Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
10b964ad
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
大约 1 年 前同步成功
通知
76
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
10b964ad
编写于
4月 26, 2022
作者:
M
MaxKey
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
AuthorizationUtils
上级
92210640
变更
27
隐藏空白更改
内联
并排
Showing
27 changed file
with
120 addition
and
94 deletion
+120
-94
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
...java/org/maxkey/authn/AbstractAuthenticationProvider.java
+11
-13
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SignPrincipal.java
...on-core/src/main/java/org/maxkey/authn/SignPrincipal.java
+17
-6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
...tion-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
+2
-2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
...re/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
+2
-2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
...a/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
+3
-3
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
...rc/main/java/org/maxkey/authn/web/AuthorizationUtils.java
+31
-16
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java
...ain/java/org/maxkey/authn/web/SessionListenerAdapter.java
+2
-2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
...g/maxkey/authn/web/interceptor/PermissionInterceptor.java
+2
-2
maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
+5
-5
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
+2
-0
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java
...xkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java
+3
-3
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
...va/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
+2
-2
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
...org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
...org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
+3
-3
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
...org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
+3
-3
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
...axkey/authz/oauth2/provider/OAuth2UserDetailsService.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java
.../approval/endpoint/OAuth20AccessConfirmationEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
...authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
.../maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
.../provider/endpoint/TokenEndpointAuthenticationFilter.java
+5
-5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
...z/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
...uth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
+3
-3
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
.../maxkey/web/access/contorller/LoginSessionController.java
+1
-1
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
...c/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
+6
-6
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
...g/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
+3
-3
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
.../maxkey/web/access/contorller/LoginSessionController.java
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
...c/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
+1
-1
未找到文件。
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
浏览文件 @
10b964ad
...
...
@@ -101,14 +101,12 @@ public abstract class AbstractAuthenticationProvider {
* @return
*/
public
UsernamePasswordAuthenticationToken
createOnlineTicket
(
LoginCredential
credential
,
UserInfo
userInfo
)
{
//Online Tickit
Session
onlineTicket
=
new
Session
();
//create session
Session
session
=
new
Session
();
//set session with principal
SignPrincipal
principal
=
new
SignPrincipal
(
userInfo
,
session
);
userInfo
.
setOnlineTicket
(
onlineTicket
.
getId
());
SigninPrincipal
principal
=
new
SigninPrincipal
(
userInfo
);
//set OnlineTicket
principal
.
setSession
(
onlineTicket
);
ArrayList
<
GrantedAuthority
>
grantedAuthoritys
=
authenticationRealm
.
grantAuthority
(
userInfo
);
principal
.
setAuthenticated
(
true
);
...
...
@@ -132,15 +130,15 @@ public abstract class AbstractAuthenticationProvider {
authenticationToken
.
setDetails
(
new
WebAuthenticationDetails
(
WebContext
.
getRequest
()));
onlineTicket
.
setAuthentication
(
authenticationToken
);
//store session
this
.
sessionService
.
store
(
onlineTicket
.
getId
(),
onlineTicket
);
/*
* put Authentication to current session context
*/
AuthorizationUtils
.
setAuthentication
(
authenticationToken
);
session
.
setAuthentication
(
authenticationToken
);
//store session
this
.
sessionService
.
store
(
session
.
getId
(),
session
);
AuthorizationUtils
.
setSession
(
session
);
return
authenticationToken
;
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/Sign
in
Principal.java
→
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SignPrincipal.java
浏览文件 @
10b964ad
/*
* Copyright [202
0
] [MaxKey of copyright http://www.maxkey.top]
* Copyright [202
2
] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
...
...
@@ -26,7 +26,7 @@ import org.springframework.security.core.GrantedAuthority;
import
org.springframework.security.core.userdetails.UserDetails
;
public
class
Sign
in
Principal
implements
UserDetails
{
public
class
SignPrincipal
implements
UserDetails
{
private
static
final
long
serialVersionUID
=
-
110742975439268030L
;
UserInfo
userInfo
;
...
...
@@ -49,25 +49,36 @@ public class SigninPrincipal implements UserDetails {
/**
* SigninPrincipal.
*/
public
Sign
in
Principal
()
{
public
SignPrincipal
()
{
}
/**
* Sign
in
Principal.
