Rest Api for Orgs and Users

Rest Api for Orgs and Users

maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java

@@ -3,7 +3,6 @@ package org.maxkey.autoconfigure;
 import java.nio.charset.Charset;
 import java.util.ArrayList;
 import java.util.List;
-
 import org.maxkey.constants.ConstantsProperties;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -134,6 +133,8 @@ public class MvcAutoConfiguration implements InitializingBean {
         marshallingHttpMessageConverter.setUnmarshaller(jaxb2Marshaller);
         ArrayList<MediaType> mediaTypesList = new ArrayList<MediaType>();
         mediaTypesList.add(MediaType.APPLICATION_XML);
+        mediaTypesList.add(MediaType.TEXT_XML);
+        mediaTypesList.add(MediaType.TEXT_PLAIN);
         marshallingHttpMessageConverter.setSupportedMediaTypes(mediaTypesList);
         return marshallingHttpMessageConverter;
     }
@@ -148,6 +149,7 @@ public class MvcAutoConfiguration implements InitializingBean {
                 new MappingJackson2HttpMessageConverter();
         ArrayList<MediaType> mediaTypesList = new ArrayList<MediaType>();
         mediaTypesList.add(MediaType.APPLICATION_JSON);
+        mediaTypesList.add(MediaType.TEXT_PLAIN);
         mappingJacksonHttpMessageConverter.setSupportedMediaTypes(mediaTypesList);
         return mappingJacksonHttpMessageConverter;
     }
@@ -173,14 +175,14 @@ public class MvcAutoConfiguration implements InitializingBean {
             MappingJackson2HttpMessageConverter mappingJacksonHttpMessageConverter,
             MarshallingHttpMessageConverter marshallingHttpMessageConverter,
             StringHttpMessageConverter stringHttpMessageConverter) {
-        
-        RequestMappingHandlerAdapter requestMappingHandlerAdapter = 
-                new RequestMappingHandlerAdapter();
         List<HttpMessageConverter<?>> httpMessageConverterList = 
                 new ArrayList<HttpMessageConverter<?>>();
         httpMessageConverterList.add(mappingJacksonHttpMessageConverter);
         httpMessageConverterList.add(marshallingHttpMessageConverter);
         httpMessageConverterList.add(stringHttpMessageConverter);
+        
+        RequestMappingHandlerAdapter requestMappingHandlerAdapter = 
+                new RequestMappingHandlerAdapter();
         requestMappingHandlerAdapter.setMessageConverters(httpMessageConverterList);
         return requestMappingHandlerAdapter;
     }

maxkey-core/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java

@@ -8,11 +8,11 @@ import org.maxkey.crypto.Base64Utils;
  */
 public class AuthorizationHeaderUtils {
 
-	public static String AUTHORIZATION_HEADERNAME="Authorization";
+    public static final String AUTHORIZATION_HEADERNAME = "Authorization";
 
-	public static String BASIC="Basic ";
+    public static final String BASIC = "Basic ";
 
-	public static String BEARER="Bearer ";
+    public static final String BEARER = "Bearer ";
 
     public static String createBasic(String username, String password) {
         String authUserPass = username + ":" + password;
@@ -46,13 +46,10 @@ public class AuthorizationHeaderUtils {
         }
     }
 
-	
     public static String createBearer(String bearer) {
         return BEARER + bearer;
     }
 
-
-	
     public static boolean isBearer(String bearer) {
         if (bearer.startsWith(BEARER)) {
             return true;
@@ -61,5 +58,4 @@ public class AuthorizationHeaderUtils {
         }
     }
 
-	
 }

maxkey-identitys/maxkey-identity-kafka/src/main/java/org/maxkey/identity/kafka/KafkaProvisioningService.java

@@ -40,9 +40,35 @@ public class KafkaProvisioningService {
             message.setContent(JsonUtils.gson2Json(content));
             String msg = JsonUtils.gson2Json(message);
             _logger.info("send  message = {}", msg);
+            //通过线程发送Kafka消息
+            KafkaProvisioningThread thread = 
+                    new  KafkaProvisioningThread(kafkaTemplate,topic,msg);
             
