admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-08 09:58:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

OAuth20 update clientSecret Fix

Browse Source 
OAuth20 update  clientSecret Fix
This commit is contained in:
shimingxy 2020-06-05 15:22:08 +08:00
parent 173f5cdfb8
commit 4ab7dccca0
3 changed files with 555 additions and 578 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

659
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java
View File

@ -5,347 +5,322 @@ import javax.persistence.Table;
import org.maxkey.domain.apps.oauth2.provider.client.BaseClientDetails; import org.maxkey.domain.apps.oauth2.provider.client.BaseClientDetails;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
@Table(name = "APPS_OAUTH_CLIENT_DETAILS")
public class AppsOAuth20Details extends Apps {
/**
*
*/
private static final long serialVersionUID = 6786113671104069370L;
private String clientId;
private String clientSecret;
private String scope;
private String resourceIds;
private String authorizedGrantTypes;
private String registeredRedirectUris;
private String authorities;
private Integer accessTokenValiditySeconds;
private Integer refreshTokenValiditySeconds;
private String approvalPrompt;
// for OpenID Connect
private String idTokenSigningAlgorithm;
private String idTokenEncryptedAlgorithm;
private String idTokenEncryptionMethod;
private String userInfoSigningAlgorithm;
private String userInfoEncryptedAlgorithm;
private String userInfoEncryptionMethod;
private String jwksUri;
/**
*
*/
public AppsOAuth20Details() {
super();
}
/**
*
*/
public AppsOAuth20Details(Apps application, BaseClientDetails baseClientDetails) {
super();
this.id = application.getId();
this.setName(application.getName());
this.setLoginUrl(application.getLoginUrl());
this.setCategory(application.getCategory());
this.setProtocol(application.getProtocol());
this.setIcon(application.getIcon());
this.clientId = application.getId();
this.setSortIndex(application.getSortIndex());
this.setVendor(application.getVendor());
this.setVendorUrl(application.getVendorUrl());
this.clientSecret = baseClientDetails.getClientSecret();
this.scope = baseClientDetails.getScope().toString();
this.resourceIds = baseClientDetails.getResourceIds().toString();
this.authorizedGrantTypes = baseClientDetails.getAuthorizedGrantTypes().toString();
this.registeredRedirectUris = StringUtils
.collectionToCommaDelimitedString(baseClientDetails.getRegisteredRedirectUri());
this.authorities = baseClientDetails.getAuthorities().toString();
this.accessTokenValiditySeconds = baseClientDetails.getAccessTokenValiditySeconds();
this.refreshTokenValiditySeconds = baseClientDetails.getRefreshTokenValiditySeconds();
this.approvalPrompt = baseClientDetails.isAutoApprove("all") + "";
this.idTokenEncryptedAlgorithm = baseClientDetails.getIdTokenEncryptedAlgorithm();
this.idTokenEncryptionMethod = baseClientDetails.getIdTokenEncryptionMethod();
this.idTokenSigningAlgorithm = baseClientDetails.getIdTokenSigningAlgorithm();
this.userInfoEncryptedAlgorithm = baseClientDetails.getUserInfoEncryptedAlgorithm();
this.userInfoEncryptionMethod = baseClientDetails.getUserInfoEncryptionMethod();
this.userInfoSigningAlgorithm = baseClientDetails.getUserInfoSigningAlgorithm();
this.jwksUri = baseClientDetails.getJwksUri();
}
/**
* @return the clientId
*/
public String getClientId() {
return clientId;
}
/**
* @return the approvalPrompt
*/
public String getApprovalPrompt() {
return approvalPrompt;
}
/**
* @param approvalPrompt the approvalPrompt to set
*/
public void setApprovalPrompt(String approvalPrompt) {
this.approvalPrompt = approvalPrompt;
}
/**
* @param clientId the clientId to set
*/
public void setClientId(String clientId) {
this.clientId = clientId;
}
/**
* @return the clientSecret
*/
public String getClientSecret() {
return clientSecret;
}
/**
* @param clientSecret the clientSecret to set
*/
public void setClientSecret(String clientSecret) {
this.clientSecret = clientSecret;
}
/**
* @return the scope
*/
public String getScope() {
return scope;
}
/**
* @param scope the scope to set
*/
public void setScope(String scope) {
this.scope = scope;
}
/**
* @return the resourceIds
*/
public String getResourceIds() {
return resourceIds;
}
/**
* @param resourceIds the resourceIds to set
*/
public void setResourceIds(String resourceIds) {
this.resourceIds = resourceIds;
}
/**
* @return the authorizedGrantTypes
*/
public String getAuthorizedGrantTypes() {
return authorizedGrantTypes;
}
/**
* @param authorizedGrantTypes the authorizedGrantTypes to set
*/
public void setAuthorizedGrantTypes(String authorizedGrantTypes) {
this.authorizedGrantTypes = authorizedGrantTypes;
}
/**
* @return the registeredRedirectUris
*/
public String getRegisteredRedirectUris() {
return registeredRedirectUris;
}
/**
* @param registeredRedirectUris the registeredRedirectUris to set
