pioneer
2 years ago
commit
4366fb8821
15 changed files with 2213 additions and 0 deletions
@ -0,0 +1,6 @@
|
||||
# open-JSD-9921 |
||||
|
||||
JSD-9921 URL单点并实现屏蔽外网\ |
||||
免责说明:该源码为第三方爱好者提供,不保证源码和方案的可靠性,也不提供任何形式的源码教学指导和协助!\ |
||||
仅作为开发者学习参考使用!禁止用于任何商业用途!\ |
||||
为保护开发者隐私,开发者信息已隐去!若原开发者希望公开自己的信息,可联系【pioneer】处理。 |
||||
@ -0,0 +1,21 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin> |
||||
<id>com.eco.plugin.xx.hlzjsso</id> |
||||
<name><![CDATA[单点登录]]></name> |
||||
<active>yes</active> |
||||
<version>1.0.7</version> |
||||
<env-version>10.0</env-version> |
||||
<jartime>2018-07-31</jartime> |
||||
<vendor>fr.open</vendor> |
||||
<description><![CDATA[单点登录]]></description> |
||||
<change-notes><![CDATA[ |
||||
]]></change-notes> |
||||
<main-package>com.eco.plugin.xx.hlzjsso</main-package> |
||||
<lifecycle-monitor class="com.eco.plugin.xx.hlzjsso.config.InitializeMonitor"/> |
||||
<extra-decision> |
||||
<GlobalRequestFilterProvider class="com.eco.plugin.xx.hlzjsso.filter.SSOFilter"/> |
||||
<ControllerRegisterProvider class="com.eco.plugin.xx.hlzjsso.controller.ControllerRegisterProvider"/> |
||||
<WebResourceProvider class="com.eco.plugin.xx.hlzjsso.webresourceProvider.WebResourceProvider"/> |
||||
</extra-decision> |
||||
<function-recorder class="com.eco.plugin.xx.hlzjsso.config.PluginSimpleConfig"/> |
||||
|
||||
</plugin> |
||||
@ -0,0 +1,21 @@
|
||||
package com.eco.plugin.xx.hlzjsso.config; |
||||
|
||||
import com.fr.plugin.context.PluginContext; |
||||
import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor; |
||||
|
||||
/** |
||||
* @author xx |
||||
* @version 10.0 |
||||
* Created by xx on 2021-12-03 |
||||
*/ |
||||
public class InitializeMonitor extends AbstractPluginLifecycleMonitor { |
||||
@Override |
||||
public void afterRun(PluginContext pluginContext) { |
||||
PluginSimpleConfig.getInstance(); |
||||
} |
||||
|
||||
@Override |
||||
public void beforeStop(PluginContext pluginContext) { |
||||
|
||||
} |
||||
} |
||||
@ -0,0 +1,134 @@
|
||||
package com.eco.plugin.xx.hlzjsso.config; |
||||
|
||||
import com.fr.config.*; |
||||
import com.fr.config.holder.Conf; |
||||
import com.fr.config.holder.factory.Holders; |
||||
import com.fr.intelli.record.Focus; |
||||
import com.fr.intelli.record.Original; |
||||
import com.fr.record.analyzer.EnableMetrics; |
||||
|
||||
@Visualization(category = "单点登录配置") |
||||
@EnableMetrics |
||||
public class PluginSimpleConfig extends DefaultConfiguration { |
||||
|
||||
private static volatile PluginSimpleConfig config = null; |
||||
|
||||
@Focus(id="com.eco.plugin.xx.hlzjsso.config", text = "单点登录配置", source = Original.PLUGIN) |
||||
public static PluginSimpleConfig getInstance() { |
||||
if (config == null) { |
||||
config = ConfigContext.getConfigInstance(PluginSimpleConfig.class); |
||||
} |
||||
return config; |
||||
} |
||||
|
||||
@Identifier(value = "secret", name = "私钥", description = "私钥", status = Status.SHOW) |
||||
private Conf<String> secret = Holders.simple(""); |
||||
|
||||
@Identifier(value = "paramname", name = "token参数名", description = "token参数名", status = Status.SHOW) |
||||
private Conf<String> paramname = Holders.simple(""); |
||||
|
||||
@Identifier(value = "timeout", name = "token超时时间(s)", description = "token超时时间(s)", status = Status.SHOW) |
||||
private Conf<String> timeout = Holders.simple(""); |
||||
|
||||
@Identifier(value = "hz", name = "账号转化后缀", description = "账号转化后缀", status = Status.SHOW) |
||||
private Conf<String> hz = Holders.simple("A"); |
||||
|
||||
@Identifier(value = "isAll", name = "白名单功能开关", description = "白名单功能开关", status = Status.SHOW) |
||||
private Conf<Boolean> isAll = Holders.simple(true); |
||||
|
||||
@Identifier(value = "isPt", name = "普通用户权限控制开关", description = "普通用户权限控制开关", status = Status.SHOW) |
||||
private Conf<Boolean> isPt = Holders.simple(true); |
||||
|
||||
@Identifier(value = "isAdmin", name = "管理员权限控制开关", description = "管理员权限控制开关", status = Status.SHOW) |
||||
private Conf<Boolean> isAdmin = Holders.simple(true); |
||||
|
||||
@Identifier(value = "zhzh", name = "账户转化开关", description = "账户转化开关", status = Status.SHOW) |
||||
private Conf<Boolean> zhzh = Holders.simple(true); |
||||
|
||||
@Identifier(value = "白名单配置", name = "白名单配置", description = "白名单配置", status = Status.SHOW) |
||||
private Conf<String> white = Holders.simple(""); |
||||
|
||||
public String getHz() { |
||||
return hz.get(); |
||||
} |
||||
|
||||
public void setHz(String url) { |
||||
this.hz.set(url); |
||||
} |
||||
|
||||
public Boolean getIsAll() { |
||||
return isAll.get(); |
||||
} |
||||
|
||||
public void setIsAll(Boolean url) { |
||||
this.isAll.set(url); |
||||
} |
||||
|
||||
public Boolean getIsPt() { |
||||
return isPt.get(); |
||||
} |
||||
|
||||
public void setIsPt(Boolean url) { |
||||
this.isPt.set(url); |
||||
} |
||||
|
||||
public Boolean getIsAdmin() { |
||||
return isAdmin.get(); |
||||
} |
||||
|
||||
public void setIsAdmin(Boolean url) { |
||||
this.isAdmin.set(url); |
||||
} |
||||
|
||||
public Boolean getZhzh() { |
||||
return zhzh.get(); |
||||
} |
||||
|
||||
public void setZhzh(Boolean url) { |
||||
this.zhzh.set(url); |
||||
} |
||||
|
||||
public String getWhite() { |
||||
return white.get(); |
||||
} |
||||
|
||||
public void setWhite(String url) { |
||||
this.white.set(url); |
||||
} |
||||
|
||||
public String getSecret() { |
||||
return secret.get(); |
||||
} |
||||
|
||||
public void setSecret(String url) { |
||||
this.secret.set(url); |
||||
} |
||||
|
||||
public String getParamname() { |
||||
return paramname.get(); |
||||
} |
||||
|
||||
public void setParamname(String url) { |
||||
this.paramname.set(url); |
||||
} |
||||
|
||||
public String getTimeout() { |
||||
return timeout.get(); |
||||
} |
||||
|
||||
public void setTimeout(String url) { |
||||
this.timeout.set(url); |
||||
} |
||||
|
||||
@Override |
||||
public Object clone() throws CloneNotSupportedException { |
||||
PluginSimpleConfig cloned = (PluginSimpleConfig) super.clone(); |
||||
// cloned.text = (Conf<String>) text.clone();
|
||||
// cloned.count = (Conf<Integer>) count.clone();
|
||||
// cloned.price = (Conf<Double>) price.clone();
|
||||
// cloned.time = (Conf<Long>) time.clone();
|
||||
// cloned.student = (Conf<Boolean>) student.clone();
|
||||
return cloned; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,14 @@
|
||||
package com.eco.plugin.xx.hlzjsso.controller; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractControllerRegisterProvider; |
||||
import com.fr.plugin.transform.FunctionRecorder; |
||||
|
||||
@FunctionRecorder |
||||
public class ControllerRegisterProvider extends AbstractControllerRegisterProvider { |
||||
@Override |
||||
public Class<?>[] getControllers() { |
||||
return new Class[]{ |
||||
ControllerSelf.class |
||||
}; |
||||
} |
||||
} |
||||
@ -0,0 +1,57 @@
|
||||
package com.eco.plugin.xx.hlzjsso.controller; |
||||
|
||||
import com.eco.plugin.xx.hlzjsso.config.PluginSimpleConfig; |
||||
import com.eco.plugin.xx.hlzjsso.utils.IPWhiteUtils; |
||||
import com.eco.plugin.xx.hlzjsso.utils.ResponseUtils; |
||||
import com.eco.plugin.xx.hlzjsso.utils.Utils; |
||||
import com.fr.decision.webservice.annotation.LoginStatusChecker; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.third.springframework.stereotype.Controller; |
||||
import com.fr.third.springframework.web.bind.annotation.PostMapping; |
||||
import com.fr.third.springframework.web.bind.annotation.ResponseBody; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
@Controller |
||||
@LoginStatusChecker(required = false) |
||||
public class ControllerSelf { |
||||
|
||||
@PostMapping(value = "/canLogin") |
||||
@ResponseBody |
||||
public void canLogin(HttpServletRequest req,HttpServletResponse res){ |
||||
JSONObject param = Utils.getRequestBody(req); |
||||
String username = param.getString("username"); |
||||
PluginSimpleConfig psc = PluginSimpleConfig.getInstance(); |
||||
boolean isWhite = IPWhiteUtils.inWhite(req,psc.getWhite()); |
||||
|
||||
if(isWhite || !psc.getIsAll()){ |
||||
ResponseUtils.successResponse(res,""); |
||||
return ; |
||||
} |
||||
|
||||
boolean isAdmin = false; |
||||
try { |
||||
isAdmin = Utils.isAdmin(username); |
||||
} catch (Exception e) { |
||||
ResponseUtils.failedResponse(res,"判断管理员失败!"); |
