5 лет назад · 87552363b0
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionGetLogin.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionGetLogin.java
@@ -40,8 +40,8 @@ class ActionGetLogin extends BaseAction {
 
				 			if (StringUtils.isEmpty(client)) {
			
 
				 				throw new ExceptionClientEmpty();
			
 
				 			}
			
 
				-			if (StringUtils.isEmpty(client)) {
			
 
				-				throw new ExceptionTokenEmpty();
			
 
				+			if (StringUtils.isEmpty(token)) {
			
 
				+				throw new ExceptionEmptyToken();
			
 
				 			}
			
 
				 			Sso sso = Config.token().findSso(client);
			
 
				 			if (null == sso) {
			
@@ -63,7 +63,7 @@ class ActionGetLogin extends BaseAction {
 
				 			flag = URLDecoder.decode(flag, "UTF-8");
			
 
				 			String timeString = StringUtils.substringAfter(content, "#");
			
 
				 			if (StringUtils.isEmpty(flag)) {
			
 
				-				throw new ExceptionTokenFlagEmpty();
			
 
				+				throw new ExceptionEmptyCredential();
			
 
				 			}
			
 
				 			Date date = new Date(Long.parseLong(timeString));
			
 
				 			Date now = new Date();
			
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionPostLogin.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ActionPostLogin.java
@@ -46,7 +46,7 @@ class ActionPostLogin extends BaseAction {
 
				 				throw new ExceptionClientEmpty();
			
 
				 			}
			
 
				 			if (StringUtils.isEmpty(wi.getToken())) {
			
 
				-				throw new ExceptionTokenEmpty();
			
 
				+				throw new ExceptionEmptyToken();
			
 
				 			}
			
 
				 			Sso sso = Config.token().findSso(wi.getClient());
			
 
				 			if (null == sso) {
			
@@ -66,7 +66,7 @@ class ActionPostLogin extends BaseAction {
 
				 			flag = URLDecoder.decode(flag, "UTF-8");
			
 
				 			String timeString = StringUtils.substringAfter(content, "#");
			
 
				 			if (StringUtils.isEmpty(flag)) {
			
 
				-				throw new ExceptionTokenFlagEmpty();
			
 
				+				throw new ExceptionEmptyCredential();
			
 
				 			}
			
 
				 			Date date = new Date(Long.parseLong(timeString));
			
 
				 			Date now = new Date();
			
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenFlagEmpty.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenFlagEmpty.java
@@ -2,11 +2,11 @@ package com.x.organization.assemble.authentication.jaxrs.sso;
 
				 
			
 
				 import com.x.base.core.project.exception.PromptException;
			
 
				 
			
 
				-class ExceptionTokenFlagEmpty extends PromptException {
			
 
				+class ExceptionEmptyToken extends PromptException {
			
 
				 
			
 
				 	private static final long serialVersionUID = 4132300948670472899L;
			
 
				 
			
 
				-	ExceptionTokenFlagEmpty() {
			
 
				-		super("token中包含的unique不能为空.");
			
 
				+	ExceptionEmptyToken() {
			
 
				+		super("sso 没有提供解码令牌.");
			
 
				 	}
			
 
				 }
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionExecuteToken.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionExecuteToken.java
@@ -11,13 +11,20 @@ import org.apache.commons.lang3.BooleanUtils;
 
				 import org.apache.commons.lang3.StringUtils;
			
 
				 
			
 
				 import com.google.gson.JsonElement;
			
 
				+import com.x.base.core.container.EntityManagerContainer;
			
 
				+import com.x.base.core.container.factory.EntityManagerContainerFactory;
			
 
				 import com.x.base.core.project.cache.Cache.CacheCategory;
			
 
				+import com.x.base.core.project.config.Config;
			
 
				+import com.x.base.core.project.config.Token.Sso;
			
 
				 import com.x.base.core.project.exception.ExceptionEntityNotExist;
			
 
				+import com.x.base.core.project.exception.ExceptionPersonNotExist;
			
 
				 import com.x.base.core.project.http.ActionResult;
			
 
				 import com.x.base.core.project.http.EffectivePerson;
			
 
				 import com.x.base.core.project.logger.Logger;
			
 
				 import com.x.base.core.project.logger.LoggerFactory;
			
 
				 import com.x.base.core.project.tools.Crypto;
			
 
				+import com.x.base.core.project.tools.DefaultCharset;
			
 
				+import com.x.program.center.Business;
			
 
				 import com.x.program.center.core.entity.Invoke;
			
 
				 
