>1.1.2</version>
+    <env-version>11.0</env-version>
+    <jartime>2018-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[jsd3449单点登陆]]></description>
+    <change-notes><![CDATA[
+        jsd3449单点登录
+    ]]></change-notes>
+    <main-package>com.fr.plugin.jsd3449</main-package>
+    <extra-core>
+        <LocaleFinder class="com.fr.plugin.jsd3449.LocaleFinder"/>
+    </extra-core>
+    <extra-decision>
+        <GlobalRequestFilterProvider class="com.fr.plugin.jsd3449.request.GlobalRequestFilterBridge"/>
+    </extra-decision>
+    <function-recorder class="com.fr.plugin.jsd3449.request.GlobalRequestFilterBridge"/>
+</plugin>
--- a/src/main/java/com/fr/plugin/jsd3449/ConfigJsd3449.java
+++ b/src/main/java/com/fr/plugin/jsd3449/ConfigJsd3449.java
@ -0,0 +1,79 @@
+
+package com.fr.plugin.jsd3449;
+
+import com.fr.config.ConfigContext;
+import com.fr.config.Identifier;
+import com.fr.config.Status;
+import com.fr.config.Visualization;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+import com.fr.file.XMLFileManager;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.stable.xml.XMLPrintWriter;
+import com.fr.stable.xml.XMLableReader;
+
+/**
+ * 〈Function Description〉<br> 
+ * 〈ConfigJsd3449〉
+ *
+ * @author xx
+ * @since 1.0.0
+ */
+@Visualization(category = "Plugin-jsd3449_Group")
+public class ConfigJsd3449 extends XMLFileManager {
+
+    public static final String XML_TAG = "";
+
+    public static final String PLUGIN_ID = "com.fr.plugin.jsd3449.auth";
+    public static final String DEFAULT_LOGIN_URL = "https://xx/login";
+    public static final String DEFAULT_TOKEN_URL = "https://xx/serviceValidate";
+    
+
+    private static volatile ConfigJsd3449 config = null;
+
+    @Focus(id = PLUGIN_ID, text = "Plugin-jsd3449", source = Original.PLUGIN)
+    public static ConfigJsd3449 getInstance(){
+        if (config == null){
+            config = ConfigContext.getConfigInstance(ConfigJsd3449.class);
+            config.readXMLFile();
+        }
+        return config;
+    }
+
+    @Identifier(value = "loginUrl", name = "Plugin-Jsd3449_Config_LoginUrl", description = "Plugin-Jsd3449_Config_LoginUrl_Description", status = Status.SHOW)
+    private Conf<String> loginUrl = Holders.simple(DEFAULT_LOGIN_URL);
+
+    @Identifier(value = "tokenUrl", name = "Plugin-Jsd3449_Config_TokenUrl", description = "Plugin-Jsd3449_Config_TokenUrl_Description", status = Status.SHOW)
+    private Conf<String> tokenUrl = Holders.simple(DEFAULT_TOKEN_URL);
+
+    @Override
+    public String fileName() {
+        return ConfigJsd3449.XML_TAG + ".xml";
+    }
+
+
+    @Override
+    public void readXML(XMLableReader xmLableReader) {
+    }
+
+    @Override
+    public void writeXML(XMLPrintWriter xmlPrintWriter) {
+    }
+
+    public String getLoginUrl() {
+        return loginUrl.get();
+    }
+
+    public void setLoginUrl(String loginUrl) {
+        this.loginUrl.set(loginUrl);
+    }
+
+    public String getTokenUrl() {
+        return tokenUrl.get();
+    }
+
+    public void setTokenUrl(String tokenUrl) {
+        this.tokenUrl.set(tokenUrl);
+    }
+}
--- a/src/main/java/com/fr/plugin/jsd3449/LocaleFinder.java
+++ b/src/main/java/com/fr/plugin/jsd3449/LocaleFinder.java
@ -0,0 +1,23 @@
+
+package com.fr.plugin.jsd3449;
+
+import com.fr.stable.fun.impl.AbstractLocaleFinder;
+
+/**
+ * 〈Function Description〉<br> 
+ * 〈LocaleFinder〉
+ *
+ * @author xx
+ * @since 1.0.0
+ */
+public class LocaleFinder extends AbstractLocaleFinder {
+    @Override
+    public String find() {
+        return "com/fr/plugin/jsd3449/locale/lang";
+    }
+
+    @Override
+    public int currentAPILevel() {
+        return CURRENT_LEVEL;
+    }
+}
--- a/src/main/java/com/fr/plugin/jsd3449/request/GlobalRequestFilterBridge.java
+++ b/src/main/java/com/fr/plugin/jsd3449/request/GlobalRequestFilterBridge.java
@ -0,0 +1,227 @@
+
+package com.fr.plugin.jsd3449.request;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.decision.webservice.bean.authentication.LoginClientBean;
