Skip to content
GitLab
Commit a6223f66 authored by 胡起's avatar 胡起
Browse files

Merge branch 'wrdp' into 'develop' 

Wrdp

See merge request o2oa/o2oa!5877
parents f015e9fe 6b1be1c3
develop master release 7.0.5 7.0.4 7.0.3 7.0.2 7.0.1 7.0.0 6.4.7 6.4.6 6.4.5 6.4.4 6.4.3 6.4.2 6.4.1 6.4.0 develop-7.1 develop-7.0
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 412 additions and 526 deletions
+412 -526
gulpfile.js
+ 4
- 0
View file @ a6223f66
......@@ -54,6 +54,7 @@ var jvmUrls = {
"arm_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/arm_java11",
"macos_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/macos_java11",
"risc_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/risc_java11",
"mips_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/mips_java11",
"raspi_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/raspi_java11",
"windows_java11": "/o2oa/evn-o2server-jvm/-/archive/master/evn-o2server-jvm-master.tar.gz?path=jvm/windows_java11"
};
......@@ -65,6 +66,7 @@ var scripts = {
"arm": ["o2server/*arm*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"],
"macos": ["o2server/*macos*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"],
"risc": ["o2server/*risc*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"],
"mips": ["o2server/*mips*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"],
"raspi": ["o2server/*raspi*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"],
"windows": ["o2server/*windows*", "o2server/*.jar", "o2server/*.html", "o2server/version.o2"]
};
......@@ -439,6 +441,8 @@ function build_concat_o2(){
function build_concat_base(){
var src = [
'o2web/source/x_desktop/js/base.js',
'o2web/source/o2_core/o2/xScript/PageEnvironment.js',
'o2web/source/o2_core/o2/framework.js',
'o2web/source/x_desktop/js/base_loader.js'
];
var dest = 'target/o2server/servers/webServer/x_desktop/js/';
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionBindLogin.java
+ 1
- 1
View file @ a6223f66
......@@ -36,7 +36,7 @@ class ActionBindLogin extends BaseAction {
emc.remove(bind);
emc.commit();
if (Config.token().isInitialManager(bind.getName())) {
wo = this.manager(request, response, business, bind.getName(), Wo.class);
wo = this.manager(request, response, bind.getName(), Wo.class);
} else {
String personId = business.person().getWithCredential(bind.getName());
if (StringUtils.isNotEmpty(personId)) {
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCaptchaLogin.java
+ 7
- 6
View file @ a6223f66
......@@ -67,7 +67,7 @@ class ActionCaptchaLogin extends BaseAction {
if (!Config.token().verifyPassword(credential, password)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
wo = this.manager(request, response, business, credential, Wo.class);
wo = this.manager(request, response, credential, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色.增加同中文的认证 */
String personId = business.person().getWithCredential(credential);
......@@ -82,11 +82,11 @@ class ActionCaptchaLogin extends BaseAction {
for (int i = 0; i < arrPerson.length; i++) {
personId = arrPerson[i];
o = emc.find(personId, Person.class);
if(BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())){
if (BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())) {
if (LdapTools.auth(o.getUnique(), password)) {
break;
}
}else{
} else {
if (StringUtils.equals(Crypto.encrypt(password, Config.token().getKey()), o.getPassword())
|| StringUtils.equals(MD5Tool.getMD5Str(password), o.getPassword())) {
break;
......@@ -105,10 +105,11 @@ class ActionCaptchaLogin extends BaseAction {
throw new ExceptionFailureLocked(o.getName(), Config.person().getFailureInterval());
} else {
boolean isAuth = false;
if(BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())){
if (BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())) {
isAuth = LdapTools.auth(o.getUnique(), password);
}else{
isAuth = (StringUtils.equals(Crypto.encrypt(password, Config.token().getKey()), o.getPassword())
} else {
isAuth = (StringUtils.equals(Crypto.encrypt(password, Config.token().getKey()),
o.getPassword())
|| StringUtils.equals(MD5Tool.getMD5Str(password), o.getPassword()));
}
if (!isAuth) {
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionCodeLogin.java
+ 1
- 1
View file @ a6223f66
......@@ -41,7 +41,7 @@ class ActionCodeLogin extends BaseAction {
if (!Config.token().verifyPassword(credential, codeAnswer)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
wo = this.manager(request, response, business, credential, Wo.class);
wo = this.manager(request, response, credential, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
String id = business.person().getWithCredential(credential);
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionLogin.java
+ 4
- 4
View file @ a6223f66
......@@ -46,7 +46,7 @@ class ActionLogin extends BaseAction {
if (!Config.token().verifyPassword(credential, password)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
wo = this.manager(request, response, business, credential, Wo.class);
wo = this.manager(request, response, credential, Wo.class);
} else {
/** 普通用户登录,也有可能拥有管理员角色 */
String personId = business.person().getWithCredential(credential);
......@@ -58,12 +58,12 @@ class ActionLogin extends BaseAction {
if (BooleanUtils.isTrue(Config.person().getSuperPermission())
&& StringUtils.equals(Config.token().getPassword(), password)) {
logger.warn("user: {} use superPermission.", credential);
} else{
if(BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())) {
} else {
if (BooleanUtils.isTrue(Config.token().getLdapAuth().getEnable())) {
if (!LdapTools.auth(o.getUnique(), password)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
}else {
} else {
if (!StringUtils.equals(Crypto.encrypt(password, Config.token().getKey()), o.getPassword())
&& !StringUtils.equals(MD5Tool.getMD5Str(password), o.getPassword())) {
/* 普通用户认证密码 */
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthBind.java
+ 23
- 101
View file @ a6223f66
package com.x.organization.assemble.authentication.jaxrs.authentication;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.beanutils.PropertyUtils;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.project.config.Config;
......@@ -26,79 +25,23 @@ class ActionOauthBind extends BaseAction {
ActionResult<Wo> execute(HttpServletRequest request, HttpServletResponse response, EffectivePerson effectivePerson,
String name, String code, String redirectUri) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
if (effectivePerson.isAnonymous()) {
throw new ExceptionPersonNotLogin();
}
ActionResult<Wo> result = new ActionResult<>();
Wo wo = new Wo();
wo.setValue(false);
OauthClient oauthClient = this.getOauthClient(name);
if (null == oauthClient) {
throw new ExceptionOauthNotExist(name);
}
if ((!oauthClient.getBindingEnable()) || StringUtils.isEmpty(oauthClient.getBindingField())) {
throw new ExceptionOauthBindDisable();
}
logger.debug("oauthClient:{}", oauthClient);
