Merge remote-tracking branch 'origin/release-domain-wangmh' into dev

sso-server/src/main/java/com/uas/sso/controller/LoginController.java

@@ -24,6 +24,7 @@ import com.uas.sso.service.UserService;
 import com.uas.sso.service.UserspaceService;
 import com.uas.sso.util.BeanUtil;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.DomainUtil;
 import com.uas.sso.util.MessageUtils;
 import com.uas.sso.util.StringUtil;
 import org.slf4j.Logger;
@@ -426,6 +427,7 @@ public class LoginController extends BaseController {
         UserAccount userAccount = spaceUU == null ? personalAccountService.findOneByUserUU(appId, userUU) : userAccountService.findOneByUserUU(appId, userUU, spaceUU);
         SSOToken st = new SSOToken(request, userAccount.getMobile());
         st.setData(JSON.toJSONString(userAccount));
+        SSOHelper.getSSOService().getConfig().setCookieDomain(DomainUtil.getFirstDomain(request));
         SSOHelper.setSSOCookie(request, response, st, true);
         try {
             printJsonP("successCallback", "{success:'1'}");

sso-server/src/main/java/com/uas/sso/controller/PersonalRegisterController.java

@@ -18,6 +18,7 @@ import com.uas.sso.service.AppService;
 import com.uas.sso.service.PersonalAccountService;
 import com.uas.sso.service.UserService;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.DomainUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.MessageUtils;
 import com.uas.sso.util.PasswordLevelUtils;
@@ -145,6 +146,7 @@ public class PersonalRegisterController extends BaseController {
         List<String> loginUrls = appService.findAllLoginUrl();
         SSOToken st = new SSOToken(request, userAccount.getMobile());
         st.setData(JSON.toJSONString(userAccount));
+        SSOHelper.getSSOService().getConfig().setCookieDomain(DomainUtil.getFirstDomain(request));
         SSOHelper.setSSOCookie(request, response, st, true);
 
         ModelMap data = new ModelMap();

sso-server/src/main/java/com/uas/sso/controller/UserspaceRegisterController.java

@@ -18,6 +18,7 @@ import com.uas.sso.service.UserAccountService;
 import com.uas.sso.service.UserService;
 import com.uas.sso.service.UserspaceService;
 import com.uas.sso.util.CaptchaUtil;
+import com.uas.sso.util.DomainUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.PasswordLevelUtils;
 import com.uas.sso.util.StringUtil;
@@ -215,6 +216,7 @@ public class UserspaceRegisterController extends BaseController {
                 .addAttribute("currentUrl", baseUrl);
         SSOToken st = new SSOToken(request, userAccount.getMobile());
         st.setData(JSON.toJSONString(userAccount));
+        SSOHelper.getSSOService().getConfig().setCookieDomain(DomainUtil.getFirstDomain(request));
         SSOHelper.setSSOCookie(request, response, st, true);
         LOGGER.info("用户（{}）注册并登录成功，时间：{}", admin.getUserUU(), System.currentTimeMillis());
         return success(data);

sso-server/src/main/java/com/uas/sso/service/impl/LoginServiceImpl.java

@@ -16,6 +16,7 @@ import com.uas.sso.foreign.entity.ForeignInfo;
 import com.uas.sso.foreign.factory.ForeignFactory;
 import com.uas.sso.foreign.service.ForeignService;
 import com.uas.sso.service.*;
+import com.uas.sso.util.DomainUtil;
 import com.uas.sso.util.PasswordLevelUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -318,11 +319,16 @@ public class LoginServiceImpl implements LoginService {
 
         // 设置cookie
         request.setAttribute(SSOConfig.SSO_COOKIE_MAXAGE, loginParam.getMaxage());
+        setCookie(userAccount);
+        LOGGER.info("用户（{}）登录成功，时间：{}", userUU, userRecord.getLastLoginTime());
+        return loginByUser(userAccount, loginParam);
+    }
+
+    private void setCookie(UserAccount userAccount) {
         SSOToken st = new SSOToken(request, userAccount.getMobile());
         st.setData(JSON.toJSONString(userAccount));
+        SSOHelper.getSSOService().getConfig().setCookieDomain(DomainUtil.getFirstDomain(request));
         SSOHelper.setSSOCookie(request, response, st, true);
-        LOGGER.info("用户（{}）登录成功，时间：{}", userUU, userRecord.getLastLoginTime());
-        return loginByUser(userAccount, loginParam);
     }
 
     private ModelMap getSpaceSelect(List<UserAccount> userAccounts, boolean personalEnable) {

sso-server/src/main/java/com/uas/sso/util/DomainUtil.java

@@ -0,0 +1,84 @@
+package com.uas.sso.util;
+
+import com.google.common.net.HttpHeaders;
+import com.uas.sso.exception.SSOException;
+import com.uas.sso.exception.VisibleError;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.regex.Pattern;
+
+/**
+ * 获取域名工具
+ *
+ * @author huyy
+ * @date 2018-11-14 15:46
+ */
+public class DomainUtil {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(DomainUtil.class);
+
+    /**
+     * 获取一级域名
+     *
+     * @param request
+     * @return
+     */
+    public static String getFirstDomain(HttpServletRequest request) {
+        // 获取请求host
+        String host = getHost(request);
+        // 把host拆分成一级域名
+        return getDomain(host);
+    }
+
+    /**
+     * 获取域名/IP地址和端口号
+     *
+     * @param request
+     * @return 域名/IP地址:端口号
+     */
+    private static String getHost(HttpServletRequest request) {
+        // 通过nginx反向代理
+        String host = request.getHeader("X-Forwarded-Host");
+        if (host == null) {
+            // 直接访问
+            host = request.getHeader(HttpHeaders.HOST);
+            LOGGER.debug("从请求头[Host]获取域名为：{}", host);
+        } else {
+            LOGGER.debug("从请求头[X-Forwarded-Host]获取域名为：{}", host);
+        }
+        if (host == null) {
+            LOGGER.warn("从请求头[X-Forwarded-Host, Host]获取域名失败");
+            throw new VisibleError("获取域名失败!");
+        }
+        return host;
+    }
+
+    /**
+     * 获取域名
+     *
+     * @param host 域名/IP地址:端口号
+     * @return
+     */
+    private static String getDomain(String host) {
+        String domain = host;
+        // 域名等级，1为一级域名
+        int level = 1;
+        // 去除端口号
+        domain = domain.split(":")[0];
+        String pattern = "^([a-zA-Z0-9]+([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}";
+        boolean isDomain = Pattern.matches(pattern, domain);
+        // 使用域名+端口号形式则解析域名
+        if (isDomain) {
+            String[] domains = domain.split("\\.");
+            int length = domains.length;
+            if (length < level + 1) {
+                LOGGER.warn("域名({})转换{}级域名出错！", host, level + 1);
+                throw new SSOException("域名错误!");
+            }
+            domain = domains[length - 2] + "." + domains[length - 1];
+        }
+        return domain;
+    }
+}