后端解决 免密登陆,gitlab,harbor免密登陆

@[TOC]java解决跨域免登陆

#在项目终于到了几个问题,记录下来,系统集成gitlab,harbor 为了有好的用户体验想做免登陆,点击直接进入,项目是docker+harbor 实现自动化运维部署,一台主服务器,两台从服务器。直接贴代码吧

@RestController
@RequestMapping("/autoLogin")
public class AutoLoginController {

@ApiOperation(value = "用户的菜单", notes = "当前登录用户的菜单")
@ApiImplicitParam(name = "application", value = "查询参数", required = false, dataType = "Application ", paramType = "query")
@RequestMapping("/login")
public void autoLogin(HttpServletRequest request, HttpServletResponse response) throws IOException {
    String temhtml = (String) EHCacheUtil.getValue("html","loginHtml");
    if (!EHCacheUtil.contains("html","loginHtml")) {
        InputStreamReader inputStreamReader = null;
        BufferedReader reader = null;
        String line = null;
        DefaultHttpClient httpClient = new DefaultHttpClient();
        HttpGet getParam = new HttpGet("http://api.gateway.com");
        CloseableHttpResponse response1 = httpClient.execute(getParam);
        InputStream inputStream1 = response1.getEntity().getContent();
        inputStreamReader = new InputStreamReader(inputStream1);
        reader = new BufferedReader(inputStreamReader);
        StringBuffer stringBuffer = new StringBuffer();
        while ((line = reader.readLine()) != null) {
            line = line.replaceAll("href=\"", "href=\"http://api.gateway.com");
            line = line.replaceAll("src=\"", "src=\"http://api.gateway.com");
            if (line.contains("//]]>")) {
                System.out.println(line);
                line = line + "\nwindow.onload = function(){\n" +
                        "document.getElementById(\"user_login\").value='root'\n" +//嵌入登陆脚本,
                        "document.getElementById('user_password').value=\"hyhh2018\";\n" +
                        "document.getElementById('new_user').submit();\n" +
                        "}";
            }
            if (line.contains("action=\"/users/sign_in\"")) {
                line = line.replace("action=\"/users/sign_in\"", "action=\"http://api.gateway.com/users/sign_in\"");
            }
            stringBuffer.append(line);
        }

// Document document = Jsoup.parse(stringBuffer.toString());
// PrintWriter out=response.getWriter();
// out.println(document.outerHtml());
response.setContentType(“text/html;charset=utf-8”);
response.setHeader(“Access-Control-Expose-Headers”, “Cookie”);
Header[] headers = response1.getAllHeaders();
for (int i = 0; i < headers.length; i++) {
Header header = headers[i];
if (header.getName().equals(“Set-Cookie”)) {
response.setHeader(“Cookie”, header.getValue().split(";")[0]);
response.setHeader(“originCookie”, request.getHeader(“Cookie”));
}
}
EHCacheUtil.put(“html”, “loginHtml”, stringBuffer.toString());
} else {
String html = String.valueOf(EHCacheUtil.getValue(“html”, “loginHtml”));
Document document = Jsoup.parse(html);
response.setContentType(“text/html;charset=utf-8”);
response.setHeader(“originCookie”, request.getHeader(“Cookie”));
EHCacheUtil.remove(“html”, “loginHtml”);
PrintWriter out = response.getWriter();
out.println(document.outerHtml());
}

