package org.apereo.cas.web.landtool.single.flow;
|
|
import java.time.format.DateTimeFormatter;
|
import java.util.Collection;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import org.apache.commons.lang3.StringUtils;
|
import org.apereo.cas.authentication.UsernamePasswordCredential;
|
import org.apereo.cas.ticket.Ticket;
|
import org.apereo.cas.ticket.TicketGrantingTicket;
|
import org.apereo.cas.web.landtool.single.service.SingleLoginService;
|
import org.apereo.cas.web.support.WebUtils;
|
import org.apereo.inspektr.common.web.ClientInfoHolder;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.binding.message.MessageBuilder;
|
import org.springframework.binding.message.MessageContext;
|
import org.springframework.webflow.action.AbstractAction;
|
import org.springframework.webflow.execution.Event;
|
import org.springframework.webflow.execution.RequestContext;
|
|
/**
|
* @author Tanbin
|
* @date 2018-12-21
|
*/
|
public class UserAlreadyLoginedCheckAction extends AbstractAction {
|
private static final Logger LOGGER = LoggerFactory.getLogger(UserAlreadyLoginedCheckAction.class);
|
|
@Autowired
|
private SingleLoginService singleLoginService;
|
|
public UserAlreadyLoginedCheckAction() {
|
|
}
|
|
/**
|
* 获取登录信息 进行判断登录状态
|
*/
|
@Override
|
protected Event doExecute(final RequestContext requestContext) throws Exception {
|
if(singleLoginService.singleLoginProperties.isShowWarnMessage()) {
|
final HttpServletRequest request = WebUtils.getHttpServletRequest(requestContext);
|
MessageContext messageContext = requestContext.getMessageContext();
|
UsernamePasswordCredential upc = (UsernamePasswordCredential) WebUtils.getCredential(requestContext);;
|
final String username = upc.getUsername();
|
final String clientIp = ClientInfoHolder.getClientInfo().getClientIpAddress();
|
final String msgCodeWarn = "authenticationFailure.SingleUserWarn";
|
// String singleLoginCheckbox = (String) requestContext.getRequestScope().get("singleLoginCheckbox");
|
String showSingleLoginConfim = request.getParameter("showSingleLoginConfim");
|
String singleLoginCheckbox = request.getParameter("singleLoginCheckbox");
|
if(StringUtils.isBlank(singleLoginCheckbox)) {
|
singleLoginCheckbox = (String) requestContext.getFlowScope().get("singleLoginCheckbox");
|
}
|
|
if(StringUtils.isBlank(singleLoginCheckbox) && StringUtils.isBlank(showSingleLoginConfim)) {
|
Collection<Ticket> tickets = singleLoginService.getKictOutTickets(username, clientIp);
|
if(tickets != null && tickets.size() > 0) {
|
LOGGER.debug("#####显示登录安全警告 [{}]", tickets.size());
|
TicketGrantingTicket oldTgt = (TicketGrantingTicket)tickets.iterator().next();
|
oldTgt = oldTgt.getRoot();
|
String oldClientIp = (String) oldTgt.getAuthentication().getAttributes().get("clientIp");
|
String oldLoginTime = oldTgt.getAuthentication().getAuthenticationDate().format(DateTimeFormatter.ISO_LOCAL_DATE_TIME);
|
|
String loginMsg = String.format("IP:%s, 时间:%s", oldClientIp, oldLoginTime);
|
String loginMsg2 = "";
|
// if(singleLoginService.singleLoginProperties.isKickOut()){
|
// loginMsg2 = ",本登录已将其踢出";
|
// }
|
requestContext.getRequestScope().put("showSingleLoginConfim","true");
|
|
messageContext.addMessage(new MessageBuilder().error().code(msgCodeWarn).args(loginMsg, loginMsg2).build());
|
return new Event(this, "error");
|
}
|
} else {
|
LOGGER.debug("#####singleLoginCheckbox 是否踢出:[{}]", singleLoginCheckbox);
|
if(StringUtils.isBlank(singleLoginCheckbox)) {
|
requestContext.getFlowScope().put("singleLoginCheckbox", "false");
|
} else {
|
requestContext.getFlowScope().put("singleLoginCheckbox", singleLoginCheckbox);
|
}
|
}
|
}
|
|
return new Event(this, "success");
|
|
}
|
|
}
|
