From 786ca40b3c0ed72c89a1cf0382bf712c7e647a79 Mon Sep 17 00:00:00 2001 From: MaxKey Date: Wed, 13 Apr 2022 18:47:33 +0800 Subject: [PATCH] 220413 --- .../authn/AbstractAuthenticationProvider.java | 2 +- .../authn/RealmAuthenticationProvider.java | 36 ++--- .../maxkey/authn/annotation/CurrentUser.java | 19 ++- .../maxkey/authn/annotation/package-info.java | 19 ++- .../java/org/maxkey/authn/jwt/AuthJwt.java | 33 +++- .../org/maxkey/authn/jwt/AuthJwtService.java | 25 ++- .../org/maxkey/authn/jwt/package-info.java | 19 ++- .../online/AbstractOnlineTicketService.java | 124 +++++++++++++++ .../online/InMemoryOnlineTicketService.java | 6 +- .../org/maxkey/authn/online/OnlineTicket.java | 32 ++-- .../authn/online/OnlineTicketService.java | 4 +- .../online/OnlineTicketServiceFactory.java | 4 +- .../online/RedisOnlineTicketService.java | 8 +- .../realm/AbstractAuthenticationRealm.java | 27 ---- .../maxkey/authn/web/AuthorizationUtils.java | 56 +++++-- .../CurrentUserMethodArgumentResolver.java | 46 ++++-- .../authn/web/SessionListenerAdapter.java | 59 ++----- .../authn/web/UnauthorizedEntryPoint.java | 17 ++ .../interceptor/PermissionInterceptor.java | 28 ++-- .../authn/web/interceptor/package-info.java | 19 ++- .../org/maxkey/authn/web/package-info.java | 19 ++- .../AuthenticationAutoConfiguration.java | 9 +- .../oauth/config/AuthMxkDefaultSource.java | 17 ++ .../oauth/request/AuthFeishu2Request.java | 19 ++- .../org/maxkey/crypto/jwt/HMAC512Service.java | 17 ++ .../main/java/org/maxkey/entity/Message.java | 17 ++ .../crypto/signature/HMAC512ServiceTest.java | 17 ++ .../crypto/signature/HS512SignerTest.java | 17 ++ .../maxkey/configuration/AuthJwkConfig.java | 17 ++ .../java/org/maxkey/entity/FileUpload.java | 17 ++ .../repository/LoginHistoryRepository.java | 20 --- .../repository/LoginRepository.java | 9 +- .../java/org/maxkey/web/MetadataEndpoint.java | 17 ++ .../java/org/maxkey/web/WebConstants.java | 2 +- .../maxkey/web/ipregion/AbstractIpRegion.java | 17 ++ .../org/maxkey/web/ipregion/IpRegion.java | 17 ++ .../maxkey/web/ipregion/IpRegionFactory.java | 17 ++ .../maxkey/web/ipregion/IpRegionIp138.java | 17 ++ .../web/ipregion/IpRegionIp138Response.java | 17 ++ .../maxkey/web/ipregion/IpRegionIp360.java | 17 ++ .../web/ipregion/IpRegionIp360Response.java | 17 ++ .../maxkey/web/ipregion/IpRegionIpchaxun.java | 17 ++ .../org/maxkey/web/ipregion/IpRegionIpcn.java | 17 ++ .../maxkey/web/ipregion/IpRegionLocal.java | 17 ++ .../maxkey/web/ipregion/IpRegionPconline.java | 17 ++ .../ipregion/IpRegionPconlineResponse.java | 17 ++ .../org/maxkey/web/ipregion/package-info.java | 19 ++- .../web/ipregion/IpRegionFactoryTest.java | 17 ++ .../web/ipregion/IpRegionIp138Test.java | 17 ++ .../web/ipregion/IpRegionIp360Test.java | 17 ++ .../web/ipregion/IpRegionIpchaxunTest.java | 17 ++ .../maxkey/web/ipregion/IpRegionIpcnTest.java | 17 ++ .../web/ipregion/IpRegionPconlineTest.java | 17 ++ ...tService.java => MessageQueueService.java} | 4 +- .../persistence/service/AccountsService.java | 4 +- .../service/HistoryLoginService.java | 2 +- .../service/OrganizationsService.java | 10 +- .../persistence/service/UserInfoService.java | 26 ++-- .../authz/endpoint/OnlineTicketEndpoint.java | 2 +- .../adapter/AbstractAuthorizeAdapter.java | 13 +- .../singlelogout/DefaultSingleLogout.java | 2 +- .../cas/endpoint/Cas20AuthorizeEndpoint.java | 11 +- .../cas/endpoint/Cas30AuthorizeEndpoint.java | 11 +- .../cas/endpoint/CasAuthorizeEndpoint.java | 2 +- .../endpoint/adapter/CasDefaultAdapter.java | 4 +- .../endpoint/ExtendApiAuthorizeEndpoint.java | 3 +- .../endpoint/FormBasedAuthorizeEndpoint.java | 3 +- .../jwt/endpoint/adapter/JwtAdapter.java | 2 +- .../token/endpoint/JwtAuthorizeEndpoint.java | 3 +- .../provider/OAuth2UserDetailsService.java | 12 +- .../OAuth20AccessConfirmationEndpoint.java | 2 +- .../endpoint/OAuthDefaultUserInfoAdapter.java | 4 +- .../userinfo/endpoint/UserInfoEndpoint.java | 7 +- .../endpoint/UserInfoOIDCEndpoint.java | 2 +- .../provider/endpoint/AssertionEndpoint.java | 4 +- .../endpoint/TokenBasedAuthorizeEndpoint.java | 3 +- .../adapter/TokenBasedDefaultAdapter.java | 2 +- .../main/java/org/maxkey/MaxKeyConfig.java | 2 +- .../main/java/org/maxkey/MaxKeyMvcConfig.java | 4 - .../contorller/LoginSessionController.java | 20 +-- .../web/access/contorller/package-info.java | 19 ++- .../maxkey/web/endpoint/LoginEntryPoint.java | 2 +- .../maxkey/web/endpoint/LogoutEndpoint.java | 145 +++++------------- .../HistorySignOnAppInterceptor.java | 20 +-- .../main/java/org/maxkey/MaxKeyMgtConfig.java | 2 +- .../main/java/org/maxkey/MaxKeyMgtJobs.java | 12 +- .../java/org/maxkey/MaxKeyMgtMvcConfig.java | 4 +- .../org/maxkey/jobs/AccountsStrategyJob.java | 2 +- .../java/org/maxkey/jobs/DynamicRolesJob.java | 2 +- .../maxkey/jobs/OnlineTicketListenerJob.java | 38 +++++ .../contorller/LoginSessionController.java | 7 +- .../web/access/contorller/package-info.java | 19 ++- .../web/config/contorller/package-info.java | 19 ++- .../maxkey/web/contorller/LogoutEndpoint.java | 63 ++------ .../permissions/contorller/package-info.java | 19 ++- 95 files changed, 1146 insertions(+), 513 deletions(-) create mode 100644 maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/AbstractOnlineTicketService.java rename maxkey-persistence/src/main/java/org/maxkey/persistence/mq/{MqPersistService.java => MessageQueueService.java} (98%) create mode 100644 maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/OnlineTicketListenerJob.java diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index 741e016a7..6d7e63762 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java index d6e58a9e0..fb68aeaac 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -156,42 +156,30 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider } public UsernamePasswordAuthenticationToken createOnlineSession(LoginCredential credential,UserInfo userInfo) { - String currentUserSessionId = WebContext.genId(); - //Online Tickit Id - String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + currentUserSessionId; - _logger.debug("set online Tickit Cookie {} on domain {}", - onlineTickitId, - this.applicationConfig.getBaseDomainName() - ); - - OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId); - - //set ONLINE_TICKET cookie - WebContext.setCookie(WebContext.getResponse(), - this.applicationConfig.getBaseDomainName(), - WebConstants.ONLINE_TICKET_NAME, - onlineTickitId); - userInfo.setOnlineTicket(currentUserSessionId); + //Online Tickit + OnlineTicket onlineTicket = new OnlineTicket(); + + userInfo.setOnlineTicket(onlineTicket.getTicketId()); - SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo); + SigninPrincipal principal = new SigninPrincipal(userInfo); //set OnlineTicket - signinPrincipal.setOnlineTicket(onlineTicket); + principal.setOnlineTicket(onlineTicket); ArrayList grantedAuthoritys = authenticationRealm.grantAuthority(userInfo); - signinPrincipal.setAuthenticated(true); + principal.setAuthenticated(true); for(GrantedAuthority administratorsAuthority : grantedAdministratorsAuthoritys) { if(grantedAuthoritys.contains(administratorsAuthority)) { - signinPrincipal.setRoleAdministrators(true); + principal.setRoleAdministrators(true); _logger.trace("ROLE ADMINISTRATORS Authentication ."); } } _logger.debug("Granted Authority {}" , grantedAuthoritys); - signinPrincipal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys)); + principal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys)); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( - signinPrincipal, + principal, "PASSWORD", grantedAuthoritys ); @@ -202,7 +190,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider onlineTicket.setAuthentication(authenticationToken); //store onlineTicket - this.onlineTicketServices.store(onlineTickitId, onlineTicket); + this.onlineTicketServices.store(onlineTicket.getTicketId(), onlineTicket); /* * put Authentication to current session context diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/CurrentUser.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/CurrentUser.java index b1a114a00..4360f9dec 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/CurrentUser.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/CurrentUser.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.annotation; import java.lang.annotation.Documented; @@ -10,4 +27,4 @@ import java.lang.annotation.RetentionPolicy; @Retention(RetentionPolicy.RUNTIME) @Documented public @interface CurrentUser { -} \ No newline at end of file +} diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java index 1fac679e2..26dfdac47 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java @@ -1 +1,18 @@ -package org.maxkey.authn.annotation; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authn.annotation; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java index 0045726c0..901b5237b 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.jwt; import java.util.ArrayList; @@ -35,18 +52,18 @@ public class AuthJwt { } public AuthJwt(String token, Authentication authentication) { - SigninPrincipal signinPrincipal = ((SigninPrincipal)authentication.getPrincipal()); + SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal()); this.token = token; - this.ticket = signinPrincipal.getOnlineTicket().getTicketId().substring(3); + this.ticket = principal.getOnlineTicket().getTicketId(); - this.id = signinPrincipal.getUserInfo().getId(); - this.username = signinPrincipal.getUserInfo().getUsername(); + this.id = principal.getUserInfo().getId(); + this.username = principal.getUserInfo().getUsername(); this.name = this.username; - this.displayName = signinPrincipal.getUserInfo().getDisplayName(); - this.email = signinPrincipal.getUserInfo().getEmail(); - this.instId = signinPrincipal.getUserInfo().getInstId(); - this.instName = signinPrincipal.getUserInfo().getInstName(); + this.displayName = principal.getUserInfo().getDisplayName(); + this.email = principal.getUserInfo().getEmail(); + this.instId = principal.getUserInfo().getInstId(); + this.instName = principal.getUserInfo().getInstName(); this.authorities = new ArrayList(); for(GrantedAuthority grantedAuthority :authentication.getAuthorities()) { diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java index 50a98dc9c..04d133427 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.jwt; import java.text.ParseException; @@ -33,18 +50,18 @@ public class AuthJwtService { public String generateToken(Authentication authentication) { String token = ""; - SigninPrincipal signinPrincipal = ((SigninPrincipal)authentication.getPrincipal()); - UserInfo userInfo = signinPrincipal.getUserInfo(); + SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal()); + UserInfo userInfo = principal.getUserInfo(); DateTime currentDateTime = DateTime.now(); Date expirationTime = currentDateTime.plusSeconds(authJwkConfig.getExpires()).toDate(); _logger.debug("expiration