社交账号登录优化

be866135 · MaxKey单点登录官方 · a794a945 · be866135 · be866135 · be866135
6 changed file
--- a/ReleaseNotes.txt
+++ b/ReleaseNotes.txt
@@ -12,6 +12,8 @@
 	*(MAXKEY-200912) 构建脚本的优化和更新
 	*(MAXKEY-200920)  依赖jar引用、更新和升级
 	    druid 1.2.1
+	    JustAuth 1.15.8
+	    simple-http 1.0.3
 	    spring-session 2.3.1.RELEASE
 	    druid-spring-boot-starter 1.2.1

--- a/build.gradle
+++ b/build.gradle
@@ -228,8 +228,8 @@ subprojects {
         compile group: 'net.minidev', name: 'json-smart', version: '2.3'
         compile group: 'net.minidev', name: 'asm', version: '1.0.2'
         //oauth third party JustAuth
-         compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.2'
+         compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.3'
-         compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.7'
+         compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.8'
         //common
         compile group: 'org.javassist', name: 'javassist', version: '3.23.0-GA'
         compile group: 'org.owasp.esapi', name: 'esapi', version: '2.2.0.0'

--- a/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
+++ b/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
@@ -98,12 +98,20 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	@RequestMapping(value={"/callback/{provider}"}, method = RequestMethod.GET)
 	public ModelAndView callback(@PathVariable String provider
 			) {
-		this.provider=provider;
-		this.authCallback();
+	    SocialsAssociate socialsAssociate = null;
-		_logger.debug(this.accountId);
+	    //auth call back may exception 
-		SocialsAssociate socialSignOnUserToken =new SocialsAssociate();
+	    try {
-		socialSignOnUserToken.setProvider(provider);
+    		this.provider=provider;
-		socialSignOnUserToken.setSocialuid(this.accountId);
+    		this.authCallback();
+    		_logger.debug(this.accountId);
+    		socialsAssociate =new SocialsAssociate();
+    		socialsAssociate.setProvider(provider);
+    		socialsAssociate.setSocialuid(this.accountId);
+	    }catch(Exception e) {
+	        _logger.error("callback Exception  ",e);
+	    }
 		//for login
 		String socialSignOnType= "";
@@ -112,10 +120,10 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		}
 		if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)||socialSignOnType.equals("")){
-			socialSignOn(socialSignOnUserToken);
+			socialSignOn(socialsAssociate);
 			return WebContext.redirect("/index");
 		}else{
-			socialBind(socialSignOnUserToken);
+			socialBind(socialsAssociate);
 		}
 		if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
@@ -126,38 +134,41 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	}
-	public boolean socialBind(SocialsAssociate socialSignOnUserToken){
+	public boolean socialBind(SocialsAssociate socialsAssociate){
-		socialSignOnUserToken.setSocialUserInfo(accountJsonString);
+	    if(null == socialsAssociate) {
-		socialSignOnUserToken.setUid(WebContext.getUserInfo().getId());
+	        return false;
-		socialSignOnUserToken.setUsername(WebContext.getUserInfo().getUsername());
+	    }
-		//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(accessToken));
-		//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+	    socialsAssociate.setSocialUserInfo(accountJsonString);
-		_logger.debug("Social Bind : "+socialSignOnUserToken);
+	    socialsAssociate.setUid(WebContext.getUserInfo().getId());
-		this.socialsAssociateService.delete(socialSignOnUserToken);
+		socialsAssociate.setUsername(WebContext.getUserInfo().getUsername());
-		this.socialsAssociateService.insert(socialSignOnUserToken);
+		//socialsAssociate.setAccessToken(JsonUtils.object2Json(accessToken));
+		//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+		_logger.debug("Social Bind : "+socialsAssociate);
+		this.socialsAssociateService.delete(socialsAssociate);
+		this.socialsAssociateService.insert(socialsAssociate);
 		return true;
 	}
-	public boolean socialSignOn(SocialsAssociate socialSignOnUserToken){
+	public boolean socialSignOn(SocialsAssociate socialsAssociate){
-		socialSignOnUserToken=this.socialsAssociateService.get(socialSignOnUserToken);
+	    socialsAssociate=this.socialsAssociateService.get(socialsAssociate);
-		_logger.debug("callback SocialSignOn User Token : "+socialSignOnUserToken);
+		_logger.debug("Loaded SocialSignOn Socials Associate : "+socialsAssociate);
-		if(null !=socialSignOnUserToken){
+		if(null == socialsAssociate) {
-			_logger.debug("Social Sign On from "+socialSignOnUserToken.getProvider()+" mapping to user "+socialSignOnUserToken.getUsername());
+		    WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
+            return false;
-			authenticationProvider.trustAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
-			//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
-			socialSignOnUserToken.setSocialUserInfo(accountJsonString);
-			//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
-			this.socialsAssociateService.update(socialSignOnUserToken);
-		}else{
-			WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
 		}
+		_logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername());
+		authenticationProvider.trustAuthentication(socialsAssociate.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
+		//socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken));
+		socialsAssociate.setSocialUserInfo(accountJsonString);
+		//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+		this.socialsAssociateService.update(socialsAssociate);
 		return true;
 	}
 }
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
 PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
 login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
 login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
 login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@@ -43,4 +44,5 @@ login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
 login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
 login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=old password not match.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=new password not match confirm password.
 PasswordPolicy.OLD_PASSWORD_MATCH=new password  match old password.
+#for user login
 login.error.attempts={0} login attempts the maximum number of {1} times, please login later.
 login.error.locked=The user is locked.
 login.error.inactive=User inactive state.
@@ -42,4 +43,5 @@ login.error.email.null=email cannot be empty.
 login.error.password.null=Password cannot be empty.
 login.error.captcha=Verification code error, please login again.
 login.error.authtype=Login authentication type error.
-login.error.session=Login session failed. Please login again.
+login.error.session=Login session failed. please login again.
\ No newline at end of file
+login.error.social=Social login failed. please retry.
\ No newline at end of file
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
 PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
+#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
 login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
 login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
 login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@@ -42,4 +43,5 @@ login.error.email.null=\u767b\u5f55\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
 login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
 login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
\ No newline at end of file
+login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.
\ No newline at end of file