Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
d14a0962
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
大约 1 年 前同步成功
通知
76
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
d14a0962
编写于
9月 10, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
trustAuthentication
上级
b3083adf
变更
12
显示空白变更内容
内联
并排
Showing
12 changed file
with
78 addition
and
47 deletion
+78
-47
maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java
.../java/org/maxkey/authn/support/basic/BasicEntryPoint.java
+8
-3
maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java
...maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java
+8
-4
maxkey-authentications/src/main/java/org/maxkey/authn/support/kerberos/RemoteKerberosService.java
.../maxkey/authn/support/kerberos/RemoteKerberosService.java
+5
-2
maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java
...hn/support/socialsignon/AbstractSocialSignOnEndpoint.java
+5
-1
maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
...xkey/authn/support/socialsignon/SocialSignOnEndpoint.java
+7
-15
maxkey-authentications/src/main/java/org/maxkey/authn/support/wsfederation/WsFederationServiceImpl.java
...y/authn/support/wsfederation/WsFederationServiceImpl.java
+9
-3
maxkey-core/src/main/java/org/maxkey/authn/support/jwt/JwtLoginService.java
...in/java/org/maxkey/authn/support/jwt/JwtLoginService.java
+9
-3
maxkey-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java
...ey/authn/support/rememberme/AbstractRemeberMeService.java
+9
-5
maxkey-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
...a/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
+9
-5
maxkey-core/src/main/java/org/maxkey/web/WebContext.java
maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+2
-3
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
...xkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
+6
-2
maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java
...n/java/org/maxkey/autoconfigure/CasAutoConfiguration.java
+1
-1
未找到文件。
maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java
浏览文件 @
d14a0962
...
@@ -20,11 +20,13 @@ package org.maxkey.authn.support.basic;
...
@@ -20,11 +20,13 @@ package org.maxkey.authn.support.basic;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.util.AuthorizationHeaderUtils
;
import
org.maxkey.util.AuthorizationHeaderUtils
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
...
@@ -35,6 +37,10 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
...
@@ -35,6 +37,10 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
boolean
enable
;
boolean
enable
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
public
BasicEntryPoint
()
{
public
BasicEntryPoint
()
{
}
}
...
@@ -126,10 +132,9 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
...
@@ -126,10 +132,9 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
}
}
if
(!
isAuthenticated
){
if
(!
isAuthenticated
){
if
(
WebContext
.
setAuthentication
(
username
,
ConstantsLoginType
.
BASIC
,
""
,
""
,
"success"
)){
authenticationProvider
.
trustAuthentication
(
username
,
ConstantsLoginType
.
BASIC
,
""
,
""
,
"success"
);
_logger
.
info
(
"Authentication "
+
username
+
" successful ."
);
_logger
.
info
(
"Authentication "
+
username
+
" successful ."
);
}
}
}
return
true
;
return
true
;
}
}
...
...
maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java
浏览文件 @
d14a0962
...
@@ -20,10 +20,12 @@ package org.maxkey.authn.support.httpheader;
...
@@ -20,10 +20,12 @@ package org.maxkey.authn.support.httpheader;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
...
@@ -35,6 +37,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
...
@@ -35,6 +37,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
String
headerName
;
String
headerName
;
boolean
enable
;
boolean
enable
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
String
[]
skipRequestURI
={
String
[]
skipRequestURI
={
"/oauth/v20/token"
,
"/oauth/v20/token"
,
...
@@ -102,10 +107,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
...
@@ -102,10 +107,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
}
}
if
(!
isAuthenticated
){
if
(!
isAuthenticated
){
if
(
WebContext
.
setAuthentication
(
httpHeaderUsername
,
ConstantsLoginType
.
HTTPHEADER
,
""
,
""
,
"success"
)){
authenticationProvider
.
trustAuthentication
(
httpHeaderUsername
,
ConstantsLoginType
.
