Merge remote-tracking branch 'origin/master'
This commit is contained in:
commit
68eeb69bc7
|
@ -48,6 +48,7 @@ public class IdentityInterceptor implements HandlerInterceptor {
|
|||
String keeperUrl = yaweiSSOProperties.getKeeperUrl();
|
||||
keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "="
|
||||
+ URLEncoder.encode(requeststr, "UTF-8");
|
||||
response.addHeader("REDIRECT", keeperUrl);
|
||||
response.sendRedirect(keeperUrl);
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ import org.springframework.stereotype.Component;
|
|||
|
||||
@Data
|
||||
@Component
|
||||
@PropertySource("classpath:/yaweisso.properties")
|
||||
@PropertySource("classpath:yaweisso.properties")
|
||||
@ConfigurationProperties(prefix = "sso")
|
||||
public class YaweiSSOProperties {
|
||||
private String domain;
|
||||
|
|
|
@ -55,6 +55,13 @@ import java.util.*;
|
|||
*/
|
||||
@Service
|
||||
public class ActTaskService extends BaseServiceImpl {
|
||||
|
||||
public static String Task_HANDLE_STATE = "handleState"; //任务节点处理状态key
|
||||
public static String Task_HANDLE_STATE_AGREE = "agree"; //同意
|
||||
public static String Task_HANDLE_STATE_REJECTED = "rejected"; //驳回
|
||||
public static String Task_HANDLE_STATE_BACK = "back"; //回退
|
||||
public static String Task_HANDLE_STATE_STOP = "stop"; //终止
|
||||
|
||||
@Autowired
|
||||
protected TaskService taskService;
|
||||
@Autowired
|
||||
|
@ -226,6 +233,7 @@ public class ActTaskService extends BaseServiceImpl {
|
|||
if (StringUtils.isNotEmpty(comment)) {
|
||||
taskService.addComment(taskId, task.getProcessInstanceId(), comment);
|
||||
}
|
||||
taskService.setVariable(taskId, Task_HANDLE_STATE, Task_HANDLE_STATE_AGREE);
|
||||
taskService.complete(taskId);
|
||||
}
|
||||
|
||||
|
@ -390,6 +398,7 @@ public class ActTaskService extends BaseServiceImpl {
|
|||
if (StringUtils.isNotEmpty(comment)) {
|
||||
commentMode += "[" + comment + "]";
|
||||
}
|
||||
taskService.setVariable(task.getId(), Task_HANDLE_STATE, Task_HANDLE_STATE_BACK);
|
||||
taskService.addComment(task.getId(), task.getProcessInstanceId(), commentMode);
|
||||
taskService.complete(task.getId(), variables);
|
||||
}
|
||||
|
@ -477,6 +486,7 @@ public class ActTaskService extends BaseServiceImpl {
|
|||
String message = MessageUtils.getMessage(ErrorCode.END_PROCESS_MESSAGE);
|
||||
comment = message + "[" + comment + "]";
|
||||
taskService.addComment(task.getId(), task.getProcessInstanceId(), comment);
|
||||
taskService.setVariable(task.getId(), Task_HANDLE_STATE, Task_HANDLE_STATE_STOP);
|
||||
taskService.complete(taskId);
|
||||
pointActivity.getIncomingTransitions().remove(newTransition);
|
||||
List<PvmTransition> pvmTransitionListC = currActivity.getOutgoingTransitions();
|
||||
|
@ -606,6 +616,7 @@ public class ActTaskService extends BaseServiceImpl {
|
|||
this.setTaskVariable(taskDTO.getTaskId(), key, taskDTO.getParams().get(key));
|
||||
}
|
||||
}
|
||||
taskService.setVariable(taskDTO.getTaskId(), Task_HANDLE_STATE, Task_HANDLE_STATE_REJECTED);
|
||||
this.completeTask(taskDTO.getTaskId(), taskDTO.getComment());
|
||||
}
|
||||
|
||||
|
|
|
@ -37,6 +37,7 @@ public class TAbilityApplicationEntity {
|
|||
/**
|
||||
* 申请应用系统
|
||||
*/
|
||||
@TableField("`system`")
|
||||
private String system;
|
||||
/**
|
||||
* 申请场景
|
||||
|
@ -81,4 +82,9 @@ public class TAbilityApplicationEntity {
|
|||
* 附件
|
||||
*/
|
||||
private String enclosure;
|
||||
|
||||
/**
|
||||
* 流程通过后api网关注册的认证code,用于三方接口调用
|
||||
*/
|
||||
