split maxkey-authentication-provider

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java

@@ -1,18 +0,0 @@
-/*
- * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authn.annotation;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java

@@ -1,18 +0,0 @@
-/*
- * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authn.jwt;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/provider/package-info.java

@@ -1,18 +0,0 @@
-/*
- * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authn.provider;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SavedRequestAwareAuthenticationSuccessHandler.java

@@ -15,7 +15,7 @@
  */
  
 
-package org.maxkey.authn;
+package org.maxkey.authn.web;
 
 import java.io.IOException;
 import javax.servlet.ServletException;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java

@@ -1,18 +0,0 @@
-/*
- * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authn.web.interceptor;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/SessionAutoConfiguration.java

@@ -0,0 +1,69 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.autoconfigure;
+
+import org.maxkey.authn.session.SessionManager;
+import org.maxkey.authn.session.SessionManagerFactory;
+import org.maxkey.authn.web.HttpSessionListenerAdapter;
+import org.maxkey.authn.web.SavedRequestAwareAuthenticationSuccessHandler;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+
+@Configuration
+public class SessionAutoConfiguration  implements InitializingBean {
+    private static final  Logger _logger = 
+            LoggerFactory.getLogger(SessionAutoConfiguration.class);
+    
+    
+    @Bean(name = "savedRequestSuccessHandler")
+    public SavedRequestAwareAuthenticationSuccessHandler 
+            savedRequestAwareAuthenticationSuccessHandler() {
+        return new SavedRequestAwareAuthenticationSuccessHandler();
+    }
+    
+    @Bean
+    public SessionManager sessionManager(
+            @Value("${maxkey.server.persistence}") int persistence,
+            JdbcTemplate jdbcTemplate,
+            RedisConnectionFactory redisConnFactory,
+            @Value("${maxkey.session.timeout:1800}") int timeout
+            ) {
+    	_logger.debug("session timeout " + timeout);
+        SessionManager  sessionManager  = 
+                new SessionManagerFactory(
+                		persistence, jdbcTemplate, redisConnFactory,timeout);
+        return sessionManager;
+    }
+
+    @Bean
+    public HttpSessionListenerAdapter httpSessionListenerAdapter() {
+        return new HttpSessionListenerAdapter();
+    }
+    
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        
+    }
+}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/TokenAutoConfiguration.java

@@ -0,0 +1,77 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.autoconfigure;
+
+import org.maxkey.authn.jwt.AuthRefreshTokenService;
+import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.jwt.CongressService;
+import org.maxkey.authn.jwt.InMemoryCongressService;
+import org.maxkey.authn.jwt.RedisCongressService;
+import org.maxkey.configuration.AuthJwkConfig;
+import org.maxkey.constants.ConstsPersistence;
+import org.maxkey.persistence.cache.MomentaryService;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import com.nimbusds.jose.JOSEException;
+
+
+@Configuration
+public class TokenAutoConfiguration  implements InitializingBean {
+    private static final  Logger _logger = 
+            LoggerFactory.getLogger(TokenAutoConfiguration.class);
+    
+    @Bean
+    public AuthTokenService authTokenService(
+    		AuthJwkConfig authJwkConfig,
+    		RedisConnectionFactory redisConnFactory,
+    		MomentaryService  momentaryService,
+    		AuthRefreshTokenService refreshTokenService,
+    		@Value("${maxkey.server.persistence}") int persistence) throws JOSEException {
+    	CongressService congressService;
+    	if (persistence == ConstsPersistence.REDIS) {
+    		congressService = new RedisCongressService(redisConnFactory);
+    	}else {
+    		congressService = new InMemoryCongressService();
+    	}
+    	
+    	AuthTokenService authTokenService = 
+    				new AuthTokenService(
+    							authJwkConfig,
+    							congressService,
+    							momentaryService,
+    							refreshTokenService
+    						);
+    	
+    	return authTokenService;
+    }
+    
+    @Bean
+    public AuthRefreshTokenService refreshTokenService(AuthJwkConfig authJwkConfig) throws JOSEException {
+    	return new AuthRefreshTokenService(authJwkConfig);
+    }
+    
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        
+    }
+}

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/autoconfigure/OneTimePasswordAutoConfiguration.java

