admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 17:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into master_dev_lyp

Browse Source
This commit is contained in:
MaxKey 2020-11-10 12:19:10 +08:00 committed by GitHub
commit c2a64d0737
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
201 changed files with 13529 additions and 2822 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
.github/ISSUE_TEMPLATE/bug_report.md vendored Normal file
View File

@ -0,0 +1,38 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: ''
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**To Reproduce**
Steps to reproduce the behavior:
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Desktop (please complete the following information):**
- OS: [e.g. iOS]
- Browser [e.g. chrome, safari]
- Version [e.g. 22]
**Smartphone (please complete the following information):**
- Device: [e.g. iPhone6]
- OS: [e.g. iOS8.1]
- Browser [e.g. stock browser, safari]
- Version [e.g. 22]
**Additional context**
Add any other context about the problem here.

20
.github/ISSUE_TEMPLATE/feature_request.md vendored Normal file
View File

@ -0,0 +1,20 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: ''
assignees: ''
---
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context or screenshots about the feature request here.

228
CONTRIBUTING.md Normal file
View File

@ -0,0 +1,228 @@
# 贡献代码
欢迎您对MaxKey项目的贡献。
我们诚挚的感谢你的贡献,这个文档描述了我们的工作方式和工作流程,开发者也可以同时参考官方的相关文档。
## Workflow
MaxKey开发中使用到的几种模型在这个链接下载 [点我](https://github.com/MaxKeyTop/MaxKey/archive/master.zip).
之后是贡献代码的主要流程。
### Fork
* MaxKey采用Pull Request的方式提交代码禁止直接push所有的代码都需要人工review。首先要fork一份MaxKey的代码 ["Fork" button](https://help.github.com/articles/fork-a-repo/).
* 跳转到[MaxKey](https://github.com/MaxKeyTop/MaxKey) GitHub首页然后单击 `Fork` 按钮,生成自己目录下的仓库,比如 <https://github.com/你的用户名/MaxKey>
### Clone(克隆)
将远程仓库 clone 到本地:
```bash
➜ git clone https://github.com/你的用户名/MaxKey
➜ cd MaxKey
```
### 创建本地分支
MaxKey 目前使用[Git流分支模型](http://nvie.com/posts/a-successful-git-branching-model/)进行开发,测试,发行和维护
所有的 feature 和 bug fix 的开发工作都应该在一个新的分支上完成,一般从 `develop` 分支上创建新分支。
使用 `git checkout -b` 创建并切换到新分支。
```bash
➜ git checkout -b my-cool-stuff
```
值得注意的是,在 checkout 之前,需要保持当前分支目录 clean否则会把 untracked 的文件也带到新分支上,这可以通过 `git status` 查看。
### 使用 `pre-commit` 钩子
MaxKey 开发人员使用 [pre-commit](http://pre-commit.com/) 工具来管理 Git 预提交钩子。 在提交commit前自动检查一些基本事宜如每个文件只有一个 EOLGit 中不要添加大文件等)。
`pre-commit`测试是单元测试的一部分,不满足钩子的 PR 不能被提交到 MaxKey首先安装并在当前目录运行它
```bash
pip install pre-commit
pre-commit -v -a
```
## 开始开发
在本例中,我删除了 README.md 中的一行,并创建了一个新文件。
通过 `git status` 查看当前状态,这会提示当前目录的一些变化,同时也可以通过 `git diff` 查看文件具体被修改的内容。
```bash
➜ git status
On branch test
Changes not staged for commit:
(use "git add <file>..." to update what will be committed)
(use "git checkout -- <file>..." to discard changes in working directory)
modified: README.md
Untracked files:
(use "git add <file>..." to include in what will be committed)
test
no changes added to commit (use "git add" and/or "git commit -a")
```
## 构建
配置环境变量
gradleSetEnv.bat
set JAVA_HOME=D:\JavaIDE\jdk1.8.0_91
set GRADLE_HOME=D:\JavaIDE\gradle-5.4.1
启动构建
gradleBuildRelease.bat
构建结果
构建包路径
MaxKey/build/maxkey-jars
依赖包路径
MaxKey/build/maxkey-depjars
具体开发配置参见 https://maxkey.top/zh/development.html
## 提交commit
接下来我们取消对 README.md 文件的改变,然后提交新添加的 test 文件。
```bash
➜ git checkout -- README.md
➜ git status
On branch test
Untracked files:
(use "git add <file>..." to include in what will be committed)
test
nothing added to commit but untracked files present (use "git add" to track)
➜ git add test
```
Git 每次提交代码,都需要写提交说明,这可以让其他人知道这次提交做了哪些改变,这可以通过`git commit` 完成。
```bash
▶ pre-commit run -a -v
[remove-crlf] CRLF end-lines remover........................................Passed
[remove-tabs] Tabs remover..................................................Passed
[check-added-large-files] Check for added large files.......................Passed
[check-merge-conflict] Check for merge conflicts............................Passed
[check-symlinks] Check for broken symlinks..................................Passed
[detect-private-key] Detect Private Key.....................................Passed
[end-of-file-fixer] Fix End of Files........................................Passed
[trailing-whitespace] Trim Trailing Whitespace..............................Passed
[copyright] copyright.......................................................Passed
[clang-format] clang-format.................................................Passed
```
## 保持本地仓库最新
在准备发起 Pull Request 之前,需要同步原仓库(<https://github.com/MaxKeyTop/MaxKey>)最新的代码。
首先通过 `git remote` 查看当前远程仓库的名字。
```bash
➜ git remote
origin
➜ git remote -v
origin https://github.com/USERNAME/MaxKey (fetch)
origin https://github.com/USERNAME/MaxKey (push)
```
这里 origin 是我们 clone 的远程仓库的名字,也就是自己用户名下的 MaxKey接下来我们创建一个原始 MaxKey 仓库的远程主机,命名为 upstream。
```bash
➜ git remote add upstream https://github.com/MaxKeyTop/MaxKey
➜ git remote
origin
upstream
```
获取 upstream 的最新代码并更新当前分支。
```bash
➜ git fetch upstream
➜ git pull upstream develop
```
## Push 到远程仓库
将本地的修改推送到 GitHub 上,也就是 https://github.com/USERNAME/MaxKey。
```bash
# 推送到远程仓库 origin 的 my-cool-stuff 分支上
➜ git push origin my-cool-stuff
```
## 建立 Issue 并完成 Pull Request
建立一个 Issue 描述问题,并记录它的编号。
切换到所建分支,然后点击 `New pull request`
在 PR 的描述说明中,填写 `resolve #Issue编号` 可以在这个 PR 被 merge 后,自动关闭对应的 Issue
> 具体请见 <https://help.github.com/articles/closing-issues-via-commit-messages/>
## review
## 删除远程分支
在 PR 被 merge 进主仓库后,我们可以在 PR 的页面删除远程仓库的分支。
也可以使用 `git push origin :分支名` 删除远程分支,如:
```bash
➜ git push origin :my-cool-stuff
```
## 删除本地分支
最后,删除本地分支。
```bash
# 切换到 develop 分支
➜ git checkout develop
# 删除 my-cool-stuff 分支
➜ git branch -D my-cool-stuff
```
至此,我们就完成了一次代码贡献的过程。
## 提交代码的一些约定
为了使评审人在评审代码时更好地专注于代码本身,请您每次提交代码时,遵守以下约定:
1. 请保证单元测试能顺利通过。如果没过,说明提交的代码存在问题,评审人一般不做评审。
2. 提交Pull Request前
- 请注意commit的数量
- 原因如果仅仅修改一个文件但提交了十几个commit每个commit只做了少量的修改这会给评审人带来很大困扰。评审人需要逐一查看每个commit才能知道做了哪些修改且不排除commit之间的修改存在相互覆盖的情况。
- 建议每次提交时保持尽量少的commit可以通过`git commit --amend`补充上次的commit。对已经Push到远程仓库的多个commit可以参考[squash commits after push](http://stackoverflow.com/questions/5667884/how-to-squash-commits-in-git-after-they-have-been-pushed)。
- 请注意每个commit的名称应能反映当前commit的内容不能太随意。
3. 如果解决了某个Issue的问题请在该Pull Request的**第一个**评论框中加上:`fix #issue_number`这样当该Pull Request被合并后会自动关闭对应的Issue。关键词包括close, closes, closed, fix, fixes, fixed, resolve, resolves, resolved请选择合适的词汇。详细可参考[Closing issues via commit messages](https://help.github.com/articles/closing-issues-via-commit-messages)。
此外,在回复评审人意见时,请您遵守以下约定:
1. 评审人的每个意见都必须回复(这是开源社区的基本礼貌,别人帮了忙,应该说谢谢):
- 对评审意见同意且按其修改完的,给个简单的`Done`即可;
- 对评审意见不同意的,请给出您自己的反驳理由。
2. 如果评审意见比较多:
- 请给出总体的修改情况。
- 请采用[start a review](https://help.github.com/articles/reviewing-proposed-changes-in-a-pull-request/)进行回复,而非直接回复的方式。原因是每个回复都会发送一封邮件,会造成邮件灾难。

55
README.md
View File

@ -1,5 +1,7 @@
# <img src="http://www.maxkey.top/static/images/logo_maxkey.png" width="200px" />
# 概述
<b>MaxKey(马克思的钥匙)</b>单点登录认证系统(Single Sign On System),寓意是最大钥匙,是<b>业界领先的企业级IAM身份管理和身份认证产品</b>,支持OAuth 2.0/OpenID Connect、SAML 2.0、JWT、CAS、SCIM等标准协议提供<b>简单、标准、安全和开放</b>的用户身份管理(IDM)、身份认证(AM)、单点登录(SSO)、RBAC权限管理和资源管理等。
官方网站 <a href="https://www.maxkey.top" target="_blank"><b>官方网站</b></a> | <a href="https://maxkeytop.gitee.io" target="_blank"><b>官方网站二线</b></a>
@ -15,36 +17,36 @@
主要功能:
1.所有应用系统共享一个身份认证系统
1) 所有应用系统共享一个身份认证系统
2.所有应用系统能够识别和提取ticket信息
2) 所有应用系统能够识别和提取ticket信息
------------
# 产品特性
1. 标准认证协议:
| 序号 | 协议 | 支持 |
| --------| :----- | :----: |
| 1 | OAuth 2.0/OpenID Connect | 高 |
| 2 | SAML 2.0 | 高 |
| 3 | JWT | 高 |
| 4 | CAS | 高 |
| 5 | FormBased | 中 |
| 6 | TokenBased(Post/Cookie) | 中 |
| 7 | ExtendApi | 低 |
| 8 | EXT | 低 |
| 1.1 | OAuth 2.0/OpenID Connect | 高 |
| 1.2 | SAML 2.0 | 高 |
| 1.3 | JWT | 高 |
| 1.4 | CAS | 高 |
| 1.5 | FormBased | 中 |
| 1.6 | TokenBased(Post/Cookie) | 中 |
| 1.7 | ExtendApi | 低 |
| 1.8 | EXT | 低 |
2. 登录支持
| 序号 | 登录方式 |
| --------| :----- |
| 1 | 动态验证码 字母/数字/算术 |
| 2 | 双因素认证 |
| 3 | 短信认证 腾讯云短信/阿里云短信/网易云信 |
| 4 | 登录易/Google/Microsoft Authenticator/FreeOTP/支持TOTP或者HOTP |
| 5 | Kerberos/SPNEGO/AD域|
| 6 | 社交账号 微信/QQ/微博/钉钉/Google/Facebook/其他 |
| 2.1 | 动态验证码 字母/数字/算术 |
| 2.2 | 双因素认证 |
| 2.3 | 短信认证 腾讯云短信/阿里云短信/网易云信 |
| 2.4 | 登录易/Google/Microsoft Authenticator/FreeOTP/支持TOTP或者HOTP |
| 2.5 | Kerberos/SPNEGO/AD域|
| 2.6 | 社交账号 微信/QQ/微博/钉钉/Google/Facebook/其他 |
3. 提供标准的认证接口以便于其他应用集成SSO安全的移动接入安全的API、第三方认证和互联网认证的整合。
@ -59,8 +61,9 @@
8. 许可证 Apache License, Version 2.0,开源免费。
------------
# 界面
**MaxKey认证**
登录界面
@ -80,21 +83,27 @@
应用管理
<img src="http://www.maxkey.top/static/images/maxkey_mgt_apps.png"/>
------------
# 下载
当前版本百度网盘下载,<a href="https://maxkey.top/zh/download.html" target="_blank"> 历史版本</a>
| 版本 | 日期 | 下载地址 | 提取码 |
| --------| :----- | :---- | :----: |
| v 2.2.0 RC2 | 2020/09/17 | <a href="https://pan.baidu.com/s/1t0dnyzQOthTxwk2eiYdkVQ" target="_blank">链接下载</a> | **saft** |
| v 2.2.0 GA | 2020/09/24 | <a href="https://pan.baidu.com/s/1gtgELidq1F-GwvmxKbY_oA" target="_blank">链接下载</a> | **0y9o** |
# Roadmap
基于Excel批量机构和用户导入
1.基于Excel批量机构和用户导入
用户注册功能
2.用户注册功能
动态用户组实现(基于用户属性或机构)
3.动态用户组实现(基于用户属性或机构)
4.主任职机构和兼职机构
5.零信任场景整合
6.MaxKey Cloud(微服务版)-2021年

54
ReleaseNotes.txt
View File

@ -1,4 +1,30 @@
MaxKey v 2.2.0 GA 2020/09/**
MaxKey v 2.3.0 GA 2020/11/**
*(MAXKEY-200901) 基于spring session的集群会话共享功能
*(MAXKEY-200902) 单点注销功能应用可以配置为NONE/BACK_CHANNEL/FRONT_CHANNEL三种方式支持CAS/SAML/Default
*(MAXKEY-200903) 用户在线实时更新功能
*(MAXKEY-200904) 批量Excel用户导入功能
*(MAXKEY-200905) 用户注册功能
*(MAXKEY-200906) 用户状态修改
*(MAXKEY-200907) 用户详情显示问题
*(MAXKEY-200908) 应用修改时数字大于4为长度格式化问题
*(MAXKEY-200910) 注销后,点击重新登陆跳转问题
*(MAXKEY-200911) 增加SP登录跳转功能支持knox的认证
*(MAXKEY-200912) 构建脚本的优化和更新
*(MAXKEY-200913) 权限控制 RoleAdministrators
*(MAXKEY-200914) 社交账号登录优化
*(MAXKEY-200915) 列表界面中未”选择“情况下,弹出界面错误
*(MAXKEY-200916) jib(docker) 支持 感谢https://github.com/alanland
*(MAXKEY-200916) 登录过程的优化
*(MAXKEY-200917) 认证的优化,支持@Principal的注入
*(MAXKEY-200918) 应用单点登录时,用户访问权限控制
*(MAXKEY-200920) 依赖jar引用、更新和升级
druid 1.2.1
JustAuth 1.15.8
simple-http 1.0.3
spring-session 2.3.1.RELEASE
druid-spring-boot-starter 1.2.1
MaxKey v 2.2.0 GA 2020/09/24
*(MAXKEY-200801) 官方网站内容调整初步增加英文版支持增加新闻、合作伙伴及与CAS等开源产品对比
*(MAXKEY-200802) 国际化I18N内容优化
*(MAXKEY-200803) 使用Passay增强密码策略分离静态密码策略和动态密码策略
@ -32,13 +58,27 @@
*(MAXKEY-200831) MySQL时间问题参见https://dev.mysql.com/doc/refman/8.0/en/time-zone-support.html
*(MAXKEY-200832) OAuth2 Password模式修复
*(MAXKEY-200833) MGT管理SAML上传问题、IDP元数据链接优化、主键生成修复、元数据参数配置调整
*(MAXKEY-200834) MGT管理TOKENBASED令牌主键生成修复
*(MAXKEY-200835) 依赖jar升级
*(MAXKEY-200834) SAML 2添加多种NameId的支持支持后缀的配置NameId支持大小写转换
*(MAXKEY-200835) MGT管理TOKENBASED令牌主键生成修复
*(MAXKEY-200836) 依赖jar升级
tomcat 9.0.38
passay 1.6.0
springBoot 2.3.3.RELEASE
springSecurity 5.3.4.RELEASE
hibernate 6.1.5.Final
springBootVersion 2.3.4.RELEASE
springVersion 5.2.9.RELEASE
springSecurityVersion 5.4.0
guava 29.0-jre
joda-time 2.10.6
ehcache 3.9.0
alibaba druid 1.1.24
fastjson 1.2.73
jackson 2.11.2
tink 1.4.0
JustAuth 1.15.7
nimbus-jose-jwt 9.0.1
commons-lang3 3.11
commons-io 2.8.0
commons-codec 1.15
hibernate 6.1.5.Final
multiple-select-1.5.2
@ -159,4 +199,4 @@ MaxKey v 1.2.0 GA 2020/01/18
*(MAXKEY-200105) 修复日志的输出
MaxKey v 1.0 GA 2019/12/06
*(MAXKEY-191201) 基于SpringBoot重新构建1.0 GA
*(MAXKEY-191201) 基于SpringBoot重新构建1.0 GA