private String gatewayCode;
|
||||
}
|
|
@ -13,18 +13,24 @@ import io.renren.modules.sys.service.SysDeptService;
|
|||
import io.renren.modules.sys.service.SysRoleService;
|
||||
import io.renren.modules.sys.service.SysRoleUserService;
|
||||
import io.renren.modules.sys.service.SysUserService;
|
||||
import org.activiti.engine.HistoryService;
|
||||
import org.activiti.engine.ProcessEngine;
|
||||
import org.activiti.engine.ProcessEngines;
|
||||
import org.activiti.engine.TaskService;
|
||||
import org.activiti.engine.delegate.*;
|
||||
import org.activiti.engine.delegate.event.ActivitiEvent;
|
||||
import org.activiti.engine.delegate.event.ActivitiEventListener;
|
||||
import org.activiti.engine.history.HistoricTaskInstance;
|
||||
import org.activiti.engine.task.Task;
|
||||
import org.activiti.engine.task.TaskQuery;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* 部门动态审批人
|
||||
|
@ -105,13 +111,11 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti
|
|||
Gson gson = new Gson();
|
||||
JsonElement jsonElement = gson.toJsonTree(kv);
|
||||
TAbilityApplicationDTO abilityApplicationDTO = gson.fromJson(jsonElement, TAbilityApplicationDTO.class);
|
||||
if (abilityApplicationDTO != null && abilityApplicationDTO.getId() != null) {
|
||||
if (abilityApplicationDTO != null) {
|
||||
abilityApplicationDTO.setDelFlag(0);
|
||||
abilityApplicationDTO.setApproveStatus("通过");
|
||||
tAbilityApplicationService.update(abilityApplicationDTO);
|
||||
logger.error("审批通过!申请id:" + abilityApplicationDTO.getId());
|
||||
} else {
|
||||
logger.error(kv.toString());
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -142,7 +146,6 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti
|
|||
logger.error("第二级别审批仍然为 " + bigDateDeptName);
|
||||
taskService.addComment(delegateTask.getId(), delegateTask.getProcessInstanceId(), "默认通过");
|
||||
taskService.complete(delegateTask.getId(), delegateTask.getVariables());
|
||||
endTake(delegateTask.getVariables());
|
||||
}
|
||||
} else {
|
||||
logger.error("表单内单位名称:" + abilityApplicationDTO.getUnit());
|
||||
|
@ -164,14 +167,5 @@ public class CorrectionListener implements TaskListener, ExecutionListener, Acti
|
|||
logger.error("未查到该部门对应的 " + roleName);
|
||||
taskService.setAssignee(delegateTask.getId(), "1516728698224427010");
|
||||
}
|
||||
|
||||
Optional<ResourceDTO> resourceDTOOptional = Optional.ofNullable(resourceService.get(Long.valueOf(abilityApplicationDTO.getResourceId())));
|
||||
resourceDTOOptional.ifPresent(resource -> {
|
||||
if ("免批申请".equals(resource.getShareCondition())) { // 针对免批资源申请
|
||||
taskService.addComment(delegateTask.getId(), delegateTask.getProcessInstanceId(), "免批资源申请默认通过");
|
||||
taskService.complete(delegateTask.getId(), delegateTask.getVariables());
|
||||
endTake(delegateTask.getVariables());
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,9 +1,14 @@
|
|||
package io.renren.modules.processForm.service;
|
||||
|
||||
|
||||
import cn.hutool.core.lang.UUID;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
|
||||
import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
|
||||
import io.renren.modules.processForm.dao.TAbilityApplicationDao;
|
||||
import io.renren.modules.processForm.entity.TAbilityApplicationEntity;
|
||||
import io.renren.modules.resource.dao.ResourceDao;
|
||||
import io.renren.modules.resource.entity.ResourceEntity;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
@ -21,40 +26,60 @@ import java.util.regex.Pattern;
|
|||
|
||||
@Service
|
||||
@Slf4j
