pioneer
/
open-JSD-9412
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
342 KiB
Tree: 78df8db495
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '78df8db495'
${ noResults }
open-JSD-9412/src/main/java/com/fr/plugin/jsd9683/filter/Jsd9683Filter.java

374 lines
16 KiB
Raw Normal View History Unescape

open
3 years ago
package com.fr.plugin.jsd9683.filter;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.mobile.terminal.TerminalHandler;
import com.fr.decision.webservice.bean.user.UserBean;
import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.json.JSONObject;
import com.fr.json.JSONParser;
import com.fr.locale.InterProviderFactory;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.jsd9683.conf.Jsd9683ConfigXmlConfigReader;
import com.fr.security.JwtUtils;
import com.fr.security.encryption.transmission.impl.AESTransmissionEncryption;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import com.fr.stable.web.SessionProvider;
import com.fr.third.alibaba.druid.support.json.JSONUtils;
import com.fr.util.TemplateParser;
import com.fr.web.core.SessionPoolManager;
import com.fr.web.core.WidgetSessionIDInfor;
import javax.net.ssl.HttpsURLConnection;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.security.cert.CertificateException;
import java.util.Map;
import javax.net.ssl.*;
import com.fr.web.utils.WebUtils;
import org.jasig.cas.client.validation.Assertion;
public class Jsd9683Filter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "Jsd9683Filter";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/decision/view/report/*",
};
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse res, FilterChain filterChain) {
String uri = request.getRequestURI();
String reqUrl = request.getRequestURL().toString();
String ticket = WebUtils.getHTTPRequestParameter(request, "ticket");
FineLoggerFactory.getLogger().info("Jsd9683Filter ===============================req coming:" + uri);
FineLoggerFactory.getLogger().info("===============================req coming:" + reqUrl);
FineLoggerFactory.getLogger().info("===============================[ticket]:" + ticket);
if (StringUtils.isNotEmpty(ticket)) {
FineLoggerFactory.getLogger().info("===============================只有ticket有值才处理" );
String queryString = request.getQueryString();
String http = "http";
if (reqUrl.indexOf("https") != -1) {
http = "https";
}
reqUrl = reqUrl.replace(uri, "");
if (reqUrl.indexOf(":") == -1) {
reqUrl = reqUrl + ":" + request.getLocalPort() + uri + "?" + queryString;
} else {
reqUrl = reqUrl + uri + "?" + queryString;
}
// if(reqUrl.indexOf("?ticket") != -1){
// reqUrl = reqUrl.replace("?ticket","&ticket");
// }
String proxyValidate = Jsd9683ConfigXmlConfigReader.CAS_VALIDATE_URL + "?service=" + reqUrl;
FineLoggerFactory.getLogger().info("================ sendRedirect url:" + proxyValidate);
String result = doHttpReq(proxyValidate, "GET");
FineLoggerFactory.getLogger().info("sendRedirect url result is :" + result);
if (result.indexOf("authenticationSuccess") != -1) {
String beginTag = "<cas:user>";
String endTag = "</cas:user>";
int beginIndex = result.indexOf(beginTag) + beginTag.length();
int endIndex = result.indexOf(endTag);
String userName = result.substring(beginIndex, endIndex);
beginTag = "<cas:sid>";
endTag = "</cas:sid>";
beginIndex = result.indexOf(beginTag) + beginTag.length();
endIndex = result.indexOf(endTag);
String sid = result.substring(beginIndex, endIndex);
beginTag = "<cas:orgCode>";
endTag = "</cas:orgCode>";
beginIndex = result.indexOf(beginTag) + beginTag.length();
endIndex = result.indexOf(endTag);
String orgCode = result.substring(beginIndex, endIndex);
FineLoggerFactory.getLogger().info("================ userName:" + userName + ",sid:" + sid + ",orgCode:" + orgCode);