* SignPrincipal.
*/
public
SigninPrincipal
(
UserInfo
userInfo
)
{
public
SignPrincipal
(
UserInfo
userInfo
)
{
this
.
userInfo
=
userInfo
;
this
.
authenticated
=
true
;
this
.
accountNonExpired
=
true
;
this
.
accountNonLocked
=
true
;
this
.
credentialsNonExpired
=
true
;
this
.
enabled
=
true
;
}
public
SignPrincipal
(
UserInfo
userInfo
,
Session
session
)
{
this
.
userInfo
=
userInfo
;
this
.
authenticated
=
true
;
this
.
accountNonExpired
=
true
;
this
.
accountNonLocked
=
true
;
this
.
credentialsNonExpired
=
true
;
this
.
enabled
=
true
;
this
.
session
=
session
;
this
.
userInfo
.
setSessionId
(
session
.
getId
());
}
/**
* SigninPrincipal.
*/
public
Sign
in
Principal
(
UserDetails
userDetails
)
{
public
SignPrincipal
(
UserDetails
userDetails
)
{
this
.
userDetails
=
userDetails
;
this
.
authenticated
=
true
;
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
浏览文件 @
10b964ad
...
...
@@ -21,7 +21,7 @@ import java.io.Serializable;
import
java.util.ArrayList
;
import
java.util.List
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.GrantedAuthority
;
...
...
@@ -57,7 +57,7 @@ public class AuthJwt implements Serializable {
}
public
AuthJwt
(
String
token
,
Authentication
authentication
)
{
Sign
inPrincipal
principal
=
((
Signi
nPrincipal
)
authentication
.
getPrincipal
());
Sign
Principal
principal
=
((
Sig
nPrincipal
)
authentication
.
getPrincipal
());
this
.
token
=
token
;
this
.
ticket
=
principal
.
getSession
().
getId
();
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
浏览文件 @
10b964ad
...
...
@@ -22,7 +22,7 @@ import java.util.Date;
import
org.apache.commons.lang3.StringUtils
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.configuration.AuthJwkConfig
;
import
org.maxkey.crypto.jwt.HMAC512Service
;
import
org.maxkey.entity.UserInfo
;
...
...
@@ -86,7 +86,7 @@ public class AuthJwtService {
* @return
*/
public
String
genJwt
(
Authentication
authentication
)
{
Sign
inPrincipal
principal
=
((
Signi
nPrincipal
)
authentication
.
getPrincipal
());
Sign
Principal
principal
=
((
Sig
nPrincipal
)
authentication
.
getPrincipal
());
UserInfo
userInfo
=
principal
.
getUserInfo
();
DateTime
currentDateTime
=
DateTime
.
now
();
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
authJwkConfig
.
getExpires
()).
toDate
();
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
浏览文件 @
10b964ad
...
...
@@ -21,7 +21,7 @@ import java.util.ArrayList;
import
java.util.Date
;
import
java.util.List
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService
;
import
org.maxkey.entity.Groups
;
import
org.maxkey.entity.HistoryLogin
;
...
...
@@ -124,9 +124,9 @@ public abstract class AbstractAuthenticationRealm {
historyLogin
.
setSessionId
(
WebContext
.
genId
());
historyLogin
.
setSessionStatus
(
7
);
Authentication
authentication
=
(
Authentication
)
WebContext
.
getAttribute
(
WebConstants
.
AUTHENTICATION
);
if
(
authentication
.
getPrincipal
()
instanceof
Sign
in
Principal
)
{
if
(
authentication
.
getPrincipal
()
instanceof
SignPrincipal
)
{
historyLogin
.
setSessionStatus
(
1
);
historyLogin
.
setSessionId
(
userInfo
.
get
OnlineTicket
());
historyLogin
.
setSessionId
(
userInfo
.
get
SessionId
());
}
_logger
.
debug
(
"user session id is {} . "
,
historyLogin
.
getSessionId
());
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
浏览文件 @
10b964ad
...
...
@@ -22,7 +22,7 @@ import java.text.ParseException;
import
javax.servlet.http.Cookie
;
import
javax.servlet.http.HttpServletRequest
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.jwt.AuthJwtService
;
import
org.maxkey.authn.session.Session
;
import
org.maxkey.authn.session.SessionService
;
...
