Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
cd00a039
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
9 个月 前同步成功
通知
75
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
cd00a039
编写于
11月 08, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
OnlineTicket
上级
06b27d35
变更
15
隐藏空白更改
内联
并排
Showing
15 changed file
with
131 addition
and
21 deletion
+131
-21
maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
...in/java/org/maxkey/authn/RealmAuthenticationProvider.java
+7
-2
maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java
...-core/src/main/java/org/maxkey/authn/SigninPrincipal.java
+4
-3
maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java
...org/maxkey/authn/online/InMemoryOnlineTicketServices.java
+36
-3
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java
...e/src/main/java/org/maxkey/authn/online/OnlineTicket.java
+17
-1
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java
...in/java/org/maxkey/authn/online/OnlineTicketServices.java
+5
-0
maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java
...va/org/maxkey/authn/online/RedisOnlineTicketServices.java
+28
-1
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java
.../java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java
+1
-1
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
...a/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
+1
-1
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
.../maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
+1
-1
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
...ovider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
+1
-1
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
...z/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+1
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
...key/authz/saml20/provider/endpoint/AssertionEndpoint.java
+1
-1
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
...uthz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
+1
-1
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
...src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+8
-0
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
...in/java/org/maxkey/web/interceptor/PermissionAdapter.java
+19
-4
未找到文件。
maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
浏览文件 @
cd00a039
...
@@ -149,6 +149,9 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
...
@@ -149,6 +149,9 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
String
onlineTickitId
=
WebConstants
.
ONLINE_TICKET_PREFIX
+
"-"
+
java
.
util
.
UUID
.
randomUUID
().
toString
().
toLowerCase
();
String
onlineTickitId
=
WebConstants
.
ONLINE_TICKET_PREFIX
+
"-"
+
java
.
util
.
UUID
.
randomUUID
().
toString
().
toLowerCase
();
_logger
.
debug
(
"set online Tickit Cookie "
+
onlineTickitId
+
" on domain "
+
this
.
applicationConfig
.
getBaseDomainName
());
_logger
.
debug
(
"set online Tickit Cookie "
+
onlineTickitId
+
" on domain "
+
this
.
applicationConfig
.
getBaseDomainName
());
OnlineTicket
onlineTicket
=
new
OnlineTicket
(
onlineTickitId
);
WebContext
.
setCookie
(
WebContext
.
getResponse
(),
WebContext
.
setCookie
(
WebContext
.
getResponse
(),
this
.
applicationConfig
.
getBaseDomainName
(),
this
.
applicationConfig
.
getBaseDomainName
(),
WebConstants
.
ONLINE_TICKET_NAME
,
WebConstants
.
ONLINE_TICKET_NAME
,
...
@@ -157,7 +160,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
...
@@ -157,7 +160,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
SigninPrincipal
signinPrincipal
=
new
SigninPrincipal
(
userInfo
);
SigninPrincipal
signinPrincipal
=
new
SigninPrincipal
(
userInfo
);
//set OnlineTicket
//set OnlineTicket
signinPrincipal
.
setOnlineTicket
(
onlineTick
itId
);
signinPrincipal
.
setOnlineTicket
(
onlineTick
et
);
ArrayList
<
GrantedAuthority
>
grantedAuthoritys
=
authenticationRealm
.
grantAuthority
(
userInfo
);
ArrayList
<
GrantedAuthority
>
grantedAuthoritys
=
authenticationRealm
.
grantAuthority
(
userInfo
);
//set default roles
//set default roles
grantedAuthoritys
.
add
(
new
SimpleGrantedAuthority
(
"ROLE_USER"
));
grantedAuthoritys
.
add
(
new
SimpleGrantedAuthority
(
"ROLE_USER"
));
...
@@ -182,8 +185,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
...
