...
| Code Block | ||
|---|---|---|
| ||
importPackage(java.util);
importPackage(java.net);
importPackage(org.apache.commons.codec.digest);
importPackage(org.apache.commons.lang);
importPackage(com.alibaba.fastjson);
var app = request.getParameter("app");
var redirectUrl = request.getParameter("redirectUrl");
logger.error("app: "+app);
logger.error("redirectUrl: "+redirectUrl);
if(!StringUtils.isEmpty(app) && StringUtils.equalsIgnoreCase(app, "crm")){
var SSO_HOST = "http://www.abc.com:9080";
var CLIENT_ID = "abcdef";
var CLIENT_SECRET = "";
var accessTokenKey = "access_token";
var accessToken = request.getParameter(accessTokenKey);
//accessToken如果是null,说明未登录
if (accessToken != null) {
logger.debug("accessToken:"+accessToken);
//获取用户信息
var oauthUrl = new StringBuilder().append(SSO_HOST).append("/auth/profile").toString();
var bearerClientRequest = new OAuthBearerClientRequest(oauthUrl).setAccessToken(accessToken).buildQueryMessage();
bearerClientRequest.setHeader("clientId", CLIENT_ID);
var oAuthClient = new OAuthClient(new URLConnectionClient());
var resourceResponse = oAuthClient.resource(bearerClientRequest, "GET", OAuthResourceResponse);
//解析用户信息
var status = resourceResponse.getResponseCode();
var body = resourceResponse.getBody();
logger.info("getUserProfileByToken", new StringBuilder().append("code:").append(status).append("body:").append(body).toString());
body = body.replaceAll("\\\\/", "/");
var obj = JSONObject.parseObject(body);
logger.debug("user profile:"+obj);
//获得用户名
var username = obj.getString("USER_LOGIN_NAME");
var redirectUrl = request.getParameter("redirectUrl");
logger.debug("redirectUrl: "+redirectUrl);
var hasUser = userService.hasUser(username);
if(!hasUser){
//redirect到错误消息提示
response.setContentType("text/html;charset=utf-8");
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "您的账号未与报表平台绑定,请联系管理员");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
}else{
userService.loginUser(username);
response.sendRedirect(redirectUrl);
}
}else{
var uri = request.getRequestURI();
var callbackUrl = "#CURRENT_HOST#" + (uri.length() > 0 ? uri.substring(1) : "");
var queryString = request.getQueryString();
if (queryString != null) {
callbackUrl += "?" + queryString.trim();
} else {
callbackUrl += "?" + "clientID=" + CLIENT_ID;
}
logger.debug("callbackUrl: "+callbackUrl);
//redirect_url必须作为第一个参数
var url = "/sso_listener.html?redirect_url=" + URLEncoder.encode(callbackUrl, "utf-8") +"&client_id="+CLIENT_ID;
logger.debug("redirect to: "+url);
response.sendRedirect(url//redirect到错误消息提示
response.setContentType("text/html;charset=utf-8");
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "登录失败,请重试");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
}
}else{
//redirect到错误消息提示
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "登录失败,请联系管理员登录未授权,请联系管理员");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
} |
...