Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
c1c9bb5e
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
c1c9bb5e
编写于
3月 23, 2021
作者:
M
MaxKey
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
header authorization
上级
d5d47f12
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
122 addition
and
76 deletion
+122
-76
maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
...c/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
+1
-1
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
...src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
+1
-0
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
...in/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
+1
-0
maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
...rc/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
+1
-0
maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
...src/main/java/org/maxkey/constants/ldap/Organization.java
+3
-0
maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
...in/java/org/maxkey/constants/ldap/OrganizationalUnit.java
+1
-0
maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
...y-core/src/main/java/org/maxkey/domain/Organizations.java
+68
-54
maxkey-core/src/main/java/org/maxkey/web/HttpResponseAdapter.java
...ore/src/main/java/org/maxkey/web/HttpResponseAdapter.java
+0
-1
maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
...org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
+2
-2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
.../provider/endpoint/TokenEndpointAuthenticationFilter.java
+21
-1
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
...ovider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
+2
-0
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
...z/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+21
-17
未找到文件。
maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
浏览文件 @
c1c9bb5e
...
...
@@ -64,7 +64,7 @@ public class AuthorizationHeaderUtils {
}
public
static
boolean
isBearer
(
String
bearer
)
{
if
(
bearer
.
startsWith
(
AuthorizationHeaderCredential
.
Credential
.
BEARER
))
{
if
(
bearer
.
toLowerCase
().
startsWith
(
AuthorizationHeaderCredential
.
Credential
.
BEARER
.
toLowerCase
()
))
{
return
true
;
}
else
{
return
false
;
...
...
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
浏览文件 @
c1c9bb5e
...
...
@@ -28,6 +28,7 @@ import java.util.Arrays;
*/
public
class
GroupOfNames
{
public
static
ArrayList
<
String
>
OBJECTCLASS
=
new
ArrayList
<>(
Arrays
.
asList
(
"top"
,
"groupOfNames"
));
public
static
final
String
DISTINGUISHEDNAME
=
"distinguishedname"
;
public
static
final
String
CN
=
"cn"
;
public
static
final
String
MEMBER
=
"member"
;
public
static
final
String
BUSINESSCATEGORY
=
"businessCategory"
;
...
...
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
浏览文件 @
c1c9bb5e
...
...
@@ -28,6 +28,7 @@ import java.util.Arrays;
*/
public
class
GroupOfUniqueNames
{
public
static
ArrayList
<
String
>
OBJECTCLASS
=
new
ArrayList
<>(
Arrays
.
asList
(
"top"
,
"groupOfUniqueNames"
));
public
static
final
String
DISTINGUISHEDNAME
=
"distinguishedname"
;
public
static
final
String
CN
=
"cn"
;
public
static
final
String
UNIQUEMEMBER
=
"uniqueMember"
;
public
static
final
String
BUSINESSCATEGORY
=
"businessCategory"
;
...
...
maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
浏览文件 @
c1c9bb5e
...
...
@@ -28,6 +28,7 @@ import java.util.Arrays;
*/
public
class
InetOrgPerson
{
public
static
ArrayList
<
String
>
OBJECTCLASS
=
new
ArrayList
<>(
Arrays
.
asList
(
"top"
,
"person"
,
"organizationalPerson"
,
"inetOrgPerson"
));
public
static
final
String
DISTINGUISHEDNAME
=
"distinguishedname"
;
//person sup top
/**person sn MUST*/
public
static
final
String
SN
=
"sn"
;
...
...
maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
浏览文件 @
c1c9bb5e
...
...
@@ -28,6 +28,9 @@ import java.util.Arrays;
*/
public
class
Organization
{
public
static
ArrayList
<
String
>
OBJECTCLASS
=
new
ArrayList
<>(
Arrays
.
asList
(
"top"
,
"organization"
));
public
static
final
String
DISTINGUISHEDNAME
=
"distinguishedname"
;
/**Organization o*/
public
static
final
String
O
=
"o"
;
/**Organization userPassword*/
...
...
maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
浏览文件 @
c1c9bb5e
...
...
@@ -28,6 +28,7 @@ import java.util.Arrays;
*/
public
class
OrganizationalUnit
{
public
static
ArrayList
<
String
>
OBJECTCLASS
=
new
ArrayList
<>(
Arrays
.
asList
(
"top"
,
"OrganizationalUnit"
));
public
static
final
String
DISTINGUISHEDNAME
=
"distinguishedname"
;
/**OrganizationalUnit ou*/
public
static
final
String
OU
=
"ou"
;
/**OrganizationalUnit userPassword*/
...
...
maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
浏览文件 @
c1c9bb5e
...
...