*/
public void setRegisteredRedirectUris(String registeredRedirectUris) {
this.registeredRedirectUris = registeredRedirectUris;
}
/**
* @return the authorities
*/
public String getAuthorities() {
return authorities;
}
/**
* @param authorities the authorities to set
*/
public void setAuthorities(String authorities) {
this.authorities = authorities;
}
/**
* @return the accessTokenValiditySeconds
*/
public Integer getAccessTokenValiditySeconds() {
return accessTokenValiditySeconds;
}
/**
* @param accessTokenValiditySeconds the accessTokenValiditySeconds to set
*/
public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
this.accessTokenValiditySeconds = accessTokenValiditySeconds;
}
/**
* @return the refreshTokenValiditySeconds
*/
public Integer getRefreshTokenValiditySeconds() {
return refreshTokenValiditySeconds;
}
/**
* @param refreshTokenValiditySeconds the refreshTokenValiditySeconds to set
*/
public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
this.refreshTokenValiditySeconds = refreshTokenValiditySeconds;
}
public String getIdTokenSigningAlgorithm() {
return idTokenSigningAlgorithm;
}
public void setIdTokenSigningAlgorithm(String idTokenSigningAlgorithm) {
this.idTokenSigningAlgorithm = idTokenSigningAlgorithm;
}
public String getIdTokenEncryptedAlgorithm() {
return idTokenEncryptedAlgorithm;
}
public void setIdTokenEncryptedAlgorithm(String idTokenEncryptedAlgorithm) {
this.idTokenEncryptedAlgorithm = idTokenEncryptedAlgorithm;
}
public String getIdTokenEncryptionMethod() {
return idTokenEncryptionMethod;
}
public void setIdTokenEncryptionMethod(String idTokenEncryptionMethod) {
this.idTokenEncryptionMethod = idTokenEncryptionMethod;
}
public String getUserInfoSigningAlgorithm() {
return userInfoSigningAlgorithm;
}
public void setUserInfoSigningAlgorithm(String userInfoSigningAlgorithm) {
this.userInfoSigningAlgorithm = userInfoSigningAlgorithm;
}
public String getUserInfoEncryptedAlgorithm() {
return userInfoEncryptedAlgorithm;
}
public void setUserInfoEncryptedAlgorithm(String userInfoEncryptedAlgorithm) {
this.userInfoEncryptedAlgorithm = userInfoEncryptedAlgorithm;
}
public String getUserInfoEncryptionMethod() {
return userInfoEncryptionMethod;
}
public void setUserInfoEncryptionMethod(String userInfoEncryptionMethod) {
this.userInfoEncryptionMethod = userInfoEncryptionMethod;
}
public String getJwksUri() {
return jwksUri;
}
public void setJwksUri(String jwksUri) {
this.jwksUri = jwksUri;
}
public BaseClientDetails clientDetailsRowMapper() {
BaseClientDetails baseClientDetails = new BaseClientDetails(this.getId(), this.getId(), this.getScope(),
this.getAuthorizedGrantTypes(), "ROLE_CLIENT, ROLE_TRUSTED_CLIENT", this.getRegisteredRedirectUris());
baseClientDetails.setAccessTokenValiditySeconds(this.getAccessTokenValiditySeconds());
baseClientDetails.setRefreshTokenValiditySeconds(this.getRefreshTokenValiditySeconds());
baseClientDetails.setClientSecret(this.getClientSecret());
baseClientDetails.setAutoApproveScopes(baseClientDetails.getScope());
baseClientDetails.setIdTokenEncryptedAlgorithm(this.getIdTokenEncryptedAlgorithm());
baseClientDetails.setIdTokenEncryptionMethod(this.getIdTokenEncryptionMethod());
baseClientDetails.setIdTokenSigningAlgorithm(this.getIdTokenSigningAlgorithm());
baseClientDetails.setUserInfoEncryptedAlgorithm(this.getUserInfoEncryptedAlgorithm());
baseClientDetails.setUserInfoEncryptionMethod(this.getUserInfoEncryptionMethod());
baseClientDetails.setUserInfoSigningAlgorithm(this.getUserInfoSigningAlgorithm());
baseClientDetails.setJwksUri(this.getJwksUri());
return baseClientDetails;
}
/*
* (non-Javadoc)
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "OAuth20Details [clientId=" + clientId + ", clientSecret=" + clientSecret + ", scope=" + scope
+ ", resourceIds=" + resourceIds + ", authorizedGrantTypes=" + authorizedGrantTypes
+ ", registeredRedirectUris=" + registeredRedirectUris + ", authorities=" + authorities
+ ", accessTokenValiditySeconds=" + accessTokenValiditySeconds + ", refreshTokenValiditySeconds="
+ refreshTokenValiditySeconds + "]";
}
@Table(name = "APPS_OAUTH_CLIENT_DETAILS")
public class AppsOAuth20Details extends Apps {
/**
*
*/
private static final long serialVersionUID = 6786113671104069370L;
private String clientId;
private String clientSecret;
private String scope ;
private String resourceIds ;
private String authorizedGrantTypes;
private String registeredRedirectUris;
private String authorities ;
private Integer accessTokenValiditySeconds;
private Integer refreshTokenValiditySeconds;
private String approvalPrompt;
//for OpenID Connect
private String idTokenSigningAlgorithm;
private String idTokenEncryptedAlgorithm;
private String idTokenEncryptionMethod;
private String userInfoSigningAlgorithm;
private String userInfoEncryptedAlgorithm;