@@ -182,8 +185,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
authenticationToken
.
setDetails
(
authenticationToken
.
setDetails
(
new
WebAuthenticationDetails
(
WebContext
.
getRequest
()));
new
WebAuthenticationDetails
(
WebContext
.
getRequest
()));
OnlineTicket
onlineTicket
=
new
OnlineTicket
(
onlineTickitId
,
authenticationToken
);
onlineTicket
.
setAuthentication
(
authenticationToken
);
this
.
onlineTicketServices
.
store
(
onlineTickitId
,
onlineTicket
);
this
.
onlineTicketServices
.
store
(
onlineTickitId
,
onlineTicket
);
/*
/*
* put userInfo to current session context
* put userInfo to current session context
*/
*/
...
...
maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java
浏览文件 @
cd00a039
...
@@ -20,6 +20,7 @@ package org.maxkey.authn;
...
@@ -20,6 +20,7 @@ package org.maxkey.authn;
import
java.util.ArrayList
;
import
java.util.ArrayList
;
import
java.util.Collection
;
import
java.util.Collection
;
import
org.maxkey.authn.online.OnlineTicket
;
import
org.maxkey.domain.UserInfo
;
import
org.maxkey.domain.UserInfo
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.GrantedAuthority
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.security.core.userdetails.UserDetails
;
...
@@ -31,7 +32,7 @@ public class SigninPrincipal implements UserDetails {
...
@@ -31,7 +32,7 @@ public class SigninPrincipal implements UserDetails {
UserDetails
userDetails
;
UserDetails
userDetails
;
String
onlineTicket
;
OnlineTicket
onlineTicket
;
ArrayList
<
GrantedAuthority
>
grantedAuthority
;
ArrayList
<
GrantedAuthority
>
grantedAuthority
;
boolean
authenticated
;
boolean
authenticated
;
boolean
roleAdministrators
;
boolean
roleAdministrators
;
...
@@ -95,11 +96,11 @@ public class SigninPrincipal implements UserDetails {
...
@@ -95,11 +96,11 @@ public class SigninPrincipal implements UserDetails {
this
.
grantedAuthority
=
grantedAuthority
;
this
.
grantedAuthority
=
grantedAuthority
;
}
}
public
String
getOnlineTicket
()
{
public
OnlineTicket
getOnlineTicket
()
{
return
onlineTicket
;
return
onlineTicket
;
}
}
public
void
setOnlineTicket
(
String
onlineTicket
)
{
public
void
setOnlineTicket
(
OnlineTicket
onlineTicket
)
{
this
.
onlineTicket
=
onlineTicket
;
this
.
onlineTicket
=
onlineTicket
;
}
}
...
...
maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java
浏览文件 @
cd00a039
...
@@ -18,15 +18,19 @@
...
@@ -18,15 +18,19 @@
package
org.maxkey.authn.online
;
package
org.maxkey.authn.online
;
import
java.time.Duration
;
import
java.time.Duration
;
import
java.time.LocalTime
;
import
org.ehcache.UserManagedCache
;
import
org.ehcache.UserManagedCache
;
import
org.ehcache.config.builders.ExpiryPolicyBuilder
;
import
org.ehcache.config.builders.ExpiryPolicyBuilder
;
import
org.ehcache.config.builders.UserManagedCacheBuilder
;
import
org.ehcache.config.builders.UserManagedCacheBuilder
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
public
class
InMemoryOnlineTicketServices
implements
OnlineTicketServices
{
public
class
InMemoryOnlineTicketServices
implements
OnlineTicketServices
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
InMemoryOnlineTicketServices
.
class
);
protected
final
static
UserManagedCache
<
String
,
OnlineTicket
>
onlineTicketStore
=
protected
static
UserManagedCache
<
String
,
OnlineTicket
>
onlineTicketStore
=
UserManagedCacheBuilder
.
newUserManagedCacheBuilder
(
String
.
class
,
OnlineTicket
.
class
)
UserManagedCacheBuilder
.
newUserManagedCacheBuilder
(
String
.
class
,
OnlineTicket
.
class
)
.
withExpiry
(
ExpiryPolicyBuilder
.
timeToLiveExpiration
(
Duration
.
ofMinutes
(
30
)))
.
withExpiry
(
ExpiryPolicyBuilder
.
timeToLiveExpiration
(
Duration
.
ofMinutes
(
30
)))
.
build
(
true
);
.
build
(
true
);
...
