admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 17:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

AuthorizationUtils

Browse Source
This commit is contained in:
MaxKey 2022-04-26 21:54:46 +08:00
parent 9221064088
commit 10b964ad79
27 changed files with 120 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@ -101,14 +101,12 @@ public abstract class AbstractAuthenticationProvider {
* @return * @return
*/ */
public UsernamePasswordAuthenticationToken createOnlineTicket(LoginCredential credential,UserInfo userInfo) { public UsernamePasswordAuthenticationToken createOnlineTicket(LoginCredential credential,UserInfo userInfo) {
//Online Tickit //create session
Session onlineTicket = new Session(); Session session = new Session();
//set session with principal
SignPrincipal principal = new SignPrincipal(userInfo,session);
userInfo.setOnlineTicket(onlineTicket.getId());
SigninPrincipal principal = new SigninPrincipal(userInfo);
//set OnlineTicket
principal.setSession(onlineTicket);
ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo); ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
principal.setAuthenticated(true); principal.setAuthenticated(true);
@ -132,15 +130,15 @@ public abstract class AbstractAuthenticationProvider {
authenticationToken.setDetails( authenticationToken.setDetails(
new WebAuthenticationDetails(WebContext.getRequest())); new WebAuthenticationDetails(WebContext.getRequest()));
onlineTicket.setAuthentication(authenticationToken);
//store session
this.sessionService.store(onlineTicket.getId(), onlineTicket);
/* /*
* put Authentication to current session context * put Authentication to current session context
*/ */
AuthorizationUtils.setAuthentication(authenticationToken); session.setAuthentication(authenticationToken);
//store session
this.sessionService.store(session.getId(), session);
AuthorizationUtils.setSession(session);
return authenticationToken; return authenticationToken;
} }

23
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SigninPrincipal.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SignPrincipal.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top] * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,7 +26,7 @@ import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetails;
public class SigninPrincipal implements UserDetails { public class SignPrincipal implements UserDetails {
private static final long serialVersionUID = -110742975439268030L; private static final long serialVersionUID = -110742975439268030L;
UserInfo userInfo; UserInfo userInfo;
@ -49,13 +49,13 @@ public class SigninPrincipal implements UserDetails {
/** /**
* SigninPrincipal. * SigninPrincipal.
*/ */
public SigninPrincipal() { public SignPrincipal() {
} }
/** /**
* SigninPrincipal. * SignPrincipal.
*/ */
public SigninPrincipal(UserInfo userInfo) { public SignPrincipal(UserInfo userInfo) {
this.userInfo = userInfo; this.userInfo = userInfo;
this.authenticated = true; this.authenticated = true;
this.accountNonExpired = true; this.accountNonExpired = true;
@ -64,10 +64,21 @@ public class SigninPrincipal implements UserDetails {
this.enabled = true; this.enabled = true;
} }
public SignPrincipal(UserInfo userInfo,Session session) {
this.userInfo = userInfo;
this.authenticated = true;
this.accountNonExpired = true;
this.accountNonLocked = true;
this.credentialsNonExpired =true;
this.enabled = true;
this.session = session;
this.userInfo.setSessionId(session.getId());
}
/** /**
* SigninPrincipal. * SigninPrincipal.
*/ */
public SigninPrincipal(UserDetails userDetails) { public SignPrincipal(UserDetails userDetails) {
this.userDetails = userDetails; this.userDetails = userDetails;
this.authenticated = true; this.authenticated = true;
} }

4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java
View File

@ -21,7 +21,7 @@ import java.io.Serializable;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
@ -57,7 +57,7 @@ public class AuthJwt implements Serializable {
} }
public AuthJwt(String token, Authentication authentication) { public AuthJwt(String token, Authentication authentication) {
SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal()); SignPrincipal principal = ((SignPrincipal)authentication.getPrincipal());
this.token = token; this.token = token;
this.ticket = principal.getSession().getId(); this.ticket = principal.getSession().getId();

4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java
View File

@ -22,7 +22,7 @@ import java.util.Date;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime; import org.joda.time.DateTime;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.configuration.AuthJwkConfig; import org.maxkey.configuration.AuthJwkConfig;
import org.maxkey.crypto.jwt.HMAC512Service; import org.maxkey.crypto.jwt.HMAC512Service;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
@ -86,7 +86,7 @@ public class AuthJwtService {
* @return * @return
*/ */
public String genJwt(Authentication authentication) { public String genJwt(Authentication authentication) {
SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal()); SignPrincipal principal = ((SignPrincipal)authentication.getPrincipal());
UserInfo userInfo = principal.getUserInfo(); UserInfo userInfo = principal.getUserInfo();
DateTime currentDateTime = DateTime.now(); DateTime currentDateTime = DateTime.now();
Date expirationTime = currentDateTime.plusSeconds(authJwkConfig.getExpires()).toDate(); Date expirationTime = currentDateTime.plusSeconds(authJwkConfig.getExpires()).toDate();

