ssoredirectservlet.java

自己实现的AES和DES的加密算法。自己可以随意组成加密数据结构

package com.cmcc.web.servlet;

import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.cmcc.bean.CredenResult;
import com.cmcc.bean.EncryptedDataV2;
import com.cmcc.common.util.StringUtil;
import com.cmcc.hibernate.GcfgRedirectUrl;
import com.cmcc.server.FetionSsoManager;
import com.cmcc.util.Constant;
import com.cmcc.util.SpringHelper;
import com.cmcc.ws.info.UserInfo;

public class SsoRedirectServlet extends HttpServlet {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;
	private static Log log = LogFactory.getLog(SsoRedirectServlet.class);

	public void doPress(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		String key = StringUtil.getValue(request.getParameter("key"));
		String c = StringUtil.getValue(request.getParameter("c"));
		//取到所有的参数，进行参数组合，key和c串不传，剩下的参数都原样传递
		String querystr = StringUtil.getValue(request.getQueryString());
		log.info("=========== Redirect Url ============");
		log.info("old querystr is: " + querystr);
		String newquerystr = "&";
		String[] params = querystr.split("&");
		for (int i = 0; i < params.length; i++) {
			if (params[i].startsWith("key=") || params[i].startsWith("c=")) {
				continue;
			} else {
				newquerystr = newquerystr + params[i] + "&";
			}
		}
		if (newquerystr.endsWith("&")) {
			newquerystr = newquerystr
					.substring(0, newquerystr.lastIndexOf("&"));
		}
		log.info("newquerystr is: " + newquerystr);
		log.info("key is: " + key);
		log.info("c is: " + c);
		/* 修改 new FetionSsoManager(request, response); 要将参数request,response传递，否则空指针*/
		FetionSsoManager ssomanager = new FetionSsoManager(request, response);
		CredenResult cre = ssomanager.getCoreEncryptedDataByAES(URLDecoder
				.decode(c));
		EncryptedDataV2 encryptedDataV2 = (EncryptedDataV2) cre.getData();
		long mp = encryptedDataV2.getMobile();

		// 生成官网的认证串
		UserInfo users = SpringHelper.getFetionSsoService().getUserInfo("",
				String.valueOf(mp));
		log.info("mp is :  " + users.getMp());
		log.info("sid is: " + users.getFid());
		GcfgRedirectUrl rurl = Constant.redirctUrlMap.get(Integer.parseInt(key));
		String core = ssomanager.createCoreCredenByDES(users, "des", rurl.getDomain());
		log.info("domain is: " + rurl.getDomain());
		log.info("core is: " + core);
		String url = rurl.getRedirect_url();
		url = url + URLEncoder.encode(core) + newquerystr;
		log.info("url is: " + url);
		response.setHeader("Location", url);
		response.setHeader("Set-Cookie", "ssic=" + c + "; path=/");

		response.sendRedirect(url);
		return;
	}

	protected void doGet(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		doPress(request, response);
	}

	protected void doPost(HttpServletRequest request,
			HttpServletResponse response) throws ServletException, IOException {
		doPress(request, response);
	}

}