51
build.gradle
View File

@ -32,11 +32,11 @@ allprojects {
eclipse {
/*第一次时请注释这段eclipse设置可能报错*/
jdt {
File f = file('.settings/org.eclipse.core.resources.prefs')
f.write('eclipse.preferences.version=1\n')
f.append('encoding/<project>=UTF-8') //use UTF-8
}
// jdt {
// File f = file('.settings/org.eclipse.core.resources.prefs')
// f.write('eclipse.preferences.version=1\n')
// f.append('encoding/<project>=UTF-8') //use UTF-8
// }
/*
@ -131,16 +131,16 @@ subprojects {
testCompile group: 'xmlunit', name: 'xmlunit', version: '1.6'
//apache
compile group: 'commons-beanutils', name: 'commons-beanutils', version: '1.9.3'
compile group: 'commons-codec', name: 'commons-codec', version: '1.14'
compile group: 'commons-codec', name: 'commons-codec', version: '1.15'
compile group: 'commons-collections', name: 'commons-collections', version: '3.2.2'
//compile group: 'org.apache.commons', name: 'commons-csv', version: '1.7'
compile group: 'org.apache.commons', name: 'commons-dbcp2', version: '2.6.0'
compile group: 'commons-dbutils', name: 'commons-dbutils', version: '1.7'
compile group: 'org.apache.commons', name: 'commons-digester3', version: '3.2'
compile group: 'commons-digester', name: 'commons-digester', version: '2.1'
compile group: 'commons-io', name: 'commons-io', version: '2.6'
compile group: 'commons-io', name: 'commons-io', version: '2.8.0'
compile group: 'commons-lang', name: 'commons-lang', version: '2.6'
compile group: 'org.apache.commons', name: 'commons-lang3', version: '3.9'
compile group: 'org.apache.commons', name: 'commons-lang3', version: '3.11'
compile group: 'commons-logging', name: 'commons-logging', version: '1.2'
compile group: 'org.apache.commons', name: 'commons-pool2', version: '2.6.2'
compile group: 'commons-httpclient', name: 'commons-httpclient', version: '3.1'
@ -209,19 +209,27 @@ subprojects {
compile group: 'org.springframework.boot', name: 'spring-boot-starter-log4j2', version: "${springBootVersion}"
compile group: 'org.springframework.boot', name: 'spring-boot-starter-web', version: "${springBootVersion}"
compile group: 'org.springframework.boot', name: 'spring-boot-starter-tomcat', version: "${springBootVersion}"
compile group: 'org.springframework.boot', name: 'spring-boot-starter-data-redis', version: "${springBootVersion}"
testCompile group: 'org.springframework.boot', name: 'spring-boot-starter-test', version: "${springBootVersion}"
//spring-data
compile group: 'org.springframework.data', name: 'spring-data-commons', version: "${springDataVersion}"
compile group: 'org.springframework.data', name: 'spring-data-keyvalue', version: "${springDataVersion}"
compile group: 'org.springframework.data', name: 'spring-data-redis', version: "${springDataVersion}"
//spring-session
compile group: 'org.springframework.session', name: 'spring-session-core', version: "${springSessionVersion}"
compile group: 'org.springframework.session', name: 'spring-session-data-redis', version: "${springSessionVersion}"
//saml
compile group: 'org.opensaml', name: 'opensaml', version: '2.6.4'
compile group: 'org.opensaml', name: 'openws', version: '1.5.4'
compile group: 'org.opensaml', name: 'xmltooling', version: '1.4.4'
//jose-jwt
compile group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '8.10'
compile group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.0.1'
compile group: 'net.jcip', name: 'jcip-annotations', version: '1.0'
compile group: 'net.minidev', name: 'json-smart', version: '2.3'
compile group: 'net.minidev', name: 'asm', version: '1.0.2'
//oauth third party JustAuth
compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.2'
compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.6'
compile group: 'com.xkcoding.http', name: 'simple-http', version: '1.0.3'
compile group: 'me.zhyd.oauth', name: 'JustAuth', version: '1.15.8'
//common
compile group: 'org.javassist', name: 'javassist', version: '3.23.0-GA'
compile group: 'org.owasp.esapi', name: 'esapi', version: '2.2.0.0'
@ -243,7 +251,7 @@ subprojects {
compile group: 'org.bouncycastle', name: 'bcpkix-jdk15on', version: "${bouncycastleVersion}"
compile group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: "${bouncycastleVersion}"
compile group: 'org.bouncycastle', name: 'bcprov-ext-jdk15on', version: "${bouncycastleVersion}"
compile group: 'com.google.crypto.tink', name: 'tink', version: '1.2.2'
compile group: 'com.google.crypto.tink', name: 'tink', version: '1.4.0'
//kaptcha
compile group: 'com.jhlabs', name: 'filters', version: '2.0.235-1'
compile group: 'com.github.penggle', name: 'kaptcha', version: '2.3.2'
@ -253,7 +261,7 @@ subprojects {
compile group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: "${jacksonVersion}"
compile group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: "${jacksonVersion}"
compile group: 'com.fasterxml', name: 'classmate', version: '1.5.0'
compile group: 'com.alibaba', name: 'fastjson', version: '1.2.66'
compile group: 'com.alibaba', name: 'fastjson', version: '1.2.74'
//reactive
compile group: 'org.reactivestreams', name: 'reactive-streams', version: '1.0.2'
compile group: 'io.projectreactor', name: 'reactor-core', version: '3.2.10.RELEASE'
@ -262,10 +270,10 @@ subprojects {
compile group: 'org.quartz-scheduler', name: 'quartz', version: '2.3.2'
//database
compile group: 'mysql', name: 'mysql-connector-java', version: '8.0.21'
compile group: 'com.alibaba', name: 'druid', version: '1.1.21'
compile group: 'com.alibaba', name: 'druid-spring-boot-starter', version: '1.1.21'
compile group: 'redis.clients', name: 'jedis', version: '3.2.0'
compile group: 'org.ehcache', name: 'ehcache', version: '3.8.1'
compile group: 'com.alibaba', name: 'druid', version: '1.2.1'
compile group: 'com.alibaba', name: 'druid-spring-boot-starter', version: '1.2.1'
compile group: 'redis.clients', name: 'jedis', version: '3.3.0'
compile group: 'org.ehcache', name: 'ehcache', version: '3.9.0'
//mybatis
compile group: 'org.mybatis', name: 'mybatis', version: '3.5.5'
compile group: 'org.mybatis', name: 'mybatis-spring', version: '2.0.5'
@ -274,12 +282,12 @@ subprojects {
compile group: 'org.hibernate', name: 'hibernate-validator-cdi', version: "${hibernateVersion}"
compile group: 'org.hibernate.validator', name: 'hibernate-validator-annotation-processor', version: "${hibernateVersion}"
//usefull
compile group: 'joda-time', name: 'joda-time', version: '2.10.5'
compile group: 'joda-time', name: 'joda-time', version: '2.10.6'
compile group: 'org.yaml', name: 'snakeyaml', version: '1.26'
compile group: 'net.sourceforge.nekohtml', name: 'nekohtml', version: '1.9.22'
compile group: 'org.jdom', name: 'jdom', version: '2.0.2'
compile group: 'com.google.zxing', name: 'core', version: '3.4.0'
compile group: 'com.google.guava', name: 'guava', version: '28.2-jre'
compile group: 'com.google.guava', name: 'guava', version: '29.0-jre'
compile group: 'ognl', name: 'ognl', version: '3.2.14'
compile group: 'cglib', name: 'cglib', version: '3.3.0'
compile group: 'org.ow2.asm', name: 'asm', version: '7.3.1'
@ -300,8 +308,9 @@ subprojects {
//
compile group: 'com.tencentcloudapi', name: 'tencentcloud-sdk-java', version: '3.1.33'
//tomcat embed
compile group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.36'
//tomcat embed Core Tomcat implementation
compile group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '9.0.38'
//JULI logging implementation for embedded Tomcat
compile group: 'org.apache.tomcat.embed', name: 'tomcat-embed-logging-juli', version: '8.5.2'
//easyExcel

0
style/checkstyle-rules.xml → checkstyle/checkstyle-rules.xml
View File

2
gradleIDETask.bat → eclipsePluginApply.bat
View File

@ -1,4 +1,4 @@
call gradleSetEnv.bat
call setEnvVars.bat
set START_TIME="%date:~0,10% %time:~0,2%:%time:~3,5%"
echo start time %START_TIME%

2
gradleIDEClean.bat → eclipsePluginClean.bat
View File

@ -1,4 +1,4 @@
call gradleSetEnv.bat
call setEnvVars.bat
set START_TIME="%date:~0,10% %time:~0,2%:%time:~3,5%"
echo start time %START_TIME%

8
gradle.properties
View File

@ -4,9 +4,11 @@ vendor =https://www.maxkey.top
author =shimingxy
#Version For use jar
log4jVersion =2.13.3
springVersion =5.2.8.RELEASE
springBootVersion =2.3.3.RELEASE
springSecurityVersion =5.3.4.RELEASE
springVersion =5.2.9.RELEASE
springBootVersion =2.3.4.RELEASE
springSecurityVersion =5.4.0
springDataVersion =2.3.4.RELEASE
springSessionVersion =2.3.1.RELEASE
hibernateVersion =6.1.5.Final
slf4jVersion =1.7.30
jacksonVersion =2.11.2

18
gradleBuildClean.bat
View File

@ -1,18 +0,0 @@
call gradleSetEnv.bat
set START_TIME="%date:~0,10% %time:~0,2%:%time:~3,5%"
echo start time %START_TIME%
call %JAVA_HOME%/bin/java -version
call %GRADLE_HOME%/bin/gradle -version
echo start clean . . .
call %GRADLE_HOME%/bin/gradle clean
set END_TIME="%date:~0,10% %time:~0,2%:%time:~3,5%"
echo clean start at %START_TIME% complete at %END_TIME%.
pause

79
maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
View File

@ -98,12 +98,20 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
@RequestMapping(value={"/callback/{provider}"}, method = RequestMethod.GET)
public ModelAndView callback(@PathVariable String provider
) {
this.provider=provider;
this.authCallback();
_logger.debug(this.accountId);
SocialsAssociate socialSignOnUserToken =new SocialsAssociate();
socialSignOnUserToken.setProvider(provider);
socialSignOnUserToken.setSocialuid(this.accountId);
SocialsAssociate socialsAssociate = null;
//auth call back may exception
try {
this.provider=provider;
this.authCallback();
_logger.debug(this.accountId);
socialsAssociate =new SocialsAssociate();
socialsAssociate.setProvider(provider);
socialsAssociate.setSocialuid(this.accountId);
}catch(Exception e) {
_logger.error("callback Exception ",e);
}
//for login
String socialSignOnType= "";
@ -112,10 +120,10 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
}
if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)||socialSignOnType.equals("")){
socialSignOn(socialSignOnUserToken);
socialSignOn(socialsAssociate);
return WebContext.redirect("/index");
}else{
socialBind(socialSignOnUserToken);
socialBind(socialsAssociate);
}
if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
@ -126,38 +134,41 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
}
public boolean socialBind(SocialsAssociate socialSignOnUserToken){
socialSignOnUserToken.setSocialUserInfo(accountJsonString);
socialSignOnUserToken.setUid(WebContext.getUserInfo().getId());
socialSignOnUserToken.setUsername(WebContext.getUserInfo().getUsername());
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(accessToken));
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
_logger.debug("Social Bind : "+socialSignOnUserToken);
this.socialsAssociateService.delete(socialSignOnUserToken);
this.socialsAssociateService.insert(socialSignOnUserToken);
public boolean socialBind(SocialsAssociate socialsAssociate){
if(null == socialsAssociate) {
return false;
}
socialsAssociate.setSocialUserInfo(accountJsonString);
socialsAssociate.setUid(WebContext.getUserInfo().getId());
socialsAssociate.setUsername(WebContext.getUserInfo().getUsername());
//socialsAssociate.setAccessToken(JsonUtils.object2Json(accessToken));
//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
_logger.debug("Social Bind : "+socialsAssociate);
this.socialsAssociateService.delete(socialsAssociate);
this.socialsAssociateService.insert(socialsAssociate);
return true;
}
public boolean socialSignOn(SocialsAssociate socialSignOnUserToken){
public boolean socialSignOn(SocialsAssociate socialsAssociate){
socialSignOnUserToken=this.socialsAssociateService.get(socialSignOnUserToken);
socialsAssociate=this.socialsAssociateService.get(socialsAssociate);
_logger.debug("callback SocialSignOn User Token : "+socialSignOnUserToken);
if(null !=socialSignOnUserToken){
_logger.debug("Social Sign On from "+socialSignOnUserToken.getProvider()+" mapping to user "+socialSignOnUserToken.getUsername());
authenticationProvider.trustAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
socialSignOnUserToken.setSocialUserInfo(accountJsonString);
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
this.socialsAssociateService.update(socialSignOnUserToken);
}else{
WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
_logger.debug("Loaded SocialSignOn Socials Associate : "+socialsAssociate);
if(null == socialsAssociate) {
WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
return false;
}
_logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername());
authenticationProvider.trustAuthentication(socialsAssociate.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
//socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken));
socialsAssociate.setSocialUserInfo(accountJsonString);
//socialsAssociate.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
this.socialsAssociateService.update(socialsAssociate);
return true;
}
}

66
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@ -17,6 +17,8 @@
package org.maxkey.authn;
import java.util.ArrayList;
import org.maxkey.authn.online.OnlineTicketServices;
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.configuration.ApplicationConfig;
@ -34,7 +36,8 @@ import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
/**
* login Authentication abstract class.
*
@ -60,12 +63,22 @@ public abstract class AbstractAuthenticationProvider {
@Autowired
@Qualifier("remeberMeService")
protected AbstractRemeberMeService remeberMeService;
@Autowired
@Qualifier("onlineTicketServices")
protected OnlineTicketServices onlineTicketServices;
static ArrayList<GrantedAuthority> grantedAdministratorsAuthoritys = new ArrayList<GrantedAuthority>();
static {
grantedAdministratorsAuthoritys.add(new SimpleGrantedAuthority("ROLE_ADMINISTRATORS"));
}
protected abstract String getProviderName();
protected abstract Authentication doInternalAuthenticate(Authentication authentication);
protected abstract Authentication doInternalAuthenticate(LoginCredential authentication);
public abstract Authentication basicAuthenticate(Authentication authentication) ;
public abstract Authentication basicAuthenticate(LoginCredential authentication) ;
public abstract Authentication trustAuthentication(
String username,
@ -83,17 +96,18 @@ public abstract class AbstractAuthenticationProvider {
* authenticate .
*
*/
public Authentication authenticate(Authentication authentication)
public Authentication authenticate(LoginCredential loginCredential)
throws AuthenticationException {
_logger.debug("Trying to authenticate user '{}' via {}",
authentication.getPrincipal(), getProviderName());
loginCredential.getPrincipal(), getProviderName());
Authentication authentication = null;
try {
authentication = doInternalAuthenticate(authentication);
authentication = doInternalAuthenticate(loginCredential);
} catch (AuthenticationException e) {
_logger.error("Failed to authenticate user {} via {}: {}",
new Object[] {
authentication.getPrincipal(), getProviderName(), e.getMessage() });
new Object[] { loginCredential.getPrincipal(),
getProviderName(),
e.getMessage() });
WebContext.setAttribute(
WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
} catch (Exception e) {
@ -116,7 +130,7 @@ public abstract class AbstractAuthenticationProvider {
final Object firstSavedRequest =
WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
//change Session
WebContext.getSession().invalidate();
WebContext.setAttribute(
WebConstants.CURRENT_USER_SESSION_ID, WebContext.getSession().getId());
@ -132,14 +146,7 @@ public abstract class AbstractAuthenticationProvider {
WebContext.getSession().setAttribute(
WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE, passwordSetType);
// create new authentication response containing the user and it's authorities
UsernamePasswordAuthenticationToken simpleUserAuthentication =
new UsernamePasswordAuthenticationToken(
userInfo.getUsername(),
authentication.getCredentials(),
authentication.getAuthorities()
);
return simpleUserAuthentication;
return authentication;
}
/**
@ -251,6 +258,7 @@ public abstract class AbstractAuthenticationProvider {
} else {
_logger.debug("User Login. ");
}
}
return userInfo;
@ -310,4 +318,26 @@ public abstract class AbstractAuthenticationProvider {
return true;
}
public void setApplicationConfig(ApplicationConfig applicationConfig) {
this.applicationConfig = applicationConfig;
}
public void setAuthenticationRealm(AbstractAuthenticationRealm authenticationRealm) {
this.authenticationRealm = authenticationRealm;
}
public void setTfaOptAuthn(AbstractOptAuthn tfaOptAuthn) {
this.tfaOptAuthn = tfaOptAuthn;
}
public void setRemeberMeService(AbstractRemeberMeService remeberMeService) {
this.remeberMeService = remeberMeService;
}
public void setOnlineTicketServices(OnlineTicketServices onlineTicketServices) {
this.onlineTicketServices = onlineTicketServices;
}
}

59
maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java → maxkey-core/src/main/java/org/maxkey/authn/LoginCredential.java
View File

@ -1,31 +1,17 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn;
import java.util.ArrayList;
import java.util.Collection;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
public class BasicAuthentication implements Authentication {
private static final long serialVersionUID = -110742975439268030L;
public class LoginCredential implements Authentication {
/**
*
*/
private static final long serialVersionUID = 3125709257481600320L;
String username;
String password;
String sessionId;
@ -34,32 +20,29 @@ public class BasicAuthentication implements Authentication {
String remeberMe;
String authType;
String jwtToken;
String onlineTicket;
ArrayList<GrantedAuthority> grantedAuthority;
boolean authenticated;
boolean roleAdministrators;
/**
* BasicAuthentication.
*/
public BasicAuthentication() {
grantedAuthority = new ArrayList<GrantedAuthority>();
grantedAuthority.add(new SimpleGrantedAuthority("ROLE_USER"));
grantedAuthority.add(new SimpleGrantedAuthority("ORDINARY_USER"));
public LoginCredential() {
}
/**
* BasicAuthentication.
*/
public BasicAuthentication(String username,String password,String authType) {
public LoginCredential(String username,String password,String authType) {
this.username = username;
this.password = password;
this.authType = authType;
grantedAuthority = new ArrayList<GrantedAuthority>();
grantedAuthority.add(new SimpleGrantedAuthority("ROLE_USER"));
grantedAuthority.add(new SimpleGrantedAuthority("ORDINARY_USER"));
}
@Override
public String getName() {
return "Basic Authentication";
return "Login Credential";
}
@Override
@ -166,6 +149,22 @@ public class BasicAuthentication implements Authentication {
this.grantedAuthority = grantedAuthority;
}
public String getOnlineTicket() {
return onlineTicket;
}
public void setOnlineTicket(String onlineTicket) {
this.onlineTicket = onlineTicket;
}
public boolean isRoleAdministrators() {
return roleAdministrators;
}
public void setRoleAdministrators(boolean roleAdministrators) {
this.roleAdministrators = roleAdministrators;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();

