📄 fetionssomanager.java
字号:
package com.cmcc.server;
import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import com.cmcc.bean.CredenResult;
import com.cmcc.bean.EncryptedByte;
import com.cmcc.bean.EncryptedByteV2;
import com.cmcc.bean.EncryptedData;
import com.cmcc.bean.EncryptedDataV2;
import com.cmcc.common.util.AES;
import com.cmcc.common.util.BASE64;
import com.cmcc.common.util.ByteOprs;
import com.cmcc.common.util.DES;
import com.cmcc.common.util.IpUtil;
import com.cmcc.common.util.JAES;
import com.cmcc.common.util.StringUtil;
import com.cmcc.hibernate.GcfgSsikeys;
import com.cmcc.util.Constant;
import com.cmcc.util.SpringHelper;
import com.cmcc.ws.info.UserInfo;
public class FetionSsoManager {
private HttpServletRequest request;
private HttpServletResponse response;
private static Logger log = Logger.getLogger(FetionSsoManager.class);
public FetionSsoManager() {
}
public FetionSsoManager(HttpServletRequest request,
HttpServletResponse response) {
this.request = request;
this.response = response;
}
/**
* 生成核心域的AES认证串
*
* @param users
*/
public String createCoreCredenByAES(UserInfo user, String usertype) {
String result = "";
String coredomain = Constant.SSO_SERVER_DOMAIN;
GcfgSsikeys coressikey = Constant.ssikeyMap.get(coredomain);
if (coressikey == null) {
List<GcfgSsikeys> list = SpringHelper.getFetionSsoService()
.getSsikeysList();
for (int i = 0; i < list.size(); i++) {
coressikey = (GcfgSsikeys) list.get(i);
if (coressikey.getDomain().equals(coredomain)) {
break;
}
}
}
if (coressikey == null) {
return result;
}
int flag = coressikey.getFlag() & 8;
int keyid = coressikey.getFlag() & 3;
String key = "";
int credenLevel = 0;
if (flag == 0) {
credenLevel = 1;
} else {
credenLevel = 2;
}
if (keyid == 0) {
key = coressikey.getKey0();
} else if (keyid == 1) {
key = coressikey.getKey1();
} else if (keyid == 2) {
key = coressikey.getKey2();
}
log.info("credenLevel : " + credenLevel);
log.info("key : " + key);
Date now = new Date();
String uri = request.getRequestURI();
String domain = StringUtil.getValue(request.getParameter("domain"));
String clientip = request.getRemoteAddr();
String corecreden = "";
try {
if (credenLevel == 1) {
user = new UserInfo();
user.setPoolid(1);
user.setFid(454);
user.setMp(Long.parseLong("13466602305"));
user.setStatus(1);
EncryptedByte encryptedbyte = new EncryptedByte();
encryptedbyte.setUserType(Constant.USER_TYPE);
encryptedbyte.setUserUri(uri);
encryptedbyte.setDomain(domain);
encryptedbyte.setUserIp(clientip);
encryptedbyte.setUserMobileNo(String.valueOf(user.getMp()));
encryptedbyte.setSignInTime(now.getTime());
encryptedbyte.setSignInTimeOut(now.getTime()
+ Constant.ExpireTime * 1000);
encryptedbyte.setUserSid(String.valueOf(user.getFid()));
encryptedbyte.setUserStatus("" + user.getStatus());
encryptedbyte.setEid("100001");
DES des = new DES();
byte[] inBuff = des.data2Byte(encryptedbyte);
byte[] outBuff = des.encryptByDES(inBuff, ByteOprs
.getKeyByStr(key));
byte[] bresult = new byte[outBuff.length + 5];
bresult[0] = (byte) coressikey.getFlag().intValue();
byte[] bet = ByteOprs.int2byte(Constant.ExpireTime);
System.arraycopy(bet, 0, bresult, 1, bet.length);
