Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
eb748ac8
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
eb748ac8
编写于
4月 30, 2022
作者:
M
MaxKey
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
RefreshToken
上级
69aa4f27
变更
61
隐藏空白更改
内联
并排
Showing
61 changed file
with
542 addition
and
342 deletion
+542
-342
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/autoconfigure/KaptchaAutoConfiguration.java
...va/org/maxkey/autoconfigure/KaptchaAutoConfiguration.java
+1
-1
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptcha.java
...src/main/java/org/maxkey/web/contorller/ImageCaptcha.java
+2
-0
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
.../java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
+5
-5
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
...java/org/maxkey/authn/AbstractAuthenticationProvider.java
+2
-2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
...tion-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
+11
-1
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
...re/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
+30
-106
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthRefreshTokenService.java
...in/java/org/maxkey/authn/jwt/AuthRefreshTokenService.java
+51
-0
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthTokenService.java
.../src/main/java/org/maxkey/authn/jwt/AuthTokenService.java
+132
-0
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/MfaAuthenticationProvider.java
.../org/maxkey/authn/provider/MfaAuthenticationProvider.java
+3
-3
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
...g/maxkey/authn/provider/NormalAuthenticationProvider.java
+4
-4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/AbstractSessionManager.java
...java/org/maxkey/authn/session/AbstractSessionManager.java
+4
-4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
...java/org/maxkey/authn/session/InMemorySessionManager.java
+5
-3
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java
...in/java/org/maxkey/authn/session/RedisSessionManager.java
+15
-8
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/Session.java
...-core/src/main/java/org/maxkey/authn/session/Session.java
+1
-1
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManager.java
...rc/main/java/org/maxkey/authn/session/SessionManager.java
+2
-2
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeManager.java
...ey/authn/support/rememberme/AbstractRemeberMeManager.java
+6
-6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/InMemoryRemeberMeManager.java
...ey/authn/support/rememberme/InMemoryRemeberMeManager.java
+1
-1
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/JdbcRemeberMeManager.java
...maxkey/authn/support/rememberme/JdbcRemeberMeManager.java
+6
-6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/RemeberMeManagerFactory.java
...key/authn/support/rememberme/RemeberMeManagerFactory.java
+5
-5
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
...rc/main/java/org/maxkey/authn/web/AuthorizationUtils.java
+27
-24
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/LoginRefreshPoint.java
...src/main/java/org/maxkey/authn/web/LoginRefreshPoint.java
+57
-0
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java
...ain/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java
+2
-1
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
...g/maxkey/authn/web/interceptor/PermissionInterceptor.java
+3
-3
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java
...maxkey/autoconfigure/AuthenticationAutoConfiguration.java
+26
-14
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
...a/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
+3
-3
maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java
...hn/support/socialsignon/AbstractSocialSignOnEndpoint.java
+2
-2
maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
...xkey/authn/support/socialsignon/SocialSignOnEndpoint.java
+3
-3
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java
...rg/maxkey/autoconfigure/ApplicationAutoConfiguration.java
+12
-12
maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
...main/java/org/maxkey/configuration/ApplicationConfig.java
+12
-10
maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java
...src/main/java/org/maxkey/configuration/AuthJwkConfig.java
+20
-5
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
...java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
+0
-3
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java
...g/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java
+0
-2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
...xkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
+2
-2
maxkey-web-frontend/maxkey-web-app/src/app/core/net/default.interceptor.ts
...nd/maxkey-web-app/src/app/core/net/default.interceptor.ts
+16
-4
maxkey-web-frontend/maxkey-web-app/src/environments/environment.ts
...b-frontend/maxkey-web-app/src/environments/environment.ts
+1
-1
maxkey-web-frontend/maxkey-web-mgt-app/src/app/core/net/default.interceptor.ts
...axkey-web-mgt-app/src/app/core/net/default.interceptor.ts
+2
-2
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
...key-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+7
-7
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
...-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
+9
-9
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java
...ain/java/org/maxkey/web/contorller/AppListController.java
+2
-0
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
...a/org/maxkey/web/contorller/ForgotPasswordContorller.java
+4
-4
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/IndexEndpoint.java
...rc/main/java/org/maxkey/web/contorller/IndexEndpoint.java
+1
-1
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
.../main/java/org/maxkey/web/contorller/LoginEntryPoint.java
+15
-20
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java
.../org/maxkey/web/contorller/OneTimePasswordController.java
+0
-3
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegisterController.java
...in/java/org/maxkey/web/contorller/RegisterController.java
+2
-2
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java
...org/maxkey/web/contorller/SocialSignOnListController.java
+0
-1
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
...a/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
+3
-3
maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
...web-maxkey/src/main/resources/application-http.properties
+1
-1
maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
...eb-maxkey/src/main/resources/application-https.properties
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java
...key-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java
+2
-2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/Oauth20ClientAutoConfiguration.java
.../main/java/org/maxkey/Oauth20ClientAutoConfiguration.java
+6
-6
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
...g/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
+0
-3
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/SAML20DetailsController.java
...g/maxkey/web/apps/contorller/SAML20DetailsController.java
+3
-4
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/DashboardController.java
...n/java/org/maxkey/web/contorller/DashboardController.java
+0
-2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
.../main/java/org/maxkey/web/contorller/LoginEntryPoint.java
+5
-6
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserAdjointController.java
...java/org/maxkey/web/contorller/UserAdjointController.java
+0
-2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/historys/contorller/ConnectorHistoryController.java
...y/web/historys/contorller/ConnectorHistoryController.java
+0
-1
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/historys/contorller/SynchronizerHistoryController.java
...eb/historys/contorller/SynchronizerHistoryController.java
+0
-2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java
...g/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java
+2
-5
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/RestApiPermissionAdapter.java
.../org/maxkey/web/interceptor/RestApiPermissionAdapter.java
+2
-5
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/RolePrivilegesController.java
.../web/permissions/contorller/RolePrivilegesController.java
+0
-2
maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
...ey-web-mgt/src/main/resources/application-http.properties
+3
-1
未找到文件。
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/autoconfigure/KaptchaAutoConfiguration.java
浏览文件 @
eb748ac8
...
...
@@ -41,7 +41,7 @@ public class KaptchaAutoConfiguration implements InitializingBean {
* @return Producer
* @throws IOException kaptcha.properties is null
*/
@Bean
(
name
=
"captchaProducer"
)
@Bean
public
Producer
captchaProducer
()
throws
IOException
{
Resource
resource
=
new
ClassPathResource
(
kaptchaPropertySource
);
_logger
.
debug
(
"Kaptcha config file "
+
resource
.
getURL
());
...
...
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptcha.java
浏览文件 @
eb748ac8
...
...
@@ -17,7 +17,9 @@
package
org.maxkey.web.contorller
;
public
class
ImageCaptcha
{
String
state
;
String
image
;
public
ImageCaptcha
(
String
state
,
String
image
)
{
...
...
maxkey-authentications/maxkey-authentication-captcha/src/main/java/org/maxkey/web/contorller/ImageCaptchaEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -25,7 +25,7 @@ import java.util.Base64;
import
javax.imageio.ImageIO
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.entity.Message
;
import
org.maxkey.persistence.MomentaryService
;
import
org.slf4j.Logger
;
...
...
@@ -54,7 +54,7 @@ public class ImageCaptchaEndpoint {
protected
MomentaryService
momentaryService
;
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
/**
* captcha image Producer.
...
...
@@ -83,12 +83,12 @@ public class ImageCaptchaEndpoint {
String
kaptchaKey
=
""
;
if
(
StringUtils
.
isNotBlank
(
state
)
&&
!
state
.
equalsIgnoreCase
(
"state"
)
&&
auth
Jwt
Service
.
validateJwtToken
(
state
))
{
&&
auth
Token
Service
.
validateJwtToken
(
state
))
{
//just validate state Token
}
else
{
state
=
auth
JwtService
.
gen
Jwt
();
state
=
auth
TokenService
.
genRandom
Jwt
();
}
kaptchaKey
=
auth
Jwt
Service
.
resolveJWTID
(
state
);
kaptchaKey
=
auth
Token
Service
.
resolveJWTID
(
state
);
_logger
.
trace
(
"kaptchaKey {} , Captcha Text is {}"
,
kaptchaKey
,
kaptchaValue
);
momentaryService
.
put
(
""
,
kaptchaKey
,
kaptchaValue
);
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
浏览文件 @
eb748ac8
...
...
@@ -19,7 +19,7 @@ package org.maxkey.authn;
import
java.util.ArrayList
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.session.Session
;
import
org.maxkey.authn.session.SessionManager
;
...
...
@@ -69,7 +69,7 @@ public abstract class AbstractAuthenticationProvider {
protected
SessionManager
sessionManager
;
protected
Auth
JwtService
authJwt
Service
;
protected
Auth
TokenService
authToken
Service
;
public
static
ArrayList
<
GrantedAuthority
>
grantedAdministratorsAuthoritys
=
new
ArrayList
<
GrantedAuthority
>();
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
浏览文件 @
eb748ac8
...
...
@@ -31,6 +31,7 @@ public class AuthJwt implements Serializable {
private
String
ticket
;
private
String
token
;
private
String
refreshToken
;
private
String
type
=
"Bearer"
;
private
String
remeberMe
;
private
String
id
;
...
...
@@ -57,10 +58,11 @@ public class AuthJwt implements Serializable {
this
.
authorities
=
authorities
;
}
public
AuthJwt
(
String
token
,
Authentication
authentication
)
{
public
AuthJwt
(
String
token
,
String
refreshToken
,
Authentication
authentication
)
{
SignPrincipal
principal
=
((
SignPrincipal
)
authentication
.
getPrincipal
());
this
.
token
=
token
;
this
.
refreshToken
=
refreshToken
;
this
.
ticket
=
principal
.
getSession
().
getId
();
this
.
id
=
principal
.
getUserInfo
().
getId
();
...
...
@@ -166,6 +168,14 @@ public class AuthJwt implements Serializable {
this
.
remeberMe
=
remeberMe
;
}
public
String
getRefreshToken
()
{
return
refreshToken
;
}
public
void
setRefreshToken
(
String
refreshToken
)
{
this
.
refreshToken
=
refreshToken
;
}
@Override
public
String
toString
()
{
StringBuilder
builder
=
new
StringBuilder
();
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
浏览文件 @
eb748ac8
/*
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.maxkey.authn.jwt
;
import
java.text.ParseException
;
import
java.util.Date
;
import
org.apache.commons.lang3.StringUtils
;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.configuration.AuthJwkConfig
;
import
org.maxkey.crypto.jwt.HMAC512Service
;
import
org.maxkey.entity.UserInfo
;
import
org.maxkey.persistence.MomentaryService
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.Authentication
;
import
com.nimbusds.jose.JOSEException
;
import
com.nimbusds.jose.JWSAlgorithm
;
import
com.nimbusds.jose.JWSHeader
;
import
com.nimbusds.jwt.JWTClaimsSet
;
import
com.nimbusds.jwt.SignedJWT
;
public
class
AuthJwtService
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AuthJwtService
.
class
);
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AuthJwtService
.
class
);
HMAC512Service
hmac512Service
;
AuthJwkConfig
authJwkConfig
;
CongressService
congressService
;
MomentaryService
momentaryService
;
public
AuthJwtService
(
AuthJwkConfig
authJwkConfig
)
throws
JOSEException
{
this
.
authJwkConfig
=
authJwkConfig
;
this
.
hmac512Service
=
new
HMAC512Service
(
authJwkConfig
.
getSecret
());
}
public
AuthJwtService
(
AuthJwkConfig
authJwkConfig
,
CongressService
congressService
,
MomentaryService
momentaryService
)
throws
JOSEException
{
this
.
authJwkConfig
=
authJwkConfig
;
this
.
congressService
=
congressService
;
this
.
momentaryService
=
momentaryService
;
this
.
hmac512Service
=
new
HMAC512Service
(
authJwkConfig
.
getSecret
());
}
/**
* create AuthJwt use Authentication JWT
* @param authentication
* @return AuthJwt
*/
public
AuthJwt
genAuthJwt
(
Authentication
authentication
)
{
if
(
authentication
!=
null
)
{
return
new
AuthJwt
(
genJwt
(
authentication
),
authentication
);
}
return
null
;
}
/**
* JWT with Authentication
* @param authentication
* @return
*/
public
String
genJwt
(
Authentication
authentication
)
{
public
String
genJwt
(
Authentication
authentication
,
String
issuer
,
int
expires
)
{
SignPrincipal
principal
=
((
SignPrincipal
)
authentication
.
getPrincipal
());
UserInfo
userInfo
=
principal
.
getUserInfo
();
DateTime
currentDateTime
=
DateTime
.
now
();
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
authJwkConfig
.
getExpires
()).
toDate
();
_logger
.
debug
(
"expiration Time : {}"
,
expirationTime
);
String
subject
=
principal
.
getUsername
();
_logger
.
trace
(
"jwt subject : {}"
,
subject
);
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
expires
).
toDate
();
_logger
.
debug
(
"jwt subject : {} , expiration Time : {}"
,
subject
,
expirationTime
);
JWTClaimsSet
jwtClaims
=
new
JWTClaimsSet
.