HTTPHEADER
,
""
,
""
,
"success"
);
_logger
.
info
(
"Authentication "
+
httpHeaderUsername
+
" successful ."
);
_logger
.
info
(
"Authentication "
+
httpHeaderUsername
+
" successful ."
);
}
}
}
return
true
;
return
true
;
}
}
...
...
maxkey-authentications/src/main/java/org/maxkey/authn/support/kerberos/RemoteKerberosService.java
浏览文件 @
d14a0962
...
@@ -23,11 +23,11 @@ import java.util.List;
...
@@ -23,11 +23,11 @@ import java.util.List;
import
java.util.Map
;
import
java.util.Map
;
import
org.joda.time.DateTime
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.crypto.ReciprocalUtils
;
import
org.maxkey.crypto.ReciprocalUtils
;
import
org.maxkey.util.DateUtils
;
import
org.maxkey.util.DateUtils
;
import
org.maxkey.util.JsonUtils
;
import
org.maxkey.util.JsonUtils
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
...
@@ -35,6 +35,8 @@ public class RemoteKerberosService implements KerberosService{
...
@@ -35,6 +35,8 @@ public class RemoteKerberosService implements KerberosService{
private
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
RemoteKerberosService
.
class
);
private
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
RemoteKerberosService
.
class
);
List
<
KerberosProxy
>
kerberosProxys
;
List
<
KerberosProxy
>
kerberosProxys
;
RealmAuthenticationProvider
authenticationProvider
;
public
boolean
login
(
String
kerberosTokenString
,
String
kerberosUserDomain
){
public
boolean
login
(
String
kerberosTokenString
,
String
kerberosUserDomain
){
_logger
.
debug
(
"encoder Kerberos Token "
+
kerberosTokenString
);
_logger
.
debug
(
"encoder Kerberos Token "
+
kerberosTokenString
);
_logger
.
debug
(
"kerberos UserDomain "
+
kerberosUserDomain
);
_logger
.
debug
(
"kerberos UserDomain "
+
kerberosUserDomain
);
...
@@ -54,7 +56,8 @@ public class RemoteKerberosService implements KerberosService{
...
@@ -54,7 +56,8 @@ public class RemoteKerberosService implements KerberosService{
DateTime
notOnOrAfter
=
DateUtils
.
toUtcDate
(
kerberosToken
.
getNotOnOrAfter
());
DateTime
notOnOrAfter
=
DateUtils
.
toUtcDate
(
kerberosToken
.
getNotOnOrAfter
());
_logger
.
debug
(
"Kerberos Token is After Now "
+
notOnOrAfter
.
isAfterNow
());
_logger
.
debug
(
"Kerberos Token is After Now "
+
notOnOrAfter
.
isAfterNow
());
if
(
notOnOrAfter
.
isAfterNow
()){
if
(
notOnOrAfter
.
isAfterNow
()){
return
WebContext
.
setAuthentication
(
kerberosToken
.
getPrincipal
(),
ConstantsLoginType
.
KERBEROS
,
kerberosUserDomain
,
""
,
"success"
);
authenticationProvider
.
trustAuthentication
(
kerberosToken
.
getPrincipal
(),
ConstantsLoginType
.
KERBEROS
,
kerberosUserDomain
,
""
,
"success"
);
return
true
;
}
else
{
}
else
{
return
false
;
return
false
;
...
...
maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java
浏览文件 @
d14a0962
...
@@ -20,6 +20,7 @@
...
@@ -20,6 +20,7 @@
*/
*/
package
org.maxkey.authn.support.socialsignon
;
package
org.maxkey.authn.support.socialsignon
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService
;
import
org.maxkey.authn.support.socialsignon.service.SocialsAssociateService
;
import
org.maxkey.authn.support.socialsignon.service.SocialsAssociateService
;
...
@@ -27,6 +28,7 @@ import org.maxkey.web.WebContext;
...
@@ -27,6 +28,7 @@ import org.maxkey.web.WebContext;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthResponse
;
...