|
||||
/**
|
||||
* 聚好看网关对接相关
|
||||
*
|
||||
*/
|
||||
public class ApiGatewayService {
|
||||
|
||||
@Autowired
|
||||
private ResourceDao resourceDao;
|
||||
|
||||
@Autowired
|
||||
private TAbilityApplicationDao abilityApplicationDao;
|
||||
|
||||
@Autowired
|
||||
private RestTemplate restTemplate;
|
||||
|
||||
@Value("${hisense.gateway.url:http://devtest-security-app.hismarttv.com:8080}")
|
||||
@Value("${hisense.gateway.url}")
|
||||
private String gatewayUrl;
|
||||
|
||||
/**
|
||||
/** 将api注册到网关
|
||||
* 注册流程:创建group -> 创建路由(api)并关联到group下,未来可多个api关联
|
||||
* @param resourceId 能力资源的id
|
||||
* @return
|
||||
*/
|
||||
public void registerApi2Gateway(String resourceId){
|
||||
|
||||
if (resourceId == null) {
|
||||
log.warn("传入resourceId为空");
|
||||
return;
|
||||
throw new IllegalArgumentException("传入resourceId为空");
|
||||
}
|
||||
|
||||
ResourceEntity resourceEntity = resourceDao.selectById(resourceId);
|
||||
if (resourceEntity == null) {
|
||||
throw new IllegalArgumentException(String.format("未找到对应的资源id:%s", resourceId));
|
||||
}
|
||||
String apiUrl = resourceEntity.getApiUrl();
|
||||
String methods = resourceEntity.getApiMethodType().toUpperCase();
|
||||
|
||||
if (apiUrl == null || !apiUrl.startsWith("http")){
|
||||
log.warn("非法apiurl!! apiUrl:{} resourceId:{}",apiUrl, resourceId);
|
||||
if (StringUtils.isBlank(apiUrl) || StringUtils.isBlank(methods)){
|
||||
String msg = String.format("注册api参数为空,跳过 apiUrl:%s, methods:%s, resourceId:%s", apiUrl, methods, resourceId);
|
||||
//重要参数没有当成不需要注册
|
||||
log.info(msg);
|
||||
return;
|
||||
}
|
||||
|
||||
//建group
|
||||
String domain = getIP(apiUrl);
|
||||
String uris = apiUrl.substring(apiUrl.indexOf(domain) + domain.length());
|
||||
if (StringUtils.isBlank(uris)) {
|
||||
uris = "/";
|
||||
}
|
||||
String apiPrefix = "/juapi/" + resourceId;
|
||||
HashMap groupEntity = new HashMap();
|
||||
groupEntity.put("id", resourceId);
|
||||
groupEntity.put("name", resourceEntity.getName());
|
||||
groupEntity.put("stripPrefixPattern",String.format("^%s/(.*)", apiPrefix));
|
||||
groupEntity.put("serviceName",domain );
|
||||
|
||||
String groupUrl = gatewayUrl + "/apiops/api/groups";
|
||||
|
@ -63,17 +88,17 @@ public class ApiGatewayService {
|
|||
HashMap body = responseEntity.getBody();
|
||||
String id = (String) body.get("id");
|
||||
if (StringUtils.isBlank(id)){
|
||||
log.error("创建group时id为空 {} body:{}", JSON.toJSONString(groupEntity), body);
|
||||
return;
|
||||
String error = String.format("创建group时id为空 request:%s body:%s", JSON.toJSONString(groupEntity), body);
|
||||
throw new RuntimeException(error);
|
||||
}
|
||||
|
||||
//建路由(接口url)
|
||||
String routeUrl = gatewayUrl + "apiops/api/routers";
|
||||
String routeUrl = gatewayUrl + "/apiops/api/routers";
|
||||
HashMap routeEntity = new HashMap();
|
||||
routeEntity.put("name", "api:1:" + resourceEntity.getName());
|
||||
routeEntity.put("group", id);
|
||||
routeEntity.put("methods", resourceEntity.getApiMethodType().toUpperCase());
|
||||
routeEntity.put("uris", apiUrl.substring(apiUrl.indexOf(domain) + domain.length()));
|
||||
routeEntity.put("methods", methods);
|
||||
routeEntity.put("uris", apiPrefix + uris);
|
||||
ResponseEntity<HashMap> routeResEntity = restTemplate.postForEntity(routeUrl, routeEntity, HashMap.class);
|
||||
if (routeResEntity.getStatusCode() != HttpStatus.OK || !responseEntity.hasBody()){
|
||||
//失败则删除group
|
||||
|