...
@@ -44,7 +44,7 @@ public class AuthorizationUtils {
AuthJwtService
authJwtService
,
SessionService
sessionService
)
throws
ParseException
{
if
(
get
Authenticat
ion
()
==
null
)
{
if
(
get
Sess
ion
()
==
null
)
{
Cookie
authCookie
=
WebContext
.
getCookie
(
request
,
Authorization_Cookie
);
if
(
authCookie
!=
null
)
{
String
authorization
=
authCookie
.
getValue
();
...
...
@@ -59,7 +59,7 @@ public class AuthorizationUtils {
AuthJwtService
authJwtService
,
SessionService
sessionService
)
throws
ParseException
{
if
(
get
Authenticat
ion
()
==
null
)
{
if
(
get
Sess
ion
()
==
null
)
{
String
authorization
=
AuthorizationHeaderUtils
.
resolveBearer
(
request
);
if
(
authorization
!=
null
)
{
doJwtAuthenticate
(
authorization
,
authJwtService
,
sessionService
);
...
...
@@ -73,48 +73,63 @@ public class AuthorizationUtils {
AuthJwtService
authJwtService
,
SessionService
sessionService
)
throws
ParseException
{
if
(
authJwtService
.
validateJwtToken
(
authorization
))
{
String
ticket
=
authJwtService
.
resolveJWTID
(
authorization
);
Session
onlineTicket
=
sessionService
.
get
(
ticket
);
if
(
onlineTicket
!=
null
)
{
setAuthentication
(
onlineTicket
.
getAuthentication
());
String
sessionId
=
authJwtService
.
resolveJWTID
(
authorization
);
Session
session
=
sessionService
.
get
(
sessionId
);
if
(
session
!=
null
)
{
setSession
(
session
);
setAuthentication
(
session
.
getAuthentication
());
}
}
}
public
static
void
setAuthentication
(
Authentication
authentication
)
{
WebContext
.
setAttribute
(
WebConstants
.
AUTHENTICATION
,
authentication
);
public
static
void
setSession
(
Session
session
)
{
WebContext
.
setAttribute
(
WebConstants
.
SESSION
,
session
);
}
public
static
Session
getSession
()
{
Session
session
=
getSession
(
WebContext
.
getRequest
());
return
session
;
}
public
static
Session
getSession
(
HttpServletRequest
request
)
{
Session
session
=
(
Session
)
request
.
getSession
().
getAttribute
(
WebConstants
.
SESSION
);
return
session
;
}
public
static
Authentication
getAuthentication
()
{
Authentication
authentication
=
(
Authentication
)
getAuthentication
(
WebContext
.
getRequest
());
Authentication
authentication
=
(
Authentication
)
getAuthentication
(
WebContext
.
getRequest
());
return
authentication
;
}
public
static
Authentication
getAuthentication
(
HttpServletRequest
request
)
{
Authentication
authentication
=
(
Authentication
)
request
.
getSession
().
getAttribute
(
WebConstants
.
AUTHENTICATION
);
Authentication
authentication
=
(
Authentication
)
request
.
getSession
().
getAttribute
(
WebConstants
.
AUTHENTICATION
);
return
authentication
;
}
public
static
void
setAuthentication
(
Authentication
authentication
)
{
WebContext
.
setAttribute
(
WebConstants
.
AUTHENTICATION
,
authentication
);
}
public
static
boolean
isAuthenticated
()
{
return
get
Authenticat
ion
()
!=
null
;
return
get
Sess
ion
()
!=
null
;
}
public
static
boolean
isNotAuthenticated
()
{
return
!
isAuthenticated
();
}
public
static
Sign
in
Principal
getPrincipal
()
{
public
static
SignPrincipal
getPrincipal
()
{
Authentication
authentication
=
getAuthentication
();
return
getPrincipal
(
authentication
);
}
public
static
Sign
in
Principal
getPrincipal
(
Authentication
authentication
)
{
return
authentication
==
null
?
null
:
(
Sign
in
Principal
)
authentication
.
getPrincipal
();
public
static
SignPrincipal
getPrincipal
(
Authentication
authentication
)
{
return
authentication
==
null
?
null
:
(
SignPrincipal
)
authentication
.
getPrincipal
();
}
public
static
UserInfo
getUserInfo
(
Authentication
authentication
)
{
UserInfo
userInfo
=
null
;
Sign
in
Principal
principal
=
getPrincipal
(
authentication
);
SignPrincipal
principal
=
getPrincipal
(
authentication
);
if
(
principal
!=
null
)
{
userInfo
=
principal
.
getUserInfo
();
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java
浏览文件 @
10b964ad
...
