admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

v2.0.RC1

Browse Source 
v2.0.RC1
This commit is contained in:
shimingxy 2020-05-26 08:35:33 +08:00
parent 1ad1db9846
commit 73b6625294
10 changed files with 424 additions and 390 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderConfig.java
View File

@ -1,33 +0,0 @@
package org.maxkey.authn.support.httpheader;
public class HttpHeaderConfig {
String headerName;
boolean enable;
/**
*
*/
public HttpHeaderConfig() {
}
public String getHeaderName() {
return headerName;
}
public void setHeaderName(String headerName) {
this.headerName = headerName;
}
public boolean isEnable() {
return enable;
}
public void setEnable(boolean enable) {
this.enable = enable;
}
public HttpHeaderConfig(String headerName, boolean enable) {
super();
this.headerName = headerName;
this.enable = enable;
}
}

29
maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java
View File

@ -15,8 +15,9 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
private static final Logger _logger = LoggerFactory.getLogger(HttpHeaderEntryPoint.class);
String headerName;
boolean enable;
HttpHeaderConfig httpHeaderSupport;
String []skipRequestURI={
"/oauth/v20/token",
@ -27,7 +28,7 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
if(!httpHeaderSupport.isEnable()){
if(!enable){
return true;
}
String requestPath=request.getServletPath();
@ -55,7 +56,7 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
}
_logger.info("getSession.getId : "+ request.getSession().getId());
String httpHeaderUsername = request.getHeader(httpHeaderSupport.getHeaderName());
String httpHeaderUsername = request.getHeader(headerName);
_logger.info("HttpHeader username : " + httpHeaderUsername);
@ -95,13 +96,27 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
super();
}
public HttpHeaderEntryPoint(HttpHeaderConfig httpHeaderSupport) {
public HttpHeaderEntryPoint(String headerName, boolean enable) {
super();
this.httpHeaderSupport = httpHeaderSupport;
this.headerName = headerName;
this.enable = enable;
}
public void setHttpHeaderSupport(HttpHeaderConfig httpHeaderSupport) {
this.httpHeaderSupport = httpHeaderSupport;
public String getHeaderName() {
return headerName;
}
public void setHeaderName(String headerName) {
this.headerName = headerName;
}
public boolean isEnable() {
return enable;
}
public void setEnable(boolean enable) {
this.enable = enable;
}
}

11
maxkey-core/src/main/java/org/maxkey/persistence/ldap/ActiveDirectoryUtils.java
View File

@ -1,6 +1,5 @@
package org.maxkey.persistence.ldap;
import java.util.Properties;
import javax.naming.Context;
@ -25,10 +24,6 @@ public class ActiveDirectoryUtils extends LdapUtils {
public final static String userPrincipalName = "userPrincipalName";
public final static String userAccountControl = "userAccountControl";
protected String domain;
/**
@ -38,7 +33,8 @@ public class ActiveDirectoryUtils extends LdapUtils {
super();
}
public ActiveDirectoryUtils(String providerUrl,String principal,String credentials,String baseDN,String domain) {
public ActiveDirectoryUtils(String providerUrl, String principal, String credentials, String baseDN,
String domain) {
this.providerUrl = providerUrl;
this.principal = principal;
this.credentials = credentials;
@ -100,7 +96,4 @@ public class ActiveDirectoryUtils extends LdapUtils {
this.domain = domain.toUpperCase();
}
}

60
maxkey-core/src/main/java/org/maxkey/persistence/ldap/LdapUtils.java
View File