Time : {}" , expirationTime); - String subject = signinPrincipal.getUsername(); + String subject = principal.getUsername(); _logger.trace("jwt subject : {}" , subject); JWTClaimsSet jwtClaims =new JWTClaimsSet.Builder() .issuer(authJwkConfig.getIssuer()) .subject(subject) - .jwtID(signinPrincipal.getOnlineTicket().getTicketId()) + .jwtID(principal.getOnlineTicket().getFormattedTicketId()) .issueTime(currentDateTime.toDate()) .expirationTime(expirationTime) .claim("locale", userInfo.getLocale()) diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java index 7b268e489..9611d2edd 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java @@ -1 +1,18 @@ -package org.maxkey.authn.jwt; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authn.jwt; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/AbstractOnlineTicketService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/AbstractOnlineTicketService.java new file mode 100644 index 000000000..2b24f98c7 --- /dev/null +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/AbstractOnlineTicketService.java @@ -0,0 +1,124 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authn.online; + +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Types; +import java.time.LocalTime; +import java.util.Date; +import java.util.List; + +import org.maxkey.entity.HistoryLogin; +import org.maxkey.entity.UserInfo; +import org.maxkey.util.DateUtils; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.jdbc.core.JdbcTemplate; +import org.springframework.jdbc.core.RowMapper; + +public class AbstractOnlineTicketService implements OnlineTicketService{ + private static Logger _logger = LoggerFactory.getLogger(AbstractOnlineTicketService.class); + + protected JdbcTemplate jdbcTemplate; + + private static final String DEFAULT_DEFAULT_SELECT_STATEMENT = + "select id,sessionid,userId,username,displayname,logintime from mxk_history_login where sessionstatus = 1"; + + private static final String LOGOUT_USERINFO_UPDATE_STATEMENT = + "update mxk_userinfo set lastlogofftime = ? , online = " + UserInfo.ONLINE.OFFLINE + " where id = ?"; + + private static final String HISTORY_LOGOUT_UPDATE_STATEMENT = + "update mxk_history_login set logouttime = ? ,sessionstatus = 7 where sessionid = ?"; + + + public List query() { + List listOnlineTicket = jdbcTemplate.query( + DEFAULT_DEFAULT_SELECT_STATEMENT, + new OnlineTicketRowMapper()); + return listOnlineTicket; + } + + public void profileLastLogoffTime(String userId,String lastLogoffTime) { + _logger.trace("userId {} , lastlogofftime {}" ,userId, lastLogoffTime); + jdbcTemplate.update( LOGOUT_USERINFO_UPDATE_STATEMENT, + new Object[] { lastLogoffTime, userId }, + new int[] { Types.TIMESTAMP, Types.VARCHAR }); + } + + public void sessionLogoff(String sessionId,String lastLogoffTime) { + _logger.trace("sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime); + jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT, + new Object[] { lastLogoffTime, sessionId }, + new int[] { Types.VARCHAR, Types.VARCHAR }); + } + + @Override + public void terminate(String onlineTicket,String userId,String username) { + String lastLogoffTime = DateUtils.formatDateTime(new Date()); + _logger.trace("{} user {} terminate Ticket {} ." ,lastLogoffTime,username, onlineTicket); + this.profileLastLogoffTime(userId, lastLogoffTime); + this.sessionLogoff(userId, lastLogoffTime); + remove(onlineTicket); + } + + private final class OnlineTicketRowMapper implements RowMapper { + @Override + public HistoryLogin mapRow(ResultSet rs, int rowNum) + throws SQLException { + HistoryLogin history=new HistoryLogin(); + history.setId(rs.getString(1)); + history.setSessionId(rs.getString(2)); + history.setUserId(rs.getString(3)); + history.setUsername(rs.getString(4)); + history.setDisplayName(rs.getString(5)); + history.setLoginTime(rs.getString(6)); + return history; + } + } + + @Override + public void store(String ticketId, OnlineTicket ticket) { + + } + + @Override + public OnlineTicket remove(String ticket) { + return null; + } + + @Override + public OnlineTicket get(String ticketId) { + return null; + } + + @Override + public void refresh(String ticketId, LocalTime refreshTime) { + + } + + @Override + public void refresh(String ticketId) { + + } + + @Override + public void setValiditySeconds(int validitySeconds) { + + } +} diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketService.java index fe18eb86a..325d74497 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketService.java @@ -23,12 +23,13 @@ import java.util.concurrent.TimeUnit; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.jdbc.core.JdbcTemplate; import com.github.benmanes.caffeine.cache.Cache; import com.github.benmanes.caffeine.cache.Caffeine; -public class InMemoryOnlineTicketService implements OnlineTicketService{ +public class InMemoryOnlineTicketService extends AbstractOnlineTicketService{ private static final Logger _logger = LoggerFactory.getLogger(InMemoryOnlineTicketService.class); protected static Cache onlineTicketStore = @@ -37,8 +38,9 @@ public class InMemoryOnlineTicketService implements OnlineTicketService{ .maximumSize(200000) .build(); - public InMemoryOnlineTicketService() { + public InMemoryOnlineTicketService(JdbcTemplate jdbcTemplate) { super(); + this.jdbcTemplate = jdbcTemplate; } @Override diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java index e2a0f3eb8..4a37a47a5 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java @@ -22,18 +22,16 @@ import java.time.LocalTime; import java.util.HashMap; import org.maxkey.entity.apps.Apps; +import org.maxkey.web.WebContext; import org.springframework.security.core.Authentication; public class OnlineTicket implements Serializable{ - - /** - * - */ + private static final long serialVersionUID = 9008067569150338296L; + + public static final String ONLINE_TICKET_PREFIX = "OT"; public static final int MAX_EXPIRY_DURATION = 60 * 10; //default 10 minutes. - private static final long serialVersionUID = 9008067569150338296L; - public String ticketId; public LocalTime ticketTime; @@ -42,6 +40,11 @@ public class OnlineTicket implements Serializable{ private HashMap authorizedApps = new HashMap(); + public OnlineTicket() { + super(); + this.ticketId = WebContext.genId();; + this.ticketTime = LocalTime.now(); + } public OnlineTicket(String ticketId) { super(); @@ -56,18 +59,17 @@ public class OnlineTicket implements Serializable{ this.ticketTime = LocalTime.now(); } - - public String getTicketId() { + return ticketId; + } + + public String getFormattedTicketId() { return ticketId; } - - public void setTicketId(String ticketId) { this.ticketId = ticketId; } - public LocalTime getTicketTime() { return ticketTime; @@ -81,20 +83,14 @@ public class OnlineTicket implements Serializable{ return authentication; } - - public void setAuthentication(Authentication authentication) { this.authentication = authentication; } - - public HashMap getAuthorizedApps() { return authorizedApps; } - - public void setAuthorizedApps(HashMap authorizedApps) { this.authorizedApps = authorizedApps; } @@ -103,8 +99,6 @@ public class OnlineTicket implements Serializable{ this.authorizedApps.put(authorizedApp.getId(), authorizedApp); } - - @Override public String toString() { StringBuilder builder = new StringBuilder(); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketService.java index 444f6a4e9..1f64009e7 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketService.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,4 +32,6 @@ public interface OnlineTicketService { public void refresh(String ticketId); public void setValiditySeconds(int validitySeconds); + + public void terminate(String onlineTicket,String userId,String username); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServiceFactory.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServiceFactory.java index c7f8fd3bb..bffd2fa37 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServiceFactory.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServiceFactory.java @@ -34,12 +34,12 @@ public class OnlineTicketServiceFactory { OnlineTicketService onlineTicketServices = null; if (persistence == ConstsPersistence.INMEMORY) { - onlineTicketServices = new InMemoryOnlineTicketService(); + onlineTicketServices = new InMemoryOnlineTicketService(jdbcTemplate); _logger.debug("InMemoryOnlineTicketServices"); } else if (persistence == ConstsPersistence.JDBC) { _logger.debug("OnlineTicketServices not support "); } else if (persistence == ConstsPersistence.REDIS) { - onlineTicketServices = new RedisOnlineTicketService(redisConnFactory); + onlineTicketServices = new RedisOnlineTicketService(redisConnFactory,jdbcTemplate); _logger.debug("RedisOnlineTicketServices"); } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketService.java index 90997c05e..e8a2c1dc2 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketService.java @@ -24,9 +24,10 @@ import org.maxkey.persistence.redis.RedisConnection; import org.maxkey.persistence.redis.RedisConnectionFactory; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.jdbc.core.JdbcTemplate; -public class RedisOnlineTicketService implements OnlineTicketService { +public class RedisOnlineTicketService extends AbstractOnlineTicketService { private static final Logger _logger = LoggerFactory.getLogger(RedisOnlineTicketService.class); protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes. @@ -37,9 +38,12 @@ public class RedisOnlineTicketService implements OnlineTicketService { /** * @param connectionFactory */ - public RedisOnlineTicketService(RedisConnectionFactory connectionFactory) { + public RedisOnlineTicketService( + RedisConnectionFactory connectionFactory, + JdbcTemplate jdbcTemplate) { super(); this.connectionFactory = connectionFactory; + this.jdbcTemplate = jdbcTemplate; } /** diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java index b4836e06c..e574ea26e 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java @@ -20,7 +20,6 @@ package org.maxkey.authn.realm; import java.util.ArrayList; import java.util.Date; import java.util.List; -import javax.servlet.http.HttpServletResponse; import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService; @@ -157,32 +156,6 @@ public abstract class AbstractAuthenticationRealm { return true; } - - /** - * logout user and remove RemeberMe token - * @param response - * @return - */ - public boolean logout(HttpServletResponse response) { - Authentication authentication = (Authentication ) WebContext.getAttribute(WebConstants.AUTHENTICATION); - - if(authentication != null && authentication.getPrincipal() instanceof SigninPrincipal) { - SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal()); - UserInfo userInfo = signinPrincipal.getUserInfo(); - userInfo.setLastLogoffTime(DateUtils.formatDateTime(new