open

README.md

@@ -0,0 +1,7 @@
+
+# open-JSD-9856
+ 
+JSD-9856 oauth2  单点登录\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系【pioneer】处理。

plugin.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<plugin>
+    <id>com.fr.plugin.ihef.sso</id>
+    <name><![CDATA[单点登陆]]></name>
+    <active>yes</active>
+    <version>1.0.2</version>
+    <env-version>11.0</env-version>
+    <jartime>2021-10-01</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[单点登陆]]></description>
+    <change-notes><![CDATA[单点登陆]]></change-notes>
+    <main-package>com.fr.plugin.ihef</main-package>
+    <prefer-packages>
+        <prefer-package>com.fanruan.api</prefer-package>
+    </prefer-packages>
+    <lifecycle-monitor class="com.fr.plugin.ihef.PluginMonitor"/>
+    <extra-core>
+        <LocaleFinder class="com.fr.plugin.ihef.LocaleFinder"/>
+    </extra-core>
+    <extra-decision>
+        <GlobalRequestFilterProvider class="com.fr.plugin.ihef.request.OAuthLogin"/>
+        <LogInOutEventProvider class="com.fr.plugin.ihef.CustomLogInOut"/>
+    </extra-decision>
+    <function-recorder class="com.fr.plugin.ihef.LocaleFinder"/>
+</plugin>

src/main/java/com/fr/plugin/ihef/CustomLogInOut.java

@@ -0,0 +1,42 @@
+/**
+ * Copyright (C), 2015-2021
+ * FileName: CustomLogInOut
+ * Author:   fr.open
+ * Date:     2019/6/19 16:25
+ * Description: CustomLogInOut
+ * History:
+ * <author>          <time>          <version>          <desc>
+ */
+package com.fr.plugin.ihef;
+
+import com.fr.decision.fun.impl.AbstractLogInOutEventProvider;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.plugin.ihef.config.IhefConfig;
+
+/**
+ * 〈Function Description〉<br>
+ * 〈CustomLogInOut〉
+ *
+ * @author fr.open
+ * @since 1.0.0
+ */
+public class CustomLogInOut extends AbstractLogInOutEventProvider {
+
+    public static final String LOGOUT_PATH = "/c/portal/logout";
+    private final IhefConfig config;
+
+    public CustomLogInOut() {
+        this.config = IhefConfig.getInstance();
+    }
+
+    /**
+     * 用户登出处理
+     *
+     * @param result
+     * @return
+     */
+    @Override
+    public String logoutAction(LogInOutResultInfo result) {
+        return this.config.getUriBase() + LOGOUT_PATH;
+    }
+}

src/main/java/com/fr/plugin/ihef/LocaleFinder.java

@@ -0,0 +1,37 @@
+ /*
+  * Copyright (C), 2018-2020
+  * Project: starter
+  * FileName: LocaleFinder
+  * Author:   fr.open
+  * Date:     2020/8/31 22:19
+  */
+ package com.fr.plugin.ihef;
+
+ import com.fr.intelli.record.Focus;
+ import com.fr.intelli.record.Original;
+ import com.fr.record.analyzer.EnableMetrics;
+ import com.fr.stable.fun.impl.AbstractLocaleFinder;
+
+ import static com.fr.plugin.ihef.config.IhefConfig.PLUGIN_ID;
+
+ /**
+  * <Function Description><br>
+  * <LocaleFinder>
+  *
+  * @author fr.open
+  * @since 1.0.0
+  */
+ @EnableMetrics
+ public class LocaleFinder extends AbstractLocaleFinder {
+
+     @Override
+     @Focus(id = PLUGIN_ID, text = "Plugin-ihef", source = Original.PLUGIN)
+     public String find() {
+         return "com/fr/plugin/ihef/locale/lang";
+     }
+
+     @Override
+     public int currentAPILevel() {
+         return CURRENT_LEVEL;
+     }
+ }

src/main/java/com/fr/plugin/ihef/PluginMonitor.java

@@ -0,0 +1,33 @@
+ /*
+  * Copyright (C), 2018-2021
+  * Project: starter
+  * FileName: PluginMonitor
+  * Author:   fr.open
+  * Date:     2021/3/30 15:10
+  */
+ package com.fr.plugin.ihef;
+
+ import com.fr.plugin.context.PluginContext;
+ import com.fr.plugin.ihef.config.IhefConfig;
+ import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+ /**
+  * <Function Description><br>
+  * <PluginMonitor>
+  *
+  * @author fr.open
+  * @since 1.0.0
+  */
+ public class PluginMonitor extends AbstractPluginLifecycleMonitor {
+     public PluginMonitor() {
+     }
+
+     @Override
+     public void afterRun(PluginContext pluginContext) {
+         IhefConfig.getInstance();
+     }
+
+     @Override
+     public void beforeStop(PluginContext pluginContext) {
+     }
+ }

