[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析

Posted 朱清云的技术博客

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析相关的知识,希望对你有一定的参考价值。

在上个章节《[6]深入浅出工作开源框架Camunda: 如何远程Debug camunda-webapp的源代码》笔者解释了如何进行Camunda的远程Debug,这个章节笔者给大家分享如何进行camunda-webapp 用户登录功能代码分析. 首先还是输入,http://127.0.0.1:8080/camunda/app/welcome/default/#!/login

点击“Login” 按钮后,其会执行下面的代码:

package org.camunda.bpm.webapp.impl.security.auth;

import java.util.ArrayList;
import java.util.List;
import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.identity.Group;
import org.camunda.bpm.engine.identity.Tenant;
import org.camunda.bpm.engine.rest.exception.InvalidRequestException;
import org.camunda.bpm.webapp.impl.util.ProcessEngineUtil;

/**
 * Jax-Rs resource allowing users to authenticate with username and password</p>
 *
 * @author Daniel Meyer
 *
 */
@Path(UserAuthenticationResource.PATH)
public class UserAuthenticationResource 

  public static final String PATH = "/auth/user";

  @Context
  protected HttpServletRequest request;

  @GET
  @Path("/processEngineName")
  public Response getAuthenticatedUser(@PathParam("processEngineName") String engineName) 
    Authentications allAuthentications = Authentications.getCurrent();

    if (allAuthentications == null) 
      return notFound();
    

    Authentication engineAuth = allAuthentications.getAuthenticationForProcessEngine(engineName);

    if (engineAuth == null) 
      return notFound();
     else 
      return Response.ok(AuthenticationDto.fromAuthentication(engineAuth)).build();
    
  

  @POST
  @Path("/processEngineName/login/appName")
  public Response doLogin(
      @PathParam("processEngineName") String engineName,
      @PathParam("appName") String appName,
      @FormParam("username") String username,
      @FormParam("password") String password) 

    final ProcessEngine processEngine = ProcessEngineUtil.lookupProcessEngine(engineName);
    if(processEngine == null) 
      throw new InvalidRequestException(Status.BAD_REQUEST, "Process engine with name "+engineName+" does not exist");
    

    // make sure authentication is executed without authentication :)
    processEngine.getIdentityService().clearAuthentication();

    // check password / username
    boolean isPasswordValid = processEngine.getIdentityService().checkPassword(username, password);

    if (!isPasswordValid) 
      return unauthorized();
    

    AuthenticationService authenticationService = new AuthenticationService();
    UserAuthentication authentication = (UserAuthentication) authenticationService.createAuthenticate(processEngine, username, null, null);

    Set<String> authorizedApps = authentication.getAuthorizedApps();

    if (!authorizedApps.contains(appName)) 
      return forbidden();
    

    if (request != null) 
      Authentications.revalidateSession(request, authentication);
    

    return Response.ok(AuthenticationDto.fromAuthentication(authentication)).build();
  

  protected List<String> getGroupsOfUser(ProcessEngine engine, String userId) 
    List<Group> groups = engine.getIdentityService().createGroupQuery()
      .groupMember(userId)
      .list();

    List<String> groupIds = new ArrayList<String>();
    for (Group group : groups) 
      groupIds.add(group.getId());
    
    return groupIds;
  

  protected List<String> getTenantsOfUser(ProcessEngine engine, String userId) 
    List<Tenant> tenants = engine.getIdentityService().createTenantQuery()
      .userMember(userId)
      .includingGroupsOfUser(true)
      .list();

    List<String> tenantIds = new ArrayList<String>();
    for(Tenant tenant : tenants) 
      tenantIds.add(tenant.getId());
    
    return tenantIds;
  

  @POST
  @Path("/processEngineName/logout")
  public Response doLogout(@PathParam("processEngineName") String engineName) 
    final Authentications authentications = Authentications.getCurrent();

    // remove authentication for process engine
    authentications.removeAuthenticationForProcessEngine(engineName);

    return Response.ok().build();
  

  protected Response unauthorized() 
    return Response.status(Status.UNAUTHORIZED).build();
  

  protected Response forbidden() 
    return Response.status(Status.FORBIDDEN).build();
  

  protected Response notFound() 
    return Response.status(Status.NOT_FOUND).build();

上面代码来自于类UserAuthenticationResource, 其会调用doLogin() 方法,整体认证流程如下如所示意!

创作打卡挑战赛 赢取流量/现金/CSDN周边激励大奖

以上是关于[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析的主要内容,如果未能解决你的问题,请参考以下文章

[7]深入浅出工作开源框架Camunda: camunda-webapp 用户登录功能代码分析

[5]深入浅出工作开源框架Camunda: 解读 camunda-webapp 笔记

[3] 深入浅出工作开源框架Camunda: Camunda 切换到MySQL数据库

[6]深入浅出工作开源框架Camunda: 如何远程Debug camunda-webapp的源代码

[12]深入浅出工作开源框架Camunda: 使用Arthas监控Camunda

[12]深入浅出工作开源框架Camunda: 使用Arthas监控Camunda