@ -89,6 +114,55 @@ public class ApiGatewayService {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 将code关联到group,api这希望code由我们来生成
|
||||
* 关联流程:创建消费者 -> 订阅接口传入code关联消费者与group
|
||||
* @param formId
|
||||
* @param code
|
||||
*/
|
||||
public void subscribeCode( String formId, String code){
|
||||
|
||||
if ( StringUtils.isBlank(formId) || StringUtils.isBlank(code)) {
|
||||
throw new IllegalArgumentException(String.format("关键参数不能为空 formId:%s code:%s", formId, code));
|
||||
}
|
||||
|
||||
TAbilityApplicationEntity applicationEntity = abilityApplicationDao.selectById(formId);
|
||||
ResourceEntity resourceEntity = resourceDao.selectById(applicationEntity.getResourceId());
|
||||
String groupId = resourceEntity.getGroupId();
|
||||
if (resourceEntity == null){
|
||||
throw new RuntimeException(String.format("找不到资源类 groupId:%s", groupId));
|
||||
}
|
||||
|
||||
//注册消费者,一个表单关联一个消费者
|
||||
HashMap consumerEntity = new HashMap();
|
||||
consumerEntity.put("id", formId);
|
||||
consumerEntity.put("name", resourceEntity.getName() + "-concumer");
|
||||
|
||||
String consumerUrl = gatewayUrl + "/apiops/api/consumers";
|
||||
HashMap consumerResponse = restTemplate.postForEntity(consumerUrl, consumerEntity, HashMap.class).getBody();
|
||||
if (consumerResponse == null || !formId.equals(consumerResponse.get("id"))){
|
||||
throw new RuntimeException(String.format("消费者创建失败 response: %s", consumerResponse));
|
||||
}
|
||||
|
||||
//订阅
|
||||
HashMap subscribeEntity = new HashMap();
|
||||
subscribeEntity.put("consumerId", formId);
|
||||
subscribeEntity.put("routerId", groupId);
|
||||
subscribeEntity.put("routerType","group");
|
||||
subscribeEntity.put("code", code);
|
||||
|
||||
String subscribeUrl = gatewayUrl + "/apiops/api/subscribers";
|
||||
HashMap body = restTemplate.postForEntity(subscribeUrl, subscribeEntity, HashMap.class).getBody();
|
||||
if (body == null || StringUtils.isBlank((String) body.get("consumerId"))){
|
||||
throw new RuntimeException(String.format("订阅失败 response: %s", body));
|
||||
}
|
||||
|
||||
LambdaUpdateWrapper<TAbilityApplicationEntity> updateWrapper = new UpdateWrapper<TAbilityApplicationEntity>().lambda()
|
||||
.eq(TAbilityApplicationEntity::getId, formId)
|
||||
.set(TAbilityApplicationEntity::getGatewayCode, code);
|
||||
abilityApplicationDao.update(null, updateWrapper);
|
||||
}
|
||||
|
||||
private String getIP(String url) {
|
||||
String re = "((http|ftp|https)://)(([a-zA-Z0-9._-]+)|([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}))(([a-zA-Z]{2,6})|(:[0-9]{1,4})?)";
|
||||
String str = "";
|
||||
|
|
|
@ -80,6 +80,9 @@ public class ResourceOwnerListener implements TaskListener, ExecutionListener, A
|
|||
case EVENTNAME_CREATE: // 创建当前审批节点事件
|
||||
create(delegateTask, roleDTO);
|
||||
break;
|
||||
case EVENTNAME_COMPLETE:
|
||||
complete(delegateTask);
|
||||
break;
|
||||
default:
|
||||
logger.error("未处理该事件:" + eventName);
|
||||
}
|
||||
|
|
|
@ -9,8 +9,10 @@ import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSource
|
|||
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
|
||||
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
|
||||
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import java.util.HashMap;
|
||||
|
@ -23,6 +25,9 @@ import java.util.Map;
|
|||
@Configuration
|
||||
public class ShiroConfig {
|
||||
|
||||
// @Autowired
|
||||
// private Oauth2Filter oauth2Filter;
|
||||
|
||||
@Bean
|
||||
public DefaultWebSessionManager sessionManager() {
|
||||
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
|
||||
|
