Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

一、登录页面跳转脚本

Code Block
languagejs
load("nashorn:mozilla_compat.js");
importPackage(java.util); 
importPackage(org.apache.commons.lang);
var app = request.getParameter("app");
var redirectUrl = request.getParameter("redirectUrl");
if(!StringUtils.isEmpty(app) && StringUtils.equalsIgnoreCase(app, "crm")){
    result.setSuccess(true);
    var urlStr = "/view/user/sso.do?app="+app+"&redirectUrl="+redirectUrl;
    logger.debug("url str: "+urlStr);
    response.sendRedirect(urlStr);
}else{
	//忽略SSO,默认跳转到登录界面
	result.setSuccess(false);
}

...

二、SSO登录脚本

Code Block
languagejs
load("nashorn:mozilla_compat.js");
importPackage(java.util); 
importPackage(java.net);
importPackage(org.apache.commons.codec.digest);  
importPackage(org.apache.commons.lang);
importPackage(com.alibaba.fastjson);
var app = request.getParameter("app");
var redirectUrl = request.getParameter("redirectUrl");
logger.error("app: "+app);
logger.error("redirectUrl: "+redirectUrl);
if(!StringUtils.isEmpty(app) && StringUtils.equalsIgnoreCase(app, "crm")){
    var SSO_HOST = "http://www.abc.com:9080";
	var CLIENT_ID = "abcdef";
	var CLIENT_SECRET = "";
	var accessTokenKey = "access_token";
	var accessToken = request.getParameter(accessTokenKey);
	//accessToken如果是null,说明未登录
	if (accessToken != null) {
		logger.debug("accessToken:"+accessToken);
		//获取用户信息
		var oauthUrl = new StringBuilder().append(SSO_HOST).append("/auth/profile").toString();
		var bearerClientRequest = new OAuthBearerClientRequest(oauthUrl).setAccessToken(accessToken).buildQueryMessage();
		bearerClientRequest.setHeader("clientId", CLIENT_ID);
		var oAuthClient = new OAuthClient(new URLConnectionClient());
		var resourceResponse = oAuthClient.resource(bearerClientRequest, "GET", OAuthResourceResponse);
		//解析用户信息
		var status = resourceResponse.getResponseCode();
		var body = resourceResponse.getBody();
		logger.info("getUserProfileByToken", new StringBuilder().append("code:").append(status).append("body:").append(body).toString());
		body = body.replaceAll("\\\\/", "/");
		var obj = JSONObject.parseObject(body);
		logger.debug("user profile:"+obj);
		//获得用户名
		var username = obj.getString("USER_LOGIN_NAME");
		var redirectUrl = request.getParameter("redirectUrl");
		logger.debug("redirectUrl: "+redirectUrl);
		var hasUser = userService.hasUser(username);
		if(!hasUser){
		    //redirect到错误消息提示
			response.setContentType("text/html;charset=utf-8");
            sessionService.putString("pageTitle", "登录失败");
            sessionService.putString("message", "您的账号未与报表平台绑定,请联系管理员");
            var urlStr = "/view/message.do";
            response.sendRedirect(urlStr);
		}else{
			userService.loginUser(username);
			response.sendRedirect(redirectUrl);
		}
	}else{
		//redirect到错误消息提示
		response.setContentType("text/html;charset=utf-8");
    	sessionService.putString("pageTitle", "登录失败");
    	sessionService.putString("message", "登录失败,请重试");
    	var urlStr = "/view/message.do";
    	response.sendRedirect(urlStr);
	}
}else{
    //redirect到错误消息提示
    sessionService.putString("pageTitle", "登录失败");
    sessionService.putString("message", "登录未授权,请联系管理员");
    var urlStr = "/view/message.do";
    response.sendRedirect(urlStr);
}

...