admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-06 17:08:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

OnlineTicket 优化

Browse Source
This commit is contained in:
Crystal.Sea 2020-10-28 23:47:53 +08:00
parent cc76bb25f4
commit 6a8b0acb86
21 changed files with 234 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authn;
import org.maxkey.authn.online.OnlineTicketServices;
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.configuration.ApplicationConfig;
@ -61,6 +62,10 @@ public abstract class AbstractAuthenticationProvider {
@Qualifier("remeberMeService")
protected AbstractRemeberMeService remeberMeService;
@Autowired
@Qualifier("onlineTicketServices")
protected OnlineTicketServices onlineTicketServices;
protected abstract String getProviderName();
protected abstract Authentication doInternalAuthenticate(Authentication authentication);
@ -251,8 +256,7 @@ public abstract class AbstractAuthenticationProvider {
} else {
_logger.debug("User Login. ");
}
//Online Tickit
userInfo.setOnlineTickit(WebConstants.ONLINE_TICKET_PREFIX + "-" +userInfo.generateId());
}
return userInfo;
@ -312,4 +316,26 @@ public abstract class AbstractAuthenticationProvider {
return true;
}
public void setApplicationConfig(ApplicationConfig applicationConfig) {
this.applicationConfig = applicationConfig;
}
public void setAuthenticationRealm(AbstractAuthenticationRealm authenticationRealm) {
this.authenticationRealm = authenticationRealm;
}
public void setTfaOptAuthn(AbstractOptAuthn tfaOptAuthn) {
this.tfaOptAuthn = tfaOptAuthn;
}
public void setRemeberMeService(AbstractRemeberMeService remeberMeService) {
this.remeberMeService = remeberMeService;
}
public void setOnlineTicketServices(OnlineTicketServices onlineTicketServices) {
this.onlineTicketServices = onlineTicketServices;
}
}

12
maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java
View File

@ -19,6 +19,8 @@ package org.maxkey.authn;
import java.util.ArrayList;
import java.util.Collection;
import org.maxkey.authn.online.OnlineTicket;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@ -34,7 +36,7 @@ public class BasicAuthentication implements Authentication {
String remeberMe;
String authType;
String jwtToken;
String onlineTickit;
OnlineTicket onlineTicket;
ArrayList<GrantedAuthority> grantedAuthority;
boolean authenticated;
@ -167,12 +169,12 @@ public class BasicAuthentication implements Authentication {
this.grantedAuthority = grantedAuthority;
}
public String getOnlineTickit() {
return onlineTickit;
public OnlineTicket getOnlineTicket() {
return onlineTicket;
}
public void setOnlineTickit(String onlineTickit) {
this.onlineTickit = onlineTickit;
public void setOnlineTicket(OnlineTicket onlineTicket) {
this.onlineTicket = onlineTicket;
}
@Override