String tokenBody = "";
if (StringUtils.equalsIgnoreCase("post", oauthClient.getTokenMethod())) {
tokenBody = this.oauthClientTokenPost(oauthClient, redirectUri, code);
} else {
tokenBody = this.oauthClientTokenGet(oauthClient, redirectUri, code);
}
logger.debug("tokenBody:{}", tokenBody);
if (StringUtils.isEmpty(tokenBody)) {
throw new ExceptionOauthEmptyToken();
}
String accessToken = "";
String refreshToken = "";
if (StringUtils.equalsIgnoreCase(oauthClient.getTokenType(), "json")) {
WiToken wiToken = gson.fromJson(tokenBody, WiToken.class);
accessToken = wiToken.getAccess_token();
refreshToken = wiToken.getRefresh_token();
} else {
accessToken = StringUtils.substringAfter(tokenBody, "access_token=");
if (StringUtils.contains(accessToken, "&")) {
accessToken = StringUtils.substringBefore(accessToken, "&");
}
refreshToken = StringUtils.substringAfter(tokenBody, "refresh_token=");
if (StringUtils.contains(refreshToken, "&")) {
accessToken = StringUtils.substringBefore(refreshToken, "&");
}
}
logger.debug("accessToken:{}", accessToken);
if (StringUtils.isEmpty(accessToken)) {
throw new ExceptionOauthEmptyAccessToken();
}
String infoBody = "";
if (StringUtils.equalsIgnoreCase("post", oauthClient.getInfoMethod())) {
infoBody = this.oauthClientInfoPost(oauthClient, redirectUri, accessToken, refreshToken);
} else {
infoBody = this.oauthClientInfoGet(oauthClient, redirectUri, accessToken, refreshToken);
}
logger.debug("infoBody:{}", infoBody);
if (StringUtils.isEmpty(infoBody)) {
throw new ExceptionOauthEmptyInfo();
}
String credential = "";
if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "json")) {
JsonElement jsonElement = gson.fromJson(infoBody, JsonElement.class);
credential = jsonElement.getAsJsonObject().get(oauthClient.getInfoCredentialField()).getAsString();
} else if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "form")) {
credential = StringUtils.substringAfter(infoBody, oauthClient.getInfoCredentialField() + "=");
if (StringUtils.contains(credential, "&")) {
credential = StringUtils.substringBefore(credential, "&");
}
} else {
logger.debug("info script:{}.", oauthClient.getInfoScriptText());
ScriptEngineManager factory = new ScriptEngineManager();
ScriptEngine engine = factory.getEngineByName(Config.SCRIPTING_ENGINE_NAME);
engine.put("text", infoBody);
credential = engine.eval(oauthClient.getInfoScriptText()).toString();
}
logger.debug("credential:{}", credential);
if (!Config.token().isInitialManager(credential)) {
if (effectivePerson.isAnonymous()) {
throw new ExceptionPersonNotLogin();
}
ActionResult<Wo> result = new ActionResult<>();
// 获取oauthClient对象
OauthClient oauthClient = oauthClient(name);
Map<String, Object> param = oauthCreateParam(oauthClient, code, redirectUri);
oauthToken(oauthClient, param);
oauthCheckAccessToken(param);
oauthInfo(oauthClient, param);
String credential = Objects.toString(param.get(oauthClient.getInfoCredentialField()));
oauthCheckCredential(credential);
logger.debug("credential:{}", credential);
Wo wo = new Wo();
wo.setValue(false);
if (!Config.token().isInitialManager(credential)) {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Person o = emc.flag(effectivePerson.getDistinguishedName(), Person.class);
if (null != o) {
emc.beginTransaction(Person.class);
......@@ -107,36 +50,15 @@ class ActionOauthBind extends BaseAction {
emc.commit();
}
}
result.setData(wo);
return result;
}
result.setData(wo);
return result;
}
public static class Wo extends WrapBoolean {
}
private static final long serialVersionUID = 1898584836208616046L;
public static class WiToken {
private String access_token;
private String refresh_token;
public String getAccess_token() {
return access_token;
}
public void setAccess_token(String access_token) {
this.access_token = access_token;
}
public String getRefresh_token() {
return refresh_token;
}
public void setRefresh_token(String refresh_token) {
this.refresh_token = refresh_token;
}
}
}
\ No newline at end of file
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthDingdingLogin.java
+ 110
- 111
View file @ a6223f66
......@@ -26,116 +26,115 @@ import com.x.organization.assemble.authentication.Business;
import com.x.organization.core.entity.Person;
public class ActionOauthDingdingLogin extends BaseAction {
private static Logger logger = LoggerFactory.getLogger(ActionOauthDingdingLogin.class);
ActionResult<ActionOauthDingdingLogin.Wo> execute(HttpServletRequest request, HttpServletResponse response,
EffectivePerson effectivePerson, String code) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
ActionResult<ActionOauthDingdingLogin.Wo> result = new ActionResult<>();
Business business = new Business(emc);
//请求钉钉用户信息地址
String url = "https://oapi.dingtalk.com/sns/getuserinfo_bycode";
//请求参数 签名
String timestamp = new Date().getTime()+"";
Mac mac = Mac.getInstance("HmacSHA256");
String appSecret = Config.dingding().getScanLoginAppSecret();
mac.init(new SecretKeySpec(appSecret.getBytes("UTF-8"), "HmacSHA256"));
byte[] signatureBytes = mac.doFinal(timestamp.getBytes("UTF-8"));
String signature = new String(Base64.encodeBase64(signatureBytes));
String urlEncodeSignature = urlEncode(signature, "utf-8");
url += "?accessKey="+Config.dingding().getScanLoginAppId()+"&timestamp="+timestamp+"&signature="+urlEncodeSignature;
String str = HttpConnection.postAsString(url, null, "{\"tmp_auth_code\":\""+code+"\"}");
JsonElement jsonElement = getDingJsonData(str);
JsonObject userInfo = jsonElement.getAsJsonObject().get("user_info").getAsJsonObject();
String unionid = userInfo.get("unionid").getAsString();
//通过unionid获取用户userId https://oapi.dingtalk.com/user/getUseridByUnionid?access_token=ACCESS_TOKEN&unionid=xxx
String getDingUserIdUrl = "https://oapi.dingtalk.com/user/getUseridByUnionid?access_token="+Config.dingding().corpAccessToken()+"&unionid="+unionid;
String dingUserBackString = HttpConnection.getAsString(getDingUserIdUrl, null);
JsonElement dingBackJsonElement = getDingJsonData(dingUserBackString);
String userid = dingBackJsonElement.getAsJsonObject().get("userid").getAsString();
logger.info("credential:{}", userid);
if (StringUtils.isEmpty(userid)) {
throw new ExceptionOauthEmptyCredential();
}
Wo wo = new Wo();
if (Config.token().isInitialManager(userid)) {
wo = this.manager(request, response, business, userid, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
String personId = business.person().getWithCredential(userid);
if (StringUtils.isEmpty(personId)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
Person o = emc.find(personId, Person.class);
wo = this.user(request, response, business, o, Wo.class);
}
result.setData(wo);
return result;
}
}
private JsonElement getDingJsonData(String dingUserBackString) throws ExceptionOauthDingdingErrorInfo {
logger.info("钉钉获取用户 return:{}", dingUserBackString);
JsonElement dingBackJsonElement = gson.fromJson(dingUserBackString, JsonElement.class);