+            thread.start();
+        }
+    }
+    
+    
+    
+    class KafkaProvisioningThread extends Thread{
+
+        KafkaTemplate<String, String> kafkaTemplate;
+        
+        String topic ;
+        
+        String msg;
+        
+        public KafkaProvisioningThread(KafkaTemplate<String, String> kafkaTemplate, String topic, String msg) {
+            this.kafkaTemplate = kafkaTemplate;
+            this.topic = topic;
+            this.msg = msg;
+        }
+
+        @Override
+        public void run() {
             kafkaTemplate.send(topic, msg);
         }
+
     }
     
 }

maxkey-identitys/maxkey-identity-rest/.classpath

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" output="bin/main" path="src/main/java">
+		<attributes>
+			<attribute name="gradle_scope" value="main"/>
+			<attribute name="gradle_used_by_scope" value="main,test"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="bin/main" path="src/main/resources">
+		<attributes>
+			<attribute name="gradle_scope" value="main"/>
+			<attribute name="gradle_used_by_scope" value="main,test"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="bin/test" path="src/test/java">
+		<attributes>
+			<attribute name="gradle_scope" value="test"/>
+			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="src" output="bin/test" path="src/test/resources">
+		<attributes>
+			<attribute name="gradle_scope" value="test"/>
+			<attribute name="gradle_used_by_scope" value="test"/>
+			<attribute name="test" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>
+	<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer">
+		<attributes>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="output" path="bin/default"/>
+</classpath>

maxkey-identitys/maxkey-identity-rest/.project

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>maxkey-identity-rest</name>
+	<comment>Project maxkey-identity-rest created by Buildship.</comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.buildship.core.gradleprojectbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.springframework.ide.eclipse.boot.validation.springbootbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
+		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
+		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+		<nature>org.eclipse.buildship.core.gradleprojectnature</nature>
+	</natures>
+</projectDescription>

maxkey-identitys/maxkey-identity-rest/.settings/org.eclipse.buildship.core.prefs

@@ -0,0 +1,2 @@
+connection.project.dir=../..
+eclipse.preferences.version=1

maxkey-identitys/maxkey-identity-rest/.settings/org.eclipse.core.resources.prefs

@@ -0,0 +1,2 @@
+eclipse.preferences.version=1
+encoding/<project>=UTF-8

maxkey-identitys/maxkey-identity-rest/.settings/org.eclipse.wst.common.component

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+	<wb-module deploy-name="maxkey-identity-rest">
+		<wb-resource deploy-path="/" source-path="src/main/resources"/>
+		<wb-resource deploy-path="/" source-path="src/main/java"/>
+		<dependent-module deploy-path="../" handle="module:/resource/maxkey-core/maxkey-core">
+			<dependency-type>uses</dependency-type>
+		</dependent-module>
+		<dependent-module deploy-path="../" handle="module:/resource/maxkey-dao/maxkey-dao">
+			<dependency-type>uses</dependency-type>
+		</dependent-module>
+		<dependent-module deploy-path="../" handle="module:/resource/maxkey-client-sdk/maxkey-client-sdk">
+			<dependency-type>uses</dependency-type>
+		</dependent-module>
+	</wb-module>
+</project-modules>

maxkey-identitys/maxkey-identity-rest/.settings/org.eclipse.wst.common.project.facet.core.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+	<fixed facet="jst.java"/>
+	<installed facet="jst.utility" version="1.0"/>
+	<installed facet="jst.java" version="1.8"/>
+</faceted-project>

maxkey-identitys/maxkey-identity-rest/.settings/org.springframework.ide.eclipse.prefs

@@ -0,0 +1,2 @@
+boot.validation.initialized=true
+eclipse.preferences.version=1

maxkey-identitys/maxkey-identity-rest/build.gradle

@@ -0,0 +1,15 @@
+description = "maxkey-identity-rest"
+
+apply plugin: 'java'
+apply plugin: 'eclipse-wtp'
+
+
+dependencies {
+	//local jars
+	compile fileTree(dir: '../maxkey-lib/*/', include: '*.jar')
+	
+	compile project(":maxkey-core")
+	compile project(":maxkey-dao")
+   	compile project(":maxkey-client-sdk")
+   
+}

maxkey-identitys/maxkey-identity-rest/src/main/java/org/maxkey/identity/rest/RestApiOrgController.java

