package com.fr.plugin; import com.fanruan.api.net.http.HttpKit; import com.fr.decision.authority.data.User; import com.fr.decision.fun.impl.BaseHttpHandler; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.user.UserService; import com.fr.json.JSONObject; import com.fr.log.FineLoggerFactory; import com.fr.plugin.context.PluginContexts; import com.fr.third.org.apache.commons.codec.digest.DigestUtils; import com.fr.third.org.apache.commons.lang3.StringUtils; import com.fr.third.springframework.web.bind.annotation.RequestMethod; import com.fr.web.utils.WebUtils; import org.dom4j.DocumentException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.HashMap; import java.util.Map; public class GetTicket extends BaseHttpHandler { @Override public RequestMethod getMethod() { return null; } @Override public String getPath() { return "/getToken"; } @Override public boolean isPublic() { return true; } @Override public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception { JSONObject entries = new JSONObject(); if (!PluginContexts.currentContext().isAvailable()) { entries.put("code", "1"); entries.put("msg", "授权过期请联系销售人员"); WebUtils.printAsJSON(httpServletResponse, entries); return; } String accessToken = WebUtils.getHTTPRequestParameter(httpServletRequest, "accessToken"); if (StringUtils.isBlank(accessToken)) { entries.put("code", "1"); entries.put("msg", "accessToken码不存在"); WebUtils.printAsJSON(httpServletResponse, entries); return; } String uid = getUserInfo(accessToken); User user = UserService.getInstance().getUserByUserName(uid); if (user == null) { entries.put("code", "1"); entries.put("msg", "登录失败:" + uid + " 在帆软用户体系不存在,请联系管理员添加"); WebUtils.printAsJSON(httpServletResponse, entries); return; } String token = login(httpServletRequest, httpServletResponse, uid); entries.put("code", "0"); entries.put("data", token); WebUtils.printAsJSON(httpServletResponse, entries); } private String getAccessToken(String code) throws IOException { Oauth2Config config = Oauth2Config.getInstance(); String valAddr = config.getValAddr(); String appId = config.getAppId(); String clientSecret = config.getClientSecret(); String frUrl = Oauth2Config.getInstance().getFrUrl(); String redirectUrl = String.format("%s/url/iam/authCallBack", frUrl); Map params = new HashMap<>(); String tokenUrl = String.format("%s/oauth2/rest/token", valAddr); params.put("redirect_uri", redirectUrl); params.put("grant_type", "AUTHORIZATION_CODE"); params.put("code", code); Map header = new HashMap<>(); header.put("X-OAUTH-IDENTITY-DOMAIN-NAME", "IdmDomain"); header.put("Authorization", "Basic " + Base64.getEncoder().encodeToString(String.format("%s:%s", appId, clientSecret).getBytes(StandardCharsets.UTF_8))); String json = HttpKit.post(tokenUrl, params, "utf-8", "utf-8", header); FineLoggerFactory.getLogger().info("获取AccessToken 请求返回:{}", json); JSONObject obj = new JSONObject(json); return obj.getString("access_token"); } public static String getUserInfo(String accessToken) throws DocumentException, IOException { Map header = new HashMap<>(); Oauth2Config config = Oauth2Config.getInstance(); String valAddr = config.getValAddr(); String url = String.format("%s/oauth2/rest/userinfo?access_token=%s", valAddr, accessToken); header.put("Authorization", "Bearer " + accessToken); String json = HttpKit.get(url, new HashMap<>(), header); FineLoggerFactory.getLogger().info("获取userinfo 请求返回:{}", json); JSONObject obj = new JSONObject(json); return obj.getString("sub"); } private String login(HttpServletRequest req, HttpServletResponse res, String username) throws Exception { String token = LoginService.getInstance().login(req, res, username); req.setAttribute("fine_auth_token", token); FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username); return token; } }