mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-07 01:18:27 +08:00
SessionManager
This commit is contained in:
MaxKey
parent
10b964ad79
commit
773334ad47
@ -22,7 +22,7 @@ import java.util.ArrayList;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
@ -67,7 +67,7 @@ public abstract class AbstractAuthenticationProvider {
|
||||
|
||||
protected OtpAuthnService otpAuthnService;
|
||||
|
||||
protected SessionService sessionService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
protected AuthJwtService authJwtService;
|
||||
|
||||
@ -135,8 +135,8 @@ public abstract class AbstractAuthenticationProvider {
|
||||
*/
|
||||
session.setAuthentication(authenticationToken);
|
||||
|
||||
//store session
|
||||
this.sessionService.store(session.getId(), session);
|
||||
//create session
|
||||
this.sessionManager.create(session.getId(), session);
|
||||
|
||||
AuthorizationUtils.setSession(session);
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.Institutions;
|
||||
@ -57,11 +57,11 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider {
|
||||
public MfaAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionManager,
|
||||
AuthJwtService authJwtService) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
this.authJwtService = authJwtService;
|
||||
}
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
@ -60,11 +60,11 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
OtpAuthnService otpAuthnService,
|
||||
SessionService sessionService) {
|
||||
SessionManager sessionManager) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.otpAuthnService = otpAuthnService;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -22,7 +22,7 @@ import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.Institutions;
|
||||
@ -57,11 +57,11 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
public NormalAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionService,
|
||||
AuthJwtService authJwtService) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
this.authJwtService = authJwtService;
|
||||
}
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ package org.maxkey.authn.provider;
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.web.WebContext;
|
||||
@ -49,10 +49,10 @@ public class TrustedAuthenticationProvider extends AbstractAuthenticationProvide
|
||||
public TrustedAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService) {
|
||||
SessionManager sessionManager) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.sessionService = sessionService;
|
||||
this.sessionManager = sessionManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -32,8 +32,8 @@ import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.jdbc.core.RowMapper;
|
||||
|
||||
public class AbstractSessionService implements SessionService{
|
||||
private static Logger _logger = LoggerFactory.getLogger(AbstractSessionService.class);
|
||||
public class AbstractSessionManager implements SessionManager{
|
||||
private static Logger _logger = LoggerFactory.getLogger(AbstractSessionManager.class);
|
||||
|
||||
protected JdbcTemplate jdbcTemplate;
|
||||
|
||||
@ -93,7 +93,7 @@ public class AbstractSessionService implements SessionService{
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session session) {
|
||||
public void create(String sessionId, Session session) {
|
||||
|
||||
}
|
||||
|
||||
@ -29,8 +29,8 @@ import com.github.benmanes.caffeine.cache.Cache;
|
||||
import com.github.benmanes.caffeine.cache.Caffeine;
|
||||
|
||||
|
||||
public class InMemorySessionService extends AbstractSessionService{
|
||||
private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionService.class);
|
||||
public class InMemorySessionManager extends AbstractSessionManager{
|
||||
private static final Logger _logger = LoggerFactory.getLogger(InMemorySessionManager.class);
|
||||
|
||||
protected static Cache<String, Session> sessionStore =
|
||||
Caffeine.newBuilder()
|
||||
@ -38,13 +38,13 @@ public class InMemorySessionService extends AbstractSessionService{
|
||||
.maximumSize(200000)
|
||||
.build();
|
||||
|
||||
public InMemorySessionService(JdbcTemplate jdbcTemplate) {
|
||||
public InMemorySessionManager(JdbcTemplate jdbcTemplate) {
|
||||
super();
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session session) {