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
View File

@ -21,7 +21,7 @@ import java.util.ArrayList;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService; import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
import org.maxkey.entity.Groups; import org.maxkey.entity.Groups;
import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.HistoryLogin;
@ -124,9 +124,9 @@ public abstract class AbstractAuthenticationRealm {
historyLogin.setSessionId(WebContext.genId()); historyLogin.setSessionId(WebContext.genId());
historyLogin.setSessionStatus(7); historyLogin.setSessionStatus(7);
Authentication authentication = (Authentication ) WebContext.getAttribute(WebConstants.AUTHENTICATION); Authentication authentication = (Authentication ) WebContext.getAttribute(WebConstants.AUTHENTICATION);
if(authentication.getPrincipal() instanceof SigninPrincipal) { if(authentication.getPrincipal() instanceof SignPrincipal) {
historyLogin.setSessionStatus(1); historyLogin.setSessionStatus(1);
historyLogin.setSessionId(userInfo.getOnlineTicket()); historyLogin.setSessionId(userInfo.getSessionId());
} }
_logger.debug("user session id is {} . ",historyLogin.getSessionId()); _logger.debug("user session id is {} . ",historyLogin.getSessionId());

47
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
View File

@ -22,7 +22,7 @@ import java.text.ParseException;
import javax.servlet.http.Cookie; import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionService;
@ -44,7 +44,7 @@ public class AuthorizationUtils {
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService SessionService sessionService
) throws ParseException{ ) throws ParseException{
if(getAuthentication() == null) { if(getSession() == null) {
Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie); Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
if(authCookie != null ) { if(authCookie != null ) {
String authorization = authCookie.getValue(); String authorization = authCookie.getValue();
@ -59,7 +59,7 @@ public class AuthorizationUtils {
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService SessionService sessionService
) throws ParseException{ ) throws ParseException{
if(getAuthentication() == null) { if(getSession() == null) {
String authorization = AuthorizationHeaderUtils.resolveBearer(request); String authorization = AuthorizationHeaderUtils.resolveBearer(request);
if(authorization != null ) { if(authorization != null ) {
doJwtAuthenticate(authorization,authJwtService,sessionService); doJwtAuthenticate(authorization,authJwtService,sessionService);
@ -73,48 +73,63 @@ public class AuthorizationUtils {
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService) throws ParseException { SessionService sessionService) throws ParseException {
if(authJwtService.validateJwtToken(authorization)) { if(authJwtService.validateJwtToken(authorization)) {
String ticket = authJwtService.resolveJWTID(authorization); String sessionId = authJwtService.resolveJWTID(authorization);
Session onlineTicket = sessionService.get(ticket); Session session = sessionService.get(sessionId);
if(onlineTicket != null) { if(session != null) {
setAuthentication(onlineTicket.getAuthentication()); setSession(session);
setAuthentication(session.getAuthentication());
} }
} }
} }
public static void setAuthentication(Authentication authentication) { public static void setSession(Session session) {
WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication); WebContext.setAttribute(WebConstants.SESSION, session);
}
public static Session getSession() {
Session session = getSession(WebContext.getRequest());
return session;
}
public static Session getSession(HttpServletRequest request) {
Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
return session;
} }
public static Authentication getAuthentication() { public static Authentication getAuthentication() {
Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest()); Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest());
return authentication; return authentication;
} }
public static Authentication getAuthentication(HttpServletRequest request) { public static Authentication getAuthentication(HttpServletRequest request) {
Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION); Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION);
return authentication; return authentication;
} }
public static void setAuthentication(Authentication authentication) {
WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication);
}
public static boolean isAuthenticated() { public static boolean isAuthenticated() {
return getAuthentication() != null; return getSession() != null;
} }
public static boolean isNotAuthenticated() { public static boolean isNotAuthenticated() {
return ! isAuthenticated(); return ! isAuthenticated();
} }
public static SigninPrincipal getPrincipal() { public static SignPrincipal getPrincipal() {
Authentication authentication = getAuthentication(); Authentication authentication = getAuthentication();
return getPrincipal(authentication); return getPrincipal(authentication);
} }
public static SigninPrincipal getPrincipal(Authentication authentication) { public static SignPrincipal getPrincipal(Authentication authentication) {
return authentication == null ? null : (SigninPrincipal) authentication.getPrincipal(); return authentication == null ? null : (SignPrincipal) authentication.getPrincipal();
} }
public static UserInfo getUserInfo(Authentication authentication) { public static UserInfo getUserInfo(Authentication authentication) {
UserInfo userInfo = null; UserInfo userInfo = null;
SigninPrincipal principal = getPrincipal(authentication); SignPrincipal principal = getPrincipal(authentication);
if(principal != null ) { if(principal != null ) {
userInfo = principal.getUserInfo(); userInfo = principal.getUserInfo();
} }