Builder
()
.
issuer
(
authJwkConfig
.
getIssuer
()
)
.
issuer
(
issuer
)
.
subject
(
subject
)
.
jwtID
(
principal
.
getSession
().
getId
())
.
issueTime
(
currentDateTime
.
toDate
())
...
...
@@ -111,14 +54,13 @@ public class AuthJwtService {
* @param subject subject
* @return
*/
public
String
genJwt
(
String
subject
)
{
public
String
genJwt
(
String
subject
,
String
issuer
,
int
expires
)
{
DateTime
currentDateTime
=
DateTime
.
now
();
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
authJwkConfig
.
getExpires
()).
toDate
();
_logger
.
debug
(
"expiration Time : {}"
,
expirationTime
);
_logger
.
trace
(
"jwt subject : {}"
,
subject
);
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
expires
).
toDate
();
_logger
.
trace
(
"jwt subject : {} , expiration Time : {}"
,
subject
,
expirationTime
);
JWTClaimsSet
jwtClaims
=
new
JWTClaimsSet
.
Builder
()
.
issuer
(
authJwkConfig
.
getIssuer
()
)
.
issuer
(
issuer
)
.
subject
(
subject
)
.
jwtID
(
WebContext
.
genId
())
.
issueTime
(
currentDateTime
.
toDate
())
...
...
@@ -132,10 +74,9 @@ public class AuthJwtService {
* Random JWT
* @return
*/
public
String
genJwt
()
{
DateTime
currentDateTime
=
DateTime
.
now
();
Date
expirationTime
=
currentDateTime
.
plusSeconds
(
authJwkConfig
.
getExpires
()).
toDate
();
_logger
.
debug
(
"expiration Time : {}"
,
expirationTime
);
public
String
genRandomJwt
(
int
expires
)
{
Date
expirationTime
=
DateTime
.
now
().
plusSeconds
(
expires
).
toDate
();
_logger
.
trace
(
"expiration Time : {}"
,
expirationTime
);
JWTClaimsSet
jwtClaims
=
new
JWTClaimsSet
.
Builder
()
.
jwtID
(
WebContext
.
genId
())
...
...
@@ -153,8 +94,25 @@ public class AuthJwtService {
return
hmac512Service
.
sign
(
jwtToken
.
getPayload
());
}
/**
* Verify with HMAC512 and check ExpirationTime
*
* @param authToken
* @return true or false
*/
public
boolean
validateJwtToken
(
String
authToken
)
{
return
hmac512Service
.
verify
(
authToken
);
try
{
JWTClaimsSet
claims
=
resolve
(
authToken
);
boolean
isExpiration
=
claims
.
getExpirationTime
().
after
(
DateTime
.
now
().
toDate
());
boolean
isVerify
=
hmac512Service
.
verify
(
authToken
);
_logger
.
debug
(
"JWT Verify {} , now {} , ExpirationTime {} , isExpiration : {}"
,
isVerify
,
DateTime
.
now
().
toDate
(),
claims
.
getExpirationTime
(),
isExpiration
);
return
isVerify
&&
isExpiration
;
}
catch
(
ParseException
e
)
{
_logger
.
error
(
"authToken {}"
,
authToken
);
_logger
.
error
(
"ParseException "
,
e
);
}
return
false
;
}
public
JWTClaimsSet
resolve
(
String
authToken
)
throws
ParseException
{
...
...
@@ -167,38 +125,4 @@ public class AuthJwtService {
JWTClaimsSet
claims
=
resolve
(
authToken
);
return
claims
.
getJWTID
();
}
public
String
createCongress
(
Authentication
authentication
)
{
String
congress
=
WebContext
.
genId
();
congressService
.
store
(
congress
,
new
AuthJwt
(
genJwt
(
authentication
),
authentication
)
);
return
congress
;
}
public
AuthJwt
consumeCongress
(
String
congress
)
{
AuthJwt
authJwt
=
congressService
.
consume
(
congress
);
return
authJwt
;
}
public
boolean
validateCaptcha
(
String
state
,
String
captcha
)
{
try
{
String
jwtId
=
resolveJWTID
(
state
);
if
(
StringUtils
.
isNotBlank
(
jwtId
)
&&
StringUtils
.
isNotBlank
(
captcha
))
{
Object
momentaryCaptcha
=
momentaryService
.
get
(
""
,
jwtId
);
_logger
.
debug
(
"captcha : {}, momentary Captcha : {}"
,
captcha
,
momentaryCaptcha
);
if
(!
StringUtils
.
isBlank
(
captcha
)
&&
captcha
.
equals
(
momentaryCaptcha
.
toString
()))
{
momentaryService
.
remove
(
""
,
jwtId
);
return
true
;
}
}
}
catch
(
ParseException
e
)
{
_logger
.
debug
(
"Exception "
,
e
);
}
return
false
;
}
}
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthRefreshTokenService.java
0 → 100644
浏览文件 @
eb748ac8
/*
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.maxkey.authn.jwt
;
import
org.maxkey.configuration.AuthJwkConfig
;
import
org.maxkey.crypto.jwt.HMAC512Service
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.Authentication
;
import
com.nimbusds.jose.JOSEException
;
public
class
AuthRefreshTokenService
extends
AuthJwtService
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AuthRefreshTokenService
.
class
);
AuthJwkConfig
authJwkConfig
;
public
AuthRefreshTokenService
(
AuthJwkConfig
authJwkConfig
)
throws
JOSEException
{
this
.
authJwkConfig
=
authJwkConfig
;
this
.
hmac512Service
=
new
HMAC512Service
(
authJwkConfig
.
getRefreshSecret
());
}
/**
* JWT Refresh Token with Authentication
* @param authentication
* @return
*/
public
String
genRefreshToken
(
Authentication
authentication
)
{
_logger
.
trace
(
"gen Refresh Token"
);
return
genJwt
(
authentication
,
authJwkConfig
.
getIssuer
(),
authJwkConfig
.
getRefreshExpires
());
}
}
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthTokenService.java
0 → 100644
浏览文件 @
eb748ac8
/*
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package
org.maxkey.authn.jwt
;
import
java.text.ParseException
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.configuration.AuthJwkConfig
;
import
org.maxkey.crypto.jwt.HMAC512Service
;
import
org.maxkey.persistence.MomentaryService
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.security.core.Authentication
;
import
com.nimbusds.jose.JOSEException
;
public
class
AuthTokenService
extends
AuthJwtService
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AuthTokenService
.
class
);
AuthJwkConfig
authJwkConfig
;
CongressService
congressService
;
MomentaryService
momentaryService
;
AuthRefreshTokenService
refreshTokenService
;
public
AuthTokenService
(
AuthJwkConfig
authJwkConfig
,
CongressService
congressService
,
MomentaryService
momentaryService
,
AuthRefreshTokenService
refreshTokenService
)
throws
JOSEException
{
this
.
authJwkConfig
=
authJwkConfig
;
this
.
congressService
=
congressService
;
this
.
momentaryService
=
momentaryService
;
this
.
refreshTokenService
=
refreshTokenService
;
this
.
hmac512Service
=
new
HMAC512Service
(
authJwkConfig
.
getSecret
());
}
/**
* create AuthJwt use Authentication JWT
* @param authentication
* @return AuthJwt
*/
public
AuthJwt
genAuthJwt
(
Authentication
authentication
)
{
if
(
authentication
!=
null
)
{
String
refreshToken
=
refreshTokenService
.
genRefreshToken
(
authentication
);
return
new
AuthJwt
(
genJwt
(
authentication
),
refreshToken
,
authentication
);
}
return
null
;
}
public
String
genJwt
(
Authentication
authentication
)
{
return
genJwt
(
authentication
,
authJwkConfig
.
getIssuer
(),
authJwkConfig
.
getExpires
());
}
/**
* JWT with subject
* @param subject subject
* @return
*/
public
String
genJwt
(
String
subject
)
{
return
genJwt
(
subject
,
authJwkConfig
.
getIssuer
(),
authJwkConfig
.
getExpires
());
}
/**
* Random JWT
* @return
*/
public
String
genRandomJwt
()
{
return
genRandomJwt
(
authJwkConfig
.
getExpires
());
}
public
String
createCongress
(
Authentication
authentication
)
{
String
congress
=
WebContext
.
genId
();
String
refreshToken
=
refreshTokenService
.
genRefreshToken
(
authentication
);
congressService
.
store
(
congress
,
new
AuthJwt
(
genJwt
(
authentication
),
refreshToken
,
authentication
)
);
return
congress
;
}
public
AuthJwt
consumeCongress
(
String
congress
)
{
AuthJwt
authJwt
=
congressService
.
consume
(
congress
);
return
authJwt
;
}
public
boolean
validateCaptcha
(
String
state
,
String
captcha
)
{
try
{
String
jwtId
=
resolveJWTID
(
state
);
if
(
StringUtils
.
isNotBlank
(
jwtId
)
&&
StringUtils
.
isNotBlank
(
captcha
))
{
Object
momentaryCaptcha
=
momentaryService
.
get
(
""
,
jwtId
);
_logger
.
debug
(
"captcha : {}, momentary Captcha : {}"
,
captcha
,
momentaryCaptcha
);
if
(!
StringUtils
.
isBlank
(
captcha
)
&&
captcha
.
equals
(
momentaryCaptcha
.
toString
()))
{
momentaryService
.
remove
(
""
,
jwtId
);
return
true
;
}
}
}
catch
(
ParseException
e
)
{
_logger
.
debug
(
"Exception "
,
e
);
}
return
false
;
}
}
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/MfaAuthenticationProvider.java
浏览文件 @
eb748ac8
...
...
@@ -19,7 +19,7 @@ package org.maxkey.authn.provider;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.LoginCredential
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -58,11 +58,11 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider {
AbstractAuthenticationRealm
authenticationRealm
,
ApplicationConfig
applicationConfig
,
SessionManager
sessionManager
,
Auth
JwtService
authJwt
Service
)
{
Auth
TokenService
authToken
Service
)
{
this
.
authenticationRealm
=
authenticationRealm
;
this
.
applicationConfig
=
applicationConfig
;
this
.
sessionManager
=
sessionManager
;
this
.
auth
JwtService
=
authJwt
Service
;
this
.
auth
TokenService
=
authToken
Service
;
}
@Override
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
浏览文件 @
eb748ac8
...
...
@@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
import
java.text.ParseException
;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.LoginCredential
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -58,11 +58,11 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
AbstractAuthenticationRealm
authenticationRealm
,
ApplicationConfig
applicationConfig
,
SessionManager
sessionManager
,
Auth
JwtService
authJwt
Service
)
{
Auth
TokenService
authToken
Service
)
{
this
.
authenticationRealm
=
authenticationRealm
;
this
.
applicationConfig
=
applicationConfig
;
this
.
sessionManager
=
sessionManager
;
this
.
auth
JwtService
=
authJwt
Service
;
this
.
auth
TokenService
=
authToken
Service
;
}
@Override
...
