admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

SessionManager

Browse Source
This commit is contained in:
MaxKey 2022-04-26 22:30:24 +08:00
parent 10b964ad79
commit 773334ad47
23 changed files with 111 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@ -22,7 +22,7 @@ import java.util.ArrayList;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.constants.ConstsLoginType; import org.maxkey.constants.ConstsLoginType;
@ -67,7 +67,7 @@ public abstract class AbstractAuthenticationProvider {
protected OtpAuthnService otpAuthnService; protected OtpAuthnService otpAuthnService;
protected SessionService sessionService; protected SessionManager sessionManager;
protected AuthJwtService authJwtService; protected AuthJwtService authJwtService;
@ -135,8 +135,8 @@ public abstract class AbstractAuthenticationProvider {
*/ */
session.setAuthentication(authenticationToken); session.setAuthentication(authenticationToken);
//store session //create session
this.sessionService.store(session.getId(), session); this.sessionManager.create(session.getId(), session);
AuthorizationUtils.setSession(session); AuthorizationUtils.setSession(session);

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/MfaAuthenticationProvider.java
View File

@ -21,7 +21,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.LoginCredential; import org.maxkey.authn.LoginCredential;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.constants.ConstsLoginType; import org.maxkey.constants.ConstsLoginType;
import org.maxkey.entity.Institutions; import org.maxkey.entity.Institutions;
@ -57,11 +57,11 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider {
public MfaAuthenticationProvider( public MfaAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
SessionService sessionService, SessionManager sessionManager,
AuthJwtService authJwtService) { AuthJwtService authJwtService) {
this.authenticationRealm = authenticationRealm; this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig; this.applicationConfig = applicationConfig;
this.sessionService = sessionService; this.sessionManager = sessionManager;
this.authJwtService = authJwtService; this.authJwtService = authJwtService;
} }

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/MobileAuthenticationProvider.java
View File

@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
import org.maxkey.authn.AbstractAuthenticationProvider; import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.LoginCredential; import org.maxkey.authn.LoginCredential;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.constants.ConstsLoginType; import org.maxkey.constants.ConstsLoginType;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
@ -60,11 +60,11 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
OtpAuthnService otpAuthnService, OtpAuthnService otpAuthnService,
SessionService sessionService) { SessionManager sessionManager) {
this.authenticationRealm = authenticationRealm; this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig; this.applicationConfig = applicationConfig;
this.otpAuthnService = otpAuthnService; this.otpAuthnService = otpAuthnService;
this.sessionService = sessionService; this.sessionManager = sessionManager;
} }
@Override @Override

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/NormalAuthenticationProvider.java
View File

@ -22,7 +22,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.LoginCredential; import org.maxkey.authn.LoginCredential;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.constants.ConstsLoginType; import org.maxkey.constants.ConstsLoginType;
import org.maxkey.entity.Institutions; import org.maxkey.entity.Institutions;
@ -57,11 +57,11 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
public NormalAuthenticationProvider( public NormalAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
SessionService sessionService, SessionManager sessionService,
AuthJwtService authJwtService) { AuthJwtService authJwtService) {
this.authenticationRealm = authenticationRealm; this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig; this.applicationConfig = applicationConfig;
this.sessionService = sessionService; this.sessionManager = sessionManager;
this.authJwtService = authJwtService; this.authJwtService = authJwtService;
} }

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/TrustedAuthenticationProvider.java
View File

@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
import org.maxkey.authn.AbstractAuthenticationProvider; import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.LoginCredential; import org.maxkey.authn.LoginCredential;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.maxkey.web.WebContext; import org.maxkey.web.WebContext;
@ -49,10 +49,10 @@ public class TrustedAuthenticationProvider extends AbstractAuthenticationProvide
public TrustedAuthenticationProvider( public TrustedAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
SessionService sessionService) { SessionManager sessionManager) {
this.authenticationRealm = authenticationRealm; this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig; this.applicationConfig = applicationConfig;
this.sessionService = sessionService; this.sessionManager = sessionManager;
} }
@Override @Override

