mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-07 17:38:32 +08:00
ExtendApiAdapters
This commit is contained in:
MaxKey
parent
9ecc16e62d
commit
c4cd48f63c
@ -0,0 +1,125 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.authz.exapi.endpoint.adapter;
|
||||
|
||||
import java.time.Instant;
|
||||
import java.util.HashMap;
|
||||
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.client.http.HttpVerb;
|
||||
import org.maxkey.client.oauth.OAuthClient;
|
||||
import org.maxkey.client.oauth.model.Token;
|
||||
import org.maxkey.crypto.DigestUtils;
|
||||
import org.maxkey.util.HttpsTrusts;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.domain.ExtraAttrs;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
/**
|
||||
* https://exmail.qq.com/qy_mng_logic/doc
|
||||
* exmail sso
|
||||
* @author shimingxy
|
||||
*
|
||||
*/
|
||||
public class ExtendApiCndnsApiMailAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiCndnsApiMailAdapter.class);
|
||||
//sign no parameter
|
||||
//sign=md5(action=getDomainInfo&appid=***&time=1579736456 + md5(token))
|
||||
//sign with parameter
|
||||
//sign=md5(action=getUserInfo&appid=***&email=admin@maxkey.org&time=1579736456 + md5(token))
|
||||
|
||||
static String SIGN_STRING ="action=getDomainInfo&appid=%s%s";
|
||||
|
||||
static String SIGN_EMAIL_STRING ="action=getUserInfo&appid=%s&email=%s&time=%s%s";
|
||||
|
||||
static String ADMIN_AUTHKEY_URI ="https://www.cndnsapi.com/email/clientmanagement?action=getDomailUrl&appid=%s&sign=%s&time=%s";
|
||||
|
||||
static String AUTHKEY_URI ="https://www.cndnsapi.com/email/clientmanagement?action=getWebMailUrl&appid=%s&sign=%s&time=%s";
|
||||
|
||||
|
||||
@Override
|
||||
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String data, String algorithmKey, String algorithm) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
|
||||
HttpsTrusts.beforeConnection();
|
||||
|
||||
Apps details=(Apps)app;
|
||||
//extraAttrs from Applications
|
||||
ExtraAttrs extraAttrs=null;
|
||||
String action = "getWebMailUrl";
|
||||
String domain = null;
|
||||
if(details.getIsExtendAttr()==1){
|
||||
extraAttrs=new ExtraAttrs(details.getExtendAttr());
|
||||
if(extraAttrs.get("action")==null || extraAttrs.get("action").equalsIgnoreCase("getWebMailUrl")) {
|
||||
action = "getWebMailUrl";
|
||||
}else if(extraAttrs.get("action").equalsIgnoreCase("getDomailUrl")){
|
||||
action = "getDomailUrl";
|
||||
domain = extraAttrs.get("domain");
|
||||
}
|
||||
}
|
||||
|
||||
String timestamp = ""+Instant.now().getEpochSecond();
|
||||
|
||||
String tokenMd5 =DigestUtils.md5Hex(details.getCredentials());
|
||||
HashMap<String,String > requestParamenter =new HashMap<String,String >();
|
||||
String redirec_uri = "";
|
||||
if(action.equalsIgnoreCase("getDomailUrl")) {
|
||||
String sign =DigestUtils.md5Hex
|
||||
(String.format(
|
||||
SIGN_STRING,
|
||||
details.getPrincipal(),timestamp,tokenMd5));
|
||||
requestParamenter.put("domain", domain);
|
||||
OAuthClient authkeyRestClient=new OAuthClient(
|
||||
String.format(ADMIN_AUTHKEY_URI,details.getPrincipal(),sign,timestamp),HttpVerb.POST);
|
||||
authkeyRestClient.addRestObject(requestParamenter);
|
||||
|
||||
HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
|
||||
redirec_uri=authKey.get("adminUrl");
|
||||
|
||||
}else {
|
||||
String sign =DigestUtils.md5Hex
|
||||
(String.format(
|
||||
SIGN_EMAIL_STRING,
|
||||
details.getPrincipal(),userInfo.getEmail(),timestamp,tokenMd5));
