2. it技术
  3. SsoInterceptor

SsoInterceptor

it2025-09-25  3
@Component @Slf4j public class SsoInterceptor extends HandlerInterceptorAdapter { private static final String FALSE = Boolean.FALSE; @Autowired private SsoService ssoService; @Autowired private SsoAuthService ssoAuthService; @Value("${sso._use_switch:true}") private String useSwitch; public SsoInterceptor() { } public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if ("false".equals(this.useSwitch)) { return true; } else if (!(handler instanceof HandlerMethod)) { return true; } else { HandlerMethod method = (HandlerMethod)handler; boolean loginRequired = method.getMethodAnnotation(LoginRequired.class) != null || AnnotationUtils.findAnnotation(method.getBean().getClass(), LoginRequired.class) != null; if (!loginRequired) { return true; } else { String ticket = CookieUtil.getValue(request, "_user_sso_ticket"); boolean checkTicket; if (StringUtils.isNotEmpty(ticket)) { checkTicket = this.ssoService.checkTicket(ticket); if (checkTicket) { User user = this.getUserInfo(ticket, request, response); if (Objects.isNull(user)) { return false; } UserUtil.setUser(user); return true; } log.error("check ticket fail"); } else { log.error("ticket is null "); } checkTicket = this.checkCode(request, response); return checkTicket; } } } private void redirectLogin(HttpServletRequest request, HttpServletResponse response) throws IOException { String referer = request.getHeader("referer"); String loginUrl = this.ssoService.getLoginUrl(referer); log.debug("redirect to sso login, loginUrl:{}", loginUrl); JSONObject jsonObject = new JSONObject(); jsonObject.put("loginUrl", loginUrl); response.setStatus(HttpStatus.UNAUTHORIZED.value()); response.setContentType("application/json"); response.getOutputStream().print(jsonObject.toJSONString()); } private boolean checkCode(HttpServletRequest request, HttpServletResponse response) throws Exception { String code = request.getParameter("code"); if (StringUtils.isEmpty(code)) { log.debug("request param, code is null"); this.redirectLogin(request, response); return false; } else { JSONObject data = this.ssoService.checkCode(code); if (Objects.isNull(data)) { log.error("get ticket by code from sso system error, ticket is null"); this.redirectLogin(request, response); return false; } else { String ticket = data.getString("ticket"); String ldap = data.getString("username"); log.debug("get ticket by code from sso system success,ticket:{},ldap:{}", ticket, ldap); CookieUtil.addCookie(response, "_user_sso_ticket", ticket, -1); CookieUtil.addCookie(response, "_user_sso_ldap", ldap, -1); User user = this.getUserInfo(ticket, request, response); if (Objects.isNull(user)) { return false; } else { request.getSession().setAttribute("_user_sso_user", user); request.getSession().setAttribute("_user_sso_ldap", ldap); return true; } } } } private User getUserInfo(String ticket, HttpServletRequest request, HttpServletResponse response) throws IOException { User user = this.ssoAuthService.getUserInfo(ticket); if (Objects.isNull(user)) { log.error("get userInfo by ticket error, ticket:{}", ticket); this.redirectLogin(request, response); return null; } else { UserUtil.setUser(user); return user; } } public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { UserUtil.clear(); } }

 

最新回复(0)