2021-02-26 11:27:33 +08:00
|
|
|
package io.dataease.auth.server;
|
|
|
|
|
|
|
|
|
|
import io.dataease.auth.api.AuthApi;
|
|
|
|
|
import io.dataease.auth.api.dto.CurrentRoleDto;
|
|
|
|
|
import io.dataease.auth.api.dto.CurrentUserDto;
|
|
|
|
|
import io.dataease.auth.api.dto.LoginDto;
|
2021-03-08 18:19:57 +08:00
|
|
|
import io.dataease.auth.config.RsaProperties;
|
2021-02-26 11:27:33 +08:00
|
|
|
import io.dataease.auth.entity.SysUserEntity;
|
2021-03-08 18:19:57 +08:00
|
|
|
import io.dataease.auth.entity.TokenInfo;
|
2021-02-26 11:27:33 +08:00
|
|
|
import io.dataease.auth.service.AuthUserService;
|
|
|
|
|
import io.dataease.auth.util.JWTUtils;
|
2021-03-08 18:19:57 +08:00
|
|
|
import io.dataease.auth.util.RsaUtil;
|
2021-02-26 11:27:33 +08:00
|
|
|
import io.dataease.commons.utils.BeanUtils;
|
2021-03-08 18:19:57 +08:00
|
|
|
import io.dataease.commons.utils.CodingUtil;
|
2021-08-02 18:27:03 +08:00
|
|
|
import io.dataease.commons.utils.LogUtil;
|
2021-02-26 11:27:33 +08:00
|
|
|
import io.dataease.commons.utils.ServletUtils;
|
2021-06-24 13:49:01 +08:00
|
|
|
import io.dataease.exception.DataEaseException;
|
2021-06-04 10:57:58 +08:00
|
|
|
import io.dataease.i18n.Translator;
|
2021-09-08 15:37:39 +08:00
|
|
|
import io.dataease.plugins.config.SpringContextUtil;
|
|
|
|
|
import io.dataease.plugins.util.PluginUtils;
|
|
|
|
|
import io.dataease.plugins.xpack.ldap.dto.request.LdapValidateRequest;
|
|
|
|
|
import io.dataease.plugins.xpack.ldap.dto.response.ValidateResult;
|
|
|
|
|
import io.dataease.plugins.xpack.ldap.service.LdapXpackService;
|
2021-09-14 11:34:03 +08:00
|
|
|
import io.dataease.plugins.xpack.oidc.service.OidcXpackService;
|
2021-03-08 18:19:57 +08:00
|
|
|
import org.apache.commons.lang3.ObjectUtils;
|
2021-02-26 11:27:33 +08:00
|
|
|
import org.apache.commons.lang3.StringUtils;
|
2021-03-19 13:05:14 +08:00
|
|
|
import org.apache.shiro.SecurityUtils;
|
2021-02-26 11:27:33 +08:00
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
|
import org.springframework.web.bind.annotation.RequestBody;
|
|
|
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
|
import java.util.HashMap;
|
|
|
|
|
import java.util.List;
|
|
|
|
|
import java.util.Map;
|
|
|
|
|
|
2021-09-14 18:47:33 +08:00
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
|
|
2021-02-26 11:27:33 +08:00
|
|
|
@RestController
|
|
|
|
|
public class AuthServer implements AuthApi {
|
|
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
|
private AuthUserService authUserService;
|
|
|
|
|
|
|
|
|
|
|
2021-09-08 15:37:39 +08:00
|
|
|
|
|
|
|
|
|
2021-02-26 11:27:33 +08:00
|
|
|
@Override
|
2021-03-08 18:19:57 +08:00
|
|
|
public Object login(@RequestBody LoginDto loginDto) throws Exception {
|
2021-02-26 11:27:33 +08:00
|
|
|
String username = loginDto.getUsername();
|
|
|
|
|
String password = loginDto.getPassword();
|