...
@@ -22,7 +22,7 @@ import javax.servlet.http.HttpSession;
import
javax.servlet.http.HttpSessionEvent
;
import
javax.servlet.http.HttpSessionListener
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.util.DateUtils
;
import
org.maxkey.web.WebConstants
;
import
org.slf4j.Logger
;
...
...
@@ -53,7 +53,7 @@ public class SessionListenerAdapter implements HttpSessionListener {
public
void
sessionDestroyed
(
HttpSessionEvent
sessionEvent
)
{
HttpSession
session
=
sessionEvent
.
getSession
();
Authentication
authentication
=
(
Authentication
)
session
.
getAttribute
(
WebConstants
.
AUTHENTICATION
);
Sign
in
Principal
principal
=
AuthorizationUtils
.
getPrincipal
(
authentication
);
SignPrincipal
principal
=
AuthorizationUtils
.
getPrincipal
(
authentication
);
if
(
principal
!=
null
)
{
_logger
.
trace
(
"{} HttpSession Id {} for userId {} , username {} @Ticket {} Destroyed"
,
DateUtils
.
formatDateTime
(
new
Date
()),
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
浏览文件 @
10b964ad
...
...
@@ -21,7 +21,7 @@ import javax.servlet.RequestDispatcher;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.jwt.AuthJwtService
;
import
org.maxkey.authn.session.SessionService
;
import
org.maxkey.authn.web.AuthorizationUtils
;
...
...
@@ -60,7 +60,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
public
boolean
preHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
_logger
.
trace
(
"Permission Interceptor ."
);
AuthorizationUtils
.
authenticate
(
request
,
authJwtService
,
sessionService
);
Sign
in
Principal
principal
=
AuthorizationUtils
.
getPrincipal
();
SignPrincipal
principal
=
AuthorizationUtils
.
getPrincipal
();
//判断用户是否登录,判断用户是否登录用户
if
(
principal
==
null
){
_logger
.
trace
(
"No Authentication ... forward to /auth/entrypoint"
);
...
...
maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
浏览文件 @
10b964ad
...
...
@@ -46,7 +46,7 @@ public class UserInfo extends JpaBaseEntity {
public
static
final
String
DEFAULT_PASSWORD_SUFFIX
=
"MaxKey@888"
;
String
onlineTicket
;
String
sessionId
;
//
@Id
...
...
@@ -384,12 +384,12 @@ public class UserInfo extends JpaBaseEntity {
this
.
id
=
id
;
}
public
String
getOnlineTicket
()
{
return
onlineTicket
;
public
String
getSessionId
()
{
return
sessionId
;
}
public
void
set
OnlineTicket
(
String
onlineTicket
)
{
this
.
onlineTicket
=
onlineTicket
;
public
void
set
SessionId
(
String
sessionId
)
{
this
.
sessionId
=
sessionId
;
}
/**
...
...
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
浏览文件 @
10b964ad
...
...
@@ -81,6 +81,8 @@ public class WebConstants {
public
static
final
String
AUTHENTICATION
=
"current_authentication"
;
public
static
final
String
SESSION
=
"current_session"
;
public
static
final
String
THEME_COOKIE_NAME
=
"mxk_theme_value"
;
public
static
final
String
LOGIN_ERROR_SESSION_MESSAGE
...
...
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java
浏览文件 @
10b964ad
...
...
@@ -20,7 +20,7 @@ package org.maxkey.authz.endpoint.adapter;
import
java.io.UnsupportedEncodingException
;
import
org.apache.commons.codec.binary.Hex
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.constants.ConstsBoolean
;
import
org.maxkey.crypto.Base64Utils
;
import
org.maxkey.crypto.ReciprocalUtils
;
...
...
@@ -44,7 +44,7 @@ public abstract class AbstractAuthorizeAdapter {
protected
Accounts
account
;
protected
Sign
in
Principal
principal
;
protected
SignPrincipal
principal
;
public
abstract
Object
generateInfo
();
...
