v 1.5.0 RC2

2025-12-07 09:28:49 +08:00 · 2020-05-17 22:14:12 +08:00 · 2020-05-17 22:14:12 +08:00 · dcae09742f
commit dcae09742f
parent d5e494810b
14 changed files with 154 additions and 100 deletions
--- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java
@ -15,9 +15,11 @@ import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.ImportResource;
@SpringBootApplication
-@ImportResource(locations={"classpath:spring/maxkey-mgt.xml"})
+//@ImportResource(locations={"classpath:spring/maxkey-mgt.xml"})
@ComponentScan(basePackages = {
    "org.maxkey.MaxKeyMgtConfig",
    "org.maxkey.MaxKeyMgtMvcConfig",
    "org.maxkey.web.interceptor",
    "org.maxkey.config",
    "org.maxkey.domain",
    "org.maxkey.domain.apps",
@ -30,14 +32,13 @@ import org.springframework.context.annotation.ImportResource;
    "org.maxkey.dao",
    "org.maxkey.web",
    "org.maxkey.web.tag"
-	}
+})
 )
@MapperScan("org.maxkey.dao.persistence,")
 public class MaxKeyMgtApplication extends SpringBootServletInitializer {
 	private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtApplication.class);
 	public static void main(String[] args) {
-		System.out.println("MaxKeyMgtApplication");
+	    _logger.info("Start MaxKeyMgtApplication ...");
 		ConfigurableApplicationContext  applicationContext =SpringApplication.run(MaxKeyMgtApplication.class, args);
 		InitializeContext initWebContext=new InitializeContext(applicationContext);
--- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java
@ -2,6 +2,8 @@ package org.maxkey;
 import javax.sql.DataSource;
 import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService;
 import org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn;
 import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
@ -9,6 +11,7 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration
@ -32,9 +35,26 @@ public class MaxKeyMgtConfig  implements InitializingBean {
                DataSource dataSource,PasswordEncoder passwordReciprocal) {
 	    JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
 	    clientDetailsService.setPasswordEncoder(passwordReciprocal);
 	    _logger.debug("JdbcClientDetailsService inited.");
        return clientDetailsService;
    }
 	//以下内容可以注释掉后再xml中配置,xml引入在MaxKeyMgtApplication中
 	@Bean(name = "authenticationRealm")
    public JdbcAuthenticationRealm JdbcAuthenticationRealm(
                JdbcTemplate jdbcTemplate) {
        JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(jdbcTemplate);
        _logger.debug("JdbcAuthenticationRealm inited.");
        return authenticationRealm;
    }
 	@Bean(name = "tfaOptAuthn")
    public TimeBasedOtpAuthn tfaOptAuthn() {
 	    TimeBasedOtpAuthn tfaOptAuthn = new TimeBasedOtpAuthn();
 	    _logger.debug("TimeBasedOtpAuthn inited.");
        return tfaOptAuthn;
    }
    @Override
    public void afterPropertiesSet() throws Exception {
        // TODO Auto-generated method stub
--- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
@ -0,0 +1,72 @@
 package org.maxkey;
 import org.maxkey.web.interceptor.HistoryLogsAdapter;
 import org.maxkey.web.interceptor.PermissionAdapter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
@Configuration
@EnableWebMvc
 public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
    private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyMgtMvcConfig.class);
    @Autowired
    PermissionAdapter permissionAdapter;
    @Autowired
    HistoryLogsAdapter historyLogsAdapter;
    @Autowired
    LocaleChangeInterceptor localeChangeInterceptor;
    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        registry.addResourceHandler("/static/**")
                .addResourceLocations("classpath:/static/");
        registry.addResourceHandler("/templates/**")
                .addResourceLocations("classpath:/templates/");
        _logger.debug("add addResourceHandler");
    }
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //addPathPatterns 用于添加拦截规则 ， 先把所有路径都加入拦截， 再一个个排除
        //excludePathPatterns 表示改路径不用拦截
        registry.addInterceptor(permissionAdapter)
                .addPathPatterns("/main/**")