@@ -80,6 +80,8 @@ public class Organizations extends JpaBaseDomain implements Serializable {
@Column
private
String
sortIndex
;
@Column
private
String
ldapDn
;
@Column
private
String
description
;
private
String
status
;
...
...
@@ -292,7 +294,15 @@ public class Organizations extends JpaBaseDomain implements Serializable {
public
String
getStatus
()
{
public
String
getLdapDn
()
{
return
ldapDn
;
}
public
void
setLdapDn
(
String
ldapDn
)
{
this
.
ldapDn
=
ldapDn
;
}
public
String
getStatus
()
{
return
status
;
}
...
...
@@ -301,59 +311,63 @@ public class Organizations extends JpaBaseDomain implements Serializable {
}
@Override
public
String
toString
()
{
StringBuilder
builder
=
new
StringBuilder
();
builder
.
append
(
"Organizations [id="
);
builder
.
append
(
id
);
builder
.
append
(
", code="
);
builder
.
append
(
code
);
builder
.
append
(
", name="
);
builder
.
append
(
name
);
builder
.
append
(
", fullName="
);
builder
.
append
(
fullName
);
builder
.
append
(
", parentId="
);
builder
.
append
(
parentId
);
builder
.
append
(
", parentName="
);
builder
.
append
(
parentName
);
builder
.
append
(
", type="
);
builder
.
append
(
type
);
builder
.
append
(
", codePath="
);
builder
.
append
(
codePath
);
builder
.
append
(
", namePath="
);
builder
.
append
(
namePath
);
builder
.
append
(
", level="
);
builder
.
append
(
level
);
builder
.
append
(
", hasChild="
);
builder
.
append
(
hasChild
);
builder
.
append
(
", division="
);
builder
.
append
(
division
);
builder
.
append
(
", country="
);
builder
.
append
(
country
);
builder
.
append
(
", region="
);
builder
.
append
(
region
);
builder
.
append
(
", locality="
);
builder
.
append
(
locality
);
builder
.
append
(
", street="
);
builder
.
append
(
street
);
builder
.
append
(
", address="
);
builder
.
append
(
address
);
builder
.
append
(
", contact="
);
builder
.
append
(
contact
);
builder
.
append
(
", postalCode="
);
builder
.
append
(
postalCode
);
builder
.
append
(
", phone="
);
builder
.
append
(
phone
);
builder
.
append
(
", fax="
);
builder
.
append
(
fax
);
builder
.
append
(
", email="
);
builder
.
append
(
email
);
builder
.
append
(
", sortIndex="
);
builder
.
append
(
sortIndex
);
builder
.
append
(
", description="
);
builder
.
append
(
description
);
builder
.
append
(
"]"
);
return
builder
.
toString
();
}
public
String
toString
()
{
StringBuilder
builder
=
new
StringBuilder
();
builder
.
append
(
"Organizations [id="
);
builder
.
append
(
id
);
builder
.
append
(
", code="
);
builder
.
append
(
code
);
builder
.
append
(
", name="
);
builder
.
append
(
name
);
builder
.
append
(
", fullName="
);
builder
.
append
(
fullName
);
builder
.
append
(
", parentId="
);
builder
.
append
(
parentId
);
builder
.
append
(
", parentName="
);
builder
.
append
(
parentName
);
builder
.
append
(
", type="
);
builder
.
append
(
type
);
builder
.
append
(
", codePath="
);
builder
.
append
(
codePath
);
builder
.
append
(
", namePath="
);
builder
.
append
(
namePath
);
builder
.
append
(
", level="
);
builder
.
append
(
level
);
builder
.
append
(
", hasChild="
);
builder
.
append
(
hasChild
);
builder
.
append
(
", division="
);
builder
.
append
(
division
);
builder
.
append
(
", country="
);
builder
.
append
(
country
);
builder
.
append
(
", region="
);
builder
.
append
(
region
);
builder
.
append
(
", locality="
);
builder
.
append
(
locality
);
builder
.
append
(
", street="
);
builder
.
append
(
street
);
builder
.
append
(
", address="
);
builder
.
append
(
address
);
builder
.
append
(
", contact="
);
builder
.
append
(
contact
);
builder
.
append
(
", postalCode="
);
builder
.
append
(
postalCode
);
builder
.
append
(
", phone="
);
builder
.
append
(
phone
);
builder
.
append
(
", fax="
);
builder
.
append
(
fax
);
builder
.
append
(
", email="
);
builder
.
append
(
email
);
builder
.
append
(
", sortIndex="
);
builder
.
append
(
sortIndex
);
builder
.
append
(
", ldapDn="
);
builder
.
append
(
ldapDn
);
builder
.
append
(
", description="
);
builder
.
append
(
description
);
builder
.
append
(
", status="
);
builder
.
append
(
status
);
builder
.
append
(
"]"
);
return
builder
.
toString
();
}
...
