You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
2.6 KiB
83 lines
2.6 KiB
3 years ago
|
package com.eco.plugin.xx.grsso.filter;
|
||
|
|
|
||
|
|
import com.eco.plugin.xx.grsso.config.xxPluginSimpleConfig;
|
||
|
|
import com.eco.plugin.xx.grsso.utils.EncryptUtils;
|
||
|
|
import com.eco.plugin.xx.grsso.utils.FRUtils;
|
||
|
|
import com.eco.plugin.xx.grsso.utils.ResponseUtils;
|
||
|
|
import com.eco.plugin.xx.grsso.utils.Utils;
|
||
|
|
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
|
||
|
|
import com.fr.json.JSONObject;
|
||
|
|
import com.fr.plugin.context.PluginContexts;
|
||
|
|
import com.fr.record.analyzer.EnableMetrics;
|
||
|
|
import com.fr.stable.fun.Authorize;
|
||
|
|
|
||
|
|
import javax.servlet.FilterChain;
|
||
|
|
import javax.servlet.http.HttpServletRequest;
|
||
|
|
import javax.servlet.http.HttpServletResponse;
|
||
|
|
|
||
|
|
@EnableMetrics
|
||
|
|
@Authorize(callSignKey = "com.eco.plugin.xx.grsso")
|
||
|
|
public class SSOFilter extends AbstractGlobalRequestFilterProvider {
|
||
|
|
@Override
|
||
|
|
public String filterName() {
|
||
|
|
return "grssoFilter";
|
||
|
|
}
|
||
|
|
|
||
|
|
@Override
|
||
|
|
public String[] urlPatterns() {
|
||
|
|
return new String[]{"/*"};
|
||
|
|
}
|
||
|
|
|
||
|
|
@Override
|
||
|
|
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){
|
||
|
|
|
||
|
|
if(PluginContexts.currentContext().isAvailable()){
|
||
|
|
xxPluginSimpleConfig psc = xxPluginSimpleConfig.getInstance();
|
||
|
|
String param = psc.getParamname();
|
||
|
|
String token = req.getParameter(param);
|
||
|
|
|
||
|
|
if(Utils.isNullStr(token)){
|
||
|
|
release(req,res,chain);
|
||
|
|
return ;
|
||
|
|
}
|
||
|
|
|
||
|
|
String plainToken = null;
|
||
|
|
try {
|
||
|
|
plainToken = EncryptUtils.rsaDecrypt(token,psc.getSecret());
|
||
|
|
} catch (Exception e) {
|
||
|
|
ResponseUtils.failedResponse(res,"token解密异常!"+e.getMessage());
|
||
|
|
return ;
|
||
|
|
}
|
||
|
|
|
||
|
|
JSONObject json = new JSONObject(plainToken);
|
||
|
|
Long timestamp = json.getLong("timestamp");
|
||
|
|
Long now = System.currentTimeMillis();
|
||
|
|
|
||
|
|
FRUtils.FRLogInfo("timestamp:"+timestamp+";now:"+now);
|
||
|
|
|
||
|
|
if((now - timestamp)/1000 > Long.parseLong(psc.getTimeout())){
|
||
|
|
ResponseUtils.failedResponse(res,"token超时,请重新生成!");
|
||
|
|
return ;
|
||
|
|
}
|
||
|
|
|
||
|
|
String username = json.getString("username");
|
||
|
|
String url = FRUtils.getAllUrl(req);
|
||
|
|
url = Utils.removeParam(url,param);
|
||
|
|
url = Utils.encodeCH(url);
|
||
|
|
FRUtils.login(req,res,username,url);
|
||
|
|
}
|
||
|
|
|
||
|
|
release(req,res,chain);
|
||
|
|
}
|
||
|
|
|
||
|
|
//放行拦截器
|
||
|
|
private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
|
||
|
|
try{
|
||
|
|
chain.doFilter(req,res);
|
||
|
|
}catch (Exception e){
|
||
|
|
FRUtils.FRLogInfo("拦截失败");
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|