			
 
				 class ActionExecuteToken extends BaseAction {
			
@@ -26,8 +33,8 @@ class ActionExecuteToken extends BaseAction {
 
				 
			
 
				 	private static final String SPLIT = "#";
			
 
				 
			
 
				-	ActionResult<Object> execute(HttpServletRequest request, EffectivePerson effectivePerson, String flag, String token,
			
 
				-			JsonElement jsonElement) throws Exception {
			
 
				+	ActionResult<Object> execute(HttpServletRequest request, EffectivePerson effectivePerson, String flag,
			
 
				+			String client, String token, JsonElement jsonElement) throws Exception {
			
 
				 
			
 
				 		CacheCategory cacheCategory = new CacheCategory(Invoke.class);
			
 
				 
			
@@ -48,24 +55,43 @@ class ActionExecuteToken extends BaseAction {
 
				 			}
			
 
				 		}
			
 
				 
			
 
				-		String content = Crypto.decrypt(token, invoke.getKey());
			
 
				-
			
 
				-		String name = URLDecoder.decode(StringUtils.substringBefore(content, SPLIT), "UTF-8");
			
 
				-		String timeString = StringUtils.substringAfter(content, SPLIT);
			
 
				-		if (StringUtils.isEmpty(name)) {
			
 
				-			throw new ExceptionTokenNameEmpty();
			
 
				+		if (StringUtils.isEmpty(client)) {
			
 
				+			throw new ExceptionClientEmpty();
			
 
				 		}
			
 
				-
			
 
				-		if (!StringUtils.equalsIgnoreCase(name, invoke.getName())) {
			
 
				-			throw new ExceptionTokenNameNotMatch(name);
			
 
				+		if (StringUtils.isEmpty(token)) {
			
 
				+			throw new ExceptionTokenEmpty();
			
 
				+		}
			
 
				+		Sso sso = Config.token().findSso(client);
			
 
				+		if (null == sso) {
			
 
				+			throw new ExceptionClientNotExist(client);
			
 
				+		}
			
 
				+		String content = null;
			
 
				+		logger.debug("decrypt sso client:{}, token:{}, key:{}.", client, token, sso.getKey());
			
 
				+		try {
			
 
				+			content = Crypto.decrypt(token, sso.getKey());
			
 
				+			logger.debug("decrypt sso client:{}, token:{}, key:{}, content:{}.", client, token, sso.getKey(), content);
			
 
				+		} catch (Exception e) {
			
 
				+			throw new ExceptionReadToken(client, token);
			
 
				+		}
			
 
				+		String credential = URLDecoder.decode(StringUtils.substringBefore(content, SPLIT),
			
 
				+				DefaultCharset.name_iso_utf_8);
			
 
				+		String timeString = StringUtils.substringAfter(content, SPLIT);
			
 
				+		if (StringUtils.isEmpty(credential)) {
			
 
				+			throw new ExceptionEmptyCredential();
			
 
				 		}
			
 
				-
			
 
				 		Date date = new Date(Long.parseLong(timeString));
			
 
				 		Date now = new Date();
			
 
				+		// 15分钟
			
 
				 		if (Math.abs((now.getTime() - date.getTime())) >= (60000 * 15)) {
			
 
				 			throw new ExceptionTokenExpired();
			
 
				 		}
			
 
				-
			
 
				+		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
			
 
				+			Business business = new Business(emc);
			
 
				+			String person = business.organization().person().get(credential);
			
 
				+			if (StringUtils.isEmpty(person)) {
			
 
				+				throw new ExceptionPersonNotExist(credential);
			
 
				+			}
			
 
				+		}
			
 
				 		return executeInvoke(request, effectivePerson, jsonElement, cacheCategory, invoke);
			
 
				 	}
			
 
				 
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionToken.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ActionToken.java
@@ -16,7 +16,7 @@ class ActionToken extends BaseAction {
 
				 		ActionResult<Wo> result = new ActionResult<>();
			
 
				 		Wi wi = this.convertToWrapIn(jsonElement, Wi.class);
			
 
				 		Wo wo = new Wo();
			
 
				-		String value = wi.getName() + "#" + wi.getDate().getTime();
			
 
				+		String value = wi.getPerson() + "#" + wi.getDate().getTime();
			
 
				 		wo.setValue(Crypto.encrypt(value, wi.getKey()));
			
 
				 		result.setData(wo);
			
 
				 		return result;
			
@@ -26,8 +26,8 @@ class ActionToken extends BaseAction {
 
				 
			
 
				 		private static final long serialVersionUID = -251331390296713913L;
			
 
				 
			
 
				-		@FieldDescribe("名称")
			
 
				-		private String name;
			
 
				+		@FieldDescribe("用户标识")
			
