Skip to content

o2oa
o2oa

浙江兰德纵横网络技术股份有限公司 / o2oa

通知 339
Star 10
Fork 6
o2oa
o2oa

体验新版 GitCode,发现更多精彩内容 >>

提交 98fa70ca 编写于 作者: O o2null
浏览文件
操作

Merge branch 'fix/invoke_token' into 'wrdp' 

改为通过sso配置进行验证

See merge request o2oa/o2oa!2784
上级 4e7973c1 87552363
隐藏空白更改
内联 并排
Showing with 110 addition and 55 deletion
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionGetLogin.java
浏览文件 @ 98fa70ca
......@@ -40,8 +40,8 @@ class ActionGetLogin extends BaseAction {
if (StringUtils.isEmpty(client)) {
throw new ExceptionClientEmpty();
}
if (StringUtils.isEmpty(client)) {
throw new ExceptionTokenEmpty();
if (StringUtils.isEmpty(token)) {
throw new ExceptionEmptyToken();
}
Sso sso = Config.token().findSso(client);
if (null == sso) {
......@@ -63,7 +63,7 @@ class ActionGetLogin extends BaseAction {
flag = URLDecoder.decode(flag, "UTF-8");
String timeString = StringUtils.substringAfter(content, "#");
if (StringUtils.isEmpty(flag)) {
throw new ExceptionTokenFlagEmpty();
throw new ExceptionEmptyCredential();
}
Date date = new Date(Long.parseLong(timeString));
Date now = new Date();
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionPostLogin.java
浏览文件 @ 98fa70ca
......@@ -46,7 +46,7 @@ class ActionPostLogin extends BaseAction {
throw new ExceptionClientEmpty();
}
if (StringUtils.isEmpty(wi.getToken())) {
throw new ExceptionTokenEmpty();
throw new ExceptionEmptyToken();
}
Sso sso = Config.token().findSso(wi.getClient());
if (null == sso) {
......@@ -66,7 +66,7 @@ class ActionPostLogin extends BaseAction {
flag = URLDecoder.decode(flag, "UTF-8");
String timeString = StringUtils.substringAfter(content, "#");
if (StringUtils.isEmpty(flag)) {
throw new ExceptionTokenFlagEmpty();
throw new ExceptionEmptyCredential();
}
Date date = new Date(Long.parseLong(timeString));
Date now = new Date();
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenFlagEmpty.java o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionEmptyToken.java
浏览文件 @ 98fa70ca
......@@ -2,11 +2,11 @@ package com.x.organization.assemble.authentication.jaxrs.sso;
import com.x.base.core.project.exception.PromptException;
class ExceptionTokenFlagEmpty extends PromptException {
class ExceptionEmptyToken extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionTokenFlagEmpty() {
super("token中包含的unique不能为空.");
ExceptionEmptyToken() {
super("sso 没有提供解码令牌.");
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionExecuteToken.java
浏览文件 @ 98fa70ca
......@@ -11,13 +11,20 @@ import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.project.cache.Cache.CacheCategory;
import com.x.base.core.project.config.Config;
import com.x.base.core.project.config.Token.Sso;
import com.x.base.core.project.exception.ExceptionEntityNotExist;
import com.x.base.core.project.exception.ExceptionPersonNotExist;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.logger.Logger;
import com.x.base.core.project.logger.LoggerFactory;
import com.x.base.core.project.tools.Crypto;
import com.x.base.core.project.tools.DefaultCharset;
import com.x.program.center.Business;
import com.x.program.center.core.entity.Invoke;
class ActionExecuteToken extends BaseAction {
......@@ -26,8 +33,8 @@ class ActionExecuteToken extends BaseAction {
private static final String SPLIT = "#";
ActionResult<Object> execute(HttpServletRequest request, EffectivePerson effectivePerson, String flag, String token,
JsonElement jsonElement) throws Exception {
ActionResult<Object> execute(HttpServletRequest request, EffectivePerson effectivePerson, String flag,
String client, String token, JsonElement jsonElement) throws Exception {
CacheCategory cacheCategory = new CacheCategory(Invoke.class);
......@@ -48,24 +55,43 @@ class ActionExecuteToken extends BaseAction {
}
}
String content = Crypto.decrypt(token, invoke.getKey());
String name = URLDecoder.decode(StringUtils.substringBefore(content, SPLIT), "UTF-8");
String timeString = StringUtils.substringAfter(content, SPLIT);
if (StringUtils.isEmpty(name)) {
throw new ExceptionTokenNameEmpty();
if (StringUtils.isEmpty(client)) {
throw new ExceptionClientEmpty();
}
if (!StringUtils.equalsIgnoreCase(name, invoke.getName())) {
throw new ExceptionTokenNameNotMatch(name);
if (StringUtils.isEmpty(token)) {
throw new ExceptionTokenEmpty();
}
Sso sso = Config.token().findSso(client);
if (null == sso) {
throw new ExceptionClientNotExist(client);
}
String content = null;
logger.debug("decrypt sso client:{}, token:{}, key:{}.", client, token, sso.getKey());
try {
content = Crypto.decrypt(token, sso.getKey());
logger.debug("decrypt sso client:{}, token:{}, key:{}, content:{}.", client, token, sso.getKey(), content);
} catch (Exception e) {
throw new ExceptionReadToken(client, token);
}
String credential = URLDecoder.decode(StringUtils.substringBefore(content, SPLIT),
DefaultCharset.name_iso_utf_8);
String timeString = StringUtils.substringAfter(content, SPLIT);
if (StringUtils.isEmpty(credential)) {
throw new ExceptionEmptyCredential();
}
Date date = new Date(Long.parseLong(timeString));
Date now = new Date();
// 15分钟
if (Math.abs((now.getTime() - date.getTime())) >= (60000 * 15)) {
throw new ExceptionTokenExpired();
}
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
String person = business.organization().person().get(credential);
if (StringUtils.isEmpty(person)) {
throw new ExceptionPersonNotExist(credential);
}
}
return executeInvoke(request, effectivePerson, jsonElement, cacheCategory, invoke);
}
......
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionToken.java
浏览文件 @ 98fa70ca
......@@ -16,7 +16,7 @@ class ActionToken extends BaseAction {
ActionResult<Wo> result = new ActionResult<>();
Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
Wo wo = new Wo();
String value = wi.getName() + "#" + wi.getDate().getTime();
String value = wi.getPerson() + "#" + wi.getDate().getTime();
wo.setValue(Crypto.encrypt(value, wi.getKey()));
result.setData(wo);
return result;
......@@ -26,8 +26,8 @@ class ActionToken extends BaseAction {
private static final long serialVersionUID = -251331390296713913L;
@FieldDescribe("名称")
private String name;
@FieldDescribe("用户标识")
private String person;
@FieldDescribe("时间,如果为空那么采用当前时间.")
private Date date;
......@@ -39,12 +39,12 @@ class ActionToken extends BaseAction {
@FieldDescribe("密钥")
private String key;
public String getName() {
return name;
public String getPerson() {
return person;
}
public void setName(String name) {
this.name = name;
public void setPerson(String person) {
this.person = person;
}
public String getKey() {
......
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientEmpty.java 0 → 100644
浏览文件 @ 98fa70ca
package com.x.program.center.jaxrs.invoke;
import com.x.base.core.project.exception.PromptException;
class ExceptionClientEmpty extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionClientEmpty() {
super("sso 配置client不能为空.");
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientNotExist.java 0 → 100644
浏览文件 @ 98fa70ca
package com.x.program.center.jaxrs.invoke;
import com.x.base.core.project.exception.PromptException;
class ExceptionClientNotExist extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionClientNotExist(String client) {
super("{} sso 配置不存在.", client);
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionEmptyCredential.java 0 → 100644
浏览文件 @ 98fa70ca
package com.x.program.center.jaxrs.invoke;
import com.x.base.core.project.exception.PromptException;
class ExceptionEmptyCredential extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionEmptyCredential() {
super("名称为空.");
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionReadToken.java 0 → 100644
浏览文件 @ 98fa70ca
package com.x.program.center.jaxrs.invoke;
import com.x.base.core.project.exception.PromptException;
class ExceptionReadToken extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionReadToken(String client, String token) {
super("can not read sso token, client:{}, token:{}.", client, token);
}
}