...
@@ -134,7 +134,7 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
*/
protected
void
captchaValid
(
String
state
,
String
captcha
)
throws
ParseException
{
// for basic
if
(!
auth
Jwt
Service
.
validateCaptcha
(
state
,
captcha
))
{
if
(!
auth
Token
Service
.
validateCaptcha
(
state
,
captcha
))
{
throw
new
BadCredentialsException
(
WebContext
.
getI18nValue
(
"login.error.captcha"
));
}
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/AbstractSessionManager.java
浏览文件 @
eb748ac8
...
...
@@ -110,13 +110,13 @@ public class AbstractSessionManager implements SessionManager{
}
@Override
public
void
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
public
Session
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
return
null
;
}
@Override
public
void
refresh
(
String
sessionId
)
{
public
Session
refresh
(
String
sessionId
)
{
return
null
;
}
@Override
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
浏览文件 @
eb748ac8
...
...
@@ -78,14 +78,15 @@ public class InMemorySessionManager extends AbstractSessionManager{
}
@Override
public
void
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
public
Session
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
Session
session
=
get
(
sessionId
);
session
.
setLastAccessTime
(
refreshTime
);
create
(
sessionId
,
session
);
return
session
;
}
@Override
public
void
refresh
(
String
sessionId
)
{
public
Session
refresh
(
String
sessionId
)
{
Session
session
=
get
(
sessionId
);
LocalTime
currentTime
=
LocalTime
.
now
();
...
...
@@ -95,8 +96,9 @@ public class InMemorySessionManager extends AbstractSessionManager{
if
(
duration
.
getSeconds
()
>
Session
.
MAX_EXPIRY_DURATION
)
{
session
.
setLastAccessTime
(
currentTime
);
refresh
(
sessionId
,
currentTime
);
re
turn
re
fresh
(
sessionId
,
currentTime
);
}
return
session
;
}
}
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java
浏览文件 @
eb748ac8
/*
* Copyright [202
0
] [MaxKey of copyright http://www.maxkey.top]
* Copyright [202
2
] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
...
...
@@ -33,6 +33,11 @@ public class RedisSessionManager extends AbstractSessionManager {
RedisConnectionFactory
connectionFactory
;
public
static
String
PREFIX
=
"REDIS_SESSION_"
;
public
String
getKey
(
String
sessionId
)
{
return
PREFIX
+
sessionId
;
}
/**
* @param connectionFactory
*/
...
...
@@ -59,15 +64,15 @@ public class RedisSessionManager extends AbstractSessionManager {
@Override
public
void
create
(
String
sessionId
,
Session
session
)
{
RedisConnection
conn
=
connectionFactory
.
getConnection
();
conn
.
setexObject
(
PREFIX
+
sessionId
,
validitySeconds
,
session
);
conn
.
setexObject
(
getKey
(
sessionId
)
,
validitySeconds
,
session
);
conn
.
close
();
}
@Override
public
Session
remove
(
String
sessionId
)
{
RedisConnection
conn
=
connectionFactory
.
getConnection
();
Session
ticket
=
conn
.
getObject
(
PREFIX
+
sessionId
);
conn
.
delete
(
PREFIX
+
sessionId
);
Session
ticket
=
conn
.
getObject
(
getKey
(
sessionId
)
);
conn
.
delete
(
getKey
(
sessionId
)
);
conn
.
close
();
return
ticket
;
}
...
...
@@ -75,7 +80,7 @@ public class RedisSessionManager extends AbstractSessionManager {
@Override
public
Session
get
(
String
sessionId
)
{
RedisConnection
conn
=
connectionFactory
.
getConnection
();
Session
session
=
conn
.
getObject
(
PREFIX
+
sessionId
);
Session
session
=
conn
.
getObject
(
getKey
(
sessionId
)
);
conn
.
close
();
return
session
;
}
...
...
@@ -90,14 +95,15 @@ public class RedisSessionManager extends AbstractSessionManager {
}
@Override
public
void
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
public
Session
refresh
(
String
sessionId
,
LocalTime
refreshTime
)
{
Session
session
=
get
(
sessionId
);
session
.
setLastAccessTime
(
refreshTime
);
create
(
sessionId
,
session
);
return
session
;
}
@Override
public
void
refresh
(
String
sessionId
)
{
public
Session
refresh
(
String
sessionId
)
{
Session
session
=
get
(
sessionId
);
LocalTime
currentTime
=
LocalTime
.
now
();
...
...
@@ -107,8 +113,9 @@ public class RedisSessionManager extends AbstractSessionManager {
if
(
duration
.
getSeconds
()
>
Session
.
MAX_EXPIRY_DURATION
)
{
session
.
setLastAccessTime
(
currentTime
);
refresh
(
sessionId
,
currentTime
);
return
refresh
(
sessionId
,
currentTime
);
}
return
session
;
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/Session.java
浏览文件 @
eb748ac8
...
...
@@ -30,7 +30,7 @@ public class Session implements Serializable{
public
static
final
String
SESSION_PREFIX
=
"OT"
;
public
static
final
int
MAX_EXPIRY_DURATION
=
60
*
10
;
//default 10
minutes.
public
static
final
int
MAX_EXPIRY_DURATION
=
60
*
5
;
//default 5
minutes.
public
String
id
;
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManager.java
浏览文件 @
eb748ac8
...
...
@@ -30,9 +30,9 @@ public interface SessionManager {
public
Session
get
(
String
sessionId
);
public
void
refresh
(
String
sessionId
,
LocalTime
refreshTime
);
public
Session
refresh
(
String
sessionId
,
LocalTime
refreshTime
);
public
void
refresh
(
String
sessionId
);
public
Session
refresh
(
String
sessionId
);
public
void
setValiditySeconds
(
int
validitySeconds
);
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMe
Service
.java
→
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMe
Manager
.java
浏览文件 @
eb748ac8
...
...
@@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletResponse;
import
org.joda.time.DateTime
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.crypto.jwt.HMAC512Service
;
import
org.maxkey.entity.UserInfo
;
...
...
@@ -36,14 +36,14 @@ import org.springframework.security.core.Authentication;
import
com.nimbusds.jwt.JWTClaimsSet
;
public
abstract
class
AbstractRemeberMe
Service
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AbstractRemeberMe
Service
.
class
);
public
abstract
class
AbstractRemeberMe
Manager
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
AbstractRemeberMe
Manager
.
class
);
protected
Integer
validity
=
7
;
protected
ApplicationConfig
applicationConfig
;
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
// follow function is for persist
public
abstract
void
save
(
RemeberMe
remeberMe
);
...
...
@@ -90,7 +90,7 @@ public abstract class AbstractRemeberMeService {
}
public
RemeberMe
resolve
(
String
rememberMeJwt
)
throws
ParseException
{
JWTClaimsSet
claims
=
auth
Jwt
Service
.
resolve
(
rememberMeJwt
);
JWTClaimsSet
claims
=
auth
Token
Service
.
resolve
(
rememberMeJwt
);
RemeberMe
remeberMe
=
new
RemeberMe
();
remeberMe
.
setId
(
claims
.
getJWTID
());
remeberMe
.
setUsername
(
claims
.
getSubject
());
...
...
@@ -109,7 +109,7 @@ public abstract class AbstractRemeberMeService {
.
claim
(
"kid"
,
HMAC512Service
.
MXK_AUTH_JWK
)
.
build
();
return
auth
Jwt
Service
.
signedJWT
(
remeberMeJwtClaims
);
return
auth
Token
Service
.
signedJWT
(
remeberMeJwtClaims
);
}
public
Integer
getValidity
()
{
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/InMemoryRemeberMe
Service
.java
→
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/InMemoryRemeberMe
Manager
.java
浏览文件 @
eb748ac8
...
...
@@ -24,7 +24,7 @@ import org.maxkey.constants.ConstsTimeInterval;
import
com.github.benmanes.caffeine.cache.Cache
;
import
com.github.benmanes.caffeine.cache.Caffeine
;
public
class
InMemoryRemeberMe
Service
extends
AbstractRemeberMeService
{
public
class
InMemoryRemeberMe
Manager
extends
AbstractRemeberMeManager
{
protected
static
final
Cache
<
String
,
RemeberMe
>
remeberMeStore
=
Caffeine
.
newBuilder
()
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/JdbcRemeberMe
Service
.java
→
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/JdbcRemeberMe
Manager
.java
浏览文件 @
eb748ac8
...
...
@@ -22,15 +22,15 @@ import java.sql.SQLException;
import
java.sql.Types
;
import
java.util.List
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.jdbc.core.JdbcTemplate
;
import
org.springframework.jdbc.core.RowMapper
;
public
class
JdbcRemeberMe
Service
extends
AbstractRemeberMeService
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
JdbcRemeberMe
Service
.
class
);
public
class
JdbcRemeberMe
Manager
extends
AbstractRemeberMeManager
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
JdbcRemeberMe
Manager
.
class
);
private
static
final
String
DEFAULT_DEFAULT_INSERT_STATEMENT
=
"insert into mxk_remember_me(id, userid,username,lastlogintime,expirationtime)values( ? , ? , ? , ? , ?)"
;
...
...
@@ -47,14 +47,14 @@ public class JdbcRemeberMeService extends AbstractRemeberMeService {
private
final
JdbcTemplate
jdbcTemplate
;
public
JdbcRemeberMe
Service
(
public
JdbcRemeberMe
Manager
(
JdbcTemplate
jdbcTemplate
,
ApplicationConfig
applicationConfig
,
Auth
JwtService
authJwt
Service
,
Auth
TokenService
authToken
Service
,
int
validity
)
{
this
.
jdbcTemplate
=
jdbcTemplate
;
this
.
applicationConfig
=
applicationConfig
;
this
.
auth
JwtService
=
authJwt
Service
;
this
.
auth
TokenService
=
authToken
Service
;
if
(
validity
!=
0
)
{
this
.
validity
=
validity
;
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/RemeberMe
Service
Factory.java
→
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/RemeberMe
Manager
Factory.java
浏览文件 @
eb748ac8
...
...
@@ -23,18 +23,18 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
import
org.springframework.jdbc.core.JdbcTemplate
;
public
class
RemeberMe
Service
Factory
{
public
class
RemeberMe
Manager
Factory
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
RemeberMe
Service
Factory
.
class
);
LoggerFactory
.
getLogger
(
RemeberMe
Manager
Factory
.
class
);
public
AbstractRemeberMe
Service
getService
(
public
AbstractRemeberMe
Manager
getService
(
int
persistence
,
JdbcTemplate
jdbcTemplate
,
RedisConnectionFactory
redisConnFactory
){
AbstractRemeberMe
Service
remeberMeService
=
null
;
AbstractRemeberMe
Manager
remeberMeService
=
null
;
if
(
persistence
==
ConstsPersistence
.
INMEMORY
)
{
remeberMeService
=
new
InMemoryRemeberMe
Service
();
remeberMeService
=
new
InMemoryRemeberMe
Manager
();
_logger
.
debug
(
"InMemoryRemeberMeService"
);
}
else
if
(
persistence
==
ConstsPersistence
.
JDBC
)
{
//remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
浏览文件 @
eb748ac8
...
...
@@ -23,7 +23,7 @@ import javax.servlet.http.Cookie;
import
javax.servlet.http.HttpServletRequest
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.session.Session
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.entity.UserInfo
;
...
...
@@ -41,43 +41,46 @@ public class AuthorizationUtils {
public
static
void
authenticateWithCookie
(
HttpServletRequest
request
,
Auth
JwtService
authJwt
Service
,
Auth
TokenService
authToken
Service
,
SessionManager
sessionManager
)
throws
ParseException
{
if
(
getAuthentication
()
==
null
)
{
Cookie
authCookie
=
WebContext
.
getCookie
(
request
,
Authorization_Cookie
);
if
(
authCookie
!=
null
)
{
String
authorization
=
authCookie
.
getValue
();
doJwtAuthenticate
(
authorization
,
authJwtService
,
sessionManager
);
_logger
.
debug
(
"congress automatic authenticated ."
