1

13693261870

2022-09-16 58d012f11dd34564d81b4eb3a6099eb689876597

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
package org.apereo.cas.web.flow;
 
 
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;
 
 
import org.apache.http.client.utils.URIBuilder;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.AuthenticationResult;
import org.apereo.cas.authentication.AuthenticationResultBuilder;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultAuthenticationSystemSupport;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.ticket.AbstractTicketException;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.ServiceTicket;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.web.landtool.terra.TerraProperties;
import org.apereo.cas.web.landtool.utils.HttpUtils;
import org.apereo.cas.web.support.WebUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
 
public class GenerateServiceTicketAction extends AbstractAction {
  private CentralAuthenticationService centralAuthenticationService;
  
  private AuthenticationSystemSupport authenticationSystemSupport = new DefaultAuthenticationSystemSupport();
  
  private TicketRegistrySupport ticketRegistrySupport;
  
  private ServicesManager servicesManager;
  @Autowired
  public TerraProperties properties; 
  
  protected Event doExecute(RequestContext context) {
    WebApplicationService webApplicationService = WebUtils.getService(context);
    String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
    try {
      Authentication authentication = this.ticketRegistrySupport.getAuthenticationFrom(ticketGrantingTicket);
      //进行判断,判断service是可以被该用户访问
      String url=properties.getAdmissionQueryUrl();
      //String url="http://192.168.1.40:8081/api/sys/systeminfo/isAdmitSysByUserid";
      Map<String,Object>  map =new HashMap<>();
     
      String rep = null;
      map.put("userid", authentication.getPrincipal().getId());
      URIBuilder uriBuilder = null;
    try {
        uriBuilder = new URIBuilder(webApplicationService.getOriginalUrl());
    } catch (URISyntaxException e1) {
        // TODO Auto-generated catch block
        e1.printStackTrace();
    }
      String serv=uriBuilder.getHost();
      try {
       rep=    HttpUtils.get(url,map);
    
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
    }
      if(rep==null||"false".equals(rep)){
          System.out.print(rep);
          return new Event(this,"error");
      }
      if (authentication == null)
        throw new InvalidTicketException(new AuthenticationException("No authentication found for ticket " + ticketGrantingTicket), ticketGrantingTicket); 
      RegisteredService registeredService = this.servicesManager.findServiceBy(webApplicationService);
      WebUtils.putRegisteredService(context, registeredService);
      WebUtils.putService(context, webApplicationService);
      WebUtils.putUnauthorizedRedirectUrlIntoFlowScope(context, registeredService
          .getAccessStrategy().getUnauthorizedRedirectUrl());
      if (WebUtils.getWarningCookie(context))
        return result("warn"); 
      Credential credential = WebUtils.getCredential(context);
      AuthenticationResultBuilder builder = this.authenticationSystemSupport.establishAuthenticationContextFromInitial(authentication, credential);
      AuthenticationResult authenticationResult = builder.build(webApplicationService);
      ServiceTicket serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicket, webApplicationService, authenticationResult);
      WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
      return success();
    } catch (AbstractTicketException e) {
      if (e instanceof InvalidTicketException)
        this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicket); 
      if (isGatewayPresent(context))
        return result("gateway"); 
      return newEvent("authenticationFailure", e);
    } 
  }
  
  public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) { this.centralAuthenticationService = centralAuthenticationService; }
  
  public void setAuthenticationSystemSupport(AuthenticationSystemSupport authenticationSystemSupport) { this.authenticationSystemSupport = authenticationSystemSupport; }
  
  public void setTicketRegistrySupport(TicketRegistrySupport ticketRegistrySupport) { this.ticketRegistrySupport = ticketRegistrySupport; }
  
  public void setServicesManager(ServicesManager servicesManager) { this.servicesManager = servicesManager; }
  
  protected boolean isGatewayPresent(RequestContext context) {
    return StringUtils.hasText(context.getExternalContext()
        .getRequestParameterMap().get("gateway"));
  }
  
  private Event newEvent(String id, Exception error) { return (new EventFactorySupport()).event(this, id, new LocalAttributeMap("error", error)); }
}