@ -42,13 +47,13 @@ public class ShiroConfig {
|
|||
}
|
||||
|
||||
@Bean("shiroFilter")
|
||||
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
|
||||
public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager, Oauth2Filter oauth2Filter) {
|
||||
ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
|
||||
shiroFilter.setSecurityManager(securityManager);
|
||||
|
||||
//oauth过滤
|
||||
Map<String, Filter> filters = new HashMap<>();
|
||||
filters.put("oauth2", new Oauth2Filter());
|
||||
filters.put("oauth2", oauth2Filter);
|
||||
shiroFilter.setFilters(filters);
|
||||
|
||||
Map<String, String> filterMap = new LinkedHashMap<>();
|
||||
|
|
|
@ -4,8 +4,10 @@ import com.fasterxml.jackson.databind.DeserializationFeature;
|
|||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.fasterxml.jackson.databind.module.SimpleModule;
|
||||
import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
|
||||
import io.renren.common.interceptor.IdentityInterceptor;
|
||||
import io.renren.common.utils.DateUtils;
|
||||
import io.renren.modules.pay.Interceptor.AliPayInterceptor;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.converter.ByteArrayHttpMessageConverter;
|
||||
|
@ -25,6 +27,9 @@ import java.util.TimeZone;
|
|||
@Configuration
|
||||
public class WebMvcConfig implements WebMvcConfigurer {
|
||||
|
||||
@Autowired
|
||||
private IdentityInterceptor identityInterceptor;
|
||||
|
||||
@Override
|
||||
public void addCorsMappings(CorsRegistry registry) {
|
||||
registry.addMapping("/**")
|
||||
|
@ -37,7 +42,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
|
|||
@Override
|
||||
public void addInterceptors(InterceptorRegistry registry) {
|
||||
registry.addInterceptor(new AliPayInterceptor()).addPathPatterns("/pay/alipay/**");
|
||||
// registry.addInterceptor(new IdentityInterceptor());
|
||||
// registry.addInterceptor(identityInterceptor);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -1,8 +1,13 @@
|
|||
package io.renren.modules.security.oauth2;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.yawei.pso.PSORequest;
|
||||
import com.yawei.pso.SSOResponse;
|
||||
import com.yawei.pso.TicketManager;
|
||||
import io.renren.common.constant.Constant;
|
||||
import io.renren.common.exception.ErrorCode;
|
||||
import io.renren.common.interceptor.Validator;
|
||||
import io.renren.common.interceptor.YaweiSSOProperties;
|
||||
import io.renren.common.utils.HttpContextUtils;
|
||||
import io.renren.common.utils.Result;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
@ -10,20 +15,38 @@ import org.apache.http.HttpStatus;
|
|||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.Iterator;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* oauth2过滤器
|
||||
*
|
||||
*/
|
||||
@Component()
|
||||
@Scope("prototype")
|
||||
public class Oauth2Filter extends AuthenticatingFilter {
|
||||
|
||||
public final static String SEESION_USER = "seesion_user";
|
||||
|
||||
@Autowired
|
||||
private YaweiSSOProperties yaweiSSOProperties;
|
||||
|
||||
@Override
|
||||
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
|
||||
//获取请求token
|
||||
|
@ -47,22 +70,28 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
|||
|
||||
@Override
|
||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
||||
|
||||
|
||||
//获取请求token,如果token不存在,直接返回401
|
||||
String token = getRequestToken((HttpServletRequest) request);
|
||||
if(StringUtils.isBlank(token)){
|
||||
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
