Merge pull request #12050 from dataease/pr@dev@fix_cas_report_task

fix(X-Pack): CAS登录用户使用定时报告无效

core/backend/src/main/java/io/dataease/auth/config/cas/CasStrategy.java

@@ -1,9 +1,14 @@
 package io.dataease.auth.config.cas;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.Claim;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import io.dataease.auth.service.impl.ShiroServiceImpl;
 import io.dataease.commons.utils.CommonBeanFactory;
+import io.dataease.commons.utils.LogUtil;
 import io.dataease.commons.utils.ServletUtils;
 import io.dataease.service.system.SystemParameterService;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.util.AntPathMatcher;
 import org.jasig.cas.client.authentication.UrlPatternMatcherStrategy;
@@ -38,9 +43,9 @@ public class CasStrategy implements UrlPatternMatcherStrategy {
             s = s.substring(beginIndex + serverName.length());
         }
         if (StringUtils.equals("/", s)) {
-            if (fromLink(serverName)) return true;
+            return fromLink(serverName);
-            return false;
         }
+        if (fromShot()) return true;
         if (StringUtils.equals("/login", s)) return false;
         if (StringUtils.startsWith(s, "/cas/callBack")) return false;
         if (StringUtils.equals("/api/auth/deLogout", s)) return true;
@@ -74,4 +79,17 @@ public class CasStrategy implements UrlPatternMatcherStrategy {
         }
         return false;
     }
+
+    private Boolean fromShot() {
+        String token = ServletUtils.getToken();
+        if (StringUtils.isBlank(token)) return false;
+        try {
+            DecodedJWT jwt = JWT.decode(token);
+            Claim forShot = jwt.getClaim("forShot");
+            return ObjectUtils.isNotEmpty(forShot) && forShot.asBoolean();
+        } catch (Exception e) {
+            LogUtil.error(e.getMessage());
+            return false;
+        }
+    }
 }

core/backend/src/main/java/io/dataease/auth/util/JWTUtils.java

@@ -125,6 +125,18 @@ public class JWTUtils {
         return IPUtils.get();
     }
 
+    public static String signShotToken(TokenInfo tokenInfo, String secret) {
+        Long userId = tokenInfo.getUserId();
+        long expireTimeMillis = getExpireTime();
+        Date date = new Date(System.currentTimeMillis() + expireTimeMillis);
+        Algorithm algorithm = Algorithm.HMAC256(secret);
+        Builder builder = JWT.create()
+                .withClaim("username", tokenInfo.getUsername())
+                .withClaim("forShot", true)
+                .withClaim("userId", userId);
+        return builder.withExpiresAt(date).sign(algorithm);
+    }
+
     public static String sign(TokenInfo tokenInfo, String secret, boolean writeOnline) {
 
         Long userId = tokenInfo.getUserId();

core/backend/src/main/java/io/dataease/job/sechedule/strategy/impl/EmailTaskHandler.java

@@ -435,9 +435,7 @@ public class EmailTaskHandler extends TaskHandler implements Job {
 
     private String tokenByUser(SysUserEntity user) {
         TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(user.getUsername()).build();
-        String token = JWTUtils.sign(tokenInfo, user.getPassword(), false);
+        return JWTUtils.signShotToken(tokenInfo, user.getPassword());
-
-        return token;
     }
 
     private String panelUrl(String panelId) {
@@ -445,4 +443,10 @@ public class EmailTaskHandler extends TaskHandler implements Job {
         return domain + "/#/previewScreenShot/" + panelId + "/true";
     }
 
+    public static void main(String[] args) {
+        TokenInfo tokenInfo = TokenInfo.builder().userId(1L).username("admin").build();
+        String contextPath = JWTUtils.signShotToken(tokenInfo, "ae8000252199d4f2aa00e3b99e6f9934");
+        System.out.println(contextPath);
+    }
+
 }

core/frontend/public/link.html

@@ -29,30 +29,39 @@
     }
     return (false)
   }
-  const link = getQueryVariable('link')
+  const shot = getQueryVariable('shot')
-  const user = getQueryVariable('user')
+  if (shot) {
-  const terminal = getQueryVariable('terminal')
+    const panelId = getQueryVariable('panelId')
-  const attachParams = getQueryVariable('attachParams')
+    const baseUrl = window.location.pathname.replace('link.html', '')
-  const fromLink = getQueryVariable('fromLink')
+    const shoturl = baseUrl + "#/previewScreenShot/" + panelId + "/true"
-  const ticket = getQueryVariable('ticket')
+    window.location.href = shoturl
-  const baseUrl = window.location.pathname.replace('link.html', '')
+  } else {
-  let url = baseUrl + "#/delink?link=" + encodeURIComponent(link)
+    const link = getQueryVariable('link')
-  if (terminal) {
+    const user = getQueryVariable('user')
-    url += '&terminal=' + terminal
+    const terminal = getQueryVariable('terminal')
+    const attachParams = getQueryVariable('attachParams')
+    const fromLink = getQueryVariable('fromLink')
+    const ticket = getQueryVariable('ticket')
+    const baseUrl = window.location.pathname.replace('link.html', '')
+    let url = baseUrl + "#/delink?link=" + encodeURIComponent(link)
+    if (terminal) {
+      url += '&terminal=' + terminal
+    }
+    if (user) {
+      url += '&user=' + encodeURIComponent(user)
+    }
+    if (attachParams) {
+      url += '&attachParams=' + encodeURIComponent(attachParams)
+    }
+    if (fromLink) {
+      url += '&fromLink=' + fromLink
+    }
+    if (ticket) {
+      url += '&ticket=' + ticket
+    }
+    window.location.href = url
   }
-  if (user) {
+  
-    url += '&user=' + encodeURIComponent(user)
-  }
-  if (attachParams) {
-    url += '&attachParams=' + encodeURIComponent(attachParams)
-  }
-  if (fromLink) {
-    url += '&fromLink=' + fromLink
-  }
-  if (ticket) {
-    url += '&ticket=' + ticket
-  }
-  window.location.href = url
 </script>
 
 </html>