|
|
@@ -4,8 +4,11 @@ import com.alibaba.fastjson.JSONObject;
|
|
|
import kd.bos.exception.KDBizException;
|
|
|
import kd.bos.logging.Log;
|
|
|
import kd.bos.logging.LogFactory;
|
|
|
+import kd.bos.login.thirdauth.ThirdSSOAuthHandler;
|
|
|
import kd.bos.login.thirdauth.UserAuthResult;
|
|
|
import kd.bos.login.thirdauth.UserProperType;
|
|
|
+import kd.bos.url.UrlService;
|
|
|
+import kd.bos.util.RevProxyUtil;
|
|
|
import nckd.nc2kd.sys.webapi.common.HttpJwt;
|
|
|
import nckd.nc2kd.sys.webapi.common.JwtUtil;
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
@@ -14,8 +17,10 @@ import javax.servlet.http.HttpServletResponse;
|
|
|
import javax.servlet.http.HttpSession;
|
|
|
import java.io.IOException;
|
|
|
|
|
|
+import java.net.URLEncoder;
|
|
|
+import java.util.Enumeration;
|
|
|
import java.util.Map;
|
|
|
-public class ThirdSSOAuthHandlerOA implements kd.bos.login.thirdauth.ThirdSSOAuthHandler {
|
|
|
+public class ThirdSSOAuthHandlerOA implements ThirdSSOAuthHandler {
|
|
|
private final String DOMAIN_CONTEXT_URL = "domain.contextUrl";
|
|
|
private final String appCode="JDCW";
|
|
|
private final String GETCOOKIE="getTokenFromCookie";
|
|
|
@@ -23,16 +28,75 @@ public class ThirdSSOAuthHandlerOA implements kd.bos.login.thirdauth.ThirdSSOAut
|
|
|
public static final Log log= LogFactory.getLog(ThirdSSOAuthHandlerOA.class);
|
|
|
@Override
|
|
|
public void callTrdSSOLogin(HttpServletRequest req, HttpServletResponse res, String s) {
|
|
|
+ String type = req.getParameter("apptype");
|
|
|
+ String tenantId = RevProxyUtil.getTenantCode(req);
|
|
|
|
|
|
+ String server= UrlService.getDomainContextUrl(tenantId);
|
|
|
+
|
|
|
+ if(type!=null&&"dd".equals(type)){
|
|
|
+ try{
|
|
|
+ StringBuilder sbBuilder = new StringBuilder();
|
|
|
+ log.error("dingding createTodo tenantId="+tenantId);
|
|
|
+ Enumeration enums = req.getParameterNames();
|
|
|
+ while (enums.hasMoreElements()) {
|
|
|
+ String name = (String) enums.nextElement();
|
|
|
+ if (!name.equals("redirect") ){
|
|
|
+ if(StringUtils.isEmpty(sbBuilder.toString())){
|
|
|
+ sbBuilder.append("?").append(name).append("=");
|
|
|
+ }else{
|
|
|
+ sbBuilder.append("&").append(name).append("=");
|
|
|
+ }
|
|
|
+ sbBuilder.append(req.getParameter(name));
|
|
|
+ }
|
|
|
+ }
|
|
|
+ String OriginRedirect=new StringBuilder(server).append("/integration/yzjShareOpen.do").append(sbBuilder).toString();
|
|
|
+ String redirect = new StringBuilder(server).append("/login-mobile.html?redirect=").append( URLEncoder.encode(OriginRedirect,"UTF-8")).toString();
|
|
|
+ log.error("dingding createTodo redirect="+redirect);
|
|
|
+ res.sendRedirect(redirect);
|
|
|
+ return;
|
|
|
+ } catch (IOException e){
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+
|
|
|
+ }
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * 判断是否是移动端
|
|
|
+ *
|
|
|
+ * @param request 请求信息
|
|
|
+ * @return 是否是移动端
|
|
|
+ */
|
|
|
+ public boolean isMobileDevice(HttpServletRequest request) {
|
|
|
+ String userAgent = request.getHeader("User-Agent");
|
|
|
+ if (userAgent == null) {
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ userAgent = userAgent.toLowerCase();
|
|
|
+ if (userAgent.contains("android") || userAgent.contains("iphone") || userAgent.contains("ipad") || userAgent.contains("ipod") || userAgent.contains("blackberry") || userAgent.contains("windows phone") || userAgent.contains("symbian") || userAgent.contains("mobile")) {
|
|
|
+ return true;
|
|
|
+ }
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
@Override
|
|
|
public UserAuthResult getTrdSSOAuth(HttpServletRequest req, HttpServletResponse res) {
|
|
|
+
|
|
|
if( req.getRequestURI().endsWith("login.html")){
|
|
|
return null;
|
|
|
};
|
|
|
UserAuthResult authResultresult=new UserAuthResult();
|
|
|
authResultresult.setSucess(false);
|
|
|
+ String type = req.getParameter("apptype");
|
|
|
+ log.error("dingding to do hand ,请求url"+req.getRequestURI());
|
|
|
+ if(type!=null&&"dd".equals(type)){
|
|
|
+ log.error("dingding url:"+req.getRequestURI());
|
|
|
+ authResultresult.setSucess(false);
|
|
|
+ authResultresult.setUserType(UserProperType.UserName);
|
|
|
+ log.error("dingding return errorToekn");
|
|
|
+ return authResultresult;
|
|
|
+ }
|
|
|
try {
|
|
|
HttpSession session = ((HttpServletRequest) req).getSession();
|
|
|
/*
|
|
|
@@ -73,9 +137,9 @@ public class ThirdSSOAuthHandlerOA implements kd.bos.login.thirdauth.ThirdSSOAut
|
|
|
}
|
|
|
}
|
|
|
Map result = validJwtFromRequest((HttpServletRequest) req, (HttpServletResponse) res, sessionToken);
|
|
|
- if (StringUtils.isNotEmpty(token) && !"0".equals(result.get("status"))) {
|
|
|
+ if (StringUtils.isNotEmpty(token) && !"1".equals(result.get("status"))) {
|
|
|
String sendUrl = System.getProperty(PLATURLKEY)+ "/clearCookie"+"?appCode=" + appCode + "&returnUrl="+ System.getProperty(DOMAIN_CONTEXT_URL)+"/index.html";
|
|
|
- if ("9".equals(result.get("status"))) {//无权限时提示到页面
|
|
|
+ if ("0".equals(result.get("status"))) {//无权限时提示到页面
|
|
|
authResultresult.setSucess(false);
|
|
|
authResultresult.setErrDesc("对不起,您无权限访问{金蝶系统}!请联系管理员!");
|
|
|
}
|
chengzq