httpResponse.setContentType("application/json;charset=utf-8");
|
||||
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
|
||||
String json = new Gson().toJson(new Result().error(ErrorCode.UNAUTHORIZED));
|
||||
yaweiHandle((HttpServletRequest)request, (HttpServletResponse)response);
|
||||
|
||||
httpResponse.getWriter().print(json);
|
||||
// HttpServletResponse httpResponse = (HttpServletResponse) response;
|
||||
// httpResponse.setContentType("application/json;charset=utf-8");
|
||||
// httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
// httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
|
||||
//
|
||||
// String json = new Gson().toJson(new Result().error(ErrorCode.UNAUTHORIZED));
|
||||
//
|
||||
// httpResponse.getWriter().print(json);
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return executeLogin(request, response);
|
||||
boolean executeLogin = executeLogin(request, response);
|
||||
return executeLogin;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -100,4 +129,86 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
|||
return token;
|
||||
}
|
||||
|
||||
public boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
// 获取当前请求的url
|
||||
String requestUri = request.getHeader("REQUESTURI");
|
||||
if (requestUri == null){
|
||||
requestUri = request.getRequestURI();
|
||||
}
|
||||
|
||||
Validator validator = Validator.getInstance();
|
||||
|
||||
String strResponse = request.getParameter(yaweiSSOProperties.getSsoKey());
|
||||
if (org.apache.commons.lang.StringUtils.isEmpty(strResponse)) {
|
||||
TicketManager tm = new TicketManager();
|
||||
if (!tm.LoadTicket(request)) {
|
||||
PSORequest psoRequest = new PSORequest(request);
|
||||
//不建新类了,直接反射解决
|
||||
Field returnUrl = psoRequest.getClass().getDeclaredField("returnUrl");
|
||||
returnUrl.setAccessible(true);
|
||||
returnUrl.set(psoRequest, requestUri);
|
||||
String requeststr = psoRequest.CreateHash();
|
||||
|
||||
String keeperUrl = yaweiSSOProperties.getKeeperUrl();
|
||||
keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "="
|
||||
+ URLEncoder.encode(requeststr, "UTF-8");
|
||||
response.addHeader("REDIRECT", keeperUrl);
|
||||
response.setStatus(HttpStatus.SC_UNAUTHORIZED);
|
||||
response.getWriter().write(HttpStatus.SC_UNAUTHORIZED);
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
// 如果服务器端通过认证后,会返回后执行改操作,然后写入cookie
|
||||
SSOResponse ssoResp = new SSOResponse(strResponse);
|
||||
TicketManager tm = ssoResp.CreatePSOTicket();
|
||||
if (tm == null) {
|
||||
PSORequest psoRequest = new PSORequest(request);
|
||||
String requeststr = psoRequest.CreateHash();
|
||||
|
||||
String keeperUrl = yaweiSSOProperties.getKeeperUrl();
|
||||
keeperUrl = keeperUrl + "?" + yaweiSSOProperties.getSsoKey() + "="
|
||||
+ URLEncoder.encode(requeststr, "UTF-8");
|
||||
response.sendRedirect(keeperUrl);
|
||||
} else {
|
||||
String domainName = yaweiSSOProperties.getDomain();
|
||||
tm.SaveTicket(response, domainName);
|
||||
|
||||
//同时添加自己的token
|
||||
// Cookie cookie = new Cookie(Constant.TOKEN_HEADER, createToken(request, response).toString());
|
||||
// response.addCookie(cookie);
|
||||
|
||||
Iterator<Map.Entry<String, String[]>> iterator = request
|
||||
.getParameterMap().entrySet().iterator();
|
||||
StringBuffer param = new StringBuffer();
|
||||
int i = 0;
|
||||
while (iterator.hasNext()) {
|
||||
Map.Entry<String, String[]> entry = (Map.Entry<String, String[]>) iterator
|
||||
.next();
|
||||
if (entry.getKey().equals(yaweiSSOProperties.getSsoKey()))
|