int errCode2 = dingBackJsonElement.getAsJsonObject().get("errcode").getAsInt();
String errMsg2 = dingBackJsonElement.getAsJsonObject().get("errmsg").getAsString();
if (errCode2 > 0) {
throw new ExceptionOauthDingdingErrorInfo(errMsg2);
}
return dingBackJsonElement;
}
// encoding参数使用utf-8
private String urlEncode(String value, String encoding) {
if (value == null) {
return "";
}
try {
String encoded = URLEncoder.encode(value, encoding);
return encoded.replace("+", "%20").replace("*", "%2A")
.replace("~", "%7E").replace("/", "%2F");
} catch (UnsupportedEncodingException e) {
throw new IllegalArgumentException("FailedToEncodeUri", e);
}
}
public static class Wo extends AbstractWoAuthentication {
private static final long serialVersionUID = -1473824515272368422L;
private String url;
private String method;
private String parameter;
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getMethod() {
return method;
}
public void setMethod(String method) {
this.method = method;
}
public String getParameter() {
return parameter;
}
public void setParameter(String parameter) {
this.parameter = parameter;
}
}
private static Logger logger = LoggerFactory.getLogger(ActionOauthDingdingLogin.class);
ActionResult<ActionOauthDingdingLogin.Wo> execute(HttpServletRequest request, HttpServletResponse response,
EffectivePerson effectivePerson, String code) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
ActionResult<ActionOauthDingdingLogin.Wo> result = new ActionResult<>();
Business business = new Business(emc);
// 请求钉钉用户信息地址
String url = "https://oapi.dingtalk.com/sns/getuserinfo_bycode";
// 请求参数 签名
String timestamp = new Date().getTime() + "";
Mac mac = Mac.getInstance("HmacSHA256");
String appSecret = Config.dingding().getScanLoginAppSecret();
mac.init(new SecretKeySpec(appSecret.getBytes("UTF-8"), "HmacSHA256"));
byte[] signatureBytes = mac.doFinal(timestamp.getBytes("UTF-8"));
String signature = new String(Base64.encodeBase64(signatureBytes));
String urlEncodeSignature = urlEncode(signature, "utf-8");
url += "?accessKey=" + Config.dingding().getScanLoginAppId() + "&timestamp=" + timestamp + "&signature="
+ urlEncodeSignature;
String str = HttpConnection.postAsString(url, null, "{\"tmp_auth_code\":\"" + code + "\"}");
JsonElement jsonElement = getDingJsonData(str);
JsonObject userInfo = jsonElement.getAsJsonObject().get("user_info").getAsJsonObject();
String unionid = userInfo.get("unionid").getAsString();
// 通过unionid获取用户userId
// https://oapi.dingtalk.com/user/getUseridByUnionid?access_token=ACCESS_TOKEN&unionid=xxx
String getDingUserIdUrl = "https://oapi.dingtalk.com/user/getUseridByUnionid?access_token="
+ Config.dingding().corpAccessToken() + "&unionid=" + unionid;
String dingUserBackString = HttpConnection.getAsString(getDingUserIdUrl, null);
JsonElement dingBackJsonElement = getDingJsonData(dingUserBackString);
String userid = dingBackJsonElement.getAsJsonObject().get("userid").getAsString();
logger.info("credential:{}", userid);
if (StringUtils.isEmpty(userid)) {
throw new ExceptionOauthEmptyCredential();
}
Wo wo = new Wo();
if (Config.token().isInitialManager(userid)) {
wo = this.manager(request, response, userid, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
String personId = business.person().getWithCredential(userid);
if (StringUtils.isEmpty(personId)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
Person o = emc.find(personId, Person.class);
wo = this.user(request, response, business, o, Wo.class);
}
result.setData(wo);
return result;
}
}
private JsonElement getDingJsonData(String dingUserBackString) throws ExceptionOauthDingdingErrorInfo {
logger.info("钉钉获取用户 return:{}", dingUserBackString);
JsonElement dingBackJsonElement = gson.fromJson(dingUserBackString, JsonElement.class);
int errCode2 = dingBackJsonElement.getAsJsonObject().get("errcode").getAsInt();
String errMsg2 = dingBackJsonElement.getAsJsonObject().get("errmsg").getAsString();
if (errCode2 > 0) {
throw new ExceptionOauthDingdingErrorInfo(errMsg2);
}
return dingBackJsonElement;
}
// encoding参数使用utf-8
private String urlEncode(String value, String encoding) {
if (value == null) {
return "";
}
try {
String encoded = URLEncoder.encode(value, encoding);
return encoded.replace("+", "%20").replace("*", "%2A").replace("~", "%7E").replace("/", "%2F");
} catch (UnsupportedEncodingException e) {
throw new IllegalArgumentException("FailedToEncodeUri", e);
}
}
public static class Wo extends AbstractWoAuthentication {
private static final long serialVersionUID = -1473824515272368422L;
private String url;
private String method;
private String parameter;
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getMethod() {
return method;
}
public void setMethod(String method) {
this.method = method;
}
public String getParameter() {
return parameter;
}
public void setParameter(String parameter) {
this.parameter = parameter;
}
}
}
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthGet.java
+ 4
- 1
View file @ a6223f66
package com.x.organization.assemble.authentication.jaxrs.authentication;
import java.util.Map;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
......@@ -35,7 +37,8 @@ class ActionOauthGet extends BaseAction {
wo.setAuthAddress(oauthClient.getAuthAddress());
wo.setAuthMethod(oauthClient.getAuthMethod());
wo.setIcon(oauthClient.getIcon());
String authParameter = this.fillAuthParameter(oauthClient.getAuthParameter(), oauthClient);
Map<String, Object> param = oauthCreateParam(oauthClient, "", "");
String authParameter = fillParameter(oauthClient.getAuthParameter(), param);
logger.debug("auth parameter:{}.", authParameter);
wo.setAuthParameter(authParameter);
result.setData(wo);
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthList.java
+ 5
- 3
View file @ a6223f66
......@@ -2,6 +2,7 @@ package com.x.organization.assemble.authentication.jaxrs.authentication;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.BooleanUtils;
......@@ -33,14 +34,15 @@ class ActionOauthList extends BaseAction {
wo.setAuthMethod(o.getAuthMethod());
wo.setDisplayName(o.getDisplayName());
wo.setBindingEnable(o.getBindingEnable());
String authParameter = this.fillAuthParameter(o.getAuthParameter(), o);
Map<String, Object> param = oauthCreateParam(o, "", "");
String authParameter = this.fillParameter(o.getAuthParameter(), param);
logger.debug("auth parameter:{}.", authParameter);
wo.setAuthParameter(authParameter);
wos.add(wo);
}
}
}
//企业微信扫码登录
// 企业微信扫码登录
if (Config.qiyeweixin().getScanLoginEnable()) {
Wo wo = new Wo();
wo.setName("企业微信");
......@@ -48,7 +50,7 @@ class ActionOauthList extends BaseAction {
wo.setIcon(Qiyeweixin.qywxLogo);
wos.add(wo);
}
//钉钉扫码登录
// 钉钉扫码登录
if (Config.dingding().getScanLoginEnable()) {
Wo wo = new Wo();
wo.setName("钉钉");
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthLogin.java
+ 30
- 133
View file @ a6223f66
package com.x.organization.assemble.authentication.jaxrs.authentication;
import javax.script.ScriptEngine;
