From 381255a449b9095860d2a20e945296626fce90df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=BB=84=E6=B5=B7?= <10402852@qq.com>
Date: Tue, 17 Dec 2024 13:45:34 +0800
Subject: [PATCH] 'commit'

---
 .../dsideal/sso/Controller/WebLoginController.java | 11 +++++++++++
 .../java/com/dsideal/sso/Model/LoginModel.java     | 14 ++++++++++++--
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/dsideal/sso/Controller/WebLoginController.java b/src/main/java/com/dsideal/sso/Controller/WebLoginController.java
index a398e11..d05fa5f 100644
--- a/src/main/java/com/dsideal/sso/Controller/WebLoginController.java
+++ b/src/main/java/com/dsideal/sso/Controller/WebLoginController.java
@@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import com.dsideal.sso.Interceptor.EmptyInterface;
+import com.dsideal.sso.Model.LoginModel;
 import com.dsideal.sso.Util.AesUtil;
 import com.dsideal.sso.Util.CaptchaUtil;
 import com.dsideal.sso.Util.CommonUtil;
@@ -26,6 +27,8 @@ import com.jfinal.kit.PropKit;
 
 @ApiDoc
 public class WebLoginController extends Controller {
+    LoginModel lm = new LoginModel();
+
     /**
      * 跳转到登录页
      */
@@ -46,6 +49,14 @@ public class WebLoginController extends Controller {
                 redirect301(redirect_url + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString());
             }
         } else {
+            //检查重定向地址是不是有效
+            if (lm.getSystemByRedirectUrl(redirect_url) == null) {
+                JSONObject resultJson = new JSONObject();
+                resultJson.put("success", false);
+                resultJson.put("msg", "输入的回调地址并不在允许接入的业务系统范围内，请先联系管理员添加到接入系统中再试！");
+                renderJson(resultJson);
+                return;
+            }
             redirect_url = CommonUtil.handleRedirectUrlParas(redirect_url);
             redirect("/html/login.html?redirect_url=" + redirect_url);
         }
diff --git a/src/main/java/com/dsideal/sso/Model/LoginModel.java b/src/main/java/com/dsideal/sso/Model/LoginModel.java
index 6a4b209..2e684ea 100644
--- a/src/main/java/com/dsideal/sso/Model/LoginModel.java
+++ b/src/main/java/com/dsideal/sso/Model/LoginModel.java
@@ -20,8 +20,8 @@ public class LoginModel {
      * @param userName
      * @return
      */
-    public Map<String,String>  getLoginInfoByUserName(String userName) {
-        Map<String,String> loginMap = new HashMap<>();
+    public Map<String, String> getLoginInfoByUserName(String userName) {
+        Map<String, String> loginMap = new HashMap<>();
         String sql = Db.getSql("login.getLoginInfoByUserName");
         Record record = Db.findFirst(sql, userName);
         loginMap.put("person_id", record.get("person_id").toString());
@@ -47,4 +47,14 @@ public class LoginModel {
         return record.getStr("global_value");
     }
 
+    /**
+     * 功能：通过重定向地址获取系统信息
+     *
+     * @param redirect_url 重定向地址
+     * @return
+     */
+    public Record getSystemByRedirectUrl(String redirect_url) {
+        String sql = "select * from t_datashare_system where  redirect_url=?";
+        return Db.findFirst(sql, redirect_url);
+    }
 }