                .addPathPatterns("/orgs/**")
                .addPathPatterns("/userinfo/**")
                .addPathPatterns("/apps/**")
                .addPathPatterns("/groups/**")
                .addPathPatterns("/groupMember/**")
                .addPathPatterns("/groupPrivileges/**")
                .addPathPatterns("/config/**")
                .addPathPatterns("/logs/**")
                ;
        _logger.debug("add PermissionAdapter");
        registry.addInterceptor(historyLogsAdapter)
                .addPathPatterns("/users/*")
                .addPathPatterns("/userinfo/**")
                .addPathPatterns("/enterprises/**")
                .addPathPatterns("/employees/**")
                .addPathPatterns("/authInfo/**")
                .addPathPatterns("/usercenter/**")
                .addPathPatterns("/retrievePassword/**")
                .addPathPatterns("/roles/**")
                .addPathPatterns("/apps/**")
                .addPathPatterns("/approles/**")
                ;
        _logger.debug("add HistoryLogsAdapter");
        registry.addInterceptor(localeChangeInterceptor);
        _logger.debug("add LocaleChangeInterceptor");
    }
 }
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/HistoryLogsAdapter.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/HistoryLogsAdapter.java
@ -14,6 +14,8 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.ModelAndView;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@ -25,6 +27,7 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 * @author Crystal.Sea
 *
 */
@Component
 public class HistoryLogsAdapter extends HandlerInterceptorAdapter {
 	private static final Logger _logger = LoggerFactory.getLogger(HistoryLogsAdapter.class);
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
@ -12,6 +12,8 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 /**
 * 权限Interceptor处理
@ -20,7 +22,7 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 * @author Crystal.Sea
 *
 */
-
+@Component
 public class PermissionAdapter extends HandlerInterceptorAdapter {
 	private static final Logger _logger = LoggerFactory.getLogger(PermissionAdapter.class);
 	//无需Interceptor url
--- a/maxkey-web-manage/src/main/resources/META-INF/spring.factories
+++ b/maxkey-web-manage/src/main/resources/META-INF/spring.factories
@ -5,4 +5,5 @@ org.maxkey.autoconfigure.KaptchaAutoConfiguration,\
 org.maxkey.autoconfigure.MvcAutoConfiguration,\
 org.maxkey.autoconfigure.JwtAuthnAutoConfiguration,\
 org.maxkey.autoconfigure.RedisAutoConfiguration,\
-org.maxkey.MaxKeyMgtConfig
+org.maxkey.MaxKeyMgtConfig,\
 org.maxkey.MaxKeyMgtMvcConfig
--- a/maxkey-web-manage/src/main/resources/application.properties
+++ b/maxkey-web-manage/src/main/resources/application.properties
@ -3,7 +3,6 @@
 application.title=MaxKey
 application.name=MaxKey-Mgt
 application.formatted-version=v1.5.0 GA
 #server config
 #server port
 server.port=9521
@ -58,5 +57,6 @@ spring.freemarker.suffix=.ftl
 spring.mvc.static-path-pattern=/static/**
 spring.messages.basename=classpath:messages/message
 spring.messages.encoding=UTF-8
-
+#main
 spring.main.banner-mode=log
 spring.main.allow-bean-definition-overriding=true
--- a/maxkey-web-manage/src/main/resources/banner.txt
+++ b/maxkey-web-manage/src/main/resources/banner.txt
@ -1,3 +1,4 @@
   __  ___           __ __        
  /  |/  /__ ___ __ / //_/__ __ __
 / /|_/ / _ `/\ \ // ,< / -_) // /
--- a/maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
+++ b/maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
@ -17,45 +17,6 @@
 	        http://www.springframework.org/schema/util/spring-util.xsd
 	        http://www.springframework.org/schema/mvc 
 	        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
    <!-- enable autowire -->
    <context:annotation-config />
 	<mvc:annotation-driven />
    <!-- web Controller InterceptorAdapter  -->
    <mvc:interceptors>
        <!-- web Controller InterceptorAdapter for platform permission  -->
        <mvc:interceptor>
            <mvc:mapping path="/main*/**" />
            <mvc:mapping path="/main*/**" />
            <mvc:mapping path="/orgs*/**" />