4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java
View File

@ -22,7 +22,7 @@ import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionEvent; import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener; import javax.servlet.http.HttpSessionListener;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.util.DateUtils; import org.maxkey.util.DateUtils;
import org.maxkey.web.WebConstants; import org.maxkey.web.WebConstants;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -53,7 +53,7 @@ public class SessionListenerAdapter implements HttpSessionListener {
public void sessionDestroyed(HttpSessionEvent sessionEvent) { public void sessionDestroyed(HttpSessionEvent sessionEvent) {
HttpSession session = sessionEvent.getSession(); HttpSession session = sessionEvent.getSession();
Authentication authentication = (Authentication ) session.getAttribute(WebConstants.AUTHENTICATION); Authentication authentication = (Authentication ) session.getAttribute(WebConstants.AUTHENTICATION);
SigninPrincipal principal = AuthorizationUtils.getPrincipal(authentication); SignPrincipal principal = AuthorizationUtils.getPrincipal(authentication);
if(principal != null ) { if(principal != null ) {
_logger.trace("{} HttpSession Id {} for userId {} , username {} @Ticket {} Destroyed" , _logger.trace("{} HttpSession Id {} for userId {} , username {} @Ticket {} Destroyed" ,
DateUtils.formatDateTime(new Date()), DateUtils.formatDateTime(new Date()),

4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
View File

@ -21,7 +21,7 @@ import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionService;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
@ -60,7 +60,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.trace("Permission Interceptor ."); _logger.trace("Permission Interceptor .");
AuthorizationUtils.authenticate(request, authJwtService, sessionService); AuthorizationUtils.authenticate(request, authJwtService, sessionService);
SigninPrincipal principal = AuthorizationUtils.getPrincipal(); SignPrincipal principal = AuthorizationUtils.getPrincipal();
//判断用户是否登录,判断用户是否登录用户 //判断用户是否登录,判断用户是否登录用户
if(principal == null){ if(principal == null){
_logger.trace("No Authentication ... forward to /auth/entrypoint"); _logger.trace("No Authentication ... forward to /auth/entrypoint");

10
maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
View File

@ -46,7 +46,7 @@ public class UserInfo extends JpaBaseEntity {
public static final String DEFAULT_PASSWORD_SUFFIX = "MaxKey@888"; public static final String DEFAULT_PASSWORD_SUFFIX = "MaxKey@888";
String onlineTicket; String sessionId;
// //
@Id @Id
@ -384,12 +384,12 @@ public class UserInfo extends JpaBaseEntity {
this.id = id; this.id = id;
} }
public String getOnlineTicket() { public String getSessionId() {
return onlineTicket; return sessionId;
} }
public void setOnlineTicket(String onlineTicket) { public void setSessionId(String sessionId) {
this.onlineTicket = onlineTicket; this.sessionId = sessionId;
} }
/** /**

2
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
View File

@ -81,6 +81,8 @@ public class WebConstants {
public static final String AUTHENTICATION = "current_authentication"; public static final String AUTHENTICATION = "current_authentication";
public static final String SESSION = "current_session";
public static final String THEME_COOKIE_NAME = "mxk_theme_value"; public static final String THEME_COOKIE_NAME = "mxk_theme_value";
public static final String LOGIN_ERROR_SESSION_MESSAGE public static final String LOGIN_ERROR_SESSION_MESSAGE