...
@@ -127,7 +127,7 @@ public abstract class AbstractAuthorizeAdapter {
return
""
;
};
public
void
setPrincipal
(
Sign
in
Principal
principal
)
{
public
void
setPrincipal
(
SignPrincipal
principal
)
{
this
.
principal
=
principal
;
this
.
userInfo
=
principal
.
getUserInfo
();
}
...
...
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
浏览文件 @
10b964ad
...
...
@@ -20,7 +20,7 @@ package org.maxkey.authz.singlelogout;
import
java.util.HashMap
;
import
java.util.UUID
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.entity.apps.Apps
;
import
org.maxkey.util.DateUtils
;
import
org.springframework.security.core.Authentication
;
...
...
@@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
logoutParameters
.
put
(
"principal"
,
authentication
.
getName
());
logoutParameters
.
put
(
"request"
,
"logoutRequest"
);
logoutParameters
.
put
(
"issueInstant"
,
DateUtils
.
getCurrentDateAsString
(
DateUtils
.
FORMAT_DATE_ISO_TIMESTAMP
));
logoutParameters
.
put
(
"ticket"
,
((
Sign
in
Principal
)
authentication
.
getPrincipal
()).
getSession
().
getFormattedId
());
logoutParameters
.
put
(
"ticket"
,
((
SignPrincipal
)
authentication
.
getPrincipal
()).
getSession
().
getFormattedId
());
postMessage
(
logoutApp
.
getLogoutUrl
(),
logoutParameters
);
}
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.ticket.CasConstants
;
import
org.maxkey.authz.cas.endpoint.ticket.Ticket
;
...
...
@@ -105,7 +105,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
}
if
(
storedTicket
!=
null
){
String
principal
=((
Sign
in
Principal
)
storedTicket
.
getAuthentication
().
getPrincipal
()).
getUsername
();
String
principal
=((
SignPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
()).
getUsername
();
_logger
.
debug
(
"principal "
+
principal
);
return
new
Service10ResponseBuilder
().
success
()
.
setUser
(
principal
)
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.apache.commons.beanutils.BeanUtils
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.ticket.CasConstants
;
...
...
@@ -204,7 +204,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
ServiceResponseBuilder
serviceResponseBuilder
=
new
ServiceResponseBuilder
();
if
(
storedTicket
!=
null
){
Sign
inPrincipal
authentication
=
((
Signi
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
Sign
Principal
authentication
=
((
Sig
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
if
(
StringUtils
.
isNotBlank
(
pgtUrl
))
{
ProxyGrantingTicketIOUImpl
proxyGrantingTicketIOUImpl
=
new
ProxyGrantingTicketIOUImpl
();
String
proxyGrantingTicketIOU
=
casProxyGrantingTicketServices
.
createTicket
(
proxyGrantingTicketIOUImpl
);
...
...
@@ -332,7 +332,7 @@ Response on ticket validation failure:
ServiceResponseBuilder
serviceResponseBuilder
=
new
ServiceResponseBuilder
();
if
(
storedTicket
!=
null
){
Sign
inPrincipal
authentication
=
((
Signi
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
Sign
Principal
authentication
=
((
Sig
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
if
(
ConstsBoolean
.
isTrue
(
storedTicket
.
getCasDetails
().
getIsAdapter
())){
Object
samlAdapter
=
Instance
.
newInstance
(
storedTicket
.
getCasDetails
().
getAdapter
());
try
{
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.apache.commons.beanutils.BeanUtils
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder
;
import
org.maxkey.authz.cas.endpoint.ticket.CasConstants
;
...
...
@@ -86,7 +86,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder
serviceResponseBuilder
=
new
ServiceResponseBuilder
();
if
(
storedTicket
!=
null
){
Sign
inPrincipal
authentication
=
((
Signi
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
Sign
Principal
authentication
=
((
Sig
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
if
(
StringUtils
.
isNotBlank
(
pgtUrl
))
{
ProxyGrantingTicketIOUImpl
proxyGrantingTicketIOUImpl
=
new
ProxyGrantingTicketIOUImpl
();
String
proxyGrantingTicketIOU
=
casProxyGrantingTicketServices
.
createTicket
(
proxyGrantingTicketIOUImpl
);
...