@@ -0,0 +1,63 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.autoconfigure;
+
+import org.maxkey.constants.ConstsPersistence;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
+import org.maxkey.password.onetimepwd.token.RedisOtpTokenStore;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
+import org.maxkey.persistence.service.EmailSendersService;
+import org.maxkey.persistence.service.SmsProviderService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+
+@Configuration
+public class OneTimePasswordAutoConfiguration  implements InitializingBean {
+    private static final  Logger _logger = 
+            LoggerFactory.getLogger(OneTimePasswordAutoConfiguration.class);
+    
+  
+    @Bean(name = "otpAuthnService")
+    public OtpAuthnService otpAuthnService(
+            @Value("${maxkey.server.persistence}") int persistence,
+            SmsProviderService smsProviderService,
+            EmailSendersService emailSendersService,
+            RedisConnectionFactory redisConnFactory) {
+        OtpAuthnService otpAuthnService = 
+        							new OtpAuthnService(smsProviderService,emailSendersService);
+        
+        if (persistence == ConstsPersistence.REDIS) {
+            RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
+            otpAuthnService.setRedisOptTokenStore(redisOptTokenStore);
+        }
+        
+        _logger.debug("OneTimePasswordService {} inited." , 
+        				persistence == ConstsPersistence.REDIS ? "Redis" : "InMemory");
+        return otpAuthnService;
+    }
+   
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        
+    }
+}

maxkey-authentications/maxkey-authentication-provider/build.gradle

@@ -0,0 +1,15 @@
+
+description = "maxkey-authentication-provider"
+
+
+dependencies {
+	//local jars
+	implementation fileTree(dir: '../maxkey-lib/', include: '*/*.jar')
+	
+	implementation project(":maxkey-common")
+	implementation project(":maxkey-core")
+	implementation project(":maxkey-persistence")
+	implementation project(":maxkey-authentications:maxkey-authentication-core")
+	implementation project(":maxkey-authentications:maxkey-authentication-otp")
+   
+}

maxkey-authentications/maxkey-authentication-provider/src/main/java/META-INF/MANIFEST.MF

@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path: 
+

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/AbstractAuthenticationProvider.java

@@ -15,10 +15,12 @@
  */
  
 
-package org.maxkey.authn;
+package org.maxkey.authn.provider;
 
 import java.util.ArrayList;
 
+import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.jwt.AuthTokenService;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.Session;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/AuthenticationProviderFactory.java

@@ -17,7 +17,6 @@ package org.maxkey.authn.provider;
 
 import java.util.concurrent.ConcurrentHashMap;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.springframework.security.core.Authentication;
 

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/MfaAuthenticationProvider.java

@@ -15,11 +15,11 @@
  */
  
 
-package org.maxkey.authn.provider;
+package org.maxkey.authn.provider.impl;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.SessionManager;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/MobileAuthenticationProvider.java

@@ -15,10 +15,10 @@
  */
  
 
-package org.maxkey.authn.provider;
+package org.maxkey.authn.provider.impl;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.SessionManager;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/NormalAuthenticationProvider.java

@@ -15,12 +15,13 @@
  */
  
 
-package org.maxkey.authn.provider;
+package org.maxkey.authn.provider.impl;
 
 import java.text.ParseException;
-import org.maxkey.authn.AbstractAuthenticationProvider;
+
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.SessionManager;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/TrustedAuthenticationProvider.java

@@ -15,10 +15,10 @@
  */
  
 
-package org.maxkey.authn.provider;
+package org.maxkey.authn.provider.impl;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.SessionManager;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java

@@ -20,8 +20,8 @@ package org.maxkey.authn.support.basic;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.util.AuthorizationHeaderCredential;
 import org.maxkey.util.AuthorizationHeaderUtils;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/certs/HttpCertsEntryPoint.java

@@ -22,7 +22,7 @@ import java.security.cert.X509Certificate;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.httpheader.HttpHeaderEntryPoint;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java

@@ -20,8 +20,8 @@ package org.maxkey.authn.support.httpheader;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.constants.ConstsLoginType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java

@@ -16,10 +16,10 @@
  
 package org.maxkey.authn.support.jwt;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthJwt;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.entity.Message;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java

@@ -20,8 +20,8 @@ package org.maxkey.authn.support.kerberos;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.joda.time.DateTime;
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstsLoginType;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java

@@ -19,8 +19,9 @@ package org.maxkey.authn.support.wsfederation;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import org.maxkey.authn.AbstractAuthenticationProvider;
+
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstsLoginType;

