diff --git a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index dda9adbdb..971b174d5 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -17,6 +17,7 @@ package org.maxkey.authn; +import org.maxkey.authn.online.OnlineTicketServices; import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.maxkey.configuration.ApplicationConfig; @@ -60,6 +61,10 @@ public abstract class AbstractAuthenticationProvider { @Autowired @Qualifier("remeberMeService") protected AbstractRemeberMeService remeberMeService; + + @Autowired + @Qualifier("onlineTicketServices") + protected OnlineTicketServices onlineTicketServices; protected abstract String getProviderName(); @@ -251,8 +256,7 @@ public abstract class AbstractAuthenticationProvider { } else { _logger.debug("User Login. "); } - //Online Tickit - userInfo.setOnlineTickit(WebConstants.ONLINE_TICKET_PREFIX + "-" +userInfo.generateId()); + } return userInfo; @@ -312,4 +316,26 @@ public abstract class AbstractAuthenticationProvider { return true; } + public void setApplicationConfig(ApplicationConfig applicationConfig) { + this.applicationConfig = applicationConfig; + } + + public void setAuthenticationRealm(AbstractAuthenticationRealm authenticationRealm) { + this.authenticationRealm = authenticationRealm; + } + + public void setTfaOptAuthn(AbstractOptAuthn tfaOptAuthn) { + this.tfaOptAuthn = tfaOptAuthn; + } + + public void setRemeberMeService(AbstractRemeberMeService remeberMeService) { + this.remeberMeService = remeberMeService; + } + + public void setOnlineTicketServices(OnlineTicketServices onlineTicketServices) { + this.onlineTicketServices = onlineTicketServices; + } + + + } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java b/maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java index 8f752eec9..97f3af680 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java @@ -19,6 +19,8 @@ package org.maxkey.authn; import java.util.ArrayList; import java.util.Collection; + +import org.maxkey.authn.online.OnlineTicket; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; @@ -34,7 +36,7 @@ public class BasicAuthentication implements Authentication { String remeberMe; String authType; String jwtToken; - String onlineTickit; + OnlineTicket onlineTicket; ArrayList grantedAuthority; boolean authenticated; @@ -167,12 +169,12 @@ public class BasicAuthentication implements Authentication { this.grantedAuthority = grantedAuthority; } - public String getOnlineTickit() { - return onlineTickit; + public OnlineTicket getOnlineTicket() { + return onlineTicket; } - public void setOnlineTickit(String onlineTickit) { - this.onlineTickit = onlineTickit; + public void setOnlineTicket(OnlineTicket onlineTicket) { + this.onlineTicket = onlineTicket; } @Override diff --git a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java index 8ff17ae47..b15810640 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java @@ -17,6 +17,7 @@ package org.maxkey.authn; +import org.maxkey.authn.online.OnlineTicket; import org.maxkey.domain.UserInfo; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; @@ -72,15 +73,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo); authenticationRealm.passwordMatches(userInfo, auth.getPassword()); - authenticationRealm.grantAuthority(userInfo); - /* - * put userInfo to current session context - */ - WebContext.setUserInfo(userInfo); - - auth.setAuthenticated(true); - - if (auth.isAuthenticated() && applicationConfig.getLoginConfig().isRemeberMe()) { + + UsernamePasswordAuthenticationToken authenticationToken = setOnline(auth,userInfo); + //RemeberMe Config check then set RemeberMe cookies + if (applicationConfig.getLoginConfig().isRemeberMe()) { if (auth.getRemeberMe() != null && auth.getRemeberMe().equals("remeberMe")) { WebContext.getSession().setAttribute( WebConstants.REMEBER_ME_SESSION,auth.getUsername()); @@ -93,47 +89,25 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider ); } } - auth.setOnlineTickit(userInfo.getOnlineTickit()); - UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = - new UsernamePasswordAuthenticationToken( - auth, - "PASSWORD", - authenticationRealm.grantAuthority(userInfo)); - usernamePasswordAuthenticationToken.setDetails( - new WebAuthenticationDetails(WebContext.getRequest())); - setOnlineTickit(userInfo.getOnlineTickit()); - - return usernamePasswordAuthenticationToken; + return authenticationToken; } @Override public Authentication basicAuthenticate(Authentication authentication) { - BasicAuthentication basicAuth = (BasicAuthentication) authentication; - UserInfo loadeduserInfo = loadUserInfo(basicAuth.getUsername(), ""); + BasicAuthentication