...
maxkey-core/src/main/java/org/maxkey/web/HttpResponseAdapter.java
浏览文件 @
c1c9bb5e
...
...
@@ -63,7 +63,6 @@ public class HttpResponseAdapter {
out
.
close
();
}
}
catch
(
IOException
e
)
{
// TODO Auto-generated catch block
e
.
printStackTrace
();
}
}
...
...
maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
浏览文件 @
c1c9bb5e
...
...
@@ -50,7 +50,7 @@ import io.swagger.annotations.ApiOperation;
* @author Crystal.Sea
*
*/
@Api
(
tags
=
"JWT
接口文档模块
"
)
@Api
(
tags
=
"JWT
令牌接口"
)
@Controller
public
class
JwtAuthorizeEndpoint
extends
AuthorizeBaseEndpoint
{
...
...
@@ -64,7 +64,7 @@ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{
@Autowired
ApplicationConfig
applicationConfig
;
@ApiOperation
(
value
=
"JWT
认证地址接口"
,
notes
=
"参数应用
ID"
,
httpMethod
=
"GET"
)
@ApiOperation
(
value
=
"JWT
��֤��ַ�ӿ�"
,
notes
=
"����Ӧ��ID"
,
ht
tpMethod
=
"GET"
)
@RequestMapping
(
"/authz/jwt/{id}"
)
public
ModelAndView
authorize
(
HttpServletRequest
request
,
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
浏览文件 @
c1c9bb5e
...
...
@@ -17,6 +17,7 @@
package
org.maxkey.authz.oauth2.provider.endpoint
;
import
java.io.IOException
;
import
java.util.Enumeration
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Set
;
...
...
@@ -39,6 +40,8 @@ import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
import
org.maxkey.authz.oauth2.provider.OAuth2Authentication
;
import
org.maxkey.authz.oauth2.provider.OAuth2Request
;
import
org.maxkey.authz.oauth2.provider.OAuth2RequestFactory
;
import
org.maxkey.util.AuthorizationHeaderCredential
;
import
org.maxkey.util.AuthorizationHeaderUtils
;
import
org.maxkey.web.WebContext
;
import
org.springframework.security.authentication.AuthenticationDetailsSource
;
import
org.springframework.security.authentication.AuthenticationManager
;
...
...
@@ -213,13 +216,30 @@ public class TokenEndpointAuthenticationFilter implements Filter {
public
Authentication
ClientCredentials
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
AuthenticationException
,
IOException
,
ServletException
{
if
(
allowOnlyPost
&&
!
"POST"
.
equalsIgnoreCase
(
request
.
getMethod
()))
{
throw
new
HttpRequestMethodNotSupportedException
(
request
.
getMethod
(),
new
String
[]
{
"POST"
});
}
String
clientId
=
request
.
getParameter
(
"client_id"
);
String
clientSecret
=
request
.
getParameter
(
"client_secret"
);
if
(
clientId
==
null
)
{
if
(
logger
.
isTraceEnabled
())
{
logger
.
trace
(
"getRequestURL : "
+
request
.
getRequestURL
());
Enumeration
<
String
>
headerNames
=
request
.
getHeaderNames
();
while
(
headerNames
.
hasMoreElements
())
{
String
key
=
(
String
)
headerNames
.
nextElement
();
String
value
=
request
.
getHeader
(
key
);
logger
.
trace
(
"Header key "
+
key
+
" , value "
+
value
);
}
}
//for header authorization basic
String
authorization_bearer
=
request
.
getHeader
(
"authorization"
);
AuthorizationHeaderCredential
ahc
=
AuthorizationHeaderUtils
.
resolve
(
authorization_bearer
);
clientId
=
ahc
.
getUsername
();
clientSecret
=
ahc
.
getCredential
();
}
logger
.
trace
(
"clientId "
+
clientId
+
" , clientSecret "
+
clientSecret
);
// If the request is already authenticated we can assume that this
// filter is not needed
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
浏览文件 @
c1c9bb5e
...
...
@@ -34,6 +34,8 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
HashMap
<
String
,
Object
>
beanMap
=
new
HashMap
<
String
,
Object
>();
beanMap
.
put
(
"randomId"
,(
new
StringGenerator
()).
uuidGenerate
());
beanMap
.
put
(
"uid"
,
userInfo
.
getId
());
//for spring security oauth2
beanMap
.
put
(
"user"
,
userInfo
.
getUsername
());
beanMap
.
put
(
"username"
,
userInfo
.
getUsername
());
beanMap
.
put
(
"employeeNumber"
,
userInfo
.
getEmployeeNumber
());
beanMap
.
put
(
"email"
,
userInfo
.
getEmail
());
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
浏览文件 @
c1c9bb5e
...
