package com.fr.plugin.http.handler; import com.alibaba.fastjson.JSON; import com.banboocloud.Codec.BamboocloudFacade; import com.fanruan.api.log.LogKit; import com.fanruan.api.net.http.HttpKit; import com.fr.decision.authority.data.User; import com.fr.decision.fun.impl.BaseHttpHandler; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.user.UserService; import com.fr.json.JSONObject; import com.fr.log.FineLoggerFactory; import com.fr.plugin.SYNCConfig; import com.fr.plugin.utils.BamboocloudUtils; import com.fr.plugin.utils.HttpApi; import com.fr.stable.StringUtils; import com.fr.third.springframework.web.bind.annotation.RequestMethod; import com.fr.web.utils.WebUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.HashMap; import java.util.Map; public class ALLAuthcallbak1Handler extends BaseHttpHandler { @Override public RequestMethod getMethod() { return null; } @Override public String getPath() { return "/authcallbak"; } @Override public boolean isPublic() { return true; } @Override public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { String code = req.getParameter("code"); SYNCConfig syncConfig = SYNCConfig.getInstance(); if (StringUtils.isBlank(code)) { String goAuth = String.format("%s/idp/oauth2/authorize?client_id=%s&redirect_uri=%s&response_type=code&state=123",syncConfig.getApiUrl(),syncConfig.getClientId(),syncConfig.getFrUrl()+"/url/authcallbak"); sendRedirect(res,goAuth); return; } String accessToken = getTokenByCode(code); String loginName = getUserInfoByAccessToken(accessToken); User userByUserName = UserService.getInstance().getUserByUserName(loginName); if (userByUserName == null) { WebUtils.printAsString(res, loginName + "用户不存在,请联系管理员"); return; } login(req, res, loginName); sendRedirect(res, syncConfig.getFrUrl()); LogKit.info("登录成功:{}",loginName); } private void sendRedirect(HttpServletResponse res, String url) { res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); res.setHeader("Location", url); } private void login(HttpServletRequest req, HttpServletResponse res, String username) { String token = null; try { token = LoginService.getInstance().login(req, res, username); req.setAttribute("fine_auth_token", token); } catch (Exception e) { } } private String getUserInfoByAccessToken(String code) throws IOException { SYNCConfig syncConfig = SYNCConfig.getInstance(); String url = String.format("%s/idp/oauth2/getUserInfo?client_id=%s&access_token=%s", syncConfig.getApiUrl(), syncConfig.getClientId(), code); // Map entries = new HashMap<>(); // entries.put("client_id", syncConfig.getClientId()); // entries.put("access_token", code); String respJson = HttpApi.httpsGet(url); FineLoggerFactory.getLogger().info("getUserInfoByAccessToken:{}", respJson); JSONObject resp = new JSONObject(respJson); return resp.getString("loginName"); } private String getTokenByCode(String code) { SYNCConfig syncConfig = SYNCConfig.getInstance(); String url = String.format("%s/idp/oauth2/getToken?client_id=%s&client_secret=%s&grant_type=authorization_code&code=%s", syncConfig.getApiUrl(), syncConfig.getClientId(), syncConfig.getClientSecret(), code); JSONObject entries = new JSONObject(); entries.put("client_id", syncConfig.getClientId()); entries.put("client_secret", syncConfig.getClientSecret()); entries.put("grant_type", "authorization_code"); entries.put("code", code); String respJson = HttpApi.sendJsonPost(url, entries, "UTF-8"); FineLoggerFactory.getLogger().info("url:{} getTokenByCode respJson:{}",url, respJson); JSONObject resp = new JSONObject(respJson); return resp.getString("access_token"); } }