@@ -0,0 +1,70 @@
+package org.maxkey.identity.rest;
+
+import java.io.IOException;
+
+import org.maxkey.dao.service.OrganizationsService;
+import org.maxkey.domain.Organizations;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.util.UriComponentsBuilder;
+
+@Controller
+@RequestMapping(value={"/identity/api/org"})
+public class RestApiOrgController {
+
+    @Autowired
+    OrganizationsService organizationsService;
+    
+    @ResponseBody
+    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
+    public Organizations getUser(@PathVariable String id,
+                                       @RequestParam(required = false) String attributes) {
+        Organizations org = organizationsService.get(id);
+        return org;
+    }
+
+    @ResponseBody
+    @RequestMapping(method = RequestMethod.POST)
+    public Organizations create(@RequestBody  Organizations org,
+                                                      @RequestParam(required = false) String attributes,
+                                                      UriComponentsBuilder builder) throws IOException {
+        Organizations loadOrg = organizationsService.get(org.getId());
+        if(loadOrg == null) {
+            organizationsService.insert(org);
+        }else {
+            organizationsService.update(org);
+        }
+        return org;
+    }
+
+    @ResponseBody
+    @RequestMapping(value = "/{id}", method = RequestMethod.PUT)
+    public Organizations replace(@PathVariable String id,
+                                                       @RequestBody Organizations org,
+                                                       @RequestParam(required = false) String attributes)
+            throws IOException {
+        Organizations loadOrg = organizationsService.get(id);
+        if(loadOrg == null) {
+            organizationsService.insert(org);
+        }else {
+            organizationsService.update(org);
+        }
+
+        return org;
+    }
+
+    @RequestMapping(value = "/{id}", method = RequestMethod.DELETE)
+    @ResponseStatus(HttpStatus.OK)
+    public void delete(@PathVariable final String id) {
+        organizationsService.remove(id);
+       
+    }
+}

maxkey-identitys/maxkey-identity-rest/src/main/java/org/maxkey/identity/rest/RestApiUserInfoController.java

@@ -0,0 +1,74 @@
+package org.maxkey.identity.rest;
+
+import java.io.IOException;
+
+import org.maxkey.dao.service.UserInfoService;
+import org.maxkey.domain.UserInfo;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.util.UriComponentsBuilder;
+
+@Controller
+@RequestMapping(value={"/identity/api/userinfo"})
+public class RestApiUserInfoController {
+
+    @Autowired
+    @Qualifier("userInfoService")
+    private UserInfoService userInfoService;
+    
+    @RequestMapping(value = "/{id}", method = RequestMethod.GET)
+    @ResponseBody
+    public UserInfo getUser(
+                                       @PathVariable String id,
+                                       @RequestParam(required = false) String attributes) {
+        
+        UserInfo loadUserInfo = userInfoService.get(id);
+        loadUserInfo.setDecipherable(null);
+        return loadUserInfo;
+    }
+
+    @RequestMapping(method = RequestMethod.POST)
+    @ResponseBody
+    public UserInfo create(@RequestBody  UserInfo userInfo,
+                                                      @RequestParam(required = false) String attributes,
+                                                      UriComponentsBuilder builder) throws IOException {
+        UserInfo loadUserInfo = userInfoService.loadByUsername(userInfo.getUsername());
+        if(loadUserInfo != null) {
+            userInfoService.update(userInfo);
+        }else {
+            userInfoService.insert(userInfo);
+        }
+        return userInfo;
+    }
+
+    @RequestMapping(value = "/{id}", method = RequestMethod.PUT)
+    @ResponseBody
+    public UserInfo replace(@PathVariable String id,
+                                                       @RequestBody UserInfo userInfo,
+                                                       @RequestParam(required = false) String attributes)
+            throws IOException {
+        UserInfo loadUserInfo = userInfoService.loadByUsername(userInfo.getUsername());
+        if(loadUserInfo != null) {
+            userInfoService.update(userInfo);
+        }else {
+            userInfoService.insert(userInfo);
+        }
+        return userInfo;
+    }
+
+    @RequestMapping(value = "/{id}", method = RequestMethod.DELETE)
+    @ResponseStatus(HttpStatus.OK)
+    public void delete(@PathVariable final String id) {
+        userInfoService.logisticDeleteAllByCid(id);
+       
+    }
+}

maxkey-web-manage/build.gradle

@@ -24,6 +24,7 @@ dependencies {
    	compile project(":maxkey-protocols:maxkey-protocol-saml-2.0")   
    	compile project(":maxkey-identitys:maxkey-identity-scim")   
    	compile project(":maxkey-identitys:maxkey-identity-kafka")	
+   	compile project(":maxkey-identitys:maxkey-identity-rest")
    	