2021-09-08 15:37:39 +08:00
|
|
|
|
|
|
|
|
|
|
|
|
|
String pwd = RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, password);
|
|
|
|
|
// 增加ldap登录方式
|
|
|
|
|
Integer loginType = loginDto.getLoginType();
|
|
|
|
|
boolean isSupportLdap = authUserService.supportLdap();
|
|
|
|
|
if (loginType == 1 && isSupportLdap) {
|
|
|
|
|
LdapXpackService ldapXpackService = SpringContextUtil.getBean(LdapXpackService.class);
|
|
|
|
|
LdapValidateRequest request = LdapValidateRequest.builder().userName(username).password(pwd).build();
|
|
|
|
|
ValidateResult validateResult = ldapXpackService.login(request);
|
|
|
|
|
if (!validateResult.isSuccess()) {
|
|
|
|
|
DataEaseException.throwException(validateResult.getMsg());
|
|
|
|
|
}
|
|
|
|
|
username = validateResult.getUserName();
|
|
|
|
|
}
|
|
|
|
|
// 增加ldap登录方式
|
|
|
|
|
|
2021-03-08 18:19:57 +08:00
|
|
|
SysUserEntity user = authUserService.getUserByName(username);
|
2021-04-28 12:16:07 +08:00
|
|
|
|
2021-06-04 10:57:58 +08:00
|
|
|
if (ObjectUtils.isEmpty(user)) {
|
2021-06-24 13:49:01 +08:00
|
|
|
DataEaseException.throwException(Translator.get("i18n_id_or_pwd_error"));
|
2021-02-26 11:27:33 +08:00
|
|
|
}
|
2021-06-04 10:57:58 +08:00
|
|
|
if (user.getEnabled() == 0) {
|
2021-06-24 13:49:01 +08:00
|
|
|
DataEaseException.throwException(Translator.get("i18n_id_or_pwd_error"));
|
2021-04-28 12:16:07 +08:00
|
|
|
}
|
|
|
|
|
String realPwd = user.getPassword();
|
2021-03-08 18:19:57 +08:00
|
|
|
|
2021-09-08 15:37:39 +08:00
|
|
|
// 普通登录需要验证密码
|
|
|
|
|
if (loginType == 0 || !isSupportLdap) {
|
|
|
|
|
//私钥解密
|
|
|
|
|
|
|
|
|
|
//md5加密
|
|
|
|
|
pwd = CodingUtil.md5(pwd);
|
|
|
|
|
|
|
|
|
|
if (!StringUtils.equals(pwd, realPwd)) {
|
|
|
|
|
DataEaseException.throwException(Translator.get("i18n_id_or_pwd_error"));
|
|
|
|
|
}
|
2021-02-26 11:27:33 +08:00
|
|
|
}
|
2021-09-08 15:37:39 +08:00
|
|
|
|
2021-06-04 10:57:58 +08:00
|
|
|
Map<String, Object> result = new HashMap<>();
|
2021-06-04 11:03:42 +08:00
|
|
|
TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).build();
|
2021-03-08 18:19:57 +08:00
|
|
|
String token = JWTUtils.sign(tokenInfo, realPwd);
|
2021-03-10 11:49:18 +08:00
|
|
|
// 记录token操作时间
|
2021-03-03 14:44:01 +08:00
|
|
|
result.put("token", token);
|
2021-03-08 18:19:57 +08:00
|
|
|
ServletUtils.setToken(token);
|
2021-03-03 14:44:01 +08:00
|
|
|
return result;
|
2021-02-26 11:27:33 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
|
public CurrentUserDto userInfo() {
|
2021-06-04 10:57:58 +08:00
|
|
|
CurrentUserDto userDto = (CurrentUserDto) SecurityUtils.getSubject().getPrincipal();
|
2021-03-19 13:05:14 +08:00
|
|
|
if (ObjectUtils.isEmpty(userDto)) {
|
|
|
|
|
String token = ServletUtils.getToken();
|
|
|
|
|
Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
|
|
|
|
|
SysUserEntity user = authUserService.getUserById(userId);
|
|
|
|
|
CurrentUserDto currentUserDto = BeanUtils.copyBean(new CurrentUserDto(), user);
|
|
|
|
|
List<CurrentRoleDto> currentRoleDtos = authUserService.roleInfos(user.getUserId());
|
|
|
|
|
List<String> permissions = authUserService.permissions(user.getUserId());
|
|
|
|
|
currentUserDto.setRoles(currentRoleDtos);
|
|
|
|
|
currentUserDto.setPermissions(permissions);
|
|
|
|
|
return currentUserDto;
|
|
|
|
|
}
|
|
|
|
|
return userDto;
|
2021-02-26 11:27:33 +08:00
|
|
|
}
|
|
|
|
|
|
2021-03-08 18:19:57 +08:00
|
|
|
@Override
|
2021-06-04 10:57:58 +08:00
|
|
|
public String logout() {
|
2021-03-19 13:05:14 +08:00
|
|
|
String token = ServletUtils.getToken();
|
2021-09-14 18:47:33 +08:00
|
|
|
|
2021-09-14 11:34:03 +08:00
|
|
|
if (isOpenOidc()) {
|
2021-09-14 18:47:33 +08:00
|
|
|
HttpServletRequest request = ServletUtils.request();
|
|
|
|
|
String idToken = request.getHeader("IdToken");
|
2021-09-14 11:34:03 +08:00
|
|
|
OidcXpackService oidcXpackService = SpringContextUtil.getBean(OidcXpackService.class);
|
|
|
|
|
oidcXpackService.logout(idToken);
|
|
|
|
|
}
|
2021-08-02 18:27:03 +08:00
|
|
|
if (StringUtils.isEmpty(token) || StringUtils.equals("null", token) || StringUtils.equals("undefined", token)) {
|
|
|
|
|
return "success";
|
|
|
|
|
}
|
|
|
|
|
try{
|
|
|
|
|
Long userId = JWTUtils.tokenInfoByToken(token).getUserId();
|
|
|
|
|
authUserService.clearCache(userId);
|
|
|
|
|
}catch (Exception e) {
|
|
|
|
|
LogUtil.error(e);
|
|
|
|
|
return "fail";
|
|
|
|
|
}
|
|
|
|
|
|
2021-02-26 11:27:33 +08:00
|
|
|
return "success";
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-22 14:53:23 +08:00
|
|
|
@Override
|
|
|
|
|
public Boolean validateName(@RequestBody Map<String, String> nameDto) {
|
|
|
|
|
String userName = nameDto.get("userName");
|
|
|
|
|
if (StringUtils.isEmpty(userName)) return false;
|
|
|
|
|
SysUserEntity userEntity = authUserService.getUserByName(userName);
|
|
|
|
|
if (ObjectUtils.isEmpty(userEntity)) return false;
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-08 15:37:39 +08:00
|
|
|
@Override
|
|
|
|
|
public boolean isOpenLdap() {
|
|
|
|
|
Boolean licValid = PluginUtils.licValid();
|
|
|
|
|
if(!licValid) return false;
|
|
|
|
|
boolean open = authUserService.supportLdap();
|
|
|
|
|
return open;
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-14 11:34:03 +08:00
|
|
|
@Override
|
|
|
|
|
public boolean isOpenOidc() {
|
|
|
|
|
Boolean licValid = PluginUtils.licValid();
|
|
|
|
|
if(!licValid) return false;
|
|
|
|
|
return authUserService.supportOidc();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-08-02 12:01:29 +08:00
|
|
|
/*@Override
|
2021-02-26 11:27:33 +08:00
|
|
|
public Boolean isLogin() {
|
|
|
|
|
return null;
|
2021-08-02 12:01:29 +08:00
|
|
|
}*/
|
2021-02-26 11:27:33 +08:00
|
|
|
|
2021-05-30 20:24:54 +08:00
|
|
|
|
2021-02-26 11:27:33 +08:00
|
|
|
}
|