103
maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authn;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebConstants;
import org.maxkey.web.WebContext;
@ -72,15 +73,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
authenticationRealm.passwordMatches(userInfo, auth.getPassword());
authenticationRealm.grantAuthority(userInfo);
/*
* put userInfo to current session context
*/
WebContext.setUserInfo(userInfo);
auth.setAuthenticated(true);
if (auth.isAuthenticated() && applicationConfig.getLoginConfig().isRemeberMe()) {
UsernamePasswordAuthenticationToken authenticationToken = setOnline(auth,userInfo);
//RemeberMe Config check then set RemeberMe cookies
if (applicationConfig.getLoginConfig().isRemeberMe()) {
if (auth.getRemeberMe() != null && auth.getRemeberMe().equals("remeberMe")) {
WebContext.getSession().setAttribute(
WebConstants.REMEBER_ME_SESSION,auth.getUsername());
@ -93,47 +89,25 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
);
}
}
auth.setOnlineTickit(userInfo.getOnlineTickit());
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
new UsernamePasswordAuthenticationToken(
auth,
"PASSWORD",
authenticationRealm.grantAuthority(userInfo));
usernamePasswordAuthenticationToken.setDetails(
new WebAuthenticationDetails(WebContext.getRequest()));
setOnlineTickit(userInfo.getOnlineTickit());
return usernamePasswordAuthenticationToken;
return authenticationToken;
}
@Override
public Authentication basicAuthenticate(Authentication authentication) {
BasicAuthentication basicAuth = (BasicAuthentication) authentication;
UserInfo loadeduserInfo = loadUserInfo(basicAuth.getUsername(), "");
BasicAuthentication auth = (BasicAuthentication) authentication;
UserInfo loadeduserInfo = loadUserInfo(auth.getUsername(), "");
if (loadeduserInfo != null) {
authenticationRealm.passwordMatches(loadeduserInfo, basicAuth.getPassword());
authenticationRealm.passwordMatches(loadeduserInfo, auth.getPassword());
authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo);
WebContext.setUserInfo(loadeduserInfo);
authenticationRealm.insertLoginHistory(loadeduserInfo, auth.getAuthType(), "", "", "SUCCESS");
authentication.setAuthenticated(true);
basicAuth.setOnlineTickit(loadeduserInfo.getOnlineTickit());
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
authentication, "PASSWORD", authenticationRealm.grantAuthority(loadeduserInfo));
WebContext.setAuthentication(authenticationToken);
WebContext.setUserInfo(loadeduserInfo);
authenticationRealm.insertLoginHistory(loadeduserInfo, basicAuth.getAuthType(), "", "", "SUCCESS");
setOnlineTickit(loadeduserInfo.getOnlineTickit());
return authenticationToken;
return setOnline(auth,loadeduserInfo);
}else {
String message = WebContext.getI18nValue("login.error.username");
_logger.debug("login user " + basicAuth.getUsername() + " not in this System ." + message);
_logger.debug("login user " + auth.getUsername() + " not in this System ." + message);
throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
}
}
@ -155,26 +129,12 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
String message) {
UserInfo loadeduserInfo = loadUserInfo(username, "");
if (loadeduserInfo != null) {
WebContext.setUserInfo(loadeduserInfo);
BasicAuthentication authentication = new BasicAuthentication();
authentication.setUsername(loadeduserInfo.getUsername());
authentication.setOnlineTickit(loadeduserInfo.getOnlineTickit());
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(
authentication,
"PASSWORD",
authenticationRealm.grantAuthority(loadeduserInfo)
);
authentication.setAuthenticated(true);
WebContext.setAuthentication(authenticationToken);
WebContext.setUserInfo(loadeduserInfo);
BasicAuthentication auth = new BasicAuthentication();
auth.setUsername(loadeduserInfo.getUsername());
authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
setOnlineTickit(loadeduserInfo.getOnlineTickit());
return authenticationToken;
return setOnline(auth,loadeduserInfo);
}else {
String i18nMessage = WebContext.getI18nValue("login.error.username");
_logger.debug("login user " + username + " not in this System ." + i18nMessage);
@ -182,13 +142,42 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
}
}
public void setOnlineTickit(String tickit) {
_logger.debug("set online Tickit " + tickit + " on domain "+ this.applicationConfig.getBaseDomainName());
public UsernamePasswordAuthenticationToken setOnline(BasicAuthentication authentication,UserInfo userInfo) {
//Online Tickit Id
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
_logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName());
WebContext.setCookie(WebContext.getResponse(),
this.applicationConfig.getBaseDomainName(),
WebConstants.ONLINE_TICKET_NAME,
tickit,
onlineTickitId,
0);
//set OnlineTicket
OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId,authentication);
this.onlineTicketServices.store(onlineTickitId, onlineTicket);
authentication.setOnlineTicket(onlineTicket);
authentication.setAuthenticated(true);
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(
authentication,
"PASSWORD",
authenticationRealm.grantAuthority(userInfo)
);
authenticationToken.setDetails(
new WebAuthenticationDetails(WebContext.getRequest()));
/*
* put userInfo to current session context
*/
WebContext.setAuthentication(authenticationToken);
userInfo.setOnlineTicket(onlineTicket);
WebContext.setUserInfo(userInfo);
return authenticationToken;
}
}

10
maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java
View File

@ -32,6 +32,10 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{
.build(true);
public InMemoryOnlineTicketServices() {
super();
}
@Override
public void store(String ticketId, OnlineTicket ticket) {
onlineTicketStore.put(ticketId, ticket);
@ -50,4 +54,10 @@ public class InMemoryOnlineTicketServices implements OnlineTicketServices{
return ticket;
}
@Override
public void setValiditySeconds(int validitySeconds) {
// TODO Auto-generated method stub
}
}