6
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java
View File

@ -20,7 +20,7 @@ package org.maxkey.authz.endpoint.adapter;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import org.apache.commons.codec.binary.Hex; import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.constants.ConstsBoolean; import org.maxkey.constants.ConstsBoolean;
import org.maxkey.crypto.Base64Utils; import org.maxkey.crypto.Base64Utils;
import org.maxkey.crypto.ReciprocalUtils; import org.maxkey.crypto.ReciprocalUtils;
@ -44,7 +44,7 @@ public abstract class AbstractAuthorizeAdapter {
protected Accounts account; protected Accounts account;
protected SigninPrincipal principal; protected SignPrincipal principal;
public abstract Object generateInfo(); public abstract Object generateInfo();
@ -127,7 +127,7 @@ public abstract class AbstractAuthorizeAdapter {
return ""; return "";
}; };
public void setPrincipal(SigninPrincipal principal) { public void setPrincipal(SignPrincipal principal) {
this.principal = principal; this.principal = principal;
this.userInfo = principal.getUserInfo(); this.userInfo = principal.getUserInfo();
} }

4
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java
View File

@ -20,7 +20,7 @@ package org.maxkey.authz.singlelogout;
import java.util.HashMap; import java.util.HashMap;
import java.util.UUID; import java.util.UUID;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.entity.apps.Apps; import org.maxkey.entity.apps.Apps;
import org.maxkey.util.DateUtils; import org.maxkey.util.DateUtils;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
logoutParameters.put("principal", authentication.getName()); logoutParameters.put("principal", authentication.getName());
logoutParameters.put("request", "logoutRequest"); logoutParameters.put("request", "logoutRequest");
logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP)); logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
logoutParameters.put("ticket", ((SigninPrincipal)authentication.getPrincipal()).getSession().getFormattedId()); logoutParameters.put("ticket", ((SignPrincipal)authentication.getPrincipal()).getSession().getFormattedId());
postMessage(logoutApp.getLogoutUrl(),logoutParameters); postMessage(logoutApp.getLogoutUrl(),logoutParameters);
} }

4
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
View File

@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder; import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants; import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.Ticket; import org.maxkey.authz.cas.endpoint.ticket.Ticket;
@ -105,7 +105,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
} }
if(storedTicket != null){ if(storedTicket != null){
String principal=((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername(); String principal=((SignPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername();
_logger.debug("principal "+principal); _logger.debug("principal "+principal);
return new Service10ResponseBuilder().success() return new Service10ResponseBuilder().success()
.setUser(principal) .setUser(principal)

6
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
View File

@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.apache.commons.beanutils.BeanUtils; import org.apache.commons.beanutils.BeanUtils;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants; import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
@ -204,7 +204,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){ if(storedTicket!=null){
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
if(StringUtils.isNotBlank(pgtUrl)) { if(StringUtils.isNotBlank(pgtUrl)) {
ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl(); ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl); String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
@ -332,7 +332,7 @@ Response on ticket validation failure:
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){ if(storedTicket!=null){
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter()); Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter());
try { try {

6
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
View File

@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.apache.commons.beanutils.BeanUtils; import org.apache.commons.beanutils.BeanUtils;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder; import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants; import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
@ -86,7 +86,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){ if(storedTicket!=null){
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
if(StringUtils.isNotBlank(pgtUrl)) { if(StringUtils.isNotBlank(pgtUrl)) {
ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl(); ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl); String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
@ -177,7 +177,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder(); ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){ if(storedTicket!=null){
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()); SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter()); Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter());
try { try {

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
View File

@ -15,7 +15,7 @@ package org.maxkey.authz.oauth2.provider;
import java.util.ArrayList; import java.util.ArrayList;
import org.maxkey.authn.AbstractAuthenticationProvider; import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.maxkey.persistence.repository.LoginRepository; import org.maxkey.persistence.repository.LoginRepository;
@ -47,7 +47,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase(); String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
SigninPrincipal principal = new SigninPrincipal(userInfo); SignPrincipal principal = new SignPrincipal(userInfo);
Session onlineTicket = new Session(onlineTickitId); Session onlineTicket = new Session(onlineTickitId);
//set OnlineTicket //set OnlineTicket
principal.setSession(onlineTicket); principal.setSession(onlineTicket);

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java
View File

@ -93,7 +93,7 @@ public class OAuth20AccessConfirmationEndpoint {
try { try {
// Map<String, Object> model // Map<String, Object> model
AuthorizationRequest clientAuth = AuthorizationRequest clientAuth =
(AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest"); (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true); ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true);
model.put("oauth_approval", WebContext.genId()); model.put("oauth_approval", WebContext.genId());
model.put("auth_request", clientAuth); model.put("auth_request", clientAuth);
@ -139,7 +139,7 @@ public class OAuth20AccessConfirmationEndpoint {
if(StringUtils.isNotBlank(oauth_approval)) { if(StringUtils.isNotBlank(oauth_approval)) {
try { try {
AuthorizationRequest clientAuth = AuthorizationRequest clientAuth =
(AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest"); (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true); ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true);
Apps app = appsService.get(client.getClientId(),true); Apps app = appsService.get(client.getClientId(),true);