154
maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
View File

@ -17,6 +17,9 @@
package org.maxkey.authn;
import java.util.ArrayList;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebConstants;
import org.maxkey.web.WebContext;
@ -25,6 +28,7 @@ import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
@ -44,46 +48,40 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
}
@Override
protected Authentication doInternalAuthenticate(Authentication authentication) {
BasicAuthentication auth = (BasicAuthentication)authentication;
protected Authentication doInternalAuthenticate(LoginCredential loginCredential) {
_logger.debug("authentication " + auth);
_logger.debug("authentication " + loginCredential);
sessionValid(auth.getSessionId());
sessionValid(loginCredential.getSessionId());
//jwtTokenValid(j_jwtToken);
authTypeValid(auth.getAuthType());
authTypeValid(loginCredential.getAuthType());
captchaValid(auth.getCaptcha(),auth.getAuthType());
captchaValid(loginCredential.getCaptcha(),loginCredential.getAuthType());
emptyPasswordValid(auth.getPassword());
emptyPasswordValid(loginCredential.getPassword());
UserInfo userInfo = null;
emptyUsernameValid(auth.getUsername());
emptyUsernameValid(loginCredential.getUsername());
userInfo = loadUserInfo(auth.getUsername(),auth.getPassword());
userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
userinfoValid(userInfo, auth.getPassword());
userinfoValid(userInfo, loginCredential.getPassword());
tftcaptchaValid(auth.getOtpCaptcha(),auth.getAuthType(),userInfo);
tftcaptchaValid(loginCredential.getOtpCaptcha(),loginCredential.getAuthType(),userInfo);
authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
authenticationRealm.passwordMatches(userInfo, auth.getPassword());
authenticationRealm.grantAuthority(userInfo);
/*
* put userInfo to current session context
*/
WebContext.setUserInfo(userInfo);
auth.setAuthenticated(true);
if (auth.isAuthenticated() && applicationConfig.getLoginConfig().isRemeberMe()) {
if (auth.getRemeberMe() != null && auth.getRemeberMe().equals("remeberMe")) {
authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword());
UsernamePasswordAuthenticationToken authenticationToken = setOnline(loginCredential,userInfo);
//RemeberMe Config check then set RemeberMe cookies
if (applicationConfig.getLoginConfig().isRemeberMe()) {
if (loginCredential.getRemeberMe() != null && loginCredential.getRemeberMe().equals("remeberMe")) {
WebContext.getSession().setAttribute(
WebConstants.REMEBER_ME_SESSION,auth.getUsername());
WebConstants.REMEBER_ME_SESSION,loginCredential.getUsername());
_logger.debug("do Remeber Me");
remeberMeService.createRemeberMe(
userInfo.getUsername(),
@ -93,43 +91,24 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
);
}
}
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
new UsernamePasswordAuthenticationToken(
auth,
"PASSWORD",
authenticationRealm.grantAuthority(userInfo));
usernamePasswordAuthenticationToken.setDetails(
new WebAuthenticationDetails(WebContext.getRequest()));
return usernamePasswordAuthenticationToken;
return authenticationToken;
}
@Override
public Authentication basicAuthenticate(Authentication authentication) {
BasicAuthentication basicAuth = (BasicAuthentication) authentication;
UserInfo loadeduserInfo = loadUserInfo(basicAuth.getUsername(), "");
public Authentication basicAuthenticate(LoginCredential loginCredential) {
UserInfo loadeduserInfo = loadUserInfo(loginCredential.getUsername(), "");
if (loadeduserInfo != null) {
authenticationRealm.passwordMatches(loadeduserInfo, basicAuth.getPassword());
authenticationRealm.passwordMatches(loadeduserInfo, loginCredential.getPassword());
authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo);
WebContext.setUserInfo(loadeduserInfo);
authentication.setAuthenticated(true);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
authentication, "PASSWORD", authenticationRealm.grantAuthority(loadeduserInfo));
WebContext.setAuthentication(authenticationToken);
WebContext.setUserInfo(loadeduserInfo);
authenticationRealm.insertLoginHistory(loadeduserInfo, basicAuth.getAuthType(), "", "", "SUCCESS");
return authenticationToken;
authenticationRealm.insertLoginHistory(loadeduserInfo, loginCredential.getAuthType(), "", "", "SUCCESS");
return setOnline(loginCredential,loadeduserInfo);
}else {
String message = WebContext.getI18nValue("login.error.username");
_logger.debug("login user " + basicAuth.getUsername() + " not in this System ." + message);
_logger.debug("login user " + loginCredential.getUsername() + " not in this System ." + message);
throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
}
}
@ -151,28 +130,71 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
String message) {
UserInfo loadeduserInfo = loadUserInfo(username, "");
if (loadeduserInfo != null) {
WebContext.setUserInfo(loadeduserInfo);
BasicAuthentication authentication = new BasicAuthentication();
authentication.setUsername(loadeduserInfo.getUsername());
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(
authentication,
"PASSWORD",
authenticationRealm.grantAuthority(loadeduserInfo)
);
authentication.setAuthenticated(true);
WebContext.setAuthentication(authenticationToken);
WebContext.setUserInfo(loadeduserInfo);
LoginCredential loginCredential = new LoginCredential();
loginCredential.setUsername(loadeduserInfo.getUsername());
authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
return authenticationToken;
return setOnline(loginCredential,loadeduserInfo);
}else {
String i18nMessage = WebContext.getI18nValue("login.error.username");
_logger.debug("login user " + username + " not in this System ." + i18nMessage);
throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
}
}
public UsernamePasswordAuthenticationToken setOnline(LoginCredential credential,UserInfo userInfo) {
//Online Tickit Id
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
_logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName());
OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
WebContext.setCookie(WebContext.getResponse(),
this.applicationConfig.getBaseDomainName(),
WebConstants.ONLINE_TICKET_NAME,
onlineTickitId,
0);
SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
//set OnlineTicket
signinPrincipal.setOnlineTicket(onlineTicket);
ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
signinPrincipal.setAuthenticated(true);
for(GrantedAuthority administratorsAuthority : grantedAdministratorsAuthoritys) {
if(grantedAuthoritys.contains(administratorsAuthority)) {
signinPrincipal.setRoleAdministrators(true);
_logger.trace("ROLE ADMINISTRATORS Authentication .");
}
}
_logger.debug("Granted Authority " + grantedAuthoritys);
signinPrincipal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys));
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(
signinPrincipal,
"PASSWORD",
grantedAuthoritys
);
authenticationToken.setDetails(
new WebAuthenticationDetails(WebContext.getRequest()));
onlineTicket.setAuthentication(authenticationToken);
this.onlineTicketServices.store(onlineTickitId, onlineTicket);
/*
* put userInfo to current session context
*/
WebContext.setAuthentication(authenticationToken);
WebContext.setUserInfo(userInfo);
return authenticationToken;
}
}

182
maxkey-core/src/main/java/org/maxkey/authn/SigninPrincipal.java Normal file
View File

@ -0,0 +1,182 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn;
import java.util.ArrayList;
import java.util.Collection;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.domain.UserInfo;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
public class SigninPrincipal implements UserDetails {
private static final long serialVersionUID = -110742975439268030L;
UserInfo userInfo;
UserDetails userDetails;
OnlineTicket onlineTicket;
ArrayList<GrantedAuthority> grantedAuthority;
ArrayList<GrantedAuthority> grantedAuthorityApps;
boolean authenticated;
boolean roleAdministrators;
/**
* SigninPrincipal.
*/
public SigninPrincipal() {
}
/**
* SigninPrincipal.
*/
public SigninPrincipal(UserInfo userInfo) {
this.userInfo = userInfo;
this.authenticated = true;
}
/**
* SigninPrincipal.
*/
public SigninPrincipal(UserDetails userDetails) {
this.userDetails = userDetails;
this.authenticated = true;
}
public UserInfo getUserInfo() {
return userInfo;
}
public void setUserInfo(UserInfo userInfo) {
this.userInfo = userInfo;
}
public boolean isAuthenticated() {
return authenticated;
}
public void setAuthenticated(boolean authenticated) {
this.authenticated = authenticated;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return grantedAuthority;
}
public ArrayList<GrantedAuthority> getGrantedAuthority() {
return grantedAuthority;
}
public UserDetails getUserDetails() {
return userDetails;
}
public void setUserDetails(UserDetails userDetails) {
this.userDetails = userDetails;
}
public void setGrantedAuthority(ArrayList<GrantedAuthority> grantedAuthority) {
this.grantedAuthority = grantedAuthority;
}
public OnlineTicket getOnlineTicket() {
return onlineTicket;
}
public void setOnlineTicket(OnlineTicket onlineTicket) {
this.onlineTicket = onlineTicket;
}
public boolean isRoleAdministrators() {
return roleAdministrators;
}
public void setRoleAdministrators(boolean roleAdministrators) {
this.roleAdministrators = roleAdministrators;
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
public ArrayList<GrantedAuthority> getGrantedAuthorityApps() {
return grantedAuthorityApps;
}
public void setGrantedAuthorityApps(ArrayList<GrantedAuthority> grantedAuthorityApps) {
this.grantedAuthorityApps = grantedAuthorityApps;
}
@Override
public String getUsername() {
if(this.userInfo != null) {
return this.userInfo.getUsername();
}else {
return this.userDetails.getUsername();
}
}
@Override
public String getPassword() {
if(this.userInfo != null) {
return this.userInfo.getPassword();
}else {
return this.userDetails.getPassword();
}
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("SigninPrincipal [userInfo=");
builder.append(userInfo);
builder.append(", onlineTicket=");
builder.append(onlineTicket);
builder.append(", grantedAuthority=");
builder.append(grantedAuthority);
builder.append(", authenticated=");
builder.append(authenticated);
builder.append(", roleAdministrators=");
builder.append(roleAdministrators);
builder.append("]");
return builder.toString();
}
}

96
maxkey-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketServices.java Normal file
View File

@ -0,0 +1,96 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn.online;
import java.time.Duration;
import java.time.LocalTime;
import org.ehcache.UserManagedCache;
import org.ehcache.config.builders.ExpiryPolicyBuilder;
import org.ehcache.config.builders.UserManagedCacheBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class InMemoryOnlineTicketServices implements OnlineTicketServices{
private static final Logger _logger = LoggerFactory.getLogger(InMemoryOnlineTicketServices.class);
protected static UserManagedCache<String, OnlineTicket> onlineTicketStore =
UserManagedCacheBuilder.newUserManagedCacheBuilder(String.class, OnlineTicket.class)
.withExpiry(ExpiryPolicyBuilder.timeToLiveExpiration(Duration.ofMinutes(30)))
.build(true);
public InMemoryOnlineTicketServices() {
super();
}
@Override
public void store(String ticketId, OnlineTicket ticket) {
onlineTicketStore.put(ticketId, ticket);
}
@Override
public OnlineTicket remove(String ticketId) {
OnlineTicket ticket=onlineTicketStore.get(ticketId);
onlineTicketStore.remove(ticketId);
return ticket;
}
@Override
public OnlineTicket get(String ticketId) {
OnlineTicket ticket=onlineTicketStore.get(ticketId);
return ticket;
}
@Override
public void setValiditySeconds(int validitySeconds) {
onlineTicketStore =
UserManagedCacheBuilder.
newUserManagedCacheBuilder(String.class, OnlineTicket.class)
.withExpiry(
ExpiryPolicyBuilder.timeToLiveExpiration(
Duration.ofMinutes(validitySeconds/60))
)
.build(true);
}
@Override
public void refresh(String ticketId,LocalTime refreshTime) {
OnlineTicket onlineTicket = get(ticketId);
onlineTicket.setTicketTime(refreshTime);
store(ticketId , onlineTicket);
}
@Override
public void refresh(String ticketId) {
OnlineTicket onlineTicket = get(ticketId);
LocalTime currentTime = LocalTime.now();
Duration duration = Duration.between(currentTime, onlineTicket.getTicketTime());
_logger.trace("OnlineTicket duration " + duration.getSeconds());
if(duration.getSeconds() > OnlineTicket.MAX_EXPIRY_DURATION) {
onlineTicket.setTicketTime(currentTime);
refresh(ticketId,currentTime);
}
}
}

101
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java Normal file
View File

@ -0,0 +1,101 @@
package org.maxkey.authn.online;
import java.io.Serializable;
import java.time.LocalTime;
import java.util.HashMap;
import org.maxkey.domain.apps.Apps;
import org.springframework.security.core.Authentication;
public class OnlineTicket implements Serializable{
/**
*
*/
public static final int MAX_EXPIRY_DURATION = 60 * 10; //default 10 minutes.
private static final long serialVersionUID = 9008067569150338296L;
public String ticketId;
public LocalTime ticketTime;
public Authentication authentication;
private HashMap<String , Apps> authorizedApps = new HashMap<String , Apps>();
public OnlineTicket(String ticketId) {
super();
this.ticketId = ticketId;
this.ticketTime = LocalTime.now();
}
public OnlineTicket(String ticketId,Authentication authentication) {
super();
this.ticketId = ticketId;
this.authentication = authentication;
this.ticketTime = LocalTime.now();
}
public String getTicketId() {
return ticketId;
}
public void setTicketId(String ticketId) {
this.ticketId = ticketId;
}
public LocalTime getTicketTime() {
return ticketTime;
}
public void setTicketTime(LocalTime ticketTime) {
this.ticketTime = ticketTime;
}
public Authentication getAuthentication() {
return authentication;
}
public void setAuthentication(Authentication authentication) {
this.authentication = authentication;
}
public HashMap<String, Apps> getAuthorizedApps() {
return authorizedApps;
}
public void setAuthorizedApps(HashMap<String, Apps> authorizedApps) {
this.authorizedApps = authorizedApps;
}
public void setAuthorizedApp(Apps authorizedApp) {
this.authorizedApps.put(authorizedApp.getId(), authorizedApp);
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("OnlineTicket [ticketId=");
builder.append(ticketId);
builder.append("]");
return builder.toString();
}
}

35
maxkey-core/src/main/java/org/maxkey/authn/online/OnlineTicketServices.java Normal file
View File

@ -0,0 +1,35 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn.online;
import java.time.LocalTime;
public interface OnlineTicketServices {
public void store(String ticketId, OnlineTicket ticket);
public OnlineTicket remove(String ticket);
public OnlineTicket get(String ticketId);
public void refresh(String ticketId ,LocalTime refreshTime);
public void refresh(String ticketId);
public void setValiditySeconds(int validitySeconds);
}

109
maxkey-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketServices.java Normal file
View File

@ -0,0 +1,109 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn.online;
import java.time.Duration;
import java.time.LocalTime;
import org.maxkey.persistence.redis.RedisConnection;
import org.maxkey.persistence.redis.RedisConnectionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class RedisOnlineTicketServices implements OnlineTicketServices {
private static final Logger _logger = LoggerFactory.getLogger(RedisOnlineTicketServices.class);
protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
RedisConnectionFactory connectionFactory;
public static String PREFIX="REDIS_ONLINE_TICKET_";
/**
* @param connectionFactory
*/
public RedisOnlineTicketServices(RedisConnectionFactory connectionFactory) {
super();
this.connectionFactory = connectionFactory;
}
/**
*
*/
public RedisOnlineTicketServices() {
}
public void setConnectionFactory(RedisConnectionFactory connectionFactory) {
this.connectionFactory = connectionFactory;
}
@Override
public void store(String ticketId, OnlineTicket ticket) {
RedisConnection conn=connectionFactory.getConnection();
conn.setexObject(PREFIX+ticketId, serviceTicketValiditySeconds, ticket);
conn.close();
}
@Override
public OnlineTicket remove(String ticketId) {
RedisConnection conn=connectionFactory.getConnection();
OnlineTicket ticket = conn.getObject(PREFIX+ticketId);
conn.delete(PREFIX+ticketId);
conn.close();
return ticket;
}
@Override
public OnlineTicket get(String ticketId) {
RedisConnection conn=connectionFactory.getConnection();
OnlineTicket ticket = conn.getObject(PREFIX+ticketId);
conn.close();
return ticket;
}
@Override
public void setValiditySeconds(int validitySeconds) {
this.serviceTicketValiditySeconds = validitySeconds;
}
@Override
public void refresh(String ticketId,LocalTime refreshTime) {
OnlineTicket onlineTicket = get(ticketId);
onlineTicket.setTicketTime(refreshTime);
store(ticketId , onlineTicket);
}
@Override
public void refresh(String ticketId) {
OnlineTicket onlineTicket = get(ticketId);
LocalTime currentTime = LocalTime.now();
Duration duration = Duration.between(currentTime, onlineTicket.getTicketTime());
_logger.trace("OnlineTicket duration " + duration.getSeconds());
if(duration.getSeconds() > OnlineTicket.MAX_EXPIRY_DURATION) {
onlineTicket.setTicketTime(currentTime);
refresh(ticketId,currentTime);
}
}
}

10
maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
View File

@ -110,6 +110,16 @@ public abstract class AbstractAuthenticationRealm {
public ArrayList<GrantedAuthority> grantAuthority(UserInfo userInfo) {
return loginService.grantAuthority(userInfo);
}
/**
* grant Authority by grantedAuthoritys
*
* @param grantedAuthoritys
* @return ArrayList<GrantedAuthority Apps>
*/
public ArrayList<GrantedAuthority> queryAuthorizedApps(ArrayList<GrantedAuthority> grantedAuthoritys) {
return loginService.queryAuthorizedApps(grantedAuthoritys);
}
/**
* login log write to log db

37
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java
View File

@ -27,10 +27,13 @@ import javax.sql.DataSource;
import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.RealmAuthenticationProvider;
import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
import org.maxkey.authn.online.InMemoryOnlineTicketServices;
import org.maxkey.authn.online.OnlineTicketServices;
import org.maxkey.authn.online.RedisOnlineTicketServices;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService;
import org.maxkey.authn.support.rememberme.JdbcRemeberMeService;
import org.maxkey.authn.support.rememberme.RedisRemeberMeService;
import org.maxkey.constants.ConstantsPersistence;
import org.maxkey.constants.ConstantsProperties;
import org.maxkey.crypto.keystore.KeyStoreLoader;
import org.maxkey.crypto.password.LdapShaPasswordEncoder;
@ -189,21 +192,39 @@ public class ApplicationAutoConfiguration implements InitializingBean {
@Value("${config.server.persistence}") int persistence,
@Value("${config.login.remeberme.validity}") int validity,
JdbcTemplate jdbcTemplate,
RedisConnectionFactory jedisConnectionFactory) {
RedisConnectionFactory redisConnFactory) {
AbstractRemeberMeService remeberMeService = null;
if (persistence == 0) {
if (persistence == ConstantsPersistence.INMEMORY) {
remeberMeService = new InMemoryRemeberMeService();
_logger.debug("InMemoryRemeberMeService");
} else if (persistence == 1) {
remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
_logger.debug("JdbcRemeberMeService");
} else if (persistence == 2) {
remeberMeService = new RedisRemeberMeService(jedisConnectionFactory);
} else if (persistence == ConstantsPersistence.JDBC) {
//remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
_logger.debug("JdbcRemeberMeService not support ");
} else if (persistence == ConstantsPersistence.REDIS) {
remeberMeService = new RedisRemeberMeService(redisConnFactory);
_logger.debug("RedisRemeberMeService");
}
return remeberMeService;
}
@Bean(name = "onlineTicketServices")
public OnlineTicketServices onlineTicketServices(
@Value("${config.server.persistence}") int persistence,
JdbcTemplate jdbcTemplate,
RedisConnectionFactory redisConnFactory) {
OnlineTicketServices onlineTicketServices = null;
if (persistence == ConstantsPersistence.INMEMORY) {
onlineTicketServices = new InMemoryOnlineTicketServices();
_logger.debug("InMemoryOnlineTicketServices");
} else if (persistence == ConstantsPersistence.JDBC) {
_logger.debug("OnlineTicketServices not support ");
} else if (persistence == ConstantsPersistence.REDIS) {
onlineTicketServices = new RedisOnlineTicketServices(redisConnFactory);
_logger.debug("RedisOnlineTicketServices");
}
return onlineTicketServices;
}
/**
* keyStoreLoader .
* @return