 }
 

maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java

@@ -35,7 +35,8 @@ import org.springframework.context.annotation.ImportResource;
     "org.maxkey.web",
     "org.maxkey.web.tag",
     "org.maxkey.identity.kafka",
-    "org.maxkey.identity.scim.controller"
+    "org.maxkey.identity.scim.controller",
+    "org.maxkey.identity.rest"
 })
 @MapperScan("org.maxkey.dao.persistence,")
 public class MaxKeyMgtApplication extends SpringBootServletInitializer {

maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java

@@ -2,8 +2,15 @@ package org.maxkey;
 
 import javax.sql.DataSource;
 import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService;
+import org.maxkey.authz.oauth2.provider.token.DefaultTokenServices;
+import org.maxkey.authz.oauth2.provider.token.TokenStore;
+import org.maxkey.authz.oauth2.provider.token.store.InMemoryTokenStore;
+import org.maxkey.authz.oauth2.provider.token.store.JdbcTokenStore;
+import org.maxkey.authz.oauth2.provider.token.store.RedisTokenStore;
+import org.maxkey.authz.oidc.idtoken.OIDCIdTokenEnhancer;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,6 +38,46 @@ public class MaxKeyMgtConfig  implements InitializingBean {
         return clientDetailsService;
     }
 	
+    /**
+     * TokenStore. 
+     * @param persistence int
+     * @return oauth20TokenStore
+     */
+    @Bean(name = "oauth20TokenStore")
+    public TokenStore oauth20TokenStore(
+            @Value("${config.server.persistence}") int persistence,
+            JdbcTemplate jdbcTemplate,
+            RedisConnectionFactory jedisConnectionFactory) {
+        TokenStore tokenStore = null;
+        if (persistence == 0) {
+            tokenStore = new InMemoryTokenStore();
+            _logger.debug("InMemoryTokenStore");
+        } else if (persistence == 1) {
+            tokenStore = new JdbcTokenStore(jdbcTemplate);
+            _logger.debug("JdbcTokenStore");
+        } else if (persistence == 2) {
+            tokenStore = new RedisTokenStore(jedisConnectionFactory);
+            _logger.debug("RedisTokenStore");
+        }
+        return tokenStore;
+    }
+    
+    /**
+     * clientDetailsUserDetailsService. 
+     * @return oauth20TokenServices
+     */
+    @Bean(name = "oauth20TokenServices")
+    public DefaultTokenServices DefaultTokenServices(
+            JdbcClientDetailsService oauth20JdbcClientDetailsService,
+            TokenStore oauth20TokenStore) {
+        DefaultTokenServices tokenServices = new DefaultTokenServices();
+        tokenServices.setClientDetailsService(oauth20JdbcClientDetailsService);
+        tokenServices.setTokenStore(oauth20TokenStore);
+        tokenServices.setSupportRefreshToken(true);
+        return tokenServices;
+    }
+    
+	
 	//以下内容可以注释掉后再xml中配置,xml引入在MaxKeyMgtApplication中
 	@Bean(name = "authenticationRealm")
     public JdbcAuthenticationRealm JdbcAuthenticationRealm(

maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java

@@ -2,6 +2,7 @@ package org.maxkey;
 
 import org.maxkey.web.interceptor.HistoryLogsAdapter;
 import org.maxkey.web.interceptor.PermissionAdapter;
+import org.maxkey.web.interceptor.RestApiPermissionAdapter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -25,6 +26,9 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
     @Autowired
     LocaleChangeInterceptor localeChangeInterceptor;
     
+    @Autowired
+    RestApiPermissionAdapter restApiPermissionAdapter;
+    
     @Override
     public void addResourceHandlers(ResourceHandlerRegistry registry) {
         registry.addResourceHandler("/static/**")
@@ -73,6 +77,13 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
         registry.addInterceptor(localeChangeInterceptor);
         _logger.debug("add LocaleChangeInterceptor");
         
+        
+        registry.addInterceptor(restApiPermissionAdapter)
+                .addPathPatterns("/identity/api/**")
+                ;
+
+        _logger.debug("add RestApiPermissionAdapter");
+        
     }
 