||||
return ; |
||||
} |
||||
|
||||
//管理员且管理员权限控制开启
|
||||
if(isAdmin && psc.getIsAdmin()){ |
||||
ResponseUtils.failedResponse(res,"外网环境管理员禁止登陆!"); |
||||
return ; |
||||
} |
||||
|
||||
//普通用户权限开始
|
||||
if(!isAdmin && psc.getIsPt()){ |
||||
ResponseUtils.failedResponse(res,"外网环境普通账户禁止登陆!"); |
||||
return ; |
||||
} |
||||
|
||||
ResponseUtils.successResponse(res,""); |
||||
} |
||||
|
||||
|
||||
} |
||||
@ -0,0 +1,233 @@
|
||||
package com.eco.plugin.xx.hlzjsso.filter; |
||||
|
||||
import com.eco.plugin.xx.hlzjsso.config.PluginSimpleConfig; |
||||
import com.eco.plugin.xx.hlzjsso.utils.*; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
||||
import com.fr.json.JSONArray; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.plugin.context.PluginContexts; |
||||
import com.fr.record.analyzer.EnableMetrics; |
||||
import com.fr.stable.fun.Authorize; |
||||
|
||||
import javax.servlet.FilterChain; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
|
||||
@EnableMetrics |
||||
@Authorize(callSignKey = "com.eco.plugin.xx.hlzjsso") |
||||
public class SSOFilter extends AbstractGlobalRequestFilterProvider { |
||||
@Override |
||||
public String filterName() { |
||||
return "hlzjssoFilter"; |
||||
} |
||||
|
||||
@Override |
||||
public String[] urlPatterns() { |
||||
return new String[]{"/*"}; |
||||
} |
||||
|
||||
@Override |
||||
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){ |
||||
|
||||
if(PluginContexts.currentContext().isAvailable()){ |
||||
PluginSimpleConfig psc = PluginSimpleConfig.getInstance(); |
||||
|
||||
//token为空,不做拦截
|
||||
String token = req.getParameter(psc.getParamname()); |
||||
String url = FRUtils.getAllUrl(req); |
||||
|
||||
String method = req.getMethod(); |
||||
//登陆事件
|
||||
if(url.endsWith("decision/login") && method.equals("POST")){ |
||||
login(req,res); |
||||
return ; |
||||
} |
||||
|
||||
if(Utils.isNullStr(token)){ |
||||
release(req,res,chain); |
||||
return; |
||||
} |
||||
|
||||
String decryptToken = null; |
||||
try { |
||||
decryptToken = EncryptUtils.rsaDecrypt(token,psc.getSecret()); |
||||
} catch (Exception e) { |
||||
ResponseUtils.failedResponse(res,"token解密失败:"+e.getMessage()); |
||||
return ; |
||||
} |
||||
|
||||
if(Utils.isNullStr(decryptToken)){ |
||||
ResponseUtils.failedResponse(res,"token解密失败!"); |
||||
return ; |
||||
} |
||||
|
||||
JSONObject tokenJson = new JSONObject(decryptToken); |
||||
String username = tokenJson.getString("username"); |
||||
Long timestamp = tokenJson.getLong("timestamp"); |
||||
Long now = System.currentTimeMillis(); |
||||
|
||||
boolean isWhite = IPWhiteUtils.inWhite(req,psc.getWhite()); |
||||
|
||||
//外网而且权限控制功能开关为开
|
||||
if(!isWhite && psc.getIsAll()){ |
||||
|
||||
boolean isAdmin = false; |
||||
try { |
||||
isAdmin = Utils.isAdmin(username); |
||||
} catch (Exception e) { |
||||
ResponseUtils.failedResponse(res,"判断管理员失败!"); |
||||
return ; |
||||
} |
||||
|
||||
//外网环境且管理员控制为开,管理员不允许单点登陆
|
||||
if(isAdmin && psc.getIsAdmin()){ |
||||
ResponseUtils.failedResponse(res,"外网环境管理员账户不允许单点登陆!"); |
||||
return ; |
||||
} |
||||
|
||||
//外网环境切账户转换为开,对普通用户进行转换
|
||||
//判断是否以A结尾,A结尾为外网账户,如果不是将A添加到用户名结尾
|
||||
boolean endwithA = username.endsWith(psc.getHz()); |
||||
|
||||
if(!isAdmin && psc.getZhzh()&&!endwithA){ |
||||
username+=psc.getHz(); |
||||
} |
||||
} |
||||
|
||||
if((now - timestamp)/1000 > Long.parseLong(psc.getTimeout())){ |
||||
ResponseUtils.failedResponse(res,"token超时,请重新生成!"); |
||||
return ; |
||||
} |
||||
|
||||
String redirect = Utils.getRedirectUrl(req,psc.getParamname()); |
||||
|
||||
//登录
|
||||
FRUtils.login(req,res,username,redirect); |
||||
} |
||||
|
||||
release(req,res,chain); |
||||
} |
||||
|
||||
//放行拦截器
|
||||
private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) { |
||||
try{ |
||||
chain.doFilter(req,res); |
||||
}catch (Exception e){ |
||||
FRUtils.FRLogInfo("拦截失败"); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 拦截登录事件 |
||||
* @param res |
||||
*/ |
||||
private void login(HttpServletRequest req,HttpServletResponse res){ |
||||
JSONObject json = Utils.getRequestBody(req); |
||||
String username =json.getString("username"); |
||||
String psd = json.getString("password"); |
||||
String dbpsd = FRUtils.getDBPsd(username,FRUtils.decryptFRPsd(psd)); |
||||
|
||||
PluginSimpleConfig psc = PluginSimpleConfig.getInstance(); |
||||
boolean isWhite = IPWhiteUtils.inWhite(req,psc.getWhite()); |
||||
|
||||
//返回信息
|
||||
JSONObject result = new JSONObject(); |
||||
|
||||
if(!FRUtils.isUserExist(username)){ |
||||
result.put("errorCode","21300007"); |
||||
result.put("errorMsg","User not exist,or wrong password!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
} |
||||
|
||||
if(isWhite || !psc.getIsAll()){ |
||||
User user = FRUtils.getFRUserByUserName(username); |
||||
if(!user.getPassword().equals(dbpsd)){ |
||||
result.put("errorCode","21300007"); |
||||
result.put("errorMsg","User not exist,or wrong password!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
} |
||||
String token = FRUtils.getToken(req,res,username); |
||||
|
||||
result.put("username",username); |
||||
result.put("validity",-1); |
||||
result.put("callback",""); |
||||
result.put("accessToken",token); |
||||
|
||||
JSONObject origin = new JSONObject(); |
||||
origin.put("originUrl","/webroot/decision"); |
||||
origin.put("method","GET"); |
||||
origin.put("parameters",new JSONArray()); |
||||
|
||||
result.put("originUrlResponse",origin); |
||||
result.put("url","/webroot/decision"); |
||||
JSONObject data = new JSONObject(); |
||||
data.put("data",result); |
||||
ResponseUtils.response(res,data); |
||||
return ; |
||||
} |
||||
|
||||
boolean isAdmin = false; |
||||
try { |
||||
isAdmin = Utils.isAdmin(username); |
||||
} catch (Exception e) { |
||||
result.put("errorMsg","9999"); |
||||
result.put("errorCode","判断管理员失败!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
|
||||
} |
||||
|
||||
//管理员且管理员权限控制开启
|
||||
if(isAdmin && psc.getIsAdmin()){ |
||||
result.put("errorMsg","9999"); |
||||
result.put("errorCode","外网环境管理员禁止登陆!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
} |
||||
|
||||
//普通用户权限开始
|
||||
if(!isAdmin && psc.getIsPt()){ |
||||
result.put("errorMsg","9999"); |
||||
result.put("errorCode","外网环境普通账户禁止登陆!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
} |
||||
|
||||
User user = FRUtils.getFRUserByUserName(username); |
||||
if(!user.getPassword().equals(dbpsd)){ |
||||
result.put("errorCode","21300007"); |
||||
result.put("errorMsg","User not exist,or wrong password!"); |
||||
|
||||
ResponseUtils.response(res,result); |
||||
return ; |
||||
} |
||||
String token = FRUtils.getToken(req,res,username); |
||||
|
||||
result.put("username",username); |
||||
result.put("validity",-1); |
||||
result.put("callback",""); |
||||
result.put("accessToken",token); |
||||
|
||||
JSONObject origin = new JSONObject(); |
||||
origin.put("originUrl","/webroot/decision"); |
||||
origin.put("method","GET"); |
||||
origin.put("parameters",new JSONArray()); |
||||
|
||||
result.put("originUrlResponse",origin); |
||||
result.put("url","/webroot/decision"); |
||||
|
||||
JSONObject data = new JSONObject(); |
||||
data.put("data",result); |
||||
|
||||
ResponseUtils.response(res,data); |
||||
} |
||||
} |
||||
|
||||
@ -0,0 +1,333 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import sun.misc.BASE64Decoder; |
||||
import sun.misc.BASE64Encoder; |
||||
|
||||
import javax.crypto.Cipher; |
||||
import javax.crypto.KeyGenerator; |
||||
import javax.crypto.SecretKey; |
||||
import javax.crypto.SecretKeyFactory; |
||||
import javax.crypto.spec.DESKeySpec; |
||||
import java.io.IOException; |
||||
import java.net.URLEncoder; |
||||
import java.security.*; |
||||
import java.security.interfaces.RSAPrivateKey; |
||||
import java.security.interfaces.RSAPublicKey; |
||||
import java.security.spec.PKCS8EncodedKeySpec; |
||||
import java.security.spec.X509EncodedKeySpec; |
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
public class EncryptUtils { |
||||
|
||||
/** |
||||
* sha 加密 |
||||
* @param str |
||||
* @return |
||||
*/ |
||||
public static String sha(String str){ |
||||
String sha256Str = ""; |
||||
|
||||
try { |
||||
MessageDigest sha256Deget = MessageDigest.getInstance("SHA-256"); |