31
maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java
View File

@ -20,6 +20,9 @@ package org.maxkey.autoconfigure;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import org.maxkey.constants.ConstantsProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -28,6 +31,7 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.server.ConfigurableWebServerFactory;
import org.springframework.boot.web.server.ErrorPage;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@ -39,7 +43,9 @@ import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.http.converter.xml.MarshallingHttpMessageConverter;
import org.springframework.oxm.jaxb.Jaxb2Marshaller;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.filter.DelegatingFilterProxy;
import org.springframework.web.multipart.commons.CommonsMultipartResolver;
import org.springframework.web.servlet.i18n.CookieLocaleResolver;
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
@ -59,11 +65,11 @@ public class MvcAutoConfiguration implements InitializingBean {
*/
@Bean (name = "localeResolver")
public CookieLocaleResolver cookieLocaleResolver(
@Value("${config.server.domain.sub:maxkey.top}")String subDomainName) {
_logger.debug("subDomainName " + subDomainName);
@Value("${config.server.domain:maxkey.top}")String domainName) {
_logger.debug("DomainName " + domainName);
CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
cookieLocaleResolver.setCookieName("maxkey_lang");
cookieLocaleResolver.setCookieDomain(subDomainName);
cookieLocaleResolver.setCookieDomain(domainName);
cookieLocaleResolver.setCookieMaxAge(604800);
return cookieLocaleResolver;
}
@ -244,6 +250,25 @@ public class MvcAutoConfiguration implements InitializingBean {
};
}
@Bean
public SecurityContextHolderAwareRequestFilter securityContextHolderAwareRequestFilter() {
_logger.debug("securityContextHolderAwareRequestFilter init ");
return new SecurityContextHolderAwareRequestFilter();
}
@Bean
public FilterRegistrationBean<Filter> delegatingFilterProxy() {
_logger.debug("delegatingFilterProxy init for /* ");
FilterRegistrationBean<Filter> registrationBean = new FilterRegistrationBean<Filter>();
registrationBean.setFilter(new DelegatingFilterProxy("securityContextHolderAwareRequestFilter"));
registrationBean.addUrlPatterns("/*");
//registrationBean.
registrationBean.setName("delegatingFilterProxy");
registrationBean.setOrder(1);
return registrationBean;
}
@Override
public void afterPropertiesSet() throws Exception {
// TODO Auto-generated method stub

4
maxkey-core/src/main/java/org/maxkey/autoconfigure/RedisAutoConfiguration.java
View File

@ -46,7 +46,7 @@ public class RedisAutoConfiguration implements InitializingBean {
* @return RedisConnectionFactory
*/
@Bean
public RedisConnectionFactory redisConnectionFactory(
public RedisConnectionFactory redisConnFactory(
@Value("${spring.redis.host}")
String host,
@Value("${spring.redis.port}")
@ -63,7 +63,7 @@ public class RedisAutoConfiguration implements InitializingBean {
int maxIdle,
@Value("${spring.redis.lettuce.pool.min-idle}")
int minIdle) {
_logger.debug("RedisConnectionFactory init .");
_logger.debug("redisConnFactory init .");
RedisConnectionFactory factory = new RedisConnectionFactory();
factory.setHostName(host);
factory.setPort(port);

65
maxkey-core/src/main/java/org/maxkey/autoconfigure/SessionRedisAutoConfiguration.java Normal file
View File

@ -0,0 +1,65 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.autoconfigure;
import org.maxkey.constants.ConstantsProperties;
import org.maxkey.persistence.redis.RedisConnectionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.session.web.http.DefaultCookieSerializer;
@Configuration
@ConditionalOnProperty(value = "spring.session.store-type", havingValue = "redis", matchIfMissing = false)
@EnableRedisHttpSession
@PropertySource(ConstantsProperties.applicationPropertySource)
public class SessionRedisAutoConfiguration implements InitializingBean {
private static final Logger _logger = LoggerFactory.getLogger(SessionRedisAutoConfiguration.class);
private final RedisConnectionFactory redisConnectionFactory;
public SessionRedisAutoConfiguration(ObjectProvider<RedisConnectionFactory> redisConnectionFactory) {
this.redisConnectionFactory = redisConnectionFactory.getIfAvailable();
}
@Bean
public CookieSerializer cookieSerializer() {
_logger.debug("CookieSerializer Default .");
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
serializer.setCookieName("JSESSIONID");
serializer.setCookiePath("/");
serializer.setDomainNamePattern("^.+?\\.(\\w+\\.[a-z]+)$");
return serializer;
}
@Override
public void afterPropertiesSet() throws Exception {
// TODO Auto-generated method stub
}
}

56
maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
View File

@ -50,16 +50,16 @@ public class ApplicationConfig {
@Autowired
LoginConfig loginConfig;
@Value("${config.server.basedomain}")
String baseDomainName;
@Value("${config.server.domain}")
String domainName;
@Value("${config.server.domain.sub}")
String subDomainName;
@Value("${config.server.name}")
String serverName;
@Value("${config.server.prefix.uri}")
@Value("${config.server.uri}")
String serverPrefix;
@Value("${config.server.default.uri}")
@ -139,22 +139,15 @@ public class ApplicationConfig {
*/
public void setDomainName(String domainName) {
this.domainName = domainName;
String[] domainSubStrings = domainName.split("\\.");
if (domainSubStrings.length >= 3) {
this.subDomainName = domainSubStrings[domainSubStrings.length - 2] + "."
+ domainSubStrings[domainSubStrings.length - 1];
_logger.debug("subDomainName " + subDomainName);
} else {
this.subDomainName = domainName;
}
}
public String getSubDomainName() {
return subDomainName;
public String getBaseDomainName() {
return baseDomainName;
}
public void setSubDomainName(String subDomainName) {
this.subDomainName = subDomainName;
public void setBaseDomainName(String baseDomainName) {
this.baseDomainName = baseDomainName;
}
/**
@ -203,4 +196,35 @@ public class ApplicationConfig {
this.maxKeyUri = maxKeyUri;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ApplicationConfig [emailConfig=");
builder.append(emailConfig);
builder.append(", characterEncodingConfig=");
builder.append(characterEncodingConfig);
builder.append(", loginConfig=");
builder.append(loginConfig);
builder.append(", baseDomainName=");
builder.append(baseDomainName);
builder.append(", domainName=");
builder.append(domainName);
builder.append(", serverName=");
builder.append(serverName);
builder.append(", serverPrefix=");
builder.append(serverPrefix);
builder.append(", defaultUri=");
builder.append(defaultUri);
builder.append(", managementUri=");
builder.append(managementUri);
builder.append(", port=");
builder.append(port);
builder.append(", kafkaSupport=");
builder.append(kafkaSupport);
builder.append(", maxKeyUri=");
builder.append(maxKeyUri);
builder.append("]");
return builder.toString();
}
}

13
maxkey-core/src/main/java/org/maxkey/configuration/CharacterEncodingConfig.java
View File

@ -99,4 +99,17 @@ public class CharacterEncodingConfig {
return null;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("CharacterEncodingConfig [fromCharSet=");
builder.append(fromCharSet);
builder.append(", toCharSet=");
builder.append(toCharSet);
builder.append(", encoding=");
builder.append(encoding);
builder.append("]");
return builder.toString();
}
}

19
maxkey-core/src/main/java/org/maxkey/configuration/EmailConfig.java
View File

@ -127,4 +127,23 @@ public class EmailConfig {
this.ssl = ssl;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("EmailConfig [username=");
builder.append(username);
builder.append(", password=");
builder.append(password);
builder.append(", smtpHost=");
builder.append(smtpHost);
builder.append(", port=");
builder.append(port);
builder.append(", ssl=");
builder.append(ssl);
builder.append(", sender=");
builder.append(sender);
builder.append("]");
return builder.toString();
}
}

25
maxkey-core/src/main/java/org/maxkey/configuration/LoginConfig.java
View File

@ -124,14 +124,23 @@ public class LoginConfig {
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder
.append("LoginConfig [captcha=").append(captcha)
.append(", mfa=").append(mfa)
.append(", socialSignOn=").append(socialSignOn)
.append(", kerberos=").append(kerberos)
.append(", remeberMe=").append(remeberMe)
.append(", wsFederation=").append(wsFederation)
.append(", defaultUri=").append(defaultUri).append("]");
builder.append("LoginConfig [captcha=");
builder.append(captcha);
builder.append(", captchaType=");
builder.append(captchaType);
builder.append(", mfa=");
builder.append(mfa);
builder.append(", socialSignOn=");
builder.append(socialSignOn);
builder.append(", kerberos=");
builder.append(kerberos);
builder.append(", remeberMe=");
builder.append(remeberMe);
builder.append(", wsFederation=");
builder.append(wsFederation);
builder.append(", defaultUri=");
builder.append(defaultUri);
builder.append("]");
return builder.toString();
}

40
maxkey-core/src/main/java/org/maxkey/configuration/oidc/OIDCProviderMetadataDetails.java
View File

@ -18,6 +18,8 @@
package org.maxkey.configuration.oidc;
import java.net.URI;
import java.util.Collection;
import java.util.Iterator;
import java.util.Set;
/**
@ -106,6 +108,44 @@ public class OIDCProviderMetadataDetails implements OIDCProviderMetadata {
this.responseTypesSupported = responseTypesSupported;
}
@Override
public String toString() {
final int maxLen = 4;
StringBuilder builder = new StringBuilder();
builder.append("OIDCProviderMetadataDetails [issuer=");
builder.append(issuer);
builder.append(", authorizationEndpoint=");
builder.append(authorizationEndpoint);
builder.append(", tokenEndpoint=");
builder.append(tokenEndpoint);
builder.append(", userinfoEndpoint=");
builder.append(userinfoEndpoint);
builder.append(", jwksUri=");
builder.append(jwksUri);
builder.append(", registrationEndpoint=");
builder.append(registrationEndpoint);
builder.append(", scopesSupported=");
builder.append(scopesSupported != null ? toString(scopesSupported, maxLen) : null);
builder.append(", responseTypesSupported=");
builder.append(responseTypesSupported != null ? toString(responseTypesSupported, maxLen) : null);
builder.append("]");
return builder.toString();
}
private String toString(Collection<?> collection, int maxLen) {
StringBuilder builder = new StringBuilder();
builder.append("[");
int i = 0;
for (Iterator<?> iterator = collection.iterator(); iterator.hasNext() && i < maxLen; i++) {
if (i > 0)
builder.append(", ");
builder.append(iterator.next());
}
builder.append("]");
return builder.toString();
}
// TODO: Complete remaining properties from
// http://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
}

33
maxkey-core/src/main/java/org/maxkey/constants/ConstantsPersistence.java Normal file
View File

@ -0,0 +1,33 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.constants;
/**
* PROTOCOLS.
* @author Crystal.Sea
*
*/
public final class ConstantsPersistence {
public static final int INMEMORY = 0;
public static final int JDBC = 1;
public static final int REDIS = 2;
}

17
maxkey-core/src/main/java/org/maxkey/crypto/keystore/KeyStoreLoader.java
View File

@ -119,4 +119,21 @@ public class KeyStoreLoader implements InitializingBean {
return keystoreType;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("KeyStoreLoader [keyStore=");
builder.append(keyStore);
builder.append(", entityName=");
builder.append(entityName);
builder.append(", keystoreFile=");
builder.append(keystoreFile);
builder.append(", keystorePassword=");
builder.append(keystorePassword);
builder.append(", keystoreType=");
builder.append(keystoreType);
builder.append("]");
return builder.toString();
}
}

17
maxkey-core/src/main/java/org/maxkey/crypto/password/opt/OneTimePassword.java
View File

@ -79,10 +79,19 @@ public class OneTimePassword implements Serializable {
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("OneTimePassword [id=").append(id)
.append(", type=").append(type).append(", token=").append(token)
.append(", username=").append(username).append(", receiver=").append(receiver)
.append(", createTime=").append(createTime).append("]");
builder.append("OneTimePassword [id=");
builder.append(id);
builder.append(", type=");
builder.append(type);
builder.append(", token=");
builder.append(token);
builder.append(", username=");
builder.append(username);
builder.append(", receiver=");
builder.append(receiver);
builder.append(", createTime=");
builder.append(createTime);
builder.append("]");
return builder.toString();
}

29
maxkey-core/src/main/java/org/maxkey/domain/ChangePassword.java
View File

@ -165,14 +165,27 @@ public class ChangePassword extends JpaBaseDomain{
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "ChangePassword [uid=" + uid + ", username=" + username
+ ", password=" + password + ", confirmpassword="
+ confirmpassword + ", decipherable=" + decipherable + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ChangePassword [id=");
builder.append(id);
builder.append(", uid=");
builder.append(uid);
builder.append(", username=");
builder.append(username);
builder.append(", displayName=");
builder.append(displayName);
builder.append(", oldPassword=");
builder.append(oldPassword);
builder.append(", password=");
builder.append(password);
builder.append(", confirmpassword=");
builder.append(confirmpassword);
builder.append(", decipherable=");
builder.append(decipherable);
builder.append("]");
return builder.toString();
}
}

15
maxkey-core/src/main/java/org/maxkey/domain/ExtraAttr.java
View File

@ -69,9 +69,18 @@ public class ExtraAttr {
public void setType(String type) {
this.type = type;
}
@Override
public String toString() {
return "ExtraAttr [attr=" + attr + ", value=" + value + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ExtraAttr [attr=");
builder.append(attr);
builder.append(", type=");
builder.append(type);
builder.append(", value=");
builder.append(value);
builder.append("]");
return builder.toString();
}
}

10
maxkey-core/src/main/java/org/maxkey/domain/ExtraAttrs.java
View File

@ -109,9 +109,13 @@ public class ExtraAttrs {
}
@Override
public String toString() {
return "ExtraAttrs [extraAttrs=" + extraAttrs + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("ExtraAttrs [extraAttrs=");
builder.append(extraAttrs);
builder.append("]");
return builder.toString();
}
}

22
maxkey-core/src/main/java/org/maxkey/domain/GroupMember.java
View File

@ -164,11 +164,23 @@ public class GroupMember extends UserInfo implements Serializable{
@Override
public String toString() {
return "GroupMember [groupId=" + groupId + ", groupName=" + groupName
+ ", memberId=" + memberId + ", memberName=" + memberName
+ ", type=" + type + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("GroupMember [id=");
builder.append(id);
builder.append(", groupId=");
builder.append(groupId);
builder.append(", groupName=");
builder.append(groupName);
builder.append(", memberId=");
builder.append(memberId);
builder.append(", memberName=");
builder.append(memberName);
builder.append(", type=");
builder.append(type);
builder.append("]");
return builder.toString();
}
}

17
maxkey-core/src/main/java/org/maxkey/domain/GroupPrivileges.java
View File

@ -102,13 +102,18 @@ public class GroupPrivileges extends Apps implements Serializable{
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "GroupApp [groupId=" + groupId + ", appId=" + appId + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("GroupPrivileges [id=");
builder.append(id);
builder.append(", groupId=");
builder.append(groupId);
builder.append(", appId=");
builder.append(appId);
builder.append("]");
return builder.toString();
}
}

27
maxkey-core/src/main/java/org/maxkey/domain/Groups.java
View File

@ -145,14 +145,29 @@ public class Groups extends JpaBaseDomain implements Serializable {
this.status = status;
}
/*
* (non-Javadoc)
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "Groups [name=" + name + ", isdefault=" + isdefault + "]";
StringBuilder builder = new StringBuilder();
builder.append("Groups [id=");
builder.append(id);
builder.append(", name=");
builder.append(name);
builder.append(", isdefault=");
builder.append(isdefault);
builder.append(", description=");
builder.append(description);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append(", status=");
builder.append(status);
builder.append("]");
return builder.toString();
}
}

48
maxkey-core/src/main/java/org/maxkey/domain/HistoryLogin.java
View File

@ -226,13 +226,47 @@ public class HistoryLogin extends JpaBaseDomain implements Serializable{
}
@Override
public String toString() {
return "LoginHistory [id=" + id + ", sessionId=" + sessionId + ", uid=" + uid + ", username=" + username
+ ", displayName=" + displayName + ", loginType=" + loginType + ", message=" + message + ", code="
+ code + ", provider=" + provider + ", sourceIp=" + sourceIp + ", browser=" + browser + ", platform="
+ platform + ", application=" + application + ", loginUrl=" + loginUrl + ", loginTime=" + loginTime
+ ", logoutTime=" + logoutTime + ", startDate=" + startDate + ", endDate=" + endDate + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("HistoryLogin [id=");
builder.append(id);
builder.append(", sessionId=");
builder.append(sessionId);
builder.append(", uid=");
builder.append(uid);
builder.append(", username=");
builder.append(username);
builder.append(", displayName=");
builder.append(displayName);
builder.append(", loginType=");
builder.append(loginType);
builder.append(", message=");
builder.append(message);
builder.append(", code=");
builder.append(code);
builder.append(", provider=");
builder.append(provider);
builder.append(", sourceIp=");
builder.append(sourceIp);
builder.append(", browser=");
builder.append(browser);
builder.append(", platform=");
builder.append(platform);
builder.append(", application=");
builder.append(application);
builder.append(", loginUrl=");
builder.append(loginUrl);
builder.append(", loginTime=");
builder.append(loginTime);
builder.append(", logoutTime=");
builder.append(logoutTime);
builder.append(", startDate=");
builder.append(startDate);
builder.append(", endDate=");
builder.append(endDate);
builder.append("]");
return builder.toString();
}
}

34
maxkey-core/src/main/java/org/maxkey/domain/HistoryLoginApps.java
View File

@ -210,14 +210,30 @@ public class HistoryLoginApps extends JpaBaseDomain {
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "LoginAppsHistory [sessionId=" + sessionId + ", appId=" + appId
+ ", appName=" + appName + ", uid=" + uid + ", username="
+ username + ", displayName=" + displayName + ", loginTime="
+ loginTime + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("HistoryLoginApps [id=");
builder.append(id);
builder.append(", sessionId=");
builder.append(sessionId);
builder.append(", appId=");
builder.append(appId);
builder.append(", appName=");
builder.append(appName);
builder.append(", uid=");
builder.append(uid);
builder.append(", username=");
builder.append(username);
builder.append(", displayName=");
builder.append(displayName);
builder.append(", loginTime=");
builder.append(loginTime);
builder.append(", startDate=");
builder.append(startDate);
builder.append(", endDate=");
builder.append(endDate);
builder.append("]");
return builder.toString();
}
}

35
maxkey-core/src/main/java/org/maxkey/domain/HistoryLogs.java
View File

@ -209,4 +209,39 @@ public class HistoryLogs extends JpaBaseDomain implements Serializable {
this.endDate = endDate;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("HistoryLogs [id=");
builder.append(id);
builder.append(", serviceName=");
builder.append(serviceName);
builder.append(", message=");
builder.append(message);
builder.append(", content=");
builder.append(content);
builder.append(", messageType=");
builder.append(messageType);
builder.append(", operateType=");
builder.append(operateType);
builder.append(", username=");
builder.append(username);
builder.append(", code=");
builder.append(code);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append(", startDate=");
builder.append(startDate);
builder.append(", endDate=");
builder.append(endDate);
builder.append("]");
return builder.toString();
}
}

34
maxkey-core/src/main/java/org/maxkey/domain/Navigations.java
View File

@ -162,13 +162,33 @@ public class Navigations extends JpaBaseDomain implements java.io.Serializable
}
@Override
public String toString() {
return "Navigations [name=" + name + ", url=" + url + ", type=" + type
+ ", target=" + target + ", pId=" + pId + ", pName=" + pName
+ ", xPath=" + xPath + ", hasChild=" + hasChild
+", visible=" + visible
+ ", childNavs=" + childNavs + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("Navigations [id=");
builder.append(id);
builder.append(", name=");
builder.append(name);
builder.append(", url=");
builder.append(url);
builder.append(", type=");
builder.append(type);
builder.append(", target=");
builder.append(target);
builder.append(", pId=");
builder.append(pId);
builder.append(", pName=");
builder.append(pName);
builder.append(", xPath=");
builder.append(xPath);
builder.append(", hasChild=");
builder.append(hasChild);
builder.append(", visible=");
builder.append(visible);
builder.append(", childNavs=");
builder.append(childNavs);
builder.append("]");
return builder.toString();
}

58
maxkey-core/src/main/java/org/maxkey/domain/Organizations.java
View File

@ -289,13 +289,57 @@ public class Organizations extends JpaBaseDomain implements Serializable {
@Override
public String toString() {
return "Organizations [id=" + id + ", code=" + code + ", name=" + name + ", fullName=" + fullName
+ ", parentId=" + parentId + ", parentName=" + parentName + ", type=" + type + ", codePath=" + codePath
+ ", namePath=" + namePath + ", level=" + level + ", hasChild=" + hasChild + ", division=" + division
+ ", country=" + country + ", region=" + region + ", locality=" + locality + ", street=" + street
+ ", address=" + address + ", contact=" + contact + ", postalCode=" + postalCode + ", phone=" + phone
+ ", fax=" + fax + ", email=" + email + ", sortIndex=" + sortIndex + ", description=" + description
+ "]";
StringBuilder builder = new StringBuilder();
builder.append("Organizations [id=");
builder.append(id);
builder.append(", code=");
builder.append(code);
builder.append(", name=");
builder.append(name);
builder.append(", fullName=");
builder.append(fullName);
builder.append(", parentId=");
builder.append(parentId);
builder.append(", parentName=");
builder.append(parentName);
builder.append(", type=");
builder.append(type);
builder.append(", codePath=");
builder.append(codePath);
builder.append(", namePath=");
builder.append(namePath);
builder.append(", level=");
builder.append(level);
builder.append(", hasChild=");
builder.append(hasChild);
builder.append(", division=");
builder.append(division);
builder.append(", country=");
builder.append(country);
builder.append(", region=");
builder.append(region);
builder.append(", locality=");
builder.append(locality);
builder.append(", street=");
builder.append(street);
builder.append(", address=");
builder.append(address);
builder.append(", contact=");
builder.append(contact);
builder.append(", postalCode=");
builder.append(postalCode);
builder.append(", phone=");
builder.append(phone);
builder.append(", fax=");
builder.append(fax);
builder.append(", email=");
builder.append(email);
builder.append(", sortIndex=");
builder.append(sortIndex);
builder.append(", description=");
builder.append(description);
builder.append("]");
return builder.toString();
}

44
maxkey-core/src/main/java/org/maxkey/domain/PasswordPolicy.java
View File

@ -385,11 +385,45 @@ public class PasswordPolicy extends JpaBaseDomain implements java.io.Serializabl
@Override
public String toString() {
return "PasswordPolicy [id=" + id + ", minLength=" + minLength + ", maxLength=" + maxLength + ", lowerCase="
+ lowerCase + ", upperCase=" + upperCase + ", digits=" + digits + ", specialChar=" + specialChar
+ ", attempts=" + attempts + ", duration=" + duration + ", expiration=" + expiration + ", username="
+ username + ", history=" + history + ", dictionary=" + dictionary + ", alphabetical=" + alphabetical
+ ", numerical=" + numerical + ", qwerty=" + qwerty + "]";
StringBuilder builder = new StringBuilder();
builder.append("PasswordPolicy [id=");
builder.append(id);
builder.append(", minLength=");
builder.append(minLength);
builder.append(", maxLength=");
builder.append(maxLength);
builder.append(", lowerCase=");
builder.append(lowerCase);
builder.append(", upperCase=");
builder.append(upperCase);
builder.append(", digits=");
builder.append(digits);
builder.append(", specialChar=");
builder.append(specialChar);
builder.append(", attempts=");
builder.append(attempts);
builder.append(", duration=");
builder.append(duration);
builder.append(", expiration=");
builder.append(expiration);
builder.append(", username=");
builder.append(username);
builder.append(", history=");
builder.append(history);
builder.append(", dictionary=");
builder.append(dictionary);
builder.append(", alphabetical=");
builder.append(alphabetical);
builder.append(", numerical=");
builder.append(numerical);
builder.append(", qwerty=");
builder.append(qwerty);
builder.append(", occurances=");
builder.append(occurances);
builder.append(", randomPasswordLength=");
builder.append(randomPasswordLength);
builder.append("]");
return builder.toString();
}

33
maxkey-core/src/main/java/org/maxkey/domain/Registration.java
View File

@ -162,16 +162,29 @@ public class Registration extends JpaBaseDomain{
this.firstName = firstName;
}
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "Registration [loginName=" + loginName + ", workEmail="
+ workEmail + ", company=" + company + ", workPhone="
+ workPhone + ", nickName=" + nickName + ", lastName="
+ lastName + ", firstName=" + firstName + ", users=" + users
+ "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("Registration [id=");
builder.append(id);
builder.append(", loginName=");
builder.append(loginName);
builder.append(", workEmail=");
builder.append(workEmail);
builder.append(", company=");
builder.append(company);
builder.append(", workPhone=");
builder.append(workPhone);
builder.append(", nickName=");
builder.append(nickName);
builder.append(", lastName=");
builder.append(lastName);
builder.append(", firstName=");
builder.append(firstName);
builder.append(", users=");
builder.append(users);
builder.append("]");
return builder.toString();
}
}

43
maxkey-core/src/main/java/org/maxkey/domain/Resources.java
View File

@ -215,4 +215,47 @@ public class Resources extends JpaBaseDomain implements Serializable {
this.sortIndex = sortIndex;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("Resources [id=");
builder.append(id);
builder.append(", name=");
builder.append(name);
builder.append(", sortIndex=");
builder.append(sortIndex);
builder.append(", appId=");
builder.append(appId);
builder.append(", appName=");
builder.append(appName);
builder.append(", parentId=");
builder.append(parentId);
builder.append(", parentName=");
builder.append(parentName);
builder.append(", resourceType=");
builder.append(resourceType);
builder.append(", resourceIcon=");
builder.append(resourceIcon);
builder.append(", resourceStyle=");
builder.append(resourceStyle);
builder.append(", resourceUrl=");
builder.append(resourceUrl);
builder.append(", resourceAction=");
builder.append(resourceAction);
builder.append(", status=");
builder.append(status);
builder.append(", description=");
builder.append(description);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append("]");
return builder.toString();
}
}

17
maxkey-core/src/main/java/org/maxkey/domain/RoleMember.java
View File

@ -117,8 +117,21 @@ public class RoleMember extends UserInfo implements Serializable {
@Override
public String toString() {
return "RoleMember [id=" + id + ", roleId=" + roleId + ", roleName=" + roleName + ", memberId=" + memberId
+ ", memberName=" + memberName + ", type=" + type + "]";
StringBuilder builder = new StringBuilder();
builder.append("RoleMember [id=");
builder.append(id);
builder.append(", roleId=");
builder.append(roleId);
builder.append(", roleName=");
builder.append(roleName);
builder.append(", memberId=");
builder.append(memberId);
builder.append(", memberName=");
builder.append(memberName);
builder.append(", type=");
builder.append(type);
builder.append("]");
return builder.toString();
}
}

17
maxkey-core/src/main/java/org/maxkey/domain/RolePermissions.java
View File

@ -107,6 +107,23 @@ public class RolePermissions extends JpaBaseDomain implements Serializable {
public String getUniqueId() {
return appId + "_" + roleId + "_" + resourceId;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("RolePermissions [id=");
builder.append(id);
builder.append(", appId=");
builder.append(appId);
builder.append(", roleId=");
builder.append(roleId);
builder.append(", resourceId=");
builder.append(resourceId);
builder.append(", status=");
builder.append(status);
builder.append("]");
return builder.toString();
}
}

23
maxkey-core/src/main/java/org/maxkey/domain/Roles.java
View File

@ -116,6 +116,29 @@ public class Roles extends JpaBaseDomain implements Serializable {
public void setModifiedDate(String modifiedDate) {
this.modifiedDate = modifiedDate;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("Roles [id=");
builder.append(id);
builder.append(", name=");
builder.append(name);
builder.append(", status=");
builder.append(status);
builder.append(", description=");
builder.append(description);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append("]");
return builder.toString();
}

24
maxkey-core/src/main/java/org/maxkey/domain/Saml20Metadata.java
View File

@ -126,9 +126,27 @@ public class Saml20Metadata extends JpaBaseDomain implements Serializable {
@Override
public String toString() {
return "Saml20Metadata [orgName=" + orgName + ", orgDisplayName=" + orgDisplayName + ", orgURL=" + orgURL
+ ", contactType=" + contactType + ", company=" + company + ", givenName=" + givenName + ", surName="
+ surName + ", emailAddress=" + emailAddress + ", telephoneNumber=" + telephoneNumber + "]";
StringBuilder builder = new StringBuilder();
builder.append("Saml20Metadata [orgName=");
builder.append(orgName);
builder.append(", orgDisplayName=");
builder.append(orgDisplayName);
builder.append(", orgURL=");
builder.append(orgURL);
builder.append(", contactType=");
builder.append(contactType);
builder.append(", company=");
builder.append(company);
builder.append(", givenName=");
builder.append(givenName);
builder.append(", surName=");
builder.append(surName);
builder.append(", emailAddress=");
builder.append(emailAddress);
builder.append(", telephoneNumber=");
builder.append(telephoneNumber);
builder.append("]");
return builder.toString();
}
}

271
maxkey-core/src/main/java/org/maxkey/domain/UserInfo.java
View File

@ -247,6 +247,8 @@ public class UserInfo extends JpaBaseDomain {
@Column
String description;
public static class ONLINE {
// 在线
public static final int ONLINE = 1;
@ -1145,70 +1147,6 @@ public class UserInfo extends JpaBaseDomain {
this.description = description;
}
@Override
public String toString() {
return "UserInfo [username=" + username
+ ", password=" + password + ", decipherable=" + decipherable
+ ", sharedSecret=" + sharedSecret
+ ", sharedCounter=" + sharedCounter + ", userType=" + userType
+ ", windowsAccount=" + windowsAccount
+ ", displayName=" + displayName + ", nickName=" + nickName
+ ", nameZHSpell=" + nameZhSpell
+ ", nameZHShortSpell=" + nameZhShortSpell
+ ", givenName=" + givenName
+ ", middleName=" + middleName + ", familyName=" + familyName
+ ", honorificPrefix=" + honorificPrefix
+ ", honorificSuffix=" + honorificSuffix
+ ", formattedName=" + formattedName + ", married=" + married
+ ", gender=" + gender + ", birthDate=" + birthDate
+ ", pictureFile=" + pictureFile + ", idType="
+ idType + ", idCardNo=" + idCardNo + ", webSite=" + webSite
+ ", startWorkDate=" + startWorkDate
+ ", authnType=" + authnType + ", email=" + email
+ ", emailVerified=" + emailVerified + ", mobile="
+ mobile + ", mobileVerified=" + mobileVerified
+ ", passwordQuestion=" + passwordQuestion
+ ", passwordAnswer=" + passwordAnswer + ", appLoginAuthnType=" + appLoginAuthnType
+ ", appLoginPassword=" + appLoginPassword
+ ", protectedApps=" + protectedApps + ", protectedAppsMap="
+ protectedAppsMap + ", passwordLastSetTime=" + passwordLastSetTime
+ ", badPasswordCount="
+ badPasswordCount + ", unLockTime=" + unLockTime
+ ", isLocked=" + isLocked + ", lastLoginTime="
+ lastLoginTime + ", lastLoginIp=" + lastLoginIp
+ ", lastLogoffTime=" + lastLogoffTime
+ ", passwordSetType=" + passwordSetType
+ ", loginCount=" + loginCount + ", locale=" + locale
+ ", timeZone=" + timeZone + ", preferredLanguage=" + preferredLanguage
+ ", workCountry=" + workCountry
+ ", workRegion=" + workRegion + ", workLocality=" + workLocality
+ ", workStreetAddress="
+ workStreetAddress + ", workAddressFormatted=" + workAddressFormatted
+ ", workEmail=" + workEmail
+ ", workPhoneNumber=" + workPhoneNumber + ", workPostalCode=" + workPostalCode
+ ", workFax=" + workFax
+ ", homeCountry=" + homeCountry + ", homeRegion=" + homeRegion
+ ", homeLocality=" + homeLocality
+ ", homeStreetAddress=" + homeStreetAddress
+ ", homeAddressFormatted=" + homeAddressFormatted
+ ", homeEmail=" + homeEmail
+ ", homePhoneNumber=" + homePhoneNumber + ", homePostalCode="
+ homePostalCode + ", homeFax=" + homeFax
+ ", employeeNumber=" + employeeNumber + ", costCenter="
+ costCenter + ", organization=" + organization
+ ", division=" + division + ", departmentId="
+ departmentId + ", department=" + department
+ ", jobTitle=" + jobTitle + ", jobLevel=" + jobLevel
+ ", managerId=" + managerId + ", manager=" + manager
+ ", assistantId=" + assistantId + ", assistant="
+ assistant + ", entryDate=" + entryDate
+ ", quitDate=" + quitDate + ", extraAttribute=" + extraAttribute
+ ", extraAttributeName=" + extraAttributeName + ", extraAttributeValue="
+ extraAttributeValue + ", extraAttributeMap=" + extraAttributeMap
+ ", online=" + online + ", ldapDn="
+ ldapDn + "]";
}
/**
* @return the createdBy
*/
@ -1273,4 +1211,209 @@ public class UserInfo extends JpaBaseDomain {
this.theme = theme;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("UserInfo [id=");
builder.append(id);
builder.append(", username=");
builder.append(username);
builder.append(", password=");
builder.append(password);
builder.append(", decipherable=");
builder.append(decipherable);
builder.append(", sharedSecret=");
builder.append(sharedSecret);
builder.append(", sharedCounter=");
builder.append(sharedCounter);
builder.append(", userType=");
builder.append(userType);
builder.append(", windowsAccount=");
builder.append(windowsAccount);
builder.append(", displayName=");
builder.append(displayName);
builder.append(", nickName=");
builder.append(nickName);
builder.append(", nameZhSpell=");
builder.append(nameZhSpell);
builder.append(", nameZhShortSpell=");
builder.append(nameZhShortSpell);
builder.append(", givenName=");
builder.append(givenName);
builder.append(", middleName=");
builder.append(middleName);
builder.append(", familyName=");
builder.append(familyName);
builder.append(", honorificPrefix=");
builder.append(honorificPrefix);
builder.append(", honorificSuffix=");
builder.append(honorificSuffix);
builder.append(", formattedName=");
builder.append(formattedName);
builder.append(", married=");
builder.append(married);
builder.append(", gender=");
builder.append(gender);
builder.append(", birthDate=");
builder.append(birthDate);
builder.append(", picture=");
builder.append(picture);
builder.append(", pictureFile=");
builder.append(pictureFile);
builder.append(", idType=");
builder.append(idType);
builder.append(", idCardNo=");
builder.append(idCardNo);
builder.append(", webSite=");
builder.append(webSite);
builder.append(", startWorkDate=");
builder.append(startWorkDate);
builder.append(", authnType=");
builder.append(authnType);
builder.append(", email=");
builder.append(email);
builder.append(", emailVerified=");
builder.append(emailVerified);
builder.append(", mobile=");
builder.append(mobile);
builder.append(", mobileVerified=");
builder.append(mobileVerified);
builder.append(", passwordQuestion=");
builder.append(passwordQuestion);
builder.append(", passwordAnswer=");
builder.append(passwordAnswer);
builder.append(", appLoginAuthnType=");
builder.append(appLoginAuthnType);
builder.append(", appLoginPassword=");
builder.append(appLoginPassword);
builder.append(", protectedApps=");
builder.append(protectedApps);
builder.append(", protectedAppsMap=");
builder.append(protectedAppsMap);
builder.append(", passwordLastSetTime=");
builder.append(passwordLastSetTime);
builder.append(", badPasswordCount=");
builder.append(badPasswordCount);
builder.append(", badPasswordTime=");
builder.append(badPasswordTime);
builder.append(", unLockTime=");
builder.append(unLockTime);
builder.append(", isLocked=");
builder.append(isLocked);
builder.append(", lastLoginTime=");
builder.append(lastLoginTime);
builder.append(", lastLoginIp=");
builder.append(lastLoginIp);
builder.append(", lastLogoffTime=");
builder.append(lastLogoffTime);
builder.append(", passwordSetType=");
builder.append(passwordSetType);
builder.append(", loginCount=");
builder.append(loginCount);
builder.append(", locale=");
builder.append(locale);
builder.append(", timeZone=");
builder.append(timeZone);
builder.append(", preferredLanguage=");
builder.append(preferredLanguage);
builder.append(", workCountry=");
builder.append(workCountry);
builder.append(", workRegion=");
builder.append(workRegion);
builder.append(", workLocality=");
builder.append(workLocality);
builder.append(", workStreetAddress=");
builder.append(workStreetAddress);
builder.append(", workAddressFormatted=");
builder.append(workAddressFormatted);
builder.append(", workEmail=");
builder.append(workEmail);
builder.append(", workPhoneNumber=");
builder.append(workPhoneNumber);
builder.append(", workPostalCode=");
builder.append(workPostalCode);
builder.append(", workFax=");
builder.append(workFax);
builder.append(", homeCountry=");
builder.append(homeCountry);
builder.append(", homeRegion=");
builder.append(homeRegion);
builder.append(", homeLocality=");
builder.append(homeLocality);
builder.append(", homeStreetAddress=");
builder.append(homeStreetAddress);
builder.append(", homeAddressFormatted=");
builder.append(homeAddressFormatted);
builder.append(", homeEmail=");
builder.append(homeEmail);
builder.append(", homePhoneNumber=");
builder.append(homePhoneNumber);
builder.append(", homePostalCode=");
builder.append(homePostalCode);
builder.append(", homeFax=");
builder.append(homeFax);
builder.append(", employeeNumber=");
builder.append(employeeNumber);
builder.append(", costCenter=");
builder.append(costCenter);
builder.append(", organization=");
builder.append(organization);
builder.append(", division=");
builder.append(division);
builder.append(", departmentId=");
builder.append(departmentId);
builder.append(", department=");
builder.append(department);
builder.append(", jobTitle=");
builder.append(jobTitle);
builder.append(", jobLevel=");
builder.append(jobLevel);
builder.append(", managerId=");
builder.append(managerId);
builder.append(", manager=");
builder.append(manager);
builder.append(", assistantId=");
builder.append(assistantId);
builder.append(", assistant=");
builder.append(assistant);
builder.append(", entryDate=");
builder.append(entryDate);
builder.append(", quitDate=");
builder.append(quitDate);
builder.append(", defineIm=");
builder.append(defineIm);
builder.append(", weixinFollow=");
builder.append(weixinFollow);
builder.append(", theme=");
builder.append(theme);
builder.append(", extraAttribute=");
builder.append(extraAttribute);
builder.append(", extraAttributeName=");
builder.append(extraAttributeName);
builder.append(", extraAttributeValue=");
builder.append(extraAttributeValue);
builder.append(", extraAttributeMap=");
builder.append(extraAttributeMap);
builder.append(", online=");
builder.append(online);
builder.append(", ldapDn=");
builder.append(ldapDn);
builder.append(", gridList=");
builder.append(gridList);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append(", status=");
builder.append(status);
builder.append(", description=");
builder.append(description);
builder.append("]");
return builder.toString();
}
}

130
maxkey-core/src/main/java/org/maxkey/domain/apps/Apps.java
View File

@ -18,7 +18,6 @@
package org.maxkey.domain.apps;
import java.io.Serializable;
import java.util.Arrays;
import javax.persistence.Column;
import javax.persistence.GeneratedValue;
@ -81,6 +80,10 @@ public class Apps extends JpaBaseDomain implements Serializable {
private MultipartFile iconFile;
@Column
private int visible;
//引导方式 IDP OR SP,default is IDP
private String inducer;
/*
* vendor
*/
@ -106,7 +109,10 @@ public class Apps extends JpaBaseDomain implements Serializable {
private String principal;
@Column
private String credentials;
@Column
private String logoutUrl;
@Column
private int logoutType;
/*
* extendAttr
*/
@ -143,7 +149,12 @@ public class Apps extends JpaBaseDomain implements Serializable {
protected String modifiedDate;
@Column
protected String description;
protected String loginDateTime;
protected String onlineTicket;
public Apps() {
super();
isSignature = Boolean.FALSE;
@ -505,15 +516,118 @@ public class Apps extends JpaBaseDomain implements Serializable {
public void setStatus(int status) {
this.status = status;
}
public String getInducer() {
return inducer;
}
public void setInducer(String inducer) {
this.inducer = inducer;
}
public String getLogoutUrl() {
return logoutUrl;
}
public void setLogoutUrl(String logoutUrl) {
this.logoutUrl = logoutUrl;
}
public int getLogoutType() {
return logoutType;
}
public void setLogoutType(int logoutType) {
this.logoutType = logoutType;
}
public String getLoginDateTime() {
return loginDateTime;
}
public void setLoginDateTime(String loginDateTime) {
this.loginDateTime = loginDateTime;
}
public String getOnlineTicket() {
return onlineTicket;
}
public void setOnlineTicket(String onlineTicket) {
this.onlineTicket = onlineTicket;
}
@Override
public String toString() {
return "Applications [name=" + name + ", loginUrl=" + loginUrl + ", category=" + category + ", protocol="
+ protocol + ", secret=" + secret + ", icon=" + Arrays.toString(icon) + ", iconFile=" + iconFile
+ ", visible=" + visible + ", vendor=" + vendor + ", vendorUrl=" + vendorUrl + ", credential="
+ credential + ", sharedUsername=" + sharedUsername + ", sharedPassword=" + sharedPassword
+ ", systemUserAttr=" + systemUserAttr + ", isExtendAttr=" + isExtendAttr + ", extendAttr=" + extendAttr
+ ", isSignature=" + isSignature + "]";
StringBuilder builder = new StringBuilder();
builder.append("Apps [id=");
builder.append(id);
builder.append(", name=");
builder.append(name);
builder.append(", loginUrl=");
builder.append(loginUrl);
builder.append(", category=");
builder.append(category);
builder.append(", protocol=");
builder.append(protocol);
builder.append(", secret=");
builder.append(secret);
builder.append(", visible=");
builder.append(visible);
builder.append(", inducer=");
builder.append(inducer);
builder.append(", vendor=");
builder.append(vendor);
builder.append(", vendorUrl=");
builder.append(vendorUrl);
builder.append(", credential=");
builder.append(credential);
builder.append(", sharedUsername=");
builder.append(sharedUsername);
builder.append(", sharedPassword=");
builder.append(sharedPassword);
builder.append(", systemUserAttr=");
builder.append(systemUserAttr);
builder.append(", principal=");
builder.append(principal);
builder.append(", credentials=");
builder.append(credentials);
builder.append(", logoutUrl=");
builder.append(logoutUrl);
builder.append(", logoutType=");
builder.append(logoutType);
builder.append(", isExtendAttr=");
builder.append(isExtendAttr);
builder.append(", extendAttr=");
builder.append(extendAttr);
builder.append(", userPropertys=");
builder.append(userPropertys);
builder.append(", isSignature=");
builder.append(isSignature);
builder.append(", isAdapter=");
builder.append(isAdapter);
builder.append(", adapter=");
builder.append(adapter);
builder.append(", appUser=");
builder.append(appUser);
builder.append(", sortIndex=");
builder.append(sortIndex);
builder.append(", status=");
builder.append(status);
builder.append(", createdBy=");
builder.append(createdBy);
builder.append(", createdDate=");
builder.append(createdDate);
builder.append(", modifiedBy=");
builder.append(modifiedBy);
builder.append(", modifiedDate=");
builder.append(modifiedDate);
builder.append(", description=");
builder.append(description);
builder.append("]");
return builder.toString();
}
}

14
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsCasDetails.java
View File

@ -61,7 +61,17 @@ public class AppsCasDetails extends Apps {
this.callbackUrl = callbackUrl;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("AppsCasDetails [id=");
builder.append(id);
builder.append(", service=");
builder.append(service);
builder.append(", callbackUrl=");
builder.append(callbackUrl);
builder.append("]");
return builder.toString();
}
}

42
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsDesktopDetails.java
View File

@ -294,19 +294,35 @@ public class AppsDesktopDetails extends Apps {
/* (non-Javadoc)
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "DesktopDetails [programPath=" + programPath + ", parameter="
+ parameter + ", preUsername=" + preUsername
+ ", usernameType=" + usernameType + ", usernameParameter="
+ usernameParameter + ", prePassword=" + prePassword
+ ", passwordType=" + passwordType + ", passwordParameter="
+ passwordParameter + ", preSubmit=" + preSubmit
+ ", submitType=" + submitType + ", submitKey=" + submitKey
+ "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("AppsDesktopDetails [programPath=");
builder.append(programPath);
builder.append(", parameter=");
builder.append(parameter);
builder.append(", preUsername=");
builder.append(preUsername);
builder.append(", usernameType=");
builder.append(usernameType);
builder.append(", usernameParameter=");
builder.append(usernameParameter);
builder.append(", prePassword=");
builder.append(prePassword);
builder.append(", passwordType=");
builder.append(passwordType);
builder.append(", passwordParameter=");
builder.append(passwordParameter);
builder.append(", preSubmit=");
builder.append(preSubmit);
builder.append(", submitType=");
builder.append(submitType);
builder.append(", submitKey=");
builder.append(submitKey);
builder.append(", appUser=");
builder.append(appUser);
builder.append("]");
return builder.toString();
}
}

20
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsFormBasedDetails.java
View File

@ -122,10 +122,20 @@ public class AppsFormBasedDetails extends Apps {
@Override
public String toString() {
return "FormBasedDetails [redirectUri=" + redirectUri
+ ", usernameMapping=" + usernameMapping + ", passwordMapping="
+ passwordMapping + ", authorizeView=" + authorizeView + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("AppsFormBasedDetails [id=");
builder.append(id);
builder.append(", redirectUri=");
builder.append(redirectUri);
builder.append(", usernameMapping=");
builder.append(usernameMapping);
builder.append(", passwordMapping=");
builder.append(passwordMapping);
builder.append(", authorizeView=");
builder.append(authorizeView);
builder.append("]");
return builder.toString();
}
}

47
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsOAuth20Details.java
View File

@ -328,18 +328,45 @@ public class AppsOAuth20Details extends Apps {
return baseClientDetails;
}
/*
* (non-Javadoc)
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
return "OAuth20Details [clientId=" + clientId + ", clientSecret=" + clientSecret + ", scope=" + scope
+ ", resourceIds=" + resourceIds + ", authorizedGrantTypes=" + authorizedGrantTypes
+ ", registeredRedirectUris=" + registeredRedirectUris + ", authorities=" + authorities
+ ", accessTokenValiditySeconds=" + accessTokenValiditySeconds + ", refreshTokenValiditySeconds="
+ refreshTokenValiditySeconds + "]";
StringBuilder builder = new StringBuilder();
builder.append("AppsOAuth20Details [clientId=");
builder.append(clientId);
builder.append(", clientSecret=");
builder.append(clientSecret);
builder.append(", scope=");
builder.append(scope);
builder.append(", resourceIds=");
builder.append(resourceIds);
builder.append(", authorizedGrantTypes=");
builder.append(authorizedGrantTypes);
builder.append(", registeredRedirectUris=");
builder.append(registeredRedirectUris);
builder.append(", authorities=");
builder.append(authorities);
builder.append(", accessTokenValiditySeconds=");
builder.append(accessTokenValiditySeconds);
builder.append(", refreshTokenValiditySeconds=");
builder.append(refreshTokenValiditySeconds);
builder.append(", approvalPrompt=");
builder.append(approvalPrompt);
builder.append(", idTokenSigningAlgorithm=");
builder.append(idTokenSigningAlgorithm);
builder.append(", idTokenEncryptedAlgorithm=");
builder.append(idTokenEncryptedAlgorithm);
builder.append(", idTokenEncryptionMethod=");
builder.append(idTokenEncryptionMethod);
builder.append(", userInfoSigningAlgorithm=");
builder.append(userInfoSigningAlgorithm);
builder.append(", userInfoEncryptedAlgorithm=");
builder.append(userInfoEncryptedAlgorithm);
builder.append(", userInfoEncryptionMethod=");
builder.append(userInfoEncryptionMethod);
builder.append(", jwksUri=");
builder.append(jwksUri);
builder.append("]");
return builder.toString();
}
}

59
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsSAML20Details.java
View File

@ -17,8 +17,6 @@
package org.maxkey.domain.apps;
import java.util.Arrays;
import javax.persistence.Column;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
@ -93,6 +91,9 @@ public class AppsSAML20Details extends Apps {
*/
@Column
private int nameIdConvert;
@Column
private String nameIdSuffix;
public static final class BindingType {
public static final String Redirect_Post = "Redirect-Post";
@ -326,18 +327,54 @@ public class AppsSAML20Details extends Apps {
public void setDigestMethod(String digestMethod) {
this.digestMethod = digestMethod;
}
public String getNameIdSuffix() {
return nameIdSuffix;
}
public void setNameIdSuffix(String nameIdSuffix) {
this.nameIdSuffix = nameIdSuffix;
}
@Override
public String toString() {
final int maxLen = 40;
return "AppsSAML20Details [id=" + id + ", certIssuer=" + certIssuer + ", certSubject=" + certSubject
+ ", certExpiration=" + certExpiration + ", signature=" + signature + ", keyStore="
+ (keyStore != null ? Arrays.toString(Arrays.copyOf(keyStore, Math.min(keyStore.length, maxLen)))
: null)
+ ", entityId=" + entityId + ", spAcsUrl=" + spAcsUrl + ", issuer=" + issuer + ", audience=" + audience
+ ", nameidFormat=" + nameidFormat + ", validityInterval=" + validityInterval + ", binding=" + binding
+ ", encrypted=" + encrypted + ", certMetaFile=" + certMetaFile + ", fileType=" + fileType
+ ", nameIdConvert=" + nameIdConvert + "]";
StringBuilder builder = new StringBuilder();
builder.append("AppsSAML20Details [id=");
builder.append(id);
builder.append(", certIssuer=");
builder.append(certIssuer);
builder.append(", certSubject=");
builder.append(certSubject);
builder.append(", certExpiration=");
builder.append(certExpiration);
builder.append(", signature=");
builder.append(signature);
builder.append(", digestMethod=");
builder.append(digestMethod);
builder.append(", entityId=");
builder.append(entityId);
builder.append(", spAcsUrl=");
builder.append(spAcsUrl);
builder.append(", issuer=");
builder.append(issuer);
builder.append(", audience=");
builder.append(audience);
builder.append(", nameidFormat=");
builder.append(nameidFormat);
builder.append(", validityInterval=");
builder.append(validityInterval);
builder.append(", binding=");
builder.append(binding);
builder.append(", encrypted=");
builder.append(encrypted);
builder.append(", fileType=");
builder.append(fileType);
builder.append(", nameIdConvert=");
builder.append(nameIdConvert);
builder.append(", nameIdSuffix=");
builder.append(nameIdSuffix);
builder.append("]");
return builder.toString();
}

20
maxkey-core/src/main/java/org/maxkey/domain/apps/AppsTokenBasedDetails.java
View File

@ -137,9 +137,23 @@ public class AppsTokenBasedDetails extends Apps {
@Override
public String toString() {
return "AppsTokenBasedDetails [id=" + id + ", redirectUri=" + redirectUri + ", tokenType=" + tokenType
+ ", cookieName=" + cookieName + ", algorithm=" + algorithm + ", algorithmKey=" + algorithmKey
+ ", expires=" + expires + "]";
StringBuilder builder = new StringBuilder();
builder.append("AppsTokenBasedDetails [id=");
builder.append(id);
builder.append(", redirectUri=");
builder.append(redirectUri);
builder.append(", tokenType=");
builder.append(tokenType);
builder.append(", cookieName=");
builder.append(cookieName);
builder.append(", algorithm=");
builder.append(algorithm);
builder.append(", algorithmKey=");
builder.append(algorithmKey);
builder.append(", expires=");
builder.append(expires);
builder.append("]");
return builder.toString();
}
}

11
maxkey-core/src/main/java/org/maxkey/domain/apps/UserApps.java
View File

@ -61,8 +61,15 @@ public class UserApps extends Apps {
@Override
public String toString() {
return "UserApplications [username=" + username
+ ", userId=" + userId + ", displayName=" + displayName + "]";
StringBuilder builder = new StringBuilder();
builder.append("UserApps [username=");
builder.append(username);
builder.append(", userId=");
builder.append(userId);
builder.append(", displayName=");
builder.append(displayName);
builder.append("]");
return builder.toString();
}
}

54
maxkey-core/src/main/java/org/maxkey/domain/apps/oauth2/provider/client/BaseClientDetails.java
View File