|
||||
public void create(String sessionId, Session session) {
|
||||
sessionStore.put(sessionId, session);
|
||||
}
|
||||
|
||||
@ -75,7 +75,7 @@ public class InMemorySessionService extends AbstractSessionService{
|
||||
public void refresh(String sessionId,LocalTime refreshTime) {
|
||||
Session session = get(sessionId);
|
||||
session.setLastAccessTime(refreshTime);
|
||||
store(sessionId , session);
|
||||
create(sessionId , session);
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -27,8 +27,8 @@ import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
|
||||
|
||||
public class RedisSessionService extends AbstractSessionService {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionService.class);
|
||||
public class RedisSessionManager extends AbstractSessionManager {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(RedisSessionManager.class);
|
||||
|
||||
protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
|
||||
|
||||
@ -38,7 +38,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
/**
|
||||
* @param connectionFactory
|
||||
*/
|
||||
public RedisSessionService(
|
||||
public RedisSessionManager(
|
||||
RedisConnectionFactory connectionFactory,
|
||||
JdbcTemplate jdbcTemplate) {
|
||||
super();
|
||||
@ -49,7 +49,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
/**
|
||||
*
|
||||
*/
|
||||
public RedisSessionService() {
|
||||
public RedisSessionManager() {
|
||||
|
||||
}
|
||||
|
||||
@ -58,7 +58,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void store(String sessionId, Session ticket) {
|
||||
public void create(String sessionId, Session ticket) {
|
||||
RedisConnection conn=connectionFactory.getConnection();
|
||||
conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket);
|
||||
conn.close();
|
||||
@ -91,7 +91,7 @@ public class RedisSessionService extends AbstractSessionService {
|
||||
public void refresh(String sessionId,LocalTime refreshTime) {
|
||||
Session session = get(sessionId);
|
||||
session.setLastAccessTime(refreshTime);
|
||||
store(sessionId , session);
|
||||
create(sessionId , session);
|
||||
}
|
||||
|
||||
@Override
|
||||
@ -22,9 +22,9 @@ import java.util.List;
|
||||
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
|
||||
public interface SessionService {
|
||||
public interface SessionManager {
|
||||
|
||||
public void store(String sessionId, Session session);
|
||||
public void create(String sessionId, Session session);
|
||||
|
||||
public Session remove(String sessionId);
|
||||
|
||||
@ -23,23 +23,23 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
|
||||
public class SessionServiceFactory {
|
||||
public class SessionManagerFactory {
|
||||
private static final Logger _logger =
|
||||
LoggerFactory.getLogger(SessionServiceFactory.class);
|
||||
LoggerFactory.getLogger(SessionManagerFactory.class);
|
||||
|
||||
public SessionService getService(
|
||||
public SessionManager getManager(
|
||||
int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory){
|
||||
|
||||
SessionService sessionService = null;
|
||||
SessionManager sessionService = null;
|
||||
if (persistence == ConstsPersistence.INMEMORY) {
|
||||
sessionService = new InMemorySessionService(jdbcTemplate);
|
||||
sessionService = new InMemorySessionManager(jdbcTemplate);
|
||||
_logger.debug("InMemorySessionService");
|
||||
} else if (persistence == ConstsPersistence.JDBC) {
|
||||
_logger.debug("JdbcSessionService not support ");
|
||||
} else if (persistence == ConstsPersistence.REDIS) {
|
||||
sessionService = new RedisSessionService(redisConnFactory,jdbcTemplate);
|
||||
sessionService = new RedisSessionManager(redisConnFactory,jdbcTemplate);
|
||||
_logger.debug("RedisSessionService");
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import org.maxkey.authn.SignPrincipal;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.util.AuthorizationHeaderUtils;
|
||||
import org.maxkey.web.WebConstants;
|
||||
@ -42,13 +42,13 @@ public class AuthorizationUtils {
|
||||
public static void authenticateWithCookie(
|
||||
HttpServletRequest request,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) throws ParseException{
|
||||
if(getSession() == null) {
|
||||
Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