|
||||
requestParamenter.put("email", userInfo.getWorkEmail());
|
||||
OAuthClient authkeyRestClient=new OAuthClient(
|
||||
String.format(AUTHKEY_URI,details.getPrincipal(),sign,timestamp),HttpVerb.POST);
|
||||
authkeyRestClient.addRestObject(requestParamenter);
|
||||
|
||||
HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
|
||||
redirec_uri=authKey.get("webmailUrl");
|
||||
}
|
||||
|
||||
_logger.debug("redirec_uri : "+redirec_uri);
|
||||
return WebContext.redirect(redirec_uri);
|
||||
}
|
||||
|
||||
}
|
||||
@ -23,6 +23,7 @@ import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.client.oauth.OAuthClient;
|
||||
import org.maxkey.client.oauth.model.Token;
|
||||
import org.maxkey.util.HttpsTrusts;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.domain.ExtraAttrs;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
@ -31,12 +32,18 @@ import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
public class ExtendApiQQExmailDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiQQExmailDefaultAdapter.class);
|
||||
static String login_url_template="https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=%s&user=%s&ticket=%s";
|
||||
static String token_uri="https://exmail.qq.com/cgi-bin/token";
|
||||
static String authkey_uri="http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
|
||||
/**
|
||||
* https://exmail.qq.com/qy_mng_logic/doc
|
||||
* exmail sso
|
||||
* @author shimingxy
|
||||
*
|
||||
*/
|
||||
public class ExtendApiQQExmailAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiQQExmailAdapter.class);
|
||||
//https://exmail.qq.com/qy_mng_logic/doc#10003
|
||||
static String TOKEN_URI="https://api.exmail.qq.com/cgi-bin/gettoken?corpid=%s&corpsecret=%s";
|
||||
//https://exmail.qq.com/qy_mng_logic/doc#10036
|
||||
static String AUTHKEY_URI="https://api.exmail.qq.com/cgi-bin/service/get_login_url?access_token=%s&userid=%s";
|
||||
|
||||
@Override
|
||||
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
|
||||
@ -50,26 +57,26 @@ public class ExtendApiQQExmailDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
|
||||
@Override
|
||||
public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
|
||||
HttpsTrusts.beforeConnection();
|
||||
|
||||
Apps details=(Apps)app;
|
||||
//extraAttrs from Applications
|
||||
ExtraAttrs extraAttrs=null;
|
||||
if(details.getIsExtendAttr()==1){
|
||||
extraAttrs=new ExtraAttrs(details.getExtendAttr());
|
||||
}
|
||||
OAuthClient tokenRestClient=new OAuthClient(token_uri);
|
||||
tokenRestClient.addParameter("grant_type", "client_credentials");
|
||||
tokenRestClient.addBasicAuthorization(details.getPrincipal(), details.getCredentials());
|
||||
OAuthClient tokenRestClient=new OAuthClient(
|
||||
String.format(TOKEN_URI,details.getPrincipal(),details.getCredentials()));
|
||||
Token token =tokenRestClient.requestAccessToken();
|
||||
_logger.debug(""+token);
|
||||
|
||||
OAuthClient authkeyRestClient=new OAuthClient(authkey_uri);
|
||||
authkeyRestClient.addBearerAuthorization(token.getAccess_token());
|
||||
authkeyRestClient.addParameter("Alias", details.getAppUser().getRelatedUsername());
|
||||
OAuthClient authkeyRestClient=new OAuthClient(
|
||||
String.format(AUTHKEY_URI,token.getAccess_token(),details.getAppUser().getRelatedUsername()));
|
||||
|
||||
HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
|
||||
_logger.debug("authKey : "+authKey);
|
||||
|
||||