);
}
}
Cookie
authCookie
=
WebContext
.
getCookie
(
request
,
Authorization_Cookie
);
if
(
authCookie
!=
null
)
{
String
authorization
=
authCookie
.
getValue
();
doJwtAuthenticate
(
authorization
,
authTokenService
,
sessionManager
);
_logger
.
debug
(
"congress automatic authenticated ."
);
}
}
public
static
void
authenticate
(
HttpServletRequest
request
,
Auth
JwtService
authJwt
Service
,
Auth
TokenService
authToken
Service
,
SessionManager
sessionManager
)
throws
ParseException
{
if
(
getAuthentication
()
==
null
)
{
String
authorization
=
AuthorizationHeaderUtils
.
resolveBearer
(
request
);
if
(
authorization
!=
null
)
{
doJwtAuthenticate
(
authorization
,
authJwtService
,
sessionManager
);
_logger
.
debug
(
"Authorization automatic authenticated ."
);
}
}
String
authorization
=
AuthorizationHeaderUtils
.
resolveBearer
(
request
);
if
(
authorization
!=
null
)
{
doJwtAuthenticate
(
authorization
,
authTokenService
,
sessionManager
);
_logger
.
debug
(
"Authorization automatic authenticated ."
);
}
}
public
static
void
doJwtAuthenticate
(
String
authorization
,
Auth
JwtService
authJwt
Service
,
Auth
TokenService
authToken
Service
,
SessionManager
sessionManager
)
throws
ParseException
{
if
(
authJwtService
.
validateJwtToken
(
authorization
))
{
String
sessionId
=
authJwtService
.
resolveJWTID
(
authorization
);
Session
session
=
sessionManager
.
get
(
sessionId
);
if
(
session
!=
null
)
{
setAuthentication
(
session
.
getAuthentication
());
if
(
authTokenService
.
validateJwtToken
(
authorization
))
{
if
(
isNotAuthenticated
())
{
String
sessionId
=
authTokenService
.
resolveJWTID
(
authorization
);
Session
session
=
sessionManager
.
get
(
sessionId
);
if
(
session
!=
null
)
{
setAuthentication
(
session
.
getAuthentication
());
}
else
{
setAuthentication
(
null
);
}
}
}
else
{
setAuthentication
(
null
);
}
}
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/LoginRefreshPoint.java
0 → 100644
浏览文件 @
eb748ac8
package
org.maxkey.authn.web
;
import
org.maxkey.authn.jwt.AuthJwt
;
import
org.maxkey.authn.jwt.AuthRefreshTokenService
;
import
org.maxkey.authn.jwt.AuthTokenService
;
import
org.maxkey.authn.session.Session
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.entity.Message
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.http.HttpStatus
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.RequestHeader
;
import
org.springframework.web.bind.annotation.RequestMapping
;
@Controller
@RequestMapping
(
value
=
"/auth"
)
public
class
LoginRefreshPoint
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
LoginRefreshPoint
.
class
);
@Autowired
AuthTokenService
authTokenService
;
@Autowired
AuthRefreshTokenService
refreshTokenService
;
@Autowired
SessionManager
sessionManager
;
@RequestMapping
(
value
={
"/token/refresh"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
public
ResponseEntity
<?>
refresh
(
@RequestHeader
(
name
=
"refresh_token"
,
required
=
true
)
String
refreshToken
)
{
_logger
.
trace
(
"refresh token {} "
,
refreshToken
);
try
{
if
(
refreshTokenService
.
validateJwtToken
(
refreshToken
))
{
String
sessionId
=
refreshTokenService
.
resolveJWTID
(
refreshToken
);
_logger
.
trace
(
"Try to refresh sessionId [{}]"
,
sessionId
);
Session
session
=
sessionManager
.
refresh
(
sessionId
);
if
(
session
!=
null
)
{
AuthJwt
authJwt
=
authTokenService
.
genAuthJwt
(
session
.
getAuthentication
());
_logger
.
trace
(
"Grant new token {}"
,
authJwt
);
return
new
Message
<
AuthJwt
>(
authJwt
).
buildResponse
();
}
else
{
_logger
.
debug
(
"Session is timeout , sessionId [{}]"
,
sessionId
);
}
}
else
{
_logger
.
trace
(
"refresh token is not validate ."
);
}
}
catch
(
Exception
e
)
{
_logger
.
error
(
"Refresh Exception !"
,
e
);
}
return
new
ResponseEntity
<>(
"Refresh Token Fail !"
,
HttpStatus
.
UNAUTHORIZED
);
}
}
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java
浏览文件 @
eb748ac8
...
...
@@ -35,10 +35,11 @@ import com.fasterxml.jackson.databind.DatabindException;
import
com.fasterxml.jackson.databind.ObjectMapper
;
@Controller
@RequestMapping
(
value
=
"/auth"
)
public
class
UnauthorizedEntryPoint
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
UnauthorizedEntryPoint
.
class
);
@RequestMapping
(
value
={
"/
auth/
entrypoint"
})
@RequestMapping
(
value
={
"/entrypoint"
})
public
void
entryPoint
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
StreamWriteException
,
DatabindException
,
IOException
{
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
浏览文件 @
eb748ac8
...
...
@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletRequest;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.SignPrincipal
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -47,7 +47,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
SessionManager
sessionManager
;
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
boolean
mgmt
=
false
;
...
...
@@ -59,7 +59,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
@Override
public
boolean
preHandle
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
_logger
.
trace
(
"Permission Interceptor ."
);
AuthorizationUtils
.
authenticate
(
request
,
auth
Jwt
Service
,
sessionManager
);
AuthorizationUtils
.
authenticate
(
request
,
auth
Token
Service
,
sessionManager
);
SignPrincipal
principal
=
AuthorizationUtils
.
getPrincipal
();
//判断用户是否登录,判断用户是否登录用户
if
(
principal
==
null
){
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java
浏览文件 @
eb748ac8
...
...
@@ -19,7 +19,8 @@ package org.maxkey.autoconfigure;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler
;
import
org.maxkey.authn.jwt.AuthJwtService
;
import
org.maxkey.authn.jwt.AuthRefreshTokenService
;
import
org.maxkey.authn.jwt.AuthTokenService
;
import
org.maxkey.authn.jwt.CongressService
;
import
org.maxkey.authn.jwt.InMemoryCongressService
;
import
org.maxkey.authn.jwt.RedisCongressService
;
...
...
@@ -30,8 +31,8 @@ import org.maxkey.authn.provider.TrustedAuthenticationProvider;
import
org.maxkey.authn.realm.AbstractAuthenticationRealm
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.authn.session.SessionManagerFactory
;
import
org.maxkey.authn.support.rememberme.AbstractRemeberMe
Service
;
import
org.maxkey.authn.support.rememberme.JdbcRemeberMe
Service
;
import
org.maxkey.authn.support.rememberme.AbstractRemeberMe
Manager
;
import
org.maxkey.authn.support.rememberme.JdbcRemeberMe
Manager
;
import
org.maxkey.authn.web.HttpSessionListenerAdapter
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.configuration.AuthJwkConfig
;
...
...
@@ -89,14 +90,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
AbstractAuthenticationRealm
authenticationRealm
,
ApplicationConfig
applicationConfig
,
SessionManager
sessionManager
,
Auth
JwtService
authJwt
Service
Auth
TokenService
authToken
Service
)
{
_logger
.
debug
(
"init authentication Provider ."
);
return
new
NormalAuthenticationProvider
(
authenticationRealm
,
applicationConfig
,
sessionManager
,
auth
Jwt
Service
auth
Token
Service
);
}
...
...
@@ -131,10 +132,11 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
}
@Bean
public
Auth
JwtService
authJwt
Service
(
public
Auth
TokenService
authToken
Service
(
AuthJwkConfig
authJwkConfig
,
RedisConnectionFactory
redisConnFactory
,
MomentaryService
momentaryService
,
AuthRefreshTokenService
refreshTokenService
,
@Value
(
"${maxkey.server.persistence}"
)
int
persistence
)
throws
JOSEException
{
CongressService
congressService
;
if
(
persistence
==
ConstsPersistence
.
REDIS
)
{
...
...
@@ -143,9 +145,20 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
congressService
=
new
InMemoryCongressService
();
}
AuthJwtService
authJwtService
=
new
AuthJwtService
(
authJwkConfig
,
congressService
,
momentaryService
);
AuthTokenService
authTokenService
=
new
AuthTokenService
(
authJwkConfig
,
congressService
,
momentaryService
,
refreshTokenService
);
return
authJwtService
;
return
authTokenService
;
}
@Bean
public
AuthRefreshTokenService
refreshTokenService
(
AuthJwkConfig
authJwkConfig
)
throws
JOSEException
{
return
new
AuthRefreshTokenService
(
authJwkConfig
);
}
@Bean
(
name
=
"otpAuthnService"
)
...
...
@@ -196,21 +209,20 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
return
sessionManager
;
}
/**
* remeberMeService .
* @return
*/
@Bean
public
AbstractRemeberMe
Service
remeberMeService
(
public
AbstractRemeberMe
Manager
remeberMeManager
(
@Value
(
"${maxkey.server.persistence}"
)
int
persistence
,
@Value
(
"${maxkey.login.remeberme.validity}"
)
int
validity
,
ApplicationConfig
applicationConfig
,
Auth
JwtService
authJwt
Service
,
Auth
TokenService
authToken
Service
,
JdbcTemplate
jdbcTemplate
)
{
_logger
.
trace
(
"init
remeberMeService
, validity {}."
,
validity
);
return
new
JdbcRemeberMe
Service
(
jdbcTemplate
,
applicationConfig
,
auth
Jwt
Service
,
validity
);
_logger
.
trace
(
"init
RemeberMeManager
, validity {}."
,
validity
);
return
new
JdbcRemeberMe
Manager
(
jdbcTemplate
,
applicationConfig
,
auth
Token
Service
,
validity
);
}
@Bean
...
...
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java
浏览文件 @
eb748ac8
...
...
@@ -41,7 +41,7 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
* jwt Login JwkSetKeyStore.
* @return
*/
@Bean
(
name
=
"jwtLoginJwkSetKeyStore"
)
@Bean
public
JWKSetKeyStore
jwtLoginJwkSetKeyStore
()
{
JWKSetKeyStore
jwkSetKeyStore
=
new
JWKSetKeyStore
();
ClassPathResource
classPathResource
=
new
ClassPathResource
(
"/config/loginjwkkeystore.jwks"
);
...
...
@@ -57,7 +57,7 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
* @throws InvalidKeySpecException
* @throws NoSuchAlgorithmException
*/
@Bean
(
name
=
"jwtLoginValidationService"
)
@Bean
public
DefaultJwtSigningAndValidationService
jwtLoginValidationService
(
JWKSetKeyStore
jwtLoginJwkSetKeyStore
)
throws
NoSuchAlgorithmException
,
InvalidKeySpecException
,
JOSEException
{
...
...
@@ -73,7 +73,7 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
* Jwt LoginService.
* @return
*/
@Bean
(
name
=
"jwtLoginService"
)
@Bean
public
JwtLoginService
jwtLoginService
(
@Value
(
"${maxkey.login.jwt.issuer}"
)
String
issuer
,
...
...
maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -21,7 +21,7 @@
package
org.maxkey.authn.support.socialsignon
;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService
;
import
org.maxkey.authn.support.socialsignon.service.SocialsAssociateService
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -59,7 +59,7 @@ public class AbstractSocialSignOnEndpoint {
AbstractAuthenticationProvider
authenticationProvider
;
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Autowired
ApplicationConfig
applicationConfig
;
...