private String userInfoEncryptionMethod;
private String jwksUri;
/**
*
*/
public AppsOAuth20Details() {
super();
}
/**
*
*/
public AppsOAuth20Details(Apps application,BaseClientDetails baseClientDetails) {
super();
this.id=application.getId();
this.setName(application.getName());
this.setLoginUrl(application.getLoginUrl());
this.setCategory(application.getCategory());
this.setProtocol(application.getProtocol());
this.setIcon(application.getIcon());
this.clientId=application.getId();
this.setSortIndex(application.getSortIndex());
this.setVendor(application.getVendor());
this.setVendorUrl(application.getVendorUrl());
this.clientSecret=baseClientDetails.getClientSecret();
this.scope=baseClientDetails.getScope().toString();
this.resourceIds=baseClientDetails.getResourceIds().toString();
this.authorizedGrantTypes=baseClientDetails.getAuthorizedGrantTypes().toString();
this.registeredRedirectUris=StringUtils.collectionToCommaDelimitedString(baseClientDetails.getRegisteredRedirectUri());
this.authorities=baseClientDetails.getAuthorities().toString();
this.accessTokenValiditySeconds=baseClientDetails.getAccessTokenValiditySeconds();
this.refreshTokenValiditySeconds=baseClientDetails.getRefreshTokenValiditySeconds();
this.approvalPrompt=baseClientDetails.isAutoApprove("all")+"";
this.idTokenEncryptedAlgorithm=baseClientDetails.getIdTokenEncryptedAlgorithm();
this.idTokenEncryptionMethod=baseClientDetails.getIdTokenEncryptionMethod();
this.idTokenSigningAlgorithm=baseClientDetails.getIdTokenSigningAlgorithm();
this.userInfoEncryptedAlgorithm=baseClientDetails.getUserInfoEncryptedAlgorithm();
this.userInfoEncryptionMethod=baseClientDetails.getUserInfoEncryptionMethod();
this.userInfoSigningAlgorithm=baseClientDetails.getUserInfoSigningAlgorithm();
this.jwksUri=baseClientDetails.getJwksUri();
}
/**
* @return the clientId
*/
public String getClientId() {
return clientId;
}
/**
* @return the approvalPrompt
*/
public String getApprovalPrompt() {
return approvalPrompt;
}
/**
* @param approvalPrompt the approvalPrompt to set
*/
public void setApprovalPrompt(String approvalPrompt) {
this.approvalPrompt = approvalPrompt;
}
/**
* @param clientId the clientId to set
*/
public void setClientId(String clientId) {
this.clientId = clientId;
}
/**
* @return the clientSecret
*/
public String getClientSecret() {
return clientSecret;
}
/**
* @param clientSecret the clientSecret to set
*/
public void setClientSecret(String clientSecret) {
this.clientSecret = clientSecret;
}
/**
* @return the scope
*/
public String getScope() {
return scope;
}
/**
* @param scope the scope to set
*/
public void setScope(String scope) {
this.scope = scope;
}
/**
* @return the resourceIds
*/
public String getResourceIds() {
return resourceIds;
}
/**
* @param resourceIds the resourceIds to set
*/
public void setResourceIds(String resourceIds) {
this.resourceIds = resourceIds;
}
/**
* @return the authorizedGrantTypes
*/
public String getAuthorizedGrantTypes() {
return authorizedGrantTypes;
}
/**
* @param authorizedGrantTypes the authorizedGrantTypes to set
*/
public void setAuthorizedGrantTypes(String authorizedGrantTypes) {
this.authorizedGrantTypes = authorizedGrantTypes;
}
/**
* @return the registeredRedirectUris
*/
public String getRegisteredRedirectUris() {
return registeredRedirectUris;
}
/**
* @param registeredRedirectUris the registeredRedirectUris to set
*/
public void setRegisteredRedirectUris(String registeredRedirectUris) {
this.registeredRedirectUris = registeredRedirectUris;
}
/**
* @return the authorities
*/
public String getAuthorities() {
return authorities;
}
/**
* @param authorities the authorities to set
*/
public void setAuthorities(String authorities) {
this.authorities = authorities;
}
/**
* @return the accessTokenValiditySeconds
*/
public Integer getAccessTokenValiditySeconds() {
return accessTokenValiditySeconds;
}
/**
* @param accessTokenValiditySeconds the accessTokenValiditySeconds to set
*/
public void setAccessTokenValiditySeconds(Integer accessTokenValiditySeconds) {
this.accessTokenValiditySeconds = accessTokenValiditySeconds;
}
/**
* @return the refreshTokenValiditySeconds
*/
public Integer getRefreshTokenValiditySeconds() {
return refreshTokenValiditySeconds;
}
/**
* @param refreshTokenValiditySeconds the refreshTokenValiditySeconds to set
*/
public void setRefreshTokenValiditySeconds(Integer refreshTokenValiditySeconds) {
this.refreshTokenValiditySeconds = refreshTokenValiditySeconds;
}
public String getIdTokenSigningAlgorithm() {
return idTokenSigningAlgorithm;
}
public void setIdTokenSigningAlgorithm(String idTokenSigningAlgorithm) {
this.idTokenSigningAlgorithm = idTokenSigningAlgorithm;
}
public String getIdTokenEncryptedAlgorithm() {
return idTokenEncryptedAlgorithm;
}
public void setIdTokenEncryptedAlgorithm(String idTokenEncryptedAlgorithm) {