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
View File

@ -227,7 +227,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
// Place auth request into the model so that it is stored in the session // Place auth request into the model so that it is stored in the session
// for approveOrDeny to use. That way we make sure that auth request comes from the session, // for approveOrDeny to use. That way we make sure that auth request comes from the session,
// so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session. // so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
momentaryService.put(currentUser.getOnlineTicket(), "authorizationRequest", authorizationRequest); momentaryService.put(currentUser.getSessionId(), "authorizationRequest", authorizationRequest);
return getUserApprovalPageResponse(model, authorizationRequest, (Authentication) principal); return getUserApprovalPageResponse(model, authorizationRequest, (Authentication) principal);
@ -255,7 +255,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
"User must be authenticated with Spring Security before authorizing an access token."); "User must be authenticated with Spring Security before authorizing an access token.");
} }
AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest"); AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
if (authorizationRequest == null) { if (authorizationRequest == null) {
sessionStatus.setComplete(); sessionStatus.setComplete();

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
View File

@ -22,7 +22,7 @@ import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken; import org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken;
import org.maxkey.authz.oauth2.common.OAuth2AccessToken; import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
@ -196,7 +196,7 @@ public class TokenEndpoint extends AbstractEndpoint {
clientId = ((OAuth2Authentication) client).getOAuth2Request().getClientId(); clientId = ((OAuth2Authentication) client).getOAuth2Request().getClientId();
} }
if (client instanceof UsernamePasswordAuthenticationToken) { if (client instanceof UsernamePasswordAuthenticationToken) {
clientId = ((SigninPrincipal)client.getPrincipal()).getUsername(); clientId = ((SignPrincipal)client.getPrincipal()).getUsername();
} }
return clientId; return clientId;
} }

10
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
View File

@ -31,7 +31,7 @@ import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.common.OAuth2Constants;
import org.maxkey.authz.oauth2.common.util.OAuth2Utils; import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
@ -145,13 +145,13 @@ public class TokenEndpointAuthenticationFilter implements Filter {
}else { }else {
Authentication authentication=ClientCredentials(request,response); Authentication authentication=ClientCredentials(request,response);
_logger.trace("getPrincipal " + authentication.getPrincipal().getClass()); _logger.trace("getPrincipal " + authentication.getPrincipal().getClass());
SigninPrincipal auth = null; SignPrincipal auth = null;
if(authentication.getPrincipal() instanceof SigninPrincipal) { if(authentication.getPrincipal() instanceof SignPrincipal) {
//authorization_code //authorization_code
auth = (SigninPrincipal)authentication.getPrincipal(); auth = (SignPrincipal)authentication.getPrincipal();
}else { }else {
//client_credentials //client_credentials
auth =new SigninPrincipal((User)authentication.getPrincipal()); auth =new SignPrincipal((User)authentication.getPrincipal());
} }
auth.setAuthenticated(true); auth.setAuthenticated(true);
UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities()); UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities());

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
View File

@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.beanutils.BeanUtils; import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.common.OAuth2Constants;
import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception; import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
@ -114,7 +114,7 @@ public class UserInfoEndpoint {
}else{ }else{
adapter =(AbstractAuthorizeAdapter)new OAuthDefaultUserInfoAdapter(clientDetails); adapter =(AbstractAuthorizeAdapter)new OAuthDefaultUserInfoAdapter(clientDetails);
} }
adapter.setPrincipal((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal()); adapter.setPrincipal((SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal());
adapter.setApp(app); adapter.setApp(app);
Object jsonData = adapter.generateInfo(); Object jsonData = adapter.generateInfo();

6
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
View File

@ -28,7 +28,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.common.OAuth2Constants;
import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception; import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
@ -113,7 +113,7 @@ public class UserInfoOIDCEndpoint {
try{ try{
oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token); oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token);
principal=((SigninPrincipal)oAuth2Authentication.getPrincipal()).getUsername(); principal=((SignPrincipal)oAuth2Authentication.getPrincipal()).getUsername();
Set<String >scopes = oAuth2Authentication.getOAuth2Request().getScope(); Set<String >scopes = oAuth2Authentication.getOAuth2Request().getScope();
ClientDetails clientDetails = ClientDetails clientDetails =
@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint {
String userJson = ""; String userJson = "";
Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder(); Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
SigninPrincipal authentication = (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(); SignPrincipal authentication = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject()); String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject());
_logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" , _logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" ,

