OAuth2 grant_type=password fix

2025-12-07 17:38:32 +08:00 · 2020-12-19 11:16:08 +08:00 · 2020-12-19 11:16:08 +08:00 · 3497aa5d26
commit 3497aa5d26
parent ba681ed7ca
3 changed files with 50 additions and 8 deletions
--- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@ -70,7 +70,7 @@ public abstract class AbstractAuthenticationProvider {
    @Qualifier("onlineTicketServices")
    protected OnlineTicketServices onlineTicketServices;
-    static  ArrayList<GrantedAuthority> grantedAdministratorsAuthoritys = new ArrayList<GrantedAuthority>();
+    public static  ArrayList<GrantedAuthority> grantedAdministratorsAuthoritys = new ArrayList<GrantedAuthority>();
    static {
        grantedAdministratorsAuthoritys.add(new SimpleGrantedAuthority("ROLE_ADMINISTRATORS"));
--- a/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java
@ -37,6 +37,14 @@ public class SigninPrincipal implements  UserDetails {
    ArrayList<GrantedAuthority> grantedAuthorityApps;
    boolean authenticated;
    boolean roleAdministrators;
 	private  boolean accountNonExpired;
 	private  boolean accountNonLocked;
 	private  boolean credentialsNonExpired;
 	private  boolean enabled;
    /**
     * SigninPrincipal.
@ -50,6 +58,10 @@ public class SigninPrincipal implements  UserDetails {
    public SigninPrincipal(UserInfo userInfo) {
        this.userInfo = userInfo;
        this.authenticated = true;
        this.accountNonExpired = true;
        this.accountNonLocked  = true;
        this.credentialsNonExpired =true;
        this.enabled = true;
    }
    /**
@ -116,22 +128,22 @@ public class SigninPrincipal implements  UserDetails {
    @Override
    public boolean isAccountNonExpired() {
-        return false;
+        return this.accountNonExpired;
    }
    @Override
    public boolean isAccountNonLocked() {
-        return false;
+        return this.accountNonLocked;
    }
    @Override
    public boolean isCredentialsNonExpired() {
-        return false;
+        return this.credentialsNonExpired;
    }
    @Override
    public boolean isEnabled() {
-        return false;
+        return this.enabled;
    }
    public ArrayList<GrantedAuthority> getGrantedAuthorityApps() {
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
@ -12,9 +12,19 @@
 */
 package org.maxkey.authz.oauth2.provider;
 import java.util.ArrayList;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authn.online.OnlineTicket;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.persistence.db.LoginService;
-import org.springframework.security.core.userdetails.User;
+import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
@ -24,7 +34,8 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 * 
 */
 public class OAuth2UserDetailsService implements UserDetailsService {
-
+	 private static final Logger _logger = 
 	            LoggerFactory.getLogger(OAuth2UserDetailsService.class);
    LoginService loginService;
@ -42,8 +53,27 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 			throw new UsernameNotFoundException(e.getMessage(), e);
 		}
 		String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
-		return new User(username, userInfo.getPassword(), loginService.grantAuthority(userInfo));
+		SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
 		OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
 		//set OnlineTicket
        signinPrincipal.setOnlineTicket(onlineTicket);
        ArrayList<GrantedAuthority> grantedAuthoritys = loginService.grantAuthority(userInfo);
        signinPrincipal.setAuthenticated(true);
        for(GrantedAuthority administratorsAuthority : AbstractAuthenticationProvider.grantedAdministratorsAuthoritys) {
            if(grantedAuthoritys.contains(administratorsAuthority)) {
                signinPrincipal.setRoleAdministrators(true);
                _logger.trace("ROLE ADMINISTRATORS Authentication .");
            }
        }
        _logger.debug("Granted Authority " + grantedAuthoritys);
        signinPrincipal.setGrantedAuthorityApps(grantedAuthoritys);
 		return signinPrincipal;
 	}
 }