1. 程式人生 > >ArcGIS Server Rest 認證過程分析

ArcGIS Server Rest 認證過程分析



1.
http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=
Request Method: POST
Status Code: 302 Found
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade


Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 290
Content-Type: application/x-www-form-urlencoded
Host: 192.168.1.220:6080
Origin:

http://192.168.1.220:6080
Referer: http://192.168.1.220:6080/arcgis/admin/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36


password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91
username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a
encrypted: true

----------------------------------

Content-Length: 0
Date: Sat, 08 Dec 2018 08:03:55 GMT
Location: http://192.168.1.220:6080/arcgis/admin/
Server:
Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly
Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block


2.
http://192.168.1.220:6080/arcgis/admin/


Request URL: http://192.168.1.220:6080/arcgis/admin/
Request Method: GET
Status Code: 200 OK
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade


Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..
Host: 192.168.1.220:6080
Referer: http://192.168.1.220:6080/arcgis/admin/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36


----------------------------------

Content-Length: 4246
Content-Type: text/html;charset=utf-8
Date: Sat, 08 Dec 2018 08:03:55 GMT
Server:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block


3.
http://192.168.1.220:6080/arcgis/admin/machines

Request URL: http://192.168.1.220:6080/arcgis/admin/machines
Request Method: GET
Status Code: 200 OK
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade


Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: keep-alive
Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..
Host: 192.168.1.220:6080
Referer: http://192.168.1.220:6080/arcgis/admin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36


-----------------------------------

Content-Length: 2566
Content-Type: text/html;charset=utf-8
Date: Sat, 08 Dec 2018 09:25:32 GMT
Server:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block



4.獲取認證


public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException {        
        String token = "";
        List<String> cookieTokenList = new LinkedList<String>();
        HttpPost httpPost = null;
        try {
            HttpClient httpClient = HttpClients.createDefault();   //HttpClientBuilder.create().   // new DefaultHttpClient();      
            String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri();
            httpPost = new HttpPost(tokenServiceUri);
            // 構造訊息頭       
            //httpPost.setHeader("Referer", "*");
            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
            //
            //
            List<NameValuePair> param = new ArrayList<NameValuePair>();
            param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername()));
            param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword()));
            param.add(new BasicNameValuePair("encrypted","false"));
            param.add(new BasicNameValuePair("f","json"));            
            UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");
            httpPost.setEntity(postEntity);            
            //
            HttpResponse response = httpClient.execute(httpPost);
                
            // 檢驗返回碼
            int statusCode = response.getStatusLine().getStatusCode();
            if(statusCode != HttpStatus.SC_OK){
                System.out.println("請求出錯: "+statusCode);                
            }else{
                System.out.println("---------------------------------------------------------------");
                for(Header header : response.getAllHeaders()){
                    System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue());
                    if(header.getName().equals("Set-Cookie")){
                        String cookieValue = header.getValue();
                        cookieTokenList.add(cookieValue.split(";")[0]);
                    }
                }
                System.out.println("---------------------------------------------------------------");
                String content = EntityUtils.toString(response.getEntity());
                System.out.println(content);                
            }
        } catch (Exception e) {
            e.printStackTrace();
        }finally{
            if(httpPost != null){
                try {
                    httpPost.releaseConnection();
                    Thread.sleep(500);
                } catch (InterruptedException e) {
                    e.printStackTrace();
                }
            }
        }
        return cookieTokenList;
    }


5.獲取伺服器資訊

public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap,
            Map<String, String> parameterMap) throws IOException {
        String content = null;
        /*
         * HttpPost httpPost = null; try { HttpClient httpClient =
         * HttpClients.createDefault(); httpPost = new HttpPost(url); // 構造訊息頭
         * //httpPost.setHeader("Referer", "*"); List<Header> headerList =
         * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type",
         * "application/x-www-form-urlencoded")); Header[]
         * headers=headerList.toArray(new Header[headerList.size()]);
         * httpPost.setHeaders(headers); // // List<NameValuePair> param =
         * getParam(parameterMap); param.add(new BasicNameValuePair("f","json"));
         * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");
         * httpPost.setEntity(postEntity); // HttpResponse response =
         * httpClient.execute(httpPost);
         * 
         * // 檢驗返回碼 int statusCode = response.getStatusLine().getStatusCode();
         * if(statusCode != HttpStatus.SC_OK){ System.out.println("請求出錯: "+statusCode);
         * }else{ System.out.println(
         * "---------------------------------------------------------------");
         * for(Header header : response.getAllHeaders()){ System.out.println("Key : " +
         * header.getName() + " ,Value : " + header.getValue()); } System.out.println(
         * "---------------------------------------------------------------"); content =
         * EntityUtils.toString(response.getEntity()); System.out.println(content); } }
         * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){
         * try { httpPost.releaseConnection(); Thread.sleep(500); } catch
         * (InterruptedException e) { e.printStackTrace(); } } }
         */

