package com.fr.plugin.handler; import com.fanruan.api.net.http.HttpKit; import com.fr.data.NetworkHelper; import com.fr.decision.authority.data.User; import com.fr.decision.fun.impl.BaseHttpHandler; import com.fr.decision.mobile.terminal.TerminalHandler; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.login.TokenResource; import com.fr.decision.webservice.v10.user.UserService; import com.fr.general.ComparatorUtils; import com.fr.json.JSONObject; import com.fr.log.FineLoggerFactory; import com.fr.plugin.XTLConfig; import com.fr.security.JwtUtils; import com.fr.stable.StringUtils; import com.fr.stable.web.Device; import com.fr.third.jodd.util.StringUtil; import com.fr.third.springframework.web.bind.annotation.RequestMethod; import com.fr.web.utils.WebUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.HashMap; import java.util.Map; public class LoginCallBackHander extends BaseHttpHandler { @Override public RequestMethod getMethod() { return null; } @Override public String getPath() { return "/login"; } @Override public boolean isPublic() { return true; } @Override public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception { String token = req.getParameter("token"); if (StringUtils.isNotBlank(token)) { String code = getCode(token); if (StringUtils.isEmpty(code)) { WebUtils.printAsString(res, " 通过" + token + "获取code失败返回内容无效"); return; } String accessToken = getAccessToken(code); if (StringUtils.isEmpty(accessToken)) { WebUtils.printAsString(res, " 通过" + token + "获取accessToken失败返回内容无效"); return; } String userId = getUserId(accessToken); if (StringUtils.isEmpty(userId)) { WebUtils.printAsString(res, " 通过" + accessToken + "获取用户失败返回内容无效"); return; } UserService userService = UserService.getInstance(); User user = userService.getUserByUserName(userId); if (user != null) { login(req, res, userId); XTLConfig xtlConfig = XTLConfig.getInstance(); String frUrl = xtlConfig.getFrUrl(); sendRedirect(res, frUrl); return; } else { WebUtils.printAsString(res, "用户" + userId + "在帆软系统中不存在"); return; } } WebUtils.printAsString(res, " 没有token信息"); } private String getUserId(String accessToken) throws IOException { XTLConfig xtlConfig = XTLConfig.getInstance(); String valAddr = xtlConfig.getValAddr(); String url = String.format("%s/getUserInfo", valAddr); Map header = new HashMap<>(); header.put("Authorization", "Bearer " + accessToken); String resp = HttpKit.get(url, new HashMap<>(), header); FineLoggerFactory.getLogger().info("访问getUserInfo返回:{}", resp); JSONObject entries = new JSONObject(resp); return entries.getString("userId"); } private String getAccessToken(String code) throws IOException { XTLConfig xtlConfig = XTLConfig.getInstance(); String valAddr = xtlConfig.getValAddr(); String frUrl = xtlConfig.getFrUrl() + "/url/oauth2/login"; String appid = xtlConfig.getAppid(); String loginClientSecret = xtlConfig.getLoginClientSecret(); String url = String.format("%s/oauth/getAccessToken?redirect_uri=%s&" + "client_id=%s&" + "client_secret=%s&code=%s&grant_type=authorization_code", valAddr, frUrl, appid, loginClientSecret, code); Map header = new HashMap<>(); String resp = HttpKit.get(url, new HashMap<>(), header); FineLoggerFactory.getLogger().info("访问getAccessToken返回:{}", resp); JSONObject entries = new JSONObject(resp); int code1 = entries.getInt("code"); if (code1 == 200) { return entries.getJSONObject("data").getString("access_token"); } return ""; } private String getCode(String token) throws IOException { XTLConfig xtlConfig = XTLConfig.getInstance(); String valAddr = xtlConfig.getValAddr(); String loginAppid = xtlConfig.getLoginAppid(); String url = String.format("%s/oauth/getCode?joinsysCode=%s", valAddr, loginAppid); Map header = new HashMap<>(); header.put("Authorization", "Bearer " + token); String resp = HttpKit.get(url, new HashMap<>(), header); FineLoggerFactory.getLogger().info("访问getCode返回:{}", resp); JSONObject entries = new JSONObject(resp); int code = entries.getInt("code"); if (code == 200) { return entries.getString("msg"); } return ""; } private void sendRedirect(HttpServletResponse res, String url) { res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); res.setHeader("Location", url); } private boolean login(HttpServletRequest req, HttpServletResponse res, String username) { try { String oldToken = TokenResource.COOKIE.getToken(req); if ((oldToken == null) || (!checkTokenValid(req, oldToken, username))) { HttpSession session = req.getSession(true); String token = LoginService.getInstance().login(req, res, username); session.setAttribute("fine_auth_token", token); FineLoggerFactory.getLogger().error("fr CookieFilter is over with username is ###" + username); return true; } else { FineLoggerFactory.getLogger().error("no need login: {}", username); return true; } } catch (Exception e) { FineLoggerFactory.getLogger().error(e.getMessage(), e); return false; } } private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) { try { if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) { FineLoggerFactory.getLogger().info("username changed:" + currentUserName); return false; } else { Device device = NetworkHelper.getDevice(req); LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); return true; } } catch (Exception var5) { return false; } } }