...
@@ -177,7 +177,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder
serviceResponseBuilder
=
new
ServiceResponseBuilder
();
if
(
storedTicket
!=
null
){
Sign
inPrincipal
authentication
=
((
Signi
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
Sign
Principal
authentication
=
((
Sig
nPrincipal
)
storedTicket
.
getAuthentication
().
getPrincipal
());
if
(
ConstsBoolean
.
isTrue
(
storedTicket
.
getCasDetails
().
getIsAdapter
())){
Object
samlAdapter
=
Instance
.
newInstance
(
storedTicket
.
getCasDetails
().
getAdapter
());
try
{
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
浏览文件 @
10b964ad
...
...
@@ -15,7 +15,7 @@ package org.maxkey.authz.oauth2.provider;
import
java.util.ArrayList
;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.session.Session
;
import
org.maxkey.entity.UserInfo
;
import
org.maxkey.persistence.repository.LoginRepository
;
...
...
@@ -47,7 +47,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
String
onlineTickitId
=
WebConstants
.
ONLINE_TICKET_PREFIX
+
"-"
+
java
.
util
.
UUID
.
randomUUID
().
toString
().
toLowerCase
();
Sign
inPrincipal
principal
=
new
Signi
nPrincipal
(
userInfo
);
Sign
Principal
principal
=
new
Sig
nPrincipal
(
userInfo
);
Session
onlineTicket
=
new
Session
(
onlineTickitId
);
//set OnlineTicket
principal
.
setSession
(
onlineTicket
);
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -93,7 +93,7 @@ public class OAuth20AccessConfirmationEndpoint {
try
{
// Map<String, Object> model
AuthorizationRequest
clientAuth
=
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
OnlineTicket
(),
"authorizationRequest"
);
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
SessionId
(),
"authorizationRequest"
);
ClientDetails
client
=
clientDetailsService
.
loadClientByClientId
(
clientAuth
.
getClientId
(),
true
);
model
.
put
(
"oauth_approval"
,
WebContext
.
genId
());
model
.
put
(
"auth_request"
,
clientAuth
);
...
...
@@ -139,7 +139,7 @@ public class OAuth20AccessConfirmationEndpoint {
if
(
StringUtils
.
isNotBlank
(
oauth_approval
))
{
try
{
AuthorizationRequest
clientAuth
=
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
OnlineTicket
(),
"authorizationRequest"
);
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
SessionId
(),
"authorizationRequest"
);
ClientDetails
client
=
clientDetailsService
.
loadClientByClientId
(
clientAuth
.
getClientId
(),
true
);
Apps
app
=
appsService
.
get
(
client
.
getClientId
(),
true
);
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -227,7 +227,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
// Place auth request into the model so that it is stored in the session
// for approveOrDeny to use. That way we make sure that auth request comes from the session,
// so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
momentaryService
.
put
(
currentUser
.
get
OnlineTicket
(),
"authorizationRequest"
,
authorizationRequest
);
momentaryService
.
put
(
currentUser
.
get
SessionId
(),
"authorizationRequest"
,
authorizationRequest
);
return
getUserApprovalPageResponse
(
model
,
authorizationRequest
,
(
Authentication
)
principal
);
...
...
@@ -255,7 +255,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
"User must be authenticated with Spring Security before authorizing an access token."
);
}
AuthorizationRequest
authorizationRequest
=
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
OnlineTicket
(),
"authorizationRequest"
);
AuthorizationRequest
authorizationRequest
=
(
AuthorizationRequest
)
momentaryService
.
get
(
currentUser
.
get
SessionId
(),
"authorizationRequest"
);
if
(
authorizationRequest
==
null
)
{
sessionStatus
.
setComplete
();
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -22,7 +22,7 @@ import java.util.HashSet;
import
java.util.Map
;
import
java.util.Set
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken
;
import
org.maxkey.authz.oauth2.common.OAuth2AccessToken
;
...
...
@@ -196,7 +196,7 @@ public class TokenEndpoint extends AbstractEndpoint {
clientId
=
((
OAuth2Authentication
)
client
).
getOAuth2Request
().
getClientId
();
}
if
(
client
instanceof
UsernamePasswordAuthenticationToken
)
{
clientId
=
((
Sign
in
Principal
)
client
.
getPrincipal
()).
getUsername
();
clientId
=
((
SignPrincipal
)
client
.
getPrincipal
()).
getUsername
();
}
return
clientId
;
}
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
浏览文件 @
10b964ad
...