@@ -56,8 +60,37 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{
...
@@ -56,8 +60,37 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{
@Override
@Override
public
void
setValiditySeconds
(
int
validitySeconds
)
{
public
void
setValiditySeconds
(
int
validitySeconds
)
{
// TODO Auto-generated method stub
onlineTicketStore
=
UserManagedCacheBuilder
.
newUserManagedCacheBuilder
(
String
.
class
,
OnlineTicket
.
class
)
.
withExpiry
(
ExpiryPolicyBuilder
.
timeToLiveExpiration
(
Duration
.
ofMinutes
(
validitySeconds
/
60
))
)
.
build
(
true
);
}
@Override
public
void
refresh
(
String
ticketId
,
LocalTime
refreshTime
)
{
OnlineTicket
onlineTicket
=
get
(
ticketId
);
onlineTicket
.
setTicketTime
(
refreshTime
);
store
(
ticketId
,
onlineTicket
);
}
@Override
public
void
refresh
(
String
ticketId
)
{
OnlineTicket
onlineTicket
=
get
(
ticketId
);
LocalTime
currentTime
=
LocalTime
.
now
();
Duration
duration
=
Duration
.
between
(
currentTime
,
onlineTicket
.
getTicketTime
());
_logger
.
trace
(
"OnlineTicket duration "
+
duration
.
getSeconds
());
if
(
duration
.
getSeconds
()
>
OnlineTicket
.
MAX_EXPIRY_DURATION
)
{
onlineTicket
.
setTicketTime
(
currentTime
);
refresh
(
ticketId
,
currentTime
);
}
}
}
}
}
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java
浏览文件 @
cd00a039
package
org.maxkey.authn.online
;
package
org.maxkey.authn.online
;
import
java.io.Serializable
;
import
java.io.Serializable
;
import
java.time.LocalTime
;
import
java.util.HashMap
;
import
java.util.HashMap
;
import
org.maxkey.domain.apps.Apps
;
import
org.maxkey.domain.apps.Apps
;
...
@@ -11,10 +12,15 @@ public class OnlineTicket implements Serializable{
...
@@ -11,10 +12,15 @@ public class OnlineTicket implements Serializable{
/**
/**
*
*
*/
*/
private
static
final
long
serialVersionUID
=
9008067569150338296L
;
public
static
final
int
MAX_EXPIRY_DURATION
=
60
*
10
;
//default 10 minutes.
private
static
final
long
serialVersionUID
=
9008067569150338296L
;
public
String
ticketId
;
public
String
ticketId
;
public
LocalTime
ticketTime
;
public
Authentication
authentication
;
public
Authentication
authentication
;
private
HashMap
<
String
,
Apps
>
authorizedApps
=
new
HashMap
<
String
,
Apps
>();
private
HashMap
<
String
,
Apps
>
authorizedApps
=
new
HashMap
<
String
,
Apps
>();
...
@@ -23,12 +29,14 @@ public class OnlineTicket implements Serializable{
...
@@ -23,12 +29,14 @@ public class OnlineTicket implements Serializable{
public
OnlineTicket
(
String
ticketId
)
{
public
OnlineTicket
(
String
ticketId
)
{
super
();
super
();
this
.
ticketId
=
ticketId
;
this
.
ticketId
=
ticketId
;
this
.
ticketTime
=
LocalTime
.
now
();
}
}
public
OnlineTicket
(
String
ticketId
,
Authentication
authentication
)
{
public
OnlineTicket
(
String
ticketId
,
Authentication
authentication
)
{
super
();
super
();
this
.
ticketId
=
ticketId
;
this
.
ticketId
=
ticketId
;
this
.
authentication
=
authentication
;
this
.
authentication
=
authentication
;
this
.
ticketTime
=
LocalTime
.
now
();
}
}
...