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/AbstractSessionService.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/AbstractSessionManager.java
View File

@ -32,8 +32,8 @@ import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.RowMapper; import org.springframework.jdbc.core.RowMapper;
public class AbstractSessionService implements SessionService{ public class AbstractSessionManager implements SessionManager{
private static Logger _logger = LoggerFactory.getLogger(AbstractSessionService.class); private static Logger _logger = LoggerFactory.getLogger(AbstractSessionManager.class);
protected JdbcTemplate jdbcTemplate; protected JdbcTemplate jdbcTemplate;
@ -93,7 +93,7 @@ public class AbstractSessionService implements SessionService{
} }
@Override @Override
public void store(String sessionId, Session session) { public void create(String sessionId, Session session) {
} }

10
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionService.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java
View File

@ -29,8 +29,8 @@ import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine; import com.github.benmanes.caffeine.cache.Caffeine;
public class InMemorySessionService extends AbstractSessionService{ public class InMemorySessionManager extends AbstractSessionManager{
private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionService.class); private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionManager.class);
protected static Cache<String, Session> sessionStore = protected static Cache<String, Session> sessionStore =
Caffeine.newBuilder() Caffeine.newBuilder()
@ -38,13 +38,13 @@ public class InMemorySessionService extends AbstractSessionService{
.maximumSize(200000) .maximumSize(200000)
.build(); .build();
public InMemorySessionService(JdbcTemplate jdbcTemplate) { public InMemorySessionManager(JdbcTemplate jdbcTemplate) {
super(); super();
this.jdbcTemplate = jdbcTemplate; this.jdbcTemplate = jdbcTemplate;
} }
@Override @Override
public void store(String sessionId, Session session) { public void create(String sessionId, Session session) {
sessionStore.put(sessionId, session); sessionStore.put(sessionId, session);
} }
@ -75,7 +75,7 @@ public class InMemorySessionService extends AbstractSessionService{
public void refresh(String sessionId,LocalTime refreshTime) { public void refresh(String sessionId,LocalTime refreshTime) {
Session session = get(sessionId); Session session = get(sessionId);
session.setLastAccessTime(refreshTime); session.setLastAccessTime(refreshTime);
store(sessionId , session); create(sessionId , session);
} }
@Override @Override

12
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionService.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java
View File

@ -27,8 +27,8 @@ import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.core.JdbcTemplate;
public class RedisSessionService extends AbstractSessionService { public class RedisSessionManager extends AbstractSessionManager {
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionService.class); private static final Logger _logger = LoggerFactory.getLogger(RedisSessionManager.class);
protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes. protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
@ -38,7 +38,7 @@ public class RedisSessionService extends AbstractSessionService {
/** /**
* @param connectionFactory * @param connectionFactory
*/ */
public RedisSessionService( public RedisSessionManager(
RedisConnectionFactory connectionFactory, RedisConnectionFactory connectionFactory,
JdbcTemplate jdbcTemplate) { JdbcTemplate jdbcTemplate) {
super(); super();
@ -49,7 +49,7 @@ public class RedisSessionService extends AbstractSessionService {
/** /**
* *
*/ */
public RedisSessionService() { public RedisSessionManager() {
} }
@ -58,7 +58,7 @@ public class RedisSessionService extends AbstractSessionService {
} }
@Override @Override
public void store(String sessionId, Session ticket) { public void create(String sessionId, Session ticket) {
RedisConnection conn=connectionFactory.getConnection(); RedisConnection conn=connectionFactory.getConnection();
conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket); conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket);
conn.close(); conn.close();
@ -91,7 +91,7 @@ public class RedisSessionService extends AbstractSessionService {
public void refresh(String sessionId,LocalTime refreshTime) { public void refresh(String sessionId,LocalTime refreshTime) {
Session session = get(sessionId); Session session = get(sessionId);
session.setLastAccessTime(refreshTime); session.setLastAccessTime(refreshTime);
store(sessionId , session); create(sessionId , session);
} }
@Override @Override