|
||||
if(authCookie != null ) {
|
||||
String authorization = authCookie.getValue();
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionService);
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionManager);
|
||||
_logger.debug("congress automatic authenticated .");
|
||||
}
|
||||
}
|
||||
@ -57,12 +57,12 @@ public class AuthorizationUtils {
|
||||
public static void authenticate(
|
||||
HttpServletRequest request,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) throws ParseException{
|
||||
if(getSession() == null) {
|
||||
String authorization = AuthorizationHeaderUtils.resolveBearer(request);
|
||||
if(authorization != null ) {
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionService);
|
||||
doJwtAuthenticate(authorization,authJwtService,sessionManager);
|
||||
_logger.debug("Authorization automatic authenticated .");
|
||||
}
|
||||
}
|
||||
@ -71,10 +71,10 @@ public class AuthorizationUtils {
|
||||
public static void doJwtAuthenticate(
|
||||
String authorization,
|
||||
AuthJwtService authJwtService,
|
||||
SessionService sessionService) throws ParseException {
|
||||
SessionManager sessionManager) throws ParseException {
|
||||
if(authJwtService.validateJwtToken(authorization)) {
|
||||
String sessionId = authJwtService.resolveJWTID(authorization);
|
||||
Session session = sessionService.get(sessionId);
|
||||
Session session = sessionManager.get(sessionId);
|
||||
if(session != null) {
|
||||
setSession(session);
|
||||
setAuthentication(session.getAuthentication());
|
||||
@ -82,6 +82,7 @@ public class AuthorizationUtils {
|
||||
}
|
||||
}
|
||||
|
||||
//set session to http session
|
||||
public static void setSession(Session session) {
|
||||
WebContext.setAttribute(WebConstants.SESSION, session);
|
||||
}
|
||||
@ -91,6 +92,7 @@ public class AuthorizationUtils {
|
||||
return session;
|
||||
}
|
||||
|
||||
//get session to http session
|
||||
public static Session getSession(HttpServletRequest request) {
|
||||
Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
|
||||
return session;
|
||||
|
||||
@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.SignPrincipal;
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.slf4j.Logger;
|
||||
@ -44,7 +44,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
|
||||
ApplicationConfig applicationConfig;
|
||||
|
||||
@Autowired
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
@Autowired
|
||||
AuthJwtService authJwtService ;
|
||||
@ -59,7 +59,7 @@ public class PermissionInterceptor implements AsyncHandlerInterceptor {
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
|
||||
_logger.trace("Permission Interceptor .");
|
||||
AuthorizationUtils.authenticate(request, authJwtService, sessionService);
|
||||
AuthorizationUtils.authenticate(request, authJwtService, sessionManager);
|
||||
SignPrincipal principal = AuthorizationUtils.getPrincipal();
|
||||
//判断用户是否登录,判断用户是否登录用户
|
||||
if(principal == null){
|
||||
|
||||
@ -28,8 +28,8 @@ import org.maxkey.authn.provider.MobileAuthenticationProvider;
|
||||
import org.maxkey.authn.provider.NormalAuthenticationProvider;
|
||||
import org.maxkey.authn.provider.TrustedAuthenticationProvider;
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionServiceFactory;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.session.SessionManagerFactory;
|
||||
import org.maxkey.authn.web.SessionListenerAdapter;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.configuration.AuthJwkConfig;
|
||||
@ -86,14 +86,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
public AbstractAuthenticationProvider normalAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService,
|
||||
SessionManager sessionManager,
|
||||
AuthJwtService authJwtService
|
||||
) {
|
||||
_logger.debug("init authentication Provider .");
|
||||
return new NormalAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
sessionService,
|
||||
sessionManager,
|
||||
authJwtService
|
||||
);
|
||||
}
|
||||
@ -103,14 +103,14 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
OtpAuthnService otpAuthnService,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) {
|
||||
_logger.debug("init Mobile authentication Provider .");
|
||||
return new MobileAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