...
@@ -31,7 +31,7 @@ import javax.servlet.annotation.WebFilter;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.authz.oauth2.common.OAuth2Constants
;
import
org.maxkey.authz.oauth2.common.util.OAuth2Utils
;
...
...
@@ -145,13 +145,13 @@ public class TokenEndpointAuthenticationFilter implements Filter {
}
else
{
Authentication
authentication
=
ClientCredentials
(
request
,
response
);
_logger
.
trace
(
"getPrincipal "
+
authentication
.
getPrincipal
().
getClass
());
Sign
in
Principal
auth
=
null
;
if
(
authentication
.
getPrincipal
()
instanceof
Sign
in
Principal
)
{
SignPrincipal
auth
=
null
;
if
(
authentication
.
getPrincipal
()
instanceof
SignPrincipal
)
{
//authorization_code
auth
=
(
Sign
in
Principal
)
authentication
.
getPrincipal
();
auth
=
(
SignPrincipal
)
authentication
.
getPrincipal
();
}
else
{
//client_credentials
auth
=
new
Sign
in
Principal
((
User
)
authentication
.
getPrincipal
());
auth
=
new
SignPrincipal
((
User
)
authentication
.
getPrincipal
());
}
auth
.
setAuthenticated
(
true
);
UsernamePasswordAuthenticationToken
simpleUserAuthentication
=
new
UsernamePasswordAuthenticationToken
(
auth
,
authentication
.
getCredentials
(),
authentication
.
getAuthorities
());
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse;
import
org.apache.commons.beanutils.BeanUtils
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter
;
import
org.maxkey.authz.oauth2.common.OAuth2Constants
;
import
org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception
;
...
...
@@ -114,7 +114,7 @@ public class UserInfoEndpoint {
}
else
{
adapter
=(
AbstractAuthorizeAdapter
)
new
OAuthDefaultUserInfoAdapter
(
clientDetails
);
}
adapter
.
setPrincipal
((
Sign
in
Principal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
());
adapter
.
setPrincipal
((
SignPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
());
adapter
.
setApp
(
app
);
Object
jsonData
=
adapter
.
generateInfo
();
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -28,7 +28,7 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter
;
import
org.maxkey.authz.oauth2.common.OAuth2Constants
;
import
org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception
;
...
...
@@ -113,7 +113,7 @@ public class UserInfoOIDCEndpoint {
try
{
oAuth2Authentication
=
oauth20tokenServices
.
loadAuthentication
(
access_token
);
principal
=((
Sign
in
Principal
)
oAuth2Authentication
.
getPrincipal
()).
getUsername
();
principal
=((
SignPrincipal
)
oAuth2Authentication
.
getPrincipal
()).
getUsername
();
Set
<
String
>
scopes
=
oAuth2Authentication
.
getOAuth2Request
().
getScope
();
ClientDetails
clientDetails
=
...
...
@@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint {
String
userJson
=
""
;
Builder
jwtClaimsSetBuilder
=
new
JWTClaimsSet
.
Builder
();
Sign
inPrincipal
authentication
=
(
Signi
nPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
();
Sign
Principal
authentication
=
(
Sig
nPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
();
String
subject
=
AbstractAuthorizeAdapter
.
getValueByUserAttr
(
userInfo
,
clientDetails
.
getSubject
());
_logger
.
debug
(
"userId : {} , username : {} , displayName : {} , subject : {}"
,
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
浏览文件 @
10b964ad
...
...
