resolve

a02822d0 · MaxKey · 0f7189c5 · a02822d0 · a02822d0
2 changed file
--- a/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
+++ b/maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
@@ -18,8 +18,6 @@
 package org.maxkey.web.contorller;

 import com.google.code.kaptcha.Producer;
-import com.nimbusds.jwt.JWTClaimsSet;
-
 import java.awt.image.BufferedImage;
 import java.io.ByteArrayOutputStream;
 import java.util.Base64;
@@ -30,7 +28,6 @@ import org.apache.commons.lang3.StringUtils;
 import org.maxkey.authn.jwt.AuthJwtService;
 import org.maxkey.entity.Message;
 import org.maxkey.persistence.MomentaryService;
-import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -87,11 +84,11 @@ public class ImageCaptchaEndpoint {
            if(StringUtils.isNotBlank(state) 
            		&& !state.equalsIgnoreCase("state")
            		&& authJwtService.validateJwtToken(state)) {
-            	JWTClaimsSet claim = authJwtService.resolve(state);
-            	kaptchaKey = claim.getJWTID();
+            	//do nothing
            }else {
-            	kaptchaKey = WebContext.genId();
+            	state = authJwtService.genJwt();
            }
+            kaptchaKey = authJwtService.resolveTicket(state);
            _logger.trace("kaptchaKey {} , Captcha Text is {}" ,kaptchaKey, kaptchaValue);
           
            momentaryService.put("", kaptchaKey, kaptchaValue);
@@ -108,7 +105,7 @@ public class ImageCaptchaEndpoint {
            
            stream.close();
            return new Message<ImageCaptcha>(
-            			new ImageCaptcha(kaptchaKey,b64Image)
+            			new ImageCaptcha(state,b64Image)
            		).buildResponse();
        } catch (Exception e) {
            _logger.error("captcha Producer Error " + e.getMessage());

--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
@@ -37,8 +37,6 @@ import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import com.nimbusds.jwt.JWTClaimsSet;
-

 /**
 * database Authentication provider.
@@ -136,16 +134,17 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
     */
    protected void captchaValid(String state ,String captcha) throws ParseException {
        // for basic
-    	JWTClaimsSet claim = authJwtService.resolve(state);
-    	if(claim == null) {
+    	String ticket = authJwtService.resolveTicket(state);
+    	if(ticket == null) {
    		throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha"));
    	}
-    	Object momentaryCaptcha = momentaryService.get("", claim.getJWTID());
+    	Object momentaryCaptcha = momentaryService.get("", ticket);
        _logger.info("captcha : {} , momentary Captcha : {} " ,captcha, momentaryCaptcha);
        if (StringUtils.isBlank(captcha) || !captcha.equals(momentaryCaptcha.toString())) {
            _logger.debug("login captcha valid error.");
            throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha"));
        }
+        momentaryService.remove("", ticket);
    }