src/main/java/com/fr/plugin/ihef/config/IhefConfig.java

@@ -0,0 +1,74 @@
+ /*
+  * Copyright (C), 2018-2021
+  * Project: starter
+  * FileName: SsoConfig
+  * Author:   fr.open
+  * Date:     2021/3/30 9:38
+  */
+ package com.fr.plugin.ihef.config;
+
+ import com.fanruan.api.util.StringKit;
+ import com.fr.config.*;
+ import com.fr.config.holder.Conf;
+ import com.fr.config.holder.factory.Holders;
+
+ /**
+  * <Function Description><br>
+  * <SsoConfig>
+  *
+  * @author fr.open
+  * @since 1.0.0
+  */
+ @Visualization(category = "Plugin-ihef_Group")
+ public class IhefConfig extends DefaultConfiguration {
+     public static final String PLUGIN_ID = "com.fr.plugin.ihef.sso";
+
+     private static volatile IhefConfig config = null;
+     @Identifier(value = "uriBase", name = "Plugin-ihef_Config_UriBase", description = "Plugin-ihef_Config_UriBase_Description", status = Status.SHOW)
+     private final Conf<String> uriBase = Holders.simple(StringKit.EMPTY);
+     @Identifier(value = "clientId", name = "Plugin-ihef_Config_ClientId", description = "Plugin-ihef_Config_ClientId_Description", status = Status.SHOW)
+     private Conf<String> clientId = Holders.simple(StringKit.EMPTY);
+     @Identifier(value = "clientSecret", name = "Plugin-ihef_Config_ClientSecret", description = "Plugin-ihef_Config_ClientSecret_Description", status = Status.SHOW)
+     private Conf<String> clientSecret = Holders.simple(StringKit.EMPTY);
+     @Identifier(value = "frUri", name = "Plugin-ihef_Config_FrUri", description = "Plugin-ihef_Config_FrUri_Description", status = Status.SHOW)
+     private Conf<String> frUri = Holders.simple(StringKit.EMPTY);
+
+     public static IhefConfig getInstance() {
+         if (config == null) {
+             config = ConfigContext.getConfigInstance(IhefConfig.class);
+         }
+         return config;
+     }
+
+     public String getUriBase() {
+         return uriBase.get();
+     }
+
+     public void setUriBase(String uriBase) {
+         this.uriBase.set(uriBase);
+     }
+
+     public String getClientId() {
+         return clientId.get();
+     }
+
+     public void setClientId(String clientId) {
+         this.clientId.set(clientId);
+     }
+
+     public String getClientSecret() {
+         return clientSecret.get();
+     }
+
+     public void setClientSecret(String clientSecret) {
+         this.clientSecret.set(clientSecret);
+     }
+
+     public String getFrUri() {
+         return frUri.get();
+     }
+
+     public void setFrUri(String frUri) {
+         this.frUri.set(frUri);
+     }
+ }