@@ -86,7 +86,7 @@ public class LoginSessionController {
try
{
for
(
String
sessionId
:
StringUtils
.
string2List
(
ids
,
","
))
{
_logger
.
trace
(
"terminate session Id {} "
,
sessionId
);
if
(
currentUser
.
get
OnlineTicket
().
contains
(
sessionId
))
{
if
(
currentUser
.
get
SessionId
().
contains
(
sessionId
))
{
continue
;
//skip current session
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -54,10 +54,10 @@ public class LogoutEndpoint {
@RequestMapping
(
value
={
"/logout"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
public
ResponseEntity
<?>
logout
(
@CurrentUser
UserInfo
currentUser
){
//if logined in have onlineTicket ,need remove or logout back
String
onlineTicketId
=
currentUser
.
getOnlineTicket
();
Session
onlineTicket
=
sessionService
.
get
(
onlineTicket
Id
);
if
(
onlineTicket
!=
null
)
{
Set
<
Entry
<
String
,
Apps
>>
entrySet
=
onlineTicket
.
getAuthorizedApps
().
entrySet
();
String
sessionId
=
currentUser
.
getSessionId
();
Session
session
=
sessionService
.
get
(
session
Id
);
if
(
session
!=
null
)
{
Set
<
Entry
<
String
,
Apps
>>
entrySet
=
session
.
getAuthorizedApps
().
entrySet
();
Iterator
<
Entry
<
String
,
Apps
>>
iterator
=
entrySet
.
iterator
();
while
(
iterator
.
hasNext
())
{
...
...
@@ -70,12 +70,12 @@ public class LogoutEndpoint {
}
else
{
singleLogout
=
new
DefaultSingleLogout
();
}
singleLogout
.
sendRequest
(
onlineTicket
.
getAuthentication
(),
mapEntry
.
getValue
());
singleLogout
.
sendRequest
(
session
.
getAuthentication
(),
mapEntry
.
getValue
());
}
}
sessionService
.
terminate
(
onlineTicketId
,
session
.
getId
()
,
currentUser
.
getId
(),
currentUser
.
getUsername
());
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
浏览文件 @
10b964ad
...
...
@@ -20,7 +20,7 @@ package org.maxkey.web.interceptor;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.Sign
in
Principal
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.entity.HistoryLoginApps
;
import
org.maxkey.entity.UserInfo
;
...
...
@@ -56,7 +56,7 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor {
throws
Exception
{
_logger
.
debug
(
"preHandle"
);
final
Apps
app
=
(
Apps
)
WebContext
.
getAttribute
(
WebConstants
.
AUTHORIZE_SIGN_ON_APP
);
Sign
in
Principal
principal
=
AuthorizationUtils
.
getPrincipal
();
SignPrincipal
principal
=
AuthorizationUtils
.
getPrincipal
();
if
(
principal
!=
null
&&
app
!=
null
)
{
if
(
principal
.
getGrantedAuthorityApps
().
contains
(
new
SimpleGrantedAuthority
(
app
.
getId
())))
{
_logger
.
trace
(
"preHandle have authority access "
+
app
);
...
...
@@ -81,7 +81,7 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor {
final
Apps
app
=
(
Apps
)
WebContext
.
getAttribute
(
WebConstants
.
AUTHORIZE_SIGN_ON_APP
);
Sign
in
Principal
principal
=
AuthorizationUtils
.
getPrincipal
();
SignPrincipal
principal
=
AuthorizationUtils
.
getPrincipal
();
if
(
principal
!=
null
&&
app
!=
null
)
{
final
UserInfo
userInfo
=
principal
.
getUserInfo
();
String
sessionId
=
principal
.
getSession
().
getId
();
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
浏览文件 @
10b964ad
...
...
@@ -87,7 +87,7 @@ public class LoginSessionController {
try
{
for
(
String
sessionId
:
StringUtils
.
string2List
(
ids
,
","
))
{
_logger
.
trace
(
"terminate session Id {} "
,
sessionId
);
if
(
currentUser
.
get
OnlineTicket
().
contains
(
sessionId
))
{
if
(
currentUser
.
get
SessionId
().
contains
(
sessionId
))
{
continue
;
//skip current session
}
sessionService
.
terminate
(
sessionId
,
currentUser
.
getId
(),
currentUser
.
getUsername
());
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
浏览文件 @
10b964ad
...
...
@@ -36,7 +36,7 @@ public class LogoutEndpoint {
@RequestMapping
(
value
={
"/logout"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
public
ResponseEntity
<?>
logout
(
@CurrentUser
UserInfo
currentUser
){
sessionService
.
terminate
(
currentUser
.
get
OnlineTicket
(),
currentUser
.
get
SessionId
(),
currentUser
.
getId
(),
currentUser
.
getUsername
());
return
new
Message
<
String
>().
buildResponse
();
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录