String fineUserName = orgCode + "_" + userName;
String templateId = getTemplateId(request);
FineLoggerFactory.getLogger().info("templateId:" + templateId);
if (StringUtils.isNotEmpty(templateId)) {
String parentSessionId = getParentSeeesionFromSession(request);
FineLoggerFactory.getLogger().info("parentSessionId:" + parentSessionId);
if (StringUtils.isNotEmpty(parentSessionId)) {
FineLoggerFactory.getLogger().info("child link template....");
//ReportSessionIDInfor,FormSessionIDInfor
templateId = "";
WidgetSessionIDInfor objSession = SessionPoolManager.getSessionIDInfor(parentSessionId, WidgetSessionIDInfor.class);
if (objSession != null) {
String parentPath = objSession.getRelativePath();
FineLoggerFactory.getLogger().info("child link template is ok....:" + parentPath);
templateId = parentPath;
}
}
FineLoggerFactory.getLogger().info("templateId:" + templateId);
if (StringUtils.isNotEmpty(templateId)) {
//去远程看有权限没,y有就继续走,
FineLoggerFactory.getLogger().info("===========role validatee url:" + Jsd9683ConfigXmlConfigReader.ROLE_VALIDATE_URL);
JSONObject jsonObj = new JSONObject();
jsonObj.put("org_code", orgCode);
jsonObj.put("account", userName);
jsonObj.put("report_code", templateId);
jsonObj.put("root_report_code", templateId);
jsonObj.put("params", new JSONObject());
String jsonData = jsonObj.toString();
FineLoggerFactory.getLogger().info("===========role validatee param:" + jsonData);
String roleResult = doPostHttpReq(Jsd9683ConfigXmlConfigReader.ROLE_VALIDATE_URL, jsonData);
FineLoggerFactory.getLogger().info("===========role validatee roleResult:" + roleResult);
if (roleResult.indexOf("true") != -1) {
try {
User user = UserService.getInstance().getUserByUserName(fineUserName);
if (user == null) {
UserBean userBean = new UserBean();
userBean.setRealName(fineUserName);
userBean.setUsername(fineUserName);
userBean.setPassword(AESTransmissionEncryption.getInstance().encrypt("123456"));
userBean.setEmail("");
userBean.setMobile("");
userBean.setRoleIds(new String[]{});
userBean.setCreationType(0);
userBean.setEnable(true);
userBean.setDepartmentPostIds(new ArrayList<>());
userBean.setExtraAttribute(new HashMap<>());
UserService.getInstance().addUser(userBean);
FineLoggerFactory.getLogger().info("add user:" + fineUserName);
}
} catch (Exception e) {
e.printStackTrace();
}
HttpSession session = request.getSession(true);
try {
FineLoggerFactory.getLogger().info("begin login...");
login(request, res, session, fineUserName);
} catch (Exception e) {
e.printStackTrace();
}
try {
filterChain.doFilter(request, res);
} catch (IOException e) {
e.printStackTrace();
} catch (ServletException e) {
e.printStackTrace();
}
} else {
FineLoggerFactory.getLogger().info("无权限访问");
try {
FineLoggerFactory.getLogger().info("到无权限界面去了");
PrintWriter printWriter = null;
printWriter = WebUtils.createPrintWriter(res);
Map<String, Object> map = new HashMap<>();
map.put("result", InterProviderFactory.getProvider().getLocText("Fine-Engine_Error_Page_Result"));
map.put("reason", "您没有权限访问该报表页面");
map.put("solution", InterProviderFactory.getProvider().getLocText("Fine-Engine_Please_Contact_Platform_Admin"));
String page = WebServiceUtils.parseWebPageResourceSafe("com/fr/plugin/jsd9683/jscss/unavaliable.html", map);
printWriter.write(page);
printWriter.flush();
printWriter.close();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
} else {
try {
FineLoggerFactory.getLogger().info("===================== error:go on");
filterChain.doFilter(request, res);
} catch (IOException e) {
FineLoggerFactory.getLogger().info("===================== error:" + e.toString());
e.printStackTrace();
} catch (ServletException e) {
e.printStackTrace();