String redirec_uri=String.format(login_url_template,details.getPrincipal(),details.getAppUser().getRelatedUsername(),authKey.get("auth_key"));
|
||||
String redirec_uri=authKey.get("login_url");
|
||||
_logger.debug("redirec_uri : "+redirec_uri);
|
||||
return WebContext.redirect(redirec_uri);
|
||||
}
|
||||
@ -0,0 +1,94 @@
|
||||
/*
|
||||
* Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.authz.exapi.endpoint.adapter;
|
||||
|
||||
import java.time.Instant;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.crypto.DigestUtils;
|
||||
import org.maxkey.domain.ExtraAttrs;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
/**
|
||||
*
|
||||
* http://target.maxkey.org/demo/login?code=maxkey&time=timestamp&token=token
|
||||
* login url http://target.maxkey.org/demo/login?code=%s×tamp=%s&token=%s
|
||||
*
|
||||
* $code = 'maxkey';
|
||||
* $key = 'a5246932b0f371263c252384076cd3f0';
|
||||
* $timestamp = '1557034496';
|
||||
* $token = md5($code . $key . $time);
|
||||
*
|
||||
* @author shimingxy
|
||||
*
|
||||
*/
|
||||
public class ExtendApiTimestampSignAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiTimestampSignAdapter.class);
|
||||
|
||||
@Override
|
||||
public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String data, String algorithmKey, String algorithm) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
|
||||
Apps details=(Apps)app;
|
||||
|
||||
String code = details.getPrincipal();
|
||||
String key = details.getCredentials();
|
||||
String timestamp = ""+Instant.now().getEpochSecond();
|
||||
String token =DigestUtils.md5Hex(code+key+timestamp);
|
||||
|
||||
//extraAttrs from Applications
|
||||
ExtraAttrs extraAttrs=null;
|
||||
if(details.getIsExtendAttr()==1){
|
||||
extraAttrs=new ExtraAttrs(details.getExtendAttr());
|
||||
if(extraAttrs.get("sign") == null || extraAttrs.get("sign").equalsIgnoreCase("md5")) {
|
||||
|
||||
}else if(extraAttrs.get("sign").equalsIgnoreCase("sha") || extraAttrs.get("sign").equalsIgnoreCase("sha1")) {
|
||||
token =DigestUtils.shaHex(code+key+timestamp);
|
||||
}else if(extraAttrs.get("sign").equalsIgnoreCase("sha256")) {
|
||||
token =DigestUtils.sha256Hex(code+key+timestamp);
|
||||
}else if(extraAttrs.get("sign").equalsIgnoreCase("sha384")) {
|
||||
token =DigestUtils.sha384Hex(code+key+timestamp);
|
||||
}else if(extraAttrs.get("sign").equalsIgnoreCase("sha512")) {
|
||||
token =DigestUtils.sha512Hex(code+key+timestamp);
|
||||
}
|
||||
}
|
||||
|
||||
_logger.debug(""+token);
|
||||
String account = userInfo.getUsername();
|
||||
|
||||
String redirec_uri = String.format(details.getLoginUrl(),account,code,timestamp,token);
|
||||
|
||||
|
||||
_logger.debug("redirec_uri : "+redirec_uri);
|
||||
|
||||
return WebContext.redirect(redirec_uri);
|
||||
}
|
||||
|
||||
}
|
||||
@ -40,8 +40,8 @@ import org.springframework.web.servlet.ModelAndView;
|
||||
* @author shimi
|
||||
*
|
||||
*/
|
||||
public class ExtendApiZentaoDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiZentaoDefaultAdapter.class);
|
||||
public class ExtendApiZentaoAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(ExtendApiZentaoAdapter.class);
|
||||
static String login_url_template="api.php?m=user&f=apilogin&account=%s&code=%s&time=%s&token=%s";
|
||||
static String login_url_m_template="account=%s&code=%s&time=%s&token=%s";
|
||||
|
||||
@ -91,3 +91,4 @@ public class ExtendApiZentaoDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user