This commit is contained in:
wangliwen
parent
7f8a4f9d43
commit
7d69521fa4
|
|
@ -172,7 +172,7 @@ public class ActModelService {
|
||||||
BufferedImage bufferedImage = ImageIO.read(in);
|
BufferedImage bufferedImage = ImageIO.read(in);
|
||||||
ImageIO.write(bufferedImage, "png", response.getOutputStream());
|
ImageIO.write(bufferedImage, "png", response.getOutputStream());
|
||||||
} else {
|
} else {
|
||||||
response.getWriter().println("No image Info!");
|
response.getOutputStream().println("No image Info!");
|
||||||
}
|
}
|
||||||
} catch (IOException e) {
|
} catch (IOException e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
|
|
|
||||||
|
|
@ -22,7 +22,6 @@ import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Scope;
|
import org.springframework.context.annotation.Scope;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import org.springframework.web.bind.annotation.RequestMethod;
|
|
||||||
|
|
||||||
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import javax.servlet.ServletResponse;
|
||||||
|
|
@ -30,20 +29,16 @@ import javax.servlet.http.Cookie;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.UnsupportedEncodingException;
|
|
||||||
import java.lang.reflect.Field;
|
import java.lang.reflect.Field;
|
||||||
import java.net.URL;
|
|
||||||
import java.net.URLEncoder;
|
import java.net.URLEncoder;
|
||||||
import java.util.Iterator;
|
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* oauth2过滤器
|
* oauth2过滤器
|
||||||
*
|
|
||||||
*/
|
*/
|
||||||
@Component()
|
@Component()
|
||||||
@Scope("prototype")
|
@Scope("prototype")
|
||||||
public class Oauth2Filter extends AuthenticatingFilter {
|
public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private YaweiSSOProperties yaweiSSOProperties;
|
private YaweiSSOProperties yaweiSSOProperties;
|
||||||
|
|
@ -59,7 +54,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
//获取请求token
|
//获取请求token
|
||||||
String token = getRequestToken((HttpServletRequest) request);
|
String token = getRequestToken((HttpServletRequest) request);
|
||||||
|
|
||||||
if(StringUtils.isBlank(token)){
|
if (StringUtils.isBlank(token)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -86,26 +81,26 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
||||||
|
|
||||||
boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);
|
boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);
|
||||||
if (yaweiHandle){
|
if (yaweiHandle) {
|
||||||
//处理成功肯定从cookie或写cookie拿到了认证信息
|
//处理成功肯定从cookie或写cookie拿到了认证信息
|
||||||
//亚威认证通过,为自己添加上token
|
//亚威认证通过,为自己添加上token
|
||||||
TicketManager tm = new TicketManager();
|
TicketManager tm = new TicketManager();
|
||||||
String currentUser = null;
|
String currentUser = null;
|
||||||
if (tm.LoadTicket((HttpServletRequest) request)) {
|
if (tm.LoadTicket((HttpServletRequest) request)) {
|
||||||
currentUser = tm.getUserID();
|
currentUser = tm.getUserID();
|
||||||
}else {
|
} else {
|
||||||
currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response);
|
currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response);
|
||||||
currentUser = tm.DecData(currentUser);
|
currentUser = tm.DecData(currentUser);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (currentUser != null ) {
|
if (currentUser != null) {
|
||||||
LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
|
LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
|
||||||
.eq(SysUserEntity::getUsername, currentUser);
|
.eq(SysUserEntity::getUsername, currentUser);
|
||||||
SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
|
SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
|
||||||
if (sysUserEntity != null) {
|
if (sysUserEntity != null) {
|
||||||
String currentToken = getRequestToken((HttpServletRequest) request);
|
String currentToken = getRequestToken((HttpServletRequest) request);
|
||||||
HttpServletResponse httpresponse = (HttpServletResponse)response;
|
HttpServletResponse httpresponse = (HttpServletResponse) response;
|
||||||
if (StringUtils.isBlank(currentToken)){
|
if (StringUtils.isBlank(currentToken)) {
|
||||||
Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
|
Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
|
||||||
Object token = result.getData().get(Constant.TOKEN_HEADER);
|
Object token = result.getData().get(Constant.TOKEN_HEADER);
|
||||||
currentToken = (String) token;
|
currentToken = (String) token;
|
||||||
|
|
@ -120,7 +115,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
// return executeLogin(request, response);