this.idTokenEncryptedAlgorithm = idTokenEncryptedAlgorithm;
}
public String getIdTokenEncryptionMethod() {
return idTokenEncryptionMethod;
}
public void setIdTokenEncryptionMethod(String idTokenEncryptionMethod) {
this.idTokenEncryptionMethod = idTokenEncryptionMethod;
}
public String getUserInfoSigningAlgorithm() {
return userInfoSigningAlgorithm;
}
public void setUserInfoSigningAlgorithm(String userInfoSigningAlgorithm) {
this.userInfoSigningAlgorithm = userInfoSigningAlgorithm;
}
public String getUserInfoEncryptedAlgorithm() {
return userInfoEncryptedAlgorithm;
}
public void setUserInfoEncryptedAlgorithm(String userInfoEncryptedAlgorithm) {
this.userInfoEncryptedAlgorithm = userInfoEncryptedAlgorithm;
}
public String getUserInfoEncryptionMethod() {
return userInfoEncryptionMethod;
}
public void setUserInfoEncryptionMethod(String userInfoEncryptionMethod) {
this.userInfoEncryptionMethod = userInfoEncryptionMethod;
}
public String getJwksUri() {
return jwksUri;
}
public void setJwksUri(String jwksUri) {
this.jwksUri = jwksUri;
}
public BaseClientDetails clientDetailsRowMapper(){
BaseClientDetails baseClientDetails =new BaseClientDetails( this.getId(),
this.getId(), this.getScope(), this.getAuthorizedGrantTypes(), "ROLE_CLIENT, ROLE_TRUSTED_CLIENT",
this.getRegisteredRedirectUris());
baseClientDetails.setAccessTokenValiditySeconds(this.getAccessTokenValiditySeconds());
baseClientDetails.setRefreshTokenValiditySeconds(this.getRefreshTokenValiditySeconds());
baseClientDetails.setClientSecret(this.getClientSecret());
baseClientDetails.setAutoApproveScopes(baseClientDetails.getScope());
baseClientDetails.setIdTokenEncryptedAlgorithm(this.getIdTokenEncryptedAlgorithm());
baseClientDetails.setIdTokenEncryptionMethod(this.getIdTokenEncryptionMethod());
baseClientDetails.setIdTokenSigningAlgorithm(this.getIdTokenSigningAlgorithm());
baseClientDetails.setUserInfoEncryptedAlgorithm(this.getUserInfoEncryptedAlgorithm());
baseClientDetails.setUserInfoEncryptionMethod(this.getUserInfoEncryptionMethod());
baseClientDetails.setUserInfoSigningAlgorithm(this.getUserInfoSigningAlgorithm());
baseClientDetails.setJwksUri(this.getJwksUri());
return baseClientDetails;
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "OAuth20Details [clientId=" + clientId + ", clientSecret="
+ clientSecret + ", scope=" + scope + ", resourceIds="
+ resourceIds + ", authorizedGrantTypes="
+ authorizedGrantTypes + ", registeredRedirectUris="
+ registeredRedirectUris + ", authorities=" + authorities
+ ", accessTokenValiditySeconds=" + accessTokenValiditySeconds
+ ", refreshTokenValiditySeconds="
+ refreshTokenValiditySeconds + "]";
}
} }

467
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
View File

@ -54,288 +54,289 @@ import com.fasterxml.jackson.databind.ObjectMapper;
*/ */
public class JdbcClientDetailsService implements ClientDetailsService, ClientRegistrationService { public class JdbcClientDetailsService implements ClientDetailsService, ClientRegistrationService {
private static final Log logger = LogFactory.getLog(JdbcClientDetailsService.class); private static final Log logger = LogFactory.getLog(JdbcClientDetailsService.class);
private JsonMapper mapper = createJsonMapper(); private JsonMapper mapper = createJsonMapper();
private static final String CLIENT_FIELDS_FOR_UPDATE = "RESOURCE_IDS, SCOPE, " private static final String CLIENT_FIELDS_FOR_UPDATE = "RESOURCE_IDS, SCOPE, "
+ "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, " + "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, "
+ "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, " + "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, "
+ "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, " + "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, "
+ "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI"; + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI";
private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE; private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE;
private static final String BASE_FIND_STATEMENT = "select client_id, " + CLIENT_FIELDS private static final String BASE_FIND_STATEMENT = "select client_id, " + CLIENT_FIELDS
+ " from apps_oauth_client_details"; + " from apps_oauth_client_details";
private static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id"; private static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id";
private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?"; private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?";
private static final String DEFAULT_INSERT_STATEMENT = "insert into apps_oauth_client_details (" + CLIENT_FIELDS private static final String DEFAULT_INSERT_STATEMENT = "insert into apps_oauth_client_details (" + CLIENT_FIELDS
+ ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
