From 7944b16bd1bce294ae1d2628aa53b28f2c7130fa Mon Sep 17 00:00:00 2001 From: MaxKey Date: Thu, 3 Mar 2022 20:35:19 +0800 Subject: [PATCH] =?UTF-8?q?LDAP=E5=90=8C=E6=AD=A5=E5=92=8C=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit decoder credentials --- .../realm/AbstractAuthenticationRealm.java | 5 +- .../ldap/LdapAuthenticationRealmService.java | 7 ++- .../maxkey/crypto/ReciprocalUtilsTest.java | 9 +-- .../synchronizer/ldap/LdapUsersService.java | 62 ++++++++++++------- .../SynchronizerAutoConfiguration.java | 5 +- 5 files changed, 56 insertions(+), 32 deletions(-) diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java index 3b23032b..f8c4ac2d 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java @@ -149,8 +149,9 @@ public abstract class AbstractAuthenticationRealm { historyLogin.setBrowser(browser.getName()); historyLogin.setPlatform(browser.getPlatform()); historyLogin.setSourceIp(userInfo.getLastLoginIp()); - historyLogin.setIpRegion(IpRegionFactory.getFactory().region(userInfo.getLastLoginIp())); - historyLogin.setIpLocation(IpRegionFactory.getFactory().getLocation(historyLogin.getIpRegion())); + //TODO: + //historyLogin.setIpRegion(IpRegionFactory.getFactory().region(userInfo.getLastLoginIp())); + //historyLogin.setIpLocation(IpRegionFactory.getFactory().getLocation(historyLogin.getIpRegion())); historyLogin.setProvider(provider); historyLogin.setCode(code); historyLogin.setLoginType(type); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java index 197239a4..d7b3f069 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java @@ -21,6 +21,7 @@ import java.util.List; import java.util.concurrent.TimeUnit; import org.maxkey.authn.realm.IAuthenticationServer; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.LdapContext; import org.maxkey.persistence.ldap.ActiveDirectoryUtils; import org.maxkey.persistence.ldap.LdapUtils; @@ -57,7 +58,8 @@ public class LdapAuthenticationRealmService { ActiveDirectoryUtils ldapUtils = new ActiveDirectoryUtils( ldapContext.getProviderUrl(), ldapContext.getPrincipal(), - ldapContext.getCredentials(), + PasswordReciprocal.getInstance().decoder( + ldapContext.getCredentials()), ldapContext.getMsadDomain()); ldapServer.setActiveDirectoryUtils(ldapUtils); if(ldapContext.getAccountMapping().equalsIgnoreCase("YES")) { @@ -70,7 +72,8 @@ public class LdapAuthenticationRealmService { LdapUtils ldapUtils = new LdapUtils( ldapContext.getProviderUrl(), ldapContext.getPrincipal(), - ldapContext.getCredentials(), + PasswordReciprocal.getInstance().decoder( + ldapContext.getCredentials()), ldapContext.getBasedn()); standardLdapServer.setLdapUtils(ldapUtils); standardLdapServer.setFilterAttribute(ldapContext.getFilters()); diff --git a/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java b/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java index a5aaad36..edba7b81 100644 --- a/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java +++ b/maxkey-common/src/test/java/org/maxkey/crypto/ReciprocalUtilsTest.java @@ -45,20 +45,17 @@ public class ReciprocalUtilsTest { String urlencodeString="中国"; String urlencode = java.net.URLEncoder.encode(urlencodeString, "utf-8"); System.out.println(urlencode); - String urldecodeString="http://exchange.connsec.com/owa/?ae=Item&a=Open&t=IPM.Note&id=RgAAAABPKgpqnlfYQ7BVC%2fBfH2XIBwCS0xhUjzMYSLVky9bw7LddAAAAjov5AACS0xhUjzMYSLVky9bw7LddAAADzoy%2fAAAA&pspid=_1428036768398_867461813"; + String urldecodeString="http://exchange.maxkey.top/owa/?ae=Item&a=Open&t=IPM.Note&id=RgAAAABPKgpqnlfYQ7BVC%2fBfH2XIBwCS0xhUjzMYSLVky9bw7LddAAAAjov5AACS0xhUjzMYSLVky9bw7LddAAADzoy%2fAAAA&pspid=_1428036768398_867461813"; String urldcode = java.net.URLDecoder.decode(urldecodeString, "utf-8"); - - - - System.out.println(urldcode);*/ - String encoderString="root"; + String