pioneer
/
open-JSD-9724
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
842 KiB
Tree: 1d486f4135
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1d486f4135'
${ noResults }
open-JSD-9724/src/main/java/com/fr/plugin/handler/FLLoginCallBackHander.java

162 lines
6.4 KiB
Raw Normal View History Unescape

open
3 years ago
package com.fr.plugin.handler;
import com.fanruan.api.net.http.HttpKit;
import com.fr.data.NetworkHelper;
import com.fr.decision.authority.data.User;
import com.fr.decision.fun.impl.BaseHttpHandler;
import com.fr.decision.mobile.terminal.TerminalHandler;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.login.TokenResource;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.FLConfig;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import com.fr.third.springframework.web.bind.annotation.RequestMethod;
import com.fr.web.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
public class FLLoginCallBackHander extends BaseHttpHandler {
@Override
public RequestMethod getMethod() {
return null;
}
@Override
public String getPath() {
return "/login";
}
@Override
public boolean isPublic() {
return true;
}
@Override
public void handle(HttpServletRequest req, HttpServletResponse res) throws Exception {
String token = req.getParameter("code");
if (StringUtils.isNotBlank(token)) {
String accessToken = getAccessToken(token);
if (StringUtils.isEmpty(accessToken)) {
WebUtils.printAsString(res, " 通过" + token + "获取accessToken失败返回内容无效");
return;
}
String userId = getUserId(accessToken);
if (StringUtils.isEmpty(userId)) {
WebUtils.printAsString(res, " 通过" + accessToken + "获取用户失败返回内容无效");
return;
}
UserService userService = UserService.getInstance();
User user = userService.getUserByUserName(userId);
if (user != null) {
login(req, res, userId);
FLConfig xtlConfig = FLConfig.getInstance();
String frUrl = xtlConfig.getFrUrl();
sendRedirect(res, frUrl);
return;
} else {
WebUtils.printAsString(res, "用户" + userId + "在帆软系统中不存在");
return;
}
} else {
sendRedirect(res, goAuth());
}
}
private String getUserId(String accessToken) throws IOException {
FLConfig xtlConfig = FLConfig.getInstance();
String valAddr = xtlConfig.getValAddr();
String url = String.format("%s/am/oauth2/tokeninfo?access_token=%s", valAddr,accessToken);
Map<String, String> header = new HashMap<>();
String resp = HttpKit.get(url, new HashMap<>(), header);
FineLoggerFactory.getLogger().info("访问getUserInfo返回:{}", resp);
JSONObject entries = new JSONObject(resp);
return entries.getString("uid");
}
private String getAccessToken(String code) throws IOException {
FLConfig xtlConfig = FLConfig.getInstance();
String valAddr = xtlConfig.getValAddr();
String appid = xtlConfig.getAppid();
String loginClientSecret = xtlConfig.getLoginClientSecret();
String url = String.format("%s/am/oauth2/access_token", valAddr);
Map<String, String> header = new HashMap<>();
Map<String, Object> params = new HashMap<>();
params.put("client_id", appid);
String frurl = xtlConfig.getFrUrl() + "/url/oauth2/login";
params.put("redirect_uri", frurl);
params.put("scope", "uid+cn+userIdCode");
params.put("client_secret", loginClientSecret);
params.put("grant_type", "authorization_code");
params.put("code", code);
String resp = HttpKit.post(url, params, "utf-8", "utf-8", header);
FineLoggerFactory.getLogger().info("访问getAccessToken返回:{}", resp);
JSONObject entries = new JSONObject(resp);
return entries.getString("access_token");
}
private String goAuth() {
FLConfig xtlConfig = FLConfig.getInstance();
String valAddr = xtlConfig.getValAddr();
String service = xtlConfig.getService();
String appid = xtlConfig.getAppid();
String frurl = xtlConfig.getFrUrl() + "/url/oauth2/login";
String url = String.format("%s/am/oauth2/authorize?service=%s&" +
"response_type=code&client_id=%s&" +
"scope=uid+cn+userIdCode&redirect_uri=%s&decision=Allow", valAddr, service,appid, frurl);
return url;
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private boolean login(HttpServletRequest req, HttpServletResponse res, String username) {
try {
String oldToken = TokenResource.COOKIE.getToken(req);
if ((oldToken == null) || (!checkTokenValid(req, oldToken, username))) {
HttpSession session = req.getSession(true);
String token = LoginService.getInstance().login(req, res, username);
session.setAttribute("fine_auth_token", token);
FineLoggerFactory.getLogger().error("fr CookieFilter is over with username is ###" + username);
return true;
} else {
FineLoggerFactory.getLogger().error("no need login: {}", username);
return true;
}
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
return false;
}
}
private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
try {
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
return false;
} else {
Device device = NetworkHelper.getDevice(req);
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
return true;
}
} catch (Exception var5) {
return false;
}
}
}