package org.apereo.cas.web.landtool.single.flow; import java.time.format.DateTimeFormatter; import java.util.Collection; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.StringUtils; import org.apereo.cas.authentication.UsernamePasswordCredential; import org.apereo.cas.ticket.Ticket; import org.apereo.cas.ticket.TicketGrantingTicket; import org.apereo.cas.web.landtool.single.service.SingleLoginService; import org.apereo.cas.web.support.WebUtils; import org.apereo.inspektr.common.web.ClientInfoHolder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.binding.message.MessageBuilder; import org.springframework.binding.message.MessageContext; import org.springframework.webflow.action.AbstractAction; import org.springframework.webflow.execution.Event; import org.springframework.webflow.execution.RequestContext; /** * @author Tanbin * @date 2018-12-21 */ public class UserAlreadyLoginedCheckAction extends AbstractAction { private static final Logger LOGGER = LoggerFactory.getLogger(UserAlreadyLoginedCheckAction.class); @Autowired private SingleLoginService singleLoginService; public UserAlreadyLoginedCheckAction() { } /** * 获取登录信息 进行判断登录状态 */ @Override protected Event doExecute(final RequestContext requestContext) throws Exception { if(singleLoginService.singleLoginProperties.isShowWarnMessage()) { final HttpServletRequest request = WebUtils.getHttpServletRequest(requestContext); MessageContext messageContext = requestContext.getMessageContext(); UsernamePasswordCredential upc = (UsernamePasswordCredential) WebUtils.getCredential(requestContext);; final String username = upc.getUsername(); final String clientIp = ClientInfoHolder.getClientInfo().getClientIpAddress(); final String msgCodeWarn = "authenticationFailure.SingleUserWarn"; /// // String singleLoginCheckbox = (String) requestContext.getRequestScope().get("singleLoginCheckbox"); String showSingleLoginConfim = request.getParameter("showSingleLoginConfim"); String singleLoginCheckbox = request.getParameter("singleLoginCheckbox"); if(StringUtils.isBlank(singleLoginCheckbox)) { singleLoginCheckbox = (String) requestContext.getFlowScope().get("singleLoginCheckbox"); } if(StringUtils.isBlank(singleLoginCheckbox) && StringUtils.isBlank(showSingleLoginConfim)) { Collection tickets = singleLoginService.getKictOutTickets(username, clientIp); if(tickets != null && tickets.size() > 0) { LOGGER.debug("#####显示登录安全警告 [{}]", tickets.size()); TicketGrantingTicket oldTgt = (TicketGrantingTicket)tickets.iterator().next(); oldTgt = oldTgt.getRoot(); String oldClientIp = (String) oldTgt.getAuthentication().getAttributes().get("clientIp"); String oldLoginTime = oldTgt.getAuthentication().getAuthenticationDate().format(DateTimeFormatter.ISO_LOCAL_DATE_TIME); String loginMsg = String.format("IP:%s, 时间:%s", oldClientIp, oldLoginTime); String loginMsg2 = ""; // if(singleLoginService.singleLoginProperties.isKickOut()){ // loginMsg2 = ",本登录已将其踢出"; // } requestContext.getRequestScope().put("showSingleLoginConfim","true"); messageContext.addMessage(new MessageBuilder().error().code(msgCodeWarn).args(loginMsg, loginMsg2).build()); return new Event(this, "error"); } } else { LOGGER.debug("#####singleLoginCheckbox 是否踢出:[{}]", singleLoginCheckbox); if(StringUtils.isBlank(singleLoginCheckbox)) { requestContext.getFlowScope().put("singleLoginCheckbox", "false"); } else { requestContext.getFlowScope().put("singleLoginCheckbox", singleLoginCheckbox); } } } return new Event(this, "success"); } }