|
|
@@ -118,7 +118,7 @@ public class SSOInterceptor extends B2bAbstractSSOInterceptor {
|
|
|
private HashMap<Long, Collection<GrantedAuthority>> authorities;
|
|
|
|
|
|
/**
|
|
|
- * 验证失败
|
|
|
+ * cookie中无用户信息情况
|
|
|
*
|
|
|
* @param request request
|
|
|
* @param response response
|
|
|
@@ -143,79 +143,35 @@ public class SSOInterceptor extends B2bAbstractSSOInterceptor {
|
|
|
* @param request
|
|
|
*/
|
|
|
private User getUserByAccessToken(HttpServletRequest request) {
|
|
|
+ Object sessionUser = request.getSession().getAttribute("user");
|
|
|
+ if (sessionUser != null) {
|
|
|
+ // session里面原先存在user信息,接下来要判断此user是否与token绑定的user信息一致
|
|
|
+ // 一致则跳过,无需再次验证;不一致则替换
|
|
|
+ User user = (User) sessionUser;
|
|
|
+ if (UserCreater.isVirtual(user)) {
|
|
|
+ return user;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
String token = request.getParameter(PARAM_ACCESS_TOKEN);
|
|
|
String type = request.getParameter(PARAM_CLIENT_TYPE);
|
|
|
// 发现有采用access_token方式
|
|
|
if (CLIENT_TYPE_MANAGE.equals(type) && token != null) {
|
|
|
- // 清除上一次访问的数据
|
|
|
- Object sessionUser = request.getSession().getAttribute("user");
|
|
|
- if (sessionUser != null) {
|
|
|
- // session里面原先存在user信息,接下来要判断此user是否与token绑定的user信息一致
|
|
|
- // 一致则跳过,无需再次验证;不一致则替换
|
|
|
- User user = (User) sessionUser;
|
|
|
- if (UserCreater.isVirtual(user)) {
|
|
|
+ Map<String, Object> data = accessTokenService.validFormManage(token);
|
|
|
+ if (data.containsKey("user") && data.containsKey("bind")) {
|
|
|
+ long enUU = Long.parseLong(data.get("bind").toString());
|
|
|
+ Enterprise enterprise = enterpriseService.findById(enUU);
|
|
|
+ if (enterprise != null) {
|
|
|
+ List<Role> roles = roleService.findByEnterprise(enUU);
|
|
|
+ // 虚拟用户
|
|
|
+ User user = UserCreater.createVirtual(String.valueOf(data.get("user")), enterprise, roles);
|
|
|
return user;
|
|
|
}
|
|
|
- } else {
|
|
|
- Map<String, Object> data = accessTokenService.validFormManage(token);
|
|
|
- if (data.containsKey("user") && data.containsKey("bind")) {
|
|
|
- long enUU = Long.parseLong(data.get("bind").toString());
|
|
|
- Enterprise enterprise = enterpriseService.findById(enUU);
|
|
|
- if (enterprise != null) {
|
|
|
- List<Role> roles = roleService.findByEnterprise(enUU);
|
|
|
- // 虚拟用户
|
|
|
- User user = UserCreater.createVirtual(String.valueOf(data.get("user")), enterprise, roles);
|
|
|
- return user;
|
|
|
- }
|
|
|
- }
|
|
|
}
|
|
|
}
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
- /**
|
|
|
- * 获取登录地址
|
|
|
- *
|
|
|
- * @param request
|
|
|
- * @param response
|
|
|
- * @return
|
|
|
- * @throws IOException
|
|
|
- */
|
|
|
- private String getLoginPage(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
|
|
- // 引用页面
|
|
|
- String referSymbol = "Referer";
|
|
|
- request.getSession().setAttribute(SSOConfig.SSOReferer, request.getHeader(referSymbol));
|
|
|
- SSOHelper.clearLogin(request, response);
|
|
|
- return (SSOHelper.getRedirectLoginUrl(request, conf.getB2b()));
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * 输出json格式
|
|