+import com.fr.decision.webservice.exception.user.UserNotExistException;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.TokenResource;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.general.ComparatorUtils;
+import com.fr.general.http.HttpToolbox;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.plugin.jsd3449.ConfigJsd3449;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.third.org.apache.commons.lang3.StringUtils;
+import com.fr.third.org.apache.http.client.utils.URIBuilder;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.RequestDispatcher;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * 〈Function Description〉<br>
+ * 〈GlobalRequestFilterBridge〉
+ *
+ * @author xx
+ * @since 1.0.0
+ */
+@EnableMetrics
+public class GlobalRequestFilterBridge extends AbstractGlobalRequestFilterProvider {
+
+    public static final String REMOTE_DESIGN = "/remote/design";
+    public static final String TOKEN = "ticket";
+    private static final String RESOURCES_PATH = "/resources";
+    private static final String VIEW_FORM = "/view/form";
+    private static final String FILE_PATH = "/file";
+
+    private ConfigJsd3449 configJsd3449;
+
+    /**
+     * 过滤器名称
+     *
+     * @return
+     */
+    @Override
+    public String filterName() {
+        return "jsd3449Filter";
+    }
+
+    /**
+     * 过滤规则
+     *
+     * @return
+     */
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/decision2/*"};
+    }
+
+    /**
+     * 过滤器处理
+     *
+     * @param req
+     * @param res
+     * @param filterChain
+     */
+    @Override
+    @Focus(id = ConfigJsd3449.PLUGIN_ID, text = "", source = Original.PLUGIN)
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) {
+        try {
+            if (operation(req, res)) {
+                String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : "";
+                RequestDispatcher requestDispatcher = req.getRequestDispatcher("/decision" + pathInfo);
+                requestDispatcher.forward(req, res);
+//                filterChain.doFilter(req, res);
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error(e.getMessage(), e);
+        }
+    }
+
+    /**
+     * 用户验证登陆操作
+     *
+     * @param req
+     * @param res
+     * @throws Exception
+     */
+    private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception {
+        String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : "";
+        FineLoggerFactory.getLogger().info("JSD3449-operation-pathInfo:{}", pathInfo);
+        if (pathInfo.startsWith(REMOTE_DESIGN)
+                || ComparatorUtils.equals("/login", pathInfo)
+                || ComparatorUtils.equals("/login/cross/domain", pathInfo)
+        ) {
+            return true;
+        } else if (isLogin(req) || pathInfo.startsWith(RESOURCES_PATH)
+                || pathInfo.startsWith(VIEW_FORM)
+                || pathInfo.startsWith(FILE_PATH)
+        ) {
+            return true;
+        }
+        String token = WebUtils.getHTTPRequestParameter(req, TOKEN);
+        FineLoggerFactory.getLogger().info("JSD3449-operation-token:{}", token);
+        if (StringUtils.isEmpty(token)) {
+            redirectToLoginPage(req, res);
+            return false;
+        }
+        String result = validateToken(req.getRequestURL().toString(), token);
+        FineLoggerFactory.getLogger().info("JSD3449-operation-result:{}", result);
+        String loginUser = getLoginUser(result);
+        if (StringUtils.isEmpty(loginUser)) {
+            redirectToLoginPage(req, res);
+            return false;
+        }
+        login(req, res, loginUser);
+        return true;
+    }
+
+    /**
+     * 过滤器初始化
+     *
+     * @param filterConfig
+     */
+    @Override
+    public void init(FilterConfig filterConfig) {
+        this.configJsd3449 = ConfigJsd3449.getInstance();
+        FineLoggerFactory.getLogger().info("JSD3449-configJsd3449-loginUrl:{}", this.configJsd3449.getLoginUrl());
+        FineLoggerFactory.getLogger().info("JSD3449-configJsd3449-tokenUrl:{}", this.configJsd3449.getTokenUrl());
