From fce2214eee8dec38bd05d7482e91bbf08012ef46 Mon Sep 17 00:00:00 2001
From: yangjie <1179743470@qq.com>
Date: Tue, 15 Jun 2021 17:44:33 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AD=A6=E6=A0=A1=E7=BB=9F=E4=B8=80=E8=BA=AB?=
=?UTF-8?q?=E4=BB=BD=E9=AA=8C=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pom.xml | 14 +-
.../com/yipin/liuwanr/PropertiesUtils.java | 2 +-
src/main/java/com/yipin/liuwanr/Test.java | 9 ++
.../yipin/liuwanr/config/CasFilterConfig.java | 123 ++++++++++++++++++
.../yipin/liuwanr/controller/Response.java | 21 +++
.../controller/UserInfoController.java | 18 ++-
.../yipin/liuwanr/filter/AuthInterceptor.java | 18 +++
.../com/yipin/liuwanr/filter/CasFilter.java | 18 +++
.../liuwanr/filter/LocalUserInfoFilter.java | 49 +++++++
.../java/com/yipin/liuwanr/util/CASUtil.java | 34 +++++
.../com/yipin/liuwanr/util/UserIdUtils.java | 35 +++++
11 files changed, 336 insertions(+), 5 deletions(-)
create mode 100644 src/main/java/com/yipin/liuwanr/config/CasFilterConfig.java
create mode 100644 src/main/java/com/yipin/liuwanr/filter/CasFilter.java
create mode 100644 src/main/java/com/yipin/liuwanr/filter/LocalUserInfoFilter.java
create mode 100644 src/main/java/com/yipin/liuwanr/util/CASUtil.java
create mode 100644 src/main/java/com/yipin/liuwanr/util/UserIdUtils.java
diff --git a/pom.xml b/pom.xml
index e5da5f8..c363b3c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -54,7 +54,7 @@
org.springframework.cloud
spring-cloud-dependencies
Edgware.RELEASE
- import
+
pom
@@ -277,6 +277,18 @@
runtime
true
+
+
+ org.jasig.cas.client
+ cas-client-core
+ 3.2.1
+
+
+ org.slf4j
+ log4j-over-slf4j
+
+
+
root
diff --git a/src/main/java/com/yipin/liuwanr/PropertiesUtils.java b/src/main/java/com/yipin/liuwanr/PropertiesUtils.java
index 2bc0e62..ba8c934 100644
--- a/src/main/java/com/yipin/liuwanr/PropertiesUtils.java
+++ b/src/main/java/com/yipin/liuwanr/PropertiesUtils.java
@@ -33,7 +33,7 @@ public class PropertiesUtils extends PropertyPlaceholderConfigurer {
static {
InputStream ins = null;
try {
- ins = PropertiesUtils.class.getResourceAsStream("/config/application.properties");
+ ins = PropertiesUtils.class.getResourceAsStream("/config/application-dev.properties");
PRO.load(ins);
} catch (IOException e) {
System.out.println("加载连连支付配置文件失败!");
diff --git a/src/main/java/com/yipin/liuwanr/Test.java b/src/main/java/com/yipin/liuwanr/Test.java
index 6f952b4..e260640 100644
--- a/src/main/java/com/yipin/liuwanr/Test.java
+++ b/src/main/java/com/yipin/liuwanr/Test.java
@@ -8,6 +8,9 @@ import java.net.URL;
import java.util.ArrayList;
import java.util.List;
+import com.yipin.liuwanr.entity.UserIdEnum;
+import com.yipin.liuwanr.helper.RandomUtil;
+import com.yipin.liuwanr.util.MD5;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
@@ -18,6 +21,12 @@ public class Test {
// System.out.println((new Test()).getURLContent());
// String urlStr = "http://vip.stock.finance.sina.com.cn/quotes_service/api/json_v2.php/Market_Center.getHQNodeData?page=1&num=40&sort=symbol&asc=1&node=hs_a&symbol=&_s_r_a=init";
// System.out.println((new Test()).getURLContent(urlStr));
+
+ /* String zj0001 = RandomUtil.parsePassword("sdsdfhs");
+ System.out.println(zj0001);*/
+// System.out.println(MD5.encrypt("zj0001"));
+
+ System.out.println(UserIdEnum.getUserId(Integer.parseInt("1510")));
}
diff --git a/src/main/java/com/yipin/liuwanr/config/CasFilterConfig.java b/src/main/java/com/yipin/liuwanr/config/CasFilterConfig.java
new file mode 100644
index 0000000..73ec668
--- /dev/null
+++ b/src/main/java/com/yipin/liuwanr/config/CasFilterConfig.java
@@ -0,0 +1,123 @@
+package com.yipin.liuwanr.config;
+
+import com.yipin.liuwanr.filter.LocalUserInfoFilter;
+import org.jasig.cas.client.authentication.AuthenticationFilter;
+import org.jasig.cas.client.session.SingleSignOutFilter;
+import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
