open-JSD-9179/src/main/java/com/fr/plugin/http/handler/ALLAuthcallbak1Handler.java

package com.fr.plugin.http.handler;

import com.alibaba.fastjson.JSON;
import com.banboocloud.Codec.BamboocloudFacade;
import com.fanruan.api.log.LogKit;
import com.fanruan.api.net.http.HttpKit;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.SYNCConfig;
import com.fr.plugin.utils.BamboocloudUtils;
import com.fr.plugin.utils.HttpApi;
import com.fr.stable.StringUtils;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

public class ALLAuthcallbak1Handler extends BaseHttpHandler {
    @Override
    public RequestMethod getMethod() {
        return null;
    }

    @Override
    public String getPath() {
        return "/authcallbak";
    }

    @Override
    public boolean isPublic() {
        return true;
    }

    @Override
    public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
        String code = req.getParameter("code");
        SYNCConfig syncConfig = SYNCConfig.getInstance();
        if (StringUtils.isBlank(code)) {
            String goAuth = String.format("%s/idp/oauth2/authorize?client_id=%s&redirect_uri=%s&response_type=code&state=123",syncConfig.getApiUrl(),syncConfig.getClientId(),syncConfig.getFrUrl()+"/url/authcallbak");
            sendRedirect(res,goAuth);
            return;
        }
        String accessToken = getTokenByCode(code);
        String loginName = getUserInfoByAccessToken(accessToken);
        User userByUserName = UserService.getInstance().getUserByUserName(loginName);
        if (userByUserName == null) {
            WebUtils.printAsString(res, loginName + "用户不存在，请联系管理员");
            return;
        }
        login(req, res, loginName);
        sendRedirect(res, syncConfig.getFrUrl());
        LogKit.info("登录成功：{}",loginName);
    }


    private void sendRedirect(HttpServletResponse res, String url) {
        res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
        res.setHeader("Location", url);
    }


    private void login(HttpServletRequest req, HttpServletResponse res, String username) {
        String token = null;
        try {
            token = LoginService.getInstance().login(req, res, username);
            req.setAttribute("fine_auth_token", token);
        } catch (Exception e) {
        }
    }
    private String getUserInfoByAccessToken(String code) throws IOException {
        SYNCConfig syncConfig = SYNCConfig.getInstance();
        String url = String.format("%s/idp/oauth2/getUserInfo?client_id=%s&access_token=%s", syncConfig.getApiUrl(), syncConfig.getClientId(), code);
//        Map<String, String> entries = new HashMap<>();
//        entries.put("client_id", syncConfig.getClientId());
//        entries.put("access_token", code);
        String respJson = HttpApi.httpsGet(url);
        FineLoggerFactory.getLogger().info("getUserInfoByAccessToken：{}", respJson);
        JSONObject resp = new JSONObject(respJson);
        return resp.getString("loginName");
    }

    private String getTokenByCode(String code) {
        SYNCConfig syncConfig = SYNCConfig.getInstance();
        String url = String.format("%s/idp/oauth2/getToken?client_id=%s&client_secret=%s&grant_type=authorization_code&code=%s", syncConfig.getApiUrl(), syncConfig.getClientId(), syncConfig.getClientSecret(), code);
        JSONObject entries = new JSONObject();
        entries.put("client_id", syncConfig.getClientId());
        entries.put("client_secret", syncConfig.getClientSecret());
        entries.put("grant_type", "authorization_code");
        entries.put("code", code);
        String respJson = HttpApi.sendJsonPost(url, entries, "UTF-8");
        FineLoggerFactory.getLogger().info("url:{} getTokenByCode respJson:{}",url, respJson);
        JSONObject resp = new JSONObject(respJson);
        return resp.getString("access_token");
    }
}