src/main/java/com/fr/plugin/ihef/request/OAuthLogin.java

@@ -0,0 +1,211 @@
+ /*
+  * Copyright (C), 2018-2021
+  * Project: starter
+  * FileName: OAuthLogin
+  * Author:   fr.open
+  * Date:     2021/3/30 22:09
+  */
+ package com.fr.plugin.ihef.request;
+
+ import com.fanruan.api.decision.login.LoginKit;
+ import com.fanruan.api.decision.user.UserKit;
+ import com.fanruan.api.i18n.I18nKit;
+ import com.fanruan.api.log.LogKit;
+ import com.fanruan.api.net.NetworkKit;
+ import com.fanruan.api.net.http.HttpKit;
+ import com.fanruan.api.util.StringKit;
+ import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+ import com.fr.decision.webservice.utils.DecisionServiceConstants;
+ import com.fr.decision.webservice.v10.login.LoginService;
+ import com.fr.json.JSONObject;
+ import com.fr.plugin.context.PluginContexts;
+ import com.fr.plugin.ihef.config.IhefConfig;
+ import com.fr.stable.fun.Authorize;
+ import com.fr.third.org.apache.http.client.utils.URIBuilder;
+
+ import javax.servlet.FilterChain;
+ import javax.servlet.FilterConfig;
+ import javax.servlet.http.HttpServletRequest;
+ import javax.servlet.http.HttpServletResponse;
+ import java.net.URISyntaxException;
+ import java.util.HashMap;
+ import java.util.Map;
+
+ import static com.fr.plugin.ihef.config.IhefConfig.PLUGIN_ID;
+
+ /**
+  * <Function Description><br>
+  * <OAuthLogin>
+  *
+  * @author fr.open
+  * @since 1.0.0
+  */
+ @Authorize(callSignKey = PLUGIN_ID)
+ public class OAuthLogin extends AbstractGlobalRequestFilterProvider {
+     public static final String CODE_PATH = "/o/oauth2/authorize";
+     public static final String TOKEN_PATH = "/o/oauth2/token";
+     public static final String USERINFO_PATH = "/api/jsonws/user/get-current-user";
+     public static final String CODE = "code";
+     public static final String STATE = "fkLiferay";
+     private IhefConfig config;
+
+     /**
+      * 过滤器名称
+      *
+      * @return
+      */
+     @Override
+     public String filterName() {
+         return "ihefFilter";
+     }
+
+     /**
+      * 过滤规则
+      *
+      * @return
+      */
+     @Override
+     public String[] urlPatterns() {
+         return new String[]{"/decision", "/decision/", "/decision/view/form", "/decision/view/report", "/decision/v10/entry/access/*", "/decision/v5/design/report/*"};
+     }
+
+     /**
+      * 过滤器初始化
+      *
+      * @param filterConfig
+      */
+     @Override
+     public void init(FilterConfig filterConfig) {
+         this.config = IhefConfig.getInstance();
+         super.init(filterConfig);
+     }
+
+     /**
+      * 过滤器处理
+      *
+      * @param request
+      * @param response
+      * @param filterChain
+      */
+     @Override
+     public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) {
+         try {
+             if (operation(request, response)) {
+                 filterChain.doFilter(request, response);
+             }
+         } catch (Exception e) {
+             LogKit.error(e.getMessage(), e);
+         }
+     }
+
+     /**
+      * 用户验证登陆操作
+      *
+      * @param req
+      * @param res
+      * @throws Exception
+      */
+     private boolean operation(HttpServletRequest req, HttpServletResponse res) throws Exception {
+         // 已登录
+         if (LoginService.getInstance().isLogged(req)) {
+             return true;
+         }
+         LogKit.info("ihef-OAuthLogin-operation-url:{}", req.getRequestURL().toString());
+         String code = NetworkKit.getHTTPRequestParameter(req, CODE);
+         String state = NetworkKit.getHTTPRequestParameter(req, STATE);
+         String clientId = NetworkKit.getHTTPRequestParameter(req, "client_id");
+         LogKit.info("ihef-OAuthLogin-operation-code:{}, state:{}, clientId:{}", code, state, clientId);
+         if (StringKit.isBlank(code)) {
+             res.sendRedirect(getLoginUrl());
+             return false;
+         }
+         String accessToken = getAccessToken(code);
+         String username = getUsername(accessToken);
+         if (StringKit.isEmpty(username) || !UserKit.existUsername(username)) {
+             return true;
+         }
+         if (!PluginContexts.currentContext().isAvailable()) {
+             LogKit.error(I18nKit.getLocText("Plugin-ihef_Licence_Expired"));
+             return true;
+         }
+         String tokenFR = LoginKit.login(req, res, username);
+         req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, tokenFR);
+         return true;
+     }
+
+     /**
+      * 获取access_token
+      *
+      * @param code
+      * @return
+      * @throws Exception
+      */
+     private String getAccessToken(String code) throws Exception {
+         Map<String, String> headers = new HashMap<>();
+         headers.put("Accept", "application/json");
+         Map<String, String> tokenParams = new HashMap<>();
+         tokenParams.put("client_id", this.config.getClientId());
+         tokenParams.put("client_secret", this.config.getClientSecret());
+         tokenParams.put("grant_type", "authorization_code");
+         tokenParams.put("code", code);
+         LogKit.info("ihef-OAuthLogin-getAccessToken-params:{}", tokenParams);
+         String res = HttpKit.post(this.config.getUriBase() + TOKEN_PATH, tokenParams, headers);
+         LogKit.info("ihef-OAuthLogin-getAccessToken-res:{}", res);
+         if (StringKit.isEmpty(res)) {
+             return StringKit.EMPTY;
+         }
+         return new JSONObject(res).getString("access_token");
+     }
+
+     /**
+      * 通过凭证获得username
+      *
+      * @param token
+      * @return
+      */
+     private String getUsername(String token) throws Exception {
+         LogKit.info("ihef-OAuthLogin-getUsername-token:{}", token);
+         Map<String, String> headers = new HashMap<>();
+         headers.put("Authorization", "Bearer " + token);
+         String userRes = HttpKit.get(this.config.getUriBase() + USERINFO_PATH, new HashMap<>(), headers);
+         LogKit.info("ihef-OAuthLogin-getUsername-userRes:{}", userRes);
+         JSONObject userJo = new JSONObject(userRes);
+         if (userJo.has("screenName")) {
+             return userJo.getString("screenName");
+         }
+         return StringKit.EMPTY;
+     }
+
+     /**
+      * 获取login_url
+      *
+      * @return
+      */
+     private String getLoginUrl() {
+         String url = this.config.getUriBase() + CODE_PATH;
+         Map<String, String> params = new HashMap<>();
+         params.put("client_id", this.config.getClientId());
+         params.put("redirect_uri", this.config.getFrUri());
+         params.put("response_type", "code");
+         params.put("state", STATE);
+         String loginUrl = buildUrl(url, params);
+         LogKit.info("ihef-OAuthLogin-getLoginUrl-loginUrl:{}", loginUrl);
+         return loginUrl;
+     }
+
+     private String buildUrl(String url, Map<String, String> params) {
+         if (params == null || params.isEmpty()) {
+             return url;
+         }
+         try {
+             URIBuilder builder = new URIBuilder(url);
+             for (Map.Entry<String, String> entry : params.entrySet()) {
+                 builder.setParameter(entry.getKey(), entry.getValue());
+             }
+             return builder.build().toString();
+         } catch (URISyntaxException e) {
+             LogKit.error("ihef-OAuthLogin-Error to build url, please check the arguments.");
+             return url;
+         }
+     }
+ }