+import org.jasig.cas.client.util.AssertionThreadLocalFilter;
+import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
+import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.Ordered;
+
+/**
+ * cas过滤器配置
+ */
+
+@Configuration
+public class CasFilterConfig {
+
+ private static final String CAS_URL= "https://idas.uestc.edu.cn/authserver";
+
+ private static final String APP_URL= "http://222.197.183.3:8090";
+
+ @Bean
+ public ServletListenerRegistrationBean servletListenerRegistrationBean(){
+ ServletListenerRegistrationBean listenerRegistrationBean = new ServletListenerRegistrationBean<>();
+ listenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
+ listenerRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+ return listenerRegistrationBean;
+ }
+
+ /**
+ * 单点登录退出
+ * @return registrationBean
+ */
+ @Bean
+ public FilterRegistrationBean singleSignOutFilter(){
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new SingleSignOutFilter());
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
+ registrationBean.setName("CAS Single Sign Out Filter");
+ registrationBean.setOrder(2);
+ return registrationBean;
+ }
+
+ /**
+ * 单点登录认证
+ * @return registrationBean
+ */
+
+ @Bean
+ public FilterRegistrationBean authenticationFilter(){
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new AuthenticationFilter());
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.setName("CAS Filter");
+ registrationBean.addInitParameter("casServerLoginUrl",CAS_URL);
+ registrationBean.addInitParameter("serverName", APP_URL );
+ registrationBean.setOrder(3);
+ return registrationBean;
+ }
+
+ /**
+ * 单点登录校验
+ * @return registrationBean
+ */
+
+ @Bean
+ public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter(){
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.setName("CAS Validation Filter");
+ registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
+ registrationBean.addInitParameter("serverName", APP_URL );
+ registrationBean.setOrder(4);
+ return registrationBean;
+ }
+
+ /**
+ * 单点登录请求包装
+ * @return registrationBean
+ */
+
+ @Bean
+ public FilterRegistrationBean httpServletRequestWrapperFilter(){
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new HttpServletRequestWrapperFilter());
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.setName("CAS HttpServletRequest Wrapper Filter");
+ registrationBean.setOrder(5);
+ return registrationBean;
+ }
+
+ /**
+ * 单点登录本地用户信息
+ * @return registrationBean
+ */
+
+ @Bean
+ public FilterRegistrationBean localUserInfoFilter(){
+ FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new LocalUserInfoFilter());
+
+ registrationBean.addUrlPatterns("/*");
+ registrationBean.setName("localUserInfoFilter");
+ registrationBean.setOrder(6);
+ return registrationBean;
+ }
+
+ @Bean
+ public FilterRegistrationBean assertionThreadLocalFilter(){
+ FilterRegistrationBean registrationBean
+ = new FilterRegistrationBean<>();
+ registrationBean.setFilter(new AssertionThreadLocalFilter());
+ return registrationBean;
+ }
+
+}
diff --git a/src/main/java/com/yipin/liuwanr/controller/Response.java b/src/main/java/com/yipin/liuwanr/controller/Response.java
index e5069f6..9c0d60d 100644
--- a/src/main/java/com/yipin/liuwanr/controller/Response.java
+++ b/src/main/java/com/yipin/liuwanr/controller/Response.java
@@ -31,4 +31,25 @@ public class Response {
public void setErrmessage(String errmessage) {
this.errmessage = errmessage;
}
+
+ public static Response ok(Object o){
+ Response response = new Response();
+ response.errmessage = "成功";
+ response.message = o;
+ return response;
+ }
+
+ public static Response ok(){
+ Response response = new Response();
+ response.errmessage = "成功";
+ response.message = "";
+ return response;
+ }
+
+ public static Response error(){
+ Response response = new Response();
+ response.message = "错误";
