<%-- Created by IntelliJ IDEA. User: xvshanshan Date: 2023/7/3 Time: 9:23 To change this template use File | Settings | File Templates. --%> <%@ page import="weaver.conn.RecordSet" %> <%@ page import="weaver.general.BaseBean" %> <%@ page import="weaver.general.Util" %> <%@ page import="com.alibaba.fastjson.JSONObject" %> <%@ page import="com.alibaba.fastjson.JSONArray" %> <%@ page import="java.util.regex.Pattern" %> <%@ page import="java.util.regex.Matcher" %> <%@ page import="java.io.*" %> <%@ page import="weaver.hrm.User" %> <%@ page import="java.text.SimpleDateFormat" %> <%@ page import="java.util.*" %> <%@ page language="java" contentType="text/html; charset=UTF-8"%> <%@ page import="org.apache.http.impl.client.CloseableHttpClient" %> <%@ page import="org.apache.http.impl.client.HttpClients" %> <%@ page import="org.apache.http.client.methods.HttpPost" %> <%@ page import="com.alibaba.fastjson.JSON" %> <%@ page import="org.apache.http.entity.StringEntity" %> <%@ page import="org.apache.http.client.methods.CloseableHttpResponse" %> <%@ page import="org.apache.http.HttpStatus" %> <%@ page import="org.apache.http.HttpEntity" %> <%@ page import="org.apache.http.util.EntityUtils" %> <%@ page import="org.apache.http.client.ClientProtocolException" %> <%@ page import="weaver.hrm.HrmUserVarify" %> <%@ page import="java.net.URL" %> <%@ page import="java.net.HttpURLConnection" %> <%@ page import="org.apache.http.HttpException" %> <%@ page import="org.apache.http.client.HttpClient" %> <%@ page import="org.apache.commons.httpclient.methods.PostMethod" %> <%@ page import="org.apache.commons.httpclient.params.HttpMethodParams" %> <%@ page import="org.apache.http.NameValuePair" %> <%@ page import="org.apache.http.message.BasicNameValuePair" %> <%@ page import="org.apache.http.client.entity.UrlEncodedFormEntity" %> <%@ page import="weaver.rsa.security.RSA" %> <%@ page import="java.security.interfaces.RSAPublicKey" %> <%@ page import="java.security.KeyFactory" %> <%@ page import="java.security.spec.X509EncodedKeySpec" %> <%@ page import="javax.crypto.Cipher" %> <%@ page import="org.apache.commons.codec.binary.Base64" %> <%@ page import="java.nio.charset.StandardCharsets" %> <%@ page import="org.apache.http.impl.client.HttpClientBuilder" %> <%@ page import="org.apache.http.client.methods.HttpGet" %> <%@ page import="com.engine.common.util.ParamUtil" %> <%! //获取分页sql public static String getPaginationSql(String sql, String orderby, int pageNo, int pageSize) { String execSql = ""; RecordSet rs = new RecordSet(); String dbType = rs.getDBType(); // String dbType = "oracle"; // String dbType = "sqlserver"; int firstResult = 0; int endResult = 0; // 返回分页sql if("oracle".equals(dbType)){ // rownum firstResult = pageNo * pageSize + 1; endResult = (pageNo - 1) * pageSize; execSql = " select * from ( select tabUN2.*,rownum as my_rownum from ( select tableUN.*,rownum as r from ( " + sql + orderby + ") tableUN " + ") tabUN2 where r < " + firstResult + " ) where my_rownum > " + endResult; }else if("sqlserver".equals(dbType)){ sql="select *,row_number()OVER("+orderby+") as rn from ("+sql+") newt"; execSql = "select * from ( " + sql+")fy " + " where rn between ("+pageNo+"-1)*"+pageSize+"+1 and "+pageNo+"*"+pageSize+" "; }else { // 使用 ROW_NUMBER OVER()分页 firstResult = pageNo * pageSize + 1; endResult = (pageNo - 1) * pageSize; execSql = " select * from ( select tabUN2.*,rownum as my_rownum from ( select tableUN.