private static final String DEFAULT_UPDATE_STATEMENT = "update apps_oauth_client_details " + "set " private static final String DEFAULT_UPDATE_STATEMENT = "update apps_oauth_client_details " + "set "
+ CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?"; + CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?";
private static final String DEFAULT_UPDATE_SECRET_STATEMENT = "update apps_oauth_client_details " private static final String DEFAULT_UPDATE_SECRET_STATEMENT = "update apps_oauth_client_details "
+ "set client_secret = ? where client_id = ?"; + "set client_secret = ? where client_id = ?";
private static final String DEFAULT_DELETE_STATEMENT = "delete from apps_oauth_client_details where client_id = ?"; private static final String DEFAULT_DELETE_STATEMENT = "delete from apps_oauth_client_details where client_id = ?";
private RowMapper<ClientDetails> rowMapper = new ClientDetailsRowMapper(); private RowMapper<ClientDetails> rowMapper = new ClientDetailsRowMapper();
private String deleteClientDetailsSql = DEFAULT_DELETE_STATEMENT; private String deleteClientDetailsSql = DEFAULT_DELETE_STATEMENT;
private String findClientDetailsSql = DEFAULT_FIND_STATEMENT; private String findClientDetailsSql = DEFAULT_FIND_STATEMENT;
private String updateClientDetailsSql = DEFAULT_UPDATE_STATEMENT; private String updateClientDetailsSql = DEFAULT_UPDATE_STATEMENT;
private String updateClientSecretSql = DEFAULT_UPDATE_SECRET_STATEMENT; private String updateClientSecretSql = DEFAULT_UPDATE_SECRET_STATEMENT;
private String insertClientDetailsSql = DEFAULT_INSERT_STATEMENT; private String insertClientDetailsSql = DEFAULT_INSERT_STATEMENT;
private String selectClientDetailsSql = DEFAULT_SELECT_STATEMENT; private String selectClientDetailsSql = DEFAULT_SELECT_STATEMENT;
private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance(); private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();
private final JdbcTemplate jdbcTemplate; private final JdbcTemplate jdbcTemplate;
private JdbcListFactory listFactory; private JdbcListFactory listFactory;
public JdbcClientDetailsService(DataSource dataSource) { public JdbcClientDetailsService(DataSource dataSource) {
Assert.notNull(dataSource, "DataSource required"); Assert.notNull(dataSource, "DataSource required");
this.jdbcTemplate = new JdbcTemplate(dataSource); this.jdbcTemplate = new JdbcTemplate(dataSource);
this.listFactory = new DefaultJdbcListFactory(new NamedParameterJdbcTemplate(jdbcTemplate)); this.listFactory = new DefaultJdbcListFactory(new NamedParameterJdbcTemplate(jdbcTemplate));
} }
/** /**
* @param passwordEncoder the password encoder to set * @param passwordEncoder the password encoder to set
*/ */
public void setPasswordEncoder(PasswordEncoder passwordEncoder) { public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
this.passwordEncoder = passwordEncoder; this.passwordEncoder = passwordEncoder;
} }
public ClientDetails loadClientByClientId(String clientId) { public ClientDetails loadClientByClientId(String clientId) {
ClientDetails details; ClientDetails details;
try { try {
details = jdbcTemplate.queryForObject(selectClientDetailsSql, new ClientDetailsRowMapper(), clientId); details = jdbcTemplate.queryForObject(selectClientDetailsSql, new ClientDetailsRowMapper(), clientId);
} } catch (EmptyResultDataAccessException e) {
catch (EmptyResultDataAccessException e) { throw new NoSuchClientException("No client with requested id: " + clientId);
throw new NoSuchClientException("No client with requested id: " + clientId); }
}
return details; return details;
} }
public void addClientDetails(ClientDetails clientDetails) throws ClientAlreadyExistsException { public void addClientDetails(ClientDetails clientDetails) throws ClientAlreadyExistsException {
try { try {
jdbcTemplate.update(insertClientDetailsSql, getFields(clientDetails)); jdbcTemplate.update(insertClientDetailsSql, getFields(clientDetails));
} } catch (DuplicateKeyException e) {
catch (DuplicateKeyException e) { throw new ClientAlreadyExistsException("Client already exists: " + clientDetails.getClientId(), e);
throw new ClientAlreadyExistsException("Client already exists: " + clientDetails.getClientId(), e); }
} }
}
public void updateClientDetails(ClientDetails clientDetails) throws NoSuchClientException { public void updateClientDetails(ClientDetails clientDetails) throws NoSuchClientException {
int count = jdbcTemplate.update(updateClientDetailsSql, getFieldsForUpdate(clientDetails)); int count = jdbcTemplate.update(updateClientDetailsSql, getFieldsForUpdate(clientDetails));
if (count != 1) { if (count != 1) {
throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId()); throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId());
} }
} }