@@ -44,6 +52,14 @@ public class OnlineTicket implements Serializable{
...
@@ -44,6 +52,14 @@ public class OnlineTicket implements Serializable{
}
}
public
LocalTime
getTicketTime
()
{
return
ticketTime
;
}
public
void
setTicketTime
(
LocalTime
ticketTime
)
{
this
.
ticketTime
=
ticketTime
;
}
public
Authentication
getAuthentication
()
{
public
Authentication
getAuthentication
()
{
return
authentication
;
return
authentication
;
}
}
...
...
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java
浏览文件 @
cd00a039
...
@@ -17,6 +17,7 @@
...
@@ -17,6 +17,7 @@
package
org.maxkey.authn.online
;
package
org.maxkey.authn.online
;
import
java.time.LocalTime
;
public
interface
OnlineTicketServices
{
public
interface
OnlineTicketServices
{
...
@@ -25,6 +26,10 @@ public interface OnlineTicketServices {
...
@@ -25,6 +26,10 @@ public interface OnlineTicketServices {
public
OnlineTicket
remove
(
String
ticket
);
public
OnlineTicket
remove
(
String
ticket
);
public
OnlineTicket
get
(
String
ticketId
);
public
OnlineTicket
get
(
String
ticketId
);
public
void
refresh
(
String
ticketId
,
LocalTime
refreshTime
);
public
void
refresh
(
String
ticketId
);
public
void
setValiditySeconds
(
int
validitySeconds
);
public
void
setValiditySeconds
(
int
validitySeconds
);
}
}
maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java
浏览文件 @
cd00a039
...
@@ -17,12 +17,17 @@
...
@@ -17,12 +17,17 @@
package
org.maxkey.authn.online
;
package
org.maxkey.authn.online
;
import
java.time.Duration
;
import
java.time.LocalTime
;
import
org.maxkey.persistence.redis.RedisConnection
;
import
org.maxkey.persistence.redis.RedisConnection
;
import
org.maxkey.persistence.redis.RedisConnectionFactory
;
import
org.maxkey.persistence.redis.RedisConnectionFactory
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
public
class
RedisOnlineTicketServices
implements
OnlineTicketServices
{
public
class
RedisOnlineTicketServices
implements
OnlineTicketServices
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
RedisOnlineTicketServices
.
class
);
protected
int
serviceTicketValiditySeconds
=
60
*
30
;
//default 30 minutes.
protected
int
serviceTicketValiditySeconds
=
60
*
30
;
//default 30 minutes.
...
@@ -78,5 +83,27 @@ public class RedisOnlineTicketServices implements OnlineTicketServices {
...
@@ -78,5 +83,27 @@ public class RedisOnlineTicketServices implements OnlineTicketServices {
}
}
@Override
public
void
refresh
(
String
ticketId
,
LocalTime
refreshTime
)
{
OnlineTicket
onlineTicket
=
get
(
ticketId
);
onlineTicket
.
setTicketTime
(
refreshTime
);
store
(
ticketId
,
onlineTicket
);
}
@Override
public
void
refresh
(
String
ticketId
)
{
OnlineTicket
onlineTicket
=
get
(
ticketId
);
LocalTime
currentTime
=
LocalTime
.
now
();
Duration
duration
=
Duration
.
between
(
currentTime
,
onlineTicket
.
getTicketTime
());
_logger
.
trace
(
"OnlineTicket duration "
+
duration
.
getSeconds
());
if
(
duration
.
getSeconds
()
>
OnlineTicket
.