otpAuthnService,
|
||||
sessionService
|
||||
sessionManager
|
||||
);
|
||||
}
|
||||
|
||||
@ -118,13 +118,13 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
public AbstractAuthenticationProvider trustedAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
SessionService sessionService
|
||||
SessionManager sessionManager
|
||||
) {
|
||||
_logger.debug("init Mobile authentication Provider .");
|
||||
return new TrustedAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
sessionService
|
||||
sessionManager
|
||||
);
|
||||
}
|
||||
|
||||
@ -181,18 +181,18 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
}
|
||||
|
||||
|
||||
@Bean(name = "sessionService")
|
||||
public SessionService sessionService(
|
||||
@Bean(name = "sessionManager")
|
||||
public SessionManager sessionManager(
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory redisConnFactory,
|
||||
@Value("${server.servlet.session.timeout:1800}") int timeout
|
||||
) {
|
||||
SessionService sessionService =
|
||||
new SessionServiceFactory().getService(persistence, jdbcTemplate, redisConnFactory);
|
||||
sessionService.setValiditySeconds(timeout);
|
||||
SessionManager sessionManager =
|
||||
new SessionManagerFactory().getManager(persistence, jdbcTemplate, redisConnFactory);
|
||||
sessionManager.setValiditySeconds(timeout);
|
||||
_logger.trace("onlineTicket timeout " + timeout);
|
||||
return sessionService;
|
||||
return sessionManager;
|
||||
}
|
||||
|
||||
@Bean(name = "sessionListenerAdapter")
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
package org.maxkey.authz.endpoint;
|
||||
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@ -31,17 +31,17 @@ import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
@Tag(name = "3-1-在线ticket文档模块")
|
||||
@Controller
|
||||
@RequestMapping(value={"/onlineticket"})
|
||||
public class OnlineTicketEndpoint {
|
||||
public class OnlineSessionEndpoint {
|
||||
|
||||
@Autowired
|
||||
protected SessionService onlineTicketService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
@Operation(summary = "在线ticket验证接口", description = "",method="GET")
|
||||
@ResponseBody
|
||||
@RequestMapping(value="/validate")
|
||||
public String ticketValidate(
|
||||
@RequestParam(value ="ticket",required = true) String ticket) {
|
||||
Session onlineTicket = onlineTicketService.get(ticket);
|
||||
return onlineTicket == null ? "" : onlineTicket.getFormattedId();
|
||||
Session session = sessionManager.get(ticket);
|
||||
return session == null ? "" : session.getFormattedId();
|
||||
}
|
||||
}
|
||||
@ -150,11 +150,11 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
|
||||
if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
|
||||
String sessionId = AuthorizationUtils.getPrincipal().getSession().getFormattedId();
|
||||
Session session = sessionService.get(sessionId);
|
||||
Session session = sessionManager.get(sessionId);
|
||||
//set cas ticket as OnlineTicketId
|
||||
casDetails.setOnlineTicket(ticket);
|
||||
session.setAuthorizedApp(casDetails);
|
||||
sessionService.store(sessionId, session);
|
||||
sessionManager.create(sessionId, session);
|
||||
}
|
||||
|
||||
_logger.debug("redirect to CAS Client URL {}" , callbackUrl);
|
||||
|
||||
@ -17,7 +17,7 @@
|
||||
|
||||
package org.maxkey.authz.cas.endpoint;
|
||||
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
|
||||
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
|
||||
import org.maxkey.persistence.service.AppsCasDetailsService;
|
||||
@ -49,7 +49,7 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
protected TicketServices casTicketGrantingTicketServices;
|
||||
|
||||
@Autowired
|
||||
protected SessionService sessionService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("casProxyGrantingTicketServices")
|
||||
|
||||
@ -21,7 +21,7 @@ import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
import org.apache.mybatis.jpa.persistence.JpaPageResults;
|
||||
import org.maxkey.authn.annotation.CurrentUser;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
@ -57,7 +57,7 @@ public class LoginSessionController {
|
||||
HistoryLoginService historyLoginService;
|
||||
|
||||
@Autowired
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
/**
|
||||
* 查询登录日志.
