pioneer
/
open-JSD-9911
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
0 Tags
1.3 MiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
open-JSD-9911/src/main/java/com/eco/plugin/xx/jfsso/filter/SSOFilter.java

121 lines
4.1 KiB
Raw Permalink Blame History

package com.eco.plugin.xx.jfsso.filter;
import com.eco.plugin.xx.jfsso.config.PluginSimpleConfig;
import com.eco.plugin.xx.jfsso.utils.FRUtils;
import com.eco.plugin.xx.jfsso.utils.ResponseUtils;
import com.eco.plugin.xx.jfsso.utils.Utils;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.plugin.context.PluginContexts;
import com.fr.record.analyzer.EnableMetrics;
import com.fr.stable.fun.Authorize;
import com.para.esc.sdk.oauth.IOAuth20Service;
import com.para.esc.sdk.oauth.builder.OAuthServiceBuilder;
import com.para.esc.sdk.oauth.client.model.UserInfo;
import com.para.esc.sdk.oauth.exceptions.OAuthApiException;
import com.para.esc.sdk.oauth.model.OAuth20Config;
import com.para.esc.sdk.oauth.model.Token;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@EnableMetrics
@Authorize(callSignKey = "com.eco.plugin.xx.jfsso")
public class SSOFilter extends AbstractGlobalRequestFilterProvider {
@Override
public String filterName() {
return "jfssoFilter";
}
@Override
public String[] urlPatterns() {
return new String[]{"/*"};
}
@Override
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){
if(PluginContexts.currentContext().isAvailable()){
//是否放行
boolean release = isRelease(req);
if(release){
release(req,res,chain);
return;
}
PluginSimpleConfig psc = PluginSimpleConfig.getInstance();
//构建单点请求
OAuth20Config configInfo =
new OAuth20Config(psc.getClientId(),psc.getSecret(),
FRUtils.getAllUrl(req), psc.getAuthUrl(),
psc.getTokenUrl());
IOAuth20Service service = new OAuthServiceBuilder(configInfo).build20Service();
String code = req.getParameter("code");
if(Utils.isNullStr(code)){
redirect(res,service.getAuthorizationUrl());
return ;
}
Token accessToken = service.getAccessToken(code);
UserInfo oauthUser = new UserInfo(accessToken);
UserInfo loginUser = null;
try {
loginUser = oauthUser.requestUserInfo(psc.getUserUrl());
} catch (OAuthApiException e) {
ResponseUtils.failedResponse(res,"获取用户信息异常:"+e.getMessage());
return ;
}
String userName = loginUser.getId();
FRUtils.Login(req,res,userName,"");
}
release(req,res,chain);
}
/**
* 是否放行
* @param req
* @return
*/
private boolean isRelease(HttpServletRequest req) {
String url = FRUtils.getAllUrl(req);
String op = req.getParameter("op");
boolean isLogin = FRUtils.isLogin(req);
boolean isRemote = url.contains("remote");
boolean isLoginPage = url.contains("login")||url.contains("decision/file")||url.contains("decision/resource")||url.contains("decision/system")||url.contains("query/ip");
// boolean isMobile = Utils.isMobile(req) || url.contains("/mobile") || "H5".equals(op);
boolean isDing = url.contains("dingtalk");
//带noSSO参数跳过单点
String noSSO =req.getParameter("noSSO");
boolean isSSO = false;
if(!Utils.isNullStr(noSSO)){
isSSO = Boolean.parseBoolean(noSSO);
}
return isLogin || isRemote || isLoginPage ||isSSO || isDing;
}
//跳转认证中心
private void redirect(HttpServletResponse res, String url) {
try {
res.sendRedirect(url);
} catch (IOException e) {
FRUtils.FRLogInfo("跳转认证中心异常:"+e.getMessage());
}
}
//放行拦截器
private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
try{
chain.doFilter(req,res);
}catch (Exception e){
FRUtils.FRLogInfo("拦截失败");
}
}
}