+        super.init(filterConfig);
+    }
+
+    /**
+     * 获得CAS登陆地址
+     *
+     * @param req
+     * @param res
+     * @return
+     * @throws Exception
+     */
+    private void redirectToLoginPage(HttpServletRequest req, HttpServletResponse res) throws Exception {
+        URIBuilder uriBuilder = new URIBuilder(this.configJsd3449.getLoginUrl());
+        uriBuilder.addParameter("service", req.getRequestURL().toString());
+        FineLoggerFactory.getLogger().info("JSD3449-redirectToLoginPage-url:{}", uriBuilder.build().toString());
+        res.sendRedirect(uriBuilder.build().toString());
+    }
+
+    /**
+     * 获得CAS验证ticket地址
+     *
+     * @param url 原访问url
+     * @return
+     * @throws Exception
+     */
+    private String validateToken(String url, String token) throws Exception {
+        Map<String, String> params = new HashMap<String, String>();
+        params.put("service", url);
+        params.put(TOKEN, token);
+        params.put("format", "JSON");
+        return HttpToolbox.get(this.configJsd3449.getTokenUrl(), params);
+    }
+
+    /**
+     * Post结果获得用户名
+     *
+     * @param result
+     * @return
+     */
+    private String getLoginUser(String result) {
+        if (StringUtils.isEmpty(result)) {
+            return StringUtils.EMPTY;
+        }
+        JSONObject resultJSON = new JSONObject(result);
+        if (!resultJSON.has("serviceResponse")) {
+            return StringUtils.EMPTY;
+        }
+        if (!resultJSON.getJSONObject("serviceResponse").has("authenticationSuccess")) {
+            return StringUtils.EMPTY;
+        }
+        return resultJSON.getJSONObject("serviceResponse").getJSONObject("authenticationSuccess").getJSONObject("attributes").getString("gid");
+    }
+
+    /**
+     * 判断是否已登录
+     *
+     * @param request
+     * @return
+     */
+    private boolean isLogin(HttpServletRequest request) {
+        try {
+            String oldToken = TokenResource.COOKIE.getToken(request);
+            LoginClientBean loginClientBean = LoginService.getInstance().loginStatusValid(oldToken, null);
+            if (loginClientBean != null) {
+                return true;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error(e.getMessage(), e);
+        }
+        return false;
+    }
+
+    /**
+     * 后台登录方法
+     */
+    private void login(HttpServletRequest req, HttpServletResponse res, String userName) throws Exception {
+        if (StringUtils.isNotEmpty(userName)) {
+            FineLoggerFactory.getLogger().info("JSD3449-current username:" + userName);
+            User user = UserService.getInstance().getUserByUserName(userName);
+            if (user == null) {
+                FineLoggerFactory.getLogger().info("JSD3449-ERROR: User {} not exist!", userName);
+                throw new UserNotExistException();
+            }
+            String tokenFR = LoginService.getInstance().login(req, res, userName);
+            req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR);
+        }
+    }
+}
--- a/src/main/resources/com/fr/plugin/jsd3449/locale/lang.properties
+++ b/src/main/resources/com/fr/plugin/jsd3449/locale/lang.properties
@ -0,0 +1,6 @@
+Plugin-jsd3449=JSD3449-SSO
+Plugin-jsd3449_Group=JSD3449-SSO
+Plugin-Jsd3449_Config_LoginUrl=Login Url
+Plugin-Jsd3449_Config_LoginUrl_Description=Login Url
+Plugin-Jsd3449_Config_TokenUrl=Token Url
+Plugin-Jsd3449_Config_TokenUrl_Description=Token Url
--- a/src/main/resources/com/fr/plugin/jsd3449/locale/lang_zh_CN.properties
+++ b/src/main/resources/com/fr/plugin/jsd3449/locale/lang_zh_CN.properties
@ -0,0 +1,6 @@
+Plugin-jsd3449=JSD3449-\u5355\u70B9\u767B\u9646
+Plugin-jsd3449_Group=JSD3449-\u5355\u70B9\u767B\u9646
+Plugin-Jsd3449_Config_LoginUrl=CAS\u767B\u9646\u5730\u5740
+Plugin-Jsd3449_Config_LoginUrl_Description=CAS\u767B\u9646\u5730\u5740
+Plugin-Jsd3449_Config_TokenUrl=CAS\u9A8C\u8BC1\u5730\u5740
+Plugin-Jsd3449_Config_TokenUrl_Description=CAS\u9A8C\u8BC1\u5730\u5740