2
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
View File

@ -86,7 +86,7 @@ public class LoginSessionController {
try { try {
for(String sessionId : StringUtils.string2List(ids, ",")) { for(String sessionId : StringUtils.string2List(ids, ",")) {
_logger.trace("terminate session Id {} ",sessionId); _logger.trace("terminate session Id {} ",sessionId);
if(currentUser.getOnlineTicket().contains(sessionId)) { if(currentUser.getSessionId().contains(sessionId)) {
continue;//skip current session continue;//skip current session
} }

12
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
View File

@ -54,10 +54,10 @@ public class LogoutEndpoint {
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){ public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
//if logined in have onlineTicket ,need remove or logout back //if logined in have onlineTicket ,need remove or logout back
String onlineTicketId = currentUser.getOnlineTicket(); String sessionId = currentUser.getSessionId();
Session onlineTicket = sessionService.get(onlineTicketId); Session session = sessionService.get(sessionId);
if(onlineTicket != null) { if(session != null) {
Set<Entry<String, Apps>> entrySet = onlineTicket.getAuthorizedApps().entrySet(); Set<Entry<String, Apps>> entrySet = session.getAuthorizedApps().entrySet();
Iterator<Entry<String, Apps>> iterator = entrySet.iterator(); Iterator<Entry<String, Apps>> iterator = entrySet.iterator();
while (iterator.hasNext()) { while (iterator.hasNext()) {
@ -70,12 +70,12 @@ public class LogoutEndpoint {
}else { }else {
singleLogout = new DefaultSingleLogout(); singleLogout = new DefaultSingleLogout();
} }
singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue()); singleLogout.sendRequest(session.getAuthentication(), mapEntry.getValue());
} }
} }
sessionService.terminate( sessionService.terminate(
onlineTicketId, session.getId(),
currentUser.getId(), currentUser.getId(),
currentUser.getUsername()); currentUser.getUsername());
} }

6
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
View File

@ -20,7 +20,7 @@ package org.maxkey.web.interceptor;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SigninPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.entity.HistoryLoginApps; import org.maxkey.entity.HistoryLoginApps;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
@ -56,7 +56,7 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor {
throws Exception { throws Exception {
_logger.debug("preHandle"); _logger.debug("preHandle");
final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP); final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
SigninPrincipal principal = AuthorizationUtils.getPrincipal(); SignPrincipal principal = AuthorizationUtils.getPrincipal();
if(principal != null && app !=null) { if(principal != null && app !=null) {
if(principal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) { if(principal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) {
_logger.trace("preHandle have authority access " + app); _logger.trace("preHandle have authority access " + app);
@ -81,7 +81,7 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor {
final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP); final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
SigninPrincipal principal = AuthorizationUtils.getPrincipal(); SignPrincipal principal = AuthorizationUtils.getPrincipal();
if(principal != null && app !=null) { if(principal != null && app !=null) {
final UserInfo userInfo = principal.getUserInfo(); final UserInfo userInfo = principal.getUserInfo();
String sessionId = principal.getSession().getId(); String sessionId = principal.getSession().getId();

2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
View File

@ -87,7 +87,7 @@ public class LoginSessionController {
try { try {
for(String sessionId : StringUtils.string2List(ids, ",")) { for(String sessionId : StringUtils.string2List(ids, ",")) {
_logger.trace("terminate session Id {} ",sessionId); _logger.trace("terminate session Id {} ",sessionId);
if(currentUser.getOnlineTicket().contains(sessionId)) { if(currentUser.getSessionId().contains(sessionId)) {
continue;//skip current session continue;//skip current session
} }
sessionService.terminate(sessionId,currentUser.getId(),currentUser.getUsername()); sessionService.terminate(sessionId,currentUser.getId(),currentUser.getUsername());

2
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
View File

@ -36,7 +36,7 @@ public class LogoutEndpoint {
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){ public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
sessionService.terminate( sessionService.terminate(
currentUser.getOnlineTicket(), currentUser.getSessionId(),
currentUser.getId(), currentUser.getId(),
currentUser.getUsername()); currentUser.getUsername());
return new Message<String>().buildResponse(); return new Message<String>().buildResponse();