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java

@@ -17,30 +17,20 @@
 
 package org.maxkey.autoconfigure;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
-import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
-import org.maxkey.authn.jwt.AuthRefreshTokenService;
 import org.maxkey.authn.jwt.AuthTokenService;
-import org.maxkey.authn.jwt.CongressService;
-import org.maxkey.authn.jwt.InMemoryCongressService;
-import org.maxkey.authn.jwt.RedisCongressService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.provider.AuthenticationProviderFactory;
-import org.maxkey.authn.provider.MobileAuthenticationProvider;
-import org.maxkey.authn.provider.NormalAuthenticationProvider;
-import org.maxkey.authn.provider.TrustedAuthenticationProvider;
+import org.maxkey.authn.provider.impl.MobileAuthenticationProvider;
+import org.maxkey.authn.provider.impl.NormalAuthenticationProvider;
+import org.maxkey.authn.provider.impl.TrustedAuthenticationProvider;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.session.SessionManager;
-import org.maxkey.authn.session.SessionManagerFactory;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeManager;
 import org.maxkey.authn.support.rememberme.JdbcRemeberMeManager;
-import org.maxkey.authn.web.HttpSessionListenerAdapter;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.configuration.AuthJwkConfig;
 import org.maxkey.constants.ConstsPersistence;
-import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.maxkey.password.onetimepwd.OtpAuthnService;
 import org.maxkey.password.onetimepwd.token.RedisOtpTokenStore;
-import org.maxkey.persistence.cache.MomentaryService;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
 import org.maxkey.persistence.repository.LoginRepository;
@@ -56,20 +46,11 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.jdbc.core.JdbcTemplate;
 
-import com.nimbusds.jose.JOSEException;
-
 
 @Configuration
-public class AuthenticationAutoConfiguration  implements InitializingBean {
+public class AuthnProviderAutoConfiguration  implements InitializingBean {
     private static final  Logger _logger = 
-            LoggerFactory.getLogger(AuthenticationAutoConfiguration.class);
-    
-    
-    @Bean(name = "savedRequestSuccessHandler")
-    public SavedRequestAwareAuthenticationSuccessHandler 
-            savedRequestAwareAuthenticationSuccessHandler() {
-        return new SavedRequestAwareAuthenticationSuccessHandler();
-    }
+            LoggerFactory.getLogger(AuthnProviderAutoConfiguration.class);
     
     @Bean
     public AbstractAuthenticationProvider authenticationProvider(
@@ -131,55 +112,6 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
         	);
     }
     
-    @Bean
-    public AuthTokenService authTokenService(
-    		AuthJwkConfig authJwkConfig,
-    		RedisConnectionFactory redisConnFactory,
-    		MomentaryService  momentaryService,
-    		AuthRefreshTokenService refreshTokenService,
-    		@Value("${maxkey.server.persistence}") int persistence) throws JOSEException {
-    	CongressService congressService;
-    	if (persistence == ConstsPersistence.REDIS) {
-    		congressService = new RedisCongressService(redisConnFactory);
-    	}else {
-    		congressService = new InMemoryCongressService();
-    	}
-    	
-    	AuthTokenService authTokenService = 
-    				new AuthTokenService(
-    							authJwkConfig,
-    							congressService,
-    							momentaryService,
-    							refreshTokenService
-    						);
-    	
-    	return authTokenService;
-    }
-    
-    @Bean
-    public AuthRefreshTokenService refreshTokenService(AuthJwkConfig authJwkConfig) throws JOSEException {
-    	return new AuthRefreshTokenService(authJwkConfig);
-    }
-    
-    @Bean(name = "otpAuthnService")
-    public OtpAuthnService otpAuthnService(
-            @Value("${maxkey.server.persistence}") int persistence,
-            SmsProviderService smsProviderService,
-            EmailSendersService emailSendersService,
-            RedisConnectionFactory redisConnFactory) {
-        OtpAuthnService otpAuthnService = 
-        							new OtpAuthnService(smsProviderService,emailSendersService);
-        
-        if (persistence == ConstsPersistence.REDIS) {
-            RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
-            otpAuthnService.setRedisOptTokenStore(redisOptTokenStore);
-        }
-        
-        _logger.debug("OneTimePasswordService {} inited." , 
-        				persistence == ConstsPersistence.REDIS ? "Redis" : "InMemory");
-        return otpAuthnService;
-    }
-    
     @Bean
     public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
         return new PasswordPolicyValidator(jdbcTemplate,messageSource);
@@ -195,20 +127,6 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
         return new LoginHistoryRepository(jdbcTemplate);
     }
     