Date())); - - loginHistoryRepository.logoff(userInfo.getLastLogoffTime(), signinPrincipal.getOnlineTicket().getTicketId()); - - - loginRepository.updateLastLogoff(userInfo); - - _logger.debug("Session " + signinPrincipal.getOnlineTicket().getTicketId() + ", user " - + userInfo.getUsername() + " Logout, datetime " + userInfo.getLastLogoffTime() + " ."); - } - return true; - - } - public Browser resolveBrowser() { Browser browser =new Browser(); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java index dd7bc9b44..8ff7a13eb 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.web; import java.text.ParseException; @@ -17,7 +34,7 @@ import org.springframework.security.core.Authentication; public class AuthorizationUtils { - static final String Authorization = "Authorization"; + static final String Authorization_Cookie = "AuthJWT"; public static void authenticateWithCookie( HttpServletRequest request, @@ -25,10 +42,10 @@ public class AuthorizationUtils { OnlineTicketService onlineTicketService ) throws ParseException{ if(getAuthentication() == null) { - Cookie authCookie = WebContext.getCookie(request, Authorization); + Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie); if(authCookie != null ) { String authorization = authCookie.getValue(); - doAuthenticate(authorization,authJwtService,onlineTicketService); + doJwtAuthenticate(authorization,authJwtService,onlineTicketService); } } } @@ -41,12 +58,12 @@ public class AuthorizationUtils { if(getAuthentication() == null) { String authorization = AuthorizationHeaderUtils.resolveBearer(request); if(authorization != null ) { - doAuthenticate(authorization,authJwtService,onlineTicketService); + doJwtAuthenticate(authorization,authJwtService,onlineTicketService); } } } - public static void doAuthenticate( + public static void doJwtAuthenticate( String authorization, AuthJwtService authJwtService, OnlineTicketService onlineTicketService) throws ParseException { @@ -59,13 +76,17 @@ public class AuthorizationUtils { } } - public static void setAuthentication(Authentication authentication) { WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication); } public static Authentication getAuthentication() { - Authentication authentication = (Authentication) WebContext.getAttribute(WebConstants.AUTHENTICATION); + Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest()); + return authentication; + } + + public static Authentication getAuthentication(HttpServletRequest request) { + Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION); return authentication; } @@ -74,22 +95,29 @@ public class AuthorizationUtils { } public static boolean isNotAuthenticated() { - return getAuthentication() == null; + return ! isAuthenticated(); } public static SigninPrincipal getPrincipal() { Authentication authentication = getAuthentication(); - return authentication == null ? null :(SigninPrincipal) authentication.getPrincipal(); + return getPrincipal(authentication); } - public static UserInfo getUserInfo() { - Authentication authentication = getAuthentication(); + public static SigninPrincipal getPrincipal(Authentication authentication) { + return authentication == null ? null : (SigninPrincipal) authentication.getPrincipal(); + } + + public static UserInfo getUserInfo(Authentication authentication) { UserInfo userInfo = null; - if(isAuthenticated() && (authentication.getPrincipal() instanceof SigninPrincipal)) { - SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal()); - userInfo = signinPrincipal.getUserInfo(); + SigninPrincipal principal = getPrincipal(authentication); + if(principal != null ) { + userInfo = principal.getUserInfo(); } return userInfo; } + + public static UserInfo getUserInfo() { + return getUserInfo(getAuthentication()); + } } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/CurrentUserMethodArgumentResolver.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/CurrentUserMethodArgumentResolver.java index cf025c2ca..d17b208b1 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/CurrentUserMethodArgumentResolver.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/CurrentUserMethodArgumentResolver.java @@ -1,6 +1,22 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.web; -import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.entity.UserInfo; import org.maxkey.web.WebConstants; @@ -14,23 +30,23 @@ import org.springframework.web.method.support.ModelAndViewContainer; import org.springframework.web.multipart.support.MissingServletRequestPartException; public class CurrentUserMethodArgumentResolver implements HandlerMethodArgumentResolver { + + @Override + public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception { + Authentication authentication = + (Authentication ) webRequest.getAttribute( + WebConstants.AUTHENTICATION, RequestAttributes.SCOPE_SESSION); + UserInfo userInfo = AuthorizationUtils.getUserInfo(authentication); + if (userInfo != null) { + return userInfo; + } + throw new MissingServletRequestPartException("currentUser"); + } + @Override public boolean supportsParameter(MethodParameter parameter) { return parameter.getParameterType().isAssignableFrom(UserInfo.class) && parameter.hasParameterAnnotation(CurrentUser.class); } - @Override - public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception { - UserInfo userInfo = null; - Authentication authentication = (Authentication ) webRequest.getAttribute(WebConstants.AUTHENTICATION, RequestAttributes.SCOPE_SESSION); - if((authentication != null) && (authentication.getPrincipal() instanceof SigninPrincipal)) { - SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal()); - userInfo = signinPrincipal.getUserInfo(); - if (userInfo != null) { - return userInfo; - } - } - throw new MissingServletRequestPartException("currentUser"); - } -} \ No newline at end of file +} diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java index 8c0556111..b8ec66bd6 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java @@ -1,5 +1,5 @@ /* - * Copyright [2021] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,48 +22,22 @@ import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSessionEvent; import javax.servlet.http.HttpSessionListener; -import org.apache.mybatis.jpa.util.WebContext; import org.maxkey.authn.SigninPrincipal; -import org.maxkey.entity.UserInfo; -import org.maxkey.persistence.repository.LoginHistoryRepository; -import org.maxkey.persistence.repository.LoginRepository; import org.maxkey.util.DateUtils; import org.maxkey.web.WebConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; @WebListener public class SessionListenerAdapter implements HttpSessionListener { - private static final Logger _logger = LoggerFactory.getLogger(SessionListenerAdapter.class); - LoginRepository loginRepository; - - LoginHistoryRepository loginHistoryRepository; - public SessionListenerAdapter() { super(); _logger.debug("SessionListenerAdapter inited . "); } - public SessionListenerAdapter(LoginRepository loginRepository, LoginHistoryRepository loginHistoryRepository) { - super(); - this.loginRepository = loginRepository; - this.loginHistoryRepository = loginHistoryRepository; - _logger.debug("SessionListenerAdapter inited . "); - } - - public void init() { - if(loginRepository == null ) { - loginRepository = (LoginRepository)WebContext.getBean("loginRepository"); - loginHistoryRepository = (LoginHistoryRepository)WebContext.getBean("loginHistoryRepository"); - _logger.debug("SessionListenerAdapter function inited . "); - } - _logger.info("SecurityContextHolder StrategyName " + SessionSecurityContextHolderStrategy.class.getCanonicalName()); - SecurityContextHolder.setStrategyName(SessionSecurityContextHolderStrategy.class.getCanonicalName()); - } /** * session Created */ @@ -79,31 +53,16 @@ public class SessionListenerAdapter implements HttpSessionListener { public void sessionDestroyed(HttpSessionEvent sessionEvent) { HttpSession session = sessionEvent.getSession(); Authentication authentication = (Authentication ) session.getAttribute(WebConstants.AUTHENTICATION); - if(authentication != null && authentication.getPrincipal() instanceof SigninPrincipal) { - SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal()); - _logger.trace("session Id : " + session.getId()); - init(); - UserInfo userInfo = signinPrincipal.getUserInfo(); - userInfo.setLastLogoffTime(DateUtils.formatDateTime(new Date())); - loginRepository.updateLastLogoff(userInfo); - loginHistoryRepository.logoff(userInfo.getLastLogoffTime(), userInfo.getOnlineTicket()); - - _logger.debug( - "session {} Destroyed as {} userId : {} , username : {}" , - userInfo.getOnlineTicket(), - userInfo.getLastLogoffTime(), - userInfo.getId(), - userInfo.getUsername()); + SigninPrincipal principal = AuthorizationUtils.getPrincipal(authentication); + if(principal != null ) { + _logger.trace("{} HttpSession Id {} for userId {} , username {} @Ticket {} Destroyed" , + DateUtils.formatDateTime(new Date()), + session.getId(), + principal.getUserInfo().getId(), + principal.getUserInfo().getUsername(), + principal.getOnlineTicket().getTicketId()); } } - public void setLoginRepository(LoginRepository loginRepository) { - this.loginRepository = loginRepository; - } - - public void setLoginHistoryRepository(LoginHistoryRepository loginHistoryRepository) { - this.loginHistoryRepository = loginHistoryRepository; - } - } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java index 13c2f99b0..7cf317864 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.authn.web; import java.io.IOException; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java index 8cea35061..f8307733a 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -33,8 +33,6 @@ import org.springframework.stereotype.Component; import org.springframework.web.servlet.AsyncHandlerInterceptor; /** * 权限Interceptor处理 - * 权限处理需在servlet.xml中配置 - * mvc:interceptors permission * @author Crystal.Sea * */ @@ -51,6 +49,8 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor { @Autowired AuthJwtService authJwtService ; + boolean mgmt = false; + /* * 请求前处理 * (non-Javadoc) @@ -60,25 +60,29 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor { public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { _logger.trace("PermissionAdapter preHandle"); AuthorizationUtils.authenticate(request, authJwtService, onlineTicketService); - //判断用户是否登录 - if(AuthorizationUtils.getAuthentication()==null - ||AuthorizationUtils.getAuthentication().getAuthorities()==null){//判断用户和角色,判断用户是否登录用户 + SigninPrincipal principal = AuthorizationUtils.getPrincipal(); + //判断用户是否登录,判断用户是否登录用户 + if(principal == null){ _logger.trace("No Authentication ... forward to /auth/entrypoint"); RequestDispatcher dispatcher = request.getRequestDispatcher("/auth/entrypoint"); dispatcher.forward(request, response); return false; } - //非管理员用户直接注销 - if (!