*,rownum as r from ( " + sql + orderby +") tableUN ) tabUN2 where r < " + firstResult + " ) where my_rownum > " + endResult; } rs.writeLog("execSql---->"+execSql); return execSql; } private boolean isEmpty(String str) { if ("".equals(str) ||"(null)".equals(str) || str == null) { return true; } else { return false; } } /** * 获取指定类型的src值的集合 * @param htmlStr * @param type 标签名称 * @return */ public static Set getSrcStr(String htmlStr, String type) { Set srcs = new HashSet(); String src = ""; Pattern p_src; Matcher m_src; // String regEx_img = "]*?>"; //图片链接地址 String regEx_src = "<"+type+".*src\\s*=\\s*(.*?)[^>]*?>"; p_src = Pattern.compile (regEx_src, Pattern.CASE_INSENSITIVE); m_src = p_src.matcher(htmlStr); while (m_src.find()) { // 得到数据 src = m_src.group(); // 匹配中的src数据 Matcher m = Pattern.compile("src\\s*=\\s*\"?(.*?)(\"|>|\\s+)").matcher(src); while (m.find()) { srcs.add(m.group(1)); } } return srcs; } public User getUser(int uid){ User user = new User(); RecordSet rs = new RecordSet(); if (uid == 1) rs.executeQuery("select * from hrmresourcemanager where id=?", uid); else { rs.executeQuery("select * from hrmresource where id=?", uid); } String userid = ""; if (rs.next()) { userid = rs.getString("id"); user.setUid(rs.getInt("id")); user.setLogintype("1"); user.setLoginid(rs.getString("loginid")); user.setFirstname(rs.getString("firstname")); user.setLastname(rs.getString("lastname")); user.setAliasname(rs.getString("aliasname")); user.setTitle(rs.getString("title")); user.setTitlelocation(rs.getString("titlelocation")); user.setSex(rs.getString("sex")); String langid = rs.getString("systemlanguage"); user.setLanguage(Util.getIntValue(langid, 0)); user.setTelephone(rs.getString("telephone")); user.setMobile(rs.getString("mobile")); user.setMobilecall(rs.getString("mobilecall")); user.setEmail(rs.getString("email")); user.setCountryid(rs.getString("countryid")); user.setLocationid(rs.getString("locationid")); user.setResourcetype(rs.getString("resourcetype")); user.setStartdate(rs.getString("startdate")); user.setEnddate(rs.getString("enddate")); user.setContractdate(rs.getString("contractdate")); user.setJobtitle(rs.getString("jobtitle")); user.setJobgroup(rs.getString("jobgroup")); user.setJobactivity(rs.getString("jobactivity")); user.setJoblevel(rs.getString("joblevel")); user.setSeclevel(rs.getString("seclevel")); user.setUserDepartment(Util.getIntValue(rs.getString("departmentid"),0)); user.setUserSubCompany1(Util.getIntValue(rs.getString("subcompanyid1"),0)); user.setUserSubCompany2(Util.getIntValue(rs.getString("subcompanyid2"),0)); user.setUserSubCompany3(Util.getIntValue(rs.getString("subcompanyid3"),0)); user.setUserSubCompany4(Util.getIntValue(rs.getString("subcompanyid4"),0)); user.setManagerid(rs.getString("managerid")); user.setAssistantid(rs.getString("assistantid")); user.setPurchaselimit(rs.getString("purchaselimit")); user.setCurrencyid(rs.getString("currencyid")); SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); String lastLoginDate = sdf.format(new Date()); user.setLastlogindate(lastLoginDate); user.setLogintype("1"); user.setAccount(rs.getString("account")); } return user; } public String httpPostRequest(String param,String url,String token){ BaseBean baseBean = new BaseBean(); JSONObject jsonObject = new JSONObject(); String responseBody=""; try { CloseableHttpClient httpClient = HttpClients.createDefault(); HttpPost httpPost = new HttpPost(url); JSONObject jsonString = JSON.parseObject(param); //设置请求体参数 StringEntity entity = new StringEntity(param,"utf-8"); baseBean.writeLog("entity-param->"+param); baseBean.writeLog("entity-->"+entity); entity.setContentEncoding("utf-8"); baseBean.writeLog("entity-utf-8->"+entity); httpPost.setEntity(entity); //设置请求头部 httpPost.setHeader("Content-Type", "application/json"); if(token != null && !"".equals(token)){ httpPost.setHeader("Authorization",token); } //执行请求，返回请求响应 CloseableHttpResponse response = httpClient.execute(httpPost); //请求返回状态码 int statusCode = response.getStatusLine().getStatusCode(); baseBean.writeLog("statusCode状态码->"+statusCode); //请求成功 if (statusCode == HttpStatus.SC_OK && statusCode <= HttpStatus.SC_TEMPORARY_REDIRECT) { //取出响应体 HttpEntity entity2 = response.getEntity(); //从响应体中解析出token responseBody = EntityUtils.toString(entity2, "utf-8"); // jsonObject = JSONObject.parseObject(responseBody); baseBean.writeLog("responseBody->"+responseBody); // baseBean.writeLog("jsonObject->"+jsonObject); //token = jsonObject.getString("access_token"); } else { //请求失败 throw new ClientProtocolException("请求失败，响应码为：" + statusCode); } } catch (Exception e) { e.printStackTrace(); } return responseBody; } /** * 发送http get请求 */ public static String httpGet(String url,Map headers,String encode){ BaseBean bb = new BaseBean(); if(encode == null){ encode = "utf-8"; } CloseableHttpResponse httpResponse = null; CloseableHttpClient closeableHttpClient = null; String content = null; //since 4.3 不再使用 DefaultHttpClient try { closeableHttpClient = HttpClientBuilder.create().build(); HttpGet httpGet = new HttpGet(url); //设置header if (headers != null && headers.size() > 0) { for (Map.Entry entry : headers.entrySet()) { httpGet.setHeader(entry.getKey(),entry.getValue()); } } bb.writeLog("url="+url+"header="+headers+"encode="+encode); httpResponse = closeableHttpClient.execute(httpGet); HttpEntity entity = httpResponse.getEntity(); content = EntityUtils.toString(entity, encode); } catch (Exception e) { e.printStackTrace(); }finally{ try { httpResponse.close(); } catch (IOException e) { e.printStackTrace(); } } try { //关闭连接、释放资源 closeableHttpClient.close(); } catch (IOException e) { e.printStackTrace(); } return content; } /** * 向指定 URL 发送POST方法的请求 * * @param url 发送请求的 URL * @param param 请求参数，请求参数应该是 name1=value1&name2=value2 的形式。 * @return 所代表远程资源的响应结果 */ public static String sendPost(String url, String param) { BaseBean bb = new BaseBean(); String result = ""; PrintWriter out = null; BufferedReader in = null; HttpURLConnection connection = null; try { URL postUrl = new URL(url); bb.writeLog("getUrl-->"+postUrl); // 打开和URL之间的连接 connection = (HttpURLConnection) postUrl.openConnection(); // 在connect之前，设置通用的请求属性 connection.setRequestProperty("accept", "*/*"); connection.setRequestProperty("connection", "Keep-Alive"); connection.setRequestProperty("user-agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;SV1)"); connection.setRequestProperty("Charsert", "UTF-8"); connection.setConnectTimeout(15000); connection.setReadTimeout(60000); // 发送POST请求必须设置如下两行，参数要放在http正文内 connection.setDoOutput(true); connection.setDoInput(true); // 默认是 GET方式 connection.setRequestMethod("POST"); // Post 请求不使用缓存 connection.setUseCaches(false); // 配置本次连接的Content-type，form表单是"application/x-www-form-urlencoded"，json是"application/json"等 connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); connection.connect(); // 参数要放在http正文内 //1.获取URLConnection对象对应的输出流 out = new PrintWriter(connection.getOutputStream()); //2.中文有乱码的需要将PrintWriter改为如下 //out=new OutputStreamWriter(conn.getOutputStream(),"UTF-8") out.print(param); out.flush(); //也可以使用DataOutputStream // DataOutputStream dos=new DataOutputStream(httpConn.getOutputStream()); // dos.writeBytes(param); // dos.flush(); // dos.close(); // 定义BufferedReader输入流来读取URL的响应 if (connection.getResponseCode() == 200) { in = new BufferedReader(new InputStreamReader(connection.getInputStream(), "UTF-8")); String line; while ((line = in.readLine()) != null) { result += line; } } } catch (Exception e) { bb.writeLog("发送 POST 请求出现异常！" + e); e.printStackTrace(); } finally { try { if (out != null) { out.close(); } if (in != null) { in.close(); } if (connection != null) { //关闭连接 connection.disconnect(); } } catch (IOException ex) { ex.printStackTrace(); } } return result; } /** * 发送 http post 请求，参数以form表单键值对的形式提交。 */ public static String httpPostForm(String url,Map params, Map headers,String encode){ BaseBean bb = new BaseBean(); if(encode == null){ encode = "utf-8"; } String content = null; CloseableHttpResponse httpResponse = null; CloseableHttpClient closeableHttpClient = null; try { closeableHttpClient = HttpClients.createDefault(); HttpPost httpost = new HttpPost(url); //设置header if (headers != null && headers.size() > 0) { for (Map.Entry entry : headers.entrySet()) { httpost.setHeader(entry.getKey(),entry.getValue()); } } bb.writeLog("url="+url+"header="+headers+"encode="+encode); bb.writeLog("params="+params); //组织请求参数 List paramList = new ArrayList (); if(params != null && params.size() > 0){ Set keySet = params.keySet(); for(String key : keySet) { paramList.add(new BasicNameValuePair(key, params.get(key))); } } httpost.setEntity(new UrlEncodedFormEntity(paramList, encode)); httpResponse = closeableHttpClient.execute(httpost); HttpEntity entity = httpResponse.getEntity(); content = EntityUtils.toString(entity, encode); } catch (Exception e) { e.printStackTrace(); }finally{ try { httpResponse.close(); } catch (IOException e) { e.printStackTrace(); } } try { //关闭连接、释放资源 closeableHttpClient.close(); } catch (IOException e) { e.printStackTrace(); } return content; } /** * 公钥加密 * * @param content 内容 * @param publicKey 公钥 * @return 加密后的密文 * @throws Exception 异常信息 */ public static String encrypt(String content, String publicKey) throws Exception { //base64编码的公钥 byte[] decoded = org.apache.commons.codec.binary.Base64.decodeBase64(publicKey); RSAPublicKey pubKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(decoded)); //RSA加密 Cipher cipher = Cipher.getInstance("RSA"); cipher.init(Cipher.ENCRYPT_MODE, pubKey); return Base64.encodeBase64String(cipher.doFinal(content.getBytes(StandardCharsets.UTF_8))); } public static String getPublicKey(String str,Map MachInfo){ BaseBean bb = new BaseBean(); String publicKey =""; String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO","key")); //请求获取publicKey接口 Map headers = new HashMap<>(); String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO","publicKeyUrl")); headers.put("API_KEY",API_KEY); headers.put("MACH_ID",MachInfo.get("deviceId")); headers.put("MACH_TYPE",MachInfo.get("clientType")); headers.put("MACH_IP",MachInfo.get("param_ip")); // headers.put("MACH_ID",str); // headers.put("MACH_TYPE","0"); // headers.put("MACH_IP","127.0.0.1"); String msg = httpGet(url,headers,null); bb.writeLog("===获取publickey返回值===="+msg); try { org.json.JSONObject resMsg = new org.json.JSONObject(msg); bb.writeLog("===获取publickey返回值===="+resMsg); if(resMsg.has("pubKey")){ publicKey = Util.null2String(resMsg.get("pubKey").toString()); } }catch (Exception e){ e.getMessage(); } return publicKey; } //获取TG public static String getST(String tgt,String emobileUrl,String id,Map MachInfo){ BaseBean bb = new BaseBean(); String ST = ""; String retMsg = ""; Map params = new HashMap<>();//参数 Map headers = new HashMap<>();//headers String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO","key")); //请求获取TG接口 String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO","stUrl")); bb.writeLog("==获取TG=="+url); //移动端首页地址 bb.writeLog("==移动端首页地址=="+emobileUrl); String str = "1510"+id+"015"; //获取TGT params = new HashMap<>();//参数 params.put("tgt",tgt); params.put("service",emobileUrl); bb.writeLog("==STparams=="+params); headers = new HashMap<>();//headers headers.put("API_KEY",API_KEY); headers.put("MACH_ID",MachInfo.get("deviceId")); headers.put("MACH_TYPE",MachInfo.get("clientType")); headers.put("MACH_IP",MachInfo.get("param_ip")); // headers.put("MACH_ID",str); // headers.put("MACH_TYPE","0"); // headers.put("MACH_IP","127.0.0.1"); try { retMsg = httpPostForm(url,params,headers,null); bb.writeLog("===获取ST返回值===="+retMsg); org.json.JSONObject resMsg = new org.json.JSONObject(retMsg); bb.writeLog("===获取ST返回值resMsg===="+resMsg); if(resMsg.has("ST")){ ST = Util.null2String(resMsg.get("ST").toString()); } bb.writeLog("===获取ST===="+ST); }catch(Exception e){ throw new RuntimeException(e); } return retMsg; } %> <% RecordSet rs = new RecordSet(); BaseBean bb=new BaseBean(); RSA rsa = new RSA(); Map params = new HashMap<>();//参数 Map headers = new HashMap<>();//headers JSONArray array = new JSONArray(); List decriptList = new ArrayList<>(); String ST ="";//获取ST bb.writeLog("进入getCockpit.jap-->"); String login_id = ""; String user_password = ""; User user = HrmUserVarify.getUser(request, response); int uid = user.getUID(); bb.writeLog("uid-->"+uid); String loginIdd = user.getLoginid(); bb.writeLog("loginIdd-->"+loginIdd); rs.executeQuery("select id,loginid,password,createtime from EmobileLoginDetail where id=?", uid); if(rs.next()){ login_id = Util.null2String(rs.getString("loginid")); user_password = Util.null2String(rs.getString("password")); } bb.writeLog("login_id-->"+login_id); bb.writeLog("user_password-->"+user_password); Map paramsMap = ParamUtil.request2Map(request); new BaseBean().writeLog("paramsMap===>"+JSONObject.toJSONString(paramsMap) ); String deviceId = Util.null2String(paramsMap.get("deviceId")); String clientType = Util.null2String(paramsMap.get("clientType")); if("2".equals(clientType)){ clientType = "0"; }else if("3".equals(clientType)){ clientType = "1"; } String param_ip = Util.null2String(paramsMap.get("param_ip")); new BaseBean().writeLog("paramsMap===>"+paramsMap ); new BaseBean().writeLog("deviceId===>"+deviceId ); new BaseBean().writeLog("clientType===>"+clientType ); HashMap MachInfo = new HashMap<>(); MachInfo.put("deviceId",deviceId.isEmpty()?"123":deviceId); MachInfo.put("clientType",clientType.isEmpty()?"1":clientType); MachInfo.put("param_ip",param_ip.isEmpty()?"127.0.0.1":param_ip); //获取session session = request.getSession(true); String certified_token = Util.null2String(session.getAttribute("certified_token")); bb.writeLog("获取sessionTGT=="+certified_token); //获取cookie Cookie[] cookies = request.getCookies(); bb.writeLog("获取cookies=="+cookies); String idd = ""; if(cookies != null){ for(Cookie cookie:cookies){ bb.writeLog("获取cookiesName=="+cookie.getName()); if(cookie.getName().equals("loginidweaver")){ idd = cookie.getValue(); bb.writeLog("获取idd=="+idd); } } } //查询 String API_KEY = Util.null2String(bb.getPropValue("tjbankEMobileSSO","key"));//publicKey String url = Util.null2String(bb.getPropValue("tjbankEMobileSSO","stUrl"));//获取ST的url