|
||||
@ -90,7 +90,7 @@ public class LoginSessionController {
|
||||
continue;//skip current session
|
||||
}
|
||||
|
||||
sessionService.terminate(
|
||||
sessionManager.terminate(
|
||||
sessionId,
|
||||
currentUser.getId(),
|
||||
currentUser.getUsername());
|
||||
|
||||
@ -23,7 +23,7 @@ import java.util.Map.Entry;
|
||||
|
||||
import org.maxkey.authn.annotation.CurrentUser;
|
||||
import org.maxkey.authn.session.Session;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authz.singlelogout.SamlSingleLogout;
|
||||
import org.maxkey.authz.singlelogout.DefaultSingleLogout;
|
||||
import org.maxkey.authz.singlelogout.LogoutType;
|
||||
@ -48,14 +48,14 @@ public class LogoutEndpoint {
|
||||
private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class);
|
||||
|
||||
@Autowired
|
||||
protected SessionService sessionService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
@Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET")
|
||||
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
|
||||
//if logined in have onlineTicket ,need remove or logout back
|
||||
String sessionId = currentUser.getSessionId();
|
||||
Session session = sessionService.get(sessionId);
|
||||
Session session = sessionManager.get(sessionId);
|
||||
if(session != null) {
|
||||
Set<Entry<String, Apps>> entrySet = session.getAuthorizedApps().entrySet();
|
||||
|
||||
@ -74,7 +74,7 @@ public class LogoutEndpoint {
|
||||
}
|
||||
}
|
||||
|
||||
sessionService.terminate(
|
||||
sessionManager.terminate(
|
||||
session.getId(),
|
||||
currentUser.getId(),
|
||||
currentUser.getUsername());
|
||||
|
||||
@ -20,7 +20,7 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.jwt.AuthJwtService;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.crypto.Base64Utils;
|
||||
@ -39,7 +39,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
|
||||
ApplicationConfig applicationConfig;
|
||||
|
||||
@Autowired
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
@Autowired
|
||||
AuthJwtService authJwtService ;
|
||||
@ -51,7 +51,7 @@ public class SingleSignOnInterceptor implements AsyncHandlerInterceptor {
|
||||
_logger.trace("Single Sign On Interceptor");
|
||||
|
||||
AuthorizationUtils.authenticateWithCookie(
|
||||
request,authJwtService,sessionService);
|
||||
request,authJwtService,sessionManager);
|
||||
|
||||
if(AuthorizationUtils.isNotAuthenticated()){
|
||||
String loginUrl = applicationConfig.getFrontendUri() + "/#/passport/login?redirect_uri=%s";
|
||||
|
||||
@ -17,10 +17,10 @@
|
||||
|
||||
package org.maxkey;
|
||||
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.jobs.AccountsStrategyJob;
|
||||
import org.maxkey.jobs.DynamicGroupsJob;
|
||||
import org.maxkey.jobs.SessionListenerJob;
|
||||
import org.maxkey.jobs.SessionListenerAdapter;
|
||||
import org.maxkey.persistence.service.AccountsService;
|
||||
import org.maxkey.persistence.service.GroupsService;
|
||||
import org.quartz.CronScheduleBuilder;
|
||||
@ -44,22 +44,22 @@ import org.springframework.scheduling.quartz.SchedulerFactoryBean;
|
||||
public class MaxKeyMgtJobs implements InitializingBean {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtJobs.class);
|
||||
|
||||
@Bean(name = "schedulerSessionListenerJobs")
|
||||
public String ticketListenerJob(
|
||||
@Bean(name = "schedulerSessionListenerAdapter")
|
||||
public String sessionListenerAdapter(
|
||||
SchedulerFactoryBean schedulerFactoryBean,
|
||||
SessionService sessionService) throws SchedulerException {
|
||||
SessionManager sessionManager) throws SchedulerException {
|
||||
|
||||
JobDataMap jobDataMap = new JobDataMap();
|
||||
jobDataMap.put("service", sessionService);
|
||||
jobDataMap.put("service", sessionManager);
|
||||
addJobScheduler(
|
||||
SessionListenerJob.class,
|
||||
SessionListenerAdapter.class,
|
||||
schedulerFactoryBean,
|
||||
jobDataMap,
|
||||
"0 0/10 * * * ?",//10 minutes
|
||||
"SessionListener"
|
||||
"SessionListenerAdapter"
|
||||
);
|
||||
|
||||
return "schedulerSessionListenerJobs";
|
||||
return "schedulerSessionListenerAdapter";
|
||||
}
|
||||
|
||||
@Bean(name = "schedulerDynamicGroupsJobs")
|
||||
|
||||
@ -17,7 +17,7 @@ package org.maxkey.jobs;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
import org.quartz.Job;
|
||||
import org.quartz.JobExecutionContext;
|
||||
@ -25,32 +25,32 @@ import org.quartz.JobExecutionException;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
public class SessionListenerJob extends AbstractScheduleJob implements Job , Serializable {
|
||||
final static Logger _logger = LoggerFactory.getLogger(SessionListenerJob.class);
|
||||
public class SessionListenerAdapter extends AbstractScheduleJob implements Job , Serializable {
|
||||
final static Logger _logger = LoggerFactory.getLogger(SessionListenerAdapter.class);
|
||||
|
||||
private static final long serialVersionUID = 4782358765969474833L;
|
||||
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
@Override
|
||||
public void execute(JobExecutionContext context) throws JobExecutionException {
|
||||
if(jobStatus == JOBSTATUS.RUNNING) {return;}
|
||||
init(context);
|
||||
|
||||
_logger.debug("TicketListener Job is running ... " );
|
||||
_logger.debug("SessionListener Job is running ... " );
|
||||
jobStatus = JOBSTATUS.RUNNING;
|
||||
try {
|
||||
if(sessionService != null) {
|
||||
for (HistoryLogin onlineSession : sessionService.querySessions()) {
|
||||
if(sessionService.get(onlineSession.getSessionId()) == null) {
|
||||
sessionService.terminate(
|
||||
if(sessionManager != null) {
|
||||
for (HistoryLogin onlineSession : sessionManager.querySessions()) {
|
||||
if(sessionManager.get(onlineSession.getSessionId()) == null) {
|
||||
sessionManager.terminate(
|
||||
onlineSession.getSessionId(),
|
||||
onlineSession.getUserId(),
|
||||
onlineSession.getUsername());
|
||||
}
|
||||
}
|
||||
}
|
||||
_logger.debug("TicketListener Job finished " );
|
||||
_logger.debug("SessionListener Job finished " );
|
||||
jobStatus = JOBSTATUS.FINISHED;
|
||||
}catch(Exception e) {
|
||||
jobStatus = JOBSTATUS.ERROR;
|
||||
@ -61,9 +61,9 @@ public class SessionListenerJob extends AbstractScheduleJob implements Job , S
|
||||
|
||||
@Override
|
||||
void init(JobExecutionContext context){
|
||||
if(sessionService == null) {
|
||||
sessionService =
|
||||
(SessionService) context.getMergedJobDataMap().get("service");
|
||||
if(sessionManager == null) {
|
||||
sessionManager =
|
||||
(SessionManager) context.getMergedJobDataMap().get("service");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -21,7 +21,7 @@ import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
import org.apache.mybatis.jpa.persistence.JpaPageResults;
|
||||
import org.maxkey.authn.annotation.CurrentUser;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
@ -57,7 +57,7 @@ public class LoginSessionController {
|
||||
HistoryLoginService historyLoginService;
|
||||
|
||||
@Autowired
|
||||
SessionService sessionService;
|
||||
SessionManager sessionManager;
|
||||
|
||||
/**
|
||||
* 查询登录日志.
|
||||
@ -90,7 +90,7 @@ public class LoginSessionController {
|
||||
if(currentUser.getSessionId().contains(sessionId)) {
|
||||
continue;//skip current session
|
||||
}
|
||||
sessionService.terminate(sessionId,currentUser.getId(),currentUser.getUsername());
|
||||
sessionManager.terminate(sessionId,currentUser.getId(),currentUser.getUsername());
|
||||
}
|
||||
isTerminated = true;
|
||||
}catch(Exception e) {
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
package org.maxkey.web.contorller;
|
||||
|
||||
import org.maxkey.authn.annotation.CurrentUser;
|
||||
import org.maxkey.authn.session.SessionService;
|
||||
import org.maxkey.authn.session.SessionManager;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@ -31,11 +31,11 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
public class LogoutEndpoint {
|
||||
|
||||
@Autowired
|
||||
protected SessionService sessionService;
|
||||
protected SessionManager sessionManager;
|
||||
|
||||
@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
|
||||
sessionService.terminate(
|
||||
sessionManager.terminate(
|
||||
currentUser.getSessionId(),
|
||||
currentUser.getId(),
|
||||
currentUser.getUsername());
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user