@@ -72,7 +74,9 @@ public class AbstractSocialSignOnEndpoint {
...
@@ -72,7 +74,9 @@ public class AbstractSocialSignOnEndpoint {
@Autowired
@Autowired
protected
SocialsAssociateService
socialsAssociateService
;
protected
SocialsAssociateService
socialsAssociateService
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
protected
AuthRequest
buildAuthRequest
(
String
provider
){
protected
AuthRequest
buildAuthRequest
(
String
provider
){
...
...
maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
浏览文件 @
d14a0962
...
@@ -22,14 +22,11 @@ package org.maxkey.authn.support.socialsignon;
...
@@ -22,14 +22,11 @@ package org.maxkey.authn.support.socialsignon;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.support.socialsignon.service.SocialsAssociate
;
import
org.maxkey.authn.support.socialsignon.service.SocialsAssociate
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.web.WebContext
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.authentication.BadCredentialsException
;
import
org.springframework.security.web.WebAttributes
;
import
org.springframework.security.web.WebAttributes
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.stereotype.Controller
;
...
@@ -49,11 +46,6 @@ import me.zhyd.oauth.utils.AuthStateUtils;
...
@@ -49,11 +46,6 @@ import me.zhyd.oauth.utils.AuthStateUtils;
public
class
SocialSignOnEndpoint
extends
AbstractSocialSignOnEndpoint
{
public
class
SocialSignOnEndpoint
extends
AbstractSocialSignOnEndpoint
{
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
SocialSignOnEndpoint
.
class
);
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
SocialSignOnEndpoint
.
class
);
@Autowired
@Qualifier
(
"authenticationRealm"
)
protected
AbstractAuthenticationRealm
authenticationRealm
;
public
ModelAndView
socialSignOnAuthorize
(
String
provider
){
public
ModelAndView
socialSignOnAuthorize
(
String
provider
){
_logger
.
debug
(
"SocialSignOn provider : "
+
provider
);
_logger
.
debug
(
"SocialSignOn provider : "
+
provider
);
String
authorizationUrl
=
buildAuthRequest
(
provider
).
authorize
(
AuthStateUtils
.
createState
());
String
authorizationUrl
=
buildAuthRequest
(
provider
).
authorize
(
AuthStateUtils
.
createState
());
...
@@ -155,13 +147,13 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
...
@@ -155,13 +147,13 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
_logger
.
debug
(
"Social Sign On from "
+
socialSignOnUserToken
.
getProvider
()+
" mapping to user "
+
socialSignOnUserToken
.
getUsername
());
_logger
.
debug
(
"Social Sign On from "
+
socialSignOnUserToken
.
getProvider
()+
" mapping to user "
+
socialSignOnUserToken
.
getUsername
());
if
(
WebContext
.
setAuthentication
(
socialSignOnUserToken
.
getUsername
(),
ConstantsLoginType
.
SOCIALSIGNON
,
this
.
socialSignOnProvider
.
getProviderName
(),
"xe00000004"
,
"success"
)){
authenticationProvider
.
trustAuthentication
(
socialSignOnUserToken
.
getUsername
(),
ConstantsLoginType
.
SOCIALSIGNON
,
this
.
socialSignOnProvider
.
getProviderName
(),
"xe00000004"
,
"success"
);
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
socialSignOnUserToken
.
setSocialUserInfo
(
accountJsonString
);
socialSignOnUserToken
.
setSocialUserInfo
(
accountJsonString
);
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
this
.
socialsAssociateService
.
update
(
socialSignOnUserToken
);
this
.
socialsAssociateService
.
update
(
socialSignOnUserToken
);
}
}
else
{
}
else
{
WebContext
.
getRequest
().
getSession
().
setAttribute
(
WebAttributes
.
AUTHENTICATION_EXCEPTION
,
new
BadCredentialsException
(
WebContext
.
getI18nValue
(
"login.error.social"
)));
WebContext
.
getRequest
().
getSession
().
setAttribute
(
WebAttributes
.
