Discuz!论坛通行证与JSP网站的整合
需求:现有行业应用网站一个,使用JSP开发,假设网址为app.com;及Discuz论坛一个,使用PHP开发,假设网址为bbs.com。 现在希望将应用网站和论坛的用户进行整合,即,如果用户在应用网站已经登录,那么从应用网站点击链接进入论坛后将直接成为登录状态。
Discuz论坛提供的Passport(通行证)接口可以很好的实现上述需求。通行证可以在Discuz论坛的系统设置中开启,开启通行证之后的论坛将不再接受除管理员以外的用户的登录请求,而与应用网站进行统一登录管理。整合之后的用户注册、登录、注销流程,请阅读参考资料[1]。下面介绍实现的整个流程,并给出关键代码。
1 开发DiscuzPassport及Encryption两个类,实现与Discuz一致的数据加密。原始代码由参考资料[2]给出,这里对其进行了一定程度的修改。
-----DiscuzPassport.java-----
import java.io.UnsupportedEncodingException;
import java.util.Map;
import java.util.Iterator;
import java.util.Random;
import java.util.Set;
import sun.misc.BASE64Decoder;
public class DiscuzPassport {
public static String encrypt(String src, String key) {
Random random = new Random();
random.setSeed(System.currentTimeMillis());
String rand = "" + random.nextInt() % 32000;
String encKey = Encryption.generateKey(rand, "MD5");
int ctr = 0;
String tmp = "";
for (int i = 0; i < src.length(); i++) {
ctr = (ctr == encKey.length() ? 0 : ctr);
tmp += encKey.charAt(ctr);
char c = (char) (src.charAt(i) ^ encKey.charAt(ctr));
tmp += c;
ctr++;
}
String passportKey = passportKey(tmp, key);
return new sun.misc.BASE64Encoder().encode(passportKey.getBytes());
}
public static String decrypt(String src, String key) {
byte[] bytes = null;
try {
bytes = new BASE64Decoder().decodeBuffer(src);
src = new String(bytes);
} catch (Exception e) {
return null;
}
src = passportKey(src, key);
String tmp = "";
for (int i = 0; i < src.length(); ++i) {
char c = (char) (src.charAt(i) ^ src.charAt(++i));
tmp += c;
}
return tmp;
}
public static String passportKey(String src, String key) {
String encKey = Encryption.generateKey(key, "MD5");
int ctr = 0;
String tmp = "";
for (int i = 0; i < src.length(); ++i) {
ctr = (ctr == encKey.length() ? 0 : ctr);
char c = (char) (src.charAt(i) ^ encKey.charAt(ctr));
tmp += c;
ctr++;
}
return tmp;
}
public static String passportEncode(Map data) {
Set keys = data.keySet();
String key = "";
String ret = "";
Iterator iterator = keys.iterator();
while (iterator.hasNext()) {
key = (String) iterator.next();
try
{
ret += key + "=" + (String) data.get(key) + "&";
}
catch (Exception e)
{
return "";
}
}
if (ret.length() > 0)
return ret.substring(0, ret.length() - 1);
return "";
}
}
------------------------------
-----Encryption.java-----
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class Encryption {
public static String generateKey(String src, String algorithm) {
MessageDigest m = null;
try
{
m = MessageDigest.getInstance(algorithm);
m.update(src.getBytes("UTF8"));
}
catch