<%@ page import="weaver.conn.RecordSet" %> <%@ page import="weaver.general.BaseBean" %> <%@ page import="weaver.general.Util" %> <%@ page import="com.alibaba.fastjson.JSONObject" %> <%@ page import="com.alibaba.fastjson.JSONArray" %> <%@ page import="java.io.*" %> <%@ page import="weaver.hrm.User" %> <%@ page import="java.text.SimpleDateFormat" %> <%@ page import="java.util.*" %> <%@ page language="java" contentType="text/html; charset=UTF-8" %> <%@ page import="org.apache.http.impl.client.CloseableHttpClient" %> <%@ page import="org.apache.http.impl.client.HttpClients" %> <%@ page import="org.apache.http.client.methods.HttpPost" %> <%@ page import="org.apache.http.entity.StringEntity" %> <%@ page import="org.apache.http.client.methods.CloseableHttpResponse" %> <%@ page import="org.apache.http.HttpStatus" %> <%@ page import="org.apache.http.HttpEntity" %> <%@ page import="org.apache.http.util.EntityUtils" %> <%@ page import="org.apache.http.client.ClientProtocolException" %> <%@ page import="weaver.hrm.HrmUserVarify" %> <%@ page import="java.net.URL" %> <%@ page import="java.net.HttpURLConnection" %> <%@ page import="org.apache.http.NameValuePair" %> <%@ page import="org.apache.http.message.BasicNameValuePair" %> <%@ page import="org.apache.http.client.entity.UrlEncodedFormEntity" %> <%@ page import="weaver.rsa.security.RSA" %> <%@ page import="java.security.interfaces.RSAPublicKey" %> <%@ page import="java.security.KeyFactory" %> <%@ page import="java.security.spec.X509EncodedKeySpec" %> <%@ page import="javax.crypto.Cipher" %> <%@ page import="org.apache.commons.codec.binary.Base64" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ page import="org.apache.http.impl.client.HttpClientBuilder" %> <%@ page import="org.apache.http.client.methods.HttpGet" %> <%@ page import="com.engine.common.util.ParamUtil" %> <%@ page import="java.time.format.DateTimeFormatter" %> <%@ page import="java.time.LocalDateTime" %> <%@ page import="java.time.temporal.ChronoUnit" %> <%@ page import="okhttp3.*" %> <%@ page import="javax.servlet.http.Cookie" %> <%@ page import="weaver.file.Prop" %> <%@ page import="com.alibaba.fastjson.JSONException" %> <%@ page import="com.wbi.util.StringUtil" %> <%@ page import="java.net.URLDecoder" %> <%! public String httpPostRequest(String param, String url, String token) { BaseBean baseBean = new BaseBean(); String responseBody = ""; try { CloseableHttpClient httpClient = HttpClients.createDefault(); HttpPost httpPost = new HttpPost(url); //设置请求体参数 StringEntity entity = new StringEntity(param, "utf-8"); baseBean.writeLog("entity-param->" + param); baseBean.writeLog("entity-->" + entity); entity.setContentEncoding("utf-8"); baseBean.writeLog("entity-utf-8->" + entity); httpPost.setEntity(entity); //设置请求头部 httpPost.setHeader("Content-Type", "application/json"); if (token != null && !"".equals(token)) { httpPost.setHeader("Authorization", token); } //执行请求,返回请求响应 CloseableHttpResponse response = httpClient.execute(httpPost); //请求返回状态码 int statusCode = response.getStatusLine().getStatusCode(); baseBean.writeLog("statusCode状态码->" + statusCode); //请求成功 if (statusCode == HttpStatus.SC_OK && statusCode <= HttpStatus.SC_TEMPORARY_REDIRECT) { //取出响应体 HttpEntity entity2 = response.getEntity(); //从响应体中解析出token responseBody = EntityUtils.toString(entity2, "utf-8"); // jsonObject = JSONObject.parseObject(responseBody); baseBean.writeLog("responseBody->" + responseBody); // baseBean.writeLog("jsonObject->"+jsonObject); //token = jsonObject.getString("access_token"); } else { //请求失败 