((SigninPrincipal) AuthorizationUtils.getAuthentication().getPrincipal()).isRoleAdministrators()) { + //管理端必须使用管理员登录,非管理员用户直接注销 + if (this.mgmt && !principal.isRoleAdministrators()) { _logger.debug("Not ADMINISTRATORS Authentication ."); - RequestDispatcher dispatcher = request.getRequestDispatcher("/logout"); + RequestDispatcher dispatcher = request.getRequestDispatcher("/auth/entrypoint"); dispatcher.forward(request, response); return false; } - boolean hasAccess=true; - - return hasAccess; + return true; } + + public void setMgmt(boolean mgmt) { + this.mgmt = mgmt; + _logger.debug("Permission for ADMINISTRATORS {}", this.mgmt); + } + } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java index 2391b76d0..be5f31de0 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java @@ -1 +1,18 @@ -package org.maxkey.authn.web.interceptor; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authn.web.interceptor; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/package-info.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/package-info.java index 5d70dd6c8..4d4749b90 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/package-info.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/package-info.java @@ -1 +1,18 @@ -package org.maxkey.authn.web; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.authn.web; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java index fdce3c1f9..9bb42267d 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java @@ -137,13 +137,8 @@ public class AuthenticationAutoConfiguration implements InitializingBean { } @Bean(name = "sessionListenerAdapter") - public SessionListenerAdapter sessionListenerAdapter( - LoginRepository loginRepository, - LoginHistoryRepository loginHistoryRepository - ) { - SessionListenerAdapter sessionListenerAdapter = - new SessionListenerAdapter(loginRepository,loginHistoryRepository); - return sessionListenerAdapter; + public SessionListenerAdapter sessionListenerAdapter() { + return new SessionListenerAdapter(); } @Override diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/config/AuthMxkDefaultSource.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/config/AuthMxkDefaultSource.java index 19e611531..4f171bb94 100644 --- a/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/config/AuthMxkDefaultSource.java +++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/config/AuthMxkDefaultSource.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package me.zhyd.oauth.config; import me.zhyd.oauth.request.AuthDefaultRequest; diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/request/AuthFeishu2Request.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/request/AuthFeishu2Request.java index 55aca6db0..432fcc20b 100644 --- a/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/request/AuthFeishu2Request.java +++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/request/AuthFeishu2Request.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package me.zhyd.oauth.request; import com.alibaba.fastjson.JSON; @@ -152,4 +169,4 @@ public class AuthFeishu2Request extends AuthDefaultRequest { } } -} \ No newline at end of file +} diff --git a/maxkey-common/src/main/java/org/maxkey/crypto/jwt/HMAC512Service.java b/maxkey-common/src/main/java/org/maxkey/crypto/jwt/HMAC512Service.java index 33cfdfaec..6cbab2793 100644 --- a/maxkey-common/src/main/java/org/maxkey/crypto/jwt/HMAC512Service.java +++ b/maxkey-common/src/main/java/org/maxkey/crypto/jwt/HMAC512Service.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.crypto.jwt; import java.text.ParseException; diff --git a/maxkey-common/src/main/java/org/maxkey/entity/Message.java b/maxkey-common/src/main/java/org/maxkey/entity/Message.java index 38906f40a..fa251edf7 100644 --- a/maxkey-common/src/main/java/org/maxkey/entity/Message.java +++ b/maxkey-common/src/main/java/org/maxkey/entity/Message.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.entity; import org.springframework.http.ResponseEntity; diff --git a/maxkey-common/src/test/java/org/maxkey/crypto/signature/HMAC512ServiceTest.java b/maxkey-common/src/test/java/org/maxkey/crypto/signature/HMAC512ServiceTest.java index ac4c4d051..aad22f705 100644 --- a/maxkey-common/src/test/java/org/maxkey/crypto/signature/HMAC512ServiceTest.java +++ b/maxkey-common/src/test/java/org/maxkey/crypto/signature/HMAC512ServiceTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.crypto.signature; import org.maxkey.crypto.jwt.HMAC512Service; diff --git a/maxkey-common/src/test/java/org/maxkey/crypto/signature/HS512SignerTest.java b/maxkey-common/src/test/java/org/maxkey/crypto/signature/HS512SignerTest.java index af33e3398..700338f1b 100644 --- a/maxkey-common/src/test/java/org/maxkey/crypto/signature/HS512SignerTest.java +++ b/maxkey-common/src/test/java/org/maxkey/crypto/signature/HS512SignerTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.crypto.signature; import java.text.ParseException; diff --git a/maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java b/maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java index eb0fedfe2..2f71f10bb 100644 --- a/maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java +++ b/maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.configuration; import org.springframework.beans.factory.annotation.Value; diff --git a/maxkey-core/src/main/java/org/maxkey/entity/FileUpload.java b/maxkey-core/src/main/java/org/maxkey/entity/FileUpload.java index a033dc038..402af3b7c 100644 --- a/maxkey-core/src/main/java/org/maxkey/entity/FileUpload.java +++ b/maxkey-core/src/main/java/org/maxkey/entity/FileUpload.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.entity; import javax.persistence.Column; diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginHistoryRepository.java b/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginHistoryRepository.java index 9afe3a43e..aecdf4869 100644 --- a/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginHistoryRepository.java +++ b/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginHistoryRepository.java @@ -18,7 +18,6 @@ package org.maxkey.persistence.repository; import java.sql.Types; - import org.maxkey.entity.HistoryLogin; import org.maxkey.web.WebContext; import org.slf4j.Logger; @@ -30,8 +29,6 @@ public class LoginHistoryRepository { private static final String HISTORY_LOGIN_INSERT_STATEMENT = "insert into mxk_history_login (id , sessionid , userid , username , displayname , logintype , message , code , provider , sourceip , ipregion , iplocation, browser , platform , application , loginurl , sessionstatus ,instid)values( ? , ? , ? , ? , ? , ? , ? , ? , ?, ? , ? , ?, ? , ? , ?, ? , ? , ?)"; - private static final String HISTORY_LOGOUT_UPDATE_STATEMENT = "update mxk_history_login set logouttime = ? ,sessionstatus = 7 where sessionid = ?"; - protected JdbcTemplate jdbcTemplate; public LoginHistoryRepository(JdbcTemplate jdbcTemplate) { @@ -58,21 +55,4 @@ public class LoginHistoryRepository { }); } - - - public void logoff(String lastLogoffTime,String sessionId) { - _logger.debug(" sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime); - jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT, - new Object[] { lastLogoffTime, sessionId }, - new int[] { Types.VARCHAR, Types.VARCHAR }); - } - - public void logoff(HistoryLogin historyLogin) { - _logger.debug(" sessionId {} , LogoutTime {}" , - historyLogin.getSessionId(), historyLogin.getLogoutTime() - ); - jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT, - new Object[] { historyLogin.getLogoutTime(), historyLogin.getSessionId() }, - new int[] { Types.VARCHAR, Types.VARCHAR }); - } } diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java b/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java index a3765e11c..fe1e6cf56 100644 --- a/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java +++ b/maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java @@ -49,8 +49,7 @@ public class LoginRepository { private static final String LOGIN_USERINFO_UPDATE_STATEMENT = "update mxk_userinfo set lastlogintime = ? , lastloginip = ? , logincount = ?, online = " + UserInfo.ONLINE.ONLINE + " where id = ?"; - private static final String LOGOUT_USERINFO_UPDATE_STATEMENT = "update mxk_userinfo set lastlogofftime = ? , online = " - + UserInfo.ONLINE.OFFLINE + " where id = ?"; + private static final String GROUPS_SELECT_STATEMENT = "select distinct g.id,g.name from mxk_userinfo u,mxk_groups g,mxk_group_member gm where u.id = ? and u.id=gm.memberid and gm.groupid=g.id "; @@ -260,12 +259,6 @@ public class LoginRepository { new int[] { Types.TIMESTAMP, Types.VARCHAR, Types.INTEGER, Types.VARCHAR }); } - public void updateLastLogoff(UserInfo userInfo) { - jdbcTemplate.update( LOGOUT_USERINFO_UPDATE_STATEMENT, - new Object[] { userInfo.getLastLogoffTime(), userInfo.getId() }, - new int[] { Types.TIMESTAMP, Types.VARCHAR }); - } - public class UserInfoRowMapper implements RowMapper { @Override public UserInfo mapRow(ResultSet rs, int rowNum) throws SQLException { diff --git a/maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java b/maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java index 8be4407dd..466bc565d 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java +++ b/maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web; import javax.servlet.http.HttpServletRequest; diff --git a/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java b/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java index 40e929f30..445966cf8 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java +++ b/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/AbstractIpRegion.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/AbstractIpRegion.java index 0a3212f8c..798514343 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/AbstractIpRegion.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/AbstractIpRegion.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; public abstract class AbstractIpRegion implements IpRegion{ diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegion.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegion.java index 58a3ec6df..145c4c97a 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegion.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegion.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; public interface IpRegion { diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionFactory.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionFactory.java index c61219237..7b1270687 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionFactory.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionFactory.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import java.util.ArrayList; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138.java index 22a9bb121..8d47eac96 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import java.io.IOException; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138Response.