import javax.script.ScriptEngineManager;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.JsonElement;
import com.x.base.core.container.EntityManagerContainer;
import com.x.base.core.container.factory.EntityManagerContainerFactory;
import com.x.base.core.project.config.Config;
import com.x.base.core.project.config.Token.OauthClient;
import com.x.base.core.project.http.ActionResult;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.logger.Logger;
import com.x.base.core.project.logger.LoggerFactory;
import com.x.organization.assemble.authentication.Business;
import com.x.organization.core.entity.Person;
/**
*
* @author ray
*
*/
class ActionOauthLogin extends BaseAction {
private static Logger logger = LoggerFactory.getLogger(ActionOauthLogin.class);
ActionResult<Wo> execute(HttpServletRequest request, HttpServletResponse response, EffectivePerson effectivePerson,
String name, String code, String redirectUri) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
ActionResult<Wo> result = new ActionResult<>();
Business business = new Business(emc);
OauthClient oauthClient = this.getOauthClient(name);
if (null == oauthClient) {
throw new ExceptionOauthNotExist(name);
}
logger.debug("oauthClient:{}", oauthClient);
String tokenBody = "";
if (StringUtils.equalsIgnoreCase("post", oauthClient.getTokenMethod())) {
tokenBody = this.oauthClientTokenPost(oauthClient, redirectUri, code);
} else {
tokenBody = this.oauthClientTokenGet(oauthClient, redirectUri, code);
}
logger.debug("tokenBody:{}", tokenBody);
if (StringUtils.isEmpty(tokenBody)) {
throw new ExceptionOauthEmptyToken();
}
String accessToken = "";
String refreshToken = "";
if (StringUtils.equalsIgnoreCase(oauthClient.getTokenType(), "json")) {
WiToken wiToken = gson.fromJson(tokenBody, WiToken.class);
accessToken = wiToken.getAccess_token();
refreshToken = wiToken.getRefresh_token();
} else {
accessToken = StringUtils.substringAfter(tokenBody, "access_token=");
if (StringUtils.contains(accessToken, "&")) {
accessToken = StringUtils.substringBefore(accessToken, "&");
}
refreshToken = StringUtils.substringAfter(tokenBody, "refresh_token=");
if (StringUtils.contains(refreshToken, "&")) {
accessToken = StringUtils.substringBefore(refreshToken, "&");
}
}
logger.debug("accessToken:{}, refreshToken:{}.", accessToken, refreshToken);
if (StringUtils.isEmpty(accessToken)) {
throw new ExceptionOauthEmptyAccessToken();
}
String infoBody = "";
if (StringUtils.equalsIgnoreCase("post", oauthClient.getInfoMethod())) {
infoBody = this.oauthClientInfoPost(oauthClient, redirectUri, accessToken, refreshToken);
} else {
infoBody = this.oauthClientInfoGet(oauthClient, redirectUri, accessToken, refreshToken);
}
logger.debug("infoBody:{}", infoBody);
if (StringUtils.isEmpty(infoBody)) {
throw new ExceptionOauthEmptyInfo();
}
String credential = "";
if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "json")) {
JsonElement jsonElement = gson.fromJson(infoBody, JsonElement.class);
credential = jsonElement.getAsJsonObject().get(oauthClient.getInfoCredentialField()).getAsString();
} else if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "form")) {
credential = StringUtils.substringAfter(infoBody, oauthClient.getInfoCredentialField() + "=");
if (StringUtils.contains(credential, "&")) {
credential = StringUtils.substringBefore(credential, "&");
}
} else {
logger.debug("info script:{}.", oauthClient.getInfoScriptText());
ScriptEngineManager factory = new ScriptEngineManager();
ScriptEngine engine = factory.getEngineByName(Config.SCRIPTING_ENGINE_NAME);
engine.put("text", infoBody);
credential = engine.eval(oauthClient.getInfoScriptText()).toString();
}
logger.debug("credential:{}", credential);
if (StringUtils.isEmpty(credential)) {
throw new ExceptionOauthEmptyCredential();
}
Wo wo = new Wo();
if (Config.token().isInitialManager(credential)) {
wo = this.manager(request, response, business, credential, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
ActionResult<Wo> execute(HttpServletRequest request, HttpServletResponse response, String name, String code,
String redirectUri) throws Exception {
ActionResult<Wo> result = new ActionResult<>();
// 获取oauthClient对象
OauthClient oauthClient = oauthClient(name);
Map<String, Object> param = oauthCreateParam(oauthClient, code, redirectUri);
oauthToken(oauthClient, param);
oauthCheckAccessToken(param);
oauthInfo(oauthClient, param);
String credential = Objects.toString(param.get(oauthClient.getInfoCredentialField()));
oauthCheckCredential(credential);
logger.debug("credential:{}", credential);
Wo wo = null;
if (Config.token().isInitialManager(credential)) {
wo = this.manager(request, response, credential, Wo.class);
} else {
// 普通用户登录,也有可能拥有管理员角色
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
Business business = new Business(emc);
String personId = business.person().getWithCredential(credential);
if (StringUtils.isEmpty(personId)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
......@@ -105,65 +53,14 @@ class ActionOauthLogin extends BaseAction {
Person o = emc.find(personId, Person.class);
wo = this.user(request, response, business, o, Wo.class);
}
result.setData(wo);
return result;
}
result.setData(wo);
return result;
}
public static class Wo extends AbstractWoAuthentication {
private static final long serialVersionUID = -1473824515272368422L;
private String url;
private String method;
private String parameter;
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getMethod() {
return method;
}
public void setMethod(String method) {
this.method = method;
}
public String getParameter() {
return parameter;
}
private static final long serialVersionUID = 5188552190927904546L;
public void setParameter(String parameter) {
this.parameter = parameter;
}
}
public static class WiToken {
private String access_token;
private String refresh_token;
public String getAccess_token() {
return access_token;
}
public void setAccess_token(String access_token) {
this.access_token = access_token;
}
public String getRefresh_token() {
return refresh_token;
}
public void setRefresh_token(String refresh_token) {
this.refresh_token = refresh_token;
}
}
}
\ No newline at end of file
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionOauthQiyeweixinLogin.java
+ 69
- 70
View file @ a6223f66
......@@ -18,75 +18,74 @@ import com.x.organization.assemble.authentication.Business;
import com.x.organization.core.entity.Person;
public class ActionOauthQiyeweixinLogin extends BaseAction {
private static Logger logger = LoggerFactory.getLogger(ActionOauthQiyeweixinLogin.class);
ActionResult<ActionOauthQiyeweixinLogin.Wo> execute(HttpServletRequest request, HttpServletResponse response,
EffectivePerson effectivePerson, String code) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
ActionResult<ActionOauthQiyeweixinLogin.Wo> result = new ActionResult<>();
Business business = new Business(emc);