+ response.errmessage = "";
+ return response;
+ }
}
diff --git a/src/main/java/com/yipin/liuwanr/controller/UserInfoController.java b/src/main/java/com/yipin/liuwanr/controller/UserInfoController.java
index 1c29d0b..e71f43f 100644
--- a/src/main/java/com/yipin/liuwanr/controller/UserInfoController.java
+++ b/src/main/java/com/yipin/liuwanr/controller/UserInfoController.java
@@ -5,6 +5,7 @@ import com.yipin.liuwanr.entity.vo.AccountLoginVO;
import com.yipin.liuwanr.entity.vo.AdminLoginVO;
import com.yipin.liuwanr.helper.RedisHelper;
import com.yipin.liuwanr.service.*;
+import com.yipin.liuwanr.util.UserIdUtils;
import com.yipin.liuwanr.vo.UserInfoVO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
@@ -39,6 +40,9 @@ public class UserInfoController {
@Autowired
private ISysPermissionService permissionService;
+ @Autowired
+ private UserIdUtils userIdUtils;
+
/**
* 添加用户
@@ -333,6 +337,11 @@ public class UserInfoController {
}
+ @PostMapping("/schoolLogins")
+ public Response schoolLogins(){
+
+ return Response.ok();
+ }
/**
* 科大教师端登陆
@@ -485,7 +494,8 @@ public class UserInfoController {
resp.setStatus(300);
resp.setErrmessage("平台id为空!查询失败!");
} else {
- HashMap ret = userInfoService.queryUserOR(userId,platformId);
+ Integer token = userIdUtils.getUserIdByToken();
+ HashMap ret = userInfoService.queryUserOR(token,platformId);
int status = (int) ret.get("retcode");
if (200 == status) {
resp.setStatus(status);
@@ -508,7 +518,8 @@ public class UserInfoController {
resp.setStatus(300);
resp.setErrmessage("用户id为空!查询失败!");
}else {
- HashMap ret = userInfoService.queryUserProfiles(userId);
+ Integer token = userIdUtils.getUserIdByToken();
+ HashMap ret = userInfoService.queryUserProfiles(token);
int status = (int) ret.get("retcode");
if (200 == status) {
resp.setStatus(status);
@@ -727,7 +738,8 @@ public class UserInfoController {
resp.setStatus(300);
resp.setErrmessage("平台id为空!");
}else{
- HashMap ret = userInfoService.queryStuAndSta(platformId,userId);
+ Integer token = userIdUtils.getUserIdByToken();
+ HashMap ret = userInfoService.queryStuAndSta(platformId,token);
int status = (int) ret.get("retcode");
if (200 == status) {
resp.setStatus(status);
diff --git a/src/main/java/com/yipin/liuwanr/filter/AuthInterceptor.java b/src/main/java/com/yipin/liuwanr/filter/AuthInterceptor.java
index 5ff829c..daac23f 100644
--- a/src/main/java/com/yipin/liuwanr/filter/AuthInterceptor.java
+++ b/src/main/java/com/yipin/liuwanr/filter/AuthInterceptor.java
@@ -1,6 +1,7 @@
package com.yipin.liuwanr.filter;
+import org.jasig.cas.client.validation.AssertionImpl;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.util.StringUtils;
@@ -10,6 +11,8 @@ import org.springframework.web.servlet.ModelAndView;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.lang.reflect.Field;
+import java.util.Map;
import java.util.Objects;
/**
@@ -28,6 +31,21 @@ public class AuthInterceptor implements HandlerInterceptor {
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=utf-8");
+ Object attribute = request.getSession().getAttribute("_const_cas_assertion_");
+ if (!StringUtils.isEmpty(attribute)){
+ AssertionImpl assertion = (AssertionImpl) attribute;
+ Field[] fields = assertion.getClass().getDeclaredFields();
+ /*for (Field field : fields) {
+ System.out.println(field);
+ }*/
+ //获取用户信息中的公开属性
+ Map map = assertion.getPrincipal().getAttributes();
+ //获取用户信息中公开的Attributes部分
+ map.get("user_name"); //获取登录用户姓名,默认可获取
+ map.get("uid"); //获取登录用户id,需接入应用配置方可获取
+
+ }
+
String token = request.getHeader("token");
if (StringUtils.isEmpty(token)) {
diff --git a/src/main/java/com/yipin/liuwanr/filter/CasFilter.java b/src/main/java/com/yipin/liuwanr/filter/CasFilter.java
new file mode 100644
index 0000000..0b2bdb4
--- /dev/null
+++ b/src/main/java/com/yipin/liuwanr/filter/CasFilter.java
@@ -0,0 +1,18 @@
+package com.yipin.liuwanr.filter;