 
				+		private String person;
			
 
				 
			
 
				 		@FieldDescribe("时间,如果为空那么采用当前时间.")
			
 
				 		private Date date;
			
@@ -39,12 +39,12 @@ class ActionToken extends BaseAction {
 
				 		@FieldDescribe("密钥")
			
 
				 		private String key;
			
 
				 
			
 
				-		public String getName() {
			
 
				-			return name;
			
 
				+		public String getPerson() {
			
 
				+			return person;
			
 
				 		}
			
 
				 
			
 
				-		public void setName(String name) {
			
 
				-			this.name = name;
			
 
				+		public void setPerson(String person) {
			
 
				+			this.person = person;
			
 
				 		}
			
 
				 
			
 
				 		public String getKey() {
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientEmpty.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientEmpty.java
@@ -0,0 +1,12 @@
 
				+package com.x.program.center.jaxrs.invoke;
			
 
				+
			
 
				+import com.x.base.core.project.exception.PromptException;
			
 
				+
			
 
				+class ExceptionClientEmpty extends PromptException {
			
 
				+
			
 
				+	private static final long serialVersionUID = 4132300948670472899L;
			
 
				+
			
 
				+	ExceptionClientEmpty() {
			
 
				+		super("sso 配置client不能为空.");
			
 
				+	}
			
 
				+}
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientNotExist.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionClientNotExist.java
@@ -0,0 +1,12 @@
 
				+package com.x.program.center.jaxrs.invoke;
			
 
				+
			
 
				+import com.x.base.core.project.exception.PromptException;
			
 
				+
			
 
				+class ExceptionClientNotExist extends PromptException {
			
 
				+
			
 
				+	private static final long serialVersionUID = 4132300948670472899L;
			
 
				+
			
 
				+	ExceptionClientNotExist(String client) {
			
 
				+		super("{} sso 配置不存在.", client);
			
 
				+	}
			
 
				+}
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionEmptyCredential.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionEmptyCredential.java
@@ -0,0 +1,12 @@
 
				+package com.x.program.center.jaxrs.invoke;
			
 
				+
			
 
				+import com.x.base.core.project.exception.PromptException;
			
 
				+
			
 
				+class ExceptionEmptyCredential extends PromptException {
			
 
				+
			
 
				+	private static final long serialVersionUID = 4132300948670472899L;
			
 
				+
			
 
				+	ExceptionEmptyCredential() {
			
 
				+		super("名称为空.");
			
 
				+	}
			
 
				+}
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionReadToken.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/ExceptionReadToken.java
@@ -0,0 +1,12 @@
 
				+package com.x.program.center.jaxrs.invoke;
			
 
				+
			
 
				+import com.x.base.core.project.exception.PromptException;
			
 
				+
			
 
				+class ExceptionReadToken extends PromptException {
			
 
				+
			
 
				+	private static final long serialVersionUID = 4132300948670472899L;
			
 
				+
			
 
				+	ExceptionReadToken(String client, String token) {
			
 
				+		super("can not read sso token, client:{}, token:{}.", client, token);
			
 
				+	}
			
 
				+}
			
--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenEmpty.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/sso/ExceptionTokenEmpty.java
@@ -1,4 +1,4 @@
 
				-package com.x.organization.assemble.authentication.jaxrs.sso;
			
 
				+package com.x.program.center.jaxrs.invoke;
			
 
				 
			
 
				 import com.x.base.core.project.exception.PromptException;
			
 
				 
			
@@ -7,6 +7,6 @@ class ExceptionTokenEmpty extends PromptException {
 
				 	private static final long serialVersionUID = 4132300948670472899L;
			
 
				 
			
 
				 	ExceptionTokenEmpty() {
			
 
				-		super("sso 没有提供解码.");
			
 
				+		super("sso 没有提供解码令牌.");
			
 
				 	}
			
 
				 }
			
--- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/InvokeAction.java
+++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/invoke/InvokeAction.java
@@ -161,18 +161,19 @@ public class InvokeAction extends StandardJaxrsAction {
 
				 		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
			
 
				 	}
			
 
				 
			
 
				-	@JaxrsMethodDescribe(value = "进行认证后执行调用接口,认证令牌格式'name#1970年毫秒数'经过3des加密,加密密钥为key值,有效时间15分钟.", action = ActionExecuteToken.class)
			
 
				+	@JaxrsMethodDescribe(value = "进行认证后执行调用接口,认证令牌格式'person#1970年毫秒数'经过3des加密,加密密钥为key值,有效时间15分钟.", action = ActionExecuteToken.class)
			
 
				 	@POST
			
 
				-	@Path("{flag}/token/{token}/execute")
			