-    @Bean
-    public SessionManager sessionManager(
-            @Value("${maxkey.server.persistence}") int persistence,
-            JdbcTemplate jdbcTemplate,
-            RedisConnectionFactory redisConnFactory,
-            @Value("${maxkey.session.timeout:1800}") int timeout
-            ) {
-    	_logger.debug("session timeout " + timeout);
-        SessionManager  sessionManager  = 
-                new SessionManagerFactory(
-                		persistence, jdbcTemplate, redisConnFactory,timeout);
-        return sessionManager;
-    }
-    
     /**
      * remeberMeService .
      * @return
@@ -225,11 +143,6 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
         		jdbcTemplate,applicationConfig,authTokenService,validity);
     }
     
-    @Bean
-    public HttpSessionListenerAdapter httpSessionListenerAdapter() {
-        return new HttpSessionListenerAdapter();
-    }
-    
     @Override
     public void afterPropertiesSet() throws Exception {
         

maxkey-authentications/maxkey-authentication-social/build.gradle

@@ -10,5 +10,6 @@ dependencies {
 	implementation project(":maxkey-core")
 	implementation project(":maxkey-persistence")
 	implementation project(":maxkey-authentications:maxkey-authentication-core")
+	implementation project(":maxkey-authentications:maxkey-authentication-provider")
    
 }

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java

@@ -20,8 +20,8 @@
  */
 package org.maxkey.authn.support.socialsignon;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
 import org.maxkey.authn.support.socialsignon.service.SocialsAssociateService;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-core/src/main/java/org/maxkey/persistence/cache/package-info.java

@@ -1 +1,25 @@
-package org.maxkey.persistence.cache;
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+/**
+ * 
+ */
+/**
+ * @author Administrator
+ *
+ */
+package org.maxkey.persistence.cache;

maxkey-protocols/maxkey-protocol-cas/build.gradle

@@ -18,5 +18,6 @@ dependencies {
 	implementation project(":maxkey-persistence")
    	implementation project(":maxkey-protocols:maxkey-protocol-authorize")
    	implementation project(":maxkey-authentications:maxkey-authentication-core")
+   	implementation project(":maxkey-authentications:maxkey-authentication-provider")
    
 }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java

@@ -23,8 +23,8 @@ package org.maxkey.authz.cas.endpoint;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;

maxkey-protocols/maxkey-protocol-oauth-2.0/build.gradle

@@ -9,4 +9,5 @@ dependencies {
     implementation project(":maxkey-persistence")
     implementation project(":maxkey-protocols:maxkey-protocol-authorize")
     implementation project(":maxkey-authentications:maxkey-authentication-core")
+    implementation project(":maxkey-authentications:maxkey-authentication-provider")
 }

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java

@@ -14,8 +14,8 @@ package org.maxkey.authz.oauth2.provider;
 
 import java.util.ArrayList;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.SignPrincipal;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.session.Session;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.LoginRepository;

maxkey-protocols/maxkey-protocol-saml-2.0/build.gradle

@@ -8,4 +8,5 @@ dependencies {
     implementation project(":maxkey-core")
     implementation project(":maxkey-persistence")
     implementation project(":maxkey-authentications:maxkey-authentication-core")
+    implementation project(":maxkey-authentications:maxkey-authentication-provider")
 }

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java

@@ -30,10 +30,10 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.Validate;
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthJwt;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authz.saml.common.EndpointGenerator;
 import org.maxkey.authz.saml.common.TrustResolver;
 import org.maxkey.authz.saml.service.IDService;

maxkey-webs/maxkey-web-maxkey/build.gradle

@@ -12,6 +12,7 @@ dependencies {
    	implementation project(":maxkey-authentications:maxkey-authentication-social")
    	implementation project(":maxkey-authentications:maxkey-authentication-captcha")
    	implementation project(":maxkey-authentications:maxkey-authentication-otp")
+   	implementation project(":maxkey-authentications:maxkey-authentication-provider")
    	
    	implementation project(":maxkey-protocols:maxkey-protocol-authorize")
    	implementation project(":maxkey-protocols:maxkey-protocol-cas")