4
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionService.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManager.java
View File

@ -22,9 +22,9 @@ import java.util.List;
import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.HistoryLogin;
public interface SessionService { public interface SessionManager {
public void store(String sessionId, Session session); public void create(String sessionId, Session session);
public Session remove(String sessionId); public Session remove(String sessionId);

12
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionServiceFactory.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/SessionManagerFactory.java
View File

@ -23,23 +23,23 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.jdbc.core.JdbcTemplate;
public class SessionServiceFactory { public class SessionManagerFactory {
private static final Logger _logger = private static final Logger _logger =
LoggerFactory.getLogger(SessionServiceFactory.class); LoggerFactory.getLogger(SessionManagerFactory.class);
public SessionService getService( public SessionManager getManager(
int persistence, int persistence,
JdbcTemplate jdbcTemplate, JdbcTemplate jdbcTemplate,
RedisConnectionFactory redisConnFactory){ RedisConnectionFactory redisConnFactory){
SessionService sessionService = null; SessionManager sessionService = null;
if (persistence == ConstsPersistence.INMEMORY) { if (persistence == ConstsPersistence.INMEMORY) {
sessionService = new InMemorySessionService(jdbcTemplate); sessionService = new InMemorySessionManager(jdbcTemplate);
_logger.debug("InMemorySessionService"); _logger.debug("InMemorySessionService");
} else if (persistence == ConstsPersistence.JDBC) { } else if (persistence == ConstsPersistence.JDBC) {
_logger.debug("JdbcSessionService not support "); _logger.debug("JdbcSessionService not support ");
} else if (persistence == ConstsPersistence.REDIS) { } else if (persistence == ConstsPersistence.REDIS) {
sessionService = new RedisSessionService(redisConnFactory,jdbcTemplate); sessionService = new RedisSessionManager(redisConnFactory,jdbcTemplate);
_logger.debug("RedisSessionService"); _logger.debug("RedisSessionService");
} }

16
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java
View File

@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest;
import org.maxkey.authn.SignPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.maxkey.util.AuthorizationHeaderUtils; import org.maxkey.util.AuthorizationHeaderUtils;
import org.maxkey.web.WebConstants; import org.maxkey.web.WebConstants;
@ -42,13 +42,13 @@ public class AuthorizationUtils {
public static void authenticateWithCookie( public static void authenticateWithCookie(
HttpServletRequest request, HttpServletRequest request,
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService SessionManager sessionManager
) throws ParseException{ ) throws ParseException{
if(getSession() == null) { if(getSession() == null) {
Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie); Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
if(authCookie != null ) { if(authCookie != null ) {
String authorization = authCookie.getValue(); String authorization = authCookie.getValue();
doJwtAuthenticate(authorization,authJwtService,sessionService); doJwtAuthenticate(authorization,authJwtService,sessionManager);
_logger.debug("congress automatic authenticated ."); _logger.debug("congress automatic authenticated .");
} }
} }
@ -57,12 +57,12 @@ public class AuthorizationUtils {
public static void authenticate( public static void authenticate(
HttpServletRequest request, HttpServletRequest request,
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService SessionManager sessionManager
) throws ParseException{ ) throws ParseException{
if(getSession() == null) { if(getSession() == null) {
String authorization = AuthorizationHeaderUtils.resolveBearer(request); String authorization = AuthorizationHeaderUtils.resolveBearer(request);
if(authorization != null ) { if(authorization != null ) {
doJwtAuthenticate(authorization,authJwtService,sessionService); doJwtAuthenticate(authorization,authJwtService,sessionManager);
_logger.debug("Authorization automatic authenticated ."); _logger.debug("Authorization automatic authenticated .");
} }
} }
@ -71,10 +71,10 @@ public class AuthorizationUtils {
public static void doJwtAuthenticate( public static void doJwtAuthenticate(
String authorization, String authorization,
AuthJwtService authJwtService, AuthJwtService authJwtService,
SessionService sessionService) throws ParseException { SessionManager sessionManager) throws ParseException {
if(authJwtService.validateJwtToken(authorization)) { if(authJwtService.validateJwtToken(authorization)) {
String sessionId = authJwtService.resolveJWTID(authorization); String sessionId = authJwtService.resolveJWTID(authorization);
Session session = sessionService.get(sessionId); Session session = sessionManager.get(sessionId);
if(session != null) { if(session != null) {
setSession(session); setSession(session);
setAuthentication(session.getAuthentication()); setAuthentication(session.getAuthentication());
@ -82,6 +82,7 @@ public class AuthorizationUtils {
} }
} }
//set session to http session
public static void setSession(Session session) { public static void setSession(Session session) {
WebContext.setAttribute(WebConstants.SESSION, session); WebContext.setAttribute(WebConstants.SESSION, session);
} }
@ -91,6 +92,7 @@ public class AuthorizationUtils {
return session; return session;
} }
//get session to http session
public static Session getSession(HttpServletRequest request) { public static Session getSession(HttpServletRequest request) {
Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION); Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
return session; return session;