auth = (BasicAuthentication) authentication; + UserInfo loadeduserInfo = loadUserInfo(auth.getUsername(), ""); if (loadeduserInfo != null) { - - authenticationRealm.passwordMatches(loadeduserInfo, basicAuth.getPassword()); + authenticationRealm.passwordMatches(loadeduserInfo, auth.getPassword()); authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo); - WebContext.setUserInfo(loadeduserInfo); - - authentication.setAuthenticated(true); - basicAuth.setOnlineTickit(loadeduserInfo.getOnlineTickit()); - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( - authentication, "PASSWORD", authenticationRealm.grantAuthority(loadeduserInfo)); - - WebContext.setAuthentication(authenticationToken); - WebContext.setUserInfo(loadeduserInfo); - authenticationRealm.insertLoginHistory(loadeduserInfo, basicAuth.getAuthType(), "", "", "SUCCESS"); - - setOnlineTickit(loadeduserInfo.getOnlineTickit()); - - return authenticationToken; + authenticationRealm.insertLoginHistory(loadeduserInfo, auth.getAuthType(), "", "", "SUCCESS"); + + return setOnline(auth,loadeduserInfo); }else { String message = WebContext.getI18nValue("login.error.username"); - _logger.debug("login user " + basicAuth.getUsername() + " not in this System ." + message); + _logger.debug("login user " + auth.getUsername() + " not in this System ." + message); throw new BadCredentialsException(WebContext.getI18nValue("login.error.username")); } } @@ -155,26 +129,12 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider String message) { UserInfo loadeduserInfo = loadUserInfo(username, ""); if (loadeduserInfo != null) { - WebContext.setUserInfo(loadeduserInfo); - BasicAuthentication authentication = new BasicAuthentication(); - authentication.setUsername(loadeduserInfo.getUsername()); - authentication.setOnlineTickit(loadeduserInfo.getOnlineTickit()); - UsernamePasswordAuthenticationToken authenticationToken = - new UsernamePasswordAuthenticationToken( - authentication, - "PASSWORD", - authenticationRealm.grantAuthority(loadeduserInfo) - ); - - authentication.setAuthenticated(true); - WebContext.setAuthentication(authenticationToken); - WebContext.setUserInfo(loadeduserInfo); - + BasicAuthentication auth = new BasicAuthentication(); + auth.setUsername(loadeduserInfo.getUsername()); + authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message); - setOnlineTickit(loadeduserInfo.getOnlineTickit()); - - return authenticationToken; + return setOnline(auth,loadeduserInfo); }else { String i18nMessage = WebContext.getI18nValue("login.error.username"); _logger.debug("login user " + username + " not in this System ." + i18nMessage); @@ -182,13 +142,42 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider } } - public void setOnlineTickit(String tickit) { - _logger.debug("set online Tickit " + tickit + " on domain "+ this.applicationConfig.getBaseDomainName()); + public UsernamePasswordAuthenticationToken setOnline(BasicAuthentication authentication,UserInfo userInfo) { + //Online Tickit Id + String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase(); + _logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName()); + WebContext.setCookie(WebContext.getResponse(), this.applicationConfig.getBaseDomainName(), WebConstants.ONLINE_TICKET_NAME, - tickit, + onlineTickitId, 0); + + //set OnlineTicket + OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId,authentication); + this.onlineTicketServices.store(onlineTickitId, onlineTicket); + authentication.setOnlineTicket(onlineTicket); + + authentication.setAuthenticated(true); + UsernamePasswordAuthenticationToken authenticationToken = + new UsernamePasswordAuthenticationToken( + authentication, + "PASSWORD", + authenticationRealm.grantAuthority(userInfo) + ); + + authenticationToken.setDetails( + new WebAuthenticationDetails(WebContext.getRequest())); + + /* + * put userInfo to current session context + */ + WebContext.setAuthentication(authenticationToken); + + userInfo.setOnlineTicket(onlineTicket); + WebContext.setUserInfo(userInfo); + + return authenticationToken; } } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java b/maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java index e6f7a8ada..1bba1a3f8 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java @@ -32,7 +32,11 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{ .build(true); - @Override + public InMemoryOnlineTicketServices() { + super(); + } + + @Override public void store(String ticketId, OnlineTicket ticket) { onlineTicketStore.put(ticketId, ticket); } @@ -50,4 +54,10 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{ return