You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
227 lines
7.7 KiB
227 lines
7.7 KiB
|
|
package com.fr.plugin.jsd3449.request; |
|
|
|
import com.fr.decision.authority.data.User; |
|
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
|
import com.fr.decision.webservice.bean.authentication.LoginClientBean; |
|
import com.fr.decision.webservice.exception.user.UserNotExistException; |
|
import com.fr.decision.webservice.utils.DecisionServiceConstants; |
|
import com.fr.decision.webservice.v10.login.LoginService; |
|
import com.fr.decision.webservice.v10.login.TokenResource; |
|
import com.fr.decision.webservice.v10.user.UserService; |
|
import com.fr.general.ComparatorUtils; |
|
import com.fr.general.http.HttpToolbox; |
|
import com.fr.intelli.record.Focus; |
|
import com.fr.intelli.record.Original; |
|
import com.fr.json.JSONObject; |
|
import com.fr.log.FineLoggerFactory; |
|
import com.fr.plugin.jsd3449.ConfigJsd3449; |
|
import com.fr.record.analyzer.EnableMetrics; |
|
import com.fr.third.org.apache.commons.lang3.StringUtils; |
|
import com.fr.third.org.apache.http.client.utils.URIBuilder; |
|
import com.fr.web.utils.WebUtils; |
|
|
|
import javax.servlet.FilterChain; |
|
import javax.servlet.FilterConfig; |
|
import javax.servlet.RequestDispatcher; |
|
import javax.servlet.http.HttpServletRequest; |
|
import javax.servlet.http.HttpServletResponse; |
|
import java.util.HashMap; |
|
import java.util.Map; |
|
|
|
/** |
|
* 〈Function Description〉<br> |
|
* 〈GlobalRequestFilterBridge〉 |
|
* |
|
* @author xx |
|
* @since 1.0.0 |
|
*/ |
|
@EnableMetrics |
|
public class GlobalRequestFilterBridge extends AbstractGlobalRequestFilterProvider { |
|
|
|
public static final String REMOTE_DESIGN = "/remote/design"; |
|
public static final String TOKEN = "ticket"; |
|
private static final String RESOURCES_PATH = "/resources"; |
|
private static final String VIEW_FORM = "/view/form"; |
|
private static final String FILE_PATH = "/file"; |
|
|
|
private ConfigJsd3449 configJsd3449; |
|
|
|
/** |
|
* 过滤器名称 |
|
* |
|
* @return |
|
*/ |
|
@Override |
|
public String filterName() { |
|
return "jsd3449Filter"; |
|
} |
|
|
|
/** |
|
* 过滤规则 |
|
* |
|
* @return |
|
*/ |
|
@Override |
|
public String[] urlPatterns() { |
|
return new String[]{"/decision2/*"}; |
|
} |
|
|
|
/** |
|
* 过滤器处理 |
|
* |
|
* @param req |
|
* @param res |
|
* @param filterChain |
|
*/ |
|
@Override |
|
@Focus(id = ConfigJsd3449.PLUGIN_ID, text = "", source = Original.PLUGIN) |
|
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { |
|
try { |
|
if (operation(req, res)) { |
|
String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : ""; |
|
RequestDispatcher requestDispatcher = req.getRequestDispatcher("/decision" + pathInfo); |
|
requestDispatcher.forward(req, res); |
|
// filterChain.doFilter(req, res); |
|
} |
|
} catch (Exception e) { |
|
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
|
} |
|
} |
|
|
|
/** |
|
* 用户验证登陆操作 |
|
* |
|
* @param req |
|
* @param res |
|
* @throws Exception |
|
*/ |
|
private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception { |
|
String pathInfo = (req.getPathInfo() != null) ? req.getPathInfo() : ""; |
|
FineLoggerFactory.getLogger().info("JSD3449-operation-pathInfo:{}", pathInfo); |
|
if (pathInfo.startsWith(REMOTE_DESIGN) |
|
|| ComparatorUtils.equals("/login", pathInfo) |
|
|| ComparatorUtils.equals("/login/cross/domain", pathInfo) |
|
) { |
|
return true; |
|
} else if (isLogin(req) || pathInfo.startsWith(RESOURCES_PATH) |
|
|| pathInfo.startsWith(VIEW_FORM) |
|
|| pathInfo.startsWith(FILE_PATH) |
|
) { |
|
return true; |
|
} |
|
String token = WebUtils.getHTTPRequestParameter(req, TOKEN); |