6
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java
View File

@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SignPrincipal; import org.maxkey.authn.SignPrincipal;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.slf4j.Logger; import org.slf4j.Logger;
@ -44,7 +44,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
ApplicationConfig applicationConfig; ApplicationConfig applicationConfig;
@Autowired @Autowired
SessionService sessionService; SessionManager sessionManager;
@Autowired @Autowired
AuthJwtService authJwtService ; AuthJwtService authJwtService ;
@ -59,7 +59,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
@Override @Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.trace("Permission Interceptor ."); _logger.trace("Permission Interceptor .");
AuthorizationUtils.authenticate(request, authJwtService, sessionService); AuthorizationUtils.authenticate(request, authJwtService, sessionManager);
SignPrincipal principal = AuthorizationUtils.getPrincipal(); SignPrincipal principal = AuthorizationUtils.getPrincipal();
//判断用户是否登录,判断用户是否登录用户 //判断用户是否登录,判断用户是否登录用户
if(principal == null){ if(principal == null){

28
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java
View File

@ -28,8 +28,8 @@ import org.maxkey.authn.provider.MobileAuthenticationProvider;
import org.maxkey.authn.provider.NormalAuthenticationProvider; import org.maxkey.authn.provider.NormalAuthenticationProvider;
import org.maxkey.authn.provider.TrustedAuthenticationProvider; import org.maxkey.authn.provider.TrustedAuthenticationProvider;
import org.maxkey.authn.realm.AbstractAuthenticationRealm; import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authn.session.SessionServiceFactory; import org.maxkey.authn.session.SessionManagerFactory;
import org.maxkey.authn.web.SessionListenerAdapter; import org.maxkey.authn.web.SessionListenerAdapter;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.configuration.AuthJwkConfig; import org.maxkey.configuration.AuthJwkConfig;
@ -86,14 +86,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
public AbstractAuthenticationProvider normalAuthenticationProvider( public AbstractAuthenticationProvider normalAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
SessionService sessionService, SessionManager sessionManager,
AuthJwtService authJwtService AuthJwtService authJwtService
) { ) {
_logger.debug("init authentication Provider ."); _logger.debug("init authentication Provider .");
return new NormalAuthenticationProvider( return new NormalAuthenticationProvider(
authenticationRealm, authenticationRealm,
applicationConfig, applicationConfig,
sessionService, sessionManager,
authJwtService authJwtService
); );
} }
@ -103,14 +103,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
OtpAuthnService otpAuthnService, OtpAuthnService otpAuthnService,
SessionService sessionService SessionManager sessionManager
) { ) {
_logger.debug("init Mobile authentication Provider ."); _logger.debug("init Mobile authentication Provider .");
return new MobileAuthenticationProvider( return new MobileAuthenticationProvider(
authenticationRealm, authenticationRealm,
applicationConfig, applicationConfig,
otpAuthnService, otpAuthnService,
sessionService sessionManager
); );
} }
@ -118,13 +118,13 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
public AbstractAuthenticationProvider trustedAuthenticationProvider( public AbstractAuthenticationProvider trustedAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm, AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig, ApplicationConfig applicationConfig,
SessionService sessionService SessionManager sessionManager
) { ) {