ticket; } + @Override + public void setValiditySeconds(int validitySeconds) { + // TODO Auto-generated method stub + + } + } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java b/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java index 938a46d95..a9e942efc 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java @@ -1,8 +1,10 @@ package org.maxkey.authn.online; import java.io.Serializable; +import java.util.HashMap; import org.maxkey.domain.apps.Apps; +import org.springframework.security.core.Authentication; public class OnlineTicket implements Serializable{ @@ -11,23 +13,66 @@ public class OnlineTicket implements Serializable{ */ private static final long serialVersionUID = 9008067569150338296L; - public String id; + public String ticketId; - private Apps authorizeApps; + public Authentication authentication; + + private HashMap authorizedApps; - public OnlineTicket(String id) { + public OnlineTicket(String ticketId) { super(); - this.id = id; + this.ticketId = ticketId; + } + + public OnlineTicket(String ticketId,Authentication authentication) { + super(); + this.ticketId = ticketId; + this.authentication = authentication; } + public String getTicketId() { + return ticketId; + } + + + + public void setTicketId(String ticketId) { + this.ticketId = ticketId; + } + + + public Authentication getAuthentication() { + return authentication; + } + + + + public void setAuthentication(Authentication authentication) { + this.authentication = authentication; + } + + + + public HashMap getAuthorizedApps() { + return authorizedApps; + } + + + + public void setAuthorizedApps(HashMap authorizedApps) { + this.authorizedApps = authorizedApps; + } + + + @Override public String toString() { StringBuilder builder = new StringBuilder(); - builder.append("OnlineTicket [id="); - builder.append(id); + builder.append("OnlineTicket [ticketId="); + builder.append(ticketId); builder.append("]"); return builder.toString(); } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java b/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java index 13e9417bf..28a8b3dd4 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java @@ -26,4 +26,5 @@ public interface OnlineTicketServices { public OnlineTicket get(String ticketId); + public void setValiditySeconds(int validitySeconds); } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java b/maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java index 8e6787dfe..3035e86dd 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java @@ -72,5 +72,11 @@ public class RedisOnlineTicketServices implements OnlineTicketServices { return ticket; } + @Override + public void setValiditySeconds(int validitySeconds) { + this.serviceTicketValiditySeconds = validitySeconds; + + } + } diff --git a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java index 653d57105..befc64a36 100644 --- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java +++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java @@ -27,6 +27,9 @@ import javax.sql.DataSource; import org.maxkey.authn.AbstractAuthenticationProvider; import org.maxkey.authn.RealmAuthenticationProvider; import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler; +import org.maxkey.authn.online.InMemoryOnlineTicketServices; +import org.maxkey.authn.online.OnlineTicketServices; +import org.maxkey.authn.online.RedisOnlineTicketServices; import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService; import org.maxkey.authn.support.rememberme.RedisRemeberMeService; @@ -204,6 +207,24 @@ public class ApplicationAutoConfiguration implements InitializingBean { return remeberMeService; } + @Bean(name = "onlineTicketServices") + public OnlineTicketServices onlineTicketServices( + @Value("${config.server.persistence}") int persistence, + JdbcTemplate jdbcTemplate, + RedisConnectionFactory redisConnFactory) { + OnlineTicketServices onlineTicketServices = null; + if (persistence == ConstantsPersistence.INMEMORY) { + onlineTicketServices = new InMemoryOnlineTicketServices(); + _logger.debug("InMemoryOnlineTicketServices"); + } else if (persistence == ConstantsPersistence.JDBC) { + _logger.debug("OnlineTicketServices not support "); + } else if (persistence == ConstantsPersistence.REDIS) { + onlineTicketServices = new RedisOnlineTicketServices(redisConnFactory); + _logger.debug("RedisOnlineTicketServices"); + } + return onlineTicketServices; + } + /** * keyStoreLoader . * @return diff --git a/maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java b/maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java index e6d1d6774..40fbfe4eb 100644 --- a/maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java +++ b/maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java @@ -26,6 +26,7 @@ import javax.persistence.GenerationType; import javax.persistence.Id; import javax.persistence.Table; import org.apache.mybatis.jpa.persistence.JpaBaseDomain; +import org.maxkey.authn.online.OnlineTicket; import org.maxkey.util.StringUtils; import org.springframework.web.multipart.MultipartFile; @@ -230,7 +231,7 @@ public class UserInfo extends JpaBaseDomain { protected int online; - String onlineTickit; + OnlineTicket onlineTicket; protected String ldapDn; @@ -1164,12 +1165,12 @@ public class UserInfo extends JpaBaseDomain { this.createdBy = createdBy; } - public String getOnlineTickit() { - return onlineTickit; + public OnlineTicket getOnlineTicket() { + return onlineTicket; } - public void setOnlineTickit(String onlineTickit) { - this.onlineTickit = onlineTickit; + public void setOnlineTicket(OnlineTicket onlineTicket) { + this.onlineTicket = onlineTicket; } /** @@ -1407,8 +1408,6 @@ public class UserInfo extends JpaBaseDomain { builder.append(extraAttributeMap); builder.append(", online="); builder.append(online); - builder.append(", onlineTickit="); - builder.append(onlineTickit); builder.append(", ldapDn="); builder.append(ldapDn); builder.append(", gridList="); diff --git a/maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java b/maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java index 4f5c6bfdc..7ac4affc8 100644 --- a/maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java +++ b/maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java @@ -149,6 +149,9 @@ public class Apps extends JpaBaseDomain implements Serializable { protected String modifiedDate; @Column protected String description; + + + protected String loginDateTime; public Apps() { super(); @@ -537,6 +540,15 @@ public class Apps extends JpaBaseDomain implements Serializable { this.logoutType = logoutType; } + + public String getLoginDateTime() { + return loginDateTime; + } + + public void setLoginDateTime(String loginDateTime) { + this.loginDateTime = loginDateTime; + } + @Override public String toString() { StringBuilder builder = new StringBuilder(); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java index 499e640ef..fc782bf8a 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java @@ -201,7 +201,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter()); UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal); - userInfo.setOnlineTickit(authentication.getOnlineTickit()); + userInfo.setOnlineTicket(authentication.getOnlineTicket()); adapter.generateInfo(userInfo, serviceResponseBuilder); } }else{ diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java index 9354102e6..3cc86e116 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java @@ -83,7 +83,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){ AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter()); UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal); - userInfo.setOnlineTickit(authentication.getOnlineTickit()); + userInfo.setOnlineTicket(authentication.getOnlineTicket()); adapter.generateInfo(userInfo, serviceResponseBuilder); } }else{ diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java index 154cb2b99..36fe3f7ec 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java @@ -66,7 +66,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter { serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId()); serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion())); - serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTickit()); + serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTicket().getTicketId()); return null; } diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java index 4bc8b03e5..a9c8cb7c9 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java @@ -44,7 +44,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter { beanMap.put("title", userInfo.getJobTitle()); beanMap.put("state", userInfo.getWorkRegion()); beanMap.put("gender", userInfo.getGender()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId()); String info= JsonUtils.object2Json(beanMap); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java index 217d2e7d4..ec3ae8fed 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java @@ -136,7 +136,7 @@ public class UserInfoEndpoint { adapter =(AbstractAuthorizeAdapter)defaultOAuthUserInfoAdapter; } BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication(); - userInfo.setOnlineTickit(authentication.getOnlineTickit()); + userInfo.setOnlineTicket(authentication.getOnlineTicket()); String