|
- *
|
|
|
- * @param obj 对象
|
|
|
- * @throws IOException IO异常
|
|
|
- */
|
|
|
- protected void printJson(HttpServletResponse response, Object obj) throws IOException {
|
|
|
- response.addHeader("Content-Type", "application/json; charset=UTF-8");
|
|
|
- PrintWriter printWriter = response.getWriter();
|
|
|
- printWriter.append(FlexJsonUtils.toJson(obj));
|
|
|
- printWriter.flush();
|
|
|
- printWriter.close();
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * 设置response相关状态
|
|
|
- *
|
|
|
- * @param response response
|
|
|
- * @param authorized 验证是否通过
|
|
|
- */
|
|
|
- protected void setResponseAuthorized(HttpServletResponse response, boolean authorized) {
|
|
|
- Integer status = authorized ? HttpStatus.OK.value() : HttpStatus.UNAUTHORIZED.value();
|
|
|
- response.setStatus(status);
|
|
|
- String authorizedValue = authorized ? HttpStatus.OK.name() : HttpStatus.UNAUTHORIZED.name();
|
|
|
- response.setHeader("authorized", authorizedValue);
|
|
|
- }
|
|
|
-
|
|
|
/**
|
|
|
* 处理验证失败,有两种情况:<br/>
|
|
|
* 1. cookie没有带uid<br/>
|
|
|
@@ -255,6 +211,49 @@ public class SSOInterceptor extends B2bAbstractSSOInterceptor {
|
|
|
return false;
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * 输出json格式
|
|
|
+ *
|
|
|
+ * @param obj 对象
|
|
|
+ * @throws IOException IO异常
|
|
|
+ */
|
|
|
+ protected void printJson(HttpServletResponse response, Object obj) throws IOException {
|
|
|
+ response.addHeader("Content-Type", "application/json; charset=UTF-8");
|
|
|
+ PrintWriter printWriter = response.getWriter();
|
|
|
+ printWriter.append(FlexJsonUtils.toJson(obj));
|
|
|
+ printWriter.flush();
|
|
|
+ printWriter.close();
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 获取登录地址
|
|
|
+ *
|
|
|
+ * @param request
|
|
|
+ * @param response
|
|
|
+ * @return
|
|
|
+ * @throws IOException
|
|
|
+ */
|
|
|
+ private String getLoginPage(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
|
|
+ // 引用页面
|
|
|
+ String referSymbol = "Referer";
|
|
|
+ request.getSession().setAttribute(SSOConfig.SSOReferer, request.getHeader(referSymbol));
|
|
|
+ SSOHelper.clearLogin(request, response);
|
|
|
+ return (SSOHelper.getRedirectLoginUrl(request, conf.getB2b()));
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 设置response相关状态
|
|
|
+ *
|
|
|
+ * @param response response
|
|
|
+ * @param authorized 验证是否通过
|
|
|
+ */
|
|
|
+ protected void setResponseAuthorized(HttpServletResponse response, boolean authorized) {
|
|
|
+ Integer status = authorized ? HttpStatus.OK.value() : HttpStatus.UNAUTHORIZED.value();
|
|
|
+ response.setStatus(status);
|
|
|
+ String authorizedValue = authorized ? HttpStatus.OK.name() : HttpStatus.UNAUTHORIZED.name();
|
|
|
+ response.setHeader("authorized", authorizedValue);
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* 处理验证成功
|
|
|
* @param request
|
|
|
@@ -268,7 +267,7 @@ public class SSOInterceptor extends B2bAbstractSSOInterceptor {
|
|
|
}
|
|
|
|
|
|
/**
|
|
|
- * 验证成功
|
|
|
+ * cookie中有用户信息情况
|
|
|
*
|
|
|
* @param request request
|
|
|
* @param response response
|
suntg