||||
byte[] sha256Encode = sha256Deget.digest(str.getBytes()); |
||||
sha256Str = ByteToHexStr(sha256Encode); |
||||
}catch (Exception e){ |
||||
FineLoggerFactory.getLogger().info("FRLOG:SHA256加密异常:"+e.getMessage()); |
||||
} |
||||
|
||||
return sha256Str; |
||||
} |
||||
|
||||
/** |
||||
* byte数组转16进制字符串 |
||||
* @param bytes |
||||
* @return |
||||
*/ |
||||
private static String ByteToHexStr(byte[] bytes) |
||||
{ |
||||
String hexStr = ""; |
||||
|
||||
for(int i =0;i<bytes.length;i++) |
||||
{ |
||||
int temp = bytes[i] & 0xff; |
||||
String tempHex = Integer.toHexString(temp); |
||||
if(tempHex.length() < 2) |
||||
{ |
||||
hexStr += "0"+tempHex; |
||||
} |
||||
else { |
||||
hexStr += tempHex; |
||||
} |
||||
} |
||||
|
||||
return hexStr; |
||||
} |
||||
|
||||
/** |
||||
* aes 加密 |
||||
* @param str |
||||
* @param privateKey |
||||
* @return |
||||
*/ |
||||
public static String aesEncrypt(String str,String privateKey){ |
||||
try { |
||||
// 生成密钥对象
|
||||
SecretKey secKey = generateAesKey(privateKey.getBytes()); |
||||
|
||||
// 获取 AES 密码器
|
||||
Cipher cipher = Cipher.getInstance("AES"); |
||||
// 初始化密码器(加密模型)
|
||||
cipher.init(Cipher.ENCRYPT_MODE, secKey); |
||||
|
||||
// 加密数据, 返回密文
|
||||
byte[] cipherBytes = cipher.doFinal(str.getBytes()); |
||||
return new BASE64Encoder().encodeBuffer(cipherBytes); |
||||
} catch (Throwable e) { |
||||
FRUtils.FRLogInfo("aes 加密异常 " + e.getMessage()); |
||||
} |
||||
|
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* 生成密钥对象 |
||||
*/ |
||||
private static SecretKey generateAesKey(byte[] key) throws Exception { |
||||
// 创建安全随机数生成器
|
||||
SecureRandom random = SecureRandom.getInstance("SHA1PRNG"); |
||||
// 设置 密钥key的字节数组 作为安全随机数生成器的种子
|
||||
random.setSeed(key); |
||||
|
||||
// 创建 AES算法生成器
|
||||
KeyGenerator gen = KeyGenerator.getInstance("AES"); |
||||
// 初始化算法生成器
|
||||
gen.init(128, random); |
||||
|
||||
// 生成 AES密钥对象, 也可以直接创建密钥对象: return new SecretKeySpec(key, ALGORITHM);
|
||||
return gen.generateKey(); |
||||
} |
||||
|
||||
/** |
||||
* aes 解密 |
||||
* @param str |
||||
* @param privateKey |
||||
* @return |
||||
*/ |
||||
public static String aesDecrypt(String str,String privateKey){ |
||||
try { |
||||
// 生成密钥对象
|
||||
SecretKey secKey = generateAesKey(privateKey.getBytes()); |
||||
|
||||
// 获取 AES 密码器
|
||||
Cipher cipher = Cipher.getInstance("AES"); |
||||
// 初始化密码器(加密模型)
|
||||
cipher.init(Cipher.DECRYPT_MODE, secKey); |
||||
|
||||
// 加密数据, 返回密文
|
||||
byte[] cipherBytes = cipher.doFinal(new BASE64Decoder().decodeBuffer(str)); |
||||
return new String(cipherBytes); |
||||
} catch (Throwable e) { |
||||
FRUtils.FRLogInfo("aes 解密异常 " + e.getMessage()); |
||||
} |
||||
|
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* base64加密 |
||||
* @param key |
||||
* @return |
||||
*/ |
||||
public static String base64Encode(String key){ |
||||
return (new BASE64Encoder()).encodeBuffer(key.getBytes()); |
||||
} |
||||
|
||||
/** |
||||
* base64加密 |
||||
* @param key |
||||
* @return |
||||
*/ |
||||
public static String base64Encode(byte[] key){ |
||||
return (new BASE64Encoder()).encodeBuffer(key); |
||||
} |
||||
|
||||
/** |
||||
* base64解密 |
||||
* @param key |
||||
* @return |
||||
*/ |
||||
public static String base64Decode(String key){ |
||||
String result = ""; |
||||
try { |
||||
result = new String((new BASE64Decoder()).decodeBuffer(key)); |
||||
} catch (IOException e) { |
||||
FineLoggerFactory.getLogger().info("FRLOG:BASE64解密异常:"+e.getMessage()); |
||||
} |
||||
|
||||
return result; |
||||
} |
||||
|
||||
/** |
||||
* base64解密 |
||||
* @param key |
||||
* @return |
||||
*/ |
||||
public static byte[] base64DecodeB(String key){ |
||||
byte[] result = null; |
||||
try { |
||||
result = (new BASE64Decoder()).decodeBuffer(key); |
||||
} catch (IOException e) { |
||||
FineLoggerFactory.getLogger().info("FRLOG:BASE64解密异常:"+e.getMessage()); |
||||
} |
||||
|
||||
return result; |
||||
} |
||||
|
||||
/** |
||||
* 是否被base64加密过 |
||||
* @param str |
||||
* @return |
||||
*/ |
||||
public static boolean isBase64(String str) { |
||||
if (str == null || str.trim().length() == 0) { |
||||
return false; |
||||
} |
||||
else { |
||||
if (str.length() % 4 != 0) { |
||||
return false; |
||||
} |
||||
|
||||
char[] strChars = str.toCharArray(); |
||||
|
||||
for (char c:strChars) { |
||||
if ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') |
||||
|| c == '+' || c == '/' || c == '=') { |
||||
continue; |
||||
} |
||||
else { |
||||
return false; |
||||
} |
||||
} |
||||
|
||||
return true; |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* des加密 |
||||
* @param datasource |
||||
* @param password |
||||
* @return |
||||
*/ |
||||
public static String desEncrypt(String datasource, String password) { |
||||
try { |
||||
SecureRandom random = new SecureRandom(); |
||||
DESKeySpec desKey = new DESKeySpec(password.getBytes()); |
||||
// 创建一个密匙工厂,然后用它把DESKeySpec转换成
|
||||
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES"); |
||||
SecretKey securekey = keyFactory.generateSecret(desKey); |
||||
// Cipher对象实际完成加密操作
|
||||
Cipher cipher = Cipher.getInstance("DES"); |
||||
// 用密匙初始化Cipher对象
|
||||
cipher.init(Cipher.ENCRYPT_MODE, securekey, random); |
||||
// 现在,获取数据并加密
|
||||
// 正式执行加密操作
|
||||
return base64Encode(cipher.doFinal(datasource.getBytes())); |
||||
} catch (Throwable e) { |
||||
FRUtils.FRLogInfo("des 加密异常 " + e.getMessage()); |
||||
} |
||||
|
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* des 解密 |
||||
* @param src |
||||
* @param password |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static String desDecrypt(String src, String password) throws Exception { |
||||
// DES算法要求有一个可信任的随机数源
|
||||
SecureRandom random = new SecureRandom(); |
||||
// 创建一个DESKeySpec对象
|
||||
DESKeySpec desKey = new DESKeySpec(password.getBytes("UTF-8")); |
||||
// 创建一个密匙工厂
|
||||
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("DES"); |
||||
// 将DESKeySpec对象转换成SecretKey对象
|
||||
SecretKey securekey = keyFactory.generateSecret(desKey); |
||||
// Cipher对象实际完成解密操作
|
||||
Cipher cipher = Cipher.getInstance("DES"); |
||||
// 用密匙初始化Cipher对象
|
||||
cipher.init(Cipher.DECRYPT_MODE, securekey, random); |
||||
// 真正开始解密操作
|
||||
return new String(cipher.doFinal(base64DecodeB(src))); |
||||
} |
||||
|
||||
/** |
||||
* 随机生成RSA密钥对 |
||||
* @throws NoSuchAlgorithmException |
||||
* @return privateKey,publicKey |
||||
*/ |
||||
public static Map<String,String> genRSAKeyPair() throws NoSuchAlgorithmException { |
||||
// KeyPairGenerator类用于生成公钥和私钥对,基于RSA算法生成对象
|
||||
KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA"); |
||||
// 初始化密钥对生成器,密钥大小为96-1024位
|
||||
keyPairGen.initialize(1024,new SecureRandom()); |
||||
// 生成一个密钥对,保存在keyPair中
|
||||
KeyPair keyPair = keyPairGen.generateKeyPair(); |
||||
RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate(); // 得到私钥
|
||||
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic(); // 得到公钥
|
||||
String publicKeyString = base64Encode(publicKey.getEncoded()); |
||||
// 得到私钥字符串
|
||||
String privateKeyString = base64Encode(privateKey.getEncoded()); |
||||
// 将公钥和私钥保存到Map
|
||||
Map<String,String> result = new HashMap<String,String>(); |
||||
result.put("publicKey",publicKeyString.replaceAll("\n","").replace("\r","").trim()); |
||||
result.put("privateKey",privateKeyString.replaceAll("\n","").replace("\r","").trim()); |
||||
|
||||
return result; |
||||
} |
||||
|
||||
/** |
||||
* rsa 加密 |
||||
* @param str |
||||
* @param publicKey |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static String rsaEncrypt(String str,String publicKey) throws Exception { |
||||
//base64编码的公钥
|
||||
byte[] decoded = base64DecodeB(publicKey); |
||||
RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded)); |
||||
//RSA加密
|
||||
Cipher cipher = Cipher.getInstance("RSA"); |
||||
cipher.init(Cipher.ENCRYPT_MODE, pubKey); |
||||
String outStr = base64Encode(cipher.doFinal(str.getBytes("UTF-8"))); |
||||
return outStr; |
||||
} |
||||
|
||||
/** |
||||
* rsa解密 |
||||
* @param str |
||||
* @param privateKey |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static String rsaDecrypt(String str,String privateKey) throws Exception { |
||||
//64位解码加密后的字符串
|
||||
byte[] inputByte = base64DecodeB(str); |