...
maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -59,7 +59,7 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
)
{
_logger
.
trace
(
"SocialSignOn provider : "
+
provider
);
String
instId
=
WebContext
.
getInst
().
getId
();
String
authorizationUrl
=
buildAuthRequest
(
instId
,
provider
).
authorize
(
auth
JwtService
.
gen
Jwt
());
String
authorizationUrl
=
buildAuthRequest
(
instId
,
provider
).
authorize
(
auth
TokenService
.
genRandom
Jwt
());
_logger
.
trace
(
"authorize SocialSignOn : "
+
authorizationUrl
);
return
new
Message
<
Object
>((
Object
)
authorizationUrl
).
buildResponse
();
}
...
...
@@ -75,7 +75,7 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
if
(
authRequest
==
null
)
{
_logger
.
error
(
"build authRequest fail ."
);
}
String
state
=
auth
JwtService
.
gen
Jwt
();
String
state
=
auth
TokenService
.
genRandom
Jwt
();
authRequest
.
authorize
(
state
);
SocialsProvider
socialSignOnProvider
=
socialSignOnProviderService
.
get
(
instId
,
provider
);
...
...
@@ -139,7 +139,7 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
this
.
socialsAssociateService
.
update
(
socialsAssociate
);
return
new
Message
<
AuthJwt
>(
auth
Jwt
Service
.
genAuthJwt
(
authentication
)).
buildResponse
();
return
new
Message
<
AuthJwt
>(
auth
Token
Service
.
genAuthJwt
(
authentication
)).
buildResponse
();
}
catch
(
Exception
e
)
{
_logger
.
error
(
"callback Exception "
,
e
);
return
new
Message
<
AuthJwt
>(
Message
.
ERROR
).
buildResponse
();
...
...
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java
浏览文件 @
eb748ac8
...
...
@@ -62,22 +62,22 @@ public class ApplicationAutoConfiguration implements InitializingBean {
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
ApplicationAutoConfiguration
.
class
);
@Bean
(
name
=
"passwordReciprocal"
)
@Bean
public
PasswordReciprocal
passwordReciprocal
()
{
return
new
PasswordReciprocal
();
}
@Bean
(
name
=
"transactionManager"
)
@Bean
public
DataSourceTransactionManager
transactionManager
(
DataSource
dataSource
)
{
return
new
DataSourceTransactionManager
(
dataSource
);
}
@Bean
(
name
=
"institutionsRepository"
)
public
InstitutionsRepository
I
nstitutionsRepository
(
JdbcTemplate
jdbcTemplate
)
{
@Bean
public
InstitutionsRepository
i
nstitutionsRepository
(
JdbcTemplate
jdbcTemplate
)
{
return
new
InstitutionsRepository
(
jdbcTemplate
);
}
@Bean
(
name
=
"localizationRepository"
)
@Bean
public
LocalizationRepository
localizationRepository
(
JdbcTemplate
jdbcTemplate
,
InstitutionsRepository
institutionsRepository
)
{
return
new
LocalizationRepository
(
jdbcTemplate
,
institutionsRepository
);
...
...
@@ -87,7 +87,7 @@ public class ApplicationAutoConfiguration implements InitializingBean {
* Authentication Password Encoder .
* @return
*/
@Bean
(
name
=
"passwordEncoder"
)
@Bean
public
PasswordEncoder
passwordEncoder
()
{
String
idForEncode
=
"bcrypt"
;
Map
<
String
,
PasswordEncoder
>
encoders
=
new
HashMap
<
String
,
PasswordEncoder
>();
...
...
@@ -127,7 +127,7 @@ public class ApplicationAutoConfiguration implements InitializingBean {
* keyStoreLoader .
* @return
*/
@Bean
(
name
=
"keyStoreLoader"
)
@Bean
public
KeyStoreLoader
keyStoreLoader
(
@Value
(
"${maxkey.saml.v20.idp.issuing.entity.id}"
)
String
entityName
,
@Value
(
"${maxkey.saml.v20.idp.keystore.password}"
)
String
keystorePassword
,
...
...
@@ -143,7 +143,7 @@ public class ApplicationAutoConfiguration implements InitializingBean {
* spKeyStoreLoader .
* @return
*/
@Bean
(
name
=
"spKeyStoreLoader"
)
@Bean
public
KeyStoreLoader
spKeyStoreLoader
(
@Value
(
"${maxkey.saml.v20.sp.issuing.entity.id}"
)
String
entityName
,
@Value
(
"${maxkey.saml.v20.sp.keystore.password}"
)
String
keystorePassword
,
...
...
@@ -159,17 +159,17 @@ public class ApplicationAutoConfiguration implements InitializingBean {
* spKeyStoreLoader .
* @return
*/
@Bean
(
name
=
"spIssuingEntityName"
)
@Bean
public
String
spIssuingEntityName
(
@Value
(
"${maxkey.saml.v20.sp.issuing.entity.id}"
)
String
spIssuingEntityName
)
{
return
spIssuingEntityName
;
}
/**
*
spKeyStoreLoade
r .
*
Id Generato
r .
* @return
*/
@Bean
(
name
=
"idGenerator"
)
@Bean
public
IdGenerator
idGenerator
(
@Value
(
"${maxkey.id.strategy:SnowFlake}"
)
String
strategy
,
@Value
(
"${maxkey.id.datacenterId:0}"
)
int
datacenterId
,
...
...
@@ -182,7 +182,7 @@ public class ApplicationAutoConfiguration implements InitializingBean {
}
@Bean
(
name
=
"momentaryService"
)
@Bean
public
MomentaryService
momentaryService
(
RedisConnectionFactory
redisConnFactory
,
@Value
(
"${maxkey.server.persistence}"
)
int
persistence
)
throws
JOSEException
{
...
...
maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
浏览文件 @
eb748ac8
...
...
@@ -37,16 +37,7 @@ import org.springframework.stereotype.Component;
@Configuration
public
class
ApplicationConfig
{
@Autowired
EmailConfig
emailConfig
;
@Autowired
CharacterEncodingConfig
characterEncodingConfig
;
@Autowired
LoginConfig
loginConfig
;
@Value
(
"${maxkey.server.basedomain}"
)
@Value
(
"${maxkey.server.basedomain}"
)
String
baseDomainName
;
@Value
(
"${maxkey.server.domain}"
)
...
...
@@ -83,6 +74,17 @@ public class ApplicationConfig {
private
boolean
noticesVisible
;
public
static
String
databaseProduct
=
"MySQL"
;
@Autowired
EmailConfig
emailConfig
;
@Autowired
CharacterEncodingConfig
characterEncodingConfig
;
@Autowired
LoginConfig
loginConfig
;
public
int
getPort
()
{
...
...
maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java
浏览文件 @
eb748ac8
...
...
@@ -25,9 +25,6 @@ import org.springframework.stereotype.Component;
@Configuration
public
class
AuthJwkConfig
{
@Value
(
"${maxkey.auth.jwt.issuer:https://sso.maxkey.top/}"
)
String
issuer
;
@Value
(
"${maxkey.auth.jwt.expires:86400}"
)
int
expires
;
...
...
@@ -35,10 +32,13 @@ public class AuthJwkConfig {
String
secret
;
@Value
(
"${maxkey.session.timeout}"
)
String
refreshExpire
;
int
refreshExpires
;
@Value
(
"${maxkey.auth.jwt.refresh.secret}"
)
String
refreshSecret
;
@Value
(
"${maxkey.auth.jwt.issuer:https://sso.maxkey.top/}"
)
String
issuer
;
public
AuthJwkConfig
()
{
super
();
...
...
@@ -52,7 +52,6 @@ public class AuthJwkConfig {
this
.
issuer
=
issuer
;
}
public
int
getExpires
()
{
return
expires
;
...
...
@@ -69,6 +68,22 @@ public class AuthJwkConfig {
public
void
setSecret
(
String
secret
)
{
this
.
secret
=
secret
;
}
public
int
getRefreshExpires
()
{
return
refreshExpires
;
}
public
void
setRefreshExpires
(
int
refreshExpires
)
{
this
.
refreshExpires
=
refreshExpires
;
}
public
String
getRefreshSecret
()
{
return
refreshSecret
;
}
public
void
setRefreshSecret
(
String
refreshSecret
)
{
this
.
refreshSecret
=
refreshSecret
;
}
@Override
public
String
toString
()
{
...
...
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeBaseEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -45,15 +45,12 @@ public class AuthorizeBaseEndpoint {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
AuthorizeBaseEndpoint
.
class
);
@Autowired
@Qualifier
(
"applicationConfig"
)
protected
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"appsService"
)
protected
AppsService
appsService
;
@Autowired
@Qualifier
(
"accountsService"
)
protected
AccountsService
accountsService
;
protected
Apps
getApp
(
String
id
){
...
...
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -33,11 +33,9 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
CasBaseAuthorizeEndpoint
.
class
);
@Autowired
@Qualifier
(
"appsCasDetailsService"
)
protected
AppsCasDetailsService
casDetailsService
;
@Autowired
@Qualifier
(
"userInfoService"
)
protected
UserInfoService
userInfoService
;
@Autowired
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -33,7 +33,7 @@ import org.apache.commons.lang.Validate;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.LoginCredential
;
import
org.maxkey.authn.jwt.AuthJwt
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authz.saml.common.EndpointGenerator
;
import
org.maxkey.authz.saml.common.TrustResolver
;
import
org.maxkey.authz.saml.service.IDService
;
...
...
@@ -120,7 +120,7 @@ public class ConsumerEndpoint {
private
MessageReplayRule
messageReplayRule
;
@Autowired
Auth
Jwt
Service
authJwtService
;
Auth
Token
Service
authJwtService
;
EndpointGenerator
endpointGenerator
;
AuthnRequestGenerator
authnRequestGenerator
;
...
...
maxkey-web-frontend/maxkey-web-app/src/app/core/net/default.interceptor.ts
浏览文件 @
eb748ac8
...
...
@@ -13,9 +13,12 @@ import { DA_SERVICE_TOKEN, ITokenService } from '@delon/auth';
import
{
ALAIN_I18N_TOKEN
,
_HttpClient
}
from
'
@delon/theme
'
;
import
{
environment
}
from
'
@env/environment
'
;
import
{
NzNotificationService
}
from
'
ng-zorro-antd/notification
'
;
import
{
CookieService
}
from
'
ngx-cookie-service
'
;
import
{
BehaviorSubject
,
Observable
,
of
,
throwError
}
from
'
rxjs
'
;
import
{
catchError
,
filter
,
mergeMap
,
switchMap
,
take
}
from
'
rxjs/operators
'
;
import
{
CONSTS
}
from
'
../../shared/consts
'
;
const
CODEMESSAGE
:
{
[
key
:
number
]:
string
}
=
{
200
:
'
服务器成功返回请求的数据。
'
,
201
:
'
新建或修改数据成功。
'
,
...
...
@@ -54,6 +57,10 @@ export class DefaultInterceptor implements HttpInterceptor {
return
this
.
injector
.
get
(
NzNotificationService
);
}
private
get
cookieService
():
CookieService
{
return
this
.
injector
.
get
(
CookieService
);
}
private
get
tokenSrv
():
ITokenService
{
return
this
.
injector
.
get
(
DA_SERVICE_TOKEN
);
}
...
...