public void updateClientSecret(String clientId, String secret) throws NoSuchClientException { public void updateClientSecret(String clientId, String secret) throws NoSuchClientException {
int count = jdbcTemplate.update(updateClientSecretSql, passwordEncoder.encode(secret), clientId); int count = jdbcTemplate.update(updateClientSecretSql, passwordEncoder.encode(secret), clientId);
if (count != 1) { if (count != 1) {
throw new NoSuchClientException("No client found with id = " + clientId); throw new NoSuchClientException("No client found with id = " + clientId);
} }
} }
public void removeClientDetails(String clientId) throws NoSuchClientException { public void removeClientDetails(String clientId) throws NoSuchClientException {
int count = jdbcTemplate.update(deleteClientDetailsSql, clientId); int count = jdbcTemplate.update(deleteClientDetailsSql, clientId);
if (count != 1) { if (count != 1) {
throw new NoSuchClientException("No client found with id = " + clientId); throw new NoSuchClientException("No client found with id = " + clientId);
} }
} }
public List<ClientDetails> listClientDetails() { public List<ClientDetails> listClientDetails() {
return listFactory.getList(findClientDetailsSql, Collections.<String, Object> emptyMap(), rowMapper); return listFactory.getList(findClientDetailsSql, Collections.<String, Object>emptyMap(), rowMapper);
} }
private Object[] getFields(ClientDetails clientDetails) { private Object[] getFields(ClientDetails clientDetails) {
Object[] fieldsForUpdate = getFieldsForUpdate(clientDetails); Object[] fieldsForUpdate = getFieldsForUpdate(clientDetails);
Object[] fields = new Object[fieldsForUpdate.length + 1]; Object[] fields = new Object[fieldsForUpdate.length + 1];
System.arraycopy(fieldsForUpdate, 0, fields, 1, fieldsForUpdate.length); System.arraycopy(fieldsForUpdate, 0, fields, 1, fieldsForUpdate.length);
fields[0] = clientDetails.getClientSecret() != null ? passwordEncoder.encode(clientDetails.getClientSecret()) fields[0] = clientDetails.getClientSecret() != null ? passwordEncoder.encode(clientDetails.getClientSecret())
: null; : null;
return fields; return fields;
} }
private Object[] getFieldsForUpdate(ClientDetails clientDetails) { private Object[] getFieldsForUpdate(ClientDetails clientDetails) {
String json = null; String json = null;
try { try {
json = mapper.write(clientDetails.getAdditionalInformation()); json = mapper.write(clientDetails.getAdditionalInformation());
} } catch (Exception e) {
catch (Exception e) { logger.warn("Could not serialize additional information: " + clientDetails, e);
logger.warn("Could not serialize additional information: " + clientDetails, e); }
} return new Object[] {
return new Object[] { clientDetails.getResourceIds() != null
clientDetails.getResourceIds() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails ? StringUtils.collectionToCommaDelimitedString(clientDetails.getResourceIds())
.getResourceIds()) : null, : null,
clientDetails.getScope() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails clientDetails.getScope() != null
.getScope()) : null, ? StringUtils.collectionToCommaDelimitedString(clientDetails.getScope())
clientDetails.getAuthorizedGrantTypes() != null ? StringUtils : null,
.collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes()) : null, clientDetails.getAuthorizedGrantTypes() != null
clientDetails.getRegisteredRedirectUri() != null ? StringUtils ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorizedGrantTypes())
.collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri()) : null, : null,
clientDetails.getAuthorities() != null ? StringUtils.collectionToCommaDelimitedString(clientDetails clientDetails.getRegisteredRedirectUri() != null
.getAuthorities()) : null, clientDetails.getAccessTokenValiditySeconds(), ? StringUtils.collectionToCommaDelimitedString(clientDetails.getRegisteredRedirectUri())
clientDetails.getRefreshTokenValiditySeconds(), json, getAutoApproveScopes(clientDetails), : null,
clientDetails.getIdTokenSigningAlgorithm(),clientDetails.getIdTokenEncryptedAlgorithm(),clientDetails.getIdTokenEncryptionMethod(), clientDetails.getAuthorities() != null
clientDetails.getUserInfoSigningAlgorithm(),clientDetails.getUserInfoEncryptedAlgorithm(),clientDetails.getUserInfoEncryptionMethod(), ? StringUtils.collectionToCommaDelimitedString(clientDetails.getAuthorities())
clientDetails.getJwksUri(), : null,
clientDetails.getClientId() }; clientDetails.getAccessTokenValiditySeconds(), clientDetails.getRefreshTokenValiditySeconds(), json,
} getAutoApproveScopes(clientDetails), clientDetails.getIdTokenSigningAlgorithm(),
clientDetails.getIdTokenEncryptedAlgorithm(), clientDetails.getIdTokenEncryptionMethod(),
clientDetails.getUserInfoSigningAlgorithm(), clientDetails.getUserInfoEncryptedAlgorithm(),
clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), clientDetails.getClientId() };
}