_logger.debug("init Mobile authentication Provider ."); _logger.debug("init Mobile authentication Provider .");
return new TrustedAuthenticationProvider( return new TrustedAuthenticationProvider(
authenticationRealm, authenticationRealm,
applicationConfig, applicationConfig,
sessionService sessionManager
); );
} }
@ -181,18 +181,18 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
} }
@Bean(name = "sessionService") @Bean(name = "sessionManager")
public SessionService sessionService( public SessionManager sessionManager(
@Value("${maxkey.server.persistence}") int persistence, @Value("${maxkey.server.persistence}") int persistence,
JdbcTemplate jdbcTemplate, JdbcTemplate jdbcTemplate,
RedisConnectionFactory redisConnFactory, RedisConnectionFactory redisConnFactory,
@Value("${server.servlet.session.timeout:1800}") int timeout @Value("${server.servlet.session.timeout:1800}") int timeout
) { ) {
SessionService sessionService = SessionManager sessionManager =
new SessionServiceFactory().getService(persistence, jdbcTemplate, redisConnFactory); new SessionManagerFactory().getManager(persistence, jdbcTemplate, redisConnFactory);
sessionService.setValiditySeconds(timeout); sessionManager.setValiditySeconds(timeout);
_logger.trace("onlineTicket timeout " + timeout); _logger.trace("onlineTicket timeout " + timeout);
return sessionService; return sessionManager;
} }
@Bean(name = "sessionListenerAdapter") @Bean(name = "sessionListenerAdapter")

10
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java → maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineSessionEndpoint.java
View File

@ -18,7 +18,7 @@
package org.maxkey.authz.endpoint; package org.maxkey.authz.endpoint;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
@ -31,17 +31,17 @@ import io.swagger.v3.oas.annotations.tags.Tag;
@Tag(name = "3-1-在线ticket文档模块") @Tag(name = "3-1-在线ticket文档模块")
@Controller @Controller
@RequestMapping(value={"/onlineticket"}) @RequestMapping(value={"/onlineticket"})
public class OnlineTicketEndpoint { public class OnlineSessionEndpoint {
@Autowired @Autowired
protected SessionService onlineTicketService; protected SessionManager sessionManager;
@Operation(summary = "在线ticket验证接口", description = "",method="GET") @Operation(summary = "在线ticket验证接口", description = "",method="GET")
@ResponseBody @ResponseBody
@RequestMapping(value="/validate") @RequestMapping(value="/validate")
public String ticketValidate( public String ticketValidate(
@RequestParam(value ="ticket",required = true) String ticket) { @RequestParam(value ="ticket",required = true) String ticket) {
Session onlineTicket = onlineTicketService.get(ticket); Session session = sessionManager.get(ticket);
return onlineTicket == null ? "" : onlineTicket.getFormattedId(); return session == null ? "" : session.getFormattedId();
} }
} }

4
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
View File

@ -150,11 +150,11 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) { if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
String sessionId = AuthorizationUtils.getPrincipal().getSession().getFormattedId(); String sessionId = AuthorizationUtils.getPrincipal().getSession().getFormattedId();
Session session = sessionService.get(sessionId); Session session = sessionManager.get(sessionId);
//set cas ticket as OnlineTicketId //set cas ticket as OnlineTicketId
casDetails.setOnlineTicket(ticket); casDetails.setOnlineTicket(ticket);
session.setAuthorizedApp(casDetails); session.setAuthorizedApp(casDetails);
sessionService.store(sessionId, session); sessionManager.create(sessionId, session);
} }
_logger.debug("redirect to CAS Client URL {}" , callbackUrl); _logger.debug("redirect to CAS Client URL {}" , callbackUrl);