@@ -80,17 +87,18 @@ export class DefaultInterceptor implements HttpInterceptor {
*/
private
refreshTokenRequest
():
Observable
<
any
>
{
const
model
=
this
.
tokenSrv
.
get
();
return
this
.
http
.
post
(
`/a
pi/auth/refresh`
,
null
,
null
,
{
headers
:
{
refresh_token
:
model
?.[
'
refresh_t
oken
'
]
||
''
}
});
return
this
.
http
.
post
(
`/a
uth/token/refresh`
,
null
,
null
,
{
headers
:
{
refresh_token
:
model
?.[
'
refreshT
oken
'
]
||
''
}
});
}
// #region 刷新Token方式一:使用 401 重新刷新 Token
private
tryRefreshToken
(
ev
:
HttpResponseBase
,
req
:
HttpRequest
<
any
>
,
next
:
HttpHandler
):
Observable
<
any
>
{
// 1、若请求为刷新Token请求,表示来自刷新Token可以直接跳转登录页
if
([
`/a
pi/auth
/refresh`
].
some
(
url
=>
req
.
url
.
includes
(
url
)))
{
if
([
`/a
uth/token
/refresh`
].
some
(
url
=>
req
.
url
.
includes
(
url
)))
{
this
.
toLogin
();
return
throwError
(
ev
);
}
// 2、如果 `refreshToking` 为 `true` 表示已经在请求刷新 Token 中,后续所有请求转入等待状态,直至结果返回后再重新发起请求
if
(
this
.
refreshToking
)
{
return
this
.
refreshToken$
.
pipe
(
...
...
@@ -99,17 +107,20 @@ export class DefaultInterceptor implements HttpInterceptor {
switchMap
(()
=>
next
.
handle
(
this
.
reAttachToken
(
req
)))
);
}
// 3、尝试调用刷新 Token
this
.
refreshToking
=
true
;
this
.
refreshToken$
.
next
(
null
);
return
this
.
refreshTokenRequest
().
pipe
(
switchMap
(
res
=>
{
console
.
log
(
res
.
data
);
// 通知后续请求继续执行
this
.
refreshToking
=
false
;
this
.
refreshToken$
.
next
(
res
);
this
.
refreshToken$
.
next
(
res
.
data
.
refreshToken
);
this
.
cookieService
.
set
(
CONSTS
.
CONGRESS
,
res
.
data
.
token
);
// 重新保存新 token
this
.
tokenSrv
.
set
(
res
);
this
.
tokenSrv
.
set
(
res
.
data
);
// 重新发起请求
return
next
.
handle
(
this
.
reAttachToken
(
req
));
}),
...
...
@@ -127,6 +138,7 @@ export class DefaultInterceptor implements HttpInterceptor {
* > 由于已经发起的请求,不会再走一遍 `@delon/auth` 因此需要结合业务情况重新附加新的 Token
*/
private
reAttachToken
(
req
:
HttpRequest
<
any
>
):
HttpRequest
<
any
>
{
//console.log('reAttachToken');
// 以下示例是以 NG-ALAIN 默认使用 `SimpleInterceptor`
const
token
=
this
.
tokenSrv
.
get
()?.
token
;
return
req
.
clone
({
...
...
maxkey-web-frontend/maxkey-web-app/src/environments/environment.ts
浏览文件 @
eb748ac8
...
...
@@ -13,7 +13,7 @@ export const environment = {
api
:
{
baseUrl
:
'
http://sso.maxkey.top:8080/maxkey
'
,
refreshTokenEnabled
:
true
,
refreshTokenType
:
'
auth-refresh
'
refreshTokenType
:
'
re-request
'
},
modules
:
[
DelonMockModule
.
forRoot
({
data
:
MOCKDATA
})]
}
as
Environment
;
...
...
maxkey-web-frontend/maxkey-web-mgt-app/src/app/core/net/default.interceptor.ts
浏览文件 @
eb748ac8
...
...
@@ -80,14 +80,14 @@ export class DefaultInterceptor implements HttpInterceptor {
*/
private
refreshTokenRequest
():
Observable
<
any
>
{
const
model
=
this
.
tokenSrv
.
get
();
return
this
.
http
.
post
(
`/a
pi/auth
/refresh`
,
null
,
null
,
{
headers
:
{
refresh_token
:
model
?.[
'
refresh_token
'
]
||
''
}
});
return
this
.
http
.
post
(
`/a
uth/token
/refresh`
,
null
,
null
,
{
headers
:
{
refresh_token
:
model
?.[
'
refresh_token
'
]
||
''
}
});
}
// #region 刷新Token方式一:使用 401 重新刷新 Token
private
tryRefreshToken
(
ev
:
HttpResponseBase
,
req
:
HttpRequest
<
any
>
,
next
:
HttpHandler
):
Observable
<
any
>
{
// 1、若请求为刷新Token请求,表示来自刷新Token可以直接跳转登录页
if
([
`/a
pi/auth
/refresh`
].
some
(
url
=>
req
.
url
.
includes
(
url
)))
{
if
([
`/a
uth/token
/refresh`
].
some
(
url
=>
req
.
url
.
includes
(
url
)))
{
this
.
toLogin
();
return
throwError
(
ev
);
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
浏览文件 @
eb748ac8
...
...
@@ -77,7 +77,7 @@ public class MaxKeyConfig implements InitializingBean {
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
MaxKeyConfig
.
class
);
@Bean
(
name
=
"otpKeyUriFormat"
)
@Bean
public
OtpKeyUriFormat
otpKeyUriFormat
(
@Value
(
"${maxkey.otp.policy.type:totp}"
)
String
type
,
...
...
@@ -96,7 +96,7 @@ public class MaxKeyConfig implements InitializingBean {
}
//可以在此实现其他的登陆认证方式,请实现AbstractAuthenticationRealm
@Bean
(
name
=
"authenticationRealm"
)
@Bean
public
JdbcAuthenticationRealm
authenticationRealm
(
PasswordEncoder
passwordEncoder
,
PasswordPolicyValidator
passwordPolicyValidator
,
...
...
@@ -120,7 +120,7 @@ public class MaxKeyConfig implements InitializingBean {
return
authenticationRealm
;
}
@Bean
(
name
=
"timeBasedOtpAuthn"
)
@Bean
public
TimeBasedOtpAuthn
timeBasedOtpAuthn
(
@Value
(
"${maxkey.otp.policy.digits:6}"
)
int
digits
,
...
...
@@ -131,8 +131,8 @@ public class MaxKeyConfig implements InitializingBean {
return
tfaOtpAuthn
;
}
@Bean
(
name
=
"tfaOtpAuthn"
)
public
AbstractOtpAuthn
tfaO
pt
Authn
(
@Bean
public
AbstractOtpAuthn
tfaO
tp
Authn
(
@Value
(
"${maxkey.login.mfa.type}"
)
String
mfaType
,
@Value
(
"${maxkey.otp.policy.digits:6}"
)
int
digits
,
...
...
@@ -152,7 +152,7 @@ public class MaxKeyConfig implements InitializingBean {
return
tfaOtpAuthn
;
}
@Bean
(
name
=
"mailOtpAuthn"
)
@Bean
public
MailOtpAuthn
mailOtpAuthn
(
EmailConfig
emailConfig
,
@Value
(
"${spring.mail.properties.mailotp.message.subject}"
)
...
...
@@ -185,7 +185,7 @@ public class MaxKeyConfig implements InitializingBean {
}
@Bean
(
name
=
"kerberosService"
)
@Bean
public
RemoteKerberosService
kerberosService
(
@Value
(
"${maxkey.login.kerberos.default.userdomain}"
)
String
userDomain
,
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
浏览文件 @
eb748ac8
...
...
@@ -46,6 +46,15 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@EnableWebMvc
public
class
MaxKeyMvcConfig
implements
WebMvcConfigurer
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
MaxKeyMvcConfig
.
class
);
@Value
(
"${maxkey.login.basic.enable:false}"
)
private
boolean
basicEnable
;
@Value
(
"${maxkey.login.httpheader.enable:false}"
)
private
boolean
httpHeaderEnable
;
@Value
(
"${maxkey.login.httpheader.headername:iv-user}"
)
private
String
httpHeaderName
;
@Autowired
ApplicationConfig
applicationConfig
;
...
...
@@ -69,15 +78,6 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
@Autowired
HistorySignOnAppInterceptor
historySignOnAppInterceptor
;
@Value
(
"${maxkey.login.httpheader.enable:false}"
)
private
boolean
httpHeaderEnable
;
@Value
(
"${maxkey.login.httpheader.headername:iv-user}"
)
private
String
httpHeaderName
;
@Value
(
"${maxkey.login.basic.enable:false}"
)
private
boolean
basicEnable
;
@Override
public
void
addResourceHandlers
(
ResourceHandlerRegistry
registry
)
{
_logger
.
debug
(
"addResourceHandlers"
);
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java
浏览文件 @
eb748ac8
...
...
@@ -20,6 +20,7 @@ package org.maxkey.web.contorller;
import
java.util.List
;
import
org.maxkey.authn.annotation.CurrentUser
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.constants.ConstsStatus
;
import
org.maxkey.crypto.password.PasswordReciprocal
;
import
org.maxkey.entity.Accounts
;
...
...
@@ -78,6 +79,7 @@ public class AppListController {
for
(
UserApps
app
:
appList
)
{
app
.
transIconBase64
();
}
//AuthorizationUtils.setAuthentication(null);
return
new
Message
<
List
<
UserApps
>>(
appList
).
buildResponse
();
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java
浏览文件 @
eb748ac8
...
...
@@ -20,7 +20,7 @@ package org.maxkey.web.contorller;
import
java.util.regex.Pattern
;
import
org.apache.commons.lang3.StringUtils
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.configuration.EmailConfig
;
import
org.maxkey.entity.ChangePassword
;
import
org.maxkey.entity.Message
;
...
...
@@ -68,7 +68,7 @@ public class ForgotPasswordContorller {
}
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Autowired
UserInfoService
userInfoService
;
...
...
@@ -88,7 +88,7 @@ public class ForgotPasswordContorller {
@RequestParam
String
captcha
)
{
_logger
.
debug
(
"forgotpassword /forgotpassword/produceOtp."
);
_logger
.
debug
(
" Mobile {}: "
,
mobile
);
if
(!
auth
Jwt
Service
.
validateCaptcha
(
state
,
captcha
))
{
if
(!
auth
Token
Service
.
validateCaptcha
(
state
,
captcha
))
{
_logger
.
debug
(
"login captcha valid error."
);
return
new
Message
<
ChangePassword
>(
Message
.
FAIL
).
buildResponse
();
}
...
...
@@ -116,7 +116,7 @@ public class ForgotPasswordContorller {
@RequestParam
String
state
,
@RequestParam
String
captcha
)
{
_logger
.
debug
(
"/forgotpassword/produceEmailOtp Email {} : "
,
email
);
if
(!
auth
Jwt
Service
.
validateCaptcha
(
state
,
captcha
))
{
if
(!
auth
Token
Service
.
validateCaptcha
(
state
,
captcha
))
{
_logger
.
debug
(
"captcha valid error."
);
return
new
Message
<
ChangePassword
>(
Message
.
FAIL
).
buildResponse
();
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/IndexEndpoint.java
浏览文件 @
eb748ac8
...
...
@@ -49,8 +49,8 @@ public class IndexEndpoint {
NoticesService
noticesService
;
@Autowired
@Qualifier
(
"applicationConfig"
)
ApplicationConfig
applicationConfig
;
@RequestMapping
(
value
={
"/forwardindex"
})
public
ModelAndView
forwardindex
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
ServletException
,
IOException
{
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
浏览文件 @
eb748ac8
...
...
@@ -28,9 +28,9 @@ import org.apache.commons.lang3.StringUtils;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.LoginCredential
;
import
org.maxkey.authn.jwt.AuthJwt
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.support.kerberos.KerberosService
;
import
org.maxkey.authn.support.rememberme.AbstractRemeberMe
Service
;
import
org.maxkey.authn.support.rememberme.AbstractRemeberMe
Manager
;
import
org.maxkey.authn.support.rememberme.RemeberMe
;
import
org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -45,7 +45,6 @@ import org.maxkey.web.WebContext;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.security.core.Authentication
;
...
...
@@ -71,17 +70,15 @@ public class LoginEntryPoint {
Pattern
mobileRegex
=
Pattern
.
compile
(
"^(13[4,5,6,7,8,9]|15[0,8,9,1,7]|188|187)\\\\d{8}$"
);
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Autowired
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
AbstractAuthenticationProvider
authenticationProvider
;
@Autowired
@Qualifier
(
"socialSignOnProviderService"
)
SocialSignOnProviderService
socialSignOnProviderService
;
@Autowired
...