...
@@ -49,6 +49,7 @@ import org.maxkey.util.AuthorizationHeaderUtils;
import
org.maxkey.util.Instance
;
import
org.maxkey.util.JsonUtils
;
import
org.maxkey.util.StringGenerator
;
import
org.maxkey.web.HttpResponseAdapter
;
import
org.maxkey.web.WebConstants
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
...
...
@@ -106,39 +107,42 @@ public class UserInfoEndpoint {
private
JwtEncryptionAndDecryptionService
jwtEnDecryptionService
;
private
SymmetricSigningAndValidationServiceBuilder
symmetricJwtSignerServiceBuilder
=
new
SymmetricSigningAndValidationServiceBuilder
();
private
RecipientJwtEncryptionAndDecryptionServiceBuilder
recipientJwtEnDecryptionServiceBuilder
=
new
RecipientJwtEncryptionAndDecryptionServiceBuilder
();
OAuthDefaultUserInfoAdapter
defaultOAuthUserInfoAdapter
=
new
OAuthDefaultUserInfoAdapter
();
@Autowired
protected
HttpResponseAdapter
httpResponseAdapter
;
@ApiOperation
(
value
=
"OAuth 2.0 用户信息接口"
,
notes
=
"传递参数access_token"
,
httpMethod
=
"GET"
)
@RequestMapping
(
value
=
"/oauth/v20/me"
)
@ResponseBody
public
String
apiV20UserInfo
(
public
void
apiV20UserInfo
(
@RequestParam
(
value
=
"access_token"
,
required
=
false
)
String
access_token
,
@RequestHeader
(
value
=
"authorization"
,
required
=
false
)
String
authorization_bearer
,
HttpServletRequest
request
,
HttpServletResponse
response
)
{
response
.
setContentType
(
ContentType
.
APPLICATION_JSON_UTF8
);
HttpServletResponse
response
)
{
if
(
access_token
==
null
&&
authorization_bearer
!=
null
)
{
access_token
=
AuthorizationHeaderUtils
.
resolveBearer
(
authorization_bearer
);
}
if
(
_logger
.
isTraceEnabled
())
{
_logger
.
trace
(
"getRequestURL : "
+
request
.
getRequestURL
());
Enumeration
<
String
>
headerNames
=
request
.
getHeaderNames
();
while
(
headerNames
.
hasMoreElements
())
{
String
key
=
(
String
)
headerNames
.
nextElement
();
String
value
=
request
.
getHeader
(
key
);
_logger
.
trace
(
"Header key "
+
key
+
" , value "
+
value
);
if
(
_logger
.
isTraceEnabled
())
{
_logger
.
trace
(
"getRequestURL : "
+
request
.
getRequestURL
());
Enumeration
<
String
>
headerNames
=
request
.
getHeaderNames
();
while
(
headerNames
.
hasMoreElements
())
{
String
key
=
(
String
)
headerNames
.
nextElement
();
String
value
=
request
.
getHeader
(
key
);
_logger
.
trace
(
"Header key "
+
key
+
" , value "
+
value
);
}
}
//for header authorization bearer
access_token
=
AuthorizationHeaderUtils
.
resolveBearer
(
authorization_bearer
);
}
String
principal
=
""
;
if
(!
StringGenerator
.
uuidMatches
(
access_token
))
{
return
JsonUtils
.
gson2Json
(
accessTokenFormatError
(
access_token
));
httpResponseAdapter
.
write
(
response
,
JsonUtils
.
gson2Json
(
accessTokenFormatError
(
access_token
)),
"json"
);
}
OAuth2Authentication
oAuth2Authentication
=
null
;
try
{
...
...
@@ -160,12 +164,12 @@ public class UserInfoEndpoint {
String
jsonData
=
adapter
.
generateInfo
(
(
SigninPrincipal
)
oAuth2Authentication
.
getUserAuthentication
().
getPrincipal
(),
userInfo
,
app
);
return
jsonData
;
httpResponseAdapter
.
write
(
response
,
jsonData
,
"json"
);
}
catch
(
OAuth2Exception
e
){
HashMap
<
String
,
Object
>
authzException
=
new
HashMap
<
String
,
Object
>();
authzException
.
put
(
OAuth2Exception
.
ERROR
,
e
.
getOAuth2ErrorCode
());
authzException
.
put
(
OAuth2Exception
.
DESCRIPTION
,
e
.
getMessage
());
return
JsonUtils
.
gson2Json
(
authzException
);
httpResponseAdapter
.
write
(
response
,
JsonUtils
.
gson2Json
(
authzException
),
"json"
);
}
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录