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenEmpty.java o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionTokenEmpty.java
浏览文件 @ 98fa70ca
package com.x.organization.assemble.authentication.jaxrs.sso;
package com.x.program.center.jaxrs.invoke;
import com.x.base.core.project.exception.PromptException;
......@@ -7,6 +7,6 @@ class ExceptionTokenEmpty extends PromptException {
private static final long serialVersionUID = 4132300948670472899L;
ExceptionTokenEmpty() {
super("sso 没有提供解码.");
super("sso 没有提供解码令牌.");
}
}
o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/InvokeAction.java
浏览文件 @ 98fa70ca
......@@ -161,18 +161,19 @@ public class InvokeAction extends StandardJaxrsAction {
asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
}
@JaxrsMethodDescribe(value = "进行认证后执行调用接口,认证令牌格式'name#1970年毫秒数'经过3des加密,加密密钥为key值,有效时间15分钟.", action = ActionExecuteToken.class)
@JaxrsMethodDescribe(value = "进行认证后执行调用接口,认证令牌格式'person#1970年毫秒数'经过3des加密,加密密钥为key值,有效时间15分钟.", action = ActionExecuteToken.class)
@POST
@Path("{flag}/token/{token}/execute")
@Path("{flag}/client/{client}/token/{token}/execute")
@Produces(HttpMediaType.APPLICATION_JSON_UTF_8)
@Consumes(MediaType.APPLICATION_JSON)
public void executeToken(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
@JaxrsParameterDescribe("标识") @PathParam("flag") String flag,
@JaxrsParameterDescribe("客户标识") @PathParam("client") String client,
@JaxrsParameterDescribe("令牌") @PathParam("token") String token, JsonElement jsonElement) {
ActionResult<Object> result = new ActionResult<>();
EffectivePerson effectivePerson = this.effectivePerson(request);
try {
result = new ActionExecuteToken().execute(request, effectivePerson, flag, token, jsonElement);
result = new ActionExecuteToken().execute(request, effectivePerson, flag, client, token, jsonElement);
} catch (Exception e) {
logger.error(e, effectivePerson, request, jsonElement);
result.error(e);
......
o2server/x_program_center_core_entity/src/main/java/com/x/program/center/core/entity/Invoke.java
浏览文件 @ 98fa70ca
......@@ -13,7 +13,6 @@ import javax.persistence.Lob;
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
import org.apache.commons.lang3.StringUtils;
import org.apache.openjpa.persistence.jdbc.Index;
import com.x.base.core.entity.JpaObject;
......@@ -23,7 +22,6 @@ import com.x.base.core.entity.annotation.CitationNotExist;
import com.x.base.core.entity.annotation.ContainerEntity;
import com.x.base.core.entity.annotation.Flag;
import com.x.base.core.project.annotation.FieldDescribe;
import com.x.base.core.project.tools.StringTools;
@Entity
@ContainerEntity(dumpSize = 1000, type = ContainerEntity.Type.content, reference = ContainerEntity.Reference.strong)
......@@ -50,12 +48,8 @@ public class Invoke extends SliceJpaObject {
@Column(length = length_id, name = ColumnNamePrefix + id_FIELDNAME)
private String id = createId();
/* 以上为 JpaObject 默认字段 */
public void onPersist() throws Exception {
if (StringUtils.isEmpty(this.key)) {
this.key = StringTools.uniqueToken();
}
}
public static final String name_FIELDNAME = "name";
......@@ -66,14 +60,8 @@ public class Invoke extends SliceJpaObject {
@Index(name = TABLE + IndexNameMiddle + name_FIELDNAME)
private String name;
public static final String key_FIELDNAME = "key";
@FieldDescribe("进行验证时使用的key.")
@Column(length = JpaObject.length_255B, name = ColumnNamePrefix + key_FIELDNAME)
@CheckPersist(allowEmpty = true)
private String key;
public static final String enableToken_FIELDNAME = "enableToken";
@FieldDescribe("进行验证时使用的key.")
@FieldDescribe("是否启用token验证.")
@Column(name = ColumnNamePrefix + enableToken_FIELDNAME)
@CheckPersist(allowEmpty = true)
private Boolean enableToken = false;
......@@ -207,14 +195,6 @@ public class Invoke extends SliceJpaObject {
this.remoteAddrRegex = remoteAddrRegex;
}
public String getKey() {
return key;
}
public void setKey(String key) {
this.key = key;
}
public Boolean getEnableToken() {
return enableToken;
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册