admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

header authorization

Browse Source
This commit is contained in:
MaxKey 2021-03-23 19:11:54 +08:00
parent d5d47f127b
commit c1c9bb5e87
12 changed files with 122 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
View File

@ -64,7 +64,7 @@ public class AuthorizationHeaderUtils {
} }
public static boolean isBearer(String bearer) { public static boolean isBearer(String bearer) {
if (bearer.startsWith(AuthorizationHeaderCredential.Credential.BEARER)) { if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) {
return true; return true;
} else { } else {
return false; return false;

1
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
View File

@ -28,6 +28,7 @@ import java.util.Arrays;
*/ */
public class GroupOfNames { public class GroupOfNames {
public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfNames")); public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfNames"));
public static final String DISTINGUISHEDNAME = "distinguishedname";
public static final String CN = "cn"; public static final String CN = "cn";
public static final String MEMBER = "member"; public static final String MEMBER = "member";
public static final String BUSINESSCATEGORY = "businessCategory"; public static final String BUSINESSCATEGORY = "businessCategory";

1
maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
View File

@ -28,6 +28,7 @@ import java.util.Arrays;
*/ */
public class GroupOfUniqueNames { public class GroupOfUniqueNames {
public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfUniqueNames")); public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfUniqueNames"));
public static final String DISTINGUISHEDNAME = "distinguishedname";
public static final String CN = "cn"; public static final String CN = "cn";
public static final String UNIQUEMEMBER = "uniqueMember"; public static final String UNIQUEMEMBER = "uniqueMember";
public static final String BUSINESSCATEGORY = "businessCategory"; public static final String BUSINESSCATEGORY = "businessCategory";

1
maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
View File

@ -28,6 +28,7 @@ import java.util.Arrays;
*/ */
public class InetOrgPerson { public class InetOrgPerson {
public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "person","organizationalPerson","inetOrgPerson")); public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "person","organizationalPerson","inetOrgPerson"));
public static final String DISTINGUISHEDNAME = "distinguishedname";
//person sup top //person sup top
/**person sn MUST*/ /**person sn MUST*/
public static final String SN = "sn"; public static final String SN = "sn";

3
maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
View File

@ -28,6 +28,9 @@ import java.util.Arrays;
*/ */
public class Organization { public class Organization {
public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "organization")); public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "organization"));
public static final String DISTINGUISHEDNAME = "distinguishedname";
/**Organization o*/ /**Organization o*/
public static final String O = "o"; public static final String O = "o";
/**Organization userPassword*/ /**Organization userPassword*/

1
maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
View File

@ -28,6 +28,7 @@ import java.util.Arrays;
*/ */
public class OrganizationalUnit { public class OrganizationalUnit {
public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "OrganizationalUnit")); public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "OrganizationalUnit"));
public static final String DISTINGUISHEDNAME = "distinguishedname";
/**OrganizationalUnit ou*/ /**OrganizationalUnit ou*/
public static final String OU = "ou"; public static final String OU = "ou";
/**OrganizationalUnit userPassword*/ /**OrganizationalUnit userPassword*/

14
maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
View File

@ -80,6 +80,8 @@ public class Organizations extends JpaBaseDomain implements Serializable {
@Column @Column
private String sortIndex; private String sortIndex;
@Column @Column
private String ldapDn;
@Column
private String description; private String description;
private String status; private String status;
@ -292,6 +294,14 @@ public class Organizations extends JpaBaseDomain implements Serializable {
public String getLdapDn() {
return ldapDn;
}
public void setLdapDn(String ldapDn) {
this.ldapDn = ldapDn;
}
public String getStatus() { public String getStatus() {
return status; return status;
} }
@ -349,8 +359,12 @@ public class Organizations extends JpaBaseDomain implements Serializable {
builder.append(email); builder.append(email);
builder.append(", sortIndex="); builder.append(", sortIndex=");
builder.append(sortIndex); builder.append(sortIndex);
builder.append(", ldapDn=");
builder.append(ldapDn);
builder.append(", description="); builder.append(", description=");
builder.append(description); builder.append(description);
builder.append(", status=");
builder.append(status);
builder.append("]"); builder.append("]");
return builder.toString(); return builder.toString();
} }

1
maxkey-core/src/main/java/org/maxkey/web/HttpResponseAdapter.java
View File

@ -63,7 +63,6 @@ public class HttpResponseAdapter {
out.close(); out.close();
} }
} catch (IOException e) { } catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace(); e.printStackTrace();
} }
} }

4
maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
View File

@ -50,7 +50,7 @@ import io.swagger.annotations.ApiOperation;
* @author Crystal.Sea * @author Crystal.Sea
* *
*/ */
@Api(tags = "JWT接口文档模块") @Api(tags = "JWT令牌接口")
@Controller @Controller
public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{
@ -64,7 +64,7 @@ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{
@Autowired @Autowired
ApplicationConfig applicationConfig; ApplicationConfig applicationConfig;
@ApiOperation(value = "JWT认证地址接口", notes = "参数应用ID",httpMethod="GET") @ApiOperation(value = "JWT<EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD>ַ<EFBFBD>ӿ<EFBFBD>", notes = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ӧ<EFBFBD><EFBFBD>ID",httpMethod="GET")
@RequestMapping("/authz/jwt/{id}") @RequestMapping("/authz/jwt/{id}")
public ModelAndView authorize( public ModelAndView authorize(
HttpServletRequest request, HttpServletRequest request,

22
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authz.oauth2.provider.endpoint; package org.maxkey.authz.oauth2.provider.endpoint;
import java.io.IOException; import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
@ -39,6 +40,8 @@ import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
import org.maxkey.authz.oauth2.provider.OAuth2Authentication; import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
import org.maxkey.authz.oauth2.provider.OAuth2Request; import org.maxkey.authz.oauth2.provider.OAuth2Request;
import org.maxkey.authz.oauth2.provider.OAuth2RequestFactory; import org.maxkey.authz.oauth2.provider.OAuth2RequestFactory;
import org.maxkey.util.AuthorizationHeaderCredential;
import org.maxkey.util.AuthorizationHeaderUtils;
import org.maxkey.web.WebContext; import org.maxkey.web.WebContext;
import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
@ -213,13 +216,30 @@ public class TokenEndpointAuthenticationFilter implements Filter {
public Authentication ClientCredentials(HttpServletRequest request, HttpServletResponse response) public Authentication ClientCredentials(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException, ServletException { throws AuthenticationException, IOException, ServletException {
if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) { if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) {
throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" }); throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
} }
String clientId = request.getParameter("client_id"); String clientId = request.getParameter("client_id");
String clientSecret = request.getParameter("client_secret"); String clientSecret = request.getParameter("client_secret");
if(clientId == null) {
if(logger.isTraceEnabled()) {
logger.trace("getRequestURL : "+request.getRequestURL());
Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) {
String key = (String) headerNames.nextElement();
String value = request.getHeader(key);
logger.trace("Header key "+key +" , value " + value);
}
}
//for header authorization basic
String authorization_bearer =request.getHeader("authorization");
AuthorizationHeaderCredential ahc=AuthorizationHeaderUtils.resolve(authorization_bearer);
clientId =ahc.getUsername();
clientSecret=ahc.getCredential();
}
logger.trace("clientId "+clientId +" , clientSecret " + clientSecret);
// If the request is already authenticated we can assume that this // If the request is already authenticated we can assume that this
// filter is not needed // filter is not needed

2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
View File

@ -34,6 +34,8 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
HashMap<String, Object> beanMap = new HashMap<String, Object>(); HashMap<String, Object> beanMap = new HashMap<String, Object>();
beanMap.put("randomId",(new StringGenerator()).uuidGenerate()); beanMap.put("randomId",(new StringGenerator()).uuidGenerate());
beanMap.put("uid", userInfo.getId()); beanMap.put("uid", userInfo.getId());
//for spring security oauth2
beanMap.put("user", userInfo.getUsername());
beanMap.put("username", userInfo.getUsername()); beanMap.put("username", userInfo.getUsername());
beanMap.put("employeeNumber", userInfo.getEmployeeNumber()); beanMap.put("employeeNumber", userInfo.getEmployeeNumber());
beanMap.put("email", userInfo.getEmail()); beanMap.put("email", userInfo.getEmail());

