From be866135ea5565e0ab771b8d6e4b5a6064d9bdad Mon Sep 17 00:00:00 2001
From: "Crystal.Sea" <shimingxy@163.com>
Date: Fri, 30 Oct 2020 17:53:16 +0800
Subject: [PATCH] =?UTF-8?q?=E7=A4=BE=E4=BA=A4=E8=B4=A6=E5=8F=B7=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ReleaseNotes.txt                              |  2 +
 build.gradle                                  |  4 +-
 .../socialsignon/SocialSignOnEndpoint.java    | 79 +++++++++++--------
 .../passwordpolicy_message.properties         |  2 +
 .../passwordpolicy_message_en.properties      |  4 +-
 .../passwordpolicy_message_zh_CN.properties   |  4 +-
 6 files changed, 57 insertions(+), 38 deletions(-)

diff --git a/ReleaseNotes.txt b/ReleaseNotes.txt
index a09d3d250..d6a50007a 100644
--- a/ReleaseNotes.txt
+++ b/ReleaseNotes.txt
@@ -12,6 +12,8 @@
 	*(MAXKEY-200912) 构建脚本的优化和更新
 	*(MAXKEY-200920)  依赖jar引用、更新和升级
 	    druid 1.2.1
+	    JustAuth 1.15.8
+	    simple-http 1.0.3
 	    spring-session 2.3.1.RELEASE
 	    druid-spring-boot-starter 1.2.1
  
diff --git a/build.gradle b/build.gradle
index b124f1405..eff6d0b78 100644
--- a/build.gradle
+++ b/build.gradle
@@ -228,8 +228,8 @@ subprojects {
          compile group: 'net.minidev', name: 'json-smart', version: '2.3'
          compile group: 'net.minidev', name: 'asm', version: '1.0.2'
          //oauth third party JustAuth
-         compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.2'
-         compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.7'
+         compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.3'
+         compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.8'
          //common
          compile group: 'org.javassist', name: 'javassist', version: '3.23.0-GA'
          compile group: 'org.owasp.esapi', name: 'esapi', version: '2.2.0.0'
diff --git a/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java b/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
index 88ca99181..97baac4b7 100644
--- a/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
+++ b/maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
@@ -98,12 +98,20 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	@RequestMapping(value={"/callback/{provider}"}, method = RequestMethod.GET)
 	public ModelAndView callback(@PathVariable String provider
 			) {
-		this.provider=provider;
-		this.authCallback();
-		_logger.debug(this.accountId);
-		SocialsAssociate socialSignOnUserToken =new SocialsAssociate();
-		socialSignOnUserToken.setProvider(provider);
-		socialSignOnUserToken.setSocialuid(this.accountId);
+	    
+	    SocialsAssociate socialsAssociate = null;
+	    //auth call back may exception 
+	    try {
+    		this.provider=provider;
+    		this.authCallback();
+    		_logger.debug(this.accountId);
+    		socialsAssociate =new SocialsAssociate();
+    		socialsAssociate.setProvider(provider);
+    		socialsAssociate.setSocialuid(this.accountId);
+    		
+	    }catch(Exception e) {
+	        _logger.error("callback Exception  ",e);
+	    }
 		
 		//for login
 		String socialSignOnType= "";
@@ -112,10 +120,10 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		}
 		
 		if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)||socialSignOnType.equals("")){
-			socialSignOn(socialSignOnUserToken);
+			socialSignOn(socialsAssociate);
 			return WebContext.redirect("/index");
 		}else{
-			socialBind(socialSignOnUserToken);
+			socialBind(socialsAssociate);
 		}
 		
 		if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
@@ -126,38 +134,41 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		
 	}
 	
