load("nashorn:mozilla_compat.js");
importPackage(java.util);
importPackage(java.net);
importPackage(org.apache.commons.codec.digest);
importPackage(org.apache.commons.lang);
importPackage(com.alibaba.fastjson);
var app = request.getParameter("app");
var redirectUrl = request.getParameter("redirectUrl");
logger.error("app: "+app);
logger.error("redirectUrl: "+redirectUrl);
if(!StringUtils.isEmpty(app) && StringUtils.equalsIgnoreCase(app, "crm")){
var SSO_HOST = "http://www.abc.com:9080";
var CLIENT_ID = "abcdef";
var CLIENT_SECRET = "";
var accessTokenKey = "access_token";
var accessToken = request.getParameter(accessTokenKey);
//accessToken如果是null,说明未登录
if (accessToken != null) {
logger.debug("accessToken:"+accessToken);
//获取用户信息
var oauthUrl = new StringBuilder().append(SSO_HOST).append("/auth/profile").toString();
var bearerClientRequest = new OAuthBearerClientRequest(oauthUrl).setAccessToken(accessToken).buildQueryMessage();
bearerClientRequest.setHeader("clientId", CLIENT_ID);
var oAuthClient = new OAuthClient(new URLConnectionClient());
var resourceResponse = oAuthClient.resource(bearerClientRequest, "GET", OAuthResourceResponse);
//解析用户信息
var status = resourceResponse.getResponseCode();
var body = resourceResponse.getBody();
logger.info("getUserProfileByToken", new StringBuilder().append("code:").append(status).append("body:").append(body).toString());
body = body.replaceAll("\\\\/", "/");
var obj = JSONObject.parseObject(body);
logger.debug("user profile:"+obj);
//获得用户名
var username = obj.getString("USER_LOGIN_NAME");
var redirectUrl = request.getParameter("redirectUrl");
logger.debug("redirectUrl: "+redirectUrl);
var hasUser = userService.hasUser(username);
if(!hasUser){
//redirect到错误消息提示
response.setContentType("text/html;charset=utf-8");
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "您的账号未与报表平台绑定,请联系管理员");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
}else{
userService.loginUser(username);
response.sendRedirect(redirectUrl);
}
}else{
//redirect到错误消息提示
response.setContentType("text/html;charset=utf-8");
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "登录失败,请重试");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
}
}else{
//redirect到错误消息提示
sessionService.putString("pageTitle", "登录失败");
sessionService.putString("message", "登录未授权,请联系管理员");
var urlStr = "/view/message.do";
response.sendRedirect(urlStr);
} |