spring.auto.boot.controller.SsoServerApiController Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of sso Show documentation
Show all versions of sso Show documentation
A lightweight Java SSO Framework
The newest version!
/*
* @(#)SsoServerApiController.java 2021-10-27
*
* Copyright (c) 2021. All Rights Reserved.
*
*/
package spring.auto.boot.controller;
import static com.github.javaclub.sso.common.util.Utils.isNotBlank;
import java.io.IOException;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.github.javaclub.sso.AuthToken;
import com.github.javaclub.sso.SSOConfig;
import com.github.javaclub.sso.SSOConstants;
import com.github.javaclub.sso.SSOConstants.Client;
import com.github.javaclub.sso.SSOConstants.Server;
import com.github.javaclub.sso.SSOHelper;
import com.github.javaclub.sso.SSOToken;
import com.github.javaclub.sso.Token;
import com.github.javaclub.sso.common.SSOProperties;
import com.github.javaclub.sso.common.util.HttpUtil;
/**
* SsoServerApiController
*
* @author Gerald Chen
* @version $Id: SsoServerApiController.java 2021-10-27 12:18:26 Exp $
*/
@Controller
@RequestMapping(SSOConstants.SERVER_API_PATH)
public class SsoServerApiController implements ApplicationListener {
private static final Logger log = LoggerFactory.getLogger(SsoServerApiController.class);
public void onApplicationEvent(ContextRefreshedEvent event) {
log.info("SsoServerApiController inited successfully.");
}
/**
* 跨域登录:回复子系统是否登录
*/
@ResponseBody
@RequestMapping("/replylogin")
public void replylogin(HttpServletRequest request, HttpServletResponse response) {
StringBuffer replyData = new StringBuffer();
replyData.append(request.getParameter("callback")).append("({\"msg\":\"");
Token token = SSOHelper.getToken(request);
if (token != null) {
String askData = request.getParameter("askData");
if (askData != null && !"".equals(askData)) {
SSOProperties prop = SSOConfig.getSSOProperties();
//下面开始验证票据,签名新的票据每一步都必须有。
AuthToken at = SSOHelper.replyCiphertext(request, askData);
if (at != null) {
String appPublicKey = Objects.equals(at.getApp(), SSOConfig.SSO) ?
Server.PUBLIC_KEY : Client.getClientPublicKey(Long.valueOf(at.getApp()));
//1、业务系统公钥验证签名合法性(此处要支持多个跨域端,取 authToken 的 app 名找到对应系统公钥验证签名)
at = at.verify(prop.get(appPublicKey));
if (at != null) {
//at.getUuid() 作为 key 设置 authToken 至分布式缓存中,然后 sso 系统二次验证
//at.setData(data); 设置自定义信息,当然你也可以直接 at.setData(token.jsonToken()); 把当前 SSOToken 传过去。
at.setUid(token.getUid());//设置绑定用户ID
at.setTime(token.getTime());//设置登录时间
if(token instanceof SSOToken && isNotBlank(((SSOToken) token).getData())) {
at.setData(((SSOToken) token).getData());
}
//2、SSO 的私钥签名
at.sign(prop.get(Server.PRIVATE_KEY));
//3、生成回复密文票据
replyData.append(at.encryptAuthToken());
} else {
// 非法签名, 可以重定向至无权限界面,自己处理
replyData.append("-2");
}
} else {
// 非法签名, 可以重定向至无权限界面,自己处理
replyData.append("-2");
}
}
} else {
// 未登录
replyData.append("-1");
}
try {
replyData.append("\"})"); // 已经是json了
HttpUtil.response(response, replyData.toString(), false, null, "UTF-8");
} catch (IOException e) {
log.error("跨域登录 => /sso/api/replylogin ", e);
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy