header authorization

2025-12-06 17:08:29 +08:00 · 2021-03-23 19:11:54 +08:00 · 2021-03-23 19:11:54 +08:00 · c1c9bb5e87
commit c1c9bb5e87
parent d5d47f127b
12 changed files with 122 additions and 76 deletions
--- a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
+++ b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java
@ -64,7 +64,7 @@ public class AuthorizationHeaderUtils {
    }
    
    public static boolean isBearer(String bearer) {
-        if (bearer.startsWith(AuthorizationHeaderCredential.Credential.BEARER)) {
+        if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) {
            return true;
        } else {
            return false;
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfNames.java
@ -28,6 +28,7 @@ import java.util.Arrays;
 */
 public class GroupOfNames {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfNames"));
+	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	public static final String CN                            = "cn";
 	public static final String MEMBER                  		 = "member";
 	public static final String BUSINESSCATEGORY              = "businessCategory";
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/GroupOfUniqueNames.java
@ -28,6 +28,7 @@ import java.util.Arrays;
 */
 public class GroupOfUniqueNames {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "groupOfUniqueNames"));
+	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	public static final String CN                            = "cn";
 	public static final String UNIQUEMEMBER                  = "uniqueMember";
 	public static final String BUSINESSCATEGORY              = "businessCategory";
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/InetOrgPerson.java
@ -28,6 +28,7 @@ import java.util.Arrays;
 */
 public class InetOrgPerson {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "person","organizationalPerson","inetOrgPerson"));
+	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	//person sup top
 	/**person sn MUST*/
 	public static final String SN                            = "sn";
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/Organization.java
@ -28,6 +28,9 @@ import java.util.Arrays;
 */
 public class Organization {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "organization"));
+	
+	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
+	
 	/**Organization o*/
 	public static final String O                          	 = "o";
 	/**Organization userPassword*/
--- a/maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ldap/OrganizationalUnit.java
@ -28,6 +28,7 @@ import java.util.Arrays;
 */
 public class OrganizationalUnit {
 	public static ArrayList<String> OBJECTCLASS = new ArrayList<>(Arrays.asList("top", "OrganizationalUnit"));
+	public static final String DISTINGUISHEDNAME 			 = "distinguishedname";
 	/**OrganizationalUnit ou*/
 	public static final String OU                         	 = "ou";
 	/**OrganizationalUnit userPassword*/
--- a/maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
+++ b/maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
@ -80,6 +80,8 @@ public class Organizations extends JpaBaseDomain implements Serializable {
    @Column
    private String sortIndex;
    @Column
+    private String ldapDn;
+    @Column
    private String description;
    
    private String status;
@ -292,6 +294,14 @@ public class Organizations extends JpaBaseDomain implements Serializable {
    
    

+    public String getLdapDn() {
+		return ldapDn;
+	}
+
+	public void setLdapDn(String ldapDn) {
+		this.ldapDn = ldapDn;
+	}
+
 	public String getStatus() {
        return status;
    }
@ -349,8 +359,12 @@ public class Organizations extends JpaBaseDomain implements Serializable {
 		builder.append(email);
 		builder.append(", sortIndex=");
 		builder.append(sortIndex);
+		builder.append(", ldapDn=");
+		builder.append(ldapDn);
 		builder.append(", description=");
 		builder.append(description);
+		builder.append(", status=");
+		builder.append(status);
 		builder.append("]");
 		return builder.toString();
 	}
--- a/maxkey-core/src/main/java/org/maxkey/web/HttpResponseAdapter.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/HttpResponseAdapter.java
@ -63,7 +63,6 @@ public class HttpResponseAdapter {
                		out.close();
                	}
 				} catch (IOException e) {
-					// TODO Auto-generated catch block
 					e.printStackTrace();
 				}
            }
--- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
@ -50,7 +50,7 @@ import io.swagger.annotations.ApiOperation;
 * @author Crystal.Sea
 *
 */
-@Api(tags = "JWT接口文档模块")
+@Api(tags = "JWT令牌接口")
@Controller
 public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{

@ -64,7 +64,7 @@ public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	@Autowired
 	ApplicationConfig applicationConfig;
 	
-	@ApiOperation(value = "JWT认证地址接口", notes = "参数应用ID",httpMethod="GET")
+	@ApiOperation(value = "JWT<EFBFBD><EFBFBD>֤<EFBFBD><EFBFBD>ַ<EFBFBD>ӿ<EFBFBD>", notes = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ӧ<EFBFBD><EFBFBD>ID",httpMethod="GET")
 	@RequestMapping("/authz/jwt/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
@ -17,6 +17,7 @@
 package org.maxkey.authz.oauth2.provider.endpoint;

 import java.io.IOException;
+import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@ -39,6 +40,8 @@ import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
 import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
 import org.maxkey.authz.oauth2.provider.OAuth2Request;
 import org.maxkey.authz.oauth2.provider.OAuth2RequestFactory;
+import org.maxkey.util.AuthorizationHeaderCredential;
+import org.maxkey.util.AuthorizationHeaderUtils;
 import org.maxkey.web.WebContext;
 import org.springframework.security.authentication.AuthenticationDetailsSource;
 import org.springframework.security.authentication.AuthenticationManager;
@ -213,13 +216,30 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 	
 	public Authentication ClientCredentials(HttpServletRequest request, HttpServletResponse response)
 				throws AuthenticationException, IOException, ServletException {
-
 			if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) {
 				throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
 			}

 			String clientId = request.getParameter("client_id");
 			String clientSecret = request.getParameter("client_secret");
+			if(clientId == null) {
+				if(logger.isTraceEnabled()) {
+					logger.trace("getRequestURL : "+request.getRequestURL());
+			        Enumeration<String> headerNames = request.getHeaderNames();
+			        while (headerNames.hasMoreElements()) {
+			          String key = (String) headerNames.nextElement();
+			          String value = request.getHeader(key);
+			          logger.trace("Header key "+key +" , value " + value);
+			        }
+				}
+				//for header authorization basic
+				String authorization_bearer =request.getHeader("authorization");
+				AuthorizationHeaderCredential ahc=AuthorizationHeaderUtils.resolve(authorization_bearer);
+				clientId =ahc.getUsername();
+				clientSecret=ahc.getCredential();
+			}
+			
+			 logger.trace("clientId "+clientId +" , clientSecret " + clientSecret);

 			// If the request is already authenticated we can assume that this
 			// filter is not needed
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
@ -34,6 +34,8 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		HashMap<String, Object> beanMap = new HashMap<String, Object>();
 		beanMap.put("randomId",(new StringGenerator()).uuidGenerate());
 		beanMap.put("uid", userInfo.getId());
+		//for spring security oauth2
+		beanMap.put("user", userInfo.getUsername());
 		beanMap.put("username", userInfo.getUsername());
 		beanMap.put("employeeNumber", userInfo.getEmployeeNumber());
 		beanMap.put("email", userInfo.getEmail());
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
@ -49,6 +49,7 @@ import org.maxkey.util.AuthorizationHeaderUtils;
 import org.maxkey.util.Instance;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
+import org.maxkey.web.HttpResponseAdapter;
 import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -106,27 +107,26 @@ public class UserInfoEndpoint {
 	private JwtEncryptionAndDecryptionService jwtEnDecryptionService; 
 	
 	
+	
 	private SymmetricSigningAndValidationServiceBuilder symmetricJwtSignerServiceBuilder
 					=new SymmetricSigningAndValidationServiceBuilder();

 	private RecipientJwtEncryptionAndDecryptionServiceBuilder recipientJwtEnDecryptionServiceBuilder
 					=new RecipientJwtEncryptionAndDecryptionServiceBuilder();

-	
 	OAuthDefaultUserInfoAdapter defaultOAuthUserInfoAdapter=new OAuthDefaultUserInfoAdapter();
 	
+    @Autowired
+    protected HttpResponseAdapter httpResponseAdapter;
+	
 	@ApiOperation(value = "OAuth 2.0 用户信息接口", notes = "传递参数access_token",httpMethod="GET")
 	@RequestMapping(value="/oauth/v20/me") 
-	@ResponseBody
-	public String apiV20UserInfo(
+	public void apiV20UserInfo(
 			@RequestParam(value = "access_token", required = false) String access_token,
 			@RequestHeader(value = "authorization", required = false) String authorization_bearer,
            HttpServletRequest request, 
            HttpServletResponse response) {	        
-	        response.setContentType(ContentType.APPLICATION_JSON_UTF8);
 	        if(access_token == null && authorization_bearer!= null) {
-	        	access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
-	        }
 	        	if(_logger.isTraceEnabled()) {
 		        	_logger.trace("getRequestURL : "+request.getRequestURL());
 			        Enumeration<String> headerNames = request.getHeaderNames();
@ -136,9 +136,13 @@ public class UserInfoEndpoint {
 			          _logger.trace("Header key "+key +" , value " + value);
 			        }
 		        }
+	        	//for header authorization bearer
+	        	access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
+	        }
+	        
 			String principal="";
 			if (!StringGenerator.uuidMatches(access_token)) {
-				return JsonUtils.gson2Json(accessTokenFormatError(access_token));
+				httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json"); 
 			}
 			OAuth2Authentication oAuth2Authentication =null;
 			try{
@ -160,12 +164,12 @@ public class UserInfoEndpoint {
 				String jsonData=adapter.generateInfo(
 				        (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(),
 				        userInfo, app);
-				return jsonData;
+				httpResponseAdapter.write(response,jsonData,"json"); 
 			}catch(OAuth2Exception e){
 				HashMap<String,Object>authzException=new HashMap<String,Object>();
 				authzException.put(OAuth2Exception.ERROR, e.getOAuth2ErrorCode());
 				authzException.put(OAuth2Exception.DESCRIPTION,e.getMessage());
-				return JsonUtils.gson2Json(authzException);
+				httpResponseAdapter.write(response,JsonUtils.gson2Json(authzException),"json"); 
 			}
 	}