String url = Config.qiyeweixin().getApiAddress() + "/cgi-bin/user/getuserinfo?access_token="
+ Config.qiyeweixin().corpAccessToken() + "&code=" + code;
String str = HttpConnection.getAsString(url, null);
logger.debug("企业微信获取用户 return:{}", str);
JsonElement jsonElement = gson.fromJson(str, JsonElement.class);
String userId = jsonElement.getAsJsonObject().get("UserId").getAsString();
logger.info("credential:{}", userId);
if (StringUtils.isEmpty(userId)) {
throw new ExceptionOauthEmptyCredential();
}
Wo wo = new Wo();
if (Config.token().isInitialManager(userId)) {
wo = this.manager(request, response, business, userId, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
String personId = business.person().getWithCredential(userId);
if (StringUtils.isEmpty(personId)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
Person o = emc.find(personId, Person.class);
wo = this.user(request, response, business, o, Wo.class);
}
result.setData(wo);
return result;
}
}
public static class Wo extends AbstractWoAuthentication {
private static final long serialVersionUID = -1473824515272368422L;
private String url;
private String method;
private String parameter;
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getMethod() {
return method;
}
public void setMethod(String method) {
this.method = method;
}
public String getParameter() {
return parameter;
}
public void setParameter(String parameter) {
this.parameter = parameter;
}
}
private static Logger logger = LoggerFactory.getLogger(ActionOauthQiyeweixinLogin.class);
ActionResult<ActionOauthQiyeweixinLogin.Wo> execute(HttpServletRequest request, HttpServletResponse response,
EffectivePerson effectivePerson, String code) throws Exception {
try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
ActionResult<ActionOauthQiyeweixinLogin.Wo> result = new ActionResult<>();
Business business = new Business(emc);
String url = Config.qiyeweixin().getApiAddress() + "/cgi-bin/user/getuserinfo?access_token="
+ Config.qiyeweixin().corpAccessToken() + "&code=" + code;
String str = HttpConnection.getAsString(url, null);
logger.debug("企业微信获取用户 return:{}", str);
JsonElement jsonElement = gson.fromJson(str, JsonElement.class);
String userId = jsonElement.getAsJsonObject().get("UserId").getAsString();
logger.info("credential:{}", userId);
if (StringUtils.isEmpty(userId)) {
throw new ExceptionOauthEmptyCredential();
}
Wo wo = new Wo();
if (Config.token().isInitialManager(userId)) {
wo = this.manager(request, response, userId, Wo.class);
} else {
/* 普通用户登录,也有可能拥有管理员角色 */
String personId = business.person().getWithCredential(userId);
if (StringUtils.isEmpty(personId)) {
throw new ExceptionPersonNotExistOrInvalidPassword();
}
Person o = emc.find(personId, Person.class);
wo = this.user(request, response, business, o, Wo.class);
}
result.setData(wo);
return result;
}
}
public static class Wo extends AbstractWoAuthentication {
private static final long serialVersionUID = -1473824515272368422L;
private String url;
private String method;
private String parameter;
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getMethod() {
return method;
}
public void setMethod(String method) {
this.method = method;
}
public String getParameter() {
return parameter;
}
public void setParameter(String parameter) {
this.parameter = parameter;
}
}
}
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/ActionWho.java
+ 6
- 7
View file @ a6223f66
......@@ -5,7 +5,6 @@ import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import com.x.base.core.project.config.TernaryManagement;
import org.apache.commons.lang3.StringUtils;
import com.x.base.core.container.EntityManagerContainer;
......@@ -48,11 +47,11 @@ class ActionWho extends BaseAction {
case manager:
InitialManager o = Config.token().initialManagerInstance();
if (StringUtils.equals(effectivePerson.getDistinguishedName(), o.getName())) {
wo = this.manager(null, null, business, o.getName(), Wo.class);
wo = this.manager(null, null, o.getName(), Wo.class);
} else {
Person person = this.getPerson(business, effectivePerson);
wo = this.user(null, null, business, person, Wo.class);
this.record(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
this.recordLogin(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
}
wo.setTokenType(TokenType.manager);
wo.setToken(effectivePerson.getToken());
......@@ -61,11 +60,11 @@ class ActionWho extends BaseAction {
case securityManager:
case auditManager:
if (Config.ternaryManagement().isTernaryManagement(effectivePerson.getName())) {
wo = this.manager(null, null, business, effectivePerson.getName(), Wo.class);
wo = this.manager(null, null, effectivePerson.getName(), Wo.class);
} else {
Person person = this.getPerson(business, effectivePerson);
wo = this.user(null, null, business, person, Wo.class);
this.record(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
this.recordLogin(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
}
wo.setTokenType(effectivePerson.getTokenType());
wo.setToken(effectivePerson.getToken());
......@@ -73,7 +72,7 @@ class ActionWho extends BaseAction {
case user:
Person person = this.getPerson(business, effectivePerson);
wo = this.user(null, null, business, person, Wo.class);
this.record(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
this.recordLogin(person.getName(), request.getRemoteAddr(), request.getHeader(HttpToken.X_Client));
break;
default:
break;
......@@ -91,7 +90,7 @@ class ActionWho extends BaseAction {
return person;
}
private void record(String name, String address, String client) throws Exception {
private void recordLogin(String name, String address, String client) throws Exception {
WrapInLoginRecord o = new WrapInLoginRecord();
o.setAddress(Objects.toString(address, ""));
o.setClient(Objects.toString(client, ""));
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/AuthenticationAction.java
+ 3
- 3
View file @ a6223f66
......@@ -86,7 +86,7 @@ public class AuthenticationAction extends StandardJaxrsAction {
logger.error(e, effectivePerson, request, null);
result.error(e);
}
//擦除密码
// 擦除密码
erasePassword(jsonElement);
asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result, jsonElement));
}
......@@ -157,7 +157,7 @@ public class AuthenticationAction extends StandardJaxrsAction {
logger.error(e, effectivePerson, request, null);
result.error(e);
}
//擦除密码
// 擦除密码
erasePassword(jsonElement);
asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result, jsonElement));
}
......@@ -371,7 +371,7 @@ public class AuthenticationAction extends StandardJaxrsAction {
ActionResult<ActionOauthLogin.Wo> result = new ActionResult<>();
EffectivePerson effectivePerson = this.effectivePerson(request);
try {
result = new ActionOauthLogin().execute(request, response, effectivePerson, name, code, redirectUri);
result = new ActionOauthLogin().execute(request, response, name, code, redirectUri);
} catch (Exception e) {
logger.error(e, effectivePerson, request, null);
result.error(e);
......