57
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java
View File

@ -1,8 +1,10 @@
package org.maxkey.authn.online;
import java.io.Serializable;
import java.util.HashMap;
import org.maxkey.domain.apps.Apps;
import org.springframework.security.core.Authentication;
public class OnlineTicket implements Serializable{
@ -11,14 +13,57 @@ public class OnlineTicket implements Serializable{
*/
private static final long serialVersionUID = 9008067569150338296L;
public String id;
public String ticketId;
private Apps authorizeApps;
public Authentication authentication;
private HashMap<String , Apps> authorizedApps;
public OnlineTicket(String id) {
public OnlineTicket(String ticketId) {
super();
this.id = id;
this.ticketId = ticketId;
}
public OnlineTicket(String ticketId,Authentication authentication) {
super();
this.ticketId = ticketId;
this.authentication = authentication;
}
public String getTicketId() {
return ticketId;
}
public void setTicketId(String ticketId) {
this.ticketId = ticketId;
}
public Authentication getAuthentication() {
return authentication;
}
public void setAuthentication(Authentication authentication) {
this.authentication = authentication;
}
public HashMap<String, Apps> getAuthorizedApps() {
return authorizedApps;
}
public void setAuthorizedApps(HashMap<String, Apps> authorizedApps) {
this.authorizedApps = authorizedApps;
}
@ -26,8 +71,8 @@ public class OnlineTicket implements Serializable{
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("OnlineTicket [id=");
builder.append(id);
builder.append("OnlineTicket [ticketId=");
builder.append(ticketId);
builder.append("]");
return builder.toString();
}

1
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java
View File

@ -26,4 +26,5 @@ public interface OnlineTicketServices {
public OnlineTicket get(String ticketId);
public void setValiditySeconds(int validitySeconds);
}

6
maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java
View File

@ -72,5 +72,11 @@ public class RedisOnlineTicketServices implements OnlineTicketServices {
return ticket;
}
@Override
public void setValiditySeconds(int validitySeconds) {
this.serviceTicketValiditySeconds = validitySeconds;
}
}

21
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java
View File

@ -27,6 +27,9 @@ import javax.sql.DataSource;
import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.RealmAuthenticationProvider;
import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
import org.maxkey.authn.online.InMemoryOnlineTicketServices;
import org.maxkey.authn.online.OnlineTicketServices;
import org.maxkey.authn.online.RedisOnlineTicketServices;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService;
import org.maxkey.authn.support.rememberme.RedisRemeberMeService;
@ -204,6 +207,24 @@ public class ApplicationAutoConfiguration implements InitializingBean {
return remeberMeService;
}
@Bean(name = "onlineTicketServices")
public OnlineTicketServices onlineTicketServices(
@Value("${config.server.persistence}") int persistence,
JdbcTemplate jdbcTemplate,
RedisConnectionFactory redisConnFactory) {
OnlineTicketServices onlineTicketServices = null;
if (persistence == ConstantsPersistence.INMEMORY) {
onlineTicketServices = new InMemoryOnlineTicketServices();
_logger.debug("InMemoryOnlineTicketServices");
} else if (persistence == ConstantsPersistence.JDBC) {
_logger.debug("OnlineTicketServices not support ");
} else if (persistence == ConstantsPersistence.REDIS) {
onlineTicketServices = new RedisOnlineTicketServices(redisConnFactory);
_logger.debug("RedisOnlineTicketServices");
}
return onlineTicketServices;
}
/**
* keyStoreLoader .
* @return

13
maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java
View File

@ -26,6 +26,7 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import org.apache.mybatis.jpa.persistence.JpaBaseDomain;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.util.StringUtils;
import org.springframework.web.multipart.MultipartFile;
@ -230,7 +231,7 @@ public class UserInfo extends JpaBaseDomain {
protected int online;
String onlineTickit;
OnlineTicket onlineTicket;
protected String ldapDn;
@ -1164,12 +1165,12 @@ public class UserInfo extends JpaBaseDomain {
this.createdBy = createdBy;
}
public String getOnlineTickit() {
return onlineTickit;
public OnlineTicket getOnlineTicket() {
return onlineTicket;
}
public void setOnlineTickit(String onlineTickit) {
this.onlineTickit = onlineTickit;
public void setOnlineTicket(OnlineTicket onlineTicket) {
this.onlineTicket = onlineTicket;
}
/**
@ -1407,8 +1408,6 @@ public class UserInfo extends JpaBaseDomain {
builder.append(extraAttributeMap);
builder.append(", online=");
builder.append(online);
builder.append(", onlineTickit=");
builder.append(onlineTickit);
builder.append(", ldapDn=");
builder.append(ldapDn);
builder.append(", gridList=");

12
maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java
View File

@ -150,6 +150,9 @@ public class Apps extends JpaBaseDomain implements Serializable {
@Column
protected String description;
protected String loginDateTime;
public Apps() {
super();
isSignature = Boolean.FALSE;
@ -537,6 +540,15 @@ public class Apps extends JpaBaseDomain implements Serializable {
this.logoutType = logoutType;
}
public String getLoginDateTime() {
return loginDateTime;
}
public void setLoginDateTime(String loginDateTime) {
this.loginDateTime = loginDateTime;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();

2
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
View File

@ -201,7 +201,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
userInfo.setOnlineTickit(authentication.getOnlineTickit());
userInfo.setOnlineTicket(authentication.getOnlineTicket());
adapter.generateInfo(userInfo, serviceResponseBuilder);
}
}else{

2
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
View File

@ -83,7 +83,7 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
userInfo.setOnlineTickit(authentication.getOnlineTickit());
userInfo.setOnlineTicket(authentication.getOnlineTicket());
adapter.generateInfo(userInfo, serviceResponseBuilder);
}
}else{

2
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
View File

@ -66,7 +66,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTickit());
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTicket().getTicketId());
return null;
}

2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
View File

@ -44,7 +44,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
beanMap.put("title", userInfo.getJobTitle());
beanMap.put("state", userInfo.getWorkRegion());
beanMap.put("gender", userInfo.getGender());
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId());
String info= JsonUtils.object2Json(beanMap);

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
View File

@ -136,7 +136,7 @@ public class UserInfoEndpoint {
adapter =(AbstractAuthorizeAdapter)defaultOAuthUserInfoAdapter;
}
BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
userInfo.setOnlineTickit(authentication.getOnlineTickit());
userInfo.setOnlineTicket(authentication.getOnlineTicket());
String jsonData=adapter.generateInfo(userInfo, app);
return jsonData;
}catch(OAuth2Exception e){
@ -175,7 +175,7 @@ public class UserInfoEndpoint {
BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
jwtClaimsSetBuilder.claim("sub", userInfo.getId());
jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTickit());
jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
if(scopes.contains("profile")){
jwtClaimsSetBuilder.claim("name", userInfo.getUsername());

2
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
View File

@ -73,7 +73,7 @@ public class AssertionEndpoint {
HashMap <String,String>attributeMap=new HashMap<String,String>();
attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTickit());
attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTicket().getTicketId());
//saml20Details
Response authResponse = authnResponseGenerator.generateAuthnResponse(

10
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java
View File

@ -117,17 +117,17 @@ public class TokenBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{
cookie.setPath("/");
//
//cookie.setDomain("."+applicationConfig.getSubDomainName());
//cookie.setDomain("."+applicationConfig.getBaseDomainName());
//tomcat 8.5
cookie.setDomain(applicationConfig.getDomainName());
cookie.setDomain(applicationConfig.getBaseDomainName());
_logger.debug("Sub Domain Name : "+"."+applicationConfig.getDomainName());
_logger.debug("Sub Domain Name : "+"."+applicationConfig.getBaseDomainName());
response.addCookie(cookie);
if(tokenBasedDetails.getRedirectUri().indexOf(applicationConfig.getDomainName())>-1){
if(tokenBasedDetails.getRedirectUri().indexOf(applicationConfig.getBaseDomainName())>-1){
return WebContext.redirect(tokenBasedDetails.getRedirectUri());
}else{
_logger.error(tokenBasedDetails.getRedirectUri()+" not in domain "+applicationConfig.getDomainName());
_logger.error(tokenBasedDetails.getRedirectUri()+" not in domain "+applicationConfig.getBaseDomainName());
return null;
}
}

2
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
View File

@ -71,7 +71,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
}
beanMap.put("displayName", userInfo.getDisplayName());
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId());
/*
* use UTC date time format

2
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java
View File

@ -68,7 +68,7 @@ public class TokenBasedJWTAdapter extends AbstractAuthorizeAdapter {
.claim("user_id", userInfo.getId())
.claim("external_id", userInfo.getId())
.claim("locale", userInfo.getLocale())
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId())
.claim("kid", jwtSignerService.getDefaultSignerKeyId())
.build();

2
maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java
View File

@ -68,7 +68,7 @@ public class TokenBasedJWTHS256Adapter extends AbstractAuthorizeAdapter {
.claim("email", userInfo.getWorkEmail())
.claim("name", userInfo.getUsername())
.claim("user_id", userInfo.getId())
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTicket().getTicketId())
.claim("external_id", userInfo.getId())
.claim("locale", userInfo.getLocale())
.claim("kid", "SYMMETRIC-KEY")

27
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/OnlineTicketEndpoint.java Normal file
View File

@ -0,0 +1,27 @@
package org.maxkey.web.endpoint;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.authn.online.OnlineTicketServices;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@RequestMapping(value={"/onlineticket"})
public class OnlineTicketEndpoint {
@Autowired
@Qualifier("onlineTicketServices")
protected OnlineTicketServices onlineTicketServices;
@ResponseBody
@RequestMapping(value="/ticketValidate")
public OnlineTicket ticketValidate(
@RequestParam(value ="ticket",required = true) String ticket) {
OnlineTicket onlineTicket = onlineTicketServices.get(ticket);
return onlineTicket;
}
}