From 7d69521fa47cb50ff697a3f12545e61acccfc66b Mon Sep 17 00:00:00 2001 From: wangliwen Date: Wed, 1 Jun 2022 18:26:21 +0800 Subject: [PATCH] =?UTF-8?q?=E5=B1=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../activiti/service/ActModelService.java | 2 +- .../modules/security/oauth2/Oauth2Filter.java | 41 ++++++++----------- 2 files changed, 19 insertions(+), 24 deletions(-) diff --git a/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java b/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java index db654be6..0cd8dd97 100644 --- a/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java +++ b/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java @@ -172,7 +172,7 @@ public class ActModelService { BufferedImage bufferedImage = ImageIO.read(in); ImageIO.write(bufferedImage, "png", response.getOutputStream()); } else { - response.getWriter().println("No image Info!"); + response.getOutputStream().println("No image Info!"); } } catch (IOException e) { e.printStackTrace(); diff --git a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java index 5df2d53c..c86e340b 100644 --- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java +++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java @@ -22,7 +22,6 @@ import org.apache.shiro.web.filter.authc.AuthenticatingFilter; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Component; -import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; @@ -30,20 +29,16 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.UnsupportedEncodingException; import java.lang.reflect.Field; -import java.net.URL; import java.net.URLEncoder; -import java.util.Iterator; import java.util.Map; /** * oauth2过滤器 - * */ @Component() @Scope("prototype") -public class Oauth2Filter extends AuthenticatingFilter { +public class Oauth2Filter extends AuthenticatingFilter { @Autowired private YaweiSSOProperties yaweiSSOProperties; @@ -59,7 +54,7 @@ public class Oauth2Filter extends AuthenticatingFilter { //获取请求token String token = getRequestToken((HttpServletRequest) request); - if(StringUtils.isBlank(token)){ + if (StringUtils.isBlank(token)) { return null; } @@ -86,26 +81,26 @@ public class Oauth2Filter extends AuthenticatingFilter { protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response); - if (yaweiHandle){ + if (yaweiHandle) { //处理成功肯定从cookie或写cookie拿到了认证信息 //亚威认证通过,为自己添加上token TicketManager tm = new TicketManager(); String currentUser = null; if (tm.LoadTicket((HttpServletRequest) request)) { currentUser = tm.getUserID(); - }else { + } else { currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response); currentUser = tm.DecData(currentUser); } - if (currentUser != null ) { + if (currentUser != null) { LambdaQueryWrapper queryWrapper = new QueryWrapper().lambda() .eq(SysUserEntity::getUsername, currentUser); SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper); if (sysUserEntity != null) { String currentToken = getRequestToken((HttpServletRequest) request); - HttpServletResponse httpresponse = (HttpServletResponse)response; - if (StringUtils.isBlank(currentToken)){ + HttpServletResponse httpresponse = (HttpServletResponse) response; + if (StringUtils.isBlank(currentToken)) { Result result = sysUserTokenService.createToken(sysUserEntity.getId()); Object token = result.getData().get(Constant.TOKEN_HEADER); currentToken = (String) token; @@ -120,7 +115,7 @@ public class Oauth2Filter extends AuthenticatingFilter { // return executeLogin(request, response); boolean success = executeLogin(request, response); return success; - }else { + } else { send401Error((HttpServletResponse) response, "未找到用户"); return false; } @@ -133,7 +128,7 @@ public class Oauth2Filter extends AuthenticatingFilter { return false; } - private String getYaweiUserIdCookieInResponse(HttpServletResponse response){ + private String getYaweiUserIdCookieInResponse(HttpServletResponse response) { String userIdKey = "UserID="; for (String header : response.getHeaders("set-cookie")) { if (header.startsWith(userIdKey)) return header.substring(userIdKey.length()); @@ -161,7 +156,7 @@ public class Oauth2Filter extends AuthenticatingFilter { Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg); String json = new Gson().toJson(r); - response.getWriter().print(json); + response.getOutputStream().print(json); } public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception { @@ -171,23 +166,23 @@ public class Oauth2Filter extends AuthenticatingFilter { /** * 获取请求的token */ - private String getRequestToken(HttpServletRequest httpRequest){ + private String getRequestToken(HttpServletRequest httpRequest) { //从header中获取token String token = httpRequest.getHeader(Constant.TOKEN_HEADER); - if(StringUtils.isBlank(token)){ + if (StringUtils.isBlank(token)) { token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER); } //如果header中不存在token,则从参数中获取token - if(StringUtils.isBlank(token)){ + if (StringUtils.isBlank(token)) { token = httpRequest.getParameter(Constant.TOKEN_HEADER); } - if(StringUtils.isBlank(token)){ + if (StringUtils.isBlank(token)) { Cookie[] cookies = httpRequest.getCookies(); - if (cookies != null){ + if (cookies != null) { for (Cookie cookie : cookies) { if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) { token = cookie.getValue(); @@ -204,7 +199,7 @@ public class Oauth2Filter extends AuthenticatingFilter { private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception { // 获取当前请求的url String requestUri = request.getHeader("REQUESTURI"); - if (requestUri == null){ + if (requestUri == null) { requestUri = request.getRequestURI(); } @@ -242,7 +237,7 @@ public class Oauth2Filter extends AuthenticatingFilter { private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException { String requestUri = request.getHeader("REQUESTURI"); - if (requestUri == null){ + if (requestUri == null) { requestUri = request.getRequestURI(); } PSORequest psoRequest = new PSORequest(request); @@ -257,7 +252,7 @@ public class Oauth2Filter extends AuthenticatingFilter { + URLEncoder.encode(requeststr, "UTF-8"); response.addHeader("REDIRECT", keeperUrl); response.setStatus(HttpStatus.SC_UNAUTHORIZED); - response.getWriter().write(HttpStatus.SC_UNAUTHORIZED); + response.getOutputStream().write(HttpStatus.SC_UNAUTHORIZED); }