package platform.modules.oauth; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.xiaoleilu.hutool.crypto.SecureUtil; import org.apache.http.HttpResponse; import org.apache.http.client.ClientProtocolException; import org.apache.http.client.HttpClient; import org.apache.http.client.methods.HttpGet; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.util.EntityUtils; import org.apache.shiro.SecurityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import platform.common.Constant; import platform.common.base.controller.BaseController; import platform.common.util.CookieUtil; import platform.common.util.LoadPropertyUtil; import platform.common.util.ShiroUtils; import platform.modules.government.dao.UserDao; import platform.modules.government.entity.User; import platform.modules.government.service.UserService; import platform.modules.sys.shiro.UsernamePasswordToken; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * Created by luohaifeng on 2018/3/8. */ @Controller @RequestMapping(value = "/loginCallback") public class LoginCallback extends BaseController { @Value("${resetPassword}") private String resetPassword; @Autowired private UserDao userDao; @Autowired private UserService userService; @Autowired private HttpServletResponse response; @PostMapping(value = "") public String validateLogin(String SAMLResponse) { log.info("! SAMLResponse = {}", SAMLResponse); System.out.println("==============="); User user = ShiroUtils.getCurrentUser(); User existUser = userDao.findByNickName(user.getNick_name(), Constant.UserType.GOVERNMENT); if (null == existUser) { user.setUser_type(Constant.UserType.GOVERNMENT); user.setPassword(SecureUtil.md5().digestHex(resetPassword)); userService.saveSelectiveSso(user); } UsernamePasswordToken token = new UsernamePasswordToken(); token.setUsername(user.getNick_name()); //token.setPassword(resetPassword.toCharArray()); token.setSSO(true); SecurityUtils.getSubject().login(token); // 注入token到cookie String tokenString = userService.createToken(); tokenString = tokenString.replace("Bearer ", ""); log.info("tokenstring: {}", tokenString); CookieUtil.createWebCookie(response, "token", tokenString, 7200); // CookieUtil.createWebCookie(response, "user_id", user.getId().toString(), 7200); return "redirect:/admin/home"; } public String createUser(String ssoId) { //创建一个http客户端 HttpClient client = new DefaultHttpClient(); //创建一个POST请求 String uri = LoadPropertyUtil.getReplacedProperty(" userInfo.url", ssoId); HttpGet httpGet = new HttpGet(uri); try { //设置http Post请求参数 HttpResponse sererResponse = client.execute(httpGet); if (sererResponse.getStatusLine().getStatusCode() == 200) {//如果状 态码为200,表示请求成功 String result = EntityUtils.toString(sererResponse.getEntity()); System.out.println(result); JSONObject jsonObject = JSON.parseObject(result); User user = userDao.findByNickName((String) jsonObject.get("userId"), Constant.UserType.GOVERNMENT); if (null == user) { user = new User(); user.setUser_type(Constant.UserType.GOVERNMENT); user.setNick_name((String) jsonObject.get("userId")); user.setUser_name((String) jsonObject.get("name")); user.setEmail((String) jsonObject.get("email")); user.setPhone((String) jsonObject.get("mobile")); user.setPassword(SecureUtil.md5().digestHex(resetPassword)); userService.saveSelectiveSso(user); } UsernamePasswordToken token = new UsernamePasswordToken(); token.setUsername((String) jsonObject.get("userId")); token.setPassword(resetPassword.toCharArray()); SecurityUtils.getSubject().login(token); return "redirect:/admin/home"; } } catch (ClientProtocolException e) { e.printStackTrace(); //进行处理操作 } catch (IOException e) { e.printStackTrace(); } finally { } return "redirect:/admin/login"; } }