@ -1,6 +1,5 @@
package org.maxkey.persistence.ldap;
import java.util.Properties;
import javax.naming.Context;
@ -18,28 +17,27 @@ import org.slf4j.LoggerFactory;
*
*/
public class LdapUtils {
private final static Logger _logger = LoggerFactory.getLogger(LdapUtils.class);
private static final Logger _logger = LoggerFactory.getLogger(LdapUtils.class);
public final static String propertyBaseDN = "baseDN";
public final static String propertyDomain = "domain";
public final static String propertyTrustStore = "trustStore";
public final static String propertyTrustStorePassword = "trustStorePassword";
public final static String uid = "uid";
public final static String userPassword = "userPassword";
public final static String cn = "cn";
public final static String displayName = "displayName";
public final static String givenName = "givenName";
public final static String sn = "sn";
public final static String mobile = "mobile";
public final static String mail = "mail";
public final static String employeeNumber = "employeeNumber";
public final static String ou = "ou";
public final static String manager = "manager";
public final static String department = "department";
public final static String departmentNumber = "departmentNumber";
public final static String title = "title";
public static final String propertyBaseDN = "baseDN";
public static final String propertyDomain = "domain";
public static final String propertyTrustStore = "trustStore";
public static final String propertyTrustStorePassword = "trustStorePassword";
public static final String uid = "uid";
public static final String userPassword = "userPassword";
public static final String cn = "cn";
public static final String displayName = "displayName";
public static final String givenName = "givenName";
public static final String sn = "sn";
public static final String mobile = "mobile";
public static final String mail = "mail";
public static final String employeeNumber = "employeeNumber";
public static final String ou = "ou";
public static final String manager = "manager";
public static final String department = "department";
public static final String departmentNumber = "departmentNumber";
public static final String title = "title";
protected DirContext ctx;
protected String baseDN;
@ -59,12 +57,14 @@ public class LdapUtils {
super();
this.searchScope = SearchControls.SUBTREE_SCOPE;
}
public LdapUtils(String providerUrl, String principal, String credentials) {
this.providerUrl = providerUrl;
this.principal = principal;
this.credentials = credentials;
this.searchScope = SearchControls.SUBTREE_SCOPE;
}
public LdapUtils(String providerUrl, String principal, String credentials, String baseDN) {
this.providerUrl = providerUrl;
this.principal = principal;
@ -97,7 +97,6 @@ public class LdapUtils {
return ctx;
}
// connect to ldap server
public DirContext openConnection() {
_logger.info("PROVIDER_URL:" + providerUrl);
@ -124,7 +123,6 @@ public class LdapUtils {
return InitialDirContext(props);
}
public boolean authenticate() {
openConnection();
if (this.ctx != null) {
@ -170,18 +168,21 @@ public class LdapUtils {
public String getBaseDN() {
return baseDN;
}
/**
* @param baseDN the baseDN to set
*/
public void setBaseDN(String baseDN) {
this.baseDN = baseDN;
}
/**
* @return the searchScope
*/
public int getSearchScope() {
return searchScope;
}
/**
* @return the providerUrl
*/
@ -192,50 +193,58 @@ public class LdapUtils {
public String getPrincipal() {
return principal;
}
public void setPrincipal(String principal) {
this.principal = principal;
}
public String getCredentials() {
return credentials;
}
public void setCredentials(String credentials) {
this.credentials = credentials;
}
public void setProviderUrl(String providerUrl) {
this.providerUrl = providerUrl;
}
/**
* @return the trustStore
*/
public String getTrustStore() {
return trustStore;
}
/**
* @param trustStore the trustStore to set
*/
public void setTrustStore(String trustStore) {
this.trustStore = trustStore;
}
/**
* @return the ssl
*/
public boolean isSsl() {
return ssl;
}
/**
* @param ssl the ssl to set
*/
public void setSsl(boolean ssl) {
this.ssl = ssl;
}
/**
* @return the referral
*/
public String getReferral() {
return referral;
}
/**
* @param referral the referral to set
*/
@ -243,13 +252,13 @@ public class LdapUtils {
this.referral = referral;
}
/**
* @return the trustStorePassword
*/
public String getTrustStorePassword() {
return trustStorePassword;
}
/**
* @param trustStorePassword the trustStorePassword to set
*/
@ -257,7 +266,6 @@ public class LdapUtils {
this.trustStorePassword = trustStorePassword;
}
public static String getAttrStringValue(Attributes attrs, String elem) {
String value = "";
try {