AUTHENTICATION_EXCEPTION
,
new
BadCredentialsException
(
WebContext
.
getI18nValue
(
"login.error.social"
)));
...
...
maxkey-authentications/src/main/java/org/maxkey/authn/support/wsfederation/WsFederationServiceImpl.java
浏览文件 @
d14a0962
...
@@ -19,12 +19,14 @@ package org.maxkey.authn.support.wsfederation;
...
@@ -19,12 +19,14 @@ package org.maxkey.authn.support.wsfederation;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.util.StringUtils
;
import
org.maxkey.util.StringUtils
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.saml1.core.impl.AssertionImpl
;
import
org.opensaml.saml1.core.impl.AssertionImpl
;
import
org.slf4j.Logger
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
public
class
WsFederationServiceImpl
implements
WsFederationService
{
public
class
WsFederationServiceImpl
implements
WsFederationService
{
...
@@ -32,6 +34,10 @@ public class WsFederationServiceImpl implements WsFederationService{
...
@@ -32,6 +34,10 @@ public class WsFederationServiceImpl implements WsFederationService{
private
WsFederationConfiguration
wsFederationConfiguration
;
private
WsFederationConfiguration
wsFederationConfiguration
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
public
boolean
login
(
String
wsFederationWA
,
String
wsFederationWResult
,
HttpServletRequest
request
){
public
boolean
login
(
String
wsFederationWA
,
String
wsFederationWResult
,
HttpServletRequest
request
){
// it's an authentication
// it's an authentication
if
(
StringUtils
.
isNotEmpty
(
wsFederationWA
)
&&
wsFederationWA
.
equalsIgnoreCase
(
WsFederationConstants
.
WSIGNIN
))
{
if
(
StringUtils
.
isNotEmpty
(
wsFederationWA
)
&&
wsFederationWA
.
equalsIgnoreCase
(
WsFederationConstants
.
WSIGNIN
))
{
...
@@ -57,11 +63,11 @@ public class WsFederationServiceImpl implements WsFederationService{
...
@@ -57,11 +63,11 @@ public class WsFederationServiceImpl implements WsFederationService{
wsFederationConfiguration
.
getUpnSuffix
());
wsFederationConfiguration
.
getUpnSuffix
());
}
}
return
WebContext
.
se
tAuthentication
(
authenticationProvider
.
trus
tAuthentication
(
wsFederationCredential
.
getAttributes
().
get
(
""
).
toString
(),
wsFederationCredential
.
getAttributes
().
get
(
""
).
toString
(),
ConstantsLoginType
.
WSFEDERATION
,
ConstantsLoginType
.
WSFEDERATION
,
""
,
""
,
"success"
);
""
,
""
,
"success"
);
return
true
;
}
else
{
}
else
{
_logger
.
warn
(
"SAML assertions are blank or no longer valid."
);
_logger
.
warn
(
"SAML assertions are blank or no longer valid."
);
return
false
;
return
false
;
...
...
maxkey-core/src/main/java/org/maxkey/authn/support/jwt/JwtLoginService.java
浏览文件 @
d14a0962
...
@@ -30,6 +30,7 @@ import java.util.Date;
...
@@ -30,6 +30,7 @@ import java.util.Date;
import
java.util.UUID
;
import
java.util.UUID
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.joda.time.DateTime
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.oidc.OIDCProviderMetadataDetails
;
import
org.maxkey.configuration.oidc.OIDCProviderMetadataDetails
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
...
@@ -48,6 +49,8 @@ public class JwtLoginService {
...
@@ -48,6 +49,8 @@ public class JwtLoginService {
DefaultJwtSigningAndValidationService
jwtSignerValidationService
;
DefaultJwtSigningAndValidationService
jwtSignerValidationService
;
RealmAuthenticationProvider
authenticationProvider
;
public
boolean
login
(
String
jwt
,
HttpServletResponse
response
)
{
public
boolean
login
(
String
jwt
,
HttpServletResponse
response
)
{
_logger
.
debug
(
"jwt : "
+
jwt
);
_logger
.
debug
(
"jwt : "
+
jwt
);
...