MAX_EXPIRY_DURATION
)
{
onlineTicket
.
setTicketTime
(
currentTime
);
refresh
(
ticketId
,
currentTime
);
}
}
}
}
maxkey-
web-maxkey/src/main/java/org/maxkey/web
/endpoint/OnlineTicketEndpoint.java
→
maxkey-
protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz
/endpoint/OnlineTicketEndpoint.java
浏览文件 @
cd00a039
package
org.maxkey.
web
.endpoint
;
package
org.maxkey.
authz
.endpoint
;
import
org.maxkey.authn.online.OnlineTicket
;
import
org.maxkey.authn.online.OnlineTicket
;
import
org.maxkey.authn.online.OnlineTicketServices
;
import
org.maxkey.authn.online.OnlineTicketServices
;
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
浏览文件 @
cd00a039
...
@@ -135,7 +135,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
...
@@ -135,7 +135,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
}
}
if
(
casDetails
.
getLogoutType
()==
LogoutType
.
BACK_CHANNEL
)
{
if
(
casDetails
.
getLogoutType
()==
LogoutType
.
BACK_CHANNEL
)
{
String
onlineTicketId
=
((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
();
String
onlineTicketId
=
((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
()
.
getTicketId
()
;
OnlineTicket
onlineTicket
=
onlineTicketServices
.
get
(
onlineTicketId
);
OnlineTicket
onlineTicket
=
onlineTicketServices
.
get
(
onlineTicketId
);
//set cas ticket as OnlineTicketId
//set cas ticket as OnlineTicketId
casDetails
.
setOnlineTicket
(
ticket
);
casDetails
.
setOnlineTicket
(
ticket
);
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
浏览文件 @
cd00a039
...
@@ -67,7 +67,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
...
@@ -67,7 +67,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
serviceResponseBuilder
.
setAttribute
(
"departmentId"
,
userInfo
.
getDepartmentId
());
serviceResponseBuilder
.
setAttribute
(
"departmentId"
,
userInfo
.
getDepartmentId
());
serviceResponseBuilder
.
setAttribute
(
"workRegion"
,
base64Attr
(
userInfo
.
getWorkRegion
()));
serviceResponseBuilder
.
setAttribute
(
"workRegion"
,
base64Attr
(
userInfo
.
getWorkRegion
()));
serviceResponseBuilder
.
setAttribute
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
());
serviceResponseBuilder
.
setAttribute
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
()
.
getTicketId
()
);
return
null
;
return
null
;
}
}
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
浏览文件 @
cd00a039
...
@@ -45,7 +45,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
...
@@ -45,7 +45,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
beanMap
.
put
(
"title"
,
userInfo
.
getJobTitle
());
beanMap
.
put
(
"title"
,
userInfo
.
getJobTitle
());
beanMap
.
put
(
"state"
,
userInfo
.
getWorkRegion
());
beanMap
.
put
(
"state"
,
userInfo
.
getWorkRegion
());
beanMap
.
put
(
"gender"
,
userInfo
.
getGender
());
beanMap
.
put
(
"gender"
,
userInfo
.
getGender
());
beanMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
());
beanMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
()
.
getTicketId
()
);
String
info
=
JsonUtils
.
object2Json
(
beanMap
);
String
info
=
JsonUtils
.
object2Json
(
beanMap
);
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
浏览文件 @
cd00a039
...
@@ -176,7 +176,7 @@ public class UserInfoEndpoint {
...
@@ -176,7 +176,7 @@ public class UserInfoEndpoint {
SigninPrincipal
authentication
=
(
SigninPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
();
SigninPrincipal
authentication
=
(
SigninPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
();
jwtClaimsSetBuilder
.
claim
(
"sub"
,
userInfo
.
getId
());
jwtClaimsSetBuilder
.
claim
(
"sub"
,
userInfo
.
getId
());
jwtClaimsSetBuilder
.
claim
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
());
jwtClaimsSetBuilder
.
claim
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
()
.
getTicketId
()
);
if
(
scopes
.
contains
(
"profile"
)){
if
(
scopes
.
contains
(
"profile"
)){
jwtClaimsSetBuilder
.
claim
(
"name"
,
userInfo
.
getUsername
());
jwtClaimsSetBuilder
.
claim
(
"name"
,
userInfo
.
getUsername
());
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
浏览文件 @
cd00a039
...