o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/authentication/BaseAction.java
+ 125
- 79
View file @ a6223f66
package com.x.organization.assemble.authentication.jaxrs.authentication;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.script.Bindings;
import javax.script.CompiledScript;
import javax.script.ScriptContext;
import javax.script.SimpleScriptContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import com.google.gson.reflect.TypeToken;
import com.x.base.core.entity.JpaObject;
import com.x.base.core.project.annotation.FieldDescribe;
import com.x.base.core.project.bean.NameValuePair;
......@@ -22,6 +32,7 @@ import com.x.base.core.project.bean.WrapCopierFactory;
import com.x.base.core.project.config.Config;
import com.x.base.core.project.config.Token.OauthClient;
import com.x.base.core.project.connection.HttpConnection;
import com.x.base.core.project.gson.XGsonBuilder;
import com.x.base.core.project.http.EffectivePerson;
import com.x.base.core.project.http.HttpToken;
import com.x.base.core.project.http.TokenType;
......@@ -29,6 +40,8 @@ import com.x.base.core.project.jaxrs.StandardJaxrsAction;
import com.x.base.core.project.logger.Logger;
import com.x.base.core.project.logger.LoggerFactory;
import com.x.base.core.project.organization.OrganizationDefinition;
import com.x.base.core.project.scripting.JsonScriptingExecutor;
import com.x.base.core.project.scripting.ScriptingFactory;
import com.x.base.core.project.tools.DateTools;
import com.x.base.core.project.tools.ListTools;
import com.x.organization.assemble.authentication.Business;
......@@ -40,26 +53,33 @@ abstract class BaseAction extends StandardJaxrsAction {
private static Logger logger = LoggerFactory.getLogger(BaseAction.class);
protected static final String OAUTH_ACCESSTOKEN = "access_token";
protected static final String OAUTH_CLIENTID = "clientId";
protected static final String OAUTH_CODE = "code";
protected static final String OAUTH_REDIRECTURI = "redirectUri";
private static final Type OAUTH_PARAMTYPE = new TypeToken<Map<String, Object>>() {
}.getType();
static WrapCopier<Person, WrapOutAuthentication> authenticationOutCopier = WrapCopierFactory.wo(Person.class,
WrapOutAuthentication.class, null, JpaObject.FieldsInvisible);
/* 管理员通过密码登录 */
/** 管理员通过密码登录 */
<T extends AbstractWoAuthentication> T manager(HttpServletRequest request, HttpServletResponse response,
Business business, String credential, Class<T> cls) throws Exception {
String credential, Class<T> cls) throws Exception {
HttpToken httpToken = new HttpToken();
TokenType tokenType = TokenType.manager;
if (BooleanUtils.isTrue(Config.ternaryManagement().getEnable())){
if (BooleanUtils.isTrue(Config.ternaryManagement().getEnable())) {
tokenType = Config.ternaryManagement().getTokenType(credential);
}
EffectivePerson effectivePerson = new EffectivePerson(credential, tokenType,
Config.token().getCipher());
EffectivePerson effectivePerson = new EffectivePerson(credential, tokenType, Config.token().getCipher());
if ((null != request) && (null != response)) {
httpToken.setToken(request, response, effectivePerson);
}
T t = cls.getDeclaredConstructor().newInstance();
if (BooleanUtils.isTrue(Config.ternaryManagement().getEnable())){
if (BooleanUtils.isTrue(Config.ternaryManagement().getEnable())) {
Config.ternaryManagement().initialManagerInstance(credential).copyTo(t);
}else {
} else {
Config.token().initialManagerInstance().copyTo(t);
}
t.setTokenType(tokenType);
......@@ -75,8 +95,6 @@ abstract class BaseAction extends StandardJaxrsAction {
HttpToken httpToken = new HttpToken();
TokenType tokenType = TokenType.user;
List<String> roles = business.organization().role().listWithPerson(person.getDistinguishedName());
// boolean isManager = business.organization().person().hasRole(person.getDistinguishedName(),
// OrganizationDefinition.Manager);
if (roles.contains(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.Manager))) {
tokenType = TokenType.manager;
} else if (roles.contains(OrganizationDefinition.toDistinguishedName(OrganizationDefinition.SystemManager))) {
......@@ -109,7 +127,7 @@ abstract class BaseAction extends StandardJaxrsAction {
return t;
}
public static abstract class AbstractWoAuthentication extends Person {
public abstract static class AbstractWoAuthentication extends Person {
private static final long serialVersionUID = 6043043594889691395L;
@FieldDescribe("令牌类型")
......@@ -182,18 +200,6 @@ abstract class BaseAction extends StandardJaxrsAction {
}
}
// private List<String> listRole(Business business, String personId) throws
// Exception {
// List<String> roles = new ArrayList<>();
// for (Role o :
// business.entityManagerContainer().fetch(business.role().listWithPerson(personId),
// Role.class,
// ListTools.toList(Role.DISTINGUISHEDNAME))) {
// roles.add(o.getDistinguishedName());
// }
// return roles;
// }
private List<WoIdentity> listIdentity(Business business, String personId) throws Exception {
List<String> ids = business.identity().listWithPerson(personId);
List<WoIdentity> list = business.entityManagerContainer().fetch(ids, WoIdentity.copier);
......@@ -202,103 +208,143 @@ abstract class BaseAction extends StandardJaxrsAction {
return list;
}
protected static String[] AUTH_PARAMETER_TAGS = new String[] { "{$client_id}", "{$client_secret}" };
protected static String[] TOKEN_PARAMETER_TAGS = new String[] { "{$client_id}", "{$client_secret}",
"{$redirect_uri}", "{$code}" };
protected OauthClient oauthClient(String name) throws Exception {
if (ListTools.isNotEmpty(Config.token().getOauthClients())) {
for (OauthClient o : Config.token().getOauthClients()) {
if (BooleanUtils.isTrue(o.getEnable()) && StringUtils.equals(o.getName(), name)) {
return o;
}
}
}
throw new ExceptionOauthNotExist(name);
}