src/main/resources/com/fr/plugin/ihef/locale/lang.properties

@@ -0,0 +1,11 @@
+Plugin-ihef=Sso Plugin
+Plugin-ihef_Group=Sso Plugin
+Plugin-ihef_Config_UriBase=Uri Base
+Plugin-ihef_Config_UriBase_Description=Uri Base
+Plugin-ihef_Licence_Expired=Sso Plugin Licence Expired
+Plugin-ihef_Config_ClientId=Client Id
+Plugin-ihef_Config_ClientId_Description=Client Id
+Plugin-ihef_Config_ClientSecret=Client Secret
+Plugin-ihef_Config_ClientSecret_Description=Client Secret
+Plugin-ihef_Config_FrUri=FR Uri
+Plugin-ihef_Config_FrUri_Description=FR Uri

src/main/resources/com/fr/plugin/ihef/locale/lang_zh_CN.properties

@@ -0,0 +1,11 @@
+Plugin-ihef=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
+Plugin-ihef_Group=\u5355\u70B9\u767B\u9646\u63D2\u4EF6
+Plugin-ihef_Config_UriBase=\u5355\u70B9\u63A5\u53E3\u5730\u5740
+Plugin-ihef_Config_UriBase_Description=\u5355\u70B9\u63A5\u53E3\u5730\u5740
+Plugin-ihef_Licence_Expired=\u5355\u70B9\u767B\u9646\u63D2\u4EF6\u8BB8\u53EF\u8FC7\u671F
+Plugin-ihef_Config_ClientId=\u5E94\u7528\u6CE8\u518CID
+Plugin-ihef_Config_ClientId_Description=\u5E94\u7528\u6CE8\u518CID
+Plugin-ihef_Config_ClientSecret=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
+Plugin-ihef_Config_ClientSecret_Description=\u5E94\u7528\u6CE8\u518C\u5BC6\u7801
+Plugin-ihef_Config_FrUri=\u5E06\u8F6F\u7CFB\u7EDFurl
+Plugin-ihef_Config_FrUri_Description=\u5E06\u8F6F\u7CFB\u7EDFurl