            <mvc:mapping path="/userinfo*/**" />
            <mvc:mapping path="/apps*/**" />
            <mvc:mapping path="/app*/**" />
            <mvc:mapping path="/groups*/**" />
            <mvc:mapping path="/groupMember*/**" />
            <mvc:mapping path="/groupPrivileges*/**" />
            <mvc:mapping path="/config*/**" />
            <mvc:mapping path="/logs*/**" />
            <bean class="org.maxkey.web.interceptor.PermissionAdapter" />
        </mvc:interceptor>  
        <!-- web Controller InterceptorAdapter for platform log  -->
        <mvc:interceptor>
            <mvc:mapping path="/users/*" /> 
            <mvc:mapping path="/userinfo/*" />
            <mvc:mapping path="/enterprises/*" />
            <mvc:mapping path="/employees/*" />
            <mvc:mapping path="/authInfo/*" />
            <mvc:mapping path="/usercenter/*"/>
            <mvc:mapping path="/retrievePassword/*"/>
            <mvc:mapping path="/roles/*"/>
            <mvc:mapping path="/applications/*"/>
            <mvc:mapping path="/approles/*"/>
            <bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
        </mvc:interceptor>
         <ref bean="localeChangeInterceptor" />
    </mvc:interceptors>
    <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
    </bean>
@ -105,8 +66,5 @@
        <constructor-arg ref="jdbcTemplate"/>
    </bean>
    <mvc:annotation-driven />
    <mvc:default-servlet-handler />
 </beans>
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java
@ -21,6 +21,8 @@ public class MaxKeyApplication extends SpringBootServletInitializer {
     * @param args args
     */
    public static void main(String[] args) {
        _logger.info("Start MaxKeyApplication ...");
        VFS.addImplClass(SpringBootVFS.class);
        ConfigurableApplicationContext applicationContext = 
                SpringApplication.run(MaxKeyApplication.class, args);
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistoryLoginAppAdapter.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistoryLoginAppAdapter.java
@ -37,21 +37,14 @@ public class HistoryLoginAppAdapter extends HandlerInterceptorAdapter {
            HttpServletResponse response,
            Object handler,ModelAndView modelAndView) throws Exception {
        _logger.debug("postHandle");
-        String appId = null;
+       
        if (WebContext.getAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID) != null) {
            appId = WebContext.getAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID).toString();
        }
        if (appId == null) {
            PreLoginAppAdapter.getAppIdFromRequestUrl(request);
        }
        //Applications  app=applicationsService.get(appId);
        final Apps app = (Apps)WebContext.getAttribute(AuthorizeBaseEndpoint.class.getName());
        String sessionId = (String)WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID);
        final UserInfo userInfo = WebContext.getUserInfo();
-        _logger.debug("sessionId : " + sessionId + " ,appId : " + appId);
+        _logger.debug("sessionId : " + sessionId + " ,appId : " + app.getId());
        HistoryLoginApps historyLoginApps = new HistoryLoginApps();
        historyLoginApps.setId(historyLoginApps.generateId());
-        historyLoginApps.setAppId(appId);
+        historyLoginApps.setAppId(app.getId());
        historyLoginApps.setSessionId(sessionId);
        historyLoginApps.setAppName(app.getName());
        historyLoginApps.setUid(userInfo.getId());
--- a/maxkey-web-maxkey/src/main/resources/application.properties
+++ b/maxkey-web-maxkey/src/main/resources/application.properties
@ -64,4 +64,5 @@ spring.mvc.static-path-pattern=/static/**
 spring.messages.basename=classpath:messages/message
 spring.messages.encoding=UTF-8
 #main
 spring.main.banner-mode=log
 spring.main.allow-bean-definition-overriding=true
--- a/maxkey-web-maxkey/src/main/resources/banner.txt
+++ b/maxkey-web-maxkey/src/main/resources/banner.txt
@ -1,3 +1,4 @@
   __  ___           __ __        
  /  |/  /__ ___ __ / //_/__ __ __
 / /|_/ / _ `/\ \ // ,< / -_) // /
--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