+
+
+import org.jasig.cas.client.authentication.AuthenticationFilter;
+import org.springframework.core.annotation.Order;
+
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.annotation.WebInitParam;
+
+@Order(value = 0)
+@WebFilter(filterName = "CAS Authentication Filter", urlPatterns = "/*", initParams = {
+ @WebInitParam(name = "casServerLoginUrl", value = "https://idas.uestc.edu.cn"),
+ @WebInitParam(name = "serverName", value = "http://222.197.183.3:8090")
+})
+//自定义一个继承CAS过滤器的过滤器,不用具体实现也可以生效
+public class CasFilter extends AuthenticationFilter {
+
+}
diff --git a/src/main/java/com/yipin/liuwanr/filter/LocalUserInfoFilter.java b/src/main/java/com/yipin/liuwanr/filter/LocalUserInfoFilter.java
new file mode 100644
index 0000000..d5a53a8
--- /dev/null
+++ b/src/main/java/com/yipin/liuwanr/filter/LocalUserInfoFilter.java
@@ -0,0 +1,49 @@
+package com.yipin.liuwanr.filter;
+
+import com.alibaba.dubbo.common.utils.StringUtils;
+import com.yipin.liuwanr.util.CASUtil;
+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.jasig.cas.client.util.AbstractCasFilter;
+import org.jasig.cas.client.validation.Assertion;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+import java.util.Map;
+
+/**
+ * 本地用户信息过滤器
+ *
+ * @author weiller 2018年1月23日10:27:30
+ */
+
+public class LocalUserInfoFilter implements Filter {
+
+ Logger logger = LoggerFactory.getLogger(LocalUserInfoFilter.class);
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ HttpServletRequest httpServletRequest = (HttpServletRequest)request;
+ Map loginName = CASUtil.getAccountNameFromCas(httpServletRequest);
+ assert loginName != null;
+ if(!loginName.isEmpty()){
+ logger.info("访问者 :" +loginName.get("user_name"));
+ logger.info("访问者 :" +loginName.get("uid"));
+ httpServletRequest.getSession().setAttribute("loginName", loginName.get("user_name"));
+ }
+ chain.doFilter(request, response);
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+}
+
diff --git a/src/main/java/com/yipin/liuwanr/util/CASUtil.java b/src/main/java/com/yipin/liuwanr/util/CASUtil.java
new file mode 100644
index 0000000..f1c3eb7
--- /dev/null
+++ b/src/main/java/com/yipin/liuwanr/util/CASUtil.java
@@ -0,0 +1,34 @@
+package com.yipin.liuwanr.util;
+
+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.jasig.cas.client.util.AbstractCasFilter;
+import org.jasig.cas.client.validation.Assertion;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+
+/**
+ * cas client常用工具类
+ *
+ * @author weiller
+ */
+
+public class CASUtil {
+
+ /**
+ * 从cas中获取用户名
+ *
+ * @param request
+ * @return
+ */
+ public static Map getAccountNameFromCas(HttpServletRequest request) {
+ Assertion assertion = (Assertion) request.getSession()
+ .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
+ if(assertion!= null){
+ AttributePrincipal principal = assertion.getPrincipal();
+
+ return assertion.getAttributes();
+ }else return null;
+
+ }
+}
diff --git a/src/main/java/com/yipin/liuwanr/util/UserIdUtils.java b/src/main/java/com/yipin/liuwanr/util/UserIdUtils.java
new file mode 100644
index 0000000..2b323be
--- /dev/null
+++ b/src/main/java/com/yipin/liuwanr/util/UserIdUtils.java
@@ -0,0 +1,35 @@
+package com.yipin.liuwanr.util;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+@Component
+public class UserIdUtils {
+ @Autowired
+ StringRedisTemplate redisTemplate;
+ @Autowired
+ HttpServletRequest request;
+ public Integer getUserIdByToken(){
+ String token = request.getHeader("token");
+ if (StringUtils.isEmpty(token)){
+ return 0;
+ }
+ ValueOperations ops = redisTemplate.opsForValue();
+ Object loginStatus = ops.get(token);
+ if (StringUtils.isEmpty(loginStatus)){
+ return 0;
+ }else {
+ String userId = request.getHeader("userId");
+ if (!StringUtils.isEmpty(userId)){
+ return Integer.parseInt(userId);
+ }else {
+ return Integer.parseInt(loginStatus.toString());
+ }
+ }
+ }
+}