jsonData=adapter.generateInfo(userInfo, app); return jsonData; }catch(OAuth2Exception e){ @@ -175,7 +175,7 @@ public class UserInfoEndpoint { BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication(); jwtClaimsSetBuilder.claim("sub", userInfo.getId()); - jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTickit()); + jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId()); if(scopes.contains("profile")){ jwtClaimsSetBuilder.claim("name", userInfo.getUsername()); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java index fa1d2ae76..aa2e01165 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java @@ -73,7 +73,7 @@ public class AssertionEndpoint { HashMap attributeMap=new HashMap(); - attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTickit()); + attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTicket().getTicketId()); //saml20Details Response authResponse = authnResponseGenerator.generateAuthnResponse( diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java index 05f340207..d262d97f3 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java @@ -117,17 +117,17 @@ public class TokenBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{ cookie.setPath("/"); // - //cookie.setDomain("."+applicationConfig.getSubDomainName()); + //cookie.setDomain("."+applicationConfig.getBaseDomainName()); //tomcat 8.5 - cookie.setDomain(applicationConfig.getDomainName()); + cookie.setDomain(applicationConfig.getBaseDomainName()); - _logger.debug("Sub Domain Name : "+"."+applicationConfig.getDomainName()); + _logger.debug("Sub Domain Name : "+"."+applicationConfig.getBaseDomainName()); response.addCookie(cookie); - if(tokenBasedDetails.getRedirectUri().indexOf(applicationConfig.getDomainName())>-1){ + if(tokenBasedDetails.getRedirectUri().indexOf(applicationConfig.getBaseDomainName())>-1){ return WebContext.redirect(tokenBasedDetails.getRedirectUri()); }else{ - _logger.error(tokenBasedDetails.getRedirectUri()+" not in domain "+applicationConfig.getDomainName()); + _logger.error(tokenBasedDetails.getRedirectUri()+" not in domain "+applicationConfig.getBaseDomainName()); return null; } } diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java index 44251fc2f..b7b389477 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java @@ -71,7 +71,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter { } beanMap.put("displayName", userInfo.getDisplayName()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId()); /* * use UTC date time format diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java index addf8f13b..97aabb723 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java @@ -68,7 +68,7 @@ public class TokenBasedJWTAdapter extends AbstractAuthorizeAdapter { .claim("user_id", userInfo.getId()) .claim("external_id", userInfo.getId()) .claim("locale", userInfo.getLocale()) - .claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit()) + .claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId()) .claim("kid", jwtSignerService.getDefaultSignerKeyId()) .build(); diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java index 141c366a9..7ce4f19b9 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java @@ -68,7 +68,7 @@ public class TokenBasedJWTHS256Adapter extends AbstractAuthorizeAdapter { .claim("email", userInfo.getWorkEmail()) .claim("name", userInfo.getUsername()) .claim("user_id", userInfo.getId()) - .claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit()) + .claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId()) .claim("external_id", userInfo.getId()) .claim("locale", userInfo.getLocale()) .claim("kid", "SYMMETRIC-KEY") diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/OnlineTicketEndpoint.java b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/OnlineTicketEndpoint.java new file mode 100644 index 000000000..b97fc9253 --- /dev/null +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/OnlineTicketEndpoint.java @@ -0,0 +1,27 @@ +package org.maxkey.web.endpoint; + +import org.maxkey.authn.online.OnlineTicket; +import org.maxkey.authn.online.OnlineTicketServices; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; + +@Controller +@RequestMapping(value={"/onlineticket"}) +public class OnlineTicketEndpoint { + + @Autowired + @Qualifier("onlineTicketServices") + protected OnlineTicketServices onlineTicketServices; + + @ResponseBody + @RequestMapping(value="/ticketValidate") + public OnlineTicket ticketValidate( + @RequestParam(value ="ticket",required = true) String ticket) { + OnlineTicket onlineTicket = onlineTicketServices.get(ticket); + return onlineTicket; + } +}