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138Response.java index 36c865e73..4538e8b20 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138Response.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138Response.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360.java index dfb14358a..832b0cb1e 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import java.io.IOException; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360Response.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360Response.java index f6e357e08..1bd8484d8 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360Response.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360Response.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; public class IpRegionIp360Response { diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpchaxun.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpchaxun.java index 9a509f785..3140c2056 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpchaxun.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpchaxun.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import java.io.IOException; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpcn.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpcn.java index 72640f95f..482a17ae0 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpcn.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpcn.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import java.io.IOException; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionLocal.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionLocal.java index 3f1fc3e1c..8822fafd1 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionLocal.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionLocal.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; public class IpRegionLocal extends AbstractIpRegion implements IpRegion{ diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconline.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconline.java index e3420057c..6061b60f2 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconline.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconline.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.maxkey.util.JsonUtils; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconlineResponse.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconlineResponse.java index b25c4c19b..8958e67fa 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconlineResponse.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconlineResponse.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; diff --git a/maxkey-core/src/main/java/org/maxkey/web/ipregion/package-info.java b/maxkey-core/src/main/java/org/maxkey/web/ipregion/package-info.java index 533ed516a..58e938893 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/ipregion/package-info.java +++ b/maxkey-core/src/main/java/org/maxkey/web/ipregion/package-info.java @@ -1 +1,18 @@ -package org.maxkey.web.ipregion; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.web.ipregion; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionFactoryTest.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionFactoryTest.java index b739e277d..b17e1a9dc 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionFactoryTest.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionFactoryTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp138Test.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp138Test.java index 2e26aceec..14951d283 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp138Test.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp138Test.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp360Test.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp360Test.java index 333585725..d5fca42bf 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp360Test.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp360Test.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpchaxunTest.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpchaxunTest.java index 1caaceac7..d4d3525e3 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpchaxunTest.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpchaxunTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpcnTest.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpcnTest.java index 7109d9ad7..ac29f4bb4 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpcnTest.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpcnTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionPconlineTest.java b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionPconlineTest.java index 20df79d7f..60d2a7df5 100644 --- a/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionPconlineTest.java +++ b/maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionPconlineTest.java @@ -1,3 +1,20 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + package org.maxkey.web.ipregion; import org.junit.Test; diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MqPersistService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MessageQueueService.java similarity index 98% rename from maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MqPersistService.java rename to maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MessageQueueService.java index c0a105364..3e6467a14 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MqPersistService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MessageQueueService.java @@ -32,8 +32,8 @@ import org.springframework.kafka.core.KafkaTemplate; import org.springframework.stereotype.Component; @Component -public class MqPersistService { - private static final Logger _logger = LoggerFactory.getLogger(MqPersistService.class); +public class MessageQueueService { + private static final Logger _logger = LoggerFactory.getLogger(MessageQueueService.class); @Autowired protected ApplicationConfig applicationConfig; diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java index d4febb471..4446fe2a0 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java @@ -29,7 +29,7 @@ import org.maxkey.entity.UserInfo; import org.maxkey.persistence.mapper.AccountsMapper; import org.maxkey.persistence.mq.MqIdentityAction; import org.maxkey.persistence.mq.MqIdentityTopic; -import org.maxkey.persistence.mq.MqPersistService; +import org.maxkey.persistence.mq.MessageQueueService; import org.maxkey.util.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Repository; @@ -45,7 +45,7 @@ import net.sourceforge.pinyin4j.format.exception.BadHanyuPinyinOutputFormatCombi public class AccountsService extends JpaBaseService{ @Autowired - MqPersistService mqPersistService; + MessageQueueService mqPersistService; @Autowired UserInfoService userInfoService; diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/HistoryLoginService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/HistoryLoginService.java index 47372d6dd..3015aafd8 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/HistoryLoginService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/HistoryLoginService.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/OrganizationsService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/OrganizationsService.java index d9453a8f6..d449b8bcd 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/OrganizationsService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/OrganizationsService.java @@ -26,7 +26,7 @@ import org.maxkey.entity.Organizations; import org.maxkey.persistence.mapper.OrganizationsMapper; import org.maxkey.persistence.mq.MqIdentityAction; import org.maxkey.persistence.mq.MqIdentityTopic; -import org.maxkey.persistence.mq.MqPersistService; +import org.maxkey.persistence.mq.MessageQueueService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Repository; @@ -35,7 +35,7 @@ import org.springframework.stereotype.Repository; public class OrganizationsService extends JpaBaseService{ @Autowired - MqPersistService mqPersistService; + MessageQueueService messageQueueService; public OrganizationsService() { super(OrganizationsMapper.class); @@ -51,7 +51,7 @@ public class OrganizationsService extends JpaBaseService{ public boolean insert(Organizations organization) { if(super.insert(organization)){ - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.CREATE_ACTION); return true; } @@ -60,7 +60,7 @@ public class OrganizationsService extends JpaBaseService{ public boolean update(Organizations organization) { if(super.update(organization)){ - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.UPDATE_ACTION); return true; } @@ -84,7 +84,7 @@ public class OrganizationsService extends JpaBaseService{ public boolean delete(Organizations organization) { if(super.delete(organization)){ - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.DELETE_ACTION); return true; } diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java index 4d2608f92..f3d50dc57 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java @@ -29,7 +29,7 @@ import org.maxkey.entity.UserInfo; import org.maxkey.persistence.mapper.UserInfoMapper; import org.maxkey.persistence.mq.MqIdentityAction; import org.maxkey.persistence.mq.MqIdentityTopic; -import org.maxkey.persistence.mq.MqPersistService; +import org.maxkey.persistence.mq.MessageQueueService; import org.maxkey.persistence.repository.PasswordPolicyValidator; import org.maxkey.util.DateUtils; import org.maxkey.util.StringUtils; @@ -37,7 +37,6 @@ import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Repository; @@ -57,12 +56,9 @@ public class UserInfoService extends JpaBaseService { PasswordPolicyValidator passwordPolicyValidator; @Autowired - MqPersistService mqPersistService; - - @Autowired - protected JdbcTemplate jdbcTemplate; - - AccountsService accountsService; + MessageQueueService messageQueueService; + + AccountsService accountsService; public UserInfoService() { super(UserInfoMapper.class); @@ -79,9 +75,9 @@ public class UserInfoService extends JpaBaseService { public boolean insert(UserInfo userInfo) { this.passwordEncoder(userInfo); if (super.insert(userInfo)) { - if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) { + if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) { UserInfo loadUserInfo = findUserRelated(userInfo.getId()); - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.USERINFO_TOPIC, loadUserInfo, MqIdentityAction.CREATE_ACTION); @@ -96,10 +92,10 @@ public class UserInfoService extends JpaBaseService { public boolean update(UserInfo userInfo) { ChangePassword changePassword = this.passwordEncoder(userInfo); if (super.update(userInfo)) { - if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) { + if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) { UserInfo loadUserInfo = findUserRelated(userInfo.getId()); accountUpdate(loadUserInfo); - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.USERINFO_TOPIC, loadUserInfo, MqIdentityAction.UPDATE_ACTION); @@ -113,12 +109,12 @@ public class UserInfoService extends JpaBaseService { public boolean delete(UserInfo userInfo) { UserInfo loadUserInfo = null; - if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) { + if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) { loadUserInfo = findUserRelated(userInfo.getId()); } if( super.delete(userInfo)){ - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.USERINFO_TOPIC, loadUserInfo, MqIdentityAction.DELETE_ACTION); @@ -313,7 +309,7 @@ public class UserInfoService extends JpaBaseService { if(changePassworded !