@@ -93,10 +96,9 @@ public class JwtLoginService {
...
@@ -93,10 +96,9 @@ public class JwtLoginService {
DateTime
now
=
new
DateTime
();
DateTime
now
=
new
DateTime
();
if
(
loginResult
&&
now
.
isBefore
(
jwtClaimsSet
.
getExpirationTime
().
getTime
()))
{
if
(
loginResult
&&
now
.
isBefore
(
jwtClaimsSet
.
getExpirationTime
().
getTime
()))
{
if
(
WebContext
.
setAuthentication
(
username
,
ConstantsLoginType
.
JWT
,
""
,
""
,
"success"
))
{
authenticationProvider
.
trustAuthentication
(
username
,
ConstantsLoginType
.
JWT
,
""
,
""
,
"success"
);
return
true
;
return
true
;
}
}
}
}
catch
(
java
.
text
.
ParseException
e
)
{
}
catch
(
java
.
text
.
ParseException
e
)
{
// Invalid signed JWT encoding
// Invalid signed JWT encoding
_logger
.
error
(
"Invalid signed JWT encoding "
);
_logger
.
error
(
"Invalid signed JWT encoding "
);
...
@@ -198,4 +200,8 @@ public class JwtLoginService {
...
@@ -198,4 +200,8 @@ public class JwtLoginService {
this
.
jwtSignerValidationService
=
jwtSignerValidationService
;
this
.
jwtSignerValidationService
=
jwtSignerValidationService
;
}
}
public
void
setAuthenticationProvider
(
RealmAuthenticationProvider
authenticationProvider
)
{
this
.
authenticationProvider
=
authenticationProvider
;
}
}
}
maxkey-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java
浏览文件 @
d14a0962
...
@@ -23,6 +23,7 @@ import javax.servlet.http.Cookie;
...
@@ -23,6 +23,7 @@ import javax.servlet.http.Cookie;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
org.joda.time.DateTime
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsLoginType
;
import
org.maxkey.constants.ConstantsTimeInterval
;
import
org.maxkey.constants.ConstantsTimeInterval
;
...
@@ -47,6 +48,10 @@ public abstract class AbstractRemeberMeService {
...
@@ -47,6 +48,10 @@ public abstract class AbstractRemeberMeService {
@Qualifier
(
"applicationConfig"
)
@Qualifier
(
"applicationConfig"
)
protected
ApplicationConfig
applicationConfig
;
protected
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
// follow function is for persist
// follow function is for persist
public
abstract
void
save
(
RemeberMe
remeberMe
);
public
abstract
void
save
(
RemeberMe
remeberMe
);
...
@@ -112,15 +117,14 @@ public abstract class AbstractRemeberMeService {
...
@@ -112,15 +117,14 @@ public abstract class AbstractRemeberMeService {
DateTime
expiryDate
=
loginDate
.
plusSeconds
(
getRemeberMeValidity
());
DateTime
expiryDate
=
loginDate
.
plusSeconds
(
getRemeberMeValidity
());
DateTime
now
=
new
DateTime
();
DateTime
now
=
new
DateTime
();
if
(
now
.
isBefore
(
expiryDate
))
{
if
(
now
.
isBefore
(
expiryDate
))
{
if
(
WebContext
.
se
tAuthentication
(
authenticationProvider
.
trus
tAuthentication
(
storeRemeberMe
.
getUsername
(),
storeRemeberMe
.
getUsername
(),
ConstantsLoginType
.
REMEBER_ME
,
ConstantsLoginType
.
REMEBER_ME
,
""
,
""
,
""
,
""
,
"success"
)
"success"
);
)
{
return
updateRemeberMe
(
remeberMeCookie
,
response
);
return
updateRemeberMe
(
remeberMeCookie
,
response
);
}
}
}
return
false
;
return
false
;
}
}
...