4
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java
View File

@ -17,7 +17,7 @@
package org.maxkey.authz.cas.endpoint; package org.maxkey.authz.cas.endpoint;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authz.cas.endpoint.ticket.TicketServices; import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint; import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
import org.maxkey.persistence.service.AppsCasDetailsService; import org.maxkey.persistence.service.AppsCasDetailsService;
@ -49,7 +49,7 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{
protected TicketServices casTicketGrantingTicketServices; protected TicketServices casTicketGrantingTicketServices;
@Autowired @Autowired
protected SessionService sessionService; protected SessionManager sessionManager;
@Autowired @Autowired
@Qualifier("casProxyGrantingTicketServices") @Qualifier("casProxyGrantingTicketServices")

6
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
View File

@ -21,7 +21,7 @@ import java.text.SimpleDateFormat;
import java.util.Date; import java.util.Date;
import org.apache.mybatis.jpa.persistence.JpaPageResults; import org.apache.mybatis.jpa.persistence.JpaPageResults;
import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.authn.annotation.CurrentUser;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.HistoryLogin;
import org.maxkey.entity.Message; import org.maxkey.entity.Message;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
@ -57,7 +57,7 @@ public class LoginSessionController {
HistoryLoginService historyLoginService; HistoryLoginService historyLoginService;
@Autowired @Autowired
SessionService sessionService; SessionManager sessionManager;
/** /**
* 查询登录日志. * 查询登录日志.
@ -90,7 +90,7 @@ public class LoginSessionController {
continue;//skip current session continue;//skip current session
} }
sessionService.terminate( sessionManager.terminate(
sessionId, sessionId,
currentUser.getId(), currentUser.getId(),
currentUser.getUsername()); currentUser.getUsername());

8
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
View File

@ -23,7 +23,7 @@ import java.util.Map.Entry;
import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.authn.annotation.CurrentUser;
import org.maxkey.authn.session.Session; import org.maxkey.authn.session.Session;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authz.singlelogout.SamlSingleLogout; import org.maxkey.authz.singlelogout.SamlSingleLogout;
import org.maxkey.authz.singlelogout.DefaultSingleLogout; import org.maxkey.authz.singlelogout.DefaultSingleLogout;
import org.maxkey.authz.singlelogout.LogoutType; import org.maxkey.authz.singlelogout.LogoutType;
@ -48,14 +48,14 @@ public class LogoutEndpoint {
private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class); private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class);
@Autowired @Autowired
protected SessionService sessionService; protected SessionManager sessionManager;
@Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET") @Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET")
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){ public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
//if logined in have onlineTicket ,need remove or logout back //if logined in have onlineTicket ,need remove or logout back
String sessionId = currentUser.getSessionId(); String sessionId = currentUser.getSessionId();
Session session = sessionService.get(sessionId); Session session = sessionManager.get(sessionId);
if(session != null) { if(session != null) {
Set<Entry<String, Apps>> entrySet = session.getAuthorizedApps().entrySet(); Set<Entry<String, Apps>> entrySet = session.getAuthorizedApps().entrySet();
@ -74,7 +74,7 @@ public class LogoutEndpoint {
} }
} }
sessionService.terminate( sessionManager.terminate(
session.getId(), session.getId(),
currentUser.getId(), currentUser.getId(),
currentUser.getUsername()); currentUser.getUsername());

6
maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SingleSignOnInterceptor.java
View File