1
maxkey-dao/src/main/java/org/maxkey/dao/service/AppsDesktopDetailsService.java
View File

@ -2,7 +2,6 @@ package org.maxkey.dao.service;
import org.apache.mybatis.jpa.persistence.JpaBaseService;
import org.maxkey.dao.persistence.AppsDesktopDetailsMapper;
import org.maxkey.domain.apps.AppsCasDetails;
import org.maxkey.domain.apps.AppsDesktopDetails;
import org.springframework.stereotype.Service;

1
maxkey-dao/src/main/java/org/maxkey/dao/service/AppsFormBasedDetailsService.java
View File

@ -2,7 +2,6 @@ package org.maxkey.dao.service;
import org.apache.mybatis.jpa.persistence.JpaBaseService;
import org.maxkey.dao.persistence.AppsFormBasedDetailsMapper;
import org.maxkey.domain.apps.AppsCasDetails;
import org.maxkey.domain.apps.AppsFormBasedDetails;
import org.springframework.stereotype.Service;

2
maxkey-dao/src/main/java/org/maxkey/dao/service/GroupMemberService.java
View File

@ -1,10 +1,8 @@
package org.maxkey.dao.service;
import org.apache.mybatis.jpa.persistence.JpaBaseService;
import org.apache.mybatis.jpa.persistence.JpaPageResults;
import org.maxkey.dao.persistence.GroupMemberMapper;
import org.maxkey.domain.GroupMember;
import org.maxkey.domain.UserInfo;
import org.springframework.stereotype.Service;
@Service

2
maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java
View File

@ -53,11 +53,9 @@ public class MaxKeyMgtApplication extends SpringBootServletInitializer {
_logger.info("MaxKeyMgt Server Port "+applicationContext.getBean(MaxKeyMgtConfig.class).getPort());
_logger.info("MaxKeyMgt started.");
}
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(MaxKeyMgtApplication.class);
}