throw new ClientProtocolException("请求失败,响应码为:" + statusCode); } } catch (Exception e) { e.printStackTrace(); } return responseBody; } /** * 发送http get请求 */ public static String httpGet(String url, Map headers, String encode) { BaseBean bb = new BaseBean(); if (encode == null) { encode = "utf-8"; } CloseableHttpResponse httpResponse = null; CloseableHttpClient closeableHttpClient = null; String content = null; //since 4.3 不再使用 DefaultHttpClient try { closeableHttpClient = HttpClientBuilder.create().build(); HttpGet httpGet = new HttpGet(url); //设置header if (headers != null && headers.size() > 0) { for (Map.Entry entry : headers.entrySet()) { httpGet.setHeader(entry.getKey(), entry.getValue()); } } bb.writeLog("url=" + url + "header=" + headers + "encode=" + encode); httpResponse = closeableHttpClient.execute(httpGet); HttpEntity entity = httpResponse.getEntity(); content = EntityUtils.toString(entity, encode); } catch (Exception e) { e.printStackTrace(); } finally { try { httpResponse.close(); } catch (IOException e) { e.printStackTrace(); } } try { //关闭连接、释放资源 closeableHttpClient.close(); } catch (IOException e) { e.printStackTrace(); } return content; } /** * 向指定 URL 发送POST方法的请求 * * @param url 发送请求的 URL * @param param 请求参数,请求参数应该是 name1=value1&name2=value2 的形式。 * @return 所代表远程资源的响应结果 */ public static String sendPost(String url, String param) { BaseBean bb = new BaseBean(); String result = ""; PrintWriter out = null; BufferedReader in = null; HttpURLConnection connection = null; try { URL postUrl = new URL(url); bb.writeLog("getUrl-->" + postUrl); // 打开和URL之间的连接 connection = (HttpURLConnection) postUrl.openConnection(); // 在connect之前,设置通用的请求属性 connection.setRequestProperty("accept", "*/*"); connection.setRequestProperty("connection", "Keep-Alive"); connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); connection.setRequestProperty("Charsert", "UTF-8"); connection.setConnectTimeout(15000); connection.setReadTimeout(60000); // 发送POST请求必须设置如下两行,参数要放在http正文内 connection.setDoOutput(true); connection.setDoInput(true); // 默认是 GET方式 connection.setRequestMethod("POST"); // Post 请求不使用缓存 connection.setUseCaches(false); // 配置本次连接的Content-type,form表单是"application/x-www-form-urlencoded",json是"application/json"等 connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); connection.connect(); // 参数要放在http正文内 //1.获取URLConnection对象对应的输出流 out = new PrintWriter(connection.getOutputStream()); //2.中文有乱码的需要将PrintWriter改为如下 //out=new OutputStreamWriter(conn.getOutputStream(),"UTF-8") out.print(param); out.flush(); //也可以使用DataOutputStream // DataOutputStream dos=new DataOutputStream(httpConn.getOutputStream()); // dos.writeBytes(param); // dos.flush(); // dos.close(); // 定义BufferedReader输入流来读取URL的响应 if (connection.getResponseCode() == 200) { in = new BufferedReader(new InputStreamReader(connection.getInputStream(), "UTF-8")); String line; while ((line = in.readLine()) != null) { result += line; } } } catch (Exception e) { bb.writeLog("发送 POST 请求出现异常!" + e); e.printStackTrace(); } finally { try { if (out != null) { out.close(); } if (in != null) { in.close(); } if (connection != null) { //关闭连接 connection.disconnect(); } } catch (IOException ex) { ex.printStackTrace(); } } return result; } /** * 发送 http post 请求,参数以form表单键值对的形式提交。 */ public static String httpPostForm(String url, Map params, Map headers, String encode) { BaseBean bb = new BaseBean(); if (encode == null) { encode = "utf-8"; } String content = null; CloseableHttpResponse httpResponse = null; CloseableHttpClient closeableHttpClient = null; try { closeableHttpClient = HttpClients.createDefault(); HttpPost httpost = new HttpPost(url); //设置header if (headers != null && headers.size() > 0) { for (Map.Entry entry : headers.entrySet()) { httpost.setHeader(entry.getKey(), entry.getValue()); } } bb.writeLog("url=" + url + "header=" + headers + "encode=" + encode); bb.writeLog("params=" + params); //组织请求参数 List paramList = new ArrayList(); if (params != null && params.size() > 0) { Set keySet = params.keySet(); for (String key : keySet) { paramList.add(new BasicNameValuePair(key, params.get(key))); } } httpost.setEntity(new UrlEncodedFormEntity(paramList, encode)); httpResponse = closeableHttpClient.execute(httpost); HttpEntity entity = httpResponse.getEntity(); content = EntityUtils.toString(entity, encode); } catch (Exception e) { e.printStackTrace(); } finally { try { httpResponse.close(); } catch (IOException e) { e.printStackTrace(); } } try { //关闭连接、释放资源 closeableHttpClient.close(); } catch (IOException e) { e.printStackTrace(); } return content; } /** * 公钥加密 * * @param content 内容 * @param publicKey 公钥 * @return 加密后的密文 * @throws Exception 异常信息 */ public static String encrypt(String content, String publicKey) throws Exception { //base64编码的公钥 byte[] decoded = org.apache.commons.codec.binary.Base64.decodeBase64(publicKey); RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded)); //RSA加密 Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, pubKey); return Base64.encodeBase64String(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8))); } public static String getPublicKey(Map MachInfo) { BaseBean bb = new BaseBean(); String publicKey = ""; String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "key")); //请求获取publicKey接口 Map headers = new HashMap<>(); String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "publicKeyUrl")); headers.put("API_KEY", API_KEY); headers.put("MACH_ID", MachInfo.get("deviceId")); headers.put("MACH_TYPE", Util.null2String(MachInfo.get("clientType"), "0")); headers.put("MACH_IP", MachInfo.get("param_ip")); String msg = httpGet(url, headers, null); bb.writeLog("===获取publickey返回值====" + msg); try { org.json.JSONObject resMsg = new org.json.JSONObject(msg); bb.writeLog("===获取publickey返回值====" + resMsg); if (resMsg.has("pubKey")) { publicKey = Util.null2String(resMsg.get("pubKey").toString()); } } catch (Exception e) { e.getMessage(); } return publicKey; } //获取TG public static String getST(String tgt, String emobileUrl, Map MachInfo) { BaseBean bb = new BaseBean(); String ST = ""; String retMsg = ""; Map params = new HashMap<>();//参数 Map headers = new HashMap<>();//headers String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "key")); //请求获取TG接口 String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "stUrl")); bb.writeLog("==获取TG==" + url); //移动端首页地址 bb.writeLog("==移动端首页地址==" + emobileUrl); //获取TGT params = new HashMap<>();//参数 params.put("tgt", tgt); params.put("service", emobileUrl); bb.writeLog("==STparams==" + params); headers = new HashMap<>();//headers headers.put("API_KEY", API_KEY); headers.put("MACH_ID", MachInfo.get("deviceId")); headers.put("MACH_TYPE", Util.null2String(MachInfo.get("clientType"), "0")); headers.put("MACH_IP", MachInfo.get("param_ip")); try { retMsg = httpPostForm(url, params, headers, null); bb.writeLog("===获取ST返回值====" + retMsg); org.json.JSONObject resMsg = new org.json.JSONObject(retMsg); bb.writeLog("===获取ST返回值resMsg====" + resMsg); if (resMsg.has("ST")) { ST = Util.null2String(resMsg.get("ST").toString()); } bb.writeLog("===获取ST====" + ST); } catch (Exception e) { throw new RuntimeException(e); } return retMsg; } public static String getSysUrl(String sysid) { RecordSet rs = new RecordSet(); String url = "-1"; //查询建模 rs.executeQuery("select * from uf_otherSysInfo where id = ?", sysid); if (rs.next()) { url = Util.null2String(rs.getString("xtdz")); } else { return "-1"; } url = url.trim(); if (!StringUtil.isBlank(url)) { //判断是否带?