}

@RequestMapping("/newPage")
public void newHtml(HttpServletResponse response) throws Exception {
    InputStreamReader inputStreamReader = null;
    BufferedReader reader = null;
    String line = null;
    DefaultHttpClient httpClient = new DefaultHttpClient();
    HttpGet getParam = new HttpGet("http://api.gateway.com");
    CloseableHttpResponse response1 = httpClient.execute(getParam);
    InputStream inputStream1 = response1.getEntity().getContent();
    inputStreamReader = new InputStreamReader(inputStream1);
    reader = new BufferedReader(inputStreamReader);
    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();//此处可以用Stringbuffer等接收
    byte[] b = new byte[1024];
    int len = 0;
    while (true) {
        len = inputStream1.read(b);
        if (len == -1) {
            break;
        }
        byteArrayOutputStream.write(b, 0, len);
    }
    System.out.println(byteArrayOutputStream.toString());
    Document doc = Jsoup.parse(byteArrayOutputStream.toString());
    Elements formElement = doc.getElementsByAttributeValue("type", "hidden");
    String s = formElement.get(0).attr("value");
    String ss = formElement.get(1).attr("value");
    reader.close();
    inputStreamReader.close();
    inputStream1.close();
    //post 请求是登录操作
    HttpPost dologin = new HttpPost("http://api.gateway.com/users/sign_in");
    //httpClient.setParams();
    List<NameValuePair> list = new ArrayList<NameValuePair>();
    list.add(new BasicNameValuePair("authenticity_token", ss));
    list.add(new BasicNameValuePair("utf8", s));
    list.add(new BasicNameValuePair("user[login]", "root"));
    list.add(new BasicNameValuePair("user[password]", "hyhh2018"));
    list.add(new BasicNameValuePair("user[remember_me]", "0"));
    UrlEncodedFormEntity urlEncodedFormEntity = null;
    urlEncodedFormEntity = new UrlEncodedFormEntity(list);
    dologin.setEntity(urlEncodedFormEntity);
    Header[] headers = response1.getAllHeaders();
    for (int i = 0; i < headers.length; i++) {
        Header header = headers[i];
        if (header.getName().equals("Set-Cookie")) {
            dologin.setHeader("Cookie", header.getValue());
        }
    }
    CloseableHttpResponse response2 = httpClient.execute(dologin);
    InputStream inputStream2 = response2.getEntity().getContent();
    ByteArrayOutputStream byteArrayOutputStream1 = new ByteArrayOutputStream();//此处可以用Stringbuffer等接收
    byte[] b1 = new byte[1024];
    int len1 = 0;
    while (true) {
        len1 = inputStream2.read(b1);
        if (len1 == -1) {
            break;
        }
        byteArrayOutputStream1.write(b1, 0, len1);
    }
    System.out.println(byteArrayOutputStream1.toString());
    HttpGet get1 = new HttpGet("http://api.gateway.com/");
    CloseableHttpResponse response3 = httpClient.execute(get1);
    Header[] headers2 = response2.getAllHeaders();
    Map map = new HashMap();
    for (int i = 0; i < headers2.length; i++) {
        Header header = headers[i];
        if (header.getName().equals("Set-Cookie")) {
            String cookie = header.getValue();
            String mp = cookie.split(";")[0];
            map.put(mp.split("=")[0], mp.split("=")[1]);
            get1.setHeader("Cookie", header.getValue());
            response.setHeader("Cookie", cookie);
            System.out.println("cookies" + response.getHeader("Cookie"));
        }
    }
    System.err.println("get" + get1.getURI());
    InputStream inputStream3 = response3.getEntity().getContent();
    inputStreamReader = new InputStreamReader(inputStream3);
    StringBuffer stringBuffer = new StringBuffer();
    reader = new BufferedReader(inputStreamReader);
    while ((line = reader.readLine()) != null) {
        line = line.replaceAll("href=\"", "href=\"http://api.gateway.com");
        if (line.contains(
                "e64c7d89f26bd1972efa854d13d7dd61?")) {
            line = line.replace("src=\"data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\"", "");
            line = line.replace("data-src=\"https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=46&d=identicon\"", "src=\"https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=46&d=identicon\"");
        } else if (line.contains("src=\"/uploads/-/system/appearance/header_logo/1/1-1.png\"")) {
            line = line.replace(" src=\"data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\"", "");
            line =
                    line.replace(
                            "data-src=\"/uploads/-/system/appearance/header_logo/1/1-1.png\"",
                            "src=\"http://api.gateway.com/uploads/-/system/appearance/header_logo/1/1-1.png\"");
        } else {
            line = line.replaceAll("src=\"", "src=\"http://api.gateway.com");
        }
        System.out.println(line);
        stringBuffer.append(line);
    }
    Document document = Jsoup.parse(stringBuffer.toString());
    response.setContentType("text/html;charset=utf-8");
    response.setHeader("Access-Control-Expose-Headers", "Cookie");
    PrintWriter out = response.getWriter();
    out.println(document.outerHtml());
}

class MyCookieSpec extends DefaultCookieSpec {
    @Override
    public List<Cookie> parse(Header header, CookieOrigin cookieOrigin) throws MalformedCookieException {
        String value = header.getValue();
        String prefix = "Expires=";
        if (value.contains(prefix)) {
            String expires = value.substring(value.indexOf(prefix) + prefix.length());
            expires = expires.substring(0, expires.indexOf(";"));
            // String date = DateUtils.formatDate(new Date(expires),"EEE, dd-MMM-yy HH:mm:ss z");
            //value = value.replaceAll(prefix + "\\d{10};", prefix + date + ";");
        }
        header = new BasicHeader(header.getName(), value);
        return super.parse(header, cookieOrigin);
    }
}
 <div style="display: none" id="newPage">
    <iframe  frameborder="0" scrolling="yes" class="x-iframe" id="autoLoginFrame">
        </script>
    </iframe>
</div>//前端做一个隐藏的ifream 

$(document).ready(function() {
$.ajax({
url: “http://api.gateway.com/api/api-b/autoLogin/login”,
async: false,
type: “HEAD”,//请求登陆cookie
complete: function (xhr, data) {
// console.log(xhr);
wpoInfo = {
// 服务器端时间
“Cookie”: xhr.getResponseHeader(‘Cookie’),
“originCookie”: xhr.getResponseHeader(‘originCookie’),
// 如果开启了gzip,会返回这个东西
“contentEncoding”: xhr.getResponseHeader(‘Content-Encoding’),
// keep-alive ? close?
“connection”: xhr.getResponseHeader(‘Connection’),
// 响应长度
“contentLength”: xhr.getResponseHeader(‘Content-Length’),
// 服务器类型,apache?lighttpd?
“server”: xhr.getResponseHeader(‘Server’),
“vary”: xhr.getResponseHeader(‘Vary’),
“transferEncoding”: xhr.getResponseHeader(‘Transfer-Encoding’),
// text/html ? text/xml?
“contentType”: xhr.getResponseHeader(‘Content-Type’),
“cacheControl”: xhr.getResponseHeader(‘Cache-Control’),
// 生命周期?
“exprires”: xhr.getResponseHeader(‘Exprires’),
“lastModified”: xhr.getResponseHeader(‘Last-Modified’)
};
var cookies = wpoInfo.Cookie.split("=");
$.cookie(cookies[0], cookies[1].split(";")[0], {expires: 0.5, path: ‘/’});
if(wpoInfo.originCookie == null){
$("#autoLoginFrame").attr(“src”,"/api/api-b/autoLogin/login");//再次请求会从缓存中取出修改后的登陆页面实现自动登陆。
}

        }
    });
});

后台模拟登陆,拿到首页以及对应的cookie 因为gitlab是cookie交换登陆,现把它归集到统一域名下,用nginx 做一道转发,

评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值