=null && StringUtils.isNotBlank(changePassworded.getPassword())) { UserInfo loadUserInfo = findByUsername(changePassworded.getUsername()); ChangePassword changePassword = new ChangePassword(loadUserInfo); - mqPersistService.send( + messageQueueService.send( MqIdentityTopic.PASSWORD_TOPIC, changePassword, MqIdentityAction.PASSWORD_ACTION); diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java index a56e66736..d21dbb4a6 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java @@ -42,6 +42,6 @@ public class OnlineTicketEndpoint { public String ticketValidate( @RequestParam(value ="ticket",required = true) String ticket) { OnlineTicket onlineTicket = onlineTicketService.get(ticket); - return onlineTicket == null ? "" : onlineTicket.getTicketId(); + return onlineTicket == null ? "" : onlineTicket.getFormattedTicketId(); } } diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java index 81f774ba0..8bb2b6b14 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -44,7 +44,7 @@ public abstract class AbstractAuthorizeAdapter { protected Accounts account; - protected SigninPrincipal authentication; + protected SigninPrincipal principal; public abstract Object generateInfo(); @@ -127,12 +127,9 @@ public abstract class AbstractAuthorizeAdapter { return ""; }; - public void setAuthentication(SigninPrincipal authentication) { - this.authentication = authentication; - } - - public void setUserInfo(UserInfo userInfo) { - this.userInfo = userInfo; + public void setPrincipal(SigninPrincipal principal) { + this.principal = principal; + this.userInfo = principal.getUserInfo(); } public void setApp(Apps app) { diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java index 16a977c26..dce8ecbc5 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java @@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{ logoutParameters.put("principal", authentication.getName()); logoutParameters.put("request", "logoutRequest"); logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP)); - logoutParameters.put("ticket", ((SigninPrincipal)authentication.getPrincipal()).getOnlineTicket().getTicketId()); + logoutParameters.put("ticket", ((SigninPrincipal)authentication.getPrincipal()).getOnlineTicket().getFormattedTicketId()); postMessage(logoutApp.getLogoutUrl(),logoutParameters); } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java index 36ca11b1a..8a2eaf5dd 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java @@ -36,7 +36,6 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.constants.ConstsBoolean; -import org.maxkey.entity.UserInfo; import org.maxkey.util.Instance; import org.maxkey.util.StringUtils; import org.maxkey.web.HttpResponseConstants; @@ -228,11 +227,8 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message _logger.error("setProperty error . ", e); } - UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername()); - AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter; - adapter.setAuthentication(authentication); - adapter.setUserInfo(userInfo); + adapter.setPrincipal(authentication); adapter.setApp(storedTicket.getCasDetails()); adapter.generateInfo(); } @@ -345,11 +341,8 @@ Response on ticket validation failure: _logger.error("setProperty error . ", e); } - UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername()); - AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter; - adapter.setAuthentication(authentication); - adapter.setUserInfo(userInfo); + adapter.setPrincipal(authentication); adapter.setApp(storedTicket.getCasDetails()); adapter.generateInfo(); } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java index 7d943042b..544d207aa 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java @@ -36,7 +36,6 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl; import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.constants.ConstsBoolean; -import org.maxkey.entity.UserInfo; import org.maxkey.util.Instance; import org.maxkey.util.StringUtils; import org.maxkey.web.HttpResponseConstants; @@ -109,11 +108,8 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ _logger.error("setProperty error . ", e); } - UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername()); - AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter; - adapter.setAuthentication(authentication); - adapter.setUserInfo(userInfo); + adapter.setPrincipal(authentication); adapter.setApp(storedTicket.getCasDetails()); adapter.generateInfo(); } @@ -190,11 +186,8 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ _logger.error("setProperty error . ", e); } - UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername()); - AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter; - adapter.setAuthentication(authentication); - adapter.setUserInfo(userInfo); + adapter.setPrincipal(authentication); adapter.setApp(storedTicket.getCasDetails()); adapter.generateInfo(); } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java index d3f4b23db..f016e8d26 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java @@ -149,7 +149,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ } if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) { - String onlineTicketId = AuthorizationUtils.getPrincipal().getOnlineTicket().getTicketId(); + String onlineTicketId = AuthorizationUtils.getPrincipal().getOnlineTicket().getFormattedTicketId(); OnlineTicket onlineTicket = onlineTicketService.get(onlineTicketId); //set cas ticket as OnlineTicketId casDetails.setOnlineTicket(ticket); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java index 5c595e00b..ea104e847 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -75,7 +75,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter { serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId()); serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion())); serviceResponseBuilder.setAttribute("institution", userInfo.getInstId()); - serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,authentication.getOnlineTicket().getTicketId()); + serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getOnlineTicket().getFormattedTicketId()); return serviceResponseBuilder; } diff --git a/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java index 43af4321d..031d98890 100644 --- a/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java @@ -67,8 +67,7 @@ public class ExtendApiAuthorizeEndpoint extends AuthorizeBaseEndpoint{ return generateInitCredentialModelAndView(id,"/authorize/api/"+id); } - adapter.setAuthentication(AuthorizationUtils.getPrincipal()); - adapter.setUserInfo(currentUser); + adapter.setPrincipal(AuthorizationUtils.getPrincipal()); adapter.setApp(apps); adapter.setAccount(account); diff --git a/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java index 0f56328b3..553e4d063 100644 --- a/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java @@ -90,8 +90,7 @@ public class FormBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{ FormBasedDefaultAdapter formBasedDefaultAdapter =new FormBasedDefaultAdapter(); adapter =(AbstractAuthorizeAdapter)formBasedDefaultAdapter; } - adapter.setAuthentication(AuthorizationUtils.getPrincipal()); - adapter.setUserInfo(currentUser); + adapter.setPrincipal(AuthorizationUtils.getPrincipal()); adapter.setApp(formBasedDetails); adapter.setAccount(account); diff --git a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java index e6f7e31be..2a8d65b82 100644 --- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java +++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java @@ -82,7 +82,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter { .claim("user_id", userInfo.getId()) .claim("external_id", userInfo.getId()) .claim("locale", userInfo.getLocale()) - .claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId()) + .claim(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId()) .claim("kid", jwtDetails.getId()+ "_sig") .claim("institution", userInfo.getInstId()) .build(); diff --git a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java index 29b944cde..b4d2b27be 100644 --- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java @@ -101,8 +101,7 @@ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{ adapter = (AbstractAuthorizeAdapter)jwtAdapter; } - adapter.setAuthentication(AuthorizationUtils.getPrincipal()); - adapter.setUserInfo(currentUser); + adapter.setPrincipal(AuthorizationUtils.getPrincipal()); adapter.generateInfo(); //sign diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java index 1bc417bbc..d7b43c7b7 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java @@ -47,25 +47,25 @@ public class OAuth2UserDetailsService implements UserDetailsService { String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase(); - SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo); + SigninPrincipal principal = new SigninPrincipal(userInfo); OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId); //set OnlineTicket - signinPrincipal.setOnlineTicket(onlineTicket); + principal.setOnlineTicket(onlineTicket); ArrayList grantedAuthoritys = loginRepository.grantAuthority(userInfo); - signinPrincipal.setAuthenticated(true); + principal.setAuthenticated(true); for(GrantedAuthority administratorsAuthority : AbstractAuthenticationProvider.grantedAdministratorsAuthoritys) { if(grantedAuthoritys.contains(administratorsAuthority)) { - signinPrincipal.setRoleAdministrators(true); + principal.setRoleAdministrators(true); _logger.trace("ROLE ADMINISTRATORS Authentication ."); } } _logger.debug("Granted Authority " + grantedAuthoritys); - signinPrincipal.setGrantedAuthorityApps(grantedAuthoritys); + principal.setGrantedAuthorityApps(grantedAuthoritys); - return signinPrincipal; + return principal; } public void setLoginRepository(LoginRepository loginRepository) { diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java index bb0c2c975..5addaee94 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java index f90339741..f629cc321 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -66,7 +66,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter { beanMap.put("state", userInfo.getWorkRegion()); beanMap.put("gender", userInfo.getGender()); beanMap.put("institution", userInfo.getInstId()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId()); String info= JsonUtils.object2Json(beanMap); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java index 231eeee9c..6abe38219 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java @@ -93,18 +93,14 @@ public class UserInfoEndpoint { httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json"); } - String principal=""; OAuth2Authentication oAuth2Authentication =null; try{ oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token); - principal=((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal()).getUsername(); - String client_id= oAuth2Authentication.getOAuth2Request().getClientId(); ClientDetails clientDetails = clientDetailsService.loadClientByClientId(client_id,true); - UserInfo userInfo=queryUserInfo(principal); Apps app = appsService.get(client_id); AbstractAuthorizeAdapter adapter; @@ -118,8 +114,7 @@ public class UserInfoEndpoint { }else{ adapter =(AbstractAuthorizeAdapter)new OAuthDefaultUserInfoAdapter(clientDetails); } - adapter.setAuthentication((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal()); - adapter.setUserInfo(userInfo); + adapter.setPrincipal((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal()); adapter.setApp(app); Object jsonData = adapter.generateInfo(); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java index bbb6186a6..0fe9ac4c0 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java @@ -134,7 +134,7 @@ public class UserInfoOIDCEndpoint { jwtClaimsSetBuilder.claim("sub", subject); jwtClaimsSetBuilder.claim("institution", userInfo.getInstId()); - jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId()); + jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getFormattedTicketId()); if(scopes.contains("profile")){ jwtClaimsSetBuilder.claim("userId", userInfo.getId()); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java index 2cda1fd22..a0ee5894d 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -78,7 +78,7 @@ public class AssertionEndpoint { logger.debug("AuthnRequestInfo: {}", authnRequestInfo); HashMap attributeMap=new HashMap(); attributeMap.put(WebConstants.ONLINE_TICKET_NAME, - AuthorizationUtils.getPrincipal().getOnlineTicket().getTicketId()); + AuthorizationUtils.getPrincipal().getOnlineTicket().getFormattedTicketId()); //saml20Details Response authResponse = authnResponseGenerator.generateAuthnResponse( diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java index ac278a5dd..cd39d3957 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java @@ -87,8 +87,7 @@ public class TokenBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{ }else{ adapter =(AbstractAuthorizeAdapter)new TokenBasedDefaultAdapter(); } - adapter.setAuthentication(AuthorizationUtils.getPrincipal()); - adapter.setUserInfo(currentUser); + adapter.setPrincipal(AuthorizationUtils.getPrincipal()); adapter.setApp(tokenBasedDetails); adapter.generateInfo(); diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java index 9c4dc88cf..6649f7b14 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java @@ -73,7 +73,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter { } beanMap.put("displayName", userInfo.getDisplayName()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId()); /* * use UTC date time format diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java index 9d94fe1df..1ccee5d73 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java index 160086f48..2ba835a2f 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java @@ -33,7 +33,6 @@ import org.maxkey.web.interceptor.SingleSignOnInterceptor; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -49,15 +48,12 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer { private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMvcConfig.class); @Autowired - @Qualifier("applicationConfig") ApplicationConfig applicationConfig; @Autowired - @Qualifier("authenticationProvider") AbstractAuthenticationProvider authenticationProvider ; @Autowired - @Qualifier("kerberosService") KerberosService kerberosService; @Autowired diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java index f2899d558..c0b364283 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,8 +25,6 @@ import org.maxkey.authn.online.OnlineTicketService; import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.Message; import org.maxkey.entity.UserInfo; -import org.maxkey.persistence.repository.LoginHistoryRepository; -import org.maxkey.persistence.repository.LoginRepository; import org.maxkey.persistence.service.HistoryLoginService; import org.maxkey.util.DateUtils; import org.maxkey.util.StringUtils; @@ -57,11 +55,6 @@ public class LoginSessionController { @Autowired HistoryLoginService historyLoginService; - @Autowired - LoginRepository loginRepository; - - @Autowired - LoginHistoryRepository loginHistoryRepository; @Autowired OnlineTicketService onlineTicketService; @@ -85,8 +78,6 @@ public class LoginSessionController { ).buildResponse(); } - - @ResponseBody @RequestMapping(value="/terminate") public ResponseEntity terminate(@RequestParam("ids") String ids,@CurrentUser UserInfo currentUser) { @@ -98,10 +89,11 @@ public class LoginSessionController { if(currentUser.getOnlineTicket().contains(sessionId)) { continue;//skip current session } - String lastLogoffTime = DateUtils.formatDateTime(new Date()); - loginRepository.updateLastLogoff(currentUser); - loginHistoryRepository.logoff(lastLogoffTime, sessionId); - onlineTicketService.remove("OT-" + sessionId); + + onlineTicketService.terminate( + sessionId, + currentUser.getId(), + currentUser.getUsername()); } isTerminated = true; }catch(Exception e) { diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/package-info.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/package-info.java index 2b2fa3501..576357e2b 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/package-info.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/package-info.java @@ -1 +1,18 @@ -package org.maxkey.web.access.contorller; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.web.access.contorller; diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java index 6593a0f1e..e71d6239a 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java index 172dbb7ae..b78b8aa02 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,141 +19,66 @@ package org.maxkey.web.endpoint; import java.util.Iterator; import java.util.Set; -import java.util.UUID; import java.util.Map.Entry; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; +import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.authn.online.OnlineTicket; import org.maxkey.authn.online.OnlineTicketService; -import org.maxkey.authn.realm.AbstractAuthenticationRealm; -import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authz.singlelogout.SamlSingleLogout; import org.maxkey.authz.singlelogout.DefaultSingleLogout; import org.maxkey.authz.singlelogout.LogoutType; import org.maxkey.authz.singlelogout.SingleLogout; -import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstsProtocols; +import org.maxkey.entity.Message; +import org.maxkey.entity.UserInfo; import org.maxkey.entity.apps.Apps; -import org.maxkey.web.WebConstants; -import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.savedrequest.SavedRequest; +import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.servlet.ModelAndView; - import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; @Tag(name = "1-3-单点注销接口文档模块") @Controller public class LogoutEndpoint { - private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class); - - public static final String RE_LOGIN_URL = "reLoginUrl"; - - @Autowired - @Qualifier("authenticationRealm") - AbstractAuthenticationRealm authenticationRealm; - - @Autowired - ApplicationConfig applicationConfig; - + @Autowired protected OnlineTicketService onlineTicketService; @Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET") - @RequestMapping(value={"/logout"}) - public ModelAndView logout( - HttpServletRequest request, - HttpServletResponse response, - @RequestParam(value=RE_LOGIN_URL,required=false) String reLoginUrl){ - - return logoutModelAndView(request,response,"loggedout",reLoginUrl); - } - - @Operation(summary = "登录超时接口", description = "",method="GET") - @RequestMapping(value={"/timeout"}) - public ModelAndView timeout(HttpServletRequest request, HttpServletResponse response){ - return logoutModelAndView(request,response,"timeout",null); - } - - - private ModelAndView logoutModelAndView( - HttpServletRequest request, - HttpServletResponse response, - String viewName, - String reLoginUrl){ - ModelAndView modelAndView = new ModelAndView(); - authenticationRealm.logout(response); - - if(reLoginUrl==null ||reLoginUrl.equals("")){ - SavedRequest firstSavedRequest = (SavedRequest)WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER); - reLoginUrl="/login"; - if(firstSavedRequest!=null){ - reLoginUrl= firstSavedRequest.getRedirectUrl(); - WebContext.removeAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER); - } - } - - //not start with http or https - if(reLoginUrl!=null && !reLoginUrl.toLowerCase().startsWith("http")) { - if(reLoginUrl.startsWith("/")) { - reLoginUrl=request.getContextPath()+reLoginUrl; - }else { - reLoginUrl=request.getContextPath()+"/"+reLoginUrl; - } - } - - _logger.debug("re Login URL : "+ reLoginUrl); - - modelAndView.addObject("reloginUrl",reLoginUrl); - - //if logined in have onlineTicket ,need remove or logout back - if(AuthorizationUtils.getAuthentication() != null) { - String onlineTicketId = (AuthorizationUtils.getPrincipal()).getOnlineTicket().getTicketId(); - OnlineTicket onlineTicket = onlineTicketService.get(onlineTicketId); - if(onlineTicket != null) { - Set> entrySet = onlineTicket.getAuthorizedApps().entrySet(); - - Iterator> iterator = entrySet.iterator(); - while (iterator.hasNext()) { - Entry mapEntry = iterator.next(); - _logger.debug("App Id : "+ mapEntry.getKey()+ " , " +mapEntry.getValue()); - if( mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL){ - SingleLogout singleLogout; - if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) { - singleLogout =new SamlSingleLogout(); - }else { - singleLogout = new DefaultSingleLogout(); - } - singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue()); - } - } - onlineTicketService.remove(onlineTicketId); - } + @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) + public ResponseEntity logout(@CurrentUser UserInfo currentUser){ + //if logined in have onlineTicket ,need remove or logout back + String onlineTicketId = currentUser.getOnlineTicket(); + OnlineTicket onlineTicket = onlineTicketService.get(onlineTicketId); + if(onlineTicket != null) { + Set> entrySet = onlineTicket.getAuthorizedApps().entrySet(); + + Iterator> iterator = entrySet.iterator(); + while (iterator.hasNext()) { + Entry mapEntry = iterator.next(); + _logger.debug("App Id : "+ mapEntry.getKey()+ " , " +mapEntry.getValue()); + if( mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL){ + SingleLogout singleLogout; + if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) { + singleLogout =new SamlSingleLogout(); + }else { + singleLogout = new DefaultSingleLogout(); + } + singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue()); + } + } + + onlineTicketService.terminate( + onlineTicketId, + currentUser.getId(), + currentUser.getUsername()); } - //remove ONLINE_TICKET cookie - WebContext.expiryCookie( - WebContext.getResponse(), - this.applicationConfig.getBaseDomainName(), - WebConstants.ONLINE_TICKET_NAME, - UUID.randomUUID().toString() - ); - request.getSession().invalidate(); - //for(String removeAttribute : WebContext.logoutAttributeNameList) { - // request.getSession().removeAttribute(removeAttribute); - //} - SecurityContextHolder.clearContext(); - - modelAndView.setViewName(viewName); - return modelAndView; + return new Message().buildResponse(); } } diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java index 93ff9c44d..526aeb785 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java @@ -32,8 +32,6 @@ import org.