||||
//base64编码的私钥
|
||||
byte[] decoded = base64DecodeB(privateKey); |
||||
RSAPrivateKey priKey = (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decoded)); |
||||
//RSA解密
|
||||
Cipher cipher = Cipher.getInstance("RSA"); |
||||
cipher.init(Cipher.DECRYPT_MODE, priKey); |
||||
String outStr = new String(cipher.doFinal(inputByte)); |
||||
return outStr; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,321 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.base.ServerConfig; |
||||
import com.fr.base.TableData; |
||||
import com.fr.base.TemplateUtils; |
||||
import com.fr.decision.authority.AuthorityContext; |
||||
import com.fr.decision.authority.base.constant.type.operation.ManualOperationType; |
||||
import com.fr.decision.authority.data.User; |
||||
import com.fr.decision.base.util.UUIDUtil; |
||||
import com.fr.decision.privilege.TransmissionTool; |
||||
import com.fr.decision.privilege.encrpt.PasswordValidator; |
||||
import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean; |
||||
import com.fr.decision.webservice.interceptor.handler.ReportTemplateRequestChecker; |
||||
import com.fr.decision.webservice.login.LogInOutResultInfo; |
||||
import com.fr.decision.webservice.utils.DecisionServiceConstants; |
||||
import com.fr.decision.webservice.utils.DecisionStatusService; |
||||
import com.fr.decision.webservice.utils.UserSourceFactory; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.decision.webservice.v10.login.event.LogInOutEvent; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.event.EventDispatcher; |
||||
import com.fr.file.TableDataConfig; |
||||
import com.fr.general.data.DataModel; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.script.Calculator; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.stable.query.QueryFactory; |
||||
import com.fr.stable.query.restriction.RestrictionFactory; |
||||
import com.fr.third.springframework.web.method.HandlerMethod; |
||||
import com.fr.web.controller.ReportRequestService; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.Cookie; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import javax.servlet.http.HttpSession; |
||||
import java.io.IOException; |
||||
import java.util.List; |
||||
|
||||
public class FRUtils { |
||||
/** |
||||
* 判断用户是否存在 |
||||
* @param userName |
||||
* @return |
||||
*/ |
||||
public static boolean isUserExist(String userName){ |
||||
if (StringUtils.isEmpty(userName)) { |
||||
return false; |
||||
} else { |
||||
try { |
||||
List var1 = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName))); |
||||
return var1 != null && !var1.isEmpty(); |
||||
} catch (Exception var2) { |
||||
FineLoggerFactory.getLogger().error(var2.getMessage()); |
||||
return false; |
||||
} |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 判断是否登录FR |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
public static boolean isLogin(HttpServletRequest req){ |
||||
return LoginService.getInstance().isLogged(req); |
||||
} |
||||
|
||||
/** |
||||
* 帆软登录 |
||||
* @param httpServletRequest |
||||
* @param httpServletResponse |
||||
* @param userName |
||||
* @param url |
||||
*/ |
||||
public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){ |
||||
|
||||
FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName); |
||||
FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url); |
||||
|
||||
|
||||
//判断用户名是否为空
|
||||
if(!Utils.isNullStr(userName)){ |
||||
if(isUserExist(userName)){ |
||||
String FRToken = ""; |
||||
|
||||
try { |
||||
//HttpSession session = httpServletRequest.getSession(true);
|
||||
|
||||
FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName); |
||||
|
||||
//httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
|
||||
|
||||
//session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
|
||||
EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true)); |
||||
FineLoggerFactory.getLogger().info("FRLOG:登陆成功!"); |
||||
|
||||
if(!Utils.isNullStr(url)){ |
||||
httpServletResponse.sendRedirect(url); |
||||
} |
||||
} catch (Exception e) { |
||||
ResponseUtils.failedResponse(httpServletResponse,"登录异常,请联系管理员!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:登录异常,请联系管理员!"); |
||||
FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage()); |
||||
} |
||||
}else{ |
||||
ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!"); |
||||
} |
||||
}else{ |
||||
ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!"); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 帆软登录 |
||||
* @param httpServletRequest |
||||
* @param httpServletResponse |
||||
* @param token |
||||
* @param url |
||||
*/ |
||||
public static void loginByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token,String url){ |
||||
|
||||
FineLoggerFactory.getLogger().info("FRLOG:token:"+token); |
||||
FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url); |
||||
|
||||
|
||||
//判断用户名是否为空
|
||||
if(!Utils.isNullStr(token)){ |
||||
writeToken2Cookie(httpServletResponse,token,-1); |
||||
|
||||
HttpSession session = httpServletRequest.getSession(true); |
||||
|
||||
httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token); |
||||
|
||||
session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token); |
||||
|
||||
if(!Utils.isNullStr(url)){ |
||||
try { |
||||
httpServletResponse.sendRedirect(url); |
||||
} catch (IOException e) { |
||||
ResponseUtils.failedResponse(httpServletResponse,"跳转异常!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:跳转异常!"); |
||||
} |
||||
} |
||||
}else{ |
||||
ResponseUtils.failedResponse(httpServletResponse,"token不能为空!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:token不能为空!"); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 获取token |
||||
* @param httpServletRequest |
||||
* @param httpServletResponse |
||||
* @param username |
||||
* @return |
||||
*/ |
||||
public static String getToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String username){ |
||||
String token = ""; |
||||
try { |
||||
token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, username); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info("FRLOG:获取token失败"+e.getMessage()); |
||||
} |
||||
|
||||
return token; |
||||
} |
||||
|
||||
private static void writeToken2Cookie(HttpServletResponse var1, String var2, int var3) { |
||||
try { |
||||
if (StringUtils.isNotEmpty(var2)) { |
||||
Cookie var4 = new Cookie("fine_auth_token", var2); |
||||
long var5 = var3 == -2 ? 1209600000L : (long)var3; |
||||
var4.setMaxAge((int)var5); |
||||
var4.setPath(ServerConfig.getInstance().getCookiePath()); |
||||
var1.addCookie(var4); |
||||
Cookie var7 = new Cookie("fine_remember_login", String.valueOf(var3 == -2 ? -2 : -1)); |
||||
var7.setMaxAge((int)var5); |
||||
var7.setPath(ServerConfig.getInstance().getCookiePath()); |
||||
var1.addCookie(var7); |
||||
} else { |
||||
FineLoggerFactory.getLogger().error("empty token cannot save."); |
||||
} |
||||
} catch (Exception var8) { |
||||
FineLoggerFactory.getLogger().error(var8.getMessage(), var8); |
||||
} |
||||
|
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param httpServletRequest |
||||
* @param httpServletResponse |
||||
*/ |
||||
public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse) |
||||
{ |
||||
if(!isLogin(httpServletRequest)){ |
||||
return ; |
||||
} |
||||
|
||||
try { |
||||
LoginService.getInstance().logout(httpServletRequest,httpServletResponse); |
||||
} catch (Exception e) { |
||||
ResponseUtils.failedResponse(httpServletResponse,"登出异常,请联系管理员!"); |
||||
FineLoggerFactory.getLogger().info("FRLOG:登出异常,请联系管理员!"); |
||||
FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage()); |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 打印FR日志 |
||||
* @param message |
||||
*/ |
||||
public static void FRLogInfo(String message){ |
||||
FineLoggerFactory.getLogger().info("FRLOG:"+message); |
||||
} |
||||
|
||||
/** |
||||
* 打印FR日志-error |
||||
* @param message |
||||
*/ |
||||
public static void FRLogError(String message){ |
||||
FineLoggerFactory.getLogger().error("FRLOG:"+message); |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 根据用户名获取用户信息 |
||||
* @param userName |
||||
* @return |
||||
*/ |
||||
public static User getFRUserByUserName(String userName){ |
||||
try { |
||||