|
// return executeLogin(request, response);
|
||||||
boolean success = executeLogin(request, response);
|
boolean success = executeLogin(request, response);
|
||||||
return success;
|
return success;
|
||||||
}else {
|
} else {
|
||||||
send401Error((HttpServletResponse) response, "未找到用户");
|
send401Error((HttpServletResponse) response, "未找到用户");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -133,7 +128,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
private String getYaweiUserIdCookieInResponse(HttpServletResponse response){
|
private String getYaweiUserIdCookieInResponse(HttpServletResponse response) {
|
||||||
String userIdKey = "UserID=";
|
String userIdKey = "UserID=";
|
||||||
for (String header : response.getHeaders("set-cookie")) {
|
for (String header : response.getHeaders("set-cookie")) {
|
||||||
if (header.startsWith(userIdKey)) return header.substring(userIdKey.length());
|
if (header.startsWith(userIdKey)) return header.substring(userIdKey.length());
|
||||||
|
|
@ -161,7 +156,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg);
|
Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg);
|
||||||
|
|
||||||
String json = new Gson().toJson(r);
|
String json = new Gson().toJson(r);
|
||||||
response.getWriter().print(json);
|
response.getOutputStream().print(json);
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||||
|
|
@ -171,23 +166,23 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
/**
|
/**
|
||||||
* 获取请求的token
|
* 获取请求的token
|
||||||
*/
|
*/
|
||||||
private String getRequestToken(HttpServletRequest httpRequest){
|
private String getRequestToken(HttpServletRequest httpRequest) {
|
||||||
//从header中获取token
|
//从header中获取token
|
||||||
String token = httpRequest.getHeader(Constant.TOKEN_HEADER);
|
String token = httpRequest.getHeader(Constant.TOKEN_HEADER);
|
||||||
|
|
||||||
if(StringUtils.isBlank(token)){
|
if (StringUtils.isBlank(token)) {
|
||||||
token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER);
|
token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER);
|
||||||
}
|
}
|
||||||
|
|
||||||
//如果header中不存在token,则从参数中获取token
|
//如果header中不存在token,则从参数中获取token
|
||||||
if(StringUtils.isBlank(token)){
|
if (StringUtils.isBlank(token)) {
|
||||||
token = httpRequest.getParameter(Constant.TOKEN_HEADER);
|
token = httpRequest.getParameter(Constant.TOKEN_HEADER);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if(StringUtils.isBlank(token)){
|
if (StringUtils.isBlank(token)) {
|
||||||
Cookie[] cookies = httpRequest.getCookies();
|
Cookie[] cookies = httpRequest.getCookies();
|
||||||
if (cookies != null){
|
if (cookies != null) {
|
||||||
for (Cookie cookie : cookies) {
|
for (Cookie cookie : cookies) {
|
||||||
if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) {
|
if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) {
|
||||||
token = cookie.getValue();
|
token = cookie.getValue();
|
||||||
|
|
@ -204,7 +199,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||||
// 获取当前请求的url
|
// 获取当前请求的url
|
||||||
String requestUri = request.getHeader("REQUESTURI");
|
String requestUri = request.getHeader("REQUESTURI");
|
||||||
if (requestUri == null){
|
if (requestUri == null) {
|
||||||
requestUri = request.getRequestURI();
|
requestUri = request.getRequestURI();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -242,7 +237,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
|
|
||||||
private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException {
|
private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException {
|
||||||
String requestUri = request.getHeader("REQUESTURI");
|
String requestUri = request.getHeader("REQUESTURI");
|
||||||
if (requestUri == null){
|
if (requestUri == null) {
|
||||||
requestUri = request.getRequestURI();
|
requestUri = request.getRequestURI();
|
||||||
}
|
}
|
||||||
PSORequest psoRequest = new PSORequest(request);
|
PSORequest psoRequest = new PSORequest(request);
|
||||||
|
|
@ -257,7 +252,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
|
||||||
+ URLEncoder.encode(requeststr, "UTF-8");
|
+ URLEncoder.encode(requeststr, "UTF-8");
|
||||||
response.addHeader("REDIRECT", keeperUrl);
|
response.addHeader("REDIRECT", keeperUrl);
|
||||||
response.setStatus(HttpStatus.SC_UNAUTHORIZED);
|
response.setStatus(HttpStatus.SC_UNAUTHORIZED);
|
||||||
response.getWriter().write(HttpStatus.SC_UNAUTHORIZED);
|
response.getOutputStream().write(HttpStatus.SC_UNAUTHORIZED);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue