第三方登录单点
第三方的单点登录和公司的单点登录集成时,需要从第三方登录公司的单点系统,
以下为功能单点登录系统提供的后台restful API,返回json格式的数据接口
1. 登录
验证用户名密码,返回TGT
1.1、post请求 x-www-form-urlencoded 编码方式
url:http://xxxx/cas/v2/tickets
params:username=admin&password=bonc
例:(仅作参考)
RestTemplate restTemplate=new RestTemplate();
User user=new User("admin","bonc");
//提交的body内容为user对象,请求的返回的body类型为String
ResponseEntity<String> responseEntity=restTemplate.postForEntity("http://127.0.0.1:8080/cas/v2/tickets",user,String.class);
验证通过返回结果如下:
{"status": "true","TGT":"TGT-2-DgHeQe3cfXXaHGdlO91MgQr05ItWSyJpHFzrQvX0ayvNlXcrhc-cas"}
验证失败:
{"status": "false","message":"error.authentication.credentials.bad"}
1.2、将获取到的TGT的值放到和cas同域的/ path下,key名为CASTGC
例子:
String TGT = jsonV2.getString("TGT");
Cookie cookie = new Cookie("CASTGC", TGT);
cookie.setPath("/");
response.addCookie(cookie);
这就完成了cas服务端登录
然后跳转到公司门户,可以直接访问
(注:一定要保证登录程序和cas的同域,部署不满足时,可以用反向代理来保证同域)
2、退出
从cookie中取key为CASTGC的cookie值:cookies[i].getName().equals("CASTGC")
delete请求: http:// xxxx /cas/v1/tickets/CASTGC的值
String url = "http://127.0.0.1:8080" + "/cas/v1/tickets/" + CASTGC;
WebClientUtil.doDelete(url, null);
WebClientUtil.java
package com.example.mock.controller;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
public class WebClientUtil {
private final static String POST_METHOD="POST";
private final static String GET_METHOD="GET";
private final static String DELETE_METHOD="DELETE";
/**
* REST方式获取网络资源
* @param url
* @param params
* @return
*/
public static String baseRequest(String method,String url,Map<String,String> params) {
String parameterData=null;
OutputStream outputStream = null;
OutputStreamWriter outputStreamWriter = null;
InputStream inputStream = null;
InputStreamReader inputStreamReader = null;
BufferedReader reader = null;
StringBuffer resultBuffer = new StringBuffer();
String tempLine = null;
try {
//传统URL
if(params!=null){
if (method.equals(DELETE_METHOD)){
String pageId=params.get("pageId");
if(!url.endsWith("/")){
url+="/";
}
url+=pageId;
parameterData="";
for(String key:params.keySet()){
if(!key.equals("pageId")){
parameterData+=(parameterData.equals("")?"":"&")+ key+"="+URLEncoder.encode( params.get(key), "UTF8");
}
}
url+="?"+parameterData;
}else{
parameterData="";
for(String key:params.keySet()){
parameterData+=(parameterData.equals("")?"":"&")+ key+"="+URLEncoder.encode( params.get(key), "UTF8");
}
url+="?"+parameterData;
}
}
System.out.println(url);
URL localURL = new URL(url);
URLConnection connection = localURL.openConnection();
HttpURLConnection httpURLConnection = (HttpURLConnection)connection;
httpURLConnection.setDoOutput(true);
httpURLConnection.setRequestMethod(method);
httpURLConnection.setRequestProperty("Accept-Charset", "utf-8");
httpURLConnection.setRequestProperty("X-Srv-Token", "rdb-builtin-token");
httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
httpURLConnection.setRequestProperty("Content-Length", String.valueOf(parameterData==null?0:parameterData.length()));
// if(parameterData!=null){
// outputStream = httpURLConnection.getOutputStream();
// outputStreamWriter = new OutputStreamWriter(outputStream);
// outputStreamWriter.write(parameterData.toString());
// outputStreamWriter.flush();
// }
if (httpURLConnection.getResponseCode() >= 300) {
throw new Exception("HTTP Request is not success, Response code is " + httpURLConnection.getResponseCode());
}
inputStream = httpURLConnection.getInputStream();
inputStreamReader = new InputStreamReader(inputStream);
reader = new BufferedReader(inputStreamReader);
while ((tempLine = reader.readLine()) != null) {
resultBuffer.append(tempLine);
}
}catch(Exception e){
e.printStackTrace();
} finally {
if (outputStreamWriter != null) {
try {
outputStreamWriter.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (outputStream != null) {
try {
outputStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (reader != null) {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (inputStreamReader != null) {
try {
inputStreamReader.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return resultBuffer.toString();
}
public static String doGet(String url,Map<String,String> params) {
return baseRequest(GET_METHOD,url,params);
}
public static String doPost(String url,Map<String,String> params) {
return baseRequest(POST_METHOD,url,params);
}
public static String doDelete(String url,Map<String,String> params) {
return baseRequest(DELETE_METHOD,url,params);
}
public static void main(String[] args) {
String url="http://172.16.13.45:8086/workplace-ui/rest/workplacePage/getPageId";
// String url="http://172.16.13.45:8086/workplace-ui/rest/workplacePage/getPageId?name=rqwerqre&tenant_id=tenant_system";
Map<String,String> params =new HashMap();
params.put("pageId", "tenant_system");
params.put("tenant_id", "tenant_system");
params.put("login_id","rqwerqre");
// String str = doGet(url,params);
// String str = doGet(url,null);
String str = doDelete(url,params);
System.out.println(str);
}
}
删除CASTGC的cookie
//刪除cookie
Cookie newCookie = new Cookie("CASTGC", null);
newCookie.setMaxAge(0);
newCookie.setPath("http://127.0.0.1:8080/");
response.addCookie(newCookie);
浙公网安备 33010602011771号