private String getAutoApproveScopes(ClientDetails clientDetails) { private String getAutoApproveScopes(ClientDetails clientDetails) {
if (clientDetails.isAutoApprove("true")) { if (clientDetails.isAutoApprove("true")) {
return "true"; // all scopes autoapproved return "true"; // all scopes autoapproved
} }
Set<String> scopes = new HashSet<String>(); Set<String> scopes = new HashSet<String>();
for (String scope : clientDetails.getScope()) { for (String scope : clientDetails.getScope()) {
if (clientDetails.isAutoApprove(scope)) { if (clientDetails.isAutoApprove(scope)) {
scopes.add(scope); scopes.add(scope);
} }
} }
return StringUtils.collectionToCommaDelimitedString(scopes); return StringUtils.collectionToCommaDelimitedString(scopes);
} }
public void setSelectClientDetailsSql(String selectClientDetailsSql) { public void setSelectClientDetailsSql(String selectClientDetailsSql) {
this.selectClientDetailsSql = selectClientDetailsSql; this.selectClientDetailsSql = selectClientDetailsSql;
} }
public void setDeleteClientDetailsSql(String deleteClientDetailsSql) { public void setDeleteClientDetailsSql(String deleteClientDetailsSql) {
this.deleteClientDetailsSql = deleteClientDetailsSql; this.deleteClientDetailsSql = deleteClientDetailsSql;
} }
public void setUpdateClientDetailsSql(String updateClientDetailsSql) { public void setUpdateClientDetailsSql(String updateClientDetailsSql) {
this.updateClientDetailsSql = updateClientDetailsSql; this.updateClientDetailsSql = updateClientDetailsSql;
} }
public void setUpdateClientSecretSql(String updateClientSecretSql) { public void setUpdateClientSecretSql(String updateClientSecretSql) {
this.updateClientSecretSql = updateClientSecretSql; this.updateClientSecretSql = updateClientSecretSql;
} }
public void setInsertClientDetailsSql(String insertClientDetailsSql) { public void setInsertClientDetailsSql(String insertClientDetailsSql) {
this.insertClientDetailsSql = insertClientDetailsSql; this.insertClientDetailsSql = insertClientDetailsSql;
} }
public void setFindClientDetailsSql(String findClientDetailsSql) { public void setFindClientDetailsSql(String findClientDetailsSql) {
this.findClientDetailsSql = findClientDetailsSql; this.findClientDetailsSql = findClientDetailsSql;
} }
/** /**
* @param listFactory the list factory to set * @param listFactory the list factory to set
*/ */
public void setListFactory(JdbcListFactory listFactory) { public void setListFactory(JdbcListFactory listFactory) {
this.listFactory = listFactory; this.listFactory = listFactory;
} }
/** /**
* @param rowMapper the rowMapper to set * @param rowMapper the rowMapper to set
*/ */
public void setRowMapper(RowMapper<ClientDetails> rowMapper) { public void setRowMapper(RowMapper<ClientDetails> rowMapper) {
this.rowMapper = rowMapper; this.rowMapper = rowMapper;
} }
/** /**
* Row mapper for ClientDetails. * Row mapper for ClientDetails.
* *
* @author Dave Syer * @author Dave Syer
* *
*/ */
private static class ClientDetailsRowMapper implements RowMapper<ClientDetails> { private static class ClientDetailsRowMapper implements RowMapper<ClientDetails> {
private JsonMapper mapper = createJsonMapper(); private JsonMapper mapper = createJsonMapper();
public ClientDetails mapRow(ResultSet rs, int rowNum) throws SQLException { public ClientDetails mapRow(ResultSet rs, int rowNum) throws SQLException {
BaseClientDetails details = new BaseClientDetails(rs.getString(1), rs.getString(3), rs.getString(4), BaseClientDetails details = new BaseClientDetails(rs.getString(1), rs.getString(3), rs.getString(4),
rs.getString(5), rs.getString(7), rs.getString(6)); rs.getString(5), rs.getString(7), rs.getString(6));
details.setClientSecret(rs.getString(2)); details.setClientSecret(rs.getString(2));
if (rs.getObject(8) != null) { if (rs.getObject(8) != null) {
details.setAccessTokenValiditySeconds(rs.getInt(8)); details.setAccessTokenValiditySeconds(rs.getInt(8));
} }
if (rs.getObject(9) != null) { if (rs.getObject(9) != null) {
details.setRefreshTokenValiditySeconds(rs.getInt(9)); details.setRefreshTokenValiditySeconds(rs.getInt(9));
} }
details.setIdTokenEncryptedAlgorithm(rs.getString("IDTOKENENCRYPTEDALGORITHM"));
details.setIdTokenEncryptionMethod(rs.getString("IDTOKENENCRYPTIONMETHOD"));
details.setIdTokenSigningAlgorithm(rs.getString("IDTOKENSIGNINGALGORITHM"));
details.setUserInfoEncryptedAlgorithm(rs.getString("USERINFOCRYPTEDALGORITHM"));
details.setUserInfoEncryptionMethod(rs.getString("USERINFOENCRYPTIONMETHOD"));
details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM"));
details.setJwksUri(rs.getString("JWKSURI"));
String json = rs.getString(10);
if (json != null) {
try {
@SuppressWarnings("unchecked")
Map<String, Object> additionalInformation = mapper.read(json, Map.class);
details.setAdditionalInformation(additionalInformation);
}
catch (Exception e) {