String cockpitUrl = Util.null2String(bb.getPropValue("tjbankEMobileSSO","cockpitUrl")); String tgturl = Util.null2String(bb.getPropValue("tjbankEMobileSSO","tgtUrl"));//请求获取TGT地址 //获取ST，带着下游系统 // if (!isEmpty(certified_token)){ // String responseInfo = getST(certified_token,cockpitUrl,loginIdd); // bb.writeLog("进入responseInfo-->"+responseInfo); // if (isEmpty(responseInfo)){ // out.print("单点系统接口返回值为null"); // return; // }else { // org.json.JSONObject stMsg = new org.json.JSONObject(responseInfo); // if(stMsg.has("ST")){ // ST = Util.null2String(stMsg.get("ST").toString()); // }else{ // out.print(Util.null2String(stMsg.getString("message"))); // return; // } // // String loginUrl = ""; // boolean isEm = Util.null2String(request.getHeader("user-agent")).indexOf("E-Mobile") > -1; // if(isEm == true){ // // loginUrl="https://jiashicang.bankoftianjin.com:8080/bi/APPFW?download=false&showToolbar=false&ticket="+ST; // loginUrl="https://jiashicang.bankoftianjin.com:8080/bi/APPFW?proc=1&action=viewer&hback=true&db=%E6%99%BA%E6%85%A7%E6%96%B9%E7%95%A5/%E6%99%BA%E6%85%A7HR.db&ticket="+ST; // } // // //loginUrl = "https://www.baidu.com/"; // bb.writeLog("loginUrl-->"+loginUrl); // out.print("跳转路径-->"+loginUrl); // out.print("进入驾驶舱成功"); // response.sendRedirect(loginUrl); // // return; // } // }else { String TGT =""; String passWord =""; String retMsg =""; decriptList.add(login_id); decriptList.add(user_password); List resultList = rsa.decryptList(request, decriptList); String loginId = resultList.get(0); String userPassword = resultList.get(1); String str = "1510"+login_id+"015"; String publicKey = getPublicKey(str,MachInfo); passWord = encrypt(user_password, publicKey); params = new HashMap<>();//参数 params.put("username",loginId); params.put("password",passWord); bb.writeLog("==STparams=="+params); headers = new HashMap<>();//headers headers.put("API_KEY",API_KEY); headers.put("MACH_ID",MachInfo.get("deviceId")); headers.put("MACH_TYPE",MachInfo.get("clientType")); headers.put("MACH_IP",MachInfo.get("param_ip")); // headers.put("MACH_ID",str); // headers.put("MACH_TYPE","0"); // headers.put("MACH_IP","127.0.0.1"); retMsg = httpPostForm(tgturl,params,headers,null); bb.writeLog("===获取TGT返回值retMsg===="+retMsg); org.json.JSONObject resMsg = new org.json.JSONObject(retMsg); bb.writeLog("===获取TGT返回值===="+resMsg); if(resMsg.has("TGT")){ TGT = Util.null2String(resMsg.get("TGT").toString()); } String responseInfo = getST(TGT,cockpitUrl,login_id,MachInfo); if (isEmpty(responseInfo)){ out.print("单点系统接口返回值为null"); return; }else { org.json.JSONObject stMsg = new org.json.JSONObject(responseInfo); if(stMsg.has("ST")){ ST = Util.null2String(stMsg.get("ST").toString()); }else{ out.print(Util.null2String(stMsg.getString("message"))); return; } String loginUrl = ""; boolean isEm = Util.null2String(request.getHeader("user-agent")).indexOf("E-Mobile") > -1; if(isEm == true){ // loginUrl="https://jiashicang.bankoftianjin.com:8080/bi/APPFW?download=false&showToolbar=false&ticket="+ST; loginUrl="https://jiashicang.bankoftianjin.com:8080/bi/APPFW?proc=1&action=viewer&hback=true&db=%E6%99%BA%E6%85%A7%E6%96%B9%E7%95%A5/%E6%99%BA%E6%85%A7HR.db&ticket="+ST; //loginUrl="http://123.151.115.199:8080/bi/PCFW?proc=1&action=viewer&hback=true&db=%E6%99%BA%E6%85%A7%E6%96%B9%E7%95%A5/%E5%89%8D%E7%BD%AE%E9%A1%B5.db&ticket="+ST; } bb.writeLog("loginUrl-->"+loginUrl); out.print("跳转路径-->"+loginUrl); out.print("进入驾驶舱成功"); response.sendRedirect(loginUrl); // } // out.print("进入驾驶舱系统失败,请先获取标识"); //return; } %>