22
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
View File

@ -49,6 +49,7 @@ import org.maxkey.util.AuthorizationHeaderUtils;
import org.maxkey.util.Instance; import org.maxkey.util.Instance;
import org.maxkey.util.JsonUtils; import org.maxkey.util.JsonUtils;
import org.maxkey.util.StringGenerator; import org.maxkey.util.StringGenerator;
import org.maxkey.web.HttpResponseAdapter;
import org.maxkey.web.WebConstants; import org.maxkey.web.WebConstants;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -106,27 +107,26 @@ public class UserInfoEndpoint {
private JwtEncryptionAndDecryptionService jwtEnDecryptionService; private JwtEncryptionAndDecryptionService jwtEnDecryptionService;
private SymmetricSigningAndValidationServiceBuilder symmetricJwtSignerServiceBuilder private SymmetricSigningAndValidationServiceBuilder symmetricJwtSignerServiceBuilder
=new SymmetricSigningAndValidationServiceBuilder(); =new SymmetricSigningAndValidationServiceBuilder();
private RecipientJwtEncryptionAndDecryptionServiceBuilder recipientJwtEnDecryptionServiceBuilder private RecipientJwtEncryptionAndDecryptionServiceBuilder recipientJwtEnDecryptionServiceBuilder
=new RecipientJwtEncryptionAndDecryptionServiceBuilder(); =new RecipientJwtEncryptionAndDecryptionServiceBuilder();
OAuthDefaultUserInfoAdapter defaultOAuthUserInfoAdapter=new OAuthDefaultUserInfoAdapter(); OAuthDefaultUserInfoAdapter defaultOAuthUserInfoAdapter=new OAuthDefaultUserInfoAdapter();
@Autowired
protected HttpResponseAdapter httpResponseAdapter;
@ApiOperation(value = "OAuth 2.0 用户信息接口", notes = "传递参数access_token",httpMethod="GET") @ApiOperation(value = "OAuth 2.0 用户信息接口", notes = "传递参数access_token",httpMethod="GET")
@RequestMapping(value="/oauth/v20/me") @RequestMapping(value="/oauth/v20/me")
@ResponseBody public void apiV20UserInfo(
public String apiV20UserInfo(
@RequestParam(value = "access_token", required = false) String access_token, @RequestParam(value = "access_token", required = false) String access_token,
@RequestHeader(value = "authorization", required = false) String authorization_bearer, @RequestHeader(value = "authorization", required = false) String authorization_bearer,
HttpServletRequest request, HttpServletRequest request,
HttpServletResponse response) { HttpServletResponse response) {
response.setContentType(ContentType.APPLICATION_JSON_UTF8);
if(access_token == null && authorization_bearer!= null) { if(access_token == null && authorization_bearer!= null) {
access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
}
if(_logger.isTraceEnabled()) { if(_logger.isTraceEnabled()) {
_logger.trace("getRequestURL : "+request.getRequestURL()); _logger.trace("getRequestURL : "+request.getRequestURL());
Enumeration<String> headerNames = request.getHeaderNames(); Enumeration<String> headerNames = request.getHeaderNames();
@ -136,9 +136,13 @@ public class UserInfoEndpoint {
_logger.trace("Header key "+key +" , value " + value); _logger.trace("Header key "+key +" , value " + value);
} }
} }
//for header authorization bearer
access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
}
String principal=""; String principal="";
if (!StringGenerator.uuidMatches(access_token)) { if (!StringGenerator.uuidMatches(access_token)) {
return JsonUtils.gson2Json(accessTokenFormatError(access_token)); httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json");
} }
OAuth2Authentication oAuth2Authentication =null; OAuth2Authentication oAuth2Authentication =null;
try{ try{
@ -160,12 +164,12 @@ public class UserInfoEndpoint {
String jsonData=adapter.generateInfo( String jsonData=adapter.generateInfo(
(SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(), (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(),
userInfo, app); userInfo, app);
return jsonData; httpResponseAdapter.write(response,jsonData,"json");
}catch(OAuth2Exception e){ }catch(OAuth2Exception e){
HashMap<String,Object>authzException=new HashMap<String,Object>(); HashMap<String,Object>authzException=new HashMap<String,Object>();
authzException.put(OAuth2Exception.ERROR, e.getOAuth2ErrorCode()); authzException.put(OAuth2Exception.ERROR, e.getOAuth2ErrorCode());
authzException.put(OAuth2Exception.DESCRIPTION,e.getMessage()); authzException.put(OAuth2Exception.DESCRIPTION,e.getMessage());
return JsonUtils.gson2Json(authzException); httpResponseAdapter.write(response,JsonUtils.gson2Json(authzException),"json");
} }
} }