admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 17:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

OAuth 2 PKCE 持久化

Browse Source
This commit is contained in:
Crystal.Sea 2021-10-09 14:28:56 +08:00
parent 121fe4123b
commit eca3367610
12 changed files with 115 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
View File

@ -62,6 +62,8 @@ public class AppsOAuth20Details extends Apps {
private String userInfoEncryptionMethod;
private String jwksUri;
private String pkce;
/**
*
@ -88,7 +90,7 @@ public class AppsOAuth20Details extends Apps {
this.setVendor(application.getVendor());
this.setVendorUrl(application.getVendorUrl());
this.setVisible(application.getVisible());
this.clientSecret = baseClientDetails.getClientSecret();
this.scope = baseClientDetails.getScope().toString();
this.resourceIds = baseClientDetails.getResourceIds().toString();
@ -110,9 +112,19 @@ public class AppsOAuth20Details extends Apps {
this.jwksUri = baseClientDetails.getJwksUri();
this.approvalPrompt = baseClientDetails.getApprovalPrompt();
this.pkce = baseClientDetails.getPkce();
}
public String getPkce() {
return pkce;
}
public void setPkce(String pkce) {
this.pkce = pkce;
}
/**
* @return the clientId
*/
@ -327,6 +339,8 @@ public class AppsOAuth20Details extends Apps {
baseClientDetails.setJwksUri(this.getJwksUri());
baseClientDetails.setApprovalPrompt(this.getApprovalPrompt());
baseClientDetails.setPkce(this.getPkce());
baseClientDetails.setProtocol(this.getProtocol());
return baseClientDetails;
}

5
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
View File

@ -147,5 +147,10 @@ public interface ClientDetails extends Serializable {
public String getJwksUri();
public String getApprovalPrompt();
public String getPkce();
public String getProtocol();
}

20
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
View File

@ -94,6 +94,10 @@ public class BaseClientDetails implements ClientDetails {
private String approvalPrompt;
private String pkce;
private String protocol;
public BaseClientDetails() {
}
@ -370,6 +374,22 @@ public class BaseClientDetails implements ClientDetails {
public void setApprovalPrompt(String approvalPrompt) {
this.approvalPrompt = approvalPrompt;
}
public String getPkce() {
return pkce;
}
public void setPkce(String pkce) {
this.pkce = pkce;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
@Override
public int hashCode() {

13
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
View File

@ -60,7 +60,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
+ "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, "
+ "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, APPROVALPROMPT , "
+ "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, "
+ "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI";
+ "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI, PKCE, PROTOCOL";
private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE;
@ -72,7 +72,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?";
private static final String DEFAULT_INSERT_STATEMENT = "insert into mxk_apps_oauth_client_details (" + CLIENT_FIELDS
+ ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
+ ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
private static final String DEFAULT_UPDATE_STATEMENT = "update mxk_apps_oauth_client_details " + "set "
+ CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?";
@ -196,7 +196,11 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
clientDetails.getIdTokenSigningAlgorithm(),
clientDetails.getIdTokenEncryptedAlgorithm(), clientDetails.getIdTokenEncryptionMethod(),
clientDetails.getUserInfoSigningAlgorithm(), clientDetails.getUserInfoEncryptedAlgorithm(),
clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), clientDetails.getClientId() };
clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(),
clientDetails.getPkce(), clientDetails.getProtocol(),
clientDetails.getClientId()
};
}
private String getAutoApproveScopes(ClientDetails clientDetails) {
@ -279,7 +283,8 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM"));
details.setJwksUri(rs.getString("JWKSURI"));
details.setApprovalPrompt(rs.getString("APPROVALPROMPT"));
details.setPkce(rs.getString("PKCE"));
details.setProtocol(rs.getString("PROTOCOL"));
String json = rs.getString(10);
if (json != null) {
try {

2
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
View File

@ -270,7 +270,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
apps.protocol.oauth2.0=OAuth2.0
apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
apps.protocol.cas=CAS\u8ba4\u8bc1

2
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
View File

@ -273,7 +273,7 @@ apps.category=category
apps.protocol.formbased=formbased
apps.protocol.desktop=desktop
apps.protocol.tokenbased=tokenbased
apps.protocol.oauth2.0=OAuth2.0
apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=Lightweight Third-Party(LTPA)
apps.protocol.cas=CAS

2
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
View File

@ -272,7 +272,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
apps.protocol.oauth2.0=OAuth2.0
apps.protocol.oauth2.0=OAuth2.x
apps.protocol.saml2.0=SAML2.0