System.arraycopy(outBuff, 0, bresult, 5, outBuff.length);
corecreden = BASE64.getBASE64(bresult).replaceAll("\r\n", "");
} else if (credenLevel == 2) {
user = new UserInfo();
user.setPoolid(1);
user.setFid(8002000);
user.setMp(Long.parseLong("13508002000"));
user.setStatus(1);
EncryptedByteV2 datav2 = new EncryptedByteV2();
datav2.setEid(100001);
datav2.setUserTypeV2(Constant.USER_TYPE_V2);
datav2.setCreateTime(now.getTime());
datav2.setExpireTime(now.getTime() + Constant.ExpireTime
* 1000);
datav2.setSid(user.getFid());
datav2.setMobile(user.getMp());
String logicPoolId = "" + user.getPoolid();
datav2.setLogicalPoolId(Short.valueOf(logicPoolId));
long lip = IpUtil.ipToLongValue(clientip);
datav2.setUserIp(lip);
datav2.setUserStatusV2(user.getStatus());
datav2.setUserTypeV2((byte) 0);
byte[] inBuff = AES.encrypt(datav2.getByteV2(), key);
byte[] bresult = new byte[inBuff.length + 5];
bresult[0] = (byte) coressikey.getFlag().intValue();
byte[] bet = ByteOprs.int2byte(Constant.ExpireTime);
System.arraycopy(bet, 0, bresult, 1, bet.length);
System.arraycopy(inBuff, 0, bresult, 5, inBuff.length);
corecreden = BASE64.getBASE64(bresult).replaceAll("\r", "")
.replaceAll("\n", "");
}
} catch (Exception ex) {
ex.printStackTrace();
}
/* 保存cookie */
if (!"".equals(corecreden)) {
result = corecreden;
}
return result;
}
/**
* 生成官网的DES认证串
*
* @param users
*/
public String createCoreCredenByDES(UserInfo user, String usertype,
String coredomain) {
String result = "";
GcfgSsikeys coressikey = Constant.ssikeyMap.get(coredomain);
if (coressikey == null) {
List<GcfgSsikeys> list = SpringHelper.getFetionSsoService()
.getSsikeysList();
for (int i = 0; i < list.size(); i++) {
coressikey = (GcfgSsikeys) list.get(i);
if (coressikey.getDomain().equals(coredomain)) {
break;
}
}
}
if (coressikey == null) {
return result;
}
int flag = coressikey.getFlag() & 8;
int keyid = coressikey.getFlag() & 3;
String key = "";
int credenLevel = 0;
if (flag == 0) {
credenLevel = 1;
} else {
credenLevel = 2;
}
if (keyid == 0) {
key = coressikey.getKey0();
} else if (keyid == 1) {
key = coressikey.getKey1();
} else if (keyid == 2) {
key = coressikey.getKey2();
}
Date now = new Date();
String uri = request.getRequestURI();
String domain = StringUtil.getValue(request.getParameter("domain"));
String clientip = request.getRemoteAddr();
String corecreden = "";
try {
if (credenLevel == 1) {
EncryptedByte encryptedbyte = new EncryptedByte();
encryptedbyte.setUserType(Constant.USER_TYPE);
encryptedbyte.setUserUri(uri);
encryptedbyte.setDomain(domain);
encryptedbyte.setUserIp(clientip);
encryptedbyte.setUserMobileNo(String.valueOf(user.getMp()));
encryptedbyte.setSignInTime(now.getTime());
encryptedbyte.setSignInTimeOut(now.getTime()
+ Constant.ExpireTime * 1000);
encryptedbyte.setUserSid(String.valueOf(user.getFid()));
encryptedbyte.setUserStatus("" + user.getStatus());
DES des = new DES();
byte[] inBuff = des.data2Byte(encryptedbyte);
byte[] outBuff = des.encryptByDES(inBuff, ByteOprs
.getKeyByStr(key));
byte[] bresult = new byte[outBuff.length + 5];
bresult[0] = (byte) coressikey.getFlag().intValue();
byte[] bet = ByteOprs.int2byte(Constant.ExpireTime);
System.arraycopy(bet, 0, bresult, 1, bet.length);