号 if (url.indexOf("?") == -1) { url = url + "?"; } else { url = url + "&"; } } ; return url; } public static String getsysSSOurl(String sysid) { RecordSet rs = new RecordSet(); String url = "-1"; //查询建模 rs.executeQuery("select * from uf_otherSysInfo where id = ?", sysid); if (rs.next()) { url = Util.null2String(rs.getString("hqdddz")); } else { return "-1"; } new BaseBean().writeLog("hqdddz====" + url); url = url.trim(); return url; } public static boolean isDifferenceGreaterThan(String timeStr2, int hours) { // 定义日期时间格式 DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss"); // 解析字符串为LocalDateTime对象 // LocalDateTime time1 = LocalDateTime.parse(timeStr1, formatter); LocalDateTime now = LocalDateTime.now(); LocalDateTime time2 = LocalDateTime.parse(timeStr2, formatter); // 计算两个时间的差值(以小时为单位) // long hoursDifference = ChronoUnit.HOURS.between(time1, time2); long hoursDifference = ChronoUnit.SECONDS.between(now, time2); System.out.println(hoursDifference); // 检查差值是否大于给定的小时数 return Math.abs(hoursDifference) > (long) hours * 60 * 60; } public String getEMToken() { try { String sysurl = Prop.getPropValue("emsysinfo", "sysurl"); String corpid = Prop.getPropValue("emsysinfo", "corpid"); String corpsecret = Prop.getPropValue("emsysinfo", "corpsecret"); OkHttpClient client = new OkHttpClient(); Request request = new Request.Builder() .url(sysurl + "/emp/api/gettoken?corpid=" + corpid + "&corpsecret=" + corpsecret) .get() .build(); Response response = client.newCall(request).execute(); String responseStr = response.body().string(); JSONObject responseJson = JSONObject.parseObject(responseStr); if ("0".equals(responseJson.get("errcode") + "")) { return responseJson.getString("access_token"); } else { return responseJson.getString("errmsg"); } } catch (Exception e) { return e.getMessage(); } } public String EMExt(String access_token, String jsonStr) { OkHttpClient client = new OkHttpClient(); String sysurl = Prop.getPropValue("emsysinfo", "sysurl"); MediaType mediaType = MediaType.parse("application/json"); RequestBody body = RequestBody.create(mediaType, jsonStr); Request request = new Request.Builder() .url(sysurl + "/emp/api/integrate/func/offline?access_token=" + access_token) .post(body) .addHeader("content-type", "application/json") .build(); try { Response response = client.newCall(request).execute(); String responseStr = response.body().string(); JSONObject responseJson = JSONObject.parseObject(responseStr); if ("0".equals(responseJson.get("errcode"))) { return responseJson.getString("errmsg"); } else { return responseJson.getString("errmsg"); } } catch (Exception e) { e.printStackTrace(); return e.getMessage(); } } %> <% BaseBean bb = new BaseBean(); bb.writeLog("进入消息单点跳转中中转页面jsp-->"); // 权限认证 User user = HrmUserVarify.getUser(request, response); if (user == null) { response.sendRedirect("/notice/noright.jsp"); return; } RecordSet rs = new RecordSet(); RSA rsa = new RSA(); Map params = new HashMap<>();//参数 Map headers = new HashMap<>();//headers JSONArray array = new JSONArray(); List decriptList = new ArrayList<>(); String ST = "";//获取ST Map paramsMap = ParamUtil.request2Map(request); String deviceId = Util.null2String(paramsMap.get("deviceId")); String clientType = Util.null2String(paramsMap.get("clientType")); if ("2".equals(clientType)) { clientType = "0"; } else if ("3".equals(clientType)) { clientType = "1"; } String param_ip = Util.null2String(paramsMap.get("param_ip")); new BaseBean().writeLog("paramsMap===>" + paramsMap); new BaseBean().writeLog("deviceId===>" + deviceId); new BaseBean().writeLog("clientType===>" + clientType); HashMap MachInfo = new HashMap<>(); MachInfo.put("deviceId", deviceId.isEmpty() ? "123" : deviceId); MachInfo.put("clientType", clientType.isEmpty() ? "1" : clientType); MachInfo.put("param_ip", param_ip.isEmpty() ? "127.0.0.1" : param_ip); String sysid = (String) paramsMap.get("sysid"); if (StringUtil.isBlank(sysid)) { out.print("sysid为空"); return; } // String sysUrl = getSysUrl(sysid); String sysUrl = (String) paramsMap.get("sysUrl"); if ("-1".equals(sysUrl)) { out.print("系统url为空"); return; } sysUrl = URLDecoder.decode(sysUrl, StandardCharsets.UTF_8.toString()); sysUrl = sysUrl.trim(); if (!StringUtil.isBlank(sysUrl)) { //判断是否带?号 if (sysUrl.indexOf("?") == -1) { sysUrl = sysUrl + "?"; } else { sysUrl = sysUrl + "&"; } } String login_id = ""; String user_password = ""; int uid = user.getUID(); bb.writeLog("uid-->" + uid); rs.executeQuery("select id,loginid,password,createtime from EmobileLoginDetail where id=?", uid); if (rs.next()) { login_id = Util.null2String(rs.getString("loginid")); user_password = Util.null2String(rs.getString("password")); } bb.writeLog("login_id-->" + login_id); bb.writeLog("user_password-->" + user_password); //获取session session = request.getSession(true); String certified_token = Util.null2String(session.getAttribute("certified_token")); String certified_token_expires = Util.null2String(session.getAttribute("certified_token_expires")); bb.writeLog("获取sessionTGT==" + certified_token); // //获取cookie // Cookie[] cookies = request.getCookies(); // bb.writeLog("获取cookies==" + cookies); // String idd = ""; // if (cookies != null) { // for (Cookie cookie : cookies) { // bb.writeLog("获取cookiesName==" + cookie.getName()); // if (cookie.getName().equals("loginidweaver")) { // idd = cookie.getValue(); // bb.writeLog("获取idd==" + idd); // } // } // } //查询人员工号 RecordSet recordSet = new RecordSet(); String requestURI = request.getRequestURI(); bb.writeLog("请求路径=" + requestURI); // Map useridMap = ParamUtil.request2Map(request); // bb.writeLog("人员id=" + useridMap.get("userid")); // recordSet.executeQuery("select WORKCODE from HRMRESOURCE where id=?", Util.null2String(useridMap.get("userid"))); // String workcode = ""; // if (recordSet.next()) { // workcode = Util.null2String(recordSet.getString("WORKCODE")); // } // bb.writeLog("人员workcode=" + useridMap.get("workcode")); //查询 String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "key"));//publicKey String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "stUrl"));//获取ST的url String cockpitUrl = getsysSSOurl(sysid); String tgturl = Util.null2String(bb.getPropValue("tjbankEMobileSSO", "tgtUrl"));//请求获取TGT地址 //获取ST,带着下游系统 if (!StringUtil.isBlank(certified_token) && !isDifferenceGreaterThan(certified_token_expires, 4)) { bb.writeLog("TGT未失效"); String responseInfo = getST(certified_token, cockpitUrl, MachInfo); bb.writeLog("进入responseInfo-->" + responseInfo); if (StringUtil.isBlank(responseInfo)) { out.print("单点系统接口返回值为null"); return; } else { org.json.JSONObject stMsg = new org.json.JSONObject(responseInfo); if (stMsg.has("ST")) { ST = Util.null2String(stMsg.get("ST").toString()); } else { try { if (stMsg.has("errorCode") && "2009".equals(stMsg.getString("errorCode"))) { response.sendRedirect("https://office.bankoftianjin.com/interface/transfer/mobile/noPermissons2.html"); } else if (stMsg.has("errorCode") && "2008".equals(stMsg.getString("errorCode"))) { //----------------------------------TGT未找到--------------------------------------------- bb.writeLog("TGT未找到"); String TGT = ""; String passWord = ""; String retMsg = ""; decriptList.add(login_id); decriptList.add(user_password); List resultList = rsa.decryptList(request, decriptList); String loginId = resultList.get(0); String userPassword = resultList.get(1); String publicKey = getPublicKey(MachInfo); passWord = encrypt(user_password, publicKey); params = new HashMap<>();//参数 params.put("username", loginId); params.put("password", passWord); bb.writeLog("==STparams==" + params); headers = new HashMap<>();//headers headers.put("API_KEY", API_KEY); headers.put("MACH_ID", MachInfo.get("deviceId")); headers.put("MACH_TYPE", Util.null2String(MachInfo.get("clientType"), "0")); headers.put("MACH_IP", MachInfo.get("param_ip")); retMsg = httpPostForm(tgturl, params, headers, null); bb.writeLog("===获取TGT返回值retMsg====" + retMsg); org.json.JSONObject resMsg = new org.json.JSONObject(retMsg); bb.writeLog("===获取TGT返回值====" + resMsg); if (resMsg.has("TGT")) { TGT = Util.null2String(resMsg.get("TGT").toString()); } else { //密码不正确,执行强制退出 if ("2002".equals(resMsg.get("errorCode") + "")) { out.print("

您的单点系统密码已修改,请重新登录,将在3秒后退出

"); Thread thread = new Thread(new Runnable() { @Override public void run() { try { Thread.sleep(3000); } catch (InterruptedException e) { e.printStackTrace(); } JSONObject postBody = new JSONObject(); String sysid = Prop.getPropValue("emsysinfo", "sysid"); postBody.put("sysid", sysid); postBody.put("userids", user.getUID()); postBody.put("offline_type", "1"); postBody.put("client_type", "1,2,3"); String errmsg = EMExt(getEMToken(), postBody.toJSONString()); } }); thread.start(); return; } else { out.print(resMsg.get("message")); return; } } SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); Date now = new Date(); Date expiresDate = new Date(now.getTime() + (4 * 60 * 60 * 1000)); request.getSession(true).setAttribute("certified_token_expires", sdf.format(expiresDate));//记录toekn失效日期时间 request.getSession(true).setAttribute("certified_token", TGT);//记录toekn responseInfo = getST(TGT, cockpitUrl, MachInfo); if (StringUtil.isBlank(responseInfo)) { out.print("单点系统接口返回值为null"); return; } else { org.json.JSONObject stMsgnew = new org.json.JSONObject(responseInfo); if (stMsgnew.has("ST")) { ST = Util.null2String(stMsgnew.get("ST").toString()); } else { try { if (stMsgnew.has("errorCode") && "2009".equals(stMsgnew.getString("errorCode"))) { response.sendRedirect("https://office.bankoftianjin.com/interface/transfer/mobile/noPermissons2.html"); } } catch (JSONException e) { bb.writeLog(e); } out.print(Util.null2String(stMsgnew.getString("message"))); return; } String loginUrl = ""; String remuseUrl = sysUrl; boolean isEm = Util.null2String(request.getHeader("user-agent")).indexOf("E-Mobile") > -1; if (1 == 1) { loginUrl = remuseUrl + "ticket=" + ST; //loginUrl="http://123.151.115.199:8080/bi/PCFW?proc=1&action=viewer&hback=true&db=%E6%99%BA%E6%85%A7%E6%96%B9%E7%95%A5/%E5%89%8D%E7%BD%AE%E9%A1%B5.db&ticket="+ST; } bb.writeLog("loginUrl-->" + loginUrl); response.sendRedirect(loginUrl); } //----------------------------------TGT未找到--------------------------------------------- } else { try { out.print(Util.null2String(stMsg.getString("message"))); } catch (org.json.JSONException e) { e.printStackTrace(); } } } catch (JSONException e) { bb.writeLog(e); } return; } String loginUrl = ""; // String remuseUrl = bb.getPropValue("tjbkremuse", "hbUrl"); String remuseUrl = sysUrl; boolean isEm = Util.null2String(request.getHeader("user-agent")).indexOf("E-Mobile") > -1; if (1 == 1) { loginUrl = remuseUrl + "ticket=" + ST; } //loginUrl = "https://www.baidu.com/"; bb.writeLog("loginUrl-->" + loginUrl); out.print("跳转路径-->" + loginUrl); //out.print(loginUrl); response.sendRedirect(loginUrl); // request.getRequestDispatcher("loginUrl").forward(request,response); // return; } } else { bb.writeLog("TGT已失效"); String TGT = ""; String passWord = ""; String retMsg = ""; decriptList.add(login_id); decriptList.add(user_password); List resultList = rsa.decryptList(request, decriptList); String loginId = resultList.get(0); String userPassword = resultList.get(1); String publicKey = getPublicKey(MachInfo); passWord = encrypt(user_password, publicKey); params = new HashMap<>();//参数 params.put("username", loginId); params.put("password", passWord); bb.writeLog("==STparams==" + params); headers = new HashMap<>();//headers headers.put("API_KEY", API_KEY); headers.put("MACH_ID", MachInfo.get("deviceId")); headers.put("MACH_TYPE", Util.null2String(MachInfo.get("clientType"), "0")); headers.put("MACH_IP", MachInfo.get("param_ip")); retMsg = httpPostForm(tgturl, params, headers, null); bb.writeLog("===获取TGT返回值retMsg====" + retMsg); org.json.JSONObject resMsg = new org.json.JSONObject(retMsg); bb.writeLog("===获取TGT返回值====" + resMsg); if (resMsg.has("TGT")) { TGT = Util.null2String(resMsg.get("TGT").toString()); } else { //密码不正确,执行强制退出 if ("2002".equals(resMsg.get("errorCode") + "")) { out.print("

您的单点系统密码已修改,请重新登录,将在3秒后退出

"); Thread thread = new Thread(new Runnable() { @Override public void run() { try { Thread.sleep(3000); } catch (InterruptedException e) { e.printStackTrace(); } JSONObject postBody = new JSONObject(); String sysid = Prop.getPropValue("emsysinfo", "sysid"); postBody.put("sysid", sysid); postBody.put("userids", user.getUID()); postBody.put("offline_type", "1"); postBody.put("client_type", "1,2,3"); String errmsg = EMExt(getEMToken(), postBody.toJSONString()); } }); thread.start(); return; } else { out.print(resMsg.get("message")); return; } } SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); Date now = new Date(); Date expiresDate = new Date(now.getTime() + (4 * 60 * 60 * 1000)); request.getSession(true).setAttribute("certified_token_expires", sdf.format(expiresDate));//记录toekn失效日期时间 request.getSession(true).setAttribute("certified_token", TGT);//记录toekn String responseInfo = getST(TGT, cockpitUrl, MachInfo); if (StringUtil.isBlank(responseInfo)) { out.print("单点系统接口返回值为null"); return; } else { org.json.JSONObject stMsg = new org.json.JSONObject(responseInfo); if (stMsg.has("ST")) { ST = Util.null2String(stMsg.get("ST").toString()); } else { try { if (stMsg.has("errorCode") && "2009".equals(stMsg.getString("errorCode"))) { response.sendRedirect("https://office.bankoftianjin.com/interface/transfer/mobile/noPermissons2.html"); } } catch (JSONException e) { bb.writeLog(e); } out.print(Util.null2String(stMsg.getString("message"))); return; } String loginUrl = ""; String remuseUrl = sysUrl; boolean isEm = Util.null2String(request.getHeader("user-agent")).indexOf("E-Mobile") > -1; if (1 == 1) { loginUrl = remuseUrl + "ticket=" + ST; } bb.writeLog("loginUrl-->" + loginUrl); response.sendRedirect(loginUrl); } } %>