JSP for Discourse SSO
来源:互联网 发布:淘宝中小卖家生存现状 编辑:程序博客网 时间:2024/05/17 01:26
因为JAVA的Base64实现和Ruby不同,在使用SSO时会有异常,根据meta.discoursecn.org管理员的指点及资料查阅和代码分析,实现如下:
<%@ page contentType="text/html; charset=utf-8" %><%@ page import="org.apache.commons.codec.binary.Base64" %><%@ page import="org.apache.commons.codec.binary.Hex" %><%@ page import="javax.crypto.Mac" %><%@ page import="javax.crypto.spec.SecretKeySpec" %><%@ page import="java.io.UnsupportedEncodingException" %><%@ page import="java.net.URLDecoder" %><%@ page import="java.net.URLEncoder" %><%@ page import="java.security.InvalidKeyException" %><%@ page import="java.security.NoSuchAlgorithmException" %><% response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", -1); Info info = (Info) session.getAttribute("Info"); if (info == null) { response.sendRedirect("login.html"); return; } String key = "yourssosecret"; String payload = request.getParameter("sso"); String sig = request.getParameter("sig"); if (payload == null || sig == null) { response.getWriter().println("error parameter"); return; } if (!checksum(key, payload).equals(sig)) { response.getWriter().println("checksum failed"); return; } String urlDecode = URLDecoder.decode(payload, "UTF-8"); String nonce = new String(Base64.decodeBase64(urlDecode)); String urlEncode = nonce + "&name=" + URLEncoder.encode(info.name, "UTF-8") + "&username=" + URLEncoder.encode(info.nickname, "UTF-8") + "&email=" + URLEncoder.encode(info.email, "UTF-8") + "&external_id=" + URLEncoder.encode(info.id + "", "UTF-8"); String urlBase64 = new String(Base64.encodeBase64(urlEncode.getBytes("UTF-8"))); int length = 0; int maxLength = urlBase64.length(); final int STEP = 60; String urlBase64Encode = ""; while (length < maxLength) { urlBase64Encode += urlBase64.substring(length, length + STEP < maxLength ? length + STEP : maxLength) + "\n"; length += STEP; } response.sendRedirect("http://yoursite.com/session/sso_login?sso=" + URLEncoder.encode(urlBase64Encode, "UTF-8") + "&sig=" + checksum(key, urlBase64Encode));%><%! String checksum(String macKey, String macData) throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException { Mac mac = Mac.getInstance("HmacSHA256"); byte[] keyBytes = macKey.getBytes("UTF-8"); byte[] dataBytes = macData.getBytes("UTF-8"); SecretKeySpec secretKey = new SecretKeySpec(keyBytes, "HmacSHA256"); mac.init(secretKey); byte[] doFinal = mac.doFinal(dataBytes); byte[] hexBytes = new Hex().encode(doFinal); return new String(hexBytes); }%>
0 0
- JSP for Discourse SSO
- discourse
- [NLP论文阅读] Discourse-Based Objectives for Fast Unsupervised Sentence Representation Learning
- Discourse CentOS 安装记录
- SUSE Linux + Docker + Discourse
- EBS SSO屏蔽ApplLocalLogin.jsp登录
- sso
- SSO
- SSO
- SSO
- SSO
- sso
- SSO
- SSO
- SSO
- SSO
- sso
- SSO
- 获得系统的音乐
- C#猜系统出的随机数
- 数据结构C++版第五章笔记
- PHP的数组结构是用哈希表实现的
- C语言常用转义字符表
- JSP for Discourse SSO
- 【重磅】移动网络性能揭秘(下)--网络协议及性能提升实践
- oracle 11g RAC手动卸载grid,no deinstall
- Mac OS X 10.10 安装 gdb
- ARM汇编指令
- Cstring转int型问题(error C2664: “atoi”: 不能将参数 1 从“CString”转换为“const char *”))
- 学习网址
- redis持久化
- PHP的哈希表实现