屮

2022-06-01 18:26:21 +08:00 · 2022-06-01 18:26:21 +08:00 · 7d69521fa4
parent 7f8a4f9d43
commit 7d69521fa4
2 changed files with 19 additions and 24 deletions
--- a/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java
+++ b/renren-admin/src/main/java/io/renren/modules/activiti/service/ActModelService.java
@ -172,7 +172,7 @@ public class ActModelService {
                BufferedImage bufferedImage = ImageIO.read(in);
                ImageIO.write(bufferedImage, "png", response.getOutputStream());
            } else {
-                response.getWriter().println("No image Info!");
+                response.getOutputStream().println("No image Info!");
            }
        } catch (IOException e) {
            e.printStackTrace();
--- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
+++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
@ -22,7 +22,6 @@ import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
-import org.springframework.web.bind.annotation.RequestMethod;

 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
@ -30,20 +29,16 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
-import java.io.UnsupportedEncodingException;
 import java.lang.reflect.Field;
-import java.net.URL;
 import java.net.URLEncoder;
-import java.util.Iterator;
 import java.util.Map;

 /**
 * oauth2过滤器
- *
 */
@Component()
@Scope("prototype")
-public class  Oauth2Filter extends AuthenticatingFilter {
+public class Oauth2Filter extends AuthenticatingFilter {

    @Autowired
    private YaweiSSOProperties yaweiSSOProperties;
@ -59,7 +54,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
        //获取请求token
        String token = getRequestToken((HttpServletRequest) request);

-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            return null;
        }

@ -86,26 +81,26 @@ public class  Oauth2Filter extends AuthenticatingFilter {
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {

        boolean yaweiHandle = yaweiHandle((HttpServletRequest) request, (HttpServletResponse) response);
-        if (yaweiHandle){
+        if (yaweiHandle) {
            //处理成功肯定从cookie或写cookie拿到了认证信息
            //亚威认证通过，为自己添加上token
            TicketManager tm = new TicketManager();
            String currentUser = null;
            if (tm.LoadTicket((HttpServletRequest) request)) {
                currentUser = tm.getUserID();
-            }else {
+            } else {
                currentUser = getYaweiUserIdCookieInResponse((HttpServletResponse) response);
                currentUser = tm.DecData(currentUser);
            }

-            if (currentUser != null ) {
+            if (currentUser != null) {
                LambdaQueryWrapper<SysUserEntity> queryWrapper = new QueryWrapper<SysUserEntity>().lambda()
                        .eq(SysUserEntity::getUsername, currentUser);
                SysUserEntity sysUserEntity = sysUserDao.selectOne(queryWrapper);
                if (sysUserEntity != null) {
                    String currentToken = getRequestToken((HttpServletRequest) request);
-                    HttpServletResponse httpresponse = (HttpServletResponse)response;
-                    if (StringUtils.isBlank(currentToken)){
+                    HttpServletResponse httpresponse = (HttpServletResponse) response;
+                    if (StringUtils.isBlank(currentToken)) {
                        Result<Map> result = sysUserTokenService.createToken(sysUserEntity.getId());
                        Object token = result.getData().get(Constant.TOKEN_HEADER);
                        currentToken = (String) token;
@ -120,7 +115,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
 //                    return executeLogin(request, response);
                    boolean success = executeLogin(request, response);
                    return success;
-                }else {
+                } else {
                    send401Error((HttpServletResponse) response, "未找到用户");
                    return false;
                }
@ -133,7 +128,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
        return false;
    }

-    private String getYaweiUserIdCookieInResponse(HttpServletResponse response){
+    private String getYaweiUserIdCookieInResponse(HttpServletResponse response) {
        String userIdKey = "UserID=";
        for (String header : response.getHeaders("set-cookie")) {
            if (header.startsWith(userIdKey)) return header.substring(userIdKey.length());
@ -161,7 +156,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
        Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg);

        String json = new Gson().toJson(r);
-        response.getWriter().print(json);
+        response.getOutputStream().print(json);
    }

    public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception {
@ -171,23 +166,23 @@ public class  Oauth2Filter extends AuthenticatingFilter {
    /**
     * 获取请求的token
     */
-    private String getRequestToken(HttpServletRequest httpRequest){
+    private String getRequestToken(HttpServletRequest httpRequest) {
        //从header中获取token
        String token = httpRequest.getHeader(Constant.TOKEN_HEADER);

-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            token = (String) httpRequest.getAttribute(Constant.TOKEN_HEADER);
        }

        //如果header中不存在token，则从参数中获取token
-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            token = httpRequest.getParameter(Constant.TOKEN_HEADER);
        }


-        if(StringUtils.isBlank(token)){
+        if (StringUtils.isBlank(token)) {
            Cookie[] cookies = httpRequest.getCookies();
-            if (cookies != null){
+            if (cookies != null) {
                for (Cookie cookie : cookies) {
                    if (Constant.TOKEN_HEADER.equalsIgnoreCase(cookie.getName())) {
                        token = cookie.getValue();
@ -204,7 +199,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
    private boolean yaweiHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {
        // 获取当前请求的url
        String requestUri = request.getHeader("REQUESTURI");
-        if (requestUri == null){
+        if (requestUri == null) {
            requestUri = request.getRequestURI();
        }

@ -242,7 +237,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {

    private void redirectToYaweiLogin(HttpServletRequest request, HttpServletResponse response) throws IOException, IllegalAccessException, NoSuchFieldException {
        String requestUri = request.getHeader("REQUESTURI");
-        if (requestUri == null){
+        if (requestUri == null) {
            requestUri = request.getRequestURI();
        }
        PSORequest psoRequest = new PSORequest(request);
@ -257,7 +252,7 @@ public class  Oauth2Filter extends AuthenticatingFilter {
                + URLEncoder.encode(requeststr, "UTF-8");
        response.addHeader("REDIRECT", keeperUrl);
        response.setStatus(HttpStatus.SC_UNAUTHORIZED);
-        response.getWriter().write(HttpStatus.SC_UNAUTHORIZED);
+        response.getOutputStream().write(HttpStatus.SC_UNAUTHORIZED);
    }