return UserService.getInstance().getUserByUserName(userName); |
||||
} catch (Exception e) { |
||||
FRLogInfo("获取用户信息异常:"+e.getMessage()); |
||||
} |
||||
|
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* 解密FR密码 |
||||
* @param password |
||||
* @return |
||||
*/ |
||||
public static String decryptFRPsd(String password){ |
||||
FRLogInfo("解密密码:"+password); |
||||
return TransmissionTool.decrypt(password); |
||||
} |
||||
|
||||
/** |
||||
* 根据明文密码生成数据库中的密码,用户密码校验用 |
||||
* @return |
||||
*/ |
||||
public static String getDBPsd(String username,String password){ |
||||
PasswordValidator pv = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator(); |
||||
String uuid = UUIDUtil.generate(); |
||||
|
||||
return pv.encode(username, password, uuid); |
||||
} |
||||
|
||||
/** |
||||
* 获取带参数的访问链接 |
||||
* @return |
||||
*/ |
||||
public static String getAllUrl(HttpServletRequest httpServletRequest){ |
||||
return WebUtils.getOriginalURL(httpServletRequest); |
||||
} |
||||
|
||||
/** |
||||
* 根据originKey获取源链接 |
||||
* @param originKey |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static String getOriginUrl(String originKey) throws Exception { |
||||
if (StringUtils.isNotEmpty(originKey)) { |
||||
OriginUrlResponseBean originUrlResponseBean = (OriginUrlResponseBean) DecisionStatusService.originUrlStatusService().get(originKey); |
||||
DecisionStatusService.originUrlStatusService().delete(originKey); |
||||
if (originUrlResponseBean != null) { |
||||
return originUrlResponseBean.getOriginUrl(); |
||||
} |
||||
} |
||||
|
||||
return new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}")).getOriginUrl(); |
||||
} |
||||
|
||||
/** |
||||
* 判断是否开启模板认证 |
||||
* @param |
||||
* @return |
||||
* @throws Exception |
||||
*/ |
||||
public static boolean isTempAuth(HttpServletRequest req,HttpServletResponse res) throws Exception { |
||||
ReportTemplateRequestChecker checker = new ReportTemplateRequestChecker(); |
||||
HandlerMethod hm = new HandlerMethod(new ReportRequestService(),ReportRequestService.class.getMethod("preview", HttpServletRequest.class, HttpServletResponse.class, String.class)); |
||||
return checker.checkRequest(req,res,hm); |
||||
} |
||||
|
||||
/** |
||||
* 获取数据集数据 |
||||
* @param serverDataSetName |
||||
* @return |
||||
*/ |
||||
public static DataModel getTableData(String serverDataSetName){ |
||||
TableData userInfo = TableDataConfig.getInstance().getTableData(serverDataSetName); |
||||
DataModel userInfoDM = userInfo.createDataModel(Calculator.createCalculator()); |
||||
// userInfoDM.getRowCount();
|
||||
// userInfoDM.getColumnIndex();
|
||||
// userInfoDM.getValueAt()
|
||||
return userInfoDM; |
||||
} |
||||
|
||||
public static String getIndex(HttpServletRequest req){ |
||||
String url = req.getScheme()+"://"+req.getServerName()+":"+String.valueOf(req.getServerPort())+req.getRequestURI(); |
||||
return url; |
||||
} |
||||
} |
||||
@ -0,0 +1,341 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.mobile.terminal.TerminalHandler; |
||||
import com.fr.decision.webservice.v10.login.LoginService; |
||||
import com.fr.stable.web.Device; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.io.IOException; |
||||
import java.util.ArrayList; |
||||
import java.util.HashSet; |
||||
import java.util.List; |
||||
import java.util.Set; |
||||
import java.util.regex.Matcher; |
||||
import java.util.regex.Pattern; |
||||
|
||||
public class IPUtils { |
||||
|
||||
|
||||
/** |
||||
* 私有IP: |
||||
* A类 10.0.0.0-10.255.255.255 |
||||
* B类 172.16.0.0-172.31.255.255 |
||||
* C类 192.168.0.0-192.168.255.255 |
||||
* |
||||
* 127这个网段是环回地址 |
||||
* localhost |
||||
*/ |
||||
static List<Pattern> ipFilterRegexList = new ArrayList<>(); |
||||
|
||||
static { |
||||
Set<String> ipFilter = new HashSet<String>(); |
||||
ipFilter.add("^10\\.(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])" |
||||
+ "\\.(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])" + "\\.(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])$"); |
||||
// B类地址范围: 172.16.0.0---172.31.255.255
|
||||
ipFilter.add("^172\\.(1[6789]|2[0-9]|3[01])\\" + ".(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])\\" |
||||
+ ".(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])$"); |
||||
// C类地址范围: 192.168.0.0---192.168.255.255
|
||||
ipFilter.add("^192\\.168\\.(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])\\" |
||||
+ ".(1\\d{2}|2[0-4]\\d|25[0-5]|[1-9]\\d|[0-9])$"); |
||||
ipFilter.add("127.0.0.1"); |
||||
ipFilter.add("0.0.0.0"); |
||||
ipFilter.add("localhost"); |
||||
for (String tmp : ipFilter) { |
||||
ipFilterRegexList.add(Pattern.compile(tmp)); |
||||
} |
||||
} |
||||
|
||||
|
||||
// IP的正则,这个正则不能验证第一组数字为0的情况
|
||||
private static Pattern pattern = Pattern |
||||
.compile("([1-9]\\d?|1\\d{2}|2[01]\\d|22[0-3])\\." |
||||
+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\." |
||||
+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})\\." |
||||
+ "(1\\d{1,2}|2[0-4]\\d|25[0-5]|\\d{1,2})"); |
||||
|
||||
/** |
||||
* |
||||
* getAvaliIpList:(根据IP白名单设置获取可用的IP列表). |
||||
* |
||||
* @date 2020-11-11 下午02:50:20 |
||||
* @return |
||||
*/ |
||||
|
||||
private static Set<String> getAvaliIpList(String allowIp) { |
||||
|
||||
Set<String> ipList = new HashSet<String>(); |
||||
for (String allow : allowIp.replaceAll("\\s", "").split(",")) { |
||||
if (allow.indexOf("*") > -1) { |
||||
String[] ips = allow.split("\\."); |
||||
String[] from = new String[] { "0", "0", "0", "0" }; |
||||
String[] end = new String[] { "255", "255", "255", "255" }; |
||||
List<String> tem = new ArrayList<String>(); |
||||
for (int i = 0; i < ips.length; i++) |
||||
if (ips[i].indexOf("*") > -1) { |
||||
//todo 直接用等于,不能正确获取类似192.168.**.*这种格式的ip段
|
||||
tem = complete(ips[i]); |
||||
from[i] = null; |
||||
end[i] = null; |
||||
} else { |
||||
from[i] = ips[i]; |
||||
end[i] = ips[i]; |
||||
} |
||||
|
||||
StringBuffer fromIP = new StringBuffer(); |
||||
StringBuffer endIP = new StringBuffer(); |
||||
for (int i = 0; i < 4; i++) |
||||
if (from[i] != null) { |
||||
fromIP.append(from[i]).append("."); |
||||
endIP.append(end[i]).append("."); |
||||
} else { |
||||
fromIP.append("[*]."); |
||||
endIP.append("[*]."); |
||||
} |
||||
fromIP.deleteCharAt(fromIP.length() - 1); |
||||
endIP.deleteCharAt(endIP.length() - 1); |
||||
|
||||
for (String s : tem) { |
||||
String ip = fromIP.toString().replace("[*]", |
||||
s.split(";")[0]) |
||||
+ "-" |
||||
+ endIP.toString().replace("[*]", s.split(";")[1]); |
||||
if (validate(ip)) { |
||||
ipList.add(ip); |
||||
} |
||||
} |
||||
} else { |
||||
if (validate(allow)) { |
||||
ipList.add(allow); |
||||
} |
||||
} |
||||
|
||||
} |
||||
|
||||
return ipList; |
||||
} |
||||
|
||||
/** |
||||
* 对单个IP节点进行范围限定 |
||||
* |
||||
* @param arg |
||||
* @return 返回限定后的IP范围,格式为List[10;19, 100;199] |
||||
*/ |
||||
private static List<String> complete(String arg) { |
||||
List<String> com = new ArrayList<String>(); |
||||
if (arg.length() == 1) { |
||||
com.add("0;255"); |
||||
} else if (arg.length() == 2) { |
||||
String s1 = complete(arg, 1); |
||||
if (s1 != null) |
||||
com.add(s1); |
||||
String s2 = complete(arg, 2); |
||||
if (s2 != null) |
||||
com.add(s2); |
||||
} else { |
||||
String s1 = complete(arg, 1); |
||||
if (s1 != null) |
||||
com.add(s1); |
||||
} |
||||
return com; |
||||
} |
||||
|
||||
private static String complete(String arg, int length) { |
||||
String from = ""; |
||||
String end = ""; |
||||
if (length == 1) { |
||||
from = arg.replace("*", "0"); |
||||
end = arg.replace("*", "9"); |
||||
} else { |
||||
from = arg.replace("*", "00"); |
||||
end = arg.replace("*", "99"); |
||||
} |
||||
if (Integer.valueOf(from) > 255) |
||||
return null; |
||||
if (Integer.valueOf(end) > 255) |
||||
end = "255"; |
||||
return from + ";" + end; |
||||
} |
||||
|
||||
/** |
||||
* 在添加至白名单时进行格式校验 |
||||
* |
||||
* @param ip |
||||
* @return |
||||
*/ |
||||
private static boolean validate(String ip) { |
||||
for (String s : ip.split("-")) |
||||
if (!pattern.matcher(s).matches()) { |
||||
return false; |
||||
} |
||||
return true; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* checkLoginIP:(根据IP,及可用Ip列表来判断ip是否包含在白名单之中). |
||||
* @date 2017-4-17 下午03:01:03 |
||||
* @param ip |
||||
* @param ipList |
||||
* @return |
||||
*/ |
||||
private static boolean checkLoginIP(String ip, Set<String> ipList) { |
||||
if (ipList.isEmpty() || ipList.contains(ip)) |
||||
return true; |
||||
else { |
||||
for (String allow : ipList) { |
||||
if (allow.indexOf("-") > -1) { |
||||
String[] from = allow.split("-")[0].split("\\."); |
||||
String[] end = allow.split("-")[1].split("\\."); |
||||
String[] tag = ip.split("\\."); |
||||
|
||||
// 对IP从左到右进行逐段匹配
|
||||
boolean check = true; |
||||
for (int i = 0; i < 4; i++) { |
||||
int s = Integer.valueOf(from[i]); |
||||
int t = Integer.valueOf(tag[i]); |
||||
int e = Integer.valueOf(end[i]); |
||||
if (!(s <= t && t <= e)) { |
||||
check = false; |
||||
break; |
||||
} |
||||
} |
||||
if (check) { |
||||
return true; |
||||
} |
||||
} |
||||
} |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* checkLoginIP:(根据IP地址,及IP白名单设置规则判断IP是否包含在白名单). |
||||
* @date 2017-4-17 下午03:01:37 |
||||
* @param ip |
||||
* @param ipWhiteConfig |
||||
* @return |
||||
*/ |
||||
public static boolean checkLoginIP(String ip,String ipWhiteConfig){ |
||||
Set<String> ipList = getAvaliIpList(ipWhiteConfig); |
||||
return checkLoginIP(ip, ipList); |
||||
} |
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/** |
||||
* 获取真实IP 原逻辑 |
||||
* @param request |
||||
* @return |
||||
*/ |
||||
public static String getRealIp2(HttpServletRequest request) { |
||||
// 这个一般是Nginx反向代理设置的参数
|
||||
String ip = request.getHeader("X-Real-IP"); |
||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("X-Forwarded-For"); |
||||
} |
||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("Proxy-Client-IP"); |
||||
} |
||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("WL-Proxy-Client-IP"); |
||||
} |
||||
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getRemoteAddr(); |
||||
} |
||||
// 处理多IP的情况(只取第一个IP)
|
||||
if (ip != null && ip.contains(",")) { |
||||
String[] ipArray = ip.split(","); |
||||
ip = ipArray[0]; |
||||
} |
||||
//FineLoggerFactory.getLogger().info("[ENC]客户端IP为[{}]",ip);
|
||||
return ip; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 获取真实IP 客户逻辑 |
||||
* @param request |
||||
* @return |
||||
*/ |
||||
public static String getRealIp(HttpServletRequest request) { |
||||
String ip = request.getHeader("X-Forwarded-For"); |
||||
if (ip==null||ip.length()==0||"unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("X-Real-IP"); |
||||
} |
||||
if (ip==null||ip.length()==0||"unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("Proxy-Client-IP"); |
||||
} |
||||
if (ip==null||ip.length()==0||"unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getHeader("WL-Proxy-Client-IP"); |
||||
} |
||||
if (ip==null||ip.length()==0||"unknown".equalsIgnoreCase(ip)) { |
||||
ip = request.getRemoteAddr(); |
||||
} |
||||
|
||||
// 处理多IP的情况(只取第一个IP)
|
||||
if (ip != null && ip.contains(",")) { |
||||
String[] ipArray = ip.split(","); |
||||
ip = ipArray[0]; |
||||
} |
||||
|
||||
return ip; |
||||
} |
||||
|
||||
|
||||
|
||||
|
||||
/** |
||||
* 判断IP是否内网IP |
||||
* @Title: ipIsInner |
||||
* @param ip |
||||
* @return: boolean |
||||
*/ |
||||
public static boolean ipIsInner(String ip) { |
||||
boolean isInnerIp = false; |
||||
for (Pattern tmp : ipFilterRegexList) { |
||||
Matcher matcher = tmp.matcher(ip); |
||||
if (matcher.find()) { |
||||
isInnerIp = true; |
||||
break; |
||||
} |
||||
} |
||||
return isInnerIp; |
||||
} |
||||
|
||||
|
||||
// token有效性检验
|
||||
public static boolean checkTokenValid(HttpServletRequest req, String token) { |
||||
|
||||
// 判断该token是否还保存在状态服务器中,也就是判断该token是否还有用
|
||||
try { |
||||
Device device = NetworkHelper.getDevice(req); |
||||
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); |
||||
return true; |
||||
} catch (Exception e) { |
||||
} |
||||
return false; |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 判断是否是内网IP "192.168.1.1," + //设置单个IP的白名单
|
||||
* "192.168.*.2," + //设置ip通配符,对一个ip段进行匹配
|
||||
* "192.168.3.17-192.168.3.38"; //设置一个IP范围
|
||||
* @param ip |
||||
* @return |
||||
*/ |
||||
public static boolean isInnerIP(String ip,String ipWhite) throws IOException { |
||||
String ip4[]=ip.split("\\."); |
||||
if(ip4.length==4) { |
||||
return checkLoginIP(ip,ipWhite); |
||||
}else{ |
||||
return false; |
||||
} |
||||
} |
||||
|
||||
|
||||
} |
||||
@ -0,0 +1,76 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.webservice.v10.config.ConfigService; |
||||
import com.fr.decision.webservice.v10.login.TokenResource; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.springframework.web.util.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import java.io.IOException; |
||||
|
||||
public class IPWhiteUtils{ |
||||
|
||||
private static String ipWhite; |
||||
private static String servletName="decision"; |
||||
|
||||
|
||||
/** |
||||
* 判断是否是白名单IP "192.168.1.1," + //设置单个IP的白名单
|
||||
* "192.168.*.2," + //设置ip通配符,对一个ip段进行匹配
|
||||
* "192.168.3.17-192.168.3.38"; //设置一个IP范围
|
||||
* @param req |
||||
* @return |
||||
*/ |
||||
public static boolean inWhite(HttpServletRequest req,String ip2) { |
||||
try { |
||||
servletName = ConfigService.getInstance().getBasicParam().getServletPathName(); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().error("[ENC]获取servletName失败"); |
||||
e.printStackTrace(); |
||||
} |
||||
|
||||
ipWhite= ip2; |
||||
|
||||
String ip= req.getRemoteAddr(); |
||||
|
||||
FRUtils.FRLogInfo("white:"+ip2+";ip:"+ip); |
||||
//内网标记
|
||||
boolean isInnerIPFlag= false; |
||||
try { |
||||
isInnerIPFlag = IPUtils.isInnerIP(ip,ipWhite); |
||||
} catch (IOException e) { |
||||
FineLoggerFactory.getLogger().error("[ENC]判断IP失败"); |
||||
} |
||||
|
||||
//移动设备标记
|
||||
boolean isMobileFlag=NetworkHelper.getDevice(req).isMobile(); |
||||
|
||||
//移动端原生登陆标记
|
||||
boolean isMobileLoginFlag=req.getRequestURI().contains(servletName+"/login") && !isInnerIPFlag; |
||||
|
||||
//微信登陆标记
|
||||
boolean isDingLoginFlag=req.getRequestURI().contains("weixin/single/login") && isMobileFlag; |
||||
|
||||
String token = TokenResource.COOKIE.getToken(req); |
||||
//是否登陆标记
|
||||
boolean isHasTokenFlag=!StringUtils.isEmpty(token) && IPUtils.checkTokenValid(req, token); |
||||
|
||||
//移动端原生登陆标记
|
||||
boolean isResourcesFlag=req.getRequestURI().contains(servletName+"/resources"); |
||||
|
||||
boolean isHasDingCookie=WebUtils.getCookie(req, "LOGIN_TYPE") != null; |
||||
|
||||
FineLoggerFactory.getLogger().debug("[ENC]内网[{}]|移动设备[{}]|移动原生登陆[{}]|微信登陆[{}]|是否登陆[{}]|请求[{}]",isInnerIPFlag,isMobileFlag,isMobileLoginFlag,isDingLoginFlag,isHasTokenFlag,req.getRequestURI()); |
||||
|
||||
if(isInnerIPFlag || isResourcesFlag || isHasDingCookie){ |
||||
return true; |
||||
} |
||||
else if(isDingLoginFlag){ |
||||
return true; |
||||
} else{ |
||||
return false; |
||||
} |
||||
} |
||||
} |
||||
@ -0,0 +1,108 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.json.JSONObject; |
||||
import com.fr.log.FineLoggerFactory; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.PrintWriter; |
||||
|
||||
public class ResponseUtils { |
||||
private static final int SUCCESS = 200; |
||||
private static final int FAILED = -1; |
||||
|
||||
public static void successResponse(HttpServletResponse res, String body) { |
||||
response(res, body, SUCCESS); |
||||
} |
||||
|
||||
public static void failedResponse(HttpServletResponse res, String body) { |
||||
response(res, body, FAILED); |
||||
} |
||||
|
||||
private static void response(HttpServletResponse res, String body, int code) { |
||||
JSONObject object = new JSONObject(); |
||||
PrintWriter pw; |
||||
try { |
||||
object.put("code", code); |
||||
object.put("data", body); |
||||
pw = WebUtils.createPrintWriter(res); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info(e.getMessage()); |
||||
return; |
||||
} |
||||
res.setContentType("application/json;charset=utf-8"); |
||||
String result = object.toString(); |
||||
pw.println(result); |
||||
pw.flush(); |
||||
pw.close(); |
||||
} |
||||
|
||||
public static void response(HttpServletResponse res,JSONObject json){ |
||||
PrintWriter pw; |
||||
try { |
||||
pw = WebUtils.createPrintWriter(res); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info(e.getMessage()); |
||||
return; |
||||
} |
||||
res.setContentType("application/json;charset=utf-8"); |
||||
