From 21a4f665959984c0ea4531ced9869785ea9b71a7 Mon Sep 17 00:00:00 2001 From: click33 <2393584716@qq.com> Date: Sat, 27 Apr 2024 16:57:18 +0800 Subject: [PATCH] =?UTF-8?q?=E5=9C=A8=20sa-token.sso.is-check-sign=3Dfalse?= =?UTF-8?q?=20=E6=97=B6=EF=BC=8C=E6=8E=A7=E5=88=B6=E5=8F=B0=E5=B0=86?= =?UTF-8?q?=E8=BE=93=E5=87=BA=E9=86=92=E7=9B=AE=E7=9A=84=E8=AD=A6=E5=91=8A?= =?UTF-8?q?=E4=BF=A1=E6=81=AF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/java/cn/dev33/satoken/sso/SaSsoManager.java | 8 ++++++++ .../main/java/cn/dev33/satoken/sso/SaSsoProcessor.java | 6 ++++++ .../src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java | 7 +++++++ 3 files changed, 21 insertions(+) diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoManager.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoManager.java index 53f7234d..afd696f1 100644 --- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoManager.java +++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoManager.java @@ -41,6 +41,14 @@ public class SaSsoManager { } public static void setConfig(SaSsoConfig config) { SaSsoManager.config = config; + // 如果配置了 is-check-sign=false,则打印一条警告日志 + if ( ! config.getIsCheckSign()) { + System.err.println("-----------------------------------------------------------------------------"); + System.err.println("警告信息:"); + System.err.println("当前配置项 sa-token.sso.is-check-sign=false 代表跳过 SSO 参数签名校验"); + System.err.println("此模式仅为方便本地调试使用,生产环境下请务必配置为 true (配置项默认为true)"); + System.err.println("-----------------------------------------------------------------------------"); + } } } diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java index fc843d4f..cd276637 100644 --- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java +++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java @@ -143,6 +143,8 @@ public class SaSsoProcessor { if(ssoTemplate.getSsoConfig().getIsCheckSign()) { ssoTemplate.getSignTemplate().checkRequest(req, paramName.client, paramName.ticket, paramName.ssoLogoutCall); + } else { + ssoTemplate.printNoCheckSignWarning(); } // 3、校验ticket,获取 loginId @@ -215,6 +217,8 @@ public class SaSsoProcessor { // step.1 校验签名 if(ssoTemplate.getSsoConfig().getIsCheckSign()) { ssoTemplate.getSignTemplate().checkRequest(req, paramName.loginId); + } else { + ssoTemplate.printNoCheckSignWarning(); } // step.2 单点注销 @@ -398,6 +402,8 @@ public class SaSsoProcessor { // 校验参数签名 if(ssoTemplate.getSsoConfig().getIsCheckSign()) { ssoTemplate.getSignTemplate().checkRequest(req, paramName.loginId); + } else { + ssoTemplate.printNoCheckSignWarning(); } // 注销当前应用端会话 diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java index 8d66618f..4ee27e98 100644 --- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java +++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoTemplate.java @@ -612,6 +612,13 @@ public class SaSsoTemplate { } + // 在 sa-token.sso.is-check-sign=false 时,输出警告信息 + public void printNoCheckSignWarning() { + System.err.println("警告信息:当前配置项 sa-token.sso.is-check-sign=false 已跳过参数签名校验," + + "此模式仅为方便本地调试使用,生产环境下请务必配置为 true (配置项默认为true)"); + } + + // -------- 以下方法已废弃,仅为兼容旧版本而保留 -------- /**