@ -461,16 +461,48 @@ public class BaseClientDetails implements ClientDetails {
}
@Override
public String toString() {
return "BaseClientDetails [clientId=" + clientId + ", clientSecret="
+ clientSecret + ", scope=" + scope + ", resourceIds="
+ resourceIds + ", authorizedGrantTypes="
+ authorizedGrantTypes + ", registeredRedirectUris="
+ registeredRedirectUris + ", authorities=" + authorities
+ ", accessTokenValiditySeconds=" + accessTokenValiditySeconds
+ ", refreshTokenValiditySeconds="
+ refreshTokenValiditySeconds + ", additionalInformation="
+ additionalInformation + "]";
}
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("BaseClientDetails [clientId=");
builder.append(clientId);
builder.append(", clientSecret=");
builder.append(clientSecret);
builder.append(", scope=");
builder.append(scope);
builder.append(", resourceIds=");
builder.append(resourceIds);
builder.append(", authorizedGrantTypes=");
builder.append(authorizedGrantTypes);
builder.append(", registeredRedirectUris=");
builder.append(registeredRedirectUris);
builder.append(", autoApproveScopes=");
builder.append(autoApproveScopes);
builder.append(", authorities=");
builder.append(authorities);
builder.append(", accessTokenValiditySeconds=");
builder.append(accessTokenValiditySeconds);
builder.append(", refreshTokenValiditySeconds=");
builder.append(refreshTokenValiditySeconds);
builder.append(", additionalInformation=");
builder.append(additionalInformation);
builder.append(", idTokenSigningAlgorithm=");
builder.append(idTokenSigningAlgorithm);
builder.append(", idTokenEncryptedAlgorithm=");
builder.append(idTokenEncryptedAlgorithm);
builder.append(", idTokenEncryptionMethod=");
builder.append(idTokenEncryptionMethod);
builder.append(", userInfoSigningAlgorithm=");
builder.append(userInfoSigningAlgorithm);
builder.append(", userInfoEncryptedAlgorithm=");
builder.append(userInfoEncryptedAlgorithm);
builder.append(", userInfoEncryptionMethod=");
builder.append(userInfoEncryptionMethod);
builder.append(", jwksUri=");
builder.append(jwksUri);
builder.append(", approvalPrompt=");
builder.append(approvalPrompt);
builder.append("]");
return builder.toString();
}
}

24
maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java
View File

@ -56,6 +56,8 @@ public class LoginService {
private static final String DEFAULT_USERINFO_SELECT_STATEMENT = "SELECT * FROM MXK_USERINFO WHERE USERNAME = ?";
private static final String DEFAULT_MYAPPS_SELECT_STATEMENT = "SELECT DISTINCT APP.ID,APP.NAME FROM MXK_APPS APP,MXK_GROUP_PRIVILEGES GP,MXK_GROUPS G WHERE APP.ID=GP.APPID AND GP.GROUPID=G.ID AND G.ID IN(%s)";
protected JdbcTemplate jdbcTemplate;
public LoginService(){
@ -151,6 +153,24 @@ public class LoginService {
}
}
public ArrayList<GrantedAuthority> queryAuthorizedApps(ArrayList<GrantedAuthority> grantedAuthoritys) {
String grantedAuthorityString="'ROLE_ALL_USER'";
for(GrantedAuthority grantedAuthority : grantedAuthoritys) {
grantedAuthorityString += ",'"+ grantedAuthority.getAuthority()+"'";
}
ArrayList<GrantedAuthority> listAuthorizedApps = (ArrayList<GrantedAuthority>) jdbcTemplate.query(
String.format(DEFAULT_MYAPPS_SELECT_STATEMENT, grantedAuthorityString),
new RowMapper<GrantedAuthority>() {
public GrantedAuthority mapRow(ResultSet rs, int rowNum) throws SQLException {
return new SimpleGrantedAuthority(rs.getString("ID"));
}
});
_logger.debug("list Authorized Apps " + listAuthorizedApps);
return listAuthorizedApps;
}
public List<Groups> queryGroups(UserInfo userInfo) {
List<Groups> listGroups = jdbcTemplate.query(GROUPS_SELECT_STATEMENT, new RowMapper<Groups>() {
public Groups mapRow(ResultSet rs, int rowNum) throws SQLException {
@ -174,9 +194,11 @@ public class LoginService {
// query roles for user
List<Groups> listGroups = queryGroups(userInfo);
// set role for spring security
//set default roles
ArrayList<GrantedAuthority> grantedAuthority = new ArrayList<GrantedAuthority>();
grantedAuthority.add(new SimpleGrantedAuthority("ROLE_USER"));
grantedAuthority.add(new SimpleGrantedAuthority("ROLE_ORDINARY_USER"));
grantedAuthority.add(new SimpleGrantedAuthority("ROLE_ALL_USER"));
for (Groups group : listGroups) {
grantedAuthority.add(new SimpleGrantedAuthority(group.getId()));
}

39
maxkey-core/src/main/java/org/maxkey/util/StringUtils.java
View File

@ -24,6 +24,7 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public final class StringUtils {
@ -479,4 +480,42 @@ public final class StringUtils {
}
return null;
}
/**
* 验证是否为正确的邮箱号
*
* @param email
* @return
*/
public static boolean isValidEmail(String email) {
// 1\\w+表示@之前至少要输入一个匹配字母或数字或下划线 \\w 单词字符[a-zA-Z_0-9]
// 2(\\w+\\.)表示域名. 如新浪邮箱域名是sina.com.cn
// {1,3}表示可以出现一次或两次或者三次.
String reg = "\\w+@(\\w+\\.){1,3}\\w+";
Pattern pattern = Pattern.compile(reg);
boolean flag = false;
if (email != null) {
Matcher matcher = pattern.matcher(email);
flag = matcher.matches();
}
return flag;
}
/**
* 验证是否为手机号
*
* @param mobileNo
* @return
*/
public static boolean isValidMobileNo(String mobileNo) {
// 1(13[0-9])|(15[02789])|(18[679])|(17[0-9]) 13段 或者15段 18段17段的匹配
// 2\\d{8} 整数出现8次
boolean flag = false;
Pattern p = Pattern.compile("^((13[0-9])|(14[0-9])|(15[0-9])|(16[0-9])|(17[0-9])|(18[0-9])|(19[0-9]))\\d{8}$");
Matcher match = p.matcher(mobileNo);
if (mobileNo != null) {
flag = match.matches();
}
return flag;
}
}

6
maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java
View File

@ -36,6 +36,7 @@ import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.support.WebApplicationContextUtils;
/**
@ -57,7 +58,10 @@ public class InitializeContext extends HttpServlet {
@Override
public void init(ServletConfig config) throws ServletException {
super.init(config);
_logger.info("SecurityContextHolder StrategyName " + SessionSecurityContextHolderStrategy.class.getCanonicalName());
SecurityContextHolder.setStrategyName(SessionSecurityContextHolderStrategy.class.getCanonicalName());
// List Environment Variables
listEnvVars();

51
maxkey-core/src/main/java/org/maxkey/web/SessionSecurityContextHolderStrategy.java Normal file
View File

@ -0,0 +1,51 @@
package org.maxkey.web;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.security.core.context.SecurityContextImpl;
/**
* SecurityContext Session for Request , use SecurityContextHolderAwareRequestFilter
* @author Crystal.Sea
*
*/
public class SessionSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
private static final Logger _logger =
LoggerFactory.getLogger(SessionSecurityContextHolderStrategy.class);
@Override
public void clearContext() {
WebContext.removeAttribute(WebConstants.AUTHENTICATION);
}
@Override
public SecurityContext getContext() {
SecurityContext ctx = createEmptyContext();
Authentication authentication = null;
try {
authentication = (Authentication)WebContext.getAuthentication();
if (authentication != null) {
ctx.setAuthentication(authentication);
}
}catch(Exception e) {
_logger.trace("a session ", e);
}
return ctx;
}
@Override
public void setContext(SecurityContext context) {
WebContext.setAuthentication(context.getAuthentication());
}
@Override
public SecurityContext createEmptyContext() {
return new SecurityContextImpl();
}
}

6
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
View File

@ -71,8 +71,12 @@ public class WebConstants {
public static final String AUTHENTICATION = "current_authentication";
public static final String THEME_COOKIE_NAME = "maxkey_theme";
public static final String THEME_COOKIE_NAME = "theme_value";
public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";
public static final String ONLINE_TICKET_NAME = "online_ticket";
public static final String ONLINE_TICKET_PREFIX = "OT";
}

14
maxkey-core/src/main/java/org/maxkey/web/WebContext.java
View File

@ -154,6 +154,11 @@ public final class WebContext {
return ((ServletRequestAttributes)
RequestContextHolder.getRequestAttributes()).getRequest();
}
public static HttpServletResponse getResponse() {
return ((ServletRequestAttributes)
RequestContextHolder.getRequestAttributes()).getResponse();
}
/**
* get Http Context full Path.
@ -336,11 +341,14 @@ public final class WebContext {
* @param time cookie的存在时间
*/
public static HttpServletResponse setCookie(
HttpServletResponse response, String name, String value, int time) {
HttpServletResponse response, String domain ,String name, String value, int time) {
// new一个Cookie对象,键值对为参数
Cookie cookie = new Cookie(name, value);
// tomcat下多应用共享
cookie.setPath("/");
if(domain != null) {
cookie.setDomain(domain);
}
// 如果cookie的值中含有中文时需要对cookie进行编码不然会产生乱码
try {
URLEncoder.encode(value, "utf-8");
@ -348,7 +356,9 @@ public final class WebContext {
e.printStackTrace();
}
// 单位
cookie.setMaxAge(time);
if(time > 0) {
cookie.setMaxAge(time);
}
// 将Cookie添加到Response中,使之生效
response.addCookie(cookie); // addCookie后如果已经存在相同名字的cookie则最新的覆盖旧的cookie
return response;

2
maxkey-core/src/main/java/org/maxkey/web/tag/ThemeTagDirective.java
View File

@ -76,7 +76,7 @@ public class ThemeTagDirective implements TemplateDirectiveModel {
if (request.getAttribute(WebConstants.THEME_COOKIE_NAME) == null
&& null != WebContext.getUserInfo()) {
request.setAttribute(WebConstants.THEME_COOKIE_NAME, "theme");
WebContext.setCookie(response,
WebContext.setCookie(response, null,
WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
}

2
maxkey-core/src/main/resources/messages/passwordpolicy_message.properties
View File

@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@ -43,4 +44,5 @@ login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.

4
maxkey-core/src/main/resources/messages/passwordpolicy_message_en.properties
View File

@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=old password not match.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=new password not match confirm password.
PasswordPolicy.OLD_PASSWORD_MATCH=new password match old password.
#for user login
login.error.attempts={0} login attempts the maximum number of {1} times, please login later.
login.error.locked=The user is locked.
login.error.inactive=User inactive state.
@ -42,4 +43,5 @@ login.error.email.null=email cannot be empty.
login.error.password.null=Password cannot be empty.
login.error.captcha=Verification code error, please login again.
login.error.authtype=Login authentication type error.
login.error.session=Login session failed. Please login again.
login.error.session=Login session failed. please login again.
login.error.social=Social login failed. please retry.

4
maxkey-core/src/main/resources/messages/passwordpolicy_message_zh_CN.properties
View File

@ -32,6 +32,7 @@ PasswordPolicy.OLD_PASSWORD_NOT_MATCH=\u539f\u5bc6\u7801\u4e0d\u5339\u914d.
PasswordPolicy.CONFIRMPASSWORD_NOT_MATCH=\u65b0\u5bc6\u7801\u4e0e\u786e\u8ba4\u5bc6\u7801\u4e0d\u4e00\u81f4.
PasswordPolicy.OLD_PASSWORD_MATCH=\u65b0\u5bc6\u7801\u4e0d\u80fd\u4e0e\u65e7\u5bc6\u7801\u4e00\u81f4.
#\u7528\u6237\u767b\u5f55\u9519\u8bef\u63d0\u9192
login.error.attempts={0}\u5c1d\u8bd5\u767b\u9646{1}\u6b21\u6570\u8fbe\u5230\u6700\u5927\u9650\u5236\uff0c\u8bf7\u7a0d\u540e\u518d\u767b\u9646.
login.error.locked=\u7528\u6237\u88ab\u9501\u5b9a.
login.error.inactive=\u7528\u6237\u975e\u6d3b\u52a8\u72b6\u6001.
@ -42,4 +43,5 @@ login.error.email.null=\u767b\u5f55\u90ae\u7bb1\u4e0d\u80fd\u4e3a\u7a7a.
login.error.password.null=\u5bc6\u7801\u4e0d\u80fd\u4e3a\u7a7a.
login.error.captcha=\u9a8c\u8bc1\u7801\u9519\u8bef\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
login.error.authtype=\u767b\u5f55\u8ba4\u8bc1\u7c7b\u578b\u9519\u8bef.
login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
login.error.session=\u767b\u5f55\u4f1a\u8bdd\u5931\u6548\uff0c\u8bf7\u91cd\u65b0\u767b\u9646.
login.error.social=\u793e\u4ea4\u8d26\u53f7\u6388\u6743\u5931\u8d25\uff0c\u8bf7\u91cd\u8bd5.

2
maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/UserInfoMapper.java
View File

@ -60,7 +60,7 @@ public interface UserInfoMapper extends IJpaBaseMapper<UserInfo>{
public int updateProfile(UserInfo userInfo);
@Select("SELECT * FROM USERINFO WHERE EMAIL = #{value} OR MOBILE= #{value}")
@Select("SELECT * FROM MXK_USERINFO WHERE EMAIL = #{value} OR MOBILE= #{value}")
public UserInfo queryUserInfoByEmailMobile(String emailMobile);
}

17
maxkey-persistence/src/main/resources/org/maxkey/persistence/mapper/xml/mysql/AppsMapper.xml
View File

@ -158,29 +158,24 @@
SELECT DISTINCT
APP.*
FROM
MXK_APPS APP,MXK_GROUP_PRIVILEGES GP
MXK_APPS APP,MXK_GROUP_PRIVILEGES GP,MXK_GROUPS G
WHERE
APP.ID=GP.APPID
AND GP.GROUPID IN(
SELECT
G.ID
FROM
`MXK_GROUPS` G
WHERE
G.ID='ALL_USER_GROUP'
OR G.ID IN(
AND GP.GROUPID=G.ID
AND (
G.ID='ROLE_ALL_USER'
OR G.ID IN(
SELECT
GM.GROUPID
FROM
MXK_GROUP_MEMBER GM,MXK_USERINFO U
WHERE 1 = 1
WHERE GM.MEMBERID = U.ID
<if test="userId != null and userId != ''">
AND U.ID = #{userId}
</if>
<if test="username != null and username != ''">
AND U.USERNAME = #{username}
</if>
AND GM.MEMBERID = U.ID
)
)
<if test="name != null and name != ''">

2
maxkey-persistence/src/test/resources/application.properties
View File

@ -24,7 +24,7 @@ spring.servlet.multipart.max-file-size=4194304
#server.servlet.encoding.force=true
#datasource
spring.datasource.username=root
spring.datasource.password=maxkey
spring.datasource.password=root
spring.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8&serverTimezone=UTC
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.type=com.alibaba.druid.pool.DruidDataSource

27
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java Normal file
View File

@ -0,0 +1,27 @@
package org.maxkey.authz.endpoint;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.authn.online.OnlineTicketServices;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
@RequestMapping(value={"/onlineticket"})
public class OnlineTicketEndpoint {
@Autowired
@Qualifier("onlineTicketServices")
protected OnlineTicketServices onlineTicketServices;
@ResponseBody
@RequestMapping(value="/validate")
public String ticketValidate(
@RequestParam(value ="ticket",required = true) String ticket) {
OnlineTicket onlineTicket = onlineTicketServices.get(ticket);
return onlineTicket == null ? "" :onlineTicket.getTicketId();
}
}

3
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java
View File

@ -19,6 +19,7 @@ package org.maxkey.authz.endpoint.adapter;
import java.io.UnsupportedEncodingException;
import org.apache.commons.codec.binary.Hex;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.constants.Boolean;
import org.maxkey.crypto.Base64Utils;
import org.maxkey.crypto.ReciprocalUtils;
@ -39,7 +40,7 @@ public abstract class AbstractAuthorizeAdapter {
public abstract ModelAndView authorize(UserInfo userInfo,Object app,String data,ModelAndView modelAndView);
public abstract String generateInfo(UserInfo userInfo,Object app);
public abstract String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app);
public String sign(String data,Apps app){
if(Boolean.isTrue(app.getIsSignature())){

25
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java Normal file
View File

@ -0,0 +1,25 @@
package org.maxkey.authz.singlelogout;
import java.util.HashMap;
import java.util.UUID;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.domain.apps.Apps;
import org.maxkey.util.DateUtils;
import org.springframework.security.core.Authentication;
public class DefaultSingleLogout extends SingleLogout{
@Override
public void sendRequest(Authentication authentication,Apps logoutApp) {
HashMap<String,Object> logoutParameters = new HashMap<String,Object>();
logoutParameters.put("id", UUID.randomUUID().toString());
logoutParameters.put("principal", authentication.getName());
logoutParameters.put("request", "logoutRequest");
logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
logoutParameters.put("ticket", ((SigninPrincipal)authentication.getPrincipal()).getOnlineTicket().getTicketId());
postMessage(logoutApp.getLogoutUrl(),logoutParameters);
}
}

18
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/LogoutType.java Normal file
View File

@ -0,0 +1,18 @@
package org.maxkey.authz.singlelogout;
public class LogoutType {
/**
* For no SLO.
*/
public static int NONE = 0;
/**
* For back channel SLO.
*/
public static int BACK_CHANNEL = 1;
/**
* For front channel SLO.
*/
public static int FRONT_CHANNEL = 2;
}

46
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SamlSingleLogout.java Normal file
View File

@ -0,0 +1,46 @@
package org.maxkey.authz.singlelogout;
import java.util.HashMap;
import java.util.UUID;
import org.maxkey.domain.apps.Apps;
import org.maxkey.util.DateUtils;
import org.springframework.security.core.Authentication;
/**
* SamlSingleLogout
* https://apereo.github.io/cas/6.2.x/installation/Logout-Single-Signout.html
* @author Crystal.Sea
*
*/
public class SamlSingleLogout extends SingleLogout{
/**
* The parameter name that contains the logout request.
*/
public static final String LOGOUT_REQUEST_PARAMETER = "logoutRequest";
public static final String logoutRequestMessage=
"<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" ID=\"%s\" Version=\"2.0\" "
+ "IssueInstant=\"%s\"><saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">%s"
+ "</saml:NameID><samlp:SessionIndex>%s</samlp:SessionIndex></samlp:LogoutRequest>";
@Override
public void sendRequest(Authentication authentication,Apps logoutApp) {
String requestMessage = String.format(logoutRequestMessage,
UUID.randomUUID().toString(),
DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP),
authentication.getName(),
logoutApp.getOnlineTicket()
);
HashMap<String,Object> logoutParameters = new HashMap<String,Object>();
logoutParameters.put(LOGOUT_REQUEST_PARAMETER, requestMessage);
postMessage(logoutApp.getLogoutUrl(),logoutParameters);
}
public SamlSingleLogout() {
super();
}
}

101
maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/SingleLogout.java Normal file
View File

@ -0,0 +1,101 @@
package org.maxkey.authz.singlelogout;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import org.apache.http.HttpEntity;
import org.apache.http.NameValuePair;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.maxkey.domain.apps.Apps;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
public abstract class SingleLogout {
private static final Logger _logger = LoggerFactory.getLogger(SingleLogout.class);
public abstract void sendRequest(Authentication authentication,Apps logoutApp) ;
public void postMessage(String url,Map<String, Object> paramMap) {
// 创建httpClient实例
CloseableHttpClient httpClient = HttpClients.createDefault();
CloseableHttpResponse httpResponse = null;
// 创建httpPost远程连接实例
HttpPost httpPost = new HttpPost(url);
// 配置请求参数实例
RequestConfig requestConfig = RequestConfig.custom().setConnectTimeout(35000)// 设置连接主机服务超时时间
.setConnectionRequestTimeout(35000)// 设置连接请求超时时间
.setSocketTimeout(60000)// 设置读取数据连接超时时间
.build();
// 为httpPost实例设置配置
httpPost.setConfig(requestConfig);
// 设置请求头
httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
// 封装post请求参数
if (null != paramMap && paramMap.size() > 0) {
List<NameValuePair> nvps = new ArrayList<NameValuePair>();
// 通过map集成entrySet方法获取entity
Set<Entry<String, Object>> entrySet = paramMap.entrySet();
// 循环遍历获取迭代器
Iterator<Entry<String, Object>> iterator = entrySet.iterator();
while (iterator.hasNext()) {
Entry<String, Object> mapEntry = iterator.next();
_logger.debug("Name " + mapEntry.getKey() + " , Value " +mapEntry.getValue());
nvps.add(new BasicNameValuePair(mapEntry.getKey(), mapEntry.getValue().toString()));
}
// 为httpPost设置封装好的请求参数
try {
httpPost.setEntity(new UrlEncodedFormEntity(nvps, "UTF-8"));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
try {
_logger.debug("Post URL " + url + " , Post Message \n" +
httpPost.getEntity().toString()
);
// httpClient对象执行post请求,并返回响应参数对象
httpResponse = httpClient.execute(httpPost);
// 从响应对象中获取响应内容
HttpEntity entity = httpResponse.getEntity();
_logger.debug("Http Response StatusCode " +
httpResponse.getStatusLine().getStatusCode()+
" , Content " +EntityUtils.toString(entity)
);
} catch (Exception e) {
e.printStackTrace();
} finally {
// 关闭资源
if (null != httpResponse) {
try {
httpResponse.close();
} catch (IOException e) {
e.printStackTrace();
}
}
if (null != httpClient) {
try {
httpClient.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
}

12
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
View File

@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
@ -86,21 +86,29 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
@RequestParam(value = CasConstants.PARAMETER.SERVICE) String service,
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew
){
_logger.debug("serviceValidate "
+ " ticket " + ticket
+" , service " + service
+" , renew " + renew
);
Ticket storedTicket=null;
try {
storedTicket = ticketServices.consumeTicket(ticket);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
_logger.error("consume Ticket error " , e);
}
if(storedTicket!=null){
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
String principal=((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername();
_logger.debug("principal "+principal);
return new Service10ResponseBuilder().success()
.setUser(principal)
.serviceResponseBuilder();
}else{
_logger.debug("Ticket not found .");
return new Service10ResponseBuilder().failure()
.serviceResponseBuilder();
}

30
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
View File

@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
@ -173,7 +173,14 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
_logger.debug("serviceValidate "
+ " ticket " + ticket
+" , service " + service
+" , pgtUrl " + pgtUrl
+" , renew " + renew
+" , format " + format
);
setContentType(request,response,format);
Ticket storedTicket=null;
@ -186,14 +193,15 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
String principal=authentication.getUsername();
_logger.debug("principal "+principal);
serviceResponseBuilder.success().setUser(principal);
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
adapter.generateInfo(userInfo, serviceResponseBuilder);
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
}
}else{
serviceResponseBuilder.failure()
@ -274,7 +282,13 @@ Response on ticket validation failure:
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
_logger.debug("proxyValidate "
+ " ticket " + ticket
+" , service " + service
+" , pgtUrl " + pgtUrl
+" , renew " + renew
+" , format " + format
);
setContentType(request,response,format);
Ticket storedTicket=null;
@ -358,7 +372,11 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
@RequestParam(value = CasConstants.PARAMETER.PROXY_GRANTING_TICKET) String pgt,
@RequestParam(value = CasConstants.PARAMETER.TARGET_SERVICE) String targetService,
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
_logger.debug("proxy "
+ " pgt " + pgt
+" , targetService " + targetService
+" , format " + format
);
setContentType(request,response,format);
ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();

29
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
View File

@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
@ -57,7 +57,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
_logger.debug("serviceValidate "
+ " ticket " + ticket
+" , service " + service
+" , pgtUrl " + pgtUrl
+" , renew " + renew
+" , format " + format
);
setContentType(request,response,format);
Ticket storedTicket=null;
@ -69,13 +76,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
String principal=authentication.getUsername();
serviceResponseBuilder.success().setUser(principal);
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
adapter.generateInfo(userInfo, serviceResponseBuilder);
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
}
}else{
serviceResponseBuilder.failure()
@ -96,7 +104,13 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
_logger.debug("proxyValidate "
+ " ticket " + ticket
+" , service " + service
+" , pgtUrl " + pgtUrl
+" , renew " + renew
+" , format " + format
);
setContentType(request,response,format);
Ticket storedTicket=null;
@ -108,13 +122,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
if(storedTicket!=null){
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
String principal=authentication.getUsername();
serviceResponseBuilder.success().setUser(principal);
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
adapter.generateInfo(userInfo, serviceResponseBuilder);
adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
}
}else{
serviceResponseBuilder.failure()

24
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
View File

@ -20,19 +20,26 @@
*/
package org.maxkey.authz.cas.endpoint;
import java.security.Principal;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl;
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
import org.maxkey.authz.singlelogout.LogoutType;
import org.maxkey.domain.apps.AppsCasDetails;
import org.maxkey.web.WebConstants;
import org.maxkey.web.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
@ -89,10 +96,12 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
}
@RequestMapping("/authz/cas/granting")
public ModelAndView grantingTicket(
public ModelAndView grantingTicket(Principal principal,
@AuthenticationPrincipal Object user,
HttpServletRequest request,
HttpServletResponse response){
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
AppsCasDetails casDetails=(AppsCasDetails)WebContext.getAttribute(CasConstants.PARAMETER.ENDPOINT_CAS_DETAILS);
ServiceTicketImpl serviceTicket=new ServiceTicketImpl(WebContext.getAuthentication(),casDetails);
@ -103,6 +112,10 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
callbackUrl.append("?");
}
if(callbackUrl.indexOf("&") != -1) {
callbackUrl.append("&");
}
//append ticket
callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket);
@ -121,6 +134,15 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
}
}
if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
String onlineTicketId = ((SigninPrincipal)WebContext.getAuthentication().getPrincipal()).getOnlineTicket().getTicketId();
OnlineTicket onlineTicket = onlineTicketServices.get(onlineTicketId);
//set cas ticket as OnlineTicketId
casDetails.setOnlineTicket(ticket);
onlineTicket.setAuthorizedApp(casDetails);
onlineTicketServices.store(onlineTicketId, onlineTicket);
}
_logger.debug("redirect to CAS Client URL " + callbackUrl);
return WebContext.redirect(callbackUrl.toString());

5
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasBaseAuthorizeEndpoint.java
View File

@ -20,6 +20,7 @@ package org.maxkey.authz.cas.endpoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.online.OnlineTicketServices;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.service.TicketServices;
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
@ -50,6 +51,10 @@ public class CasBaseAuthorizeEndpoint extends AuthorizeBaseEndpoint{
@Qualifier("casTicketGrantingTicketServices")
protected TicketServices casTicketGrantingTicketServices;
@Autowired
@Qualifier("onlineTicketServices")
protected OnlineTicketServices onlineTicketServices;
public void setContentType(
HttpServletRequest request,

10
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
View File

@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.AbstractAuthenticationProvider;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.LoginCredential;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
import org.maxkey.authz.cas.endpoint.ticket.ServiceTicketImpl;
@ -75,9 +75,9 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
throw new BadCredentialsException("No credentials are provided or extracted to authenticate the REST request");
}
BasicAuthentication authentication =new BasicAuthentication(username,password,"CASREST");
LoginCredential loginCredential =new LoginCredential(username,password,"CASREST");
authenticationProvider.basicAuthenticate(authentication);
authenticationProvider.basicAuthenticate(loginCredential);
TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null);
@ -178,9 +178,9 @@ public class CasRestV1Endpoint extends CasBaseAuthorizeEndpoint{
throw new BadCredentialsException("No credentials are provided or extracted to authenticate the REST request");
}
BasicAuthentication authentication =new BasicAuthentication(username,password,"CASREST");
LoginCredential loginCredential =new LoginCredential(username,password,"CASREST");
authenticationProvider.basicAuthenticate(authentication);
authenticationProvider.basicAuthenticate(loginCredential);
UserInfo userInfo =WebContext.getUserInfo();
TicketGrantingTicketImpl ticketGrantingTicket=new TicketGrantingTicketImpl("Random",WebContext.getAuthentication(),null);

5
maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
View File

@ -20,9 +20,11 @@ package org.maxkey.authz.cas.endpoint.adapter;
import java.io.UnsupportedEncodingException;
import org.apache.commons.codec.binary.Base64;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebConstants;
import org.springframework.web.servlet.ModelAndView;
public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
@ -46,7 +48,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
}
@Override
public String generateInfo(UserInfo userInfo, Object serviceResponseObject) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo, Object serviceResponseObject) {
ServiceResponseBuilder serviceResponseBuilder=(ServiceResponseBuilder)serviceResponseObject;
//for user
serviceResponseBuilder.setAttribute("uid", userInfo.getId());
@ -65,6 +67,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,authentication.getOnlineTicket().getTicketId());
return null;
}

5
maxkey-protocols/maxkey-protocol-desktop/src/main/java/org/maxkey/authz/desktop/endpoint/DesktopAuthorizeEndpoint.java
View File

@ -22,6 +22,7 @@ package org.maxkey.authz.desktop.endpoint;
import javax.servlet.http.HttpServletRequest;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.desktop.endpoint.adapter.DesktopDefaultAdapter;
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
@ -74,7 +75,9 @@ public class DesktopAuthorizeEndpoint extends AuthorizeBaseEndpoint{
adapter =(AbstractAuthorizeAdapter)defaultDesktopAdapter;
}
String paramString=adapter.generateInfo(WebContext.getUserInfo(), desktopDetails);
String paramString=adapter.generateInfo(
(SigninPrincipal)WebContext.getAuthentication().getPrincipal(),
WebContext.getUserInfo(), desktopDetails);
String encryptParamString=adapter.encrypt(paramString, null, null);

3
maxkey-protocols/maxkey-protocol-desktop/src/main/java/org/maxkey/authz/desktop/endpoint/adapter/DesktopDefaultAdapter.java
View File

@ -19,6 +19,7 @@ package org.maxkey.authz.desktop.endpoint.adapter;
import java.util.HashMap;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.crypto.HexUtils;
import org.maxkey.domain.UserInfo;
@ -33,7 +34,7 @@ import org.springframework.web.servlet.ModelAndView;
public class DesktopDefaultAdapter extends AbstractAuthorizeAdapter {
final static Logger _logger = LoggerFactory.getLogger(DesktopDefaultAdapter.class);
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
AppsDesktopDetails details=(AppsDesktopDetails)app;
String parameter=details.getParameter()==null?"":details.getParameter();

3
maxkey-protocols/maxkey-protocol-desktop/src/main/java/org/maxkey/authz/desktop/endpoint/adapter/DesktopQQAdapter.java
View File

@ -19,6 +19,7 @@ package org.maxkey.authz.desktop.endpoint.adapter;
import java.util.HashMap;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.crypto.HexUtils;
import org.maxkey.domain.UserInfo;
@ -33,7 +34,7 @@ import org.springframework.web.servlet.ModelAndView;
public class DesktopQQAdapter extends AbstractAuthorizeAdapter {
final static Logger _logger = LoggerFactory.getLogger(DesktopQQAdapter.class);
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
AppsDesktopDetails details=(AppsDesktopDetails)app;
String parameter=details.getParameter()==null?"":details.getParameter();

3
maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiQQExmailDefaultAdapter.java
View File

@ -19,6 +19,7 @@ package org.maxkey.authz.exapi.endpoint.adapter;
import java.util.HashMap;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.client.oauth.OAuthClient;
import org.maxkey.client.oauth.model.Token;
@ -38,7 +39,7 @@ public class ExtendApiQQExmailDefaultAdapter extends AbstractAuthorizeAdapter {
static String authkey_uri="http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
return null;
}

3
maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authz.formbased.endpoint.adapter;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.constants.Boolean;
import org.maxkey.crypto.DigestUtils;
@ -27,7 +28,7 @@ import org.springframework.web.servlet.ModelAndView;
public class FormBasedDefaultAdapter extends AbstractAuthorizeAdapter {
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
return null;
}

3
maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedNetease163EmailAdapter.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authz.formbased.endpoint.adapter;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.constants.Boolean;
import org.maxkey.domain.UserInfo;
@ -26,7 +27,7 @@ import org.springframework.web.servlet.ModelAndView;
public class FormBasedNetease163EmailAdapter extends AbstractAuthorizeAdapter {
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
return null;
}

3
maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedNeteaseNoteYoudaoAdapter.java
View File

@ -19,6 +19,7 @@ package org.maxkey.authz.formbased.endpoint.adapter;
import java.util.Date;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.crypto.DigestUtils;
import org.maxkey.domain.UserInfo;
@ -28,7 +29,7 @@ import org.springframework.web.servlet.ModelAndView;
public class FormBasedNeteaseNoteYoudaoAdapter extends AbstractAuthorizeAdapter {
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
return null;
}

3
maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedRedirectAdapter.java
View File

@ -17,6 +17,7 @@
package org.maxkey.authz.formbased.endpoint.adapter;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.constants.Boolean;
import org.maxkey.crypto.DigestUtils;
@ -28,7 +29,7 @@ import org.springframework.web.servlet.ModelAndView;
public class FormBasedRedirectAdapter extends AbstractAuthorizeAdapter {
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
return null;
}

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java
View File

@ -20,7 +20,7 @@ package org.maxkey.authz.oauth2.provider.approval.controller;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
@ -102,7 +102,7 @@ public class OAuth20AccessConfirmationController {
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
}
String principal =
((BasicAuthentication) WebContext.getAuthentication().getPrincipal()).getUsername();
((SigninPrincipal) WebContext.getAuthentication().getPrincipal()).getUsername();
for (Approval approval : approvalStore.getApprovals(principal, client.getClientId())) {
if (clientAuth.getScope().contains(approval.getScope())) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
View File

@ -129,7 +129,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
@RequestMapping(value = "/oauth/v20/authorize", method = RequestMethod.GET)
public ModelAndView authorize(Map<String, Object> model, @RequestParam Map<String, String> parameters,
SessionStatus sessionStatus) {
Principal principal=(Principal)WebContext.getAuthentication().getPrincipal();
Principal principal=(Principal)WebContext.getAuthentication();
// Pull out the authorization request first, using the OAuth2RequestFactory. All further logic should
// query off of the authorization request instead of referring back to the parameters map. The contents of the
// parameters map will be stored without change in the AuthorizationRequest object once it is created.
@ -208,7 +208,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
@RequestMapping(value = "/oauth/v20/authorize", method = RequestMethod.POST, params = OAuth2Utils.USER_OAUTH_APPROVAL)
public View approveOrDeny(@RequestParam Map<String, String> approvalParameters, Map<String, ?> model,
SessionStatus sessionStatus) {
Principal principal=(Principal)WebContext.getAuthentication().getPrincipal();
Principal principal=(Principal)WebContext.getAuthentication();
if (!(principal instanceof Authentication)) {
sessionStatus.setComplete();
throw new InsufficientAuthenticationException(

8
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
View File

@ -23,6 +23,7 @@ import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException;
import org.maxkey.authz.oauth2.common.exceptions.InvalidGrantException;
@ -41,6 +42,7 @@ import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
@ -98,9 +100,6 @@ public class TokenEndpoint extends AbstractEndpoint {
Object principal = WebContext.getAuthentication();
if(parameters.get("code") != null) {
principal=WebContext.getAuthentication().getPrincipal();
}
if (!(principal instanceof Authentication)) {
throw new InsufficientAuthenticationException(
"There is no client authentication. Try adding an appropriate authentication filter.");
@ -174,6 +173,9 @@ public class TokenEndpoint extends AbstractEndpoint {
// Might be a client and user combined authentication
clientId = ((OAuth2Authentication) client).getOAuth2Request().getClientId();
}
if (client instanceof UsernamePasswordAuthenticationToken) {
clientId = ((SigninPrincipal)client.getPrincipal()).getUsername();
}
return clientId;
}

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
View File

@ -33,7 +33,7 @@ import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
@ -136,8 +136,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
usernamepassword(request,response);
}else {
Authentication authentication=ClientCredentials(request,response);
BasicAuthentication auth =new BasicAuthentication();
auth.setUsername(((User)authentication.getPrincipal()).getUsername());
SigninPrincipal auth =new SigninPrincipal((User)authentication.getPrincipal());
auth.setAuthenticated(true);
UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities());
WebContext.setAuthentication(simpleUserAuthentication);

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
View File

@ -19,16 +19,18 @@ package org.maxkey.authz.oauth2.provider.userinfo.endpoint;
import java.util.HashMap;
import org.maxkey.authn.SigninPrincipal;
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
import org.maxkey.domain.UserInfo;
import org.maxkey.util.JsonUtils;
import org.maxkey.util.StringGenerator;
import org.maxkey.web.WebConstants;
import org.springframework.web.servlet.ModelAndView;
public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
@Override
public String generateInfo(UserInfo userInfo,Object app) {
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
HashMap<String, Object> beanMap = new HashMap<String, Object>();
beanMap.put("randomId",(new StringGenerator()).uuidGenerate());
beanMap.put("uid", userInfo.getId());
@ -43,6 +45,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
beanMap.put("title", userInfo.getJobTitle());
beanMap.put("state", userInfo.getWorkRegion());
beanMap.put("gender", userInfo.getGender());
beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
String info= JsonUtils.object2Json(beanMap);

Some files were not shown because too many files have changed in this diff Show More