Add feature to support DSS SSO integration standard with DolphinScheduler.

wushengyeyouya · zqburde · commit 681273b49613 · 2022-11-18T14:59:15.000+08:00
diff --git a/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/pom.xml b/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/pom.xml
@@ -33,6 +33,34 @@
             <groupId>org.apache.dolphinscheduler</groupId>
             <artifactId>dolphinscheduler-api</artifactId>
             <version>${dolphinscheduler.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.webank.wedatasphere.dss</groupId>
+            <artifactId>spring-origin-sso-integration-plugin</artifactId>
+            <version>${dss.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>mysql</groupId>
+                    <artifactId>mysql-connector-java</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <artifactId>spring-webmvc</artifactId>
+                    <groupId>org.springframework</groupId>
+                </exclusion>
+                <exclusion>
+                    <artifactId>spring-context-support</artifactId>
+                    <groupId>org.springframework</groupId>
+                </exclusion>
+                <exclusion>
+                    <artifactId>spring-aop</artifactId>
+                    <groupId>org.springframework</groupId>
+                </exclusion>
+            </exclusions>
         </dependency>
     </dependencies>
 
@@ -51,6 +79,25 @@
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jar-plugin</artifactId>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <version>2.3</version>
+                <configuration>
+                    <descriptorRefs>
+                        <descriptorRef>jar-with-dependencies</descriptorRef>
+                    </descriptorRefs>
+                </configuration>
+                <executions>
+                    <execution>
+                        <id>assembly</id>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>single</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
         <resources>
             <resource>
diff --git a/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/src/main/java/org/apache/dolphinscheduler/api/configuration/DssSSOConfiguration.java b/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/src/main/java/org/apache/dolphinscheduler/api/configuration/DssSSOConfiguration.java
@@ -0,0 +1,25 @@
+package org.apache.dolphinscheduler.api.configuration;
+
+import com.webank.wedatasphere.dss.standard.app.sso.plugin.filter.SSOPluginFilter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author enjoyyin
+ * @date 2022-11-16
+ * @since 1.1.1
+ */
+@Configuration
+public class DssSSOConfiguration {
+
+    @Bean
+    public FilterRegistrationBean<SSOPluginFilter> dssSSOInterceptor(@Autowired SSOPluginFilter ssoPluginFilter) {
+        FilterRegistrationBean<SSOPluginFilter> filter = new FilterRegistrationBean<>();
+        filter.setName("dssSSOFilter");
+        filter.setFilter(ssoPluginFilter);
+        filter.setOrder(-1);
+        return filter;
+    }
+}
diff --git a/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/src/main/java/org/apache/dolphinscheduler/api/interceptor/DolphinSchedulerHttpRequestUserInterceptor.java b/plugins/dolphinscheduler/dolphinscheduler-prod-metrics/src/main/java/org/apache/dolphinscheduler/api/interceptor/DolphinSchedulerHttpRequestUserInterceptor.java
@@ -0,0 +1,72 @@
+package org.apache.dolphinscheduler.api.interceptor;
+
+import com.webank.wedatasphere.dss.standard.app.sso.plugin.filter.HttpRequestUserInterceptor;
+import org.apache.commons.lang.ArrayUtils;
+import org.apache.dolphinscheduler.api.controller.BaseController;
+import org.apache.dolphinscheduler.api.enums.Status;
+import org.apache.dolphinscheduler.api.exceptions.ServiceException;
+import org.apache.dolphinscheduler.api.security.Authenticator;
+import org.apache.dolphinscheduler.api.service.SessionService;
+import org.apache.dolphinscheduler.common.Constants;
+import org.apache.dolphinscheduler.dao.entity.User;
+import org.apache.dolphinscheduler.dao.mapper.UserMapper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+/**
+ * @author enjoyyin
+ * @date 2022-11-16
+ * @since 1.1.1
+ */
+@Component
+public class DolphinSchedulerHttpRequestUserInterceptor implements HttpRequestUserInterceptor {
+
+    private Logger logger = LoggerFactory.getLogger(getClass());
+
+    @Autowired
+    private UserMapper userMapper;
+    @Autowired
+    private Authenticator authenticator;
+    @Autowired
+    private SessionService sessionService;
+
+    @Override
+    public HttpServletRequest addUserToRequest(String user, HttpServletRequest req) {
+        logger.info("try to add a new session.id for DSS user {}.", user);
+        User userObj = userMapper.queryByUserNameAccurately(user);
+        if(userObj == null) {
+            logger.error("DSS user {} is not exists in DolphinScheduler db.", user);
+            throw new ServiceException(Status.USER_NOT_EXIST);
+        }
+        String sessionId = sessionService.createSession(userObj, BaseController.getClientIpAddress(req));
+        Cookie cookie = new Cookie(Constants.SESSION_ID, sessionId);
+        cookie.setHttpOnly(true);
+        logger.info("added a new session.id {} for DSS user {}.", sessionId, user);
+        return new HttpServletRequestWrapper(req) {
+            @Override
+            public Cookie[] getCookies() {
+                return (Cookie[]) ArrayUtils.add(super.getCookies(), cookie);
+            }
+        };
+    }
+
+    @Override
+    public boolean isUserExistInSession(HttpServletRequest req) {
+        return authenticator.getAuthUser(req) != null;
+    }
+
+    @Override
+    public String getUser(HttpServletRequest req) {
+        User user = authenticator.getAuthUser(req);
+        if(user != null) {
+            return user.getUserName();
+        }
+        return null;
+    }
+}