encoderString="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; encoderString = PasswordReciprocal.getInstance().encode(encoderString); System.out.println( encoderString); + System.out.println( "length " + encoderString.length()); encoderString=PasswordReciprocal.getInstance().decoder(encoderString); System.out.println(encoderString ); diff --git a/maxkey-synchronizers/maxkey-synchronizer-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java b/maxkey-synchronizers/maxkey-synchronizer-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java index 192cd9c8..1a24019c 100644 --- a/maxkey-synchronizers/maxkey-synchronizer-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java +++ b/maxkey-synchronizers/maxkey-synchronizer-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java @@ -108,40 +108,60 @@ public class LdapUsersService extends AbstractSynchronizerService implements IS try { userInfo.setId(userInfo.generateId()); - userInfo.setFormattedName(LdapUtils.getAttributeStringValue(InetOrgPerson.CN,attributeMap));//閸忋劌鎮� - //鐠愶附鍩� - userInfo.setUsername(LdapUtils.getAttributeStringValue(InetOrgPerson.UID,attributeMap));//鐠愶箑褰� - userInfo.setFamilyName(LdapUtils.getAttributeStringValue(InetOrgPerson.SN,attributeMap));//婵拷 - userInfo.setGivenName(LdapUtils.getAttributeStringValue(InetOrgPerson.GIVENNAME,attributeMap));//閸氾拷 - userInfo.setNickName(LdapUtils.getAttributeStringValue(InetOrgPerson.INITIALS,attributeMap));//閺勭數袨 - userInfo.setNameZhShortSpell(LdapUtils.getAttributeStringValue(InetOrgPerson.INITIALS,attributeMap));//閼昏鲸鏋冪紓鈺佸晸 - userInfo.setDisplayName(LdapUtils.getAttributeStringValue(InetOrgPerson.DISPLAYNAME,attributeMap));//閺勫墽銇氶崥宥囆� + String cn = LdapUtils.getAttributeStringValue(InetOrgPerson.CN,attributeMap); + String uid = LdapUtils.getAttributeStringValue(InetOrgPerson.UID,attributeMap); + String sn = LdapUtils.getAttributeStringValue(InetOrgPerson.SN,attributeMap); + String givenName = LdapUtils.getAttributeStringValue(InetOrgPerson.GIVENNAME,attributeMap); + String initials = LdapUtils.getAttributeStringValue(InetOrgPerson.INITIALS,attributeMap); + String displayName = LdapUtils.getAttributeStringValue(InetOrgPerson.DISPLAYNAME,attributeMap); + userInfo.setFormattedName(sn + givenName); + if(StringUtils.isBlank(uid)) { + userInfo.setUsername(cn); + userInfo.setWindowsAccount(cn); + }else { + userInfo.setUsername(uid); + userInfo.setWindowsAccount(uid); + } + userInfo.setFamilyName(sn); + userInfo.setGivenName(givenName); + if(StringUtils.isBlank(initials)) { + userInfo.setNickName(sn + givenName); + userInfo.setNameZhShortSpell(sn + givenName); + }else { + userInfo.setNickName(initials); + userInfo.setNameZhShortSpell(initials); + } + if(StringUtils.isBlank(displayName)) { + userInfo.setDisplayName(sn + givenName); + }else { + userInfo.setDisplayName(displayName); + } userInfo.setEmployeeNumber(LdapUtils.getAttributeStringValue(InetOrgPerson.EMPLOYEENUMBER,attributeMap)); //userInfo.setDepartment(LdapUtils.getAttributeStringValue(InetOrgPerson.OU,attributeMap)); //userInfo.setDepartmentId(LdapUtils.getAttributeStringValue(InetOrgPerson.DEPARTMENTNUMBER,attributeMap)); - userInfo.setJobTitle(LdapUtils.getAttributeStringValue(InetOrgPerson.TITLE,attributeMap));//閼卞苯濮� - userInfo.setWorkOfficeName(LdapUtils.getAttributeStringValue(InetOrgPerson.PHYSICALDELIVERYOFFICENAME,attributeMap));//閸旂偛鍙曠�癸拷 - userInfo.setWorkEmail(LdapUtils.getAttributeStringValue(InetOrgPerson.MAIL,attributeMap));//闁喕娆� - userInfo.setWorkRegion(LdapUtils.getAttributeStringValue(InetOrgPerson.ST,attributeMap));//閻拷 - userInfo.setWorkLocality(LdapUtils.getAttributeStringValue(InetOrgPerson.L,attributeMap));//閸橈拷 - userInfo.setWorkStreetAddress(LdapUtils.getAttributeStringValue(InetOrgPerson.STREET,attributeMap));//鐞涙浜� - userInfo.setWorkPostalCode(LdapUtils.getAttributeStringValue(InetOrgPerson.POSTALCODE,attributeMap));//闁喚绱� - userInfo.setWorkAddressFormatted(LdapUtils.getAttributeStringValue(InetOrgPerson.POSTOFFICEBOX,attributeMap));//闁喗鏂傞柇顔绢唸 + userInfo.setJobTitle(LdapUtils.getAttributeStringValue(InetOrgPerson.TITLE,attributeMap)); + userInfo.setWorkOfficeName(LdapUtils.getAttributeStringValue(InetOrgPerson.PHYSICALDELIVERYOFFICENAME,attributeMap)); + userInfo.setWorkEmail(LdapUtils.getAttributeStringValue(InetOrgPerson.MAIL,attributeMap)); + userInfo.setWorkRegion(LdapUtils.getAttributeStringValue(InetOrgPerson.ST,attributeMap)); + userInfo.setWorkLocality(LdapUtils.getAttributeStringValue(InetOrgPerson.L,attributeMap)); + userInfo.setWorkStreetAddress(LdapUtils.getAttributeStringValue(InetOrgPerson.STREET,attributeMap)); + userInfo.setWorkPostalCode(LdapUtils.getAttributeStringValue(InetOrgPerson.POSTALCODE,attributeMap)); + userInfo.setWorkAddressFormatted(LdapUtils.getAttributeStringValue(InetOrgPerson.POSTOFFICEBOX,attributeMap)); userInfo.setWorkFax(LdapUtils.getAttributeStringValue(InetOrgPerson.FACSIMILETELEPHONENUMBER,attributeMap)); - userInfo.setHomePhoneNumber(LdapUtils.getAttributeStringValue(InetOrgPerson.HOMEPHONE,attributeMap));//鐎硅泛娑甸悽浣冪樈 - userInfo.setHomeAddressFormatted(LdapUtils.getAttributeStringValue(InetOrgPerson.HOMEPOSTALADDRESS,attributeMap));//閻絻鐦芥径鍥ㄦ暈 + userInfo.setHomePhoneNumber(LdapUtils.getAttributeStringValue(InetOrgPerson.HOMEPHONE,attributeMap)); + userInfo.setHomeAddressFormatted(LdapUtils.getAttributeStringValue(InetOrgPerson.HOMEPOSTALADDRESS,attributeMap)); if(LdapUtils.getAttributeStringValue(InetOrgPerson.MOBILE,attributeMap).equals("")) { userInfo.setMobile(userInfo.getId()); }else { - userInfo.setMobile(LdapUtils.getAttributeStringValue(InetOrgPerson.MOBILE,attributeMap));//閹靛婧� + userInfo.setMobile(LdapUtils.getAttributeStringValue(InetOrgPerson.MOBILE,attributeMap)); } - userInfo.setPreferredLanguage(LdapUtils.getAttributeStringValue(InetOrgPerson.PREFERREDLANGUAGE,attributeMap));//鐠囶叀鈻� + userInfo.setPreferredLanguage(LdapUtils.getAttributeStringValue(InetOrgPerson.PREFERREDLANGUAGE,attributeMap)); - userInfo.setDescription(LdapUtils.getAttributeStringValue(InetOrgPerson.DESCRIPTION,attributeMap));//閹诲繗鍫� + userInfo.setDescription(LdapUtils.getAttributeStringValue(InetOrgPerson.DESCRIPTION,attributeMap)); userInfo.setUserState("RESIDENT"); userInfo.setUserType("EMPLOYEE"); userInfo.setTimeZone("Asia/Shanghai"); diff --git a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/maxkey/synchronizer/autoconfigure/SynchronizerAutoConfiguration.java b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/maxkey/synchronizer/autoconfigure/SynchronizerAutoConfiguration.java index a4e2c071..c18476ca 100644 --- a/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/maxkey/synchronizer/autoconfigure/SynchronizerAutoConfiguration.java +++ b/maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/maxkey/synchronizer/autoconfigure/SynchronizerAutoConfiguration.java @@ -21,6 +21,7 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.util.List; +import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.Synchronizers; import org.maxkey.synchronizer.SynchronizerJob; import org.quartz.CronExpression; @@ -104,7 +105,9 @@ public class SynchronizerAutoConfiguration implements InitializingBean { synchronizer.setProviderUrl(rs.getString("providerurl")); synchronizer.setDriverClass(rs.getString("driverclass")); synchronizer.setPrincipal( rs.getString("principal")); - synchronizer.setCredentials(rs.getString("credentials")); + synchronizer.setCredentials( + PasswordReciprocal.getInstance().decoder( + rs.getString("credentials"))); synchronizer.setResumeTime( rs.getString("resumetime")); synchronizer.setSuspendTime(rs.getString("suspendtime")); synchronizer.setFilters( rs.getString("filters")); -- GitLab