...
maxkey-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
浏览文件 @
d14a0962
...
@@ -22,6 +22,8 @@ import com.nimbusds.jose.JWEAlgorithm;
...
@@ -22,6 +22,8 @@ import com.nimbusds.jose.JWEAlgorithm;
import
java.net.URI
;
import
java.net.URI
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.spec.InvalidKeySpecException
;
import
java.security.spec.InvalidKeySpecException
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.authn.support.jwt.JwtLoginService
;
import
org.maxkey.authn.support.jwt.JwtLoginService
;
import
org.maxkey.configuration.oidc.OIDCProviderMetadataDetails
;
import
org.maxkey.configuration.oidc.OIDCProviderMetadataDetails
;
import
org.maxkey.constants.ConstantsProperties
;
import
org.maxkey.constants.ConstantsProperties
;
...
@@ -124,11 +126,13 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
...
@@ -124,11 +126,13 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
@Bean
(
name
=
"jwtLoginService"
)
@Bean
(
name
=
"jwtLoginService"
)
public
JwtLoginService
jwtLoginService
(
public
JwtLoginService
jwtLoginService
(
DefaultJwtSigningAndValidationService
jwtSignerValidationService
,
DefaultJwtSigningAndValidationService
jwtSignerValidationService
,
OIDCProviderMetadataDetails
oidcProviderMetadata
)
{
OIDCProviderMetadataDetails
oidcProviderMetadata
,
JwtLoginService
jwkSetKeyStore
=
new
JwtLoginService
();
RealmAuthenticationProvider
authenticationProvider
)
{
jwkSetKeyStore
.
setJwtSignerValidationService
(
jwtSignerValidationService
);
JwtLoginService
jwtLoginService
=
new
JwtLoginService
();
jwkSetKeyStore
.
setJwtProviderMetadata
(
oidcProviderMetadata
);
jwtLoginService
.
setJwtSignerValidationService
(
jwtSignerValidationService
);
return
jwkSetKeyStore
;
jwtLoginService
.
setJwtProviderMetadata
(
oidcProviderMetadata
);
jwtLoginService
.
setAuthenticationProvider
(
authenticationProvider
);
return
jwtLoginService
;
}
}
...
...
maxkey-core/src/main/java/org/maxkey/web/WebContext.java
浏览文件 @
d14a0962
...
@@ -28,7 +28,6 @@ import javax.servlet.http.HttpServletRequest;
...
@@ -28,7 +28,6 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpSession
;
import
javax.servlet.http.HttpSession
;
import
org.apache.commons.logging.LogFactory
;
import
org.apache.commons.logging.LogFactory
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.domain.UserInfo
;
import
org.maxkey.domain.UserInfo
;
import
org.maxkey.util.DateUtils
;
import
org.maxkey.util.DateUtils
;
...
@@ -113,7 +112,7 @@ public final class WebContext {
...
@@ -113,7 +112,7 @@ public final class WebContext {
* @param code String
* @param code String
* @param message String
* @param message String
* @return boolean
* @return boolean
*/
public static boolean setAuthentication(String username,
public static boolean setAuthentication(String username,
String type,
String type,
String provider,
String provider,
...
@@ -125,7 +124,7 @@ public final class WebContext {
...
@@ -125,7 +124,7 @@ public final class WebContext {
authenticationProvider.trustAuthentication(username, type, provider, code, message);
authenticationProvider.trustAuthentication(username, type, provider, code, message);
return isAuthenticated();
return isAuthenticated();
}
}
*/
public
static
void
setAuthentication
(
Authentication
authentication
)
{
public
static
void
setAuthentication
(
Authentication
authentication
)
{
setAttribute
(
WebConstants
.
AUTHENTICATION
,
authentication
);
setAttribute
(
WebConstants
.