-	public boolean socialBind(SocialsAssociate socialSignOnUserToken){
-		socialSignOnUserToken.setSocialUserInfo(accountJsonString);
-		socialSignOnUserToken.setUid(WebContext.getUserInfo().getId());
-		socialSignOnUserToken.setUsername(WebContext.getUserInfo().getUsername());
-		//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(accessToken));
-		//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
-		_logger.debug("Social Bind : "+socialSignOnUserToken);
-		this.socialsAssociateService.delete(socialSignOnUserToken);
-		this.socialsAssociateService.insert(socialSignOnUserToken);
+	public boolean socialBind(SocialsAssociate socialsAssociate){
+	    if(null == socialsAssociate) {
+	        return false;
+	    }
+	    
+	    socialsAssociate.setSocialUserInfo(accountJsonString);
+	    socialsAssociate.setUid(WebContext.getUserInfo().getId());
+		socialsAssociate.setUsername(WebContext.getUserInfo().getUsername());
+		//socialsAssociate.setAccessToken(JsonUtils.object2Json(accessToken));
+		//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+		_logger.debug("Social Bind : "+socialsAssociate);
+		this.socialsAssociateService.delete(socialsAssociate);
+		this.socialsAssociateService.insert(socialsAssociate);
 		return true;
 	}
 	
-	public boolean socialSignOn(SocialsAssociate socialSignOnUserToken){
+	public boolean socialSignOn(SocialsAssociate socialsAssociate){
 		
-		socialSignOnUserToken=this.socialsAssociateService.get(socialSignOnUserToken);
+	    socialsAssociate=this.socialsAssociateService.get(socialsAssociate);
 		
-		_logger.debug("callback SocialSignOn User Token : "+socialSignOnUserToken);
-		if(null !=socialSignOnUserToken){
-
-			_logger.debug("Social Sign On from "+socialSignOnUserToken.getProvider()+" mapping to user "+socialSignOnUserToken.getUsername());
-			
-			authenticationProvider.trustAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
-			//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
-			socialSignOnUserToken.setSocialUserInfo(accountJsonString);
-			//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
-			
-			this.socialsAssociateService.update(socialSignOnUserToken);
-			
-			
-		}else{
-			WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
+		_logger.debug("Loaded SocialSignOn Socials Associate : "+socialsAssociate);
+		
+		if(null == socialsAssociate) {
+		    WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
+            return false;
 		}
+		
+		_logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername());
+		
+		authenticationProvider.trustAuthentication(socialsAssociate.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
+		//socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken));
+		socialsAssociate.setSocialUserInfo(accountJsonString);
+		//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+		
+		this.socialsAssociateService.update(socialsAssociate);
 		return true;
 	}
 }
diff --git a/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties b/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
index be4272ec4..9f3daca11 100644
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
 PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
 
+#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
 login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
 login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
 login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@@ -43,4 +44,5 @@ login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
 login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
 login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.
 
diff --git a/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties b/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
index dc1302c30..38c502ff5 100644
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=old password not match.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=new password not match confirm password.
 PasswordPolicy.OLD_PASSWORD_MATCH=new password  match old password.
 
+#for user login
 login.error.attempts={0} login attempts the maximum number of {1} times, please login later.
 login.error.locked=The user is locked.
 login.error.inactive=User inactive state.
@@ -42,4 +43,5 @@ login.error.email.null=email cannot be empty.
 login.error.password.null=Password cannot be empty.
 login.error.captcha=Verification code error, please login again.
 login.error.authtype=Login authentication type error.
-login.error.session=Login session failed. Please login again.
\ No newline at end of file
+login.error.session=Login session failed. please login again.
+login.error.social=Social login failed. please retry.
\ No newline at end of file
diff --git a/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties b/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
index 60025dbab..6d6034069 100644
--- a/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
+++ b/maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
@@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
 PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
 PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
 
+#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
 login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
 login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
 login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@@ -42,4 +43,5 @@ login.error.email.null=\u767b\u5f55\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
 login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
 login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
-login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
\ No newline at end of file
+login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
+login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.
\ No newline at end of file