logger.warn("Could not decode JSON for additional information: " + details, e);
}
}
String scopes = rs.getString(11);
if (scopes != null) {
details.setAutoApproveScopes(StringUtils.commaDelimitedListToSet(scopes));
}
return details;
}
}
interface JsonMapper { details.setIdTokenEncryptedAlgorithm(rs.getString("IDTOKENENCRYPTEDALGORITHM"));
String write(Object input) throws Exception; details.setIdTokenEncryptionMethod(rs.getString("IDTOKENENCRYPTIONMETHOD"));
details.setIdTokenSigningAlgorithm(rs.getString("IDTOKENSIGNINGALGORITHM"));
<T> T read(String input, Class<T> type) throws Exception; details.setUserInfoEncryptedAlgorithm(rs.getString("USERINFOCRYPTEDALGORITHM"));
} details.setUserInfoEncryptionMethod(rs.getString("USERINFOENCRYPTIONMETHOD"));
details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM"));
details.setJwksUri(rs.getString("JWKSURI"));
private static JsonMapper createJsonMapper() { String json = rs.getString(10);
if (ClassUtils.isPresent("com.fasterxml.jackson.databind.ObjectMapper", null)) { if (json != null) {
return new Jackson2Mapper(); try {
} @SuppressWarnings("unchecked")
return new NotSupportedJsonMapper(); Map<String, Object> additionalInformation = mapper.read(json, Map.class);
} details.setAdditionalInformation(additionalInformation);
} catch (Exception e) {
logger.warn("Could not decode JSON for additional information: " + details, e);
}
}
String scopes = rs.getString(11);
if (scopes != null) {
details.setAutoApproveScopes(StringUtils.commaDelimitedListToSet(scopes));
}
return details;
}
}
private static class Jackson2Mapper implements JsonMapper { interface JsonMapper {
private com.fasterxml.jackson.databind.ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper(); String write(Object input) throws Exception;
@Override <T> T read(String input, Class<T> type) throws Exception;
public String write(Object input) throws Exception { }
return mapper.writeValueAsString(input);
}
@Override private static JsonMapper createJsonMapper() {
public <T> T read(String input, Class<T> type) throws Exception { if (ClassUtils.isPresent("com.fasterxml.jackson.databind.ObjectMapper", null)) {
return mapper.readValue(input, type); return new Jackson2Mapper();
} }
} return new NotSupportedJsonMapper();
}
private static class NotSupportedJsonMapper implements JsonMapper { private static class Jackson2Mapper implements JsonMapper {
@Override private com.fasterxml.jackson.databind.ObjectMapper mapper = new com.fasterxml.jackson.databind.ObjectMapper();
public String write(Object input) throws Exception {
throw new UnsupportedOperationException(
"Neither Jackson 1 nor 2 is available so JSON conversion cannot be done");
}
@Override @Override
public <T> T read(String input, Class<T> type) throws Exception { public String write(Object input) throws Exception {
throw new UnsupportedOperationException( return mapper.writeValueAsString(input);
"Neither Jackson 1 nor 2 is available so JSON conversion cannot be done"); }
}
} @Override
public <T> T read(String input, Class<T> type) throws Exception {
return mapper.readValue(input, type);
}
}
private static class NotSupportedJsonMapper implements JsonMapper {
@Override
public String write(Object input) throws Exception {
throw new UnsupportedOperationException(
"Neither Jackson 1 nor 2 is available so JSON conversion cannot be done");
}
@Override
public <T> T read(String input, Class<T> type) throws Exception {
throw new UnsupportedOperationException(
"Neither Jackson 1 nor 2 is available so JSON conversion cannot be done");
}
}
} }

7
maxkey-web-manage/src/main/java/org/maxkey/web/apps/contorller/OAuth20DetailsController.java
View File

@ -88,11 +88,12 @@ public class OAuth20DetailsController extends BaseAppContorller {
// //
_logger.debug("-update application :" + oauth20Details); _logger.debug("-update application :" + oauth20Details);
_logger.debug("-update oauth20Details use oauth20JdbcClientDetails" ); _logger.debug("-update oauth20Details use oauth20JdbcClientDetails" );
oauth20Details.setClientSecret(oauth20Details.getSecret());
oauth20JdbcClientDetailsService.updateClientDetails(oauth20Details.clientDetailsRowMapper());
oauth20JdbcClientDetailsService.updateClientSecret(oauth20Details.getClientId(), oauth20Details.getClientSecret());
transform(oauth20Details); transform(oauth20Details);
oauth20Details.setClientSecret(oauth20Details.getSecret());
oauth20JdbcClientDetailsService.updateClientDetails(oauth20Details.clientDetailsRowMapper());
oauth20JdbcClientDetailsService.updateClientSecret(oauth20Details.getClientId(), oauth20Details.getClientSecret());
if (appsService.updateApp(oauth20Details)) { if (appsService.updateApp(oauth20Details)) {
new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success); new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success);
} else { } else {