This commit is contained in:
wangliwen 2022-06-01 18:26:21 +08:00
parent 7f8a4f9d43
commit 7d69521fa4
2 changed files with 19 additions and 24 deletions

View File

@ -172,7 +172,7 @@ public class ActModelService {
BufferedImage bufferedImage = ImageIO.read(in); BufferedImage bufferedImage = ImageIO.read(in);
ImageIO.write(bufferedImage, "png", response.getOutputStream()); ImageIO.write(bufferedImage, "png", response.getOutputStream());
} else { } else {
response.getWriter().println("No image Info!"); response.getOutputStream().println("No image Info!");
} }
} catch (IOException e) { } catch (IOException e) {
e.printStackTrace(); e.printStackTrace();

View File

@ -22,7 +22,6 @@ import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.ServletRequest; import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; import javax.servlet.ServletResponse;
@ -30,16 +29,12 @@ import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field; import java.lang.reflect.Field;
import java.net.URL;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Map; import java.util.Map;
/** /**
* oauth2过滤器 * oauth2过滤器
*
*/ */
@Component() @Component()
@Scope("prototype") @Scope("prototype")
@ -59,7 +54,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
//获取请求token //获取请求token
String token = getRequestToken((HttpServletRequest) request); String token = getRequestToken((HttpServletRequest) request);
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
return null; return null;
} }
@ -86,26 +81,26 @@ public class Oauth2Filter extends AuthenticatingFilter {
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response); boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);
if (yaweiHandle){ if (yaweiHandle) {
//处理成功肯定从cookie或写cookie拿到了认证信息 //处理成功肯定从cookie或写cookie拿到了认证信息
//亚威认证通过为自己添加上token //亚威认证通过为自己添加上token
TicketManager tm = new TicketManager(); TicketManager tm = new TicketManager();
String currentUser = null; String currentUser = null;
if (tm.LoadTicket((HttpServletRequest) request)) { if (tm.LoadTicket((HttpServletRequest) request)) {
currentUser = tm.getUserID(); currentUser = tm.getUserID();
}else { } else {
currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response); currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response);
currentUser = tm.DecData(currentUser); currentUser = tm.DecData(currentUser);
} }
if (currentUser != null ) { if (currentUser != null) {
LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda() LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
.eq(SysUserEntity::getUsername, currentUser); .eq(SysUserEntity::getUsername, currentUser);
SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper); SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
if (sysUserEntity != null) { if (sysUserEntity != null) {
String currentToken = getRequestToken((HttpServletRequest) request); String currentToken = getRequestToken((HttpServletRequest) request);
HttpServletResponse httpresponse = (HttpServletResponse)response; HttpServletResponse httpresponse = (HttpServletResponse) response;
if (StringUtils.isBlank(currentToken)){ if (StringUtils.isBlank(currentToken)) {
Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId()); Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
Object token = result.getData().get(Constant.TOKEN_HEADER); Object token = result.getData().get(Constant.TOKEN_HEADER);
currentToken = (String) token; currentToken = (String) token;
@ -120,7 +115,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
// return executeLogin(request, response); // return executeLogin(request, response);
boolean success = executeLogin(request, response); boolean success = executeLogin(request, response);
return success; return success;
}else { } else {
send401Error((HttpServletResponse) response, "未找到用户"); send401Error((HttpServletResponse) response, "未找到用户");
return false; return false;
} }
@ -133,7 +128,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
return false; return false;
} }
private String getYaweiUserIdCookieInResponse(HttpServletResponse response){ private String getYaweiUserIdCookieInResponse(HttpServletResponse response) {
String userIdKey = "UserID="; String userIdKey = "UserID=";
for (String header : response.getHeaders("set-cookie")) { for (String header : response.getHeaders("set-cookie")) {
if (header.startsWith(userIdKey)) return header.substring(userIdKey.length()); if (header.startsWith(userIdKey)) return header.substring(userIdKey.length());
@ -161,7 +156,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg); Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg);
String json = new Gson().toJson(r); String json = new Gson().toJson(r);
response.getWriter().print(json); response.getOutputStream().print(json);
} }
public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception { public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception {
@ -171,23 +166,23 @@ public class Oauth2Filter extends AuthenticatingFilter {
/** /**
* 获取请求的token * 获取请求的token
*/ */
private String getRequestToken(HttpServletRequest httpRequest){ private String getRequestToken(HttpServletRequest httpRequest) {
//从header中获取token //从header中获取token
String token = httpRequest.getHeader(Constant.TOKEN_HEADER); String token = httpRequest.getHeader(Constant.TOKEN_HEADER);
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER); token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER);
} }
//如果header中不存在token则从参数中获取token //如果header中不存在token则从参数中获取token
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
token = httpRequest.getParameter(Constant.TOKEN_HEADER); token = httpRequest.getParameter(Constant.TOKEN_HEADER);
} }
if(StringUtils.isBlank(token)){ if (StringUtils.isBlank(token)) {
Cookie[] cookies = httpRequest.getCookies(); Cookie[] cookies = httpRequest.getCookies();
if (cookies != null){ if (cookies != null) {
for (Cookie cookie : cookies) { for (Cookie cookie : cookies) {
if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) { if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) {
token = cookie.getValue(); token = cookie.getValue();
@ -204,7 +199,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception { private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
// 获取当前请求的url // 获取当前请求的url
String requestUri = request.getHeader("REQUESTURI"); String requestUri = request.getHeader("REQUESTURI");
if (requestUri == null){ if (requestUri == null) {
requestUri = request.getRequestURI(); requestUri = request.getRequestURI();
} }
@ -242,7 +237,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException { private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException {
String requestUri = request.getHeader("REQUESTURI"); String requestUri = request.getHeader("REQUESTURI");
if (requestUri == null){ if (requestUri == null) {
requestUri = request.getRequestURI(); requestUri = request.getRequestURI();
} }
PSORequest psoRequest = new PSORequest(request); PSORequest psoRequest = new PSORequest(request);
@ -257,7 +252,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
+ URLEncoder.encode(requeststr, "UTF-8"); + URLEncoder.encode(requeststr, "UTF-8");
response.addHeader("REDIRECT", keeperUrl); response.addHeader("REDIRECT", keeperUrl);
response.setStatus(HttpStatus.SC_UNAUTHORIZED); response.setStatus(HttpStatus.SC_UNAUTHORIZED);
response.getWriter().write(HttpStatus.SC_UNAUTHORIZED); response.getOutputStream().write(HttpStatus.SC_UNAUTHORIZED);
} }