...
@@ -91,15 +88,13 @@ public class LoginEntryPoint {
UserInfoService
userInfoService
;
@Autowired
@Qualifier
(
"tfaOtpAuthn"
)
protected
AbstractOtpAuthn
tfaOtpAuthn
;
AbstractOtpAuthn
tfaOtpAuthn
;
@Autowired
@Qualifier
(
"otpAuthnService"
)
protected
OtpAuthnService
otpAuthnService
;
OtpAuthnService
otpAuthnService
;
@Autowired
AbstractRemeberMe
Service
remeberMeService
;
AbstractRemeberMe
Manager
remeberMeManager
;
/**
* init login
...
...
@@ -112,16 +107,16 @@ public class LoginEntryPoint {
_logger
.
debug
(
"/get."
);
//Remember Me
if
(
StringUtils
.
isNotBlank
(
rememberMeJwt
)
&&
auth
Jwt
Service
.
validateJwtToken
(
rememberMeJwt
))
{
&&
auth
Token
Service
.
validateJwtToken
(
rememberMeJwt
))
{
try
{
RemeberMe
remeberMe
=
remeberMe
Service
.
resolve
(
rememberMeJwt
);
RemeberMe
remeberMe
=
remeberMe
Manager
.
resolve
(
rememberMeJwt
);
if
(
remeberMe
!=
null
)
{
LoginCredential
credential
=
new
LoginCredential
();
String
remeberMeJwt
=
remeberMe
Service
.
updateRemeberMe
(
remeberMe
);
String
remeberMeJwt
=
remeberMe
Manager
.
updateRemeberMe
(
remeberMe
);
credential
.
setUsername
(
remeberMe
.
getUsername
());
Authentication
authentication
=
authenticationProvider
.
authenticate
(
credential
,
true
);
if
(
authentication
!=
null
)
{
AuthJwt
authJwt
=
auth
Jwt
Service
.
genAuthJwt
(
authentication
);
AuthJwt
authJwt
=
auth
Token
Service
.
genAuthJwt
(
authentication
);
authJwt
.
setRemeberMe
(
remeberMeJwt
);
return
new
Message
<
AuthJwt
>(
authJwt
).
buildResponse
();
}
...
...
@@ -150,7 +145,7 @@ public class LoginEntryPoint {
model
.
put
(
"captcha"
,
inst
.
getCaptchaSupport
());
model
.
put
(
"captchaType"
,
inst
.
getCaptchaType
());
}
model
.
put
(
"state"
,
auth
JwtService
.
gen
Jwt
());
model
.
put
(
"state"
,
auth
TokenService
.
genRandom
Jwt
());
//load Social Sign On Providers
model
.
put
(
"socials"
,
socialSignOnProviderService
.
loadSocials
(
inst
.
getId
()));
...
...
@@ -178,16 +173,16 @@ public class LoginEntryPoint {
public
ResponseEntity
<?>
signin
(
HttpServletRequest
request
,
HttpServletResponse
response
,
@RequestBody
LoginCredential
credential
)
{
Message
<
AuthJwt
>
authJwtMessage
=
new
Message
<
AuthJwt
>(
Message
.
FAIL
);
if
(
auth
Jwt
Service
.
validateJwtToken
(
credential
.
getState
())){
if
(
auth
Token
Service
.
validateJwtToken
(
credential
.
getState
())){
String
authType
=
credential
.
getAuthType
();
_logger
.
debug
(
"Login AuthN Type "
+
authType
);
if
(
StringUtils
.
isNotBlank
(
authType
)){
Authentication
authentication
=
authenticationProvider
.
authenticate
(
credential
);
if
(
authentication
!=
null
)
{
AuthJwt
authJwt
=
auth
Jwt
Service
.
genAuthJwt
(
authentication
);
AuthJwt
authJwt
=
auth
Token
Service
.
genAuthJwt
(
authentication
);
if
(
StringUtils
.
isNotBlank
(
credential
.
getRemeberMe
())
&&
credential
.
getRemeberMe
().
equalsIgnoreCase
(
"true"
))
{
String
remeberMe
=
remeberMe
Service
.
createRemeberMe
(
authentication
,
request
,
response
);
String
remeberMe
=
remeberMe
Manager
.
createRemeberMe
(
authentication
,
request
,
response
);
authJwt
.
setRemeberMe
(
remeberMe
);
}
if
(
WebContext
.
getAttribute
(
WebConstants
.
CURRENT_USER_PASSWORD_SET_TYPE
)!=
null
)
...
...
@@ -211,7 +206,7 @@ public class LoginEntryPoint {
@RequestMapping
(
value
={
"/congress"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
public
ResponseEntity
<?>
congress
(
@RequestBody
LoginCredential
credential
)
{
if
(
StringUtils
.
isNotBlank
(
credential
.
getCongress
())){
AuthJwt
authJwt
=
auth
Jwt
Service
.
consumeCongress
(
credential
.
getCongress
());
AuthJwt
authJwt
=
auth
Token
Service
.
consumeCongress
(
credential
.
getCongress
());
if
(
authJwt
!=
null
)
{
return
new
Message
<
AuthJwt
>(
authJwt
).
buildResponse
();
}
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java
浏览文件 @
eb748ac8
...
...
@@ -35,7 +35,6 @@ import org.maxkey.web.image.ImageEndpoint;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.RequestMapping
;
...
...
@@ -54,11 +53,9 @@ public class OneTimePasswordController {
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
OneTimePasswordController
.
class
);
@Autowired
@Qualifier
(
"userInfoService"
)
private
UserInfoService
userInfoService
;
@Autowired
@Qualifier
(
"otpKeyUriFormat"
)
OtpKeyUriFormat
otpKeyUriFormat
;
@RequestMapping
(
value
=
{
"/timebased"
})
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegisterController.java
浏览文件 @
eb748ac8
...
...
@@ -22,7 +22,7 @@ import java.util.regex.Pattern;
import
javax.servlet.ServletException
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.constants.ConstsStatus
;
import
org.maxkey.crypto.password.PasswordReciprocal
;
...
...
@@ -55,7 +55,7 @@ public class RegisterController {
Pattern
mobileRegex
=
Pattern
.
compile
(
"^[1][3,4,5,7,8][0-9]{9}$"
);
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Autowired
protected
ApplicationConfig
applicationConfig
;
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java
浏览文件 @
eb748ac8
...
...
@@ -44,7 +44,6 @@ public class SocialSignOnListController {
@Autowired
protected
SocialsAssociatesService
socialsAssociatesService
;
@RequestMapping
(
value
={
"/fetch"
})
@ResponseBody
public
ResponseEntity
<?>
fetch
(
@CurrentUser
UserInfo
currentUser
){
...
...
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
浏览文件 @
eb748ac8
...
...
@@ -19,7 +19,7 @@ package org.maxkey.web.interceptor;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.authn.session.SessionManager
;
import
org.maxkey.authn.web.AuthorizationUtils
;
import
org.maxkey.configuration.ApplicationConfig
;
...
...
@@ -42,7 +42,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
SessionManager
sessionManager
;
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Override
public
boolean
preHandle
(
HttpServletRequest
request
,
...
...
@@ -51,7 +51,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
_logger
.
trace
(
"Single Sign On Interceptor"
);
AuthorizationUtils
.
authenticateWithCookie
(
request
,
auth
Jwt
Service
,
sessionManager
);
request
,
auth
Token
Service
,
sessionManager
);
if
(
AuthorizationUtils
.
isNotAuthenticated
()){
String
loginUrl
=
applicationConfig
.
getFrontendUri
()
+
"/#/passport/login?redirect_uri=%s"
;
...
...
maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
浏览文件 @
eb748ac8
...
...
@@ -55,7 +55,7 @@ maxkey.app.issuer =CN=ConSec,CN=COM,CN=SH
maxkey.session.timeout
=
${SERVER_SESSION_TIMEOUT:1800}
maxkey.auth.jwt.issuer
=
${maxkey.server.uri}
maxkey.auth.jwt.expire
=
60
0
maxkey.auth.jwt.expire
s
=
6
0
maxkey.auth.jwt.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
maxkey.auth.jwt.refresh.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
############################################################################
...
...
maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
浏览文件 @
eb748ac8
...
...
@@ -51,7 +51,7 @@ maxkey.app.issuer =CN=ConSec,CN=COM,CN=SH
maxkey.session.timeout
=
${SERVER_SESSION_TIMEOUT:1800}
maxkey.auth.jwt.issuer
=
${maxkey.server.uri}
maxkey.auth.jwt.expire
=
600
maxkey.auth.jwt.expire
s
=
600
maxkey.auth.jwt.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
maxkey.auth.jwt.refresh.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
############################################################################
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java
浏览文件 @
eb748ac8
...
...
@@ -37,7 +37,7 @@ public class MaxKeyMgtConfig implements InitializingBean {
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
MaxKeyMgtConfig
.
class
);
//authenticationRealm for MaxKeyMgtApplication
@Bean
(
name
=
"authenticationRealm"
)
@Bean
public
JdbcAuthenticationRealm
authenticationRealm
(
PasswordEncoder
passwordEncoder
,
PasswordPolicyValidator
passwordPolicyValidator
,
...
...
@@ -58,7 +58,7 @@ public class MaxKeyMgtConfig implements InitializingBean {
return
authenticationRealm
;
}
@Bean
(
name
=
"timeBasedOtpAuthn"
)
@Bean
public
AbstractOtpAuthn
timeBasedOtpAuthn
()
{
AbstractOtpAuthn
tfaOtpAuthn
=
new
TimeBasedOtpAuthn
();
_logger
.
debug
(
"TimeBasedOtpAuthn inited."
);
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/Oauth20ClientAutoConfiguration.java
浏览文件 @
eb748ac8
...
...
@@ -46,8 +46,8 @@ import org.springframework.security.crypto.password.PasswordEncoder;
public
class
Oauth20ClientAutoConfiguration
implements
InitializingBean
{
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
Oauth20ClientAutoConfiguration
.
class
);
@Bean
(
name
=
"oauth20JdbcClientDetailsService"
)
public
JdbcClientDetailsService
j
dbcClientDetailsService
(
@Bean
public
JdbcClientDetailsService
oauth20J
dbcClientDetailsService
(
DataSource
dataSource
,
PasswordEncoder
passwordReciprocal
)
{
JdbcClientDetailsService
clientDetailsService
=
new
JdbcClientDetailsService
(
dataSource
);
clientDetailsService
.
setPasswordEncoder
(
passwordReciprocal
);
...
...
@@ -60,7 +60,7 @@ public class Oauth20ClientAutoConfiguration implements InitializingBean {
* @param persistence int
* @return oauth20TokenStore
*/
@Bean
(
name
=
"oauth20TokenStore"
)
@Bean
public
TokenStore
oauth20TokenStore
(
@Value
(
"${maxkey.server.persistence}"
)
int
persistence
,
JdbcTemplate
jdbcTemplate
,
...
...
@@ -81,8 +81,8 @@ public class Oauth20ClientAutoConfiguration implements InitializingBean {
* clientDetailsUserDetailsService.
* @return oauth20TokenServices
*/
@Bean
(
name
=
"oauth20TokenServices"
)
public
DefaultTokenServices
default
TokenServices
(
@Bean
public
DefaultTokenServices
oauth20
TokenServices
(
JdbcClientDetailsService
oauth20JdbcClientDetailsService
,
TokenStore
oauth20TokenStore
)
{
DefaultTokenServices
tokenServices
=
new
DefaultTokenServices
();
...
...
@@ -96,7 +96,7 @@ public class Oauth20ClientAutoConfiguration implements InitializingBean {
* ProviderManager.
* @return oauth20ClientAuthenticationManager
*/
@Bean
(
name
=
"oauth20ClientAuthenticationManager"
)
@Bean
public
ProviderManager
oauth20ClientAuthenticationManager
(
JdbcClientDetailsService
oauth20JdbcClientDetailsService
,
PasswordEncoder
passwordReciprocal
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
浏览文件 @
eb748ac8
...