@@ -73,7 +73,7 @@ public class AssertionEndpoint {
...
@@ -73,7 +73,7 @@ public class AssertionEndpoint {
logger
.
debug
(
"AuthnRequestInfo: {}"
,
authnRequestInfo
);
logger
.
debug
(
"AuthnRequestInfo: {}"
,
authnRequestInfo
);
HashMap
<
String
,
String
>
attributeMap
=
new
HashMap
<
String
,
String
>();
HashMap
<
String
,
String
>
attributeMap
=
new
HashMap
<
String
,
String
>();
attributeMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
());
attributeMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
()
.
getTicketId
()
);
//saml20Details
//saml20Details
Response
authResponse
=
authnResponseGenerator
.
generateAuthnResponse
(
Response
authResponse
=
authnResponseGenerator
.
generateAuthnResponse
(
...
...
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
浏览文件 @
cd00a039
...
@@ -72,7 +72,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
...
@@ -72,7 +72,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
}
}
beanMap
.
put
(
"displayName"
,
userInfo
.
getDisplayName
());
beanMap
.
put
(
"displayName"
,
userInfo
.
getDisplayName
());
beanMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
());
beanMap
.
put
(
WebConstants
.
ONLINE_TICKET_NAME
,
authentication
.
getOnlineTicket
()
.
getTicketId
()
);
/*
/*
* use UTC date time format
* use UTC date time format
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
浏览文件 @
cd00a039
...
@@ -20,6 +20,8 @@ package org.maxkey.web.endpoint;
...
@@ -20,6 +20,8 @@ package org.maxkey.web.endpoint;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.SigninPrincipal
;
import
org.maxkey.authn.online.OnlineTicketServices
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.web.WebConstants
;
import
org.maxkey.web.WebConstants
;
...
@@ -49,6 +51,10 @@ public class LogoutEndpoint {
...
@@ -49,6 +51,10 @@ public class LogoutEndpoint {
@Autowired
@Autowired
ApplicationConfig
applicationConfig
;
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"onlineTicketServices"
)
protected
OnlineTicketServices
onlineTicketServices
;
@RequestMapping
(
value
={
"/logout"
})
@RequestMapping
(
value
={
"/logout"
})
public
ModelAndView
logout
(
public
ModelAndView
logout
(
HttpServletRequest
request
,
HttpServletRequest
request
,
...
@@ -89,8 +95,10 @@ public class LogoutEndpoint {
...
@@ -89,8 +95,10 @@ public class LogoutEndpoint {
_logger
.
debug
(
"re Login URL : "
+
reLoginUrl
);
_logger
.
debug
(
"re Login URL : "
+
reLoginUrl
);
modelAndView
.
addObject
(
"reloginUrl"
,
reLoginUrl
);
modelAndView
.
addObject
(
"reloginUrl"
,
reLoginUrl
);
onlineTicketServices
.
remove
(((
SigninPrincipal
)
WebContext
.
getAuthentication
().
getPrincipal
()).
getOnlineTicket
().
getTicketId
());
request
.
getSession
().
invalidate
();
request
.
getSession
().
invalidate
();
SecurityContextHolder
.
clearContext
();
SecurityContextHolder
.
clearContext
();
modelAndView
.
setViewName
(
viewName
);
modelAndView
.
setViewName
(
viewName
);
return
modelAndView
;
return
modelAndView
;
}
}
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
浏览文件 @
cd00a039
...
@@ -23,6 +23,9 @@ import javax.servlet.http.HttpServletRequest;
...