        URL urlObj = new URL(url);
        HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection();

        try {
            if (httpURLConnection instanceof HttpsURLConnection) {
                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;
                SSLContext sc = SSLContext.getInstance("SSL");
                sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());
                httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory());
                httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier());
            }

        } catch (NoSuchAlgorithmException | KeyManagementException e) {
            e.printStackTrace();
        }
        httpURLConnection.setConnectTimeout(5000);
        httpURLConnection.setReadTimeout(10000);
        httpURLConnection.setRequestMethod("POST");
        //
        Iterator<Entry<String, String>> it = headerMap.entrySet().iterator();
        while (it.hasNext()) {
            Entry<String, String> parmEntry = it.next();
            httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue());
        }
        //
        String formData = "f=json";
        it = parameterMap.entrySet().iterator();
        while (it.hasNext()) {
            Entry<String, String> parmEntry = it.next();
            formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8");
        }

        byte[] bytes = formData.getBytes("UTF-8");
        // if it is a POST request

        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);

        OutputStream outputStream = httpURLConnection.getOutputStream();
        outputStream.write(bytes);
        //

        InputStream inputStream = httpURLConnection.getInputStream();
        Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));
        StringBuilder contentStringBuilder = new StringBuilder();
        char[] buffer = new char[5000];
        int n;
        while ((n = reader.read(buffer)) != -1) {
            contentStringBuilder.append(buffer, 0, n);
        }
        reader.close();
        content = contentStringBuilder.toString();

        return content;
    }


6.前端介面

@PostMapping(path = "/generateAdminToken")
    // @ResponseBody
    public ResultInfo generateAdminToken(@RequestParam String id) {
        ResultInfo resultInfo = new ResultInfo();
        try {                        
            GisServer gisServer = gisServerService.getById(id);
            TokenUtil tokenUtil = new TokenUtil();
            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());
            serverCredentialsInfo.setUsername(gisServer.getUsername());
            serverCredentialsInfo.setPassword(gisServer.getPassword());
            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");
            List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");            
            resultInfo.setStatus(token == null ? "fail" : "success");
            resultInfo.setData(token);
//            if (result) {
//
//            }
        } catch (Exception e) {
            e.printStackTrace();
            resultInfo.setStatus("fail");
            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));
        }
        return resultInfo;
    }
    
    
    @PostMapping(path = "/machines")
    // @ResponseBody
    public ResultInfo getMachines(@RequestParam String id) {
        ResultInfo resultInfo = new ResultInfo();
        try {                        
            GisServer gisServer = gisServerService.getById(id);
            TokenUtil tokenUtil = new TokenUtil();
            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());
            serverCredentialsInfo.setUsername(gisServer.getUsername());
            serverCredentialsInfo.setPassword(gisServer.getPassword());
            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");
            List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");    
            //
            Map<String, String> headerMap = new HashMap<String, String>();
            headerMap.put("Cookie", StringUtils.join(tokens, ";"));
//            for(String token : tokens) {
//                
//            }
            Map<String, String> cookieMap = new HashMap<String, String>();
            Map<String, String> parameterMap = new HashMap<String, String>();
            headerMap.put("f", "json");
            String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap,  cookieMap, parameterMap);    
                        
            resultInfo.setStatus(content == null ? "fail" : "success");
            resultInfo.setData(content);
//            if (result) {
//
//            }
        } catch (Exception e) {
            e.printStackTrace();
            resultInfo.setStatus("fail");
            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));
        }
        return resultInfo;
    }