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java

@@ -19,7 +19,7 @@ package org.maxkey;
 
 import java.util.List;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.basic.BasicEntryPoint;
 import org.maxkey.authn.support.httpheader.HttpHeaderEntryPoint;
 import org.maxkey.authn.support.kerberos.HttpKerberosEntryPoint;

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java

@@ -25,10 +25,10 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang3.StringUtils;
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthJwt;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.kerberos.KerberosService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeManager;
 import org.maxkey.authn.support.rememberme.RemeberMe;

maxkey-webs/maxkey-web-maxkey/src/main/resources/META-INF/spring.factories

@@ -4,7 +4,10 @@ org.maxkey.autoconfigure.ApplicationAutoConfiguration,\
 org.maxkey.autoconfigure.MvcAutoConfiguration,\
 org.maxkey.autoconfigure.KaptchaAutoConfiguration,\
 org.maxkey.autoconfigure.RedisAutoConfiguration,\
-org.maxkey.autoconfigure.AuthenticationAutoConfiguration,\
+org.maxkey.autoconfigure.AuthnProviderAutoConfiguration,\
+org.maxkey.autoconfigure.OneTimePasswordAutoConfiguration,\
+org.maxkey.autoconfigure.SessionAutoConfiguration,\
+org.maxkey.autoconfigure.TokenAutoConfiguration,\
 org.maxkey.autoconfigure.CasAutoConfiguration,\
 org.maxkey.autoconfigure.Oauth20AutoConfiguration,\
 org.maxkey.autoconfigure.Saml20AutoConfiguration,\

maxkey-webs/maxkey-web-mgt/build.gradle

@@ -11,6 +11,7 @@ dependencies {
 	implementation project(":maxkey-authentications:maxkey-authentication-core")
 	implementation project(":maxkey-authentications:maxkey-authentication-captcha")
 	implementation project(":maxkey-authentications:maxkey-authentication-otp")
+	implementation project(":maxkey-authentications:maxkey-authentication-provider")
 	
    	implementation project(":maxkey-protocols:maxkey-protocol-oauth-2.0")
    	implementation project(":maxkey-protocols:maxkey-protocol-saml-2.0")   

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java

@@ -19,7 +19,7 @@ package org.maxkey;
 
 import java.util.List;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.authn.web.CurrentUserMethodArgumentResolver;
 import org.maxkey.authn.web.interceptor.PermissionInterceptor;
 import org.maxkey.configuration.ApplicationConfig;

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LoginEntryPoint.java

@@ -19,10 +19,10 @@ package org.maxkey.web.contorller;
 
 import java.util.HashMap;
 
-import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.jwt.AuthJwt;
 import org.maxkey.authn.jwt.AuthTokenService;
+import org.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.entity.Institutions;
 import org.maxkey.entity.Message;

maxkey-webs/maxkey-web-mgt/src/main/resources/META-INF/spring.factories

@@ -5,7 +5,10 @@ org.maxkey.autoconfigure.KaptchaAutoConfiguration,\
 org.maxkey.autoconfigure.MvcAutoConfiguration,\
 org.maxkey.autoconfigure.JwtAuthnAutoConfiguration,\
 org.maxkey.autoconfigure.RedisAutoConfiguration,\
-org.maxkey.autoconfigure.AuthenticationAutoConfiguration,\
+org.maxkey.autoconfigure.AuthnProviderAutoConfiguration,\
+org.maxkey.autoconfigure.OneTimePasswordAutoConfiguration,\
+org.maxkey.autoconfigure.SessionAutoConfiguration,\
+org.maxkey.autoconfigure.TokenAutoConfiguration,\
 org.maxkey.synchronizer.autoconfigure.SynchronizerAutoConfiguration,\
 org.maxkey.autoconfigure.SwaggerConfig,\
 org.maxkey.Oauth20ClientAutoConfiguration,\

settings.gradle

@@ -30,6 +30,7 @@ include (
 	'maxkey-authentications:maxkey-authentication-captcha',
 	'maxkey-authentications:maxkey-authentication-social',
 	'maxkey-authentications:maxkey-authentication-otp',
+	'maxkey-authentications:maxkey-authentication-provider',
 	//identity
 	'maxkey-identitys:maxkey-identity-scim',
 	'maxkey-identitys:maxkey-identity-rest',