AUTHENTICATION
,
authentication
);
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
浏览文件 @
d14a0962
...
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse;
...
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse;
import
org.apache.commons.lang.StringUtils
;
import
org.apache.commons.lang.StringUtils
;
import
org.apache.commons.lang.Validate
;
import
org.apache.commons.lang.Validate
;
import
org.maxkey.authn.RealmAuthenticationProvider
;
import
org.maxkey.authz.saml.common.EndpointGenerator
;
import
org.maxkey.authz.saml.common.EndpointGenerator
;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml.service.IDService
;
import
org.maxkey.authz.saml.service.IDService
;
...
@@ -44,7 +45,6 @@ import org.maxkey.constants.ConstantsLoginType;
...
@@ -44,7 +45,6 @@ import org.maxkey.constants.ConstantsLoginType;
import
org.maxkey.crypto.keystore.KeyStoreLoader
;
import
org.maxkey.crypto.keystore.KeyStoreLoader
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.domain.apps.AppsSAML20Details
;
import
org.maxkey.persistence.service.AppsSaml20DetailsService
;
import
org.maxkey.persistence.service.AppsSaml20DetailsService
;
import
org.maxkey.web.WebContext
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.common.binding.SAMLMessageContext
;
import
org.opensaml.common.binding.security.IssueInstantRule
;
import
org.opensaml.common.binding.security.IssueInstantRule
;
import
org.opensaml.common.binding.security.MessageReplayRule
;
import
org.opensaml.common.binding.security.MessageReplayRule
;
...
@@ -89,6 +89,10 @@ public class ConsumerEndpoint {
...
@@ -89,6 +89,10 @@ public class ConsumerEndpoint {
@Qualifier
(
"idService"
)
@Qualifier
(
"idService"
)
private
IDService
idService
;
private
IDService
idService
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
RealmAuthenticationProvider
authenticationProvider
;
private
String
singleSignOnServiceURL
;
private
String
singleSignOnServiceURL
;
private
String
assertionConsumerServiceURL
;
private
String
assertionConsumerServiceURL
;
...
@@ -178,7 +182,7 @@ public class ConsumerEndpoint {
...
@@ -178,7 +182,7 @@ public class ConsumerEndpoint {
logger
.
debug
(
"assertion.getID() "
,
assertion
.
getAuthnStatements
());
logger
.
debug
(
"assertion.getID() "
,
assertion
.
getAuthnStatements
());
WebContext
.
se
tAuthentication
(
username
,
ConstantsLoginType
.
SAMLTRUST
,
""
,
""
,
"success"
);
authenticationProvider
.
trus
tAuthentication
(
username
,
ConstantsLoginType
.
SAMLTRUST
,
""
,
""
,
"success"
);
ModelAndView
mav
=
new
ModelAndView
();
ModelAndView
mav
=
new
ModelAndView
();
mav
.
addObject
(
"username"
,
username
);
mav
.
addObject
(
"username"
,
username
);
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java
浏览文件 @
d14a0962
...
@@ -84,7 +84,7 @@ public class CasAutoConfiguration implements InitializingBean {
...
@@ -84,7 +84,7 @@ public class CasAutoConfiguration implements InitializingBean {
TicketServices
casTicketServices
=
null
;
TicketServices
casTicketServices
=
null
;
if
(
persistence
==
0
)
{
if
(
persistence
==
0
)
{
casTicketServices
=
new
InMemoryTicketGrantingTicketServices
();
casTicketServices
=
new
InMemoryTicketGrantingTicketServices
();
_logger
.
debug
(
"InMemoryTicketServices"
);
_logger
.
debug
(
"InMemoryTicket
GrantingTicket
Services"
);
}
else
if
(
persistence
==
1
)
{
}
else
if
(
persistence
==
1
)
{
//
//
//casTicketServices = new JdbcTicketServices(jdbcTemplate);
//casTicketServices = new JdbcTicketServices(jdbcTemplate);
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录