System.arraycopy(outBuff, 0, bresult, 5, outBuff.length);
corecreden = BASE64.getBASE64(bresult).replaceAll("\r", "")
.replaceAll("\n", "");
} else if (credenLevel == 2) {
EncryptedByteV2 datav2 = new EncryptedByteV2();
datav2.setUserTypeV2(Constant.USER_TYPE_V2);
datav2.setCreateTime(now.getTime());
datav2
.setExpireTime(now.getTime() + Constant.ExpireTime
* 1000);
datav2.setSid(user.getFid());
datav2.setMobile(user.getMp());
String logicPoolId = "" + user.getPoolid();
datav2.setLogicalPoolId(Short.valueOf(logicPoolId));
long lip = IpUtil.ipToLongValue(clientip);
datav2.setUserIp(lip);
datav2.setUserStatusV2(user.getStatus());
datav2.setUserTypeV2((byte) 0);
byte[] inBuff = JAES.encrypt(datav2.getByteV2(), key);
byte[] bresult = new byte[inBuff.length + 5];
bresult[0] = (byte) coressikey.getFlag().intValue();
byte[] bet = ByteOprs.int2byte(Constant.ExpireTime);
System.arraycopy(bet, 0, bresult, 1, bet.length);
System.arraycopy(inBuff, 0, bresult, 5, inBuff.length);
corecreden = BASE64.getBASE64(bresult).replaceAll("\r", "")
.replaceAll("\n", "");
datav2 = null;
inBuff = null;
bresult = null;
bet = null;
}
} catch (Exception ex) {
ex.printStackTrace();
}
/* 保存cookie */
if (!"".equals(corecreden)) {
result = corecreden;
}
return result;
}
/**
* 取核心域数据 AES解密
*
* @return CredenResult
*/
public CredenResult getCoreEncryptedDataByAES(String corecreden) {
CredenResult result = new CredenResult();
result.setType("0");
try {
String coredomain = Constant.SSO_SERVER_DOMAIN;
GcfgSsikeys coressikey = Constant.ssikeyMap.get(coredomain);
if (coressikey == null) {
List<GcfgSsikeys> list = SpringHelper.getFetionSsoService()
.getSsikeysList();
for (int i = 0; i < list.size(); i++) {
coressikey = (GcfgSsikeys) list.get(i);
if (coressikey.getDomain().equals(coredomain)) {
break;
}
}
}
if (coressikey == null) {
return result;
}
byte[] bcorecreden = BASE64.getFromBASE64(corecreden.replaceAll(
" ", "+"));
/*
* Flag = bCoreCredentail[0] bit3:1为第二类凭证,0为第一类凭证(bit "1000" = 8);
* bit0-bit1 key "11" = 3
*/
int flag = bcorecreden[0] & 8;
int keyid = bcorecreden[0] & 3;
String key = "";
int credenLevel = 0;
if (flag == 0) {
credenLevel = 1;
} else {
credenLevel = 2;
}
if (keyid == 0) {
key = coressikey.getKey0();
} else if (keyid == 1) {
key = coressikey.getKey1();
} else if (keyid == 2) {
key = coressikey.getKey2();
}
if (key == null || "".equals(key) || bcorecreden.length <= 5) {
return result;
}
byte[] bencrypted = new byte[bcorecreden.length - 5];
System.arraycopy(bcorecreden, 5, bencrypted, 0,
bcorecreden.length - 5);
/* 解析一类凭证,以及二类凭证 */
if (credenLevel == 1) {
DES des = new DES();
byte[] outBuff = des.decryptByDES(bencrypted, ByteOprs
.getKeyByStr(key));
EncryptedData data = des.byte2date(outBuff);
if (data != null) {
result.setType("1");
result.setData(data);
}
} else if (credenLevel == 2) {
AES aes = new AES();
byte[] outBuff = JAES.decrypt(bencrypted, key);
EncryptedDataV2 data = aes.byte2date(outBuff);
if (data != null) {
result.setType("2");
result.setData(data);
}
aes = null;
data = null;
outBuff = null;
}
} catch (Exception ex) {
ex.printStackTrace();
}
return result;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -