Java tutorial
/******************************************************************************* * Copyright (c) 2005, 2014 springside.github.io * * Licensed under the Apache License, Version 2.0 (the "License"); *******************************************************************************/ package com.vsc.dayspring.security; import java.util.ArrayList; import java.util.Arrays; import java.util.List; import java.util.Properties; import javax.annotation.PostConstruct; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authc.credential.HashedCredentialsMatcher; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.crypto.hash.SimpleHash; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.util.ByteSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.util.CollectionUtils; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import com.fuxian.yuncai.common.constant.AuthConstant; import com.fuxian.yuncai.common.constant.CodeConstant; import com.fuxian.yuncai.common.constant.ConditionConstant; import com.fuxian.yuncai.common.util.DigestUtils; import com.fuxian.yuncai.common.util.EncodeUtils; import com.fuxian.yuncai.pojo.entity.Account; import com.fuxian.yuncai.pojo.entity.Company; import com.fuxian.yuncai.pojo.entity.CompanyAccount; import com.fuxian.yuncai.repository.CompanyMapper; import com.fuxian.yuncai.service.AuthServer; import com.fuxian.yuncai.service.CompAccountService; public class ShiroDbRealm extends AuthorizingRealm { public static final String HASH_ALGORITHM = "SHA-1"; public static final int HASH_INTERATIONS = 1024; public static final int SALT_SIZE = 8; /* systemProperties app,????? Key */ private static final String KEY_APP_DOMAIN = "appDomain"; private static final String KEY_OFFIC_DOMAIN = "officDomain"; @Value("#{systemProperties}") private Properties properties; @Autowired private AuthServer authServer; @Autowired private CompAccountService compAccountService; @Autowired private CompanyMapper companyMapper; private ArrayList<String> getSubDomains(String key) { ArrayList<String> lst = new ArrayList<>(); String propertyValue = this.properties.getProperty(key); if (propertyValue != null) { String[] domains = propertyValue.split(","); if (domains != null && domains.length > 0) { lst = new ArrayList<>(Arrays.asList(domains)); } } return lst; } /** * ?,. */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException { ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder .getRequestAttributes(); String serverName = attributes.getRequest().getHeader("Host"); if (StringUtils.isEmpty(serverName)) { serverName = attributes.getRequest().getServerName(); } if (this.getSubDomains(KEY_APP_DOMAIN).contains(serverName)) { throw new AuthenticationException(); } MyUsernamePasswordToken token = (MyUsernamePasswordToken) authcToken; List<Account> accountList = null; List<CompanyAccount> companyAccountList = null; if (token.getUsername() == null) { return null; } byte[] salt = null; //DEMO&&? if (CodeConstant.CODE_WHETHER_1.equals(CodeConstant.SYS_TYPE_FLAG) && CodeConstant.CODE_LOGIN_TYPE_SERIAL_NUMBER_USER.equals(token.getType())) { companyAccountList = compAccountService.getCompAccountBySerialNumber(token.getUsername()); if (CollectionUtils.isEmpty(companyAccountList)) { throw new AuthenticationException(); } CompanyAccount loginInfo = companyAccountList.get(0); Company company = companyMapper.selectByPrimaryKey(loginInfo.getCompUuid()); if (company == null || CodeConstant.CODE_DELETE_FLAG_YES.equals(company.getDeleteFlag())) { throw new AuthenticationException(); } loginInfo.setCompInitFlg(company.getInitFlag()); loginInfo.setCompName(company.getShortName()); salt = DigestUtils.generateSalt(AuthServer.SALT_SIZE); SimpleHash hash = new SimpleHash(HASH_ALGORITHM, token.getPassword(), ByteSource.Util.bytes(salt), HASH_INTERATIONS); return new SimpleAuthenticationInfo(loginInfo, hash.toHex(), ByteSource.Util.bytes(salt), getName()); } else { if (token.getUsername().toLowerCase().indexOf(ConditionConstant.CONDITION_AT_YOWITS_COM) > 0) { // TODO DEBUG try { accountList = authServer.getLoginInfo(token.getUsername()); } catch (Exception e) { e.printStackTrace(); } } else { // TODO DEBUG try { companyAccountList = compAccountService.getCompAccountCountNoOrgByLoginId(token.getUsername()); } catch (Exception e) { e.printStackTrace(); } } if (!CollectionUtils.isEmpty(companyAccountList)) { CompanyAccount loginInfo = companyAccountList.get(0); if ("1".equals(loginInfo.getDeleteFlag())) { throw new AuthenticationException(); } // ?wizard uuid???? if (StringUtils.isEmpty(loginInfo.getWizardUuid())) { Company company = companyMapper.selectByPrimaryKey(loginInfo.getCompUuid()); if (company == null || CodeConstant.CODE_DELETE_FLAG_YES.equals(company.getDeleteFlag())) { throw new AuthenticationException(); } loginInfo.setCompInitFlg(company.getInitFlag()); loginInfo.setCompName(company.getShortName()); } salt = EncodeUtils.decodeHex(loginInfo.getSalt()); return new SimpleAuthenticationInfo(loginInfo, loginInfo.getPassword(), ByteSource.Util.bytes(salt), getName()); } else if (!CollectionUtils.isEmpty(accountList)) { if (!this.getSubDomains(KEY_OFFIC_DOMAIN).contains(serverName)) { throw new AuthenticationException(); } Account loginInfo = accountList.get(0); if ("1".equals(loginInfo.getDeleteFlag())) { throw new AuthenticationException(); } salt = EncodeUtils.decodeHex(loginInfo.getSalt()); return new SimpleAuthenticationInfo(loginInfo, loginInfo.getPassword(), ByteSource.Util.bytes(salt), getName()); } else { throw new AuthenticationException(); } } } /** * ?, ???. */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { Object principal = principals.getPrimaryPrincipal(); SimpleAuthorizationInfo auth = new SimpleAuthorizationInfo(); String type = null; if (principal instanceof CompanyAccount) { CompanyAccount companyAccount = (CompanyAccount) principal; type = companyAccount.getType(); auth.addRole(AuthConstant.ROLE_COMPANY); auth.addRole(AuthConstant.ROLE_COMPANY_WRITE); } else if (principal instanceof Account) { Account account = (Account) principal; type = account.getType(); auth.addRole(AuthConstant.ROLE_OFFICE); } if (CodeConstant.CODE_USER_TYPE_0.equals(type)) { auth.addRole(AuthConstant.ROLE_ADMIN); auth.addRole(AuthConstant.ROLE_MANAGER); } else if (CodeConstant.CODE_USER_TYPE_1.equals(type)) { auth.addRole(AuthConstant.ROLE_AGENT); } else if (CodeConstant.CODE_USER_TYPE_2.equals(type)) { auth.addRole(AuthConstant.ROLE_MANAGER); } else if (CodeConstant.CODE_USER_TYPE_3.equals(type)) { auth.addRole(AuthConstant.ROLE_FINANCE); } auth.addRole(AuthConstant.ROLE_USER); return auth; } /** * PasswordHash. */ @PostConstruct public void initCredentialsMatcher() { HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(AuthServer.HASH_ALGORITHM); matcher.setHashIterations(AuthServer.HASH_INTERATIONS); setCredentialsMatcher(matcher); } }