String result = json.toString(); |
||||
pw.println(result); |
||||
pw.flush(); |
||||
pw.close(); |
||||
} |
||||
|
||||
public static void responseText(HttpServletResponse res,String text){ |
||||
PrintWriter pw; |
||||
try { |
||||
pw = WebUtils.createPrintWriter(res); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info(e.getMessage()); |
||||
return; |
||||
} |
||||
res.setContentType("text/html;charset=utf-8"); |
||||
pw.println(text); |
||||
pw.flush(); |
||||
pw.close(); |
||||
} |
||||
|
||||
public static void responseXml(HttpServletResponse res,String xml){ |
||||
PrintWriter pw; |
||||
try { |
||||
pw = WebUtils.createPrintWriter(res); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info(e.getMessage()); |
||||
return; |
||||
} |
||||
res.setContentType("text/xml;charset=utf-8"); |
||||
pw.println(xml); |
||||
pw.flush(); |
||||
pw.close(); |
||||
} |
||||
|
||||
public static void setCSRFHeader(HttpServletResponse httpServletResponse){ |
||||
httpServletResponse.setHeader("Access-Control-Allow-Origin", "*"); |
||||
httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH"); |
||||
httpServletResponse.setHeader("Access-Control-Max-Age", "36000"); |
||||
httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization"); |
||||
} |
||||
|
||||
public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){ |
||||
PrintWriter pw; |
||||
try { |
||||
pw = WebUtils.createPrintWriter(res); |
||||
} catch (Exception e) { |
||||
FineLoggerFactory.getLogger().info(e.getMessage()); |
||||
return; |
||||
} |
||||
res.setContentType("text/javascript;charset=utf-8;charset=utf-8"); |
||||
String result = json.toString(); |
||||
|
||||
String jsonp=req.getParameter("callback"); |
||||
|
||||
pw.println(jsonp+"("+result+")"); |
||||
pw.flush(); |
||||
pw.close(); |
||||
} |
||||
} |
||||
@ -0,0 +1,275 @@
|
||||
package com.eco.plugin.xx.hlzjsso.utils; |
||||
|
||||
import com.fr.base.TemplateUtils; |
||||
import com.fr.data.NetworkHelper; |
||||
import com.fr.decision.webservice.v10.user.UserService; |
||||
import com.fr.io.utils.ResourceIOUtils; |
||||
import com.fr.json.JSONObject; |
||||
import com.fr.stable.CodeUtils; |
||||
import com.fr.stable.StringUtils; |
||||
import com.fr.third.org.apache.commons.codec.digest.DigestUtils; |
||||
import com.fr.web.utils.WebUtils; |
||||
|
||||
import javax.servlet.http.Cookie; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.BufferedReader; |
||||
import java.io.InputStream; |
||||
import java.net.URLEncoder; |
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
import java.util.UUID; |
||||
import java.util.regex.Matcher; |
||||
import java.util.regex.Pattern; |
||||
|
||||
public class Utils { |
||||
|
||||
/** |
||||
* 判断字符串是否为空 |
||||
* @param str |
||||
* @return true 空字符串 false 非空字符串 |
||||
*/ |
||||
public static boolean isNullStr(String str){ |
||||
return !(str != null && !str.isEmpty() && !"null".equals(str)); |
||||
} |
||||
|
||||
/** |
||||
* 判断字符串是否非空 |
||||
* @param str |
||||
* @return |
||||
*/ |
||||
public static boolean isNotNullStr(String str){ |
||||
return !isNullStr(str); |
||||
} |
||||
|
||||
/** |
||||
* MD5加密 |
||||
* @param str |
||||
* @return |
||||
*/ |
||||
public static String getMd5Str(String str) |
||||
{ |
||||
return DigestUtils.md5Hex(str); |
||||
} |
||||
|
||||
/** |
||||
* 帆软shaEncode加密 |
||||
*/ |
||||
|
||||
public static String shaEncode(String str){ |
||||
return CodeUtils.sha256Encode(str); |
||||
} |
||||
|
||||
/** |
||||
* 获取uuid |
||||
*/ |
||||
public static String uuid(){ |
||||
return UUID.randomUUID().toString(); |
||||
} |
||||
|
||||
/** |
||||
* 替换空字符串 |
||||
* @param str |
||||
* @param replace |
||||
* @return |
||||
*/ |
||||
public static String replaceNullStr(String str,String replace){ |
||||
if(isNullStr(str)){ |
||||
return replace; |
||||
} |
||||
|
||||
return str; |
||||
} |
||||
|
||||
/** |
||||
* 获取请求体 |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
public static JSONObject getRequestBody(HttpServletRequest req){ |
||||
StringBuffer sb = new StringBuffer(); |
||||
String line = null; |
||||
try { |
||||
BufferedReader reader = req.getReader(); |
||||
while ((line = reader.readLine()) != null) |
||||
sb.append(line); |
||||
} catch (Exception e) { |
||||
FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage()); |
||||
} |
||||
//将空格和换行符替换掉避免使用反序列化工具解析对象时失败
|
||||
String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n",""); |
||||
|
||||
JSONObject json = new JSONObject(jsonString); |
||||
|
||||
return json; |
||||
} |
||||
|
||||
/** |
||||
* 获取ip |
||||
* @return |
||||
*/ |
||||
public static String getIp(HttpServletRequest req){ |
||||
String realIp = req.getHeader("X-Real-IP"); |
||||
String fw = req.getHeader("X-Forwarded-For"); |
||||
if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) { |
||||
int var3 = fw.indexOf(","); |
||||
return var3 != -1 ? fw.substring(0, var3) : fw; |
||||
} else { |
||||
fw = realIp; |
||||
if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) { |
||||
return realIp; |
||||
} else { |
||||
if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) { |
||||
fw = req.getHeader("Proxy-Client-IP"); |
||||
} |
||||
|
||||
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) { |
||||
fw = req.getHeader("WL-Proxy-Client-IP"); |
||||
} |
||||
|
||||
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) { |
||||
fw = req.getHeader("HTTP_CLIENT_IP"); |
||||
} |
||||
|
||||
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) { |
||||
fw = req.getHeader("HTTP_X_FORWARDED_FOR"); |
||||
} |
||||
|
||||
if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) { |
||||
fw = req.getRemoteAddr(); |
||||
} |
||||
|
||||
return fw; |
||||
} |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 根据key获取cookie |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
public static String getCookieByKey(HttpServletRequest req,String key){ |
||||
Cookie[] cookies = req.getCookies(); |
||||
String cookie = ""; |
||||
|
||||
if(cookies == null || cookies.length <=0){ |
||||
return ""; |
||||
} |
||||
|
||||
for(int i = 0; i < cookies.length; i++) { |
||||
Cookie item = cookies[i]; |
||||
if (item.getName().equalsIgnoreCase(key)) { |
||||
cookie = item.getValue(); |
||||
} |
||||
} |
||||
|
||||
FRUtils.FRLogInfo("cookie:"+cookie); |
||||
|
||||
return cookie; |
||||
} |
||||
|
||||
/** |
||||
* 判断是否是手机端的链接 |
||||
* @param req |
||||
* @return |
||||
*/ |
||||
public static boolean isMobile(HttpServletRequest req) { |
||||
String[] mobileArray = {"iPhone", "iPad", "android", "windows phone", "xiaomi"}; |
||||
String userAgent = req.getHeader("user-agent"); |
||||
if (userAgent != null && userAgent.toUpperCase().contains("MOBILE")) { |
||||
for(String mobile : mobileArray) { |
||||
if(userAgent.toUpperCase().contains(mobile.toUpperCase())) { |
||||
return true; |
||||
} |
||||
} |
||||
} |
||||
return NetworkHelper.getDevice(req).isMobile(); |
||||
} |
||||
|
||||
/** |
||||
* 只编码中文 |
||||
* @param url |
||||
* @return |
||||
*/ |
||||
public static String encodeCH(String url ){ |
||||
Matcher matcher = Pattern.compile("[\\u4e00-\\u9fa5]").matcher(url); |
||||
|
||||
while(matcher.find()){ |
||||
String chn = matcher.group(); |
||||
url = url.replaceAll(chn, URLEncoder.encode(chn)); |
||||
} |
||||
|
||||
return url; |
||||
} |
||||
|
||||
/** |
||||
* 获取web-inf文件夹下的文件 |
||||
* filename /resources/ip4enc.properties |
||||
*/ |
||||
public static InputStream getResourcesFile(String filename){ |
||||
return ResourceIOUtils.read(filename); |
||||
} |
||||
|
||||
/** |
||||
* |
||||
* @param res |
||||
* @param path /com/fr/plugin/loginAuth/html/getMac.html |
||||
* @param parameterMap |
||||
*/ |
||||
public static void toErrorPage(HttpServletResponse res,String path,Map<String, String> parameterMap){ |
||||
if(parameterMap == null){ |
||||
parameterMap = new HashMap<String, String>(); |
||||
} |
||||
|
||||
try { |
||||
String macPage = TemplateUtils.renderTemplate(path, parameterMap); |
||||
WebUtils.printAsString(res, macPage); |
||||
}catch (Exception e){ |
||||
FRUtils.FRLogError("跳转页面异常"); |
||||
} |
||||
|
||||
} |
||||
|
||||
/** |
||||
* 判断是否是管理员 |
||||
* @param username |
||||
* @return |
||||
*/ |
||||
public static boolean isAdmin(String username) throws Exception{ |
