diff --git a/maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java b/maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
index eb41b4175..5c9748eba 100644
--- a/maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
@@ -62,6 +62,8 @@ public class AppsOAuth20Details extends Apps {
private String userInfoEncryptionMethod;
private String jwksUri;
+
+ private String pkce;
/**
*
@@ -88,7 +90,7 @@ public class AppsOAuth20Details extends Apps {
this.setVendor(application.getVendor());
this.setVendorUrl(application.getVendorUrl());
this.setVisible(application.getVisible());
-
+
this.clientSecret = baseClientDetails.getClientSecret();
this.scope = baseClientDetails.getScope().toString();
this.resourceIds = baseClientDetails.getResourceIds().toString();
@@ -110,9 +112,19 @@ public class AppsOAuth20Details extends Apps {
this.jwksUri = baseClientDetails.getJwksUri();
this.approvalPrompt = baseClientDetails.getApprovalPrompt();
+
+ this.pkce = baseClientDetails.getPkce();
}
+ public String getPkce() {
+ return pkce;
+ }
+
+ public void setPkce(String pkce) {
+ this.pkce = pkce;
+ }
+
/**
* @return the clientId
*/
@@ -327,6 +339,8 @@ public class AppsOAuth20Details extends Apps {
baseClientDetails.setJwksUri(this.getJwksUri());
baseClientDetails.setApprovalPrompt(this.getApprovalPrompt());
+ baseClientDetails.setPkce(this.getPkce());
+ baseClientDetails.setProtocol(this.getProtocol());
return baseClientDetails;
}
diff --git a/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java b/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
index e05de374f..8a95e9e87 100644
--- a/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
@@ -147,5 +147,10 @@ public interface ClientDetails extends Serializable {
public String getJwksUri();
public String getApprovalPrompt();
+
+ public String getPkce();
+
+ public String getProtocol();
+
}
diff --git a/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java b/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
index dcad19c7a..29970d086 100644
--- a/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
@@ -94,6 +94,10 @@ public class BaseClientDetails implements ClientDetails {
private String approvalPrompt;
+ private String pkce;
+
+ private String protocol;
+
public BaseClientDetails() {
}
@@ -370,6 +374,22 @@ public class BaseClientDetails implements ClientDetails {
public void setApprovalPrompt(String approvalPrompt) {
this.approvalPrompt = approvalPrompt;
}
+
+ public String getPkce() {
+ return pkce;
+ }
+
+ public void setPkce(String pkce) {
+ this.pkce = pkce;
+ }
+
+ public String getProtocol() {
+ return protocol;
+ }
+
+ public void setProtocol(String protocol) {
+ this.protocol = protocol;
+ }
@Override
public int hashCode() {
diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
index 260d21da7..8f1b80e18 100644
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
@@ -60,7 +60,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
+ "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, "
+ "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, APPROVALPROMPT , "
+ "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, "
- + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI";
+ + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI, PKCE, PROTOCOL";
private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE;
@@ -72,7 +72,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?";
private static final String DEFAULT_INSERT_STATEMENT = "insert into mxk_apps_oauth_client_details (" + CLIENT_FIELDS
- + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
+ + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
private static final String DEFAULT_UPDATE_STATEMENT = "update mxk_apps_oauth_client_details " + "set "
+ CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?";
@@ -196,7 +196,11 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
clientDetails.getIdTokenSigningAlgorithm(),
clientDetails.getIdTokenEncryptedAlgorithm(), clientDetails.getIdTokenEncryptionMethod(),
clientDetails.getUserInfoSigningAlgorithm(), clientDetails.getUserInfoEncryptedAlgorithm(),
- clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), clientDetails.getClientId() };
+ clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(),
+ clientDetails.getPkce(), clientDetails.getProtocol(),
+ clientDetails.getClientId()
+
+ };
}
private String getAutoApproveScopes(ClientDetails clientDetails) {
@@ -279,7 +283,8 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM"));
details.setJwksUri(rs.getString("JWKSURI"));
details.setApprovalPrompt(rs.getString("APPROVALPROMPT"));
-
+ details.setPkce(rs.getString("PKCE"));
+ details.setProtocol(rs.getString("PROTOCOL"));
String json = rs.getString(10);
if (json != null) {
try {
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
index 4565b031f..e80b13f02 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
@@ -270,7 +270,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
apps.protocol.cas=CAS\u8ba4\u8bc1
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
index a05511bb5..62442dced 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
@@ -273,7 +273,7 @@ apps.category=category
apps.protocol.formbased=formbased
apps.protocol.desktop=desktop
apps.protocol.tokenbased=tokenbased
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=Lightweight Third-Party(LTPA)
apps.protocol.cas=CAS
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
index 49334a563..ce7abd410 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
@@ -272,7 +272,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
apps.protocol.cas=CAS\u8ba4\u8bc1
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
index bd9d9951f..34fac0f67 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
@@ -45,7 +45,7 @@
| <@locale code="apps.protocol"/>: |
-
+ |
${model.protocol!}
|
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
index 3a3b0ef23..95c2e8b57 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
@@ -55,7 +55,7 @@
| <@locale code="apps.icon"/>: |
- 
+ |
|
<@locale code="common.text.sortindex"/> |
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
index 17570e97b..e4e5016a1 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
@@ -17,6 +17,8 @@
};
var protocolArray = new Array();
protocolArray["OAuth_v2.0"]="oauth20";
+ protocolArray["OAuth_v2.1"]="oauth20";
+ protocolArray["OpenID_Connect_v1.0"]="oauth20";
protocolArray["SAML_v2.0"]="saml20";
protocolArray["Token_Based"]="tokenbased";
protocolArray["Form_Based"]="formbased";
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
index 9929b655c..7428c3d72 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
@@ -4,6 +4,21 @@
<#include "../../layout/header.ftl"/>
<#include "../../layout/common.cssjs.ftl"/>
<#include "../appCommonHead.ftl"/>
+
|
+ | PKCE: |
+
+
+ |
+ <@locale code="apps.oauth.approvalPrompt" />: |
+
+
+ |
+
+
+
| <@locale code="apps.oauth.connect.info" /> |
@@ -189,20 +225,7 @@
-
- | <@locale code="apps.oauth.approvalPrompt" />: |
-
-
- |
- |
-
- |
-
+
|
diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
index 9f654cfab..4f4dadad3 100644
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
@@ -55,7 +55,7 @@
| phonechecked/> |
addresschecked/> |
allchecked/> |
- * |
+ |
@@ -96,6 +96,26 @@
+ | PKCE: |
+
+
+ |
+ <@locale code="apps.oauth.approvalPrompt" />: |
+
+
+ |
+
+
| <@locale code="apps.oauth.connect.idTokenSigningAlgorithm" />: |
|
-
- | <@locale code="apps.oauth.approvalPrompt" />: |
-
-
- |
- |
-
-
- |
-
+