pioneer
/
open-JSD-9787
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
933 KiB
 
 
Tree: a4cd622966
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a4cd622966'
${ noResults }
open-JSD-9787/src/main/java/com/fr/plugin/PLLoginFilter.java

193 lines
6.8 KiB
Raw Blame History

package com.fr.plugin;
import com.fanruan.api.net.http.HttpKit;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.general.ComparatorUtils;
import com.fr.json.JSONObject;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.stable.StringUtils;
import com.fr.web.utils.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
@FunctionRecorder(localeKey = "zyfilter")
public class PLLoginFilter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "ffrrww";
}
@Override
public String[] urlPatterns() {
return new String[]{
"/decision/login"
};
}
@Override
public void init(FilterConfig filterConfig) {
super.init(filterConfig);
}
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse httpServletResponse, FilterChain filterChain) {
try {
if (request.getMethod().equals("GET")) {
String isAdmin = request.getParameter("isAdmin");
if (ComparatorUtils.equals(isAdmin, "1")) {
filterChain.doFilter(request, httpServletResponse);
return;
}
FineLoggerFactory.getLogger().info("来源:{}访问了登陆",request.getHeader("referer"));
sendRedirect(httpServletResponse, getCodeUrl(request));
} else {
filterChain.doFilter(request, httpServletResponse);
}
} catch (IOException e) {
printException2FrLog(e);
} catch (ServletException e) {
printException2FrLog(e);
} catch (Exception e) {
e.printStackTrace();
}
}
private String getCodeUrl(HttpServletRequest req) throws Exception {
ZtgtConfig plConfig = ZtgtConfig.getInstance();
String baseUrl = plConfig.getValAddr();
String clientId = plConfig.getAppId();
String redirect_uri = URLEncoder.encode(plConfig.getFrUrl(), "UTF-8");
String originalURL = URLEncoder.encode(WebUtils.getOriginalURL(req), StandardCharsets.UTF_8.name());
return baseUrl + "/authorize?response_type=code&client_id=" + clientId + "&state=xplatform&redirect_uri=" + redirect_uri + "&oauth_timestamp=" + System.currentTimeMillis() + "&target_uri=" + originalURL;
}
private String getUsername(String code) {
Token token = getAccessToken(code);
ZtgtConfig plConfig = ZtgtConfig.getInstance();
String baseUrl = plConfig.getValAddr();
String clientId = plConfig.getAppId();
String clientSecret = plConfig.getClientSecret();
String url = baseUrl + "/profile?access_token=" + token.getContent() + "&client_id=" + clientId + "&client_secret=" + clientSecret + "&oauth_timestamp=" + System.currentTimeMillis();
try {
String s = HttpKit.get(url);
JSONObject jsonObject = new JSONObject(s);
return jsonObject.getString("id");
} catch (Exception e) {
}
return StringUtils.EMPTY;
}
private synchronized Token getAccessToken(String code) {
try {
token = getNewToken(code);
} catch (Exception e) {
}
return token;
}
private static Token token = null;
private class Token {
private String content = StringUtils.EMPTY;
private long expires_in = 0L;
private long timestamp = 0L;
public Token(String content, long expires_in) {
Token.this.content = content;
Token.this.expires_in = expires_in;
Token.this.timestamp = System.currentTimeMillis();
}
public String getContent() {
return content;
}
public long getExpiresIn() {
return expires_in;
}
public boolean isTimeout() {
//考虑到网络传输,有效期我们只算90%
return System.currentTimeMillis() - timestamp > expires_in * 900;
}
public boolean needRefresh() {
//在70%到90%有效期期间进行刷新
return System.currentTimeMillis() - timestamp > expires_in * 700;
}
}
private Token getNewToken(String code) throws Exception {
ZtgtConfig plConfig = ZtgtConfig.getInstance();
String baseUrl = plConfig.getValAddr();
String clientId = plConfig.getAppId();
String redirect_uri = URLEncoder.encode(plConfig.getFrUrl(), "UTF-8");
String clientSecret = plConfig.getClientSecret();
String url = baseUrl + "/accessToken?client_id=" + clientId + "&client_secret=" + clientSecret + "&grant_type=authorization_code&code=" + code + "&redirect_uri=" + redirect_uri;
String res = HttpKit.post(url, new HashMap<>());
if (StringUtils.isEmpty(res)) {
return null;
}
return parseToken(res);
}
private Token parseToken(String res) throws Exception {
JSONObject entries = new JSONObject(res);
String access_token = entries.getString("access_token");
return new Token(access_token, -1);
}
public static void printException2FrLog(Throwable e) {
StringWriter writer = new StringWriter();
e.printStackTrace(new PrintWriter(writer));
String s = writer.toString();
FineLoggerFactory.getLogger().error("错误:{}", s);
}
private void sendRedirect(HttpServletResponse res, String url) {
res.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
res.setHeader("Location", url);
}
private void login(HttpServletRequest req, HttpServletResponse res, String username) {
String token = null;
try {
token = LoginService.getInstance().login(req, res, username);
req.setAttribute("fine_auth_token", token);
FineLoggerFactory.getLogger().error("login success");
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
FineLoggerFactory.getLogger().error("login failed");
}
}
private void writerOurError(HttpServletResponse httpServletResponse) {
try {
WebUtils.writeOutTemplate("/com/fr/plugin/error.html", httpServletResponse, new HashMap());
} catch (IOException e) {
e.printStackTrace();
}
}
private boolean isLogin(HttpServletRequest req) {
return LoginService.getInstance().isLogged(req);
}
}