||||
continue;
|
||||
else {
|
||||
i++;
|
||||
if (i == 1)
|
||||
param.append("?").append(entry.getKey())
|
||||
.append("=");
|
||||
else
|
||||
param.append("&").append(entry.getKey())
|
||||
.append("=");
|
||||
|
||||
if (entry.getValue() instanceof String[]) {
|
||||
param.append(((String[]) entry.getValue())[0]);
|
||||
} else {
|
||||
param.append(entry.getValue());
|
||||
}
|
||||
}
|
||||
}
|
||||
response.sendRedirect(requestUri + param.toString());
|
||||
return false;
|
||||
}
|
||||
}
|
||||
validator.SetUserTicket(request);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
}
|
|
@ -0,0 +1,58 @@
|
|||
server:
|
||||
port: 8000
|
||||
spring:
|
||||
datasource:
|
||||
druid:
|
||||
#MySQL
|
||||
driver-class-name: com.mysql.cj.jdbc.Driver
|
||||
url: jdbc:mysql://127.0.0.1:3306/share_platform?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai&nullCatalogMeansCurrent=true
|
||||
username: root
|
||||
password: 123456
|
||||
initial-size: 10
|
||||
max-active: 100
|
||||
min-idle: 10
|
||||
max-wait: 3000
|
||||
pool-prepared-statements: true
|
||||
max-pool-prepared-statement-per-connection-size: 20
|
||||
time-between-eviction-runs-millis: 60000
|
||||
min-evictable-idle-time-millis: 300000
|
||||
#Oracle需要打开注释
|
||||
validation-query: SELECT 1
|
||||
test-while-idle: true
|
||||
test-on-borrow: false
|
||||
test-on-return: false
|
||||
stat-view-servlet:
|
||||
enabled: true
|
||||
url-pattern: /druid/*
|
||||
#login-username: admin
|
||||
#login-password: admin
|
||||
filter:
|
||||
stat:
|
||||
log-slow-sql: true
|
||||
slow-sql-millis: 1000
|
||||
merge-sql: false
|
||||
wall:
|
||||
config:
|
||||
multi-statement-allow: true
|
||||
#上传的静态资源配置
|
||||
resource:
|
||||
root_url: 15.2.21.238
|
||||
path: /data/services/nengli/files/
|
||||
devModelFilePath: /data/services/nengli/files/devModelFile
|
||||
# 大数据部门相关配置
|
||||
big_date:
|
||||
name: 青岛市大数据发展管理局
|
||||
assignee_role_name: 部门审批人
|
||||
|
||||
hisense:
|
||||
gateway:
|
||||
# url: http://15.72.184.7:8080
|
||||
url: http://devtest-security-app.hismarttv.com:8080
|
||||
logging:
|
||||
level:
|
||||
org:
|
||||
activiti:
|
||||
engine:
|
||||
impl:
|
||||
persistence:
|
||||
entity: debug
|
|
@ -43,3 +43,7 @@ resource:
|
|||
big_date:
|
||||
name: 青岛市大数据发展管理局
|
||||
assignee_role_name: 部门审批人
|
||||
|
||||
hisense:
|
||||
gateway:
|
||||
url: http://devtest-security-app.hismarttv.com:8080
|
|
@ -1,3 +1,3 @@
|
|||
sso.domain=yw.com.cn
|
||||
sso.domain=127.0.0.1:8080
|
||||
sso.ssoKey=SSOToken
|
||||
sso.keeperUrl=http://127.0.0.1:9090/renren-admin/sys/user/123
|
||||
sso.keeperUrl=http://jhoa.qd.gov.cn
|
|
@ -1,5 +1,6 @@
|
|||
package io.renren;
|
||||
|
||||
import cn.hutool.core.lang.UUID;
|
||||
import io.renren.common.redis.RedisUtils;
|
||||
import io.renren.modules.processForm.service.ApiGatewayService;
|
||||
import io.renren.modules.sys.entity.SysUserEntity;
|
||||
|
@ -17,8 +18,14 @@ public class ApiGatewayServiceTest {
|
|||
private ApiGatewayService apiGatewayService;
|
||||
|
||||
@Test
|
||||
public void contextLoads() {
|
||||
apiGatewayService.registerApi2Gateway("1519505145602723841");
|
||||
public void registerApi2Gateway() {
|
||||
apiGatewayService.registerApi2Gateway("1522550194523152385");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void registerCode2Group() {
|
||||
String code = UUID.randomUUID().toString();
|
||||
apiGatewayService.subscribeCode("1523913824099762177", code);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue