diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java index b9b0b56c6cf8cb0eef958aab2b5adb01c2e65457..fe16f62dd2545e566bc4844d960177b0376f7225 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java @@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsTimeInterval; import org.maxkey.crypto.Base64Utils; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.util.JsonUtils; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; @@ -71,7 +71,7 @@ public abstract class AbstractRemeberMeService { String jsonRemeberMe = JsonUtils.object2Json(remeberMe); _logger.debug("Remeber Me JSON " + jsonRemeberMe); - jsonRemeberMe = ReciprocalUtils.encode(jsonRemeberMe); + jsonRemeberMe = PasswordReciprocal.getInstance().encode(jsonRemeberMe); String cookieValue = Base64Utils.base64UrlEncode(jsonRemeberMe.getBytes()); @@ -101,7 +101,7 @@ public abstract class AbstractRemeberMeService { _logger.debug("Remeber Me JSON " + jsonRemeberMe); _logger.debug("Encode Remeber Me JSON ..."); - jsonRemeberMe = ReciprocalUtils.encode(jsonRemeberMe); + jsonRemeberMe = PasswordReciprocal.getInstance().encode(jsonRemeberMe); _logger.debug("Encode Remeber Me JSON " + jsonRemeberMe); String cookieValue = Base64Utils.base64UrlEncode(jsonRemeberMe.getBytes()); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java index d7fc1129263e97061565aaba5c6b18d3e01ccabd..db950760b3e50f7f1b2dec6f58d9a6f7d00de323 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java @@ -27,7 +27,7 @@ import org.maxkey.authn.LoginCredential; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsLoginType; import org.maxkey.crypto.Base64Utils; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.util.JsonUtils; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; @@ -82,7 +82,7 @@ public class HttpRemeberMeEntryPoint implements AsyncHandlerInterceptor { remeberMe = new String(Base64Utils.base64UrlDecode(remeberMe)); - remeberMe = ReciprocalUtils.decoder(remeberMe); + remeberMe = PasswordReciprocal.getInstance().decoder(remeberMe); _logger.debug("decoder RemeberMe : " + remeberMe); RemeberMe remeberMeCookie = new RemeberMe(); diff --git a/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java b/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java index e08e4e01ab22fac01c11b5b76fa8aab608243ad3..e676b24f9e5378df0f99319e398ceb6b65e6a6ef 100644 --- a/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java +++ b/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java @@ -132,55 +132,18 @@ public final class ReciprocalUtils { return null; } - public static byte[] encodeByDefaultKey(String simple, String algorithm) { - SecretKey key = generatorDefaultKey(algorithm); - return encode(simple.getBytes(), key, algorithm); - - } - - public static String encode2HexByDefaultKey(String simple, String algorithm) { - byte[] byteFinal = encodeByDefaultKey(simple, algorithm); - - String cipherHex = HexUtils.bytes2HexString(byteFinal); - return cipherHex; - } - - public static byte[] decoderByDefaultKey(byte[] byteCiphers, String algorithm) { - SecretKey key = generatorDefaultKey(algorithm); - return decoder(byteCiphers, key, algorithm); - - } - - public static String decoderHexByDefaultKey(String ciphers, String algorithm) { - if(StringUtils.isBlank(ciphers))return ""; - - byte[] byteSimple = HexUtils.hex2Bytes(ciphers); - - byte[] byteFinal = decoderByDefaultKey(byteSimple, algorithm); - - String simple = null; + public static String generatorDefaultKey(String secretKey,String algorithm) { try { - simple = new String(byteFinal, "UTF-8"); - } catch (UnsupportedEncodingException e) { - e.printStackTrace(); - } - return simple; - - } - - public static SecretKey generatorDefaultKey(String algorithm) { - try { - String secretKey = defaultKey; + secretKey = secretKey + defaultKey; if (algorithm.equals(Algorithm.DES)) { - secretKey = defaultKey.substring(0, 8); + secretKey = secretKey.substring(0, 8); } else if (algorithm.equals(Algorithm.AES) || algorithm.equals(Algorithm.Blowfish)) { - secretKey = defaultKey.substring(0, 16); + secretKey = secretKey.substring(0, 16); } else if (algorithm.equals(Algorithm.DESede)) { - secretKey = defaultKey.substring(0, 24); + secretKey = secretKey.substring(0, 24); } // System.out.println("defaultKey : "+secretKey); - SecretKey key = new SecretKeySpec(secretKey.getBytes(), algorithm); - return key; + return secretKey; } catch (Exception e) { e.printStackTrace(); } @@ -216,7 +179,17 @@ public final class ReciprocalUtils { } return null; } + + public static String encode2Hex(String simple, String secretKey) { + String key = generatorDefaultKey(secretKey + defaultKey,Algorithm.DESede); + return encode2Hex(simple,key, Algorithm.DESede); + } + public static String decoderHex(String ciphers, String secretKey) { + String key = generatorDefaultKey(secretKey + defaultKey,Algorithm.DESede); + return decoderHex(ciphers,key,Algorithm.DESede); + } + private static boolean keyLengthCheck(String secretKey, String algorithm) { boolean lengthCheck = false; if (algorithm.equals(Algorithm.DES)) { @@ -264,27 +237,6 @@ public final class ReciprocalUtils { return decoderHex(ciphers, secretKey, Algorithm.AES); } - /** - * encode by defaultKey with Algorithm.AES - * - * @param simple - * @return Hex - */ - public static String encode(String simple) { - return encode2HexByDefaultKey(simple, Algorithm.AES); - } - - /** - * decoder by defaultKey with Algorithm.AES - * - * @param ciphers is HEX - * - * @return - */ - public static String decoder(String ciphers) { - return decoderHexByDefaultKey(ciphers, Algorithm.AES); - } - public static String generateKey(String algorithm) { if (algorithm.equals(Algorithm.DES)) { return (new StringGenerator(8)).randomGenerate(); diff --git a/maxkey-common/src/main/java/org/maxkey/crypto/password/PasswordReciprocal.java b/maxkey-common/src/main/java/org/maxkey/crypto/password/PasswordReciprocal.java index 7a154a8005dfb913ca8f6aa7f1bfed4dd7bb60f3..abcac1e9f5bb5411624869c84471f89e17fa76f9 100644 --- a/maxkey-common/src/main/java/org/maxkey/crypto/password/PasswordReciprocal.java +++ b/maxkey-common/src/main/java/org/maxkey/crypto/password/PasswordReciprocal.java @@ -18,6 +18,7 @@ package org.maxkey.crypto.password; import org.maxkey.crypto.ReciprocalUtils; +import org.springframework.security.crypto.bcrypt.BCrypt; import org.springframework.security.crypto.password.PasswordEncoder; /** @@ -27,8 +28,10 @@ import org.springframework.security.crypto.password.PasswordEncoder; */ public class PasswordReciprocal implements PasswordEncoder { + public static int PREFFIX_LENGTH = 7; + public static PasswordReciprocal passwordReciprocal; - + public PasswordReciprocal() { } @@ -45,24 +48,38 @@ public class PasswordReciprocal implements PasswordEncoder { return passwordReciprocal; } - - public String rawPassword(String username, String password) { - return password + "@" + username; - } - - public String encode(CharSequence rawPassword) { - return ReciprocalUtils.encode(rawPassword.toString()); + + public String decoder(CharSequence encodedPassword) { + String salt = encodedPassword.subSequence(0, 29).toString(); + encodedPassword = encodedPassword.subSequence(29, encodedPassword.length()); + String plain = ReciprocalUtils.decoderHex(encodedPassword.toString(), salt.substring(PREFFIX_LENGTH)); + return plain.substring(salt.substring(PREFFIX_LENGTH).length()); } public boolean matches(CharSequence rawPassword, String encodedPassword) { - return ReciprocalUtils.encode(rawPassword.toString()).equals(encodedPassword); + String salt = encodedPassword.subSequence(0, 29).toString(); + String finalPassword = encode(rawPassword,salt); + return finalPassword.equals(encodedPassword);//ReciprocalUtils.encode(rawPassword.toString()).equals(encodedPassword); } - public String decoder(CharSequence encodedPassword) { - if(encodedPassword == null || encodedPassword.equals("")) { - return ""; - } - return ReciprocalUtils.decoder(encodedPassword.toString()); + /** + * salt + * length 29 + * @return salt + */ + public String gensalt() { + return BCrypt.gensalt("$2a", 10); } + @Override + public String encode(CharSequence plain) { + //$2a$10$ + String salt = gensalt(); + return encode(plain, salt); + } + + private String encode(CharSequence plain,String salt) { + String password = salt.substring(PREFFIX_LENGTH) + plain ; + return salt + ReciprocalUtils.encode2Hex(password , salt.substring(PREFFIX_LENGTH)); + } } diff --git a/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java b/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java index a473bd533a43a4bf6f4c6019a9e678a80a594d1f..a5aaad364a8d585e0d78ac9935b619b0b01e94cd 100644 --- a/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java +++ b/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java @@ -20,6 +20,7 @@ package org.maxkey.crypto; import java.io.UnsupportedEncodingException; import org.junit.Test; +import org.maxkey.crypto.password.PasswordReciprocal; public class ReciprocalUtilsTest { @Test @@ -53,18 +54,13 @@ public class ReciprocalUtilsTest { System.out.println(urldcode);*/ - System.out.println( ReciprocalUtils.decoder("76efad66eb7d10140dc2d9ef41c51df0")); - - - - - + String encoderString="root"; - System.out.println( ReciprocalUtils.encode(encoderString)); + encoderString = PasswordReciprocal.getInstance().encode(encoderString); + System.out.println( encoderString); - encoderString="ead67db5c4f55eace090ab0044682451"; - encoderString=ReciprocalUtils.decoder(encoderString); + encoderString=PasswordReciprocal.getInstance().decoder(encoderString); System.out.println(encoderString ); diff --git a/maxkey-common/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java b/maxkey-common/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java index 3b935a331aec858fc3075627e470f5a723c36e58..3e58d5900c9b4282cd8b602fb3df40fd9bc3a5ca 100644 --- a/maxkey-common/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java +++ b/maxkey-common/src/test/java/org/maxkey/crypto/password/PasswordReciprocalTest.java @@ -27,11 +27,16 @@ public class PasswordReciprocalTest { public static void main(String[] args) { BCryptPasswordEncoder spe= new BCryptPasswordEncoder(); - String pass=PasswordReciprocal.getInstance().rawPassword("admin", "admin"); + //String pass=PasswordReciprocal.getInstance().rawPassword("admin", "admin"); + String pass ="x8zPbCya"; String epass=spe.encode(pass); System.out.println("PasswordEncoder "+epass); - System.out.println(PasswordReciprocal.getInstance().decoder("f1ee1e9b912f05333a06925c99daf9c0")); + String encode = PasswordReciprocal.getInstance().encode(pass); + System.out.println(encode); + System.out.println(PasswordReciprocal.getInstance().decoder(encode)); + + System.out.println(PasswordReciprocal.getInstance().matches(pass,encode)); } } diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java index 4449d8b89ff92f6b7b02db5c496d6941ab43eec6..0dab33dee449aaecbf3d03fb4b683919422242d4 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java @@ -21,7 +21,7 @@ import java.util.List; import org.apache.mybatis.jpa.persistence.JpaBaseService; import org.maxkey.constants.ConstantsStatus; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.AccountsStrategy; import org.maxkey.entity.OrganizationsCast; @@ -141,7 +141,7 @@ public class AccountsService extends JpaBaseService{ account.setUsername(user.getUsername()); account.setDisplayName(user.getDisplayName()); account.setRelatedUsername(generateAccount(user,strategy)); - account.setRelatedPassword(ReciprocalUtils.encode(userInfoService.randomPassword())); + account.setRelatedPassword(PasswordReciprocal.getInstance().encode(userInfoService.randomPassword())); account.setCreateType("automatic"); account.setStatus(ConstantsStatus.ACTIVE); diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java index 4db3de955dbcccff71df2840d3d933ece569c71b..c770e4ff08c26d8fb8b29bba8af41d7c5f4f3d1e 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java @@ -20,7 +20,6 @@ package org.maxkey.persistence.service; import org.apache.mybatis.jpa.persistence.JpaBaseService; import org.maxkey.constants.ConstantsStatus; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.ChangePassword; @@ -205,7 +204,7 @@ public class UserInfoService extends JpaBaseService { //密码不为空,则需要进行加密处理 if(userInfo.getPassword()!=null && !userInfo.getPassword().equals("")) { String password = passwordEncoder.encode(userInfo.getPassword()); - userInfo.setDecipherable(ReciprocalUtils.encode(PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), userInfo.getPassword()))); + userInfo.setDecipherable(PasswordReciprocal.getInstance().encode(userInfo.getPassword())); _logger.debug("decipherable : "+userInfo.getDecipherable()); userInfo.setPassword(password); userInfo.setPasswordLastSetTime(DateUtils.getCurrentDateTimeAsString()); @@ -263,8 +262,7 @@ public class UserInfoService extends JpaBaseService { public boolean changePassword(UserInfo changeUserInfo,boolean passwordPolicy) { try { _logger.debug("decipherable old : " + changeUserInfo.getDecipherable()); - _logger.debug("decipherable new : " + ReciprocalUtils.encode(PasswordReciprocal.getInstance() - .rawPassword(changeUserInfo.getUsername(), changeUserInfo.getPassword()))); + _logger.debug("decipherable new : " + PasswordReciprocal.getInstance().encode(changeUserInfo.getPassword())); if (passwordPolicy && passwordPolicyValidator.validator(changeUserInfo) == false) { return false; diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java index 25359bab1f2f77de6b01886b4abe0dc17d287895..fd7e005991b320bfcc0cb688305a6c084788a3a8 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java @@ -22,7 +22,7 @@ package org.maxkey.authz.endpoint; import org.apache.commons.lang3.StringUtils; import org.maxkey.configuration.ApplicationConfig; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.UserInfo; import org.maxkey.entity.apps.Apps; @@ -80,12 +80,12 @@ public class AuthorizeBaseEndpoint { account=accountsService.load(new Accounts(userInfo.getId(),loadApp.getId())); if(account!=null){ - account.setRelatedPassword(ReciprocalUtils.decoder(account.getRelatedPassword())); + account.setRelatedPassword(PasswordReciprocal.getInstance().decoder(account.getRelatedPassword())); } }else if(loadApp.getCredential()==Apps.CREDENTIALS.SHARED){ account.setRelatedUsername(loadApp.getSharedUsername()); - account.setRelatedPassword(ReciprocalUtils.decoder(loadApp.getSharedPassword())); + account.setRelatedPassword(PasswordReciprocal.getInstance().decoder(loadApp.getSharedPassword())); }else if(loadApp.getCredential()==Apps.CREDENTIALS.SYSTEM){ @@ -101,7 +101,7 @@ public class AuthorizeBaseEndpoint { account.setUsername(userInfo.getWindowsAccount()); } //decoder database stored encode password - account.setRelatedPassword(ReciprocalUtils.decoder(WebContext.getUserInfo().getDecipherable())); + account.setRelatedPassword(PasswordReciprocal.getInstance().decoder(WebContext.getUserInfo().getDecipherable())); }else if(loadApp.getCredential()==Apps.CREDENTIALS.NONE){ diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeCredentialEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeCredentialEndpoint.java index 17c3944105992f433f182f377140592d9c0418f0..829624fe54df2ca0e61769f305994ae772b02188 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeCredentialEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeCredentialEndpoint.java @@ -21,8 +21,7 @@ package org.maxkey.authz.endpoint; import javax.servlet.http.HttpServletRequest; - -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.UserInfo; import org.maxkey.util.StringUtils; @@ -76,7 +75,7 @@ public class AuthorizeCredentialEndpoint extends AuthorizeBaseEndpoint{ appUser.setAppName(getApp(appId).getName()); appUser.setRelatedUsername(identity_username); - appUser.setRelatedPassword(ReciprocalUtils.encode(identity_password)); + appUser.setRelatedPassword(PasswordReciprocal.getInstance().encode(identity_password)); if(accountsService.insert(appUser)){ diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeProtectedEndpoint.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeProtectedEndpoint.java index 005e58522f26147e62dca33ff2981d643539f26f..a3a4b5177d7f53a35ae5143833a1530f24c3ea39 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeProtectedEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeProtectedEndpoint.java @@ -21,8 +21,7 @@ package org.maxkey.authz.endpoint; import javax.servlet.http.HttpServletRequest; - -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.UserInfo; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; @@ -52,7 +51,7 @@ public class AuthorizeProtectedEndpoint{ @RequestParam("password") String password, @RequestParam("redirect_uri") String redirect_uri){ UserInfo userInfo=WebContext.getUserInfo(); - if( userInfo.getAppLoginPassword().equals(ReciprocalUtils.encode(password))){ + if( userInfo.getAppLoginPassword().equals(PasswordReciprocal.getInstance().encode(password))){ WebContext.setAttribute(WebConstants.CURRENT_SINGLESIGNON_URI, redirect_uri); return WebContext.redirect(redirect_uri); } diff --git a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtHS256Adapter.java b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtHS256Adapter.java index 9eaef06ffd0cdddd03857677600d854e21557d49..c3cd5c1dfb9de064887be070a6b631386e92f3d0 100644 --- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtHS256Adapter.java +++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtHS256Adapter.java @@ -25,9 +25,9 @@ import org.joda.time.DateTime; import org.maxkey.authn.SigninPrincipal; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.configuration.oidc.OIDCProviderMetadata; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService; import org.maxkey.crypto.jwt.signer.service.impl.SymmetricSigningAndValidationServiceBuilder; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.UserInfo; import org.maxkey.entity.apps.Apps; import org.maxkey.entity.apps.AppsJwtDetails; @@ -79,7 +79,7 @@ public class JwtHS256Adapter extends AbstractAuthorizeAdapter { JWT jwtToken = new PlainJWT(jwtClaims); - String sharedSecret=ReciprocalUtils.decoder(details.getAlgorithmKey()); + String sharedSecret=PasswordReciprocal.getInstance().decoder(details.getAlgorithmKey()); _logger.debug("jwt sharedSecret : "+sharedSecret); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java index da1e4117df11a6b7074fb1872856afe380ec44a6..5f97b107d037b5b711c2f94bd86430d64d7e936b 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java @@ -31,11 +31,11 @@ import org.maxkey.authz.oauth2.provider.ClientDetailsService; import org.maxkey.authz.oauth2.provider.OAuth2Authentication; import org.maxkey.authz.oauth2.provider.token.DefaultTokenServices; import org.maxkey.constants.ContentType; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.jwt.encryption.service.JwtEncryptionAndDecryptionService; import org.maxkey.crypto.jwt.encryption.service.impl.RecipientJwtEncryptionAndDecryptionServiceBuilder; import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService; import org.maxkey.crypto.jwt.signer.service.impl.SymmetricSigningAndValidationServiceBuilder; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.UserInfo; import org.maxkey.entity.apps.oauth2.provider.ClientDetails; import org.maxkey.persistence.service.AppsService; @@ -233,7 +233,7 @@ public class OpenIdConnectUserInfoEndpoint { || signingAlg.equals(JWSAlgorithm.HS384) || signingAlg.equals(JWSAlgorithm.HS512)) { // sign it with the client's secret - String client_secret=ReciprocalUtils.decoder(clientDetails.getClientSecret()); + String client_secret=PasswordReciprocal.getInstance().decoder(clientDetails.getClientSecret()); JwtSigningAndValidationService symmetricJwtSignerService =symmetricJwtSignerServiceBuilder.serviceBuilder(client_secret); if(symmetricJwtSignerService!=null){ diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java index cdb929ea3b410872660582525c89d6a45594390d..8557b2354b95c750057b0852629d1ce23a38ea02 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java @@ -34,11 +34,11 @@ import org.maxkey.authz.oauth2.provider.OAuth2Authentication; import org.maxkey.authz.oauth2.provider.OAuth2Request; import org.maxkey.authz.oauth2.provider.token.TokenEnhancer; import org.maxkey.configuration.oidc.OIDCProviderMetadata; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.jwt.encryption.service.JwtEncryptionAndDecryptionService; import org.maxkey.crypto.jwt.encryption.service.impl.RecipientJwtEncryptionAndDecryptionServiceBuilder; import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService; import org.maxkey.crypto.jwt.signer.service.impl.SymmetricSigningAndValidationServiceBuilder; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.apps.oauth2.provider.ClientDetails; import org.maxkey.web.WebContext; @@ -174,7 +174,7 @@ public class OIDCIdTokenEnhancer implements TokenEnhancer { || signingAlg.equals(JWSAlgorithm.HS384) || signingAlg.equals(JWSAlgorithm.HS512)) { // sign it with the client's secret - String client_secret=ReciprocalUtils.decoder(clientDetails.getClientSecret()); + String client_secret=PasswordReciprocal.getInstance().decoder(clientDetails.getClientSecret()); JwtSigningAndValidationService symmetricJwtSignerService =symmetricJwtSignerServiceBuilder.serviceBuilder(client_secret); if(symmetricJwtSignerService!=null){ diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java index d34be53de8ca47a8f7f5da408efcd72d96788b07..c9d0dc4cdf40168bf9e055e55ed531804e667669 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java @@ -23,7 +23,7 @@ import java.util.List; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsOperateMessage; import org.maxkey.constants.ConstantsProtocols; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.UserInfo; import org.maxkey.entity.apps.Apps; @@ -147,7 +147,7 @@ public class AppListController { @RequestParam("password") String password) { UserInfo userInfo = WebContext.getUserInfo(); - String userAppProtectedPassword = ReciprocalUtils.decoder(userInfo.getAppLoginPassword()); + String userAppProtectedPassword = PasswordReciprocal.getInstance().decoder(userInfo.getAppLoginPassword()); if (userAppProtectedPassword.equals(password)) { if (protectedappId.equalsIgnoreCase("YES")) { @@ -213,7 +213,7 @@ public class AppListController { } if (appUsers != null) { modelAndView.addObject("identity_username", appUsers.getRelatedUsername()); - modelAndView.addObject("identity_password", ReciprocalUtils.decoder(appUsers.getRelatedPassword())); + modelAndView.addObject("identity_password", PasswordReciprocal.getInstance().decoder(appUsers.getRelatedPassword())); } else { modelAndView.addObject("identity_username", ""); modelAndView.addObject("identity_password", ""); @@ -256,11 +256,11 @@ public class AppListController { appUsers.setDisplayName(userInfo.getDisplayName()); appUsers.setRelatedUsername(identity_username); - appUsers.setRelatedPassword(ReciprocalUtils.encode(identity_password)); + appUsers.setRelatedPassword(PasswordReciprocal.getInstance().encode(identity_password)); appUsersService.insert(appUsers); } else { appUsers.setRelatedUsername(identity_username); - appUsers.setRelatedPassword(ReciprocalUtils.encode(identity_password)); + appUsers.setRelatedPassword(PasswordReciprocal.getInstance().encode(identity_password)); appUsersService.update(appUsers); } } diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegistrationController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegistrationController.java index d28628f91f02ecfbe32de715b0a480243c76fd5b..c8184fc722f326ace07666acec68bb32a0ad0178 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegistrationController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegistrationController.java @@ -27,7 +27,6 @@ import org.apache.ibatis.session.SqlSession; import org.apache.ibatis.session.SqlSessionFactory; import org.maxkey.configuration.ApplicationConfig; import org.maxkey.constants.ConstantsStatus; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Registration; import org.maxkey.entity.UserInfo; @@ -164,10 +163,9 @@ public class RegistrationController { userInfo.setWorkPhoneNumber(registration.getWorkPhone()); userInfo.setEmail(registration.getWorkEmail()); userInfo.setStatus(ConstantsStatus.ACTIVE); - String rawPassword=PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), password); - userInfo.setDecipherable(ReciprocalUtils.encode(rawPassword)); + userInfo.setDecipherable(PasswordReciprocal.getInstance().encode(password)); - password = passwordEncoder.encode(rawPassword ); + password = passwordEncoder.encode(password ); userInfo.setPassword(password); userInfo.setPasswordLastSetTime(DateUtils.format(new Date(), DateUtils.FORMAT_DATE_YYYY_MM_DD_HH_MM_SS)); userInfoService.insert(userInfo); diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java index 31fb6ebabfdd5f4ca232e8c9c6edc8a7e0be90e0..a8013160b5eb3378a6e0e555820239273225352f 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java @@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse; import org.maxkey.constants.ConstantsOperateMessage; import org.maxkey.constants.ConstantsPasswordSetType; import org.maxkey.constants.ConstantsTimeInterval; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.UserInfo; import org.maxkey.persistence.db.PasswordPolicyValidator; import org.maxkey.persistence.service.UserInfoService; @@ -133,10 +133,10 @@ public class SafeController { UserInfo userInfo =WebContext.getUserInfo(); _logger.debug("App Login Password : "+userInfo.getAppLoginPassword()); - _logger.debug("App Login new Password : "+ReciprocalUtils.encode(newPassword)); + _logger.debug("App Login new Password : "+PasswordReciprocal.getInstance().encode(newPassword)); if(newPassword.equals(confirmPassword)){ - if(StringUtils.isEmpty(userInfo.getAppLoginPassword())||userInfo.getAppLoginPassword().equals(ReciprocalUtils.encode(oldPassword))){ - userInfo.setAppLoginPassword(ReciprocalUtils.encode(newPassword)); + if(StringUtils.isEmpty(userInfo.getAppLoginPassword())||userInfo.getAppLoginPassword().equals(PasswordReciprocal.getInstance().encode(oldPassword))){ + userInfo.setAppLoginPassword(PasswordReciprocal.getInstance().encode(newPassword)); boolean change= userInfoService.changeAppLoginPassword(userInfo); _logger.debug(""+change); return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.prompt); diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java index aa746e4e27bedabc433f1ae4f5a18399803dd54c..3db4e8d70c30c28e1d98351c137eca403e9097eb 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java @@ -23,7 +23,6 @@ package org.maxkey.web.apps.contorller; import java.io.IOException; import org.maxkey.constants.ConstantsProtocols; -import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.apps.Apps; import org.maxkey.persistence.service.AppsService; @@ -84,7 +83,7 @@ public class BaseAppContorller { if(application.getCredential()!=Apps.CREDENTIALS.SHARED){ if(application.getProtocol().equals(ConstantsProtocols.FORMBASED)){ if(StringUtils.isNotEmpty(application.getSharedPassword())){ - application.setSharedPassword(ReciprocalUtils.encode(application.getSharedPassword())); + application.setSharedPassword(PasswordReciprocal.getInstance().encode(application.getSharedPassword())); } } } @@ -94,7 +93,7 @@ public class BaseAppContorller { if(application.getCredential()!=Apps.CREDENTIALS.SHARED){ if(application.getProtocol().equals(ConstantsProtocols.FORMBASED)){ if(StringUtils.isNotEmpty(application.getSharedPassword())){ - application.setSharedPassword(ReciprocalUtils.decoder(application.getSharedPassword())); + application.setSharedPassword(PasswordReciprocal.getInstance().decoder(application.getSharedPassword())); } } } diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/AccountsController.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/AccountsController.java index 8d672532da7951bcda3b4647b93acb3335cc0e94..871d846200732f0302728789a0b7cf30c4d8e7d1 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/AccountsController.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/AccountsController.java @@ -19,7 +19,7 @@ package org.maxkey.web.contorller; import org.apache.mybatis.jpa.persistence.JpaPageResults; import org.maxkey.constants.ConstantsOperateMessage; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Accounts; import org.maxkey.entity.AccountsStrategy; import org.maxkey.entity.UserInfo; @@ -101,7 +101,7 @@ public class AccountsController { @RequestMapping(value={"/add"}) public Message add(@ModelAttribute("appAccounts") Accounts appAccounts ) { _logger.debug("-update :" + appAccounts); - appAccounts.setRelatedPassword(ReciprocalUtils.encode(appAccounts.getRelatedPassword())); + appAccounts.setRelatedPassword(PasswordReciprocal.getInstance().encode(appAccounts.getRelatedPassword())); accountsService.insert(appAccounts); return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success); @@ -113,7 +113,7 @@ public class AccountsController { ModelAndView modelAndView=new ModelAndView("/accounts/accountsUpdate"); Accounts appAccounts =accountsService.get(id); - appAccounts.setRelatedPassword(ReciprocalUtils.decoder(appAccounts.getRelatedPassword())); + appAccounts.setRelatedPassword(PasswordReciprocal.getInstance().decoder(appAccounts.getRelatedPassword())); modelAndView.addObject("model",appAccounts); return modelAndView; } @@ -129,7 +129,7 @@ public class AccountsController { public Message update(@ModelAttribute("appAccounts") Accounts appAccounts ) { _logger.debug("-update :" + appAccounts); - appAccounts.setRelatedPassword(ReciprocalUtils.encode(appAccounts.getRelatedPassword())); + appAccounts.setRelatedPassword(PasswordReciprocal.getInstance().encode(appAccounts.getRelatedPassword())); accountsService.update(appAccounts); return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success); diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserInfoController.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserInfoController.java index 0734e48b8a0a93cacb6ea1214374e77340e34e7c..a1b67289808b0a839b7fef0da72e961cc0c5277c 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserInfoController.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserInfoController.java @@ -37,7 +37,7 @@ import org.apache.poi.ss.usermodel.Sheet; import org.apache.poi.ss.usermodel.Workbook; import org.maxkey.constants.ConstantsOperateMessage; import org.maxkey.constants.ConstantsPasswordSetType; -import org.maxkey.crypto.ReciprocalUtils; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.ExcelImport; import org.maxkey.entity.UserInfo; import org.maxkey.persistence.service.UserInfoService; @@ -162,7 +162,7 @@ public class UserInfoController { UserInfo userInfo = userInfoService.get(id); if(userInfo!=null&&userInfo.getDecipherable()!=null){ try{ - userInfo.setPassword(ReciprocalUtils.decoder(userInfo.getDecipherable())); + userInfo.setPassword(PasswordReciprocal.getInstance().decoder(userInfo.getDecipherable())); }catch (Exception e) { } userInfo.setDecipherable(userInfo.getPassword());