@ -17,7 +17,6 @@
 	        http://www.springframework.org/schema/util/spring-util.xsd
 	        http://www.springframework.org/schema/mvc 
 	        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
 	<!-- Authentication Extends support -->
 	<!-- HttpHeader Support Start-->
    <bean id="httpHeaderSupport" class="org.maxkey.authn.support.httpheader.HttpHeaderConfig">
@ -99,7 +98,6 @@
    <!-- Social Sign On Endpoint-->
    <context:component-scan base-package="org.maxkey.web.authentication.support.socialsignon" />
    <bean id="socialSignOnWeibo" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
        <property name="provider" value="${config.socialsignon.sinaweibo.provider}"/>
        <property name="providerName" value="${config.socialsignon.sinaweibo.provider.name}"/>
@ -153,6 +151,8 @@
        <property name="sortOrder" value="${config.socialsignon.dingtalk.sortorder}"/>
    </bean> 
    <!-- Add Your Providers Here -->
    <bean id="socialSignOnProviderService" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService">
        <property name="socialSignOnProviders" >
            <list>
@ -162,7 +162,7 @@
                <ref bean="socialSignOnMicrosoft"/>
                <ref bean="socialSignOnFacebook"/>
                <ref bean="socialSignOndingtalk"/>
-                
+                <!-- ref Your Providers Here -->
            </list>
        </property>
    </bean>
@ -172,35 +172,30 @@
    </bean>
     <!-- Social Sign On Support End -->
- 	<!-- enable autowire -->
+    <!-- Web URL InterceptorAdapter  -->
    <context:annotation-config />
    <!-- language select must remove -->
    <mvc:annotation-driven />
    <!-- web Controller InterceptorAdapter  -->
    <mvc:interceptors>
-        <!-- web Controller InterceptorAdapter for platform permission  -->
+        <!-- InterceptorAdapter for platform permission  -->
        <mvc:interceptor>
            <!-- for permission -->
-            <mvc:mapping path="/index*/**" />
+            <mvc:mapping path="/index/**" />
-            <mvc:mapping path="/logs*/**" />
+            <mvc:mapping path="/logs/**" />
-            <mvc:mapping path="/userinfo*/**" />
+            <mvc:mapping path="/userinfo/**" />
-            <mvc:mapping path="/profile*/**" />
+            <mvc:mapping path="/profile/**" />
-            <mvc:mapping path="/safe*/**" />
+            <mvc:mapping path="/safe/**" />
-            <mvc:mapping path="/historys*/**" />
+            <mvc:mapping path="/historys/**" />
-            <mvc:mapping path="/appList*/**" />
+            <mvc:mapping path="/appList/**" />
            <mvc:mapping path="/socialsignon/**" />
            <bean class="org.maxkey.web.interceptor.PermissionAdapter" />
        </mvc:interceptor> 
-        <!-- web Controller InterceptorAdapter for platform log  -->
+         
        <!-- InterceptorAdapter for platform log  -->
        <mvc:interceptor>
            <mvc:mapping path="/users/*" /> 
            <mvc:mapping path="/userinfo/*" />
-            <mvc:mapping path="/authInfo/*" />
+            <mvc:mapping path="//safe/changePassword/**"/>
            <mvc:mapping path="/retrievePassword/*"/>
            <bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
        </mvc:interceptor>
-        <!-- web Controller sso Adapter -->
+        
        <!-- Interceptor LoginAppAdapter sso Adapter -->
        <mvc:interceptor>
            <mvc:mapping path="/authz/basic/*" />
            <mvc:mapping path="/authz/ltpa/*" />
@ -213,7 +208,8 @@
            <mvc:mapping path="/authz/cas/granting"/>
            <bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
        </mvc:interceptor>
-        <!-- web Controller sso Adapter -->
+        
        <!-- Interceptor LoginApp History Logs -->
        <mvc:interceptor>
            <mvc:mapping path="/authz/basic/*" />
            <mvc:mapping path="/authz/ltpa/*" />
@ -288,6 +284,9 @@
        <constructor-arg ref="jdbcTemplate"/>
    </bean>
    <!-- enable autowire -->
    <context:annotation-config />
    <mvc:annotation-driven />
    <mvc:default-servlet-handler />