||||
return UserService.getInstance().isAdmin(UserService.getInstance().getUserByUserName(username).getId()); |
||||
} |
||||
|
||||
/** |
||||
* 去掉浏览器中的参数 |
||||
* @param url |
||||
* @param param |
||||
* @return |
||||
*/ |
||||
public static String removeParam(String url,String param){ |
||||
if(!url.contains("?"+param) && !url.contains("&"+param)){ |
||||
return url; |
||||
} |
||||
|
||||
return url.substring(0,url.indexOf(url.contains("?"+param) ? "?"+param : "&"+param)); |
||||
} |
||||
|
||||
/** |
||||
* 获取跳转链接 |
||||
* @param req |
||||
* @param param |
||||
* @return |
||||
*/ |
||||
public static String getRedirectUrl(HttpServletRequest req,String param){ |
||||
String url = FRUtils.getAllUrl(req); |
||||
|
||||
if(isNotNullStr(param)){ |
||||
url = removeParam(url,param); |
||||
} |
||||
|
||||
url = encodeCH(url); |
||||
|
||||
return url; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,35 @@
|
||||
package com.eco.plugin.xx.hlzjsso.webresourceProvider; |
||||
|
||||
import com.fr.decision.fun.impl.AbstractWebResourceProvider; |
||||
import com.fr.decision.web.LoginComponent; |
||||
import com.fr.web.struct.Atom; |
||||
import com.fr.web.struct.Component; |
||||
import com.fr.web.struct.browser.RequestClient; |
||||
import com.fr.web.struct.category.ScriptPath; |
||||
import com.fr.web.struct.category.StylePath; |
||||
|
||||
/** |
||||
* Created by xx on 2021-12-03 |
||||
*/ |
||||
public class WebResourceProvider extends AbstractWebResourceProvider { |
||||
@Override |
||||
public Atom attach() { |
||||
return LoginComponent.KEY; |
||||
} |
||||
|
||||
@Override |
||||
public Atom client() { |
||||
return new Component() { |
||||
@Override |
||||
public ScriptPath script(RequestClient requestClient) { |
||||
return ScriptPath.build("/com/eco/plugin/xx/hlzjsso/js/ui.js"); |
||||
} |
||||
|
||||
@Override |
||||
public StylePath style(RequestClient requestClient) { |
||||
return StylePath.EMPTY; |
||||
// return StylePath.build("/com/fr/plugin/jdfSSO/css/icon.css");
|
||||
} |
||||
}; |
||||
} |
||||
} |
||||
@ -0,0 +1,238 @@
|
||||
|
||||
var e = BI.inherit(BI.Widget, { |
||||
props: { |
||||
baseCls: "dec-login-login" |
||||
}, |
||||
_store: function () { |
||||
return BI.Models.getModel("dec.model.login.login") |
||||
}, |
||||
watch: { |
||||
supportForgetPwd: function (e) { |
||||
this.forgetPasswordRow.setVisible(e) |
||||
}, |
||||
needSlider: function (e) { |
||||
this.sliderMasker.setVisible(e) |
||||
} |
||||
}, |
||||
render: function () { |
||||
var t = this; |
||||
this.options; |
||||
return { |
||||
type: "bi.absolute", |
||||
items: [{ |
||||
el: { |
||||
type: "bi.vertical", |
||||
items: [{ |
||||
type: "dec.login.login.item", |
||||
$testId: "dec-login-username", |
||||
iconCls: "login-username-font", |
||||
tgap: 50, |
||||
watermark: BI.i18nText("Dec-User_Name"), |
||||
ref: function (e) { |
||||
t.usernameRow = e |
||||
} |
||||
}, { |
||||
type: "dec.login.login.item", |
||||
$testId: "dec-login-password", |
||||
iconCls: "login-password-font", |
||||
watermark: BI.i18nText("Dec-Password"), |
||||
inputType: "password", |
||||
ref: function (e) { |
||||
t.passwordRow = e |
||||
} |
||||
}, { |
||||
type: "bi.left_right_vertical_adapt", |
||||
bgap: 30, |
||||
items: { |
||||
left: [{ |
||||
type: "bi.multi_select_item", |
||||
$testId: "dec-login-remember", |
||||
textLgap: 5, |
||||
iconWrapperWidth: 16, |
||||
height: 16, |
||||
text: BI.i18nText("Dec-Login_Remember"), |
||||
logic: { |
||||
dynamic: !0 |
||||
}, |
||||
ref: function (e) { |
||||
t.rememberRow = e |
||||
} |
||||
} |
||||
], |
||||
right: [{ |
||||
type: "bi.button", |
||||
$testId: "dec-login-forget-password", |
||||
clear: !0, |
||||
height: 16, |
||||
invisible: !this.model.supportForgetPwd, |
||||
text: BI.i18nText("Dec-Basic_Forget_Password"), |
||||
ref: function (e) { |
||||
t.forgetPasswordRow = e |
||||
}, |
||||
handler: function () { |
||||
t.store.setSelectedTab(DecCst.Login.Tabs.FORGET_PASSWORD) |
||||
} |
||||
} |
||||
].concat(this._createItems()) |
||||
} |
||||
}, { |
||||
type: "bi.horizontal_auto", |
||||
items: [{ |
||||
type: "bi.button", |
||||
cls: "login-button", |
||||
text: BI.i18nText("Dec-Basic_Login"), |
||||
width: 190, |
||||
height: 40, |
||||
handler: function () { |
||||
t._start() |
||||
} |
||||
} |
||||
] |
||||
}, { |
||||
el: { |
||||
type: "bi.vertical", |
||||
$testId: "dec-login-logged-chang-text", |
||||
cls: "login-error", |
||||
invisible: !0, |
||||
scrolly: !1, |
||||
items: [{ |
||||
type: "bi.text", |
||||
tagName: "span", |
||||
whiteSpace: "normal", |
||||
text: BI.i18nText("Dec-Login_Other_Logged_Tip") |
||||
}, { |
||||
type: "bi.text", |
||||
$testId: "dec-login-logged-chang-password", |
||||
tagName: "span", |
||||
cls: "password-btn", |
||||
text: BI.i18nText("Dec-Login_Change_Password"), |
||||
handler: function () { |
||||
t.model.isNeedVerify ? t.store.setSelectedTab(DecCst.Login.Tabs.VERIFY_BING) : t.store.setSelectedTab(DecCst.Login.Tabs.PASSWORD_OLD) |
||||
} |
||||
} |
||||
], |
||||
ref: function (e) { |
||||
t.loginErrorRow = e |
||||
} |
||||
}, |
||||
tgap: 20 |
||||
}, { |
||||
el: { |
||||
type: "bi.text", |
||||
$testId: "dec-login-logged-text", |
||||
cls: "login-error", |
||||
invisible: !0, |
||||
whiteSpace: "normal", |
||||
text: BI.i18nText("Dec-Login_Normal_Other_Logged_Tip"), |
||||
ref: function (e) { |
||||
t.loginNormalErrorRow = e |
||||
} |
||||
}, |
||||
tgap: 20 |
||||
} |
||||
] |
||||
}, |
||||
top: 0, |
||||
right: 40, |
||||
bottom: 0, |
||||
left: 40 |
||||
}, { |
||||
el: { |
||||
type: "bi.center_adapt", |
||||
cls: "slider-masker", |
||||
invisible: !0, |
||||
items: [{ |
||||
type: "dec.login.slider", |
||||
listeners: [{ |
||||
eventName: "EVENT_SUCCESS", |
||||
action: function () { |
||||
t._start() |
||||
} |
||||
}, { |
||||
eventName: "EVENT_CLOSE", |
||||
action: function () { |
||||
t.store.resetSlider() |
||||
} |
||||
} |
||||
], |
||||
ref: function (e) { |
||||
t.sliderBar = e |
||||
} |
||||
} |
||||
], |
||||
ref: function (e) { |
||||
t.sliderMasker = e |
||||
} |
||||
}, |
||||
top: 0, |
||||
right: 40, |
||||
bottom: 0, |
||||
left: 40 |
||||
} |
||||
] |
||||
} |
||||
}, |
||||
mounted: function () { |
||||
var t = this; |
||||
this.store.initData(), |
||||
this.element.keyup(function (e) { |
||||
13 === e.keyCode && t._start() |
||||
}) |
||||
}, |
||||
_createItems: function () { |
||||
return BI.map(BI.Constants.getConstant("dec.constant.login.way.extend"), function (e, t) { |
||||
return { |
||||
type: t.cardType |
||||
} |
||||
}) |
||||
}, |
||||
_start: function () { |
||||
var t = this, |
||||
e = this.usernameRow.getValue(), |
||||
i = this.passwordRow.getValue(), |
||||
n = this.rememberRow.isSelected() ? -2 : -1, |
||||
userC = this.usernameRow; |
||||
t.loginErrorRow.invisible(), |
||||
t.loginNormalErrorRow.invisible(), |
||||
"" !== e ? "" !== i ? (this.store.setLoginInfo({ |
||||
username: e, |
||||
validity: n, |
||||
phone: "", |
||||
captcha: "" |
||||
}), this.store.login({ |
||||
username: e, |
||||
password: this.passwordRow.getCipher(), |
||||
validity: n, |
||||
sliderToken: this.model.sliderToken, |
||||
origin: Dec.Utils.getUrlQuery("origin"), |
||||
encrypted: !0 |
||||
}, function (e) { |
||||
// var result = canLogin(userC.getValue());
|
||||
// var code = result.code;
|
||||
|
||||
|
||||
|
||||
t.store.resetSlider(), |
||||
e.data && e.data.accessToken ? t.fireEvent("EVENT_LOGIN", e.data) :(e.errorMsg == 9999 ? userC.showError(e.errorCode) : BI.bind(BI.Services.getService("dec.service.login.login").getHandler(e.errorCode), t)(e)) |
||||
} |
||||
)) : this.passwordRow.showError(BI.i18nText("Dec-Error_Password_Not_Null")) : this.usernameRow.showError(BI.i18nText("Dec-Error_Username_Not_Null")) |
||||
} |
||||
}); |
||||
BI.shortcut("dec.login.login", e) |
||||
|
||||
function canLogin(username){ |
||||
var result = {}; |
||||
|
||||
$.ajax({ |
||||
async:false, |
||||
type:"post", |
||||
url:"/webroot/decision/canLogin", |
||||
contentType:"application/json;charset=utf-8", |
||||
data:JSON.stringify({username:username}), |
||||
success:function(data){ |
||||
result = data; |
||||
} |
||||
}) |
||||
|
||||
return result; |
||||
} |
||||
Loading…
Reference in new issue