 
				+	@Path("{flag}/client/{client}/token/{token}/execute")
			
 
				 	@Produces(HttpMediaType.APPLICATION_JSON_UTF_8)
			
 
				 	@Consumes(MediaType.APPLICATION_JSON)
			
 
				 	public void executeToken(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
			
 
				 			@JaxrsParameterDescribe("标识") @PathParam("flag") String flag,
			
 
				+			@JaxrsParameterDescribe("客户标识") @PathParam("client") String client,
			
 
				 			@JaxrsParameterDescribe("令牌") @PathParam("token") String token, JsonElement jsonElement) {
			
 
				 		ActionResult<Object> result = new ActionResult<>();
			
 
				 		EffectivePerson effectivePerson = this.effectivePerson(request);
			
 
				 		try {
			
 
				-			result = new ActionExecuteToken().execute(request, effectivePerson, flag, token, jsonElement);
			
 
				+			result = new ActionExecuteToken().execute(request, effectivePerson, flag, client, token, jsonElement);
			
 
				 		} catch (Exception e) {
			
 
				 			logger.error(e, effectivePerson, request, jsonElement);
			
 
				 			result.error(e);
			
--- a/o2server/x_program_center_core_entity/src/main/java/com/x/program/center/core/entity/Invoke.java
+++ b/o2server/x_program_center_core_entity/src/main/java/com/x/program/center/core/entity/Invoke.java
@@ -13,7 +13,6 @@ import javax.persistence.Lob;
 
				 import javax.persistence.Table;
			
 
				 import javax.persistence.UniqueConstraint;
			
 
				 
			
 
				-import org.apache.commons.lang3.StringUtils;
			
 
				 import org.apache.openjpa.persistence.jdbc.Index;
			
 
				 
			
 
				 import com.x.base.core.entity.JpaObject;
			
@@ -23,7 +22,6 @@ import com.x.base.core.entity.annotation.CitationNotExist;
 
				 import com.x.base.core.entity.annotation.ContainerEntity;
			
 
				 import com.x.base.core.entity.annotation.Flag;
			
 
				 import com.x.base.core.project.annotation.FieldDescribe;
			
 
				-import com.x.base.core.project.tools.StringTools;
			
 
				 
			
 
				 @Entity
			
 
				 @ContainerEntity(dumpSize = 1000, type = ContainerEntity.Type.content, reference = ContainerEntity.Reference.strong)
			
@@ -50,12 +48,8 @@ public class Invoke extends SliceJpaObject {
 
				 	@Column(length = length_id, name = ColumnNamePrefix + id_FIELDNAME)
			
 
				 	private String id = createId();
			
 
				 
			
 
				-	/* 以上为 JpaObject 默认字段 */
			
 
				-
			
 
				 	public void onPersist() throws Exception {
			
 
				-		if (StringUtils.isEmpty(this.key)) {
			
 
				-			this.key = StringTools.uniqueToken();
			
 
				-		}
			
 
				+
			
 
				 	}
			
 
				 
			
 
				 	public static final String name_FIELDNAME = "name";
			
@@ -66,14 +60,8 @@ public class Invoke extends SliceJpaObject {
 
				 	@Index(name = TABLE + IndexNameMiddle + name_FIELDNAME)
			
 
				 	private String name;
			
 
				 
			
 
				-	public static final String key_FIELDNAME = "key";
			
 
				-	@FieldDescribe("进行验证时使用的key.")
			
 
				-	@Column(length = JpaObject.length_255B, name = ColumnNamePrefix + key_FIELDNAME)
			
 
				-	@CheckPersist(allowEmpty = true)
			
 
				-	private String key;
			
 
				-
			
 
				 	public static final String enableToken_FIELDNAME = "enableToken";
			
 
				-	@FieldDescribe("进行验证时使用的key.")
			
 
				+	@FieldDescribe("是否启用token验证.")
			
 
				 	@Column(name = ColumnNamePrefix + enableToken_FIELDNAME)
			
 
				 	@CheckPersist(allowEmpty = true)
			
 
				 	private Boolean enableToken = false;
			
@@ -207,14 +195,6 @@ public class Invoke extends SliceJpaObject {
 
				 		this.remoteAddrRegex = remoteAddrRegex;
			
 
				 	}
			
 
				 
			
 
				-	public String getKey() {
			
 
				-		return key;
			
 
				-	}
			
 
				-
			
 
				-	public void setKey(String key) {
			
 
				-		this.key = key;
			
 
				-	}
			
 
				-
			
 
				 	public Boolean getEnableToken() {
			
 
				 		return enableToken;
			
 
				 	}