From b5decd3a6a13fecc43dd434ea4c23a9cfe4cc681 Mon Sep 17 00:00:00 2001 From: MaxKey Date: Sun, 13 Feb 2022 17:55:15 +0800 Subject: [PATCH] FormBased password --- .../src/test/java/org/maxkey/word/SubStr.java | 2 ++ .../adapter/FormBasedDefaultAdapter.java | 18 +++++++++++++----- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/maxkey-common/src/test/java/org/maxkey/word/SubStr.java b/maxkey-common/src/test/java/org/maxkey/word/SubStr.java index 8cfb9e14f..25cff791d 100644 --- a/maxkey-common/src/test/java/org/maxkey/word/SubStr.java +++ b/maxkey-common/src/test/java/org/maxkey/word/SubStr.java @@ -25,6 +25,8 @@ public class SubStr { public static void main(String[] args) { String browser="Chrome/44.0.2369.0"; System.out.println(browser.indexOf('.')); + String passwordAlgorithm = "MD5-HEX"; + System.out.println(passwordAlgorithm.substring(0,passwordAlgorithm.indexOf("-HEX"))); } } diff --git a/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java index 74481cd88..2177d94bb 100644 --- a/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java @@ -19,6 +19,7 @@ package org.maxkey.authz.formbased.endpoint.adapter; import java.time.Instant; +import org.apache.commons.lang3.StringUtils; import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter; import org.maxkey.constants.ConstsBoolean; import org.maxkey.crypto.DigestUtils; @@ -27,6 +28,8 @@ import org.springframework.web.servlet.ModelAndView; public class FormBasedDefaultAdapter extends AbstractAuthorizeAdapter { + static String _HEX = "_HEX"; + @Override public Object generateInfo() { return null; @@ -38,11 +41,16 @@ public class FormBasedDefaultAdapter extends AbstractAuthorizeAdapter { AppsFormBasedDetails details=(AppsFormBasedDetails)app; String password = account.getRelatedPassword(); - if(null==details.getPasswordAlgorithm()||details.getPasswordAlgorithm().equals("")){ - }else if(details.getPasswordAlgorithm().indexOf("HEX")>-1){ - password = DigestUtils.digestHex(account.getRelatedPassword(),details.getPasswordAlgorithm().substring(0, details.getPasswordAlgorithm().indexOf("HEX"))); + String passwordAlgorithm = details.getPasswordAlgorithm(); + + if(StringUtils.isBlank(passwordAlgorithm) + || passwordAlgorithm.equalsIgnoreCase("NONE")){ + //do nothing + }else if(passwordAlgorithm.indexOf(_HEX) > -1){ + passwordAlgorithm = passwordAlgorithm.substring(0,passwordAlgorithm.indexOf(_HEX)); + password = DigestUtils.digestHex(account.getRelatedPassword(),passwordAlgorithm); }else{ - password = DigestUtils.digestBase64(account.getRelatedPassword(),details.getPasswordAlgorithm()); + password = DigestUtils.digestBase64(account.getRelatedPassword(),passwordAlgorithm); } modelAndView.addObject("id", details.getId()); @@ -62,7 +70,7 @@ public class FormBasedDefaultAdapter extends AbstractAuthorizeAdapter { modelAndView.addObject("isExtendAttr", false); } - if(details.getAuthorizeView()!=null&&!details.getAuthorizeView().equals("")){ + if(StringUtils.isNotBlank(details.getAuthorizeView())){ modelAndView.setViewName("authorize/"+details.getAuthorizeView()); }