|
FineLoggerFactory.getLogger().info("JSD3449-operation-token:{}", token); |
|
if (StringUtils.isEmpty(token)) { |
|
redirectToLoginPage(req, res); |
|
return false; |
|
} |
|
String result = validateToken(req.getRequestURL().toString(), token); |
|
FineLoggerFactory.getLogger().info("JSD3449-operation-result:{}", result); |
|
String loginUser = getLoginUser(result); |
|
if (StringUtils.isEmpty(loginUser)) { |
|
redirectToLoginPage(req, res); |
|
return false; |
|
} |
|
login(req, res, loginUser); |
|
return true; |
|
} |
|
|
|
/** |
|
* 过滤器初始化 |
|
* |
|
* @param filterConfig |
|
*/ |
|
@Override |
|
public void init(FilterConfig filterConfig) { |
|
this.configJsd3449 = ConfigJsd3449.getInstance(); |
|
FineLoggerFactory.getLogger().info("JSD3449-configJsd3449-loginUrl:{}", this.configJsd3449.getLoginUrl()); |
|
FineLoggerFactory.getLogger().info("JSD3449-configJsd3449-tokenUrl:{}", this.configJsd3449.getTokenUrl()); |
|
super.init(filterConfig); |
|
} |
|
|
|
/** |
|
* 获得CAS登陆地址 |
|
* |
|
* @param req |
|
* @param res |
|
* @return |
|
* @throws Exception |
|
*/ |
|
private void redirectToLoginPage(HttpServletRequest req, HttpServletResponse res) throws Exception { |
|
URIBuilder uriBuilder = new URIBuilder(this.configJsd3449.getLoginUrl()); |
|
uriBuilder.addParameter("service", req.getRequestURL().toString()); |
|
FineLoggerFactory.getLogger().info("JSD3449-redirectToLoginPage-url:{}", uriBuilder.build().toString()); |
|
res.sendRedirect(uriBuilder.build().toString()); |
|
} |
|
|
|
/** |
|
* 获得CAS验证ticket地址 |
|
* |
|
* @param url 原访问url |
|
* @return |
|
* @throws Exception |
|
*/ |
|
private String validateToken(String url, String token) throws Exception { |
|
Map<String, String> params = new HashMap<String, String>(); |
|
params.put("service", url); |
|
params.put(TOKEN, token); |
|
params.put("format", "JSON"); |
|
return HttpToolbox.get(this.configJsd3449.getTokenUrl(), params); |
|
} |
|
|
|
/** |
|
* Post结果获得用户名 |
|
* |
|
* @param result |
|
* @return |
|
*/ |
|
private String getLoginUser(String result) { |
|
if (StringUtils.isEmpty(result)) { |
|
return StringUtils.EMPTY; |
|
} |
|
JSONObject resultJSON = new JSONObject(result); |
|
if (!resultJSON.has("serviceResponse")) { |
|
return StringUtils.EMPTY; |
|
} |
|
if (!resultJSON.getJSONObject("serviceResponse").has("authenticationSuccess")) { |
|
return StringUtils.EMPTY; |
|
} |
|
return resultJSON.getJSONObject("serviceResponse").getJSONObject("authenticationSuccess").getJSONObject("attributes").getString("gid"); |
|
} |
|
|
|
/** |
|
* 判断是否已登录 |
|
* |
|
* @param request |
|
* @return |
|
*/ |
|
private boolean isLogin(HttpServletRequest request) { |
|
try { |
|
String oldToken = TokenResource.COOKIE.getToken(request); |
|
LoginClientBean loginClientBean = LoginService.getInstance().loginStatusValid(oldToken, null); |
|
if (loginClientBean != null) { |
|
return true; |
|
} |
|
} catch (Exception e) { |
|
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
|
} |
|
return false; |
|
} |
|
|
|
/** |
|
* 后台登录方法 |
|
*/ |
|
private void login(HttpServletRequest req, HttpServletResponse res, String userName) throws Exception { |
|
if (StringUtils.isNotEmpty(userName)) { |
|
FineLoggerFactory.getLogger().info("JSD3449-current username:" + userName); |
|
User user = UserService.getInstance().getUserByUserName(userName); |
|
if (user == null) { |
|
FineLoggerFactory.getLogger().info("JSD3449-ERROR: User {} not exist!", userName); |
|
throw new UserNotExistException(); |
|
} |
|
String tokenFR = LoginService.getInstance().login(req, res, userName); |
|
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR); |
|
} |
|
} |
|
} |