fix ldap bug

km-common/src/main/java/com/xiaojukeji/know/streaming/km/common/utils/ValidateUtils.java

@@ -2,6 +2,7 @@ package com.xiaojukeji.know.streaming.km.common.utils;
 
 import org.apache.commons.lang.StringUtils;
 
+import java.lang.reflect.Array;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Map;
@@ -56,6 +57,18 @@ public class ValidateUtils {
         return false;
     }
 
+    public static <T> boolean isNotEmpty(T[] array) {
+        return !isEmpty(array);
+    }
+
+    public static boolean isEmpty(Object[] array) {
+        return getLength(array) == 0;
+    }
+
+    public static int getLength(Object array) {
+        return array == null ? 0 : Array.getLength(array);
+    }
+
     /**
      * 是空字符串
      */
@@ -65,7 +78,7 @@ public class ValidateUtils {
         } else if (isNull(seq1) || isNull(seq2) || seq1.size() != seq2.size()) {
             return false;
         }
-        for (Object elem: seq1) {
+        for (Object elem : seq1) {
             if (!seq2.contains(elem)) {
                 return false;
             }

km-extends/km-account/src/main/java/com/xiaojukeji/know/streaming/km/account/login/ldap/remote/LdapAuthentication.java

@@ -5,6 +5,7 @@ import com.didiglobal.logi.security.exception.LogiSecurityException;
 import com.xiaojukeji.know.streaming.km.account.KmAccountConfig;
 import com.xiaojukeji.know.streaming.km.account.common.ldap.LdapPrincipal;
 import com.xiaojukeji.know.streaming.km.account.common.ldap.exception.LdapException;
+import com.xiaojukeji.know.streaming.km.common.utils.ValidateUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -12,6 +13,8 @@ import org.springframework.stereotype.Component;
 
 import javax.naming.Context;
 import javax.naming.NamingEnumeration;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.InitialLdapContext;
@@ -71,7 +74,7 @@ public class LdapAuthentication {
         env.put(Context.SECURITY_PRINCIPAL, kmAccountConfig.getSecurityPrincipal());
         env.put(Context.SECURITY_CREDENTIALS, kmAccountConfig.getSecurityCredentials());
         try {
-           return new InitialLdapContext(env, null);
+            return new InitialLdapContext(env, null);
         } catch (Exception e) {
             LOGGER.error("method=getLdapContext||errMsg=exception", e);
 
@@ -101,18 +104,21 @@ public class LdapAuthentication {
 
             // maybe more than one element
             while (en.hasMoreElements()) {
-                Object obj = en.nextElement();
+                SearchResult obj = en.nextElement();
-                if (obj instanceof SearchResult) {
+                if (!ValidateUtils.isNull(obj)) {
-                    SearchResult si = (SearchResult) obj;
-
                     // 携带LDAP更多元信息以填充用户元信息
                     LdapPrincipal ldapPrincipal = new LdapPrincipal();
-                    ldapPrincipal.setUserDN(si.getName() + "," + kmAccountConfig.getLdapBaseDN());
+                    ldapPrincipal.setUserDN(obj.getName() + "," + kmAccountConfig.getLdapBaseDN());
-                    ldapPrincipal.setSAMAccountName(this.keyValueSplit(si.getAttributes().get("samaccountname").toString()));
+
-                    ldapPrincipal.setDepartment(this.keyValueSplit(si.getAttributes().get("department").toString()));
+                    Attributes attributes = obj.getAttributes();
-                    ldapPrincipal.setCompany(this.keyValueSplit(si.getAttributes().get("company").toString()));
+                    //校验成功后 在获取值
-                    ldapPrincipal.setDisplayName(this.keyValueSplit(si.getAttributes().get("displayname").toString()));
+                    if (!ValidateUtils.isNull(attributes)) {
-                    ldapPrincipal.setMail(this.keyValueSplit(si.getAttributes().get("mail").toString()));
+                        ldapPrincipal.setSAMAccountName(getStringValueFromAttributes(attributes, "samaccountname"));
+                        ldapPrincipal.setDepartment(getStringValueFromAttributes(attributes, "department"));
+                        ldapPrincipal.setCompany(getStringValueFromAttributes(attributes, "company"));
+                        ldapPrincipal.setDisplayName(getStringValueFromAttributes(attributes, "displayname"));
+                        ldapPrincipal.setMail(getStringValueFromAttributes(attributes, "mail"));
+                    }
                     return ldapPrincipal;
                 }
             }
@@ -126,6 +132,29 @@ public class LdapAuthentication {
         }
     }
 
+    private String getStringValueFromAttributes(Attributes attributes, String attrId) {
+        //增加 多重校验
+        int two = 2;
+        Attribute attribute = attributes.get(attrId);
+        if (ValidateUtils.isNull(attribute)) {
+            return "";
+        }
+
+        String str = attribute.toString();
+        if (ValidateUtils.isBlank(str)) {
+            return "";
+        }
+        //分割字符串
+        String[] split = str.split(":\\s+");
+        if (ValidateUtils.isNotEmpty(split)) {
+            if (split.length >= two) {
+                return split[1];
+            }
+        }
+
+        return "";
+    }
+
     private void closeLdapContext(LdapContext ctx) {
         if (ctx == null) {
             return;
@@ -137,8 +166,4 @@ public class LdapAuthentication {
             LOGGER.error("method=closeLdapContext||errMsg=exception", e);
         }
     }
-
-    public String keyValueSplit(String keyValue){
-        return keyValue.split(":\\s+")[1];
-    }
 }