...
@@ -21,7 +21,6 @@ import org.maxkey.entity.UserInfo;
import
org.maxkey.password.onetimepwd.AbstractOtpAuthn
;
import
org.maxkey.persistence.service.UserInfoService
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RequestMethod
;
...
...
@@ -36,11 +35,9 @@ import io.swagger.v3.oas.annotations.tags.Tag;
public
class
RestTimeBasedOtpController
{
@Autowired
@Qualifier
(
"timeBasedOtpAuthn"
)
protected
AbstractOtpAuthn
timeBasedOtpAuthn
;
@Autowired
@Qualifier
(
"userInfoService"
)
private
UserInfoService
userInfoService
;
@Operation
(
summary
=
"基于时间令牌验证 API文档模块"
,
description
=
"传递参数username和token"
,
method
=
"GET"
)
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/SAML20DetailsController.java
浏览文件 @
eb748ac8
...
...
@@ -63,8 +63,7 @@ public class SAML20DetailsController extends BaseAppContorller {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
SAML20DetailsController
.
class
);
@Autowired
@Qualifier
(
"keyStoreLoader"
)
private
KeyStoreLoader
idpKeyStoreLoader
;
private
KeyStoreLoader
keyStoreLoader
;
@Autowired
AppsSaml20DetailsService
saml20DetailsService
;
...
...
@@ -184,7 +183,7 @@ public class SAML20DetailsController extends BaseAppContorller {
samlDetails
.
setCertIssuer
(
X509CertUtils
.
getCommonName
(
samlDetails
.
getTrustCert
().
getIssuerX500Principal
()));
KeyStore
keyStore
=
KeyStoreUtil
.
clone
(
idpKeyStoreLoader
.
getKeyStore
(),
idpK
eyStoreLoader
.
getKeystorePassword
());
KeyStore
keyStore
=
KeyStoreUtil
.
clone
(
keyStoreLoader
.
getKeyStore
(),
k
eyStoreLoader
.
getKeystorePassword
());
KeyStore
trustKeyStore
=
null
;
if
(!
samlDetails
.
getEntityId
().
equals
(
""
))
{
...
...
@@ -193,7 +192,7 @@ public class SAML20DetailsController extends BaseAppContorller {
trustKeyStore
=
KeyStoreUtil
.
importTrustCertificate
(
keyStore
,
samlDetails
.
getTrustCert
());
}
byte
[]
keyStoreByte
=
KeyStoreUtil
.
keyStore2Bytes
(
trustKeyStore
,
idpK
eyStoreLoader
.
getKeystorePassword
());
byte
[]
keyStoreByte
=
KeyStoreUtil
.
keyStore2Bytes
(
trustKeyStore
,
k
eyStoreLoader
.
getKeystorePassword
());
// store KeyStore content
samlDetails
.
setKeyStore
(
keyStoreByte
);
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/DashboardController.java
浏览文件 @
eb748ac8
...
...
@@ -26,7 +26,6 @@ import org.maxkey.persistence.service.ReportService;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
...
...
@@ -41,7 +40,6 @@ public class DashboardController {
private
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
DashboardController
.
class
);
@Autowired
@Qualifier
(
"reportService"
)
ReportService
reportService
;
@RequestMapping
(
value
={
"/dashboard"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java
浏览文件 @
eb748ac8
...
...
@@ -22,7 +22,7 @@ import java.util.HashMap;
import
org.maxkey.authn.AbstractAuthenticationProvider
;
import
org.maxkey.authn.LoginCredential
;
import
org.maxkey.authn.jwt.AuthJwt
;
import
org.maxkey.authn.jwt.Auth
Jwt
Service
;
import
org.maxkey.authn.jwt.Auth
Token
Service
;
import
org.maxkey.configuration.ApplicationConfig
;
import
org.maxkey.entity.Institutions
;
import
org.maxkey.entity.Message
;
...
...
@@ -50,13 +50,12 @@ public class LoginEntryPoint {
private
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
LoginEntryPoint
.
class
);
@Autowired
Auth
JwtService
authJwt
Service
;
Auth
TokenService
authToken
Service
;
@Autowired
protected
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"authenticationProvider"
)
AbstractAuthenticationProvider
authenticationProvider
;
/**
...
...
@@ -77,15 +76,15 @@ public class LoginEntryPoint {
model
.
put
(
"captcha"
,
inst
.
getCaptchaSupport
());
model
.
put
(
"captchaType"
,
inst
.
getCaptchaType
());
}
model
.
put
(
"state"
,
auth
JwtService
.
gen
Jwt
());
model
.
put
(
"state"
,
auth
TokenService
.
genRandom
Jwt
());
return
new
Message
<
HashMap
<
String
,
Object
>>(
model
).
buildResponse
();
}
@RequestMapping
(
value
={
"/signin"
},
produces
=
{
MediaType
.
APPLICATION_JSON_VALUE
})
public
ResponseEntity
<?>
signin
(
@RequestBody
LoginCredential
loginCredential
)
{
if
(
auth
Jwt
Service
.
validateJwtToken
(
loginCredential
.
getState
())){
if
(
auth
Token
Service
.
validateJwtToken
(
loginCredential
.
getState
())){
Authentication
authentication
=
authenticationProvider
.
authenticate
(
loginCredential
);
AuthJwt
authJwt
=
auth
Jwt
Service
.
genAuthJwt
(
authentication
);
AuthJwt
authJwt
=
auth
Token
Service
.
genAuthJwt
(
authentication
);
return
new
Message
<
AuthJwt
>(
authJwt
).
buildResponse
();
}
return
new
Message
<
AuthJwt
>(
Message
.
FAIL
).
buildResponse
();
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/UserAdjointController.java
浏览文件 @
eb748ac8
...
...
@@ -29,7 +29,6 @@ import org.maxkey.web.message.MessageType;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.ModelAttribute
;
import
org.springframework.web.bind.annotation.PathVariable
;
...
...
@@ -44,7 +43,6 @@ public class UserAdjointController {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
UserAdjointController
.
class
);
@Autowired
@Qualifier
(
"userInfoAdjointService"
)
UserInfoAdjointService
userInfoAdjointService
;
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/historys/contorller/ConnectorHistoryController.java
浏览文件 @
eb748ac8
...
...
@@ -52,7 +52,6 @@ public class ConnectorHistoryController {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
ConnectorHistoryController
.
class
);
@Autowired
@Qualifier
(
"historyConnectorService"
)
HistoryConnectorService
historyConnectorService
;
/**
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/historys/contorller/SynchronizerHistoryController.java
浏览文件 @
eb748ac8
...
...
@@ -29,7 +29,6 @@ import org.maxkey.util.DateUtils;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.beans.propertyeditors.CustomDateEditor
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
...
...
@@ -52,7 +51,6 @@ public class SynchronizerHistoryController {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
SynchronizerHistoryController
.
class
);
@Autowired
@Qualifier
(
"historySynchronizerService"
)
HistorySynchronizerService
historySynchronizerService
;
/**
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java
浏览文件 @
eb748ac8
...
...
@@ -30,7 +30,6 @@ import org.maxkey.util.AuthorizationHeaderUtils;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.stereotype.Component
;
import
org.springframework.web.servlet.AsyncHandlerInterceptor
;
...
...
@@ -44,12 +43,10 @@ public class Oauth20ApiPermissionAdapter implements AsyncHandlerInterceptor {
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
Oauth20ApiPermissionAdapter
.
class
);
@Autowired
@Qualifier
(
"passwordReciprocal"
)
protected
PasswordReciprocal
passwordReciprocal
;
@Autowired
@Qualifier
(
"oauth20TokenServices"
)
private
DefaultTokenServices
oauth20tokenServices
;
private
DefaultTokenServices
oauth20TokenServices
;
static
ConcurrentHashMap
<
String
,
String
>
navigationsMap
=
null
;
...
...
@@ -64,7 +61,7 @@ public class Oauth20ApiPermissionAdapter implements AsyncHandlerInterceptor {
String
authorization
=
request
.
getHeader
(
AuthorizationHeaderUtils
.
HEADER_Authorization
);
String
accessToken
=
AuthorizationHeaderUtils
.
resolveBearer
(
authorization
);
OAuth2Authentication
authentication
=
oauth20
t
okenServices
.
loadAuthentication
(
accessToken
);
OAuth2Authentication
authentication
=
oauth20
T
okenServices
.
loadAuthentication
(
accessToken
);
//判断应用的accessToken信息
if
(
authentication
!=
null
){
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/RestApiPermissionAdapter.java
浏览文件 @
eb748ac8
...
...
@@ -31,7 +31,6 @@ import org.maxkey.util.StringUtils;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.authentication.ProviderManager
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.userdetails.User
;
...
...
@@ -48,12 +47,10 @@ public class RestApiPermissionAdapter implements AsyncHandlerInterceptor {
private
static
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
RestApiPermissionAdapter
.
class
);
@Autowired
@Qualifier
(
"oauth20TokenServices"
)
DefaultTokenServices
oauth20TokenServices
;
@Autowired
@Qualifier
(
"oauth20ClientAuthenticationManager"
)
ProviderManager
authenticationManager
;
ProviderManager
oauth20ClientAuthenticationManager
;
static
ConcurrentHashMap
<
String
,
String
>
navigationsMap
=
null
;
...
...
@@ -79,7 +76,7 @@ public class RestApiPermissionAdapter implements AsyncHandlerInterceptor {
new
UsernamePasswordAuthenticationToken
(
headerCredential
.
getUsername
(),
headerCredential
.
getCredential
());
authenticationToken
=
(
UsernamePasswordAuthenticationToken
)
a
uthenticationManager
.
authenticate
(
authRequest
);
authenticationToken
=
(
UsernamePasswordAuthenticationToken
)
oauth20ClientA
uthenticationManager
.
authenticate
(
authRequest
);
}
}
else
{
_logger
.
trace
(
"Authentication bearer "
+
headerCredential
.
getCredential
());
...
...
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/RolePrivilegesController.java
浏览文件 @
eb748ac8
...
...
@@ -30,7 +30,6 @@ import org.maxkey.util.StringUtils;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.ResponseEntity
;
import
org.springframework.stereotype.Controller
;
...
...
@@ -46,7 +45,6 @@ public class RolePrivilegesController {
final
static
Logger
_logger
=
LoggerFactory
.
getLogger
(
RolePrivilegesController
.
class
);
@Autowired
@Qualifier
(
"rolesService"
)
RolesService
rolesService
;
@ResponseBody
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/application-http.properties
浏览文件 @
eb748ac8
...
...
@@ -40,9 +40,11 @@ maxkey.server.persistence =0
#identity none, Kafka ,RocketMQ
maxkey.server.message.queue
=
${SERVER_MESSAGE_QUEUE:none}
maxkey.auth.jwt.expire
=
86400
maxkey.session.timeout
=
${SERVER_SESSION_TIMEOUT:1800}
maxkey.auth.jwt.expires
=
86400
maxkey.auth.jwt.issuer
=
${maxkey.server.uri}
maxkey.auth.jwt.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
maxkey.auth.jwt.refresh.secret
=
7heM-14BtxjyKPuH3ITIm7q2-ps5MuBirWCsrrdbzzSAOuSPrbQYiaJ54AeA0uH2XdkYy3hHAkTFIsieGkyqxOJZ_dQzrCbaYISH9rhUZAKYx8tUY0wkE4ArOC6LqHDJarR6UIcMsARakK9U4dhoOPO1cj74XytemI-w6ACYfzRUn_Rn4e-CQMcnD1C56oNEukwalf06xVgXl41h6K8IBEzLVod58y_VfvFn-NGWpNG0fy_Qxng6dg8Dgva2DobvzMN2eejHGLGB-x809MvC4zbG7CKNVlcrzMYDt2Gt2sOVDrt2l9YqJNfgaLFjrOEVw5cuXemGkX1MvHj6TAsbLg
############################################################################
#Login configuration #
############################################################################
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录