FineLoggerFactory.getLogger().info("===================== error:" + e.toString());
}
}
}
} else {
try {
FineLoggerFactory.getLogger().info("===================== normal:go on");
filterChain.doFilter(request, res);
} catch (IOException e) {
FineLoggerFactory.getLogger().info("===================== error:" + e.toString());
e.printStackTrace();
} catch (ServletException e) {
e.printStackTrace();
FineLoggerFactory.getLogger().info("===================== error:" + e.toString());
}
}
}
private String doHttpReq(String reqUrl, String methord) {
HttpURLConnection con = null;
BufferedReader buffer = null;
StringBuffer resultBuffer = null;
String result = "";
try {
URL url = new URL(reqUrl);
con = (HttpURLConnection) url.openConnection();
con.setRequestMethod(methord);
//con.setRequestProperty("Content-Type", "application/json;charset=GBK");
con.setDoOutput(true);
con.setDoInput(true);
con.setUseCaches(false);
int responseCode = con.getResponseCode();
FineLoggerFactory.getLogger().info("sendRedirect responseCode:" + responseCode);
if (responseCode == HttpURLConnection.HTTP_OK) {
InputStream inputStream = con.getInputStream();
resultBuffer = new StringBuffer();
String line;
buffer = new BufferedReader(new InputStreamReader(inputStream, "GBK"));
while ((line = buffer.readLine()) != null) {
resultBuffer.append(line);
}
result = resultBuffer.toString();
}
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
private String doPostHttpReq(String reqUrl, String jsonData) {
HttpURLConnection con = null;
BufferedReader buffer = null;
StringBuffer resultBuffer = null;
String result = "";
try {
URL url = new URL(reqUrl);
// 得到连接对象
con = (HttpURLConnection) url.openConnection();
// 设置请求类型
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json;charset=utf-8");
con.setDoOutput(true);
con.setDoInput(true);
con.setUseCaches(false);
con.connect();
String body = jsonData;
BufferedWriter writer = new BufferedWriter(new OutputStreamWriter(con.getOutputStream(), "UTF-8"));
writer.write(body);
writer.close();
int responseCode = con.getResponseCode();
FineLoggerFactory.getLogger().info("sendRedirect responseCode:" + responseCode);
if (responseCode == HttpURLConnection.HTTP_OK) {
InputStream inputStream = con.getInputStream();
resultBuffer = new StringBuffer();
String line;
buffer = new BufferedReader(new InputStreamReader(inputStream, "GBK"));
while ((line = buffer.readLine()) != null) {
resultBuffer.append(line);
}
result = resultBuffer.toString();
}
} catch (Exception e) {
e.printStackTrace();
}
return result;
}
private void login(HttpServletRequest req, HttpServletResponse res, HttpSession session, String username) throws Exception {
// String token = LoginService.getInstance().login(req, res, username);
// req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
// FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username);
}
private static String getParentSeeesionFromSession(HttpServletRequest request) {
return NetworkHelper.getHTTPRequestParameter(request, "parentSeeesion");
}
public String getTemplateId(HttpServletRequest request) {
return TemplateParser.analyzeTemplateID(request);
}
private static String getHyperLinkTemplateIdFromSession(HttpServletRequest request) {
SessionProvider session = getSessionFromRequest(request);
return session != null ? session.getRelativePath() : "";
}
private static SessionProvider getSessionFromRequest(HttpServletRequest request) {
try {
String sessionId = NetworkHelper.getHTTPRequestParameter(request, "sessionID");
if (StringUtils.isNotEmpty(sessionId)) {
return SessionPoolManager.getSessionIDInfor(sessionId, SessionProvider.class);
}
} catch (Exception var2) {
FineLoggerFactory.getLogger().error(var2.getMessage(), var2);
}
return null;
}
}