@ -20,7 +20,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.jwt.AuthJwtService; import org.maxkey.authn.jwt.AuthJwtService;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.authn.web.AuthorizationUtils; import org.maxkey.authn.web.AuthorizationUtils;
import org.maxkey.configuration.ApplicationConfig; import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.crypto.Base64Utils; import org.maxkey.crypto.Base64Utils;
@ -39,7 +39,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
ApplicationConfig applicationConfig; ApplicationConfig applicationConfig;
@Autowired @Autowired
SessionService sessionService; SessionManager sessionManager;
@Autowired @Autowired
AuthJwtService authJwtService ; AuthJwtService authJwtService ;
@ -51,7 +51,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
_logger.trace("Single Sign On Interceptor"); _logger.trace("Single Sign On Interceptor");
AuthorizationUtils.authenticateWithCookie( AuthorizationUtils.authenticateWithCookie(
request,authJwtService,sessionService); request,authJwtService,sessionManager);
if(AuthorizationUtils.isNotAuthenticated()){ if(AuthorizationUtils.isNotAuthenticated()){
String loginUrl = applicationConfig.getFrontendUri() + "/#/passport/login?redirect_uri=%s"; String loginUrl = applicationConfig.getFrontendUri() + "/#/passport/login?redirect_uri=%s";

18
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java
View File

@ -17,10 +17,10 @@
package org.maxkey; package org.maxkey;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.jobs.AccountsStrategyJob; import org.maxkey.jobs.AccountsStrategyJob;
import org.maxkey.jobs.DynamicGroupsJob; import org.maxkey.jobs.DynamicGroupsJob;
import org.maxkey.jobs.SessionListenerJob; import org.maxkey.jobs.SessionListenerAdapter;
import org.maxkey.persistence.service.AccountsService; import org.maxkey.persistence.service.AccountsService;
import org.maxkey.persistence.service.GroupsService; import org.maxkey.persistence.service.GroupsService;
import org.quartz.CronScheduleBuilder; import org.quartz.CronScheduleBuilder;
@ -44,22 +44,22 @@ import org.springframework.scheduling.quartz.SchedulerFactoryBean;
public class MaxKeyMgtJobs implements InitializingBean { public class MaxKeyMgtJobs implements InitializingBean {
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtJobs.class); private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtJobs.class);
@Bean(name = "schedulerSessionListenerJobs") @Bean(name = "schedulerSessionListenerAdapter")
public String ticketListenerJob( public String sessionListenerAdapter(
SchedulerFactoryBean schedulerFactoryBean, SchedulerFactoryBean schedulerFactoryBean,
SessionService sessionService) throws SchedulerException { SessionManager sessionManager) throws SchedulerException {
JobDataMap jobDataMap = new JobDataMap(); JobDataMap jobDataMap = new JobDataMap();
jobDataMap.put("service", sessionService); jobDataMap.put("service", sessionManager);
addJobScheduler( addJobScheduler(
SessionListenerJob.class, SessionListenerAdapter.class,
schedulerFactoryBean, schedulerFactoryBean,
jobDataMap, jobDataMap,
"0 0/10 * * * ?",//10 minutes "0 0/10 * * * ?",//10 minutes
"SessionListener" "SessionListenerAdapter"
); );
return "schedulerSessionListenerJobs"; return "schedulerSessionListenerAdapter";
} }
@Bean(name = "schedulerDynamicGroupsJobs") @Bean(name = "schedulerDynamicGroupsJobs")

26
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/SessionListenerJob.java → maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/SessionListenerAdapter.java
View File