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.security.core.Authentication; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.stereotype.Component; import org.springframework.web.servlet.AsyncHandlerInterceptor; @@ -47,7 +45,6 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor { HistoryLoginAppsService historyLoginAppsService; @Autowired - @Qualifier("appsService") protected AppsService appsService; /** @@ -59,10 +56,9 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor { throws Exception { _logger.debug("preHandle"); final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP); - Authentication authentication = AuthorizationUtils.getAuthentication(); - if(authentication.getPrincipal() instanceof SigninPrincipal) { - SigninPrincipal signinPrincipal = (SigninPrincipal)authentication.getPrincipal() ; - if(signinPrincipal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) { + SigninPrincipal principal = AuthorizationUtils.getPrincipal(); + if(principal != null) { + if(principal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) { _logger.trace("preHandle have authority access " + app); return true; } @@ -85,12 +81,10 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor { final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP); - Authentication authentication = AuthorizationUtils.getAuthentication(); - if((authentication != null) - && (authentication.getPrincipal() instanceof SigninPrincipal)) { - SigninPrincipal signinPrincipal = AuthorizationUtils.getPrincipal(); - final UserInfo userInfo = signinPrincipal.getUserInfo(); - String sessionId = signinPrincipal.getOnlineTicket().getTicketId().substring(3); + SigninPrincipal principal = AuthorizationUtils.getPrincipal(); + if(principal != null) { + final UserInfo userInfo = principal.getUserInfo(); + String sessionId = principal.getOnlineTicket().getFormattedTicketId().substring(3); _logger.debug("sessionId : " + sessionId + " ,appId : " + app.getId()); HistoryLoginApps historyLoginApps = new HistoryLoginApps(); historyLoginApps.setAppId(app.getId()); diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java index 92c4da7a2..59111600e 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java index 374a2f210..e147ee84d 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,6 +19,8 @@ package org.maxkey; import org.maxkey.jobs.AccountsStrategyJob; import org.maxkey.jobs.DynamicGroupsJob; +import org.maxkey.persistence.repository.LoginHistoryRepository; +import org.maxkey.persistence.repository.LoginRepository; import org.maxkey.persistence.service.AccountsService; import org.maxkey.persistence.service.GroupsService; import org.opensaml.xml.ConfigurationException; @@ -134,6 +136,14 @@ public class MaxKeyMgtJobs implements InitializingBean { scheduler.scheduleJob(jobDetail,cronTrigger); } + public String SessionListenerJob( + SchedulerFactoryBean schedulerFactoryBean, + LoginRepository loginRepository, + LoginHistoryRepository loginHistoryRepository) { + + return "sessionListenerJob"; + } + @Override public void afterPropertiesSet() throws Exception { diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java index 4e95429f9..bbf2a1c9e 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -98,6 +98,8 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer { authenticationProvider,jwtLoginService,applicationConfig,true)) .addPathPatterns("/login"); + permissionInterceptor.setMgmt(true); + registry.addInterceptor(permissionInterceptor) .addPathPatterns("/dashboard/**") .addPathPatterns("/orgs/**") diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/AccountsStrategyJob.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/AccountsStrategyJob.java index e38ab82ce..068c11860 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/AccountsStrategyJob.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/AccountsStrategyJob.java @@ -1,5 +1,5 @@ /* - * Copyright [2021] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/DynamicRolesJob.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/DynamicRolesJob.java index 2d4afb3ed..604969a5e 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/DynamicRolesJob.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/DynamicRolesJob.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/OnlineTicketListenerJob.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/OnlineTicketListenerJob.java new file mode 100644 index 000000000..36e02e76c --- /dev/null +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/OnlineTicketListenerJob.java @@ -0,0 +1,38 @@ +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.maxkey.jobs; + +import java.io.Serializable; + +import org.quartz.Job; +import org.quartz.JobExecutionContext; +import org.quartz.JobExecutionException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class OnlineTicketListenerJob implements Job , Serializable { + final static Logger _logger = LoggerFactory.getLogger(OnlineTicketListenerJob.class); + + private static final long serialVersionUID = 4782358765969474833L; + + + @Override + public void execute(JobExecutionContext context) throws JobExecutionException { + // TODO Auto-generated method stub + + } + +} diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java index 5d67e29ef..60b90343e 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -97,10 +97,7 @@ public class LoginSessionController { if(currentUser.getOnlineTicket().contains(sessionId)) { continue;//skip current session } - String lastLogoffTime = DateUtils.formatDateTime(new Date()); - loginRepository.updateLastLogoff(currentUser); - loginHistoryRepository.logoff(lastLogoffTime, sessionId); - onlineTicketService.remove("OT-" + sessionId); + onlineTicketService.terminate(sessionId,currentUser.getId(),currentUser.getUsername()); } isTerminated = true; }catch(Exception e) { diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/package-info.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/package-info.java index 2b2fa3501..576357e2b 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/package-info.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/package-info.java @@ -1 +1,18 @@ -package org.maxkey.web.access.contorller; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.web.access.contorller; diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/config/contorller/package-info.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/config/contorller/package-info.java index 1e1e006a7..b1cc82664 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/config/contorller/package-info.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/config/contorller/package-info.java @@ -1 +1,18 @@ -package org.maxkey.web.config.contorller; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.web.config.contorller; diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java index 26d5b1280..58d1b06a9 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,62 +17,29 @@ package org.maxkey.web.contorller; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.maxkey.authn.realm.AbstractAuthenticationRealm; -import org.maxkey.web.WebConstants; -import org.maxkey.web.WebContext; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; +import org.maxkey.authn.annotation.CurrentUser; +import org.maxkey.authn.online.OnlineTicketService; +import org.maxkey.entity.Message; +import org.maxkey.entity.UserInfo; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.security.web.savedrequest.SavedRequest; +import org.springframework.http.MediaType; +import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.servlet.ModelAndView; @Controller public class LogoutEndpoint { - private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class); - - public static final String RE_LOGIN_URL = "reLoginUrl"; - @Autowired - @Qualifier("authenticationRealm") - AbstractAuthenticationRealm authenticationRealm; + protected OnlineTicketService onlineTicketService; - @RequestMapping(value={"/logout"}) - public ModelAndView logout( HttpServletRequest request, - HttpServletResponse response, - @RequestParam(value=RE_LOGIN_URL,required=false) String reLoginUrl){ - ModelAndView modelAndView = new ModelAndView(); - authenticationRealm.logout(response); - SavedRequest firstSavedRequest = (SavedRequest)WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER); - - if(reLoginUrl==null ||reLoginUrl.equals("")) { - reLoginUrl="/login"; - } - - if(firstSavedRequest!=null){ - reLoginUrl= firstSavedRequest.getRedirectUrl(); - } - - if(reLoginUrl!=null && !reLoginUrl.toLowerCase().startsWith("http")) { - if(reLoginUrl.startsWith("/")) { - reLoginUrl=request.getContextPath()+reLoginUrl; - }else { - reLoginUrl=request.getContextPath()+"/"+reLoginUrl; - } - } - _logger.debug("re Login URL : "+ reLoginUrl); - modelAndView.addObject("reloginUrl",reLoginUrl); - request.getSession().invalidate(); - - modelAndView.setViewName("loggedout"); - return modelAndView; + @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) + public ResponseEntity logout(@CurrentUser UserInfo currentUser){ + onlineTicketService.terminate( + currentUser.getOnlineTicket(), + currentUser.getId(), + currentUser.getUsername()); + return new Message().buildResponse(); } } diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/package-info.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/package-info.java index d17aa1257..028d25a14 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/package-info.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/package-info.java @@ -1 +1,18 @@ -package org.maxkey.web.permissions.contorller; \ No newline at end of file +/* + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.maxkey.web.permissions.contorller; -- GitLab