@@ -23,6 +23,9 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler
;
import
org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler
;
import
org.maxkey.authn.SigninPrincipal
;
import
org.maxkey.authn.online.OnlineTicket
;
import
org.maxkey.authn.online.OnlineTicketServices
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.constants.ConstantsPasswordSetType
;
import
org.maxkey.constants.ConstantsPasswordSetType
;
import
org.maxkey.web.WebConstants
;
import
org.maxkey.web.WebConstants
;
...
@@ -31,6 +34,7 @@ import org.slf4j.Logger;
...
@@ -31,6 +34,7 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.web.savedrequest.HttpSessionRequestCache
;
import
org.springframework.security.web.savedrequest.HttpSessionRequestCache
;
import
org.springframework.security.web.savedrequest.RequestCache
;
import
org.springframework.security.web.savedrequest.RequestCache
;
import
org.springframework.security.web.savedrequest.SavedRequest
;
import
org.springframework.security.web.savedrequest.SavedRequest
;
...
@@ -57,6 +61,10 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
...
@@ -57,6 +61,10 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
SavedRequestAwareAuthenticationSuccessHandler
savedRequestSuccessHandler
;
SavedRequestAwareAuthenticationSuccessHandler
savedRequestSuccessHandler
;
static
ConcurrentHashMap
<
String
,
String
>
navigationsMap
=
null
;
static
ConcurrentHashMap
<
String
,
String
>
navigationsMap
=
null
;
@Autowired
@Qualifier
(
"onlineTicketServices"
)
protected
OnlineTicketServices
onlineTicketServices
;
/*
/*
* 请求前处理 (non-Javadoc)
* 请求前处理 (non-Javadoc)
...
@@ -96,11 +104,12 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
...
@@ -96,11 +104,12 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
}
}
}
}
Authentication
authentication
=
WebContext
.
getAuthentication
();
//save first protected url
//save first protected url
SavedRequest
firstSavedRequest
=
(
SavedRequest
)
WebContext
.
getAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
SavedRequest
firstSavedRequest
=
(
SavedRequest
)
WebContext
.
getAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
// 判断用户是否登录, 判断用户和角色,判断用户是否登录用户
// 判断用户是否登录, 判断用户和角色,判断用户是否登录用户
if
(
WebContext
.
getAuthentication
()
==
null
if
(
authentication
==
null
||
WebContext
.
getAuthentication
()
.
getAuthorities
()
==
null
)
{
||
authentication
.
getAuthorities
()
==
null
)
{
//保存未认证的请求信息
//保存未认证的请求信息
if
(
firstSavedRequest
==
null
){
if
(
firstSavedRequest
==
null
){
RequestCache
requestCache
=
new
HttpSessionRequestCache
();
RequestCache
requestCache
=
new
HttpSessionRequestCache
();
...
@@ -119,14 +128,20 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
...
@@ -119,14 +128,20 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
return
false
;
return
false
;
}
}
//认证完成,跳转到未认证请求
//认证完成,跳转到未认证请求
if
(
firstSavedRequest
!=
null
)
{
if
(
firstSavedRequest
!=
null
)
{
savedRequestSuccessHandler
.
onAuthenticationSuccess
(
request
,
response
,
WebContext
.
getAuthentication
()
);
savedRequestSuccessHandler
.
onAuthenticationSuccess
(
request
,
response
,
authentication
);
WebContext
.
removeAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
WebContext
.
removeAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
}
}
boolean
hasAccess
=
true
;
boolean
hasAccess
=
true
;
if
(
authentication
.
getPrincipal
()
instanceof
SigninPrincipal
)
{
SigninPrincipal
signinPrincipal
=
(
SigninPrincipal
)
authentication
.
getPrincipal
();
OnlineTicket
onlineTicket
=
signinPrincipal
.
getOnlineTicket
();
onlineTicketServices
.
refresh
(
onlineTicket
.
getTicketId
());
}
/*
/*
* boolean preHandler = super.preHandle(request, response, handler);
* boolean preHandler = super.preHandle(request, response, handler);
*
*
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录