55
maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
View File

@ -10,6 +10,11 @@ import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
import org.maxkey.authn.realm.ldap.LdapAuthenticationRealm;
import org.maxkey.authn.realm.ldap.LdapServer;
import org.maxkey.authn.realm.IAuthenticationServer;
import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm;
import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer;
import org.maxkey.authn.support.kerberos.KerberosProxy;
import org.maxkey.authn.support.kerberos.RemoteKerberosService;
import org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService;
@ -21,6 +26,8 @@ import org.maxkey.crypto.password.opt.impl.MailOtpAuthn;
import org.maxkey.crypto.password.opt.impl.SmsOtpAuthn;
import org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn;
import org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin;
import org.maxkey.persistence.ldap.ActiveDirectoryUtils;
import org.maxkey.persistence.ldap.LdapUtils;
import org.mybatis.spring.annotation.MapperScan;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -136,14 +143,60 @@ public class MaxKeyConfig implements InitializingBean {
return keyUriFormat;
}
//可以在此实现其他的登陆认证方式请实现AbstractAuthenticationRealm
@Bean(name = "authenticationRealm")
public JdbcAuthenticationRealm JdbcAuthenticationRealm(
public JdbcAuthenticationRealm authenticationRealm(
JdbcTemplate jdbcTemplate) {
JdbcAuthenticationRealm authenticationRealm = jdbcAuthenticationRealm(jdbcTemplate);
return authenticationRealm;
}
//JdbcAuthenticationRealm
public JdbcAuthenticationRealm jdbcAuthenticationRealm(
JdbcTemplate jdbcTemplate) {
JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(jdbcTemplate);
_logger.debug("JdbcAuthenticationRealm inited.");
return authenticationRealm;
}
//LdapAuthenticationRealm
public LdapAuthenticationRealm ldapAuthenticationRealm(
JdbcTemplate jdbcTemplate) {
LdapAuthenticationRealm authenticationRealm = new LdapAuthenticationRealm(jdbcTemplate);
LdapServer ldapServer=new LdapServer();
String providerUrl = "ldap://localhost:389";
String principal = "cn=root";
String credentials = "maxkey";
String baseDN = "dc=maxkey,dc=top";
LdapUtils ldapUtils = new LdapUtils(providerUrl,principal,credentials,baseDN);
ldapServer.setLdapUtils(ldapUtils);
ldapServer.setFilterAttribute("uid");
List<IAuthenticationServer> ldapServers = new ArrayList<IAuthenticationServer>();
ldapServers.add(ldapServer);
authenticationRealm.setLdapServers(ldapServers);
_logger.debug("LdapAuthenticationRealm inited.");
return authenticationRealm;
}
//ActiveDirectoryAuthenticationRealm
public ActiveDirectoryAuthenticationRealm activeDirectoryAuthenticationRealm(
JdbcTemplate jdbcTemplate) {
ActiveDirectoryAuthenticationRealm authenticationRealm = new ActiveDirectoryAuthenticationRealm(jdbcTemplate);
ActiveDirectoryServer ldapServer=new ActiveDirectoryServer();
String providerUrl = "ldap://localhost:389";
String principal = "cn=root";
String credentials = "maxkey";
String domain = "maxkey";
ActiveDirectoryUtils ldapUtils = new ActiveDirectoryUtils(providerUrl,principal,credentials,domain);
ldapServer.setActiveDirectoryUtils(ldapUtils);
List<IAuthenticationServer> ldapServers = new ArrayList<IAuthenticationServer>();
ldapServers.add(ldapServer);
authenticationRealm.setActiveDirectoryServers(ldapServers);
_logger.debug("LdapAuthenticationRealm inited.");
return authenticationRealm;
}
@Bean(name = "tfaOptAuthn")
public TimeBasedOtpAuthn tfaOptAuthn() {
TimeBasedOtpAuthn tfaOptAuthn = new TimeBasedOtpAuthn();

10
maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
View File

@ -1,7 +1,6 @@
package org.maxkey;
import org.maxkey.authn.support.basic.BasicEntryPoint;
import org.maxkey.authn.support.httpheader.HttpHeaderConfig;
import org.maxkey.authn.support.httpheader.HttpHeaderEntryPoint;
import org.maxkey.web.interceptor.HistoryLoginAppAdapter;
import org.maxkey.web.interceptor.HistoryLogsAdapter;
@ -76,11 +75,17 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
.addPathPatterns("/authz/desktop/*")
.addPathPatterns("/authz/formbased/*")
.addPathPatterns("/authz/tokenbased/*")
//SAML
.addPathPatterns("/authz/saml20/idpinit/*")
.addPathPatterns("/authz/saml20/assertion")
.addPathPatterns("/authz/saml20/assertion/")
//CAS
.addPathPatterns("/authz/cas/*")
.addPathPatterns("/authz/cas/*/*")
.addPathPatterns("/authz/cas/login")
.addPathPatterns("/authz/cas/login/")
.addPathPatterns("/authz/cas/granting/*")
//OAuth
.addPathPatterns("/oauth/v20/authorize")
.addPathPatterns("/oauth/v20/authorize/*")
;
@ -122,8 +127,7 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
_logger.debug("add LocaleChangeInterceptor");
if(httpHeaderEnable) {
HttpHeaderConfig httpHeaderConfig= new HttpHeaderConfig(this.httpHeaderName,httpHeaderEnable);
registry.addInterceptor(new HttpHeaderEntryPoint(httpHeaderConfig))
registry.addInterceptor(new HttpHeaderEntryPoint(httpHeaderName,httpHeaderEnable))
.addPathPatterns("/*");
_logger.debug("add HttpHeaderEntryPoint");
}