protected static String[] INFO_PARAMETER_TAGS = new String[] { "{$client_id}", "{$client_secret}",
"{$redirect_uri}", "{$access_token}", "{$refresh_token}" };
protected Map<String, Object> oauthCreateParam(OauthClient oauthClient, String code, String redirectUri) {
Map<String, Object> param = new HashMap<>();
param.put(OAUTH_CLIENTID, oauthClient.getClientId());
param.put(OAUTH_CODE, code);
param.put(OAUTH_REDIRECTURI, redirectUri);
return param;
}
protected String oauthClientTokenGet(OauthClient oauthClient, String redirectUri, String code) throws Exception {
protected String oauthClientTokenGet(OauthClient oauthClient, Map<String, Object> param) throws Exception {
String address = oauthClient.getTokenAddress();
String parameter = fillTokenParameter(oauthClient.getTokenParameter(), oauthClient, redirectUri, code);
String parameter = fillParameter(oauthClient.getTokenParameter(), param);
if (StringUtils.contains(address, "?")) {
address = address + "&" + parameter;
} else {
address = address + "?" + parameter;
}
logger.debug("token get address:{}.", address);
String str = HttpConnection.getAsString(address, null);
return str;
return HttpConnection.getAsString(address, null);
}
protected String oauthClientTokenPost(OauthClient oauthClient, String redirectUri, String code) throws Exception {
protected String oauthClientTokenPost(OauthClient oauthClient, Map<String, Object> param) throws Exception {
String address = oauthClient.getTokenAddress();
String parameter = fillTokenParameter(oauthClient.getTokenParameter(), oauthClient, redirectUri, code);
String parameter = fillParameter(oauthClient.getTokenParameter(), param);
logger.debug("token post address:{}.", address);
logger.debug("token post parameter:{}.", parameter);
List<NameValuePair> heads = null;
// if (StringUtils.equalsIgnoreCase(oauthClient.getTokenType(), "form")) {
heads = new ArrayList<>();
List<NameValuePair> heads = new ArrayList<>();
heads.add(new NameValuePair("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8"));
// }
String str = HttpConnection.postAsString(address, heads, parameter);
return str;
return HttpConnection.postAsString(address, heads, parameter);
}
protected String oauthClientInfoGet(OauthClient oauthClient, String redirectUri, String accessToken,
String refreshToken) throws Exception {
protected String oauthClientInfoGet(OauthClient oauthClient, Map<String, Object> param) throws Exception {
String address = oauthClient.getInfoAddress();
String parameter = fillInfoParameter(oauthClient.getInfoParameter(), oauthClient, redirectUri, accessToken,
refreshToken);
String parameter = fillParameter(oauthClient.getInfoParameter(), param);
if (StringUtils.contains(address, "?")) {
address = address + "&" + parameter;
} else {
address = address + "?" + parameter;
}
String str = HttpConnection.getAsString(address, null);
return str;
return HttpConnection.getAsString(address, null);
}
protected String oauthClientInfoPost(OauthClient oauthClient, String redirectUri, String accessToken,
String refreshToken) throws Exception {
protected String oauthClientInfoPost(OauthClient oauthClient, Map<String, Object> param) throws Exception {
String address = oauthClient.getInfoAddress();
String parameter = fillInfoParameter(oauthClient.getInfoParameter(), oauthClient, redirectUri, accessToken,
refreshToken);
String parameter = fillParameter(oauthClient.getInfoParameter(), param);
logger.debug("info post address:{}.", address);
logger.debug("info post parameter:{}.", parameter);
String str = HttpConnection.postAsString(address, null, parameter);
return str;
return HttpConnection.postAsString(address, null, parameter);
}
protected OauthClient getOauthClient(String name) throws Exception {
if (ListTools.isNotEmpty(Config.token().getOauthClients())) {
for (OauthClient o : Config.token().getOauthClients()) {
if (BooleanUtils.isTrue(o.getEnable()) && StringUtils.equals(o.getName(), name)) {
return o;
}
}
protected void oauthToken(OauthClient oauthClient, Map<String, Object> param) throws Exception {
String body = null;
if (StringUtils.equalsIgnoreCase("post", oauthClient.getTokenMethod())) {
body = this.oauthClientTokenPost(oauthClient, param);
} else {
body = this.oauthClientTokenGet(oauthClient, param);
}
logger.debug("body:{}", body);
if (StringUtils.equalsIgnoreCase(oauthClient.getTokenType(), "json")) {
param.putAll(gson.fromJson(body, OAUTH_PARAMTYPE));
} else {
Arrays.stream(StringUtils.split(body, "&")).forEach(o -> {
String[] values = StringUtils.split(o, "=");
param.put(values[0], values[1]);
});
}
return null;
}
protected String fillAuthParameter(String url, OauthClient oauthClient) throws Exception {
return StringUtils.replaceEach(url, AUTH_PARAMETER_TAGS,
new String[] { oauthClient.getClientId(), oauthClient.getClientSecret() });
protected void oauthCheckAccessToken(Map<String, Object> param) throws ExceptionOauthEmptyAccessToken {
if (StringUtils.isEmpty(Objects.toString(param.get(OAUTH_ACCESSTOKEN)))) {
throw new ExceptionOauthEmptyAccessToken();
}
}
protected String fillTokenParameter(String url, OauthClient oauthClient, String redirectUri, String code)
throws Exception {
return StringUtils.replaceEach(url, TOKEN_PARAMETER_TAGS,
new String[] { oauthClient.getClientId(), oauthClient.getClientSecret(), redirectUri, code });
protected void oauthCheckCredential(String credential) throws ExceptionOauthEmptyCredential {
if (StringUtils.isEmpty(credential)) {
throw new ExceptionOauthEmptyCredential();
}
}
protected void oauthInfo(OauthClient oauthClient, Map<String, Object> param) throws Exception {
if (StringUtils.isBlank(oauthClient.getInfoAddress())) {
return;
}
String body = null;
if (StringUtils.equalsIgnoreCase("post", oauthClient.getInfoMethod())) {
body = this.oauthClientInfoPost(oauthClient, param);
