From 642c02ad62c02811ab99bc12b100ae64cc5026a9 Mon Sep 17 00:00:00 2001 From: MaxKey Date: Wed, 31 Mar 2021 21:58:30 +0800 Subject: [PATCH] Update TokenEndpointAuthenticationFilter.java --- .../TokenEndpointAuthenticationFilter.java | 35 +++++++++++++------ 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java index 01085c3ab..c1d230fd8 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java @@ -133,13 +133,37 @@ public class TokenEndpointAuthenticationFilter implements Filter { final HttpServletRequest request = (HttpServletRequest) req; final HttpServletResponse response = (HttpServletResponse) res; + if(logger.isTraceEnabled()) { + logger.trace("getRequestURL : "+request.getRequestURL()); + logger.trace("getMethod : "+request.getMethod()); + Enumeration headerNames = request.getHeaderNames(); + while (headerNames.hasMoreElements()) { + String key = (String) headerNames.nextElement(); + String value = request.getHeader(key); + logger.trace("Header key "+key +" , value " + value); + } + + Enumeration parameterNames = request.getParameterNames(); + while (parameterNames.hasMoreElements()) { + String key = (String) parameterNames.nextElement(); + String value = request.getParameter(key); + logger.trace("Parameter "+key +" , value " + value); + } + } + try { String grantType = request.getParameter("grant_type"); if (grantType != null && grantType.equals("password")) { usernamepassword(request,response); }else { Authentication authentication=ClientCredentials(request,response); - SigninPrincipal auth =new SigninPrincipal((User)authentication.getPrincipal()); + logger.trace("getPrincipal " + authentication.getPrincipal().getClass()); + SigninPrincipal auth = null; + if(authentication.getPrincipal() instanceof SigninPrincipal) { + auth = (SigninPrincipal)authentication.getPrincipal(); + }else { + auth =new SigninPrincipal((User)authentication.getPrincipal()); + } auth.setAuthenticated(true); UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities()); WebContext.setAuthentication(simpleUserAuthentication); @@ -223,15 +247,6 @@ public class TokenEndpointAuthenticationFilter implements Filter { String clientId = request.getParameter("client_id"); String clientSecret = request.getParameter("client_secret"); if(clientId == null) { - if(logger.isTraceEnabled()) { - logger.trace("getRequestURL : "+request.getRequestURL()); - Enumeration headerNames = request.getHeaderNames(); - while (headerNames.hasMoreElements()) { - String key = (String) headerNames.nextElement(); - String value = request.getHeader(key); - logger.trace("Header key "+key +" , value " + value); - } - } //for header authorization basic String authorization_bearer =request.getHeader("authorization"); AuthorizationHeaderCredential ahc=AuthorizationHeaderUtils.resolve(authorization_bearer);