@ -17,7 +17,7 @@ package org.maxkey.jobs;
import java.io.Serializable; import java.io.Serializable;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.HistoryLogin;
import org.quartz.Job; import org.quartz.Job;
import org.quartz.JobExecutionContext; import org.quartz.JobExecutionContext;
@ -25,32 +25,32 @@ import org.quartz.JobExecutionException;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
public class SessionListenerJob extends AbstractScheduleJob implements Job , Serializable { public class SessionListenerAdapter extends AbstractScheduleJob implements Job , Serializable {
final static Logger _logger = LoggerFactory.getLogger(SessionListenerJob.class); final static Logger _logger = LoggerFactory.getLogger(SessionListenerAdapter.class);
private static final long serialVersionUID = 4782358765969474833L; private static final long serialVersionUID = 4782358765969474833L;
SessionService sessionService; SessionManager sessionManager;
@Override @Override
public void execute(JobExecutionContext context) throws JobExecutionException { public void execute(JobExecutionContext context) throws JobExecutionException {
if(jobStatus == JOBSTATUS.RUNNING) {return;} if(jobStatus == JOBSTATUS.RUNNING) {return;}
init(context); init(context);
_logger.debug("TicketListener Job is running ... " ); _logger.debug("SessionListener Job is running ... " );
jobStatus = JOBSTATUS.RUNNING; jobStatus = JOBSTATUS.RUNNING;
try { try {
if(sessionService != null) { if(sessionManager != null) {
for (HistoryLogin onlineSession : sessionService.querySessions()) { for (HistoryLogin onlineSession : sessionManager.querySessions()) {
if(sessionService.get(onlineSession.getSessionId()) == null) { if(sessionManager.get(onlineSession.getSessionId()) == null) {
sessionService.terminate( sessionManager.terminate(
onlineSession.getSessionId(), onlineSession.getSessionId(),
onlineSession.getUserId(), onlineSession.getUserId(),
onlineSession.getUsername()); onlineSession.getUsername());
} }
} }
} }
_logger.debug("TicketListener Job finished " ); _logger.debug("SessionListener Job finished " );
jobStatus = JOBSTATUS.FINISHED; jobStatus = JOBSTATUS.FINISHED;
}catch(Exception e) { }catch(Exception e) {
jobStatus = JOBSTATUS.ERROR; jobStatus = JOBSTATUS.ERROR;
@ -61,9 +61,9 @@ public class SessionListenerJob extends AbstractScheduleJob implements Job , S
@Override @Override
void init(JobExecutionContext context){ void init(JobExecutionContext context){
if(sessionService == null) { if(sessionManager == null) {
sessionService = sessionManager =
(SessionService) context.getMergedJobDataMap().get("service"); (SessionManager) context.getMergedJobDataMap().get("service");
} }
} }
} }

6
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java
View File

@ -21,7 +21,7 @@ import java.text.SimpleDateFormat;
import java.util.Date; import java.util.Date;
import org.apache.mybatis.jpa.persistence.JpaPageResults; import org.apache.mybatis.jpa.persistence.JpaPageResults;
import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.authn.annotation.CurrentUser;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.HistoryLogin; import org.maxkey.entity.HistoryLogin;
import org.maxkey.entity.Message; import org.maxkey.entity.Message;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
@ -57,7 +57,7 @@ public class LoginSessionController {
HistoryLoginService historyLoginService; HistoryLoginService historyLoginService;
@Autowired @Autowired
SessionService sessionService; SessionManager sessionManager;
/** /**
* 查询登录日志. * 查询登录日志.
@ -90,7 +90,7 @@ public class LoginSessionController {
if(currentUser.getSessionId().contains(sessionId)) { if(currentUser.getSessionId().contains(sessionId)) {
continue;//skip current session continue;//skip current session
} }
sessionService.terminate(sessionId,currentUser.getId(),currentUser.getUsername()); sessionManager.terminate(sessionId,currentUser.getId(),currentUser.getUsername());
} }
isTerminated = true; isTerminated = true;
}catch(Exception e) { }catch(Exception e) {

6
maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java
View File

@ -18,7 +18,7 @@
package org.maxkey.web.contorller; package org.maxkey.web.contorller;
import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.authn.annotation.CurrentUser;
import org.maxkey.authn.session.SessionService; import org.maxkey.authn.session.SessionManager;
import org.maxkey.entity.Message; import org.maxkey.entity.Message;
import org.maxkey.entity.UserInfo; import org.maxkey.entity.UserInfo;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -31,11 +31,11 @@ import org.springframework.web.bind.annotation.RequestMapping;
public class LogoutEndpoint { public class LogoutEndpoint {
@Autowired @Autowired
protected SessionService sessionService; protected SessionManager sessionManager;
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE}) @RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){ public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
sessionService.terminate( sessionManager.terminate(
currentUser.getSessionId(), currentUser.getSessionId(),
currentUser.getId(), currentUser.getId(),
currentUser.getUsername()); currentUser.getUsername());