 }

maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java

@@ -0,0 +1,64 @@
+package org.maxkey.web.interceptor;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
+import org.maxkey.authz.oauth2.provider.token.DefaultTokenServices;
+import org.maxkey.crypto.password.PasswordReciprocal;
+import org.maxkey.util.AuthorizationHeaderUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+/**
+ * OAuth v2.0 accessToken认证Interceptor处理.
+ * @author Crystal.Sea
+ *
+ */
+@Component
+public class Oauth20ApiPermissionAdapter extends HandlerInterceptorAdapter {
+	private static final Logger _logger = LoggerFactory.getLogger(Oauth20ApiPermissionAdapter.class);
+	
+	@Autowired
+    @Qualifier("passwordReciprocal")
+    protected PasswordReciprocal passwordReciprocal;
+	
+	@Autowired
+    @Qualifier("oauth20TokenServices")
+    private DefaultTokenServices oauth20tokenServices;
+	
+	static  ConcurrentHashMap<String ,String >navigationsMap=null;
+	
+	/*
+	 * 请求前处理
+	 *  (non-Javadoc)
+	 * @see org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object)
+	 */
+	@Override
+	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
+		 _logger.trace("Oauth20ApiPermissionAdapter preHandle");
+		String  authorization = request.getHeader(AuthorizationHeaderUtils.AUTHORIZATION_HEADERNAME);
+		 
+		 String accessToken = AuthorizationHeaderUtils.resolveBearer(authorization);
+		 OAuth2Authentication authentication = oauth20tokenServices.loadAuthentication(accessToken);
+		 
+		//判断应用的accessToken信息
+		if(authentication != null ){
+		    _logger.trace("authentication "+ authentication);
+		    return true;
+		}
+		
+		_logger.trace("No Authentication ... forward to /login");
+        RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
+        dispatcher.forward(request, response);
+        
+		return false;
+	}
+}

maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/RestApiPermissionAdapter.java

@@ -0,0 +1,67 @@
+package org.maxkey.web.interceptor;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.maxkey.crypto.password.PasswordReciprocal;
+import org.maxkey.dao.service.AppsService;
+import org.maxkey.domain.apps.Apps;
+import org.maxkey.util.AuthorizationHeaderUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+/**
+ * basic认证Interceptor处理.
+ * @author Crystal.Sea
+ *
+ */
+@Component
+public class RestApiPermissionAdapter extends HandlerInterceptorAdapter {
+	private static final Logger _logger = LoggerFactory.getLogger(RestApiPermissionAdapter.class);
+	
+	@Autowired
+    AppsService appsService;
+	
+	@Autowired
+    @Qualifier("passwordReciprocal")
+    protected PasswordReciprocal passwordReciprocal;
+	
+	static  ConcurrentHashMap<String ,String >navigationsMap=null;
+	
+	/*
+	 * 请求前处理
+	 *  (non-Javadoc)
+	 * @see org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.Object)
+	 */
+	@Override
+	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
+		 _logger.trace("RestApiPermissionAdapter preHandle");
+		String  authorization = request.getHeader(AuthorizationHeaderUtils.AUTHORIZATION_HEADERNAME);
+		 
+		 String [] basicUserPass = AuthorizationHeaderUtils.resolveBasic(authorization);
+		 
+		//判断应用的AppId和Secret
+		if(basicUserPass != null && basicUserPass.length==2){
+		    _logger.trace(""+ basicUserPass[0]+":"+basicUserPass[1]);
+		    Apps app = appsService.get(basicUserPass[0]);
+		    
+		    _logger.debug("App Info "+ app.getSecret());
+		    if(app != null && passwordReciprocal.encode(basicUserPass[1]).equalsIgnoreCase(app.getSecret())) {
+		        return true;
+		    }
+		}
+		
+		
+		_logger.trace("No Authentication ... forward to /login");
+        RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
+        dispatcher.forward(request, response);
+        
+		return false;
+	}
+}

settings.gradle

@@ -12,6 +12,7 @@ include 'maxkey-authentications'
 //identity
 include 'maxkey-identitys:maxkey-identity-scim'
 include 'maxkey-identitys:maxkey-identity-kafka'
+include 'maxkey-identitys:maxkey-identity-rest'
 
 
 //connectors