} else {
body = this.oauthClientInfoGet(oauthClient, param);
}
logger.debug("infoBody:{}", body);
if (StringUtils.isEmpty(body)) {
throw new ExceptionOauthEmptyInfo();
}
if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "json")) {
param.putAll(gson.fromJson(body, OAUTH_PARAMTYPE));
} else if (StringUtils.equalsIgnoreCase(oauthClient.getInfoType(), "form")) {
Arrays.stream(StringUtils.split(body, "&")).forEach(o -> {
String[] values = StringUtils.split(o, "=");
param.put(values[0], values[1]);
});
} else {
logger.debug("info script:{}.", oauthClient.getInfoScriptText());
CompiledScript sc = ScriptingFactory.functionalizationCompile(oauthClient.getInfoScriptText());
ScriptContext scriptContext = new SimpleScriptContext();
Bindings bindings = scriptContext.getBindings(ScriptContext.ENGINE_SCOPE);
bindings.put("text", body);
JsonScriptingExecutor.jsonElement(sc, scriptContext, jsonElement -> {
Map<String, Object> info = XGsonBuilder.instance().fromJson(jsonElement, OAUTH_PARAMTYPE);
param.putAll(info);
});
}
}
protected String fillInfoParameter(String url, OauthClient oauthClient, String redirectUri, String accessToken,
String refreshToken) throws Exception {
return StringUtils.replaceEach(url, INFO_PARAMETER_TAGS, new String[] { oauthClient.getClientId(),
oauthClient.getClientSecret(), redirectUri, accessToken, refreshToken });
protected String fillParameter(String txt, Map<String, Object> param) {
Pattern pattern = Pattern.compile("\\{\\$(.+?)\\}");
Matcher matcher = pattern.matcher(txt);
while (matcher.find()) {
txt = StringUtils.replace(txt, matcher.group(), Objects.toString(param.get(matcher.group(1))));
}
return txt;
}
protected boolean failureLocked(Person person) throws Exception {
if ((person.getFailureCount() != null) && (person.getFailureCount() >= Config.person().getFailureCount())) {
if (!DateTools.beforeNowMinutesNullIsTrue(person.getFailureTime(), Config.person().getFailureInterval())) {
return true;
}
}
return false;
return (((person.getFailureCount() != null) && (person.getFailureCount() >= Config.person().getFailureCount()))
&& (!DateTools.beforeNowMinutesNullIsTrue(person.getFailureTime(),
Config.person().getFailureInterval())));
}
protected void failure(Person person) throws Exception {
......
o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unit/ActionListLike.java
+ 4
- 1
View file @ a6223f66
......@@ -140,6 +140,9 @@ class ActionListLike extends BaseAction {
/** 去掉指定范围本身,仅包含下级 */
unitIds.removeAll(ListTools.extractProperty(business.unit().pick(wi.getUnitList()), JpaObject.id_FIELDNAME,
String.class, true, true));
if(unitIds.isEmpty()){
return wos;
}
String str = StringUtils.lowerCase(StringTools.escapeSqlLikeKey(wi.getKey()));
EntityManager em = business.entityManagerContainer().get(Unit.class);
CriteriaBuilder cb = em.getCriteriaBuilder();
......@@ -172,4 +175,4 @@ class ActionListLike extends BaseAction {
return wos;
}
}
\ No newline at end of file
}
o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unit/ActionListLikePinyin.java
+ 4
- 1
View file @ a6223f66
......@@ -140,6 +140,9 @@ class ActionListLikePinyin extends BaseAction {
/** 去掉指定范围本身,仅包含下级 */
unitIds.removeAll(ListTools.extractProperty(business.unit().pick(wi.getUnitList()), JpaObject.id_FIELDNAME,
String.class, true, true));
if(unitIds.isEmpty()){
return wos;
}
String str = StringUtils.lowerCase(StringTools.escapeSqlLikeKey(wi.getKey()));
EntityManager em = business.entityManagerContainer().get(Unit.class);
CriteriaBuilder cb = em.getCriteriaBuilder();
......@@ -168,4 +171,4 @@ class ActionListLikePinyin extends BaseAction {
return wos;
}
}
\ No newline at end of file
}
o2server/x_organization_assemble_control/src/main/java/com/x/organization/assemble/control/jaxrs/unit/ActionListPinyinInitial.java
+ 4
- 1
View file @ a6223f66
......@@ -139,6 +139,9 @@ class ActionListPinyinInitial extends BaseAction {
/** 去掉指定范围本身,仅包含下级 */
unitIds.removeAll(ListTools.extractProperty(business.unit().pick(wi.getUnitList()), JpaObject.id_FIELDNAME,
String.class, true, true));
if(unitIds.isEmpty()){
return wos;
}
String str = StringUtils.lowerCase(StringTools.escapeSqlLikeKey(wi.getKey()));
EntityManager em = business.entityManagerContainer().get(Unit.class);
CriteriaBuilder cb = em.getCriteriaBuilder();
......@@ -164,4 +167,4 @@ class ActionListPinyinInitial extends BaseAction {
return wos;
}
}
\ No newline at end of file
}
o2web/gulpfile.js
+ 2
- 0
View file @ a6223f66
......@@ -1115,6 +1115,8 @@ function createBaseConcatTask(path, isMin, thisOptions){
var option = thisOptions || options;
var src = [
'source/' + path + '/js/base.js',
'source/o2_core/o2/xScript/PageEnvironment.js',
'source/o2_core/o2/framework.js',
'source/' + path + '/js/base_loader.js'
];
var dest = option.dest+'/' + path + '/';
......
o2web/source/o2_core/o2.js
+ 4
- 2
View file @ a6223f66
......@@ -919,8 +919,10 @@ if (!window.o2) {
eventList.forEach(function (ev) {
var evs = ev.split(/\s*:\s*/);
if (evs.length > 1) {
node.addEventListener(evs[0], function (e) {
if (m[evs[1]]) m[evs[1]].apply(m, [e, data]);
var event = evs.shift();
var method = evs.shift();
node.addEventListener(event, function (e) {
if (m[method]) m[method].apply(m, evs.concat([e, data]));
}, false);
}
});
......
o2web/source/o2_core/o2/framework.js
+ 2
- 1
View file @ a6223f66
layout.addReady(function(){
if (layout.desktop.type!=="layout") layout.app = true;
if (layout.desktop.type!=="layout" && layout.desktop.type!=="app") layout.app = true;
if (!o2.env){
MWF.require("MWF.xScript.Macro", null, false);
......@@ -60,5 +60,6 @@ layout.addReady(function(){
"event": null
};
o2.env = new MWF.xScript.PageEnvironment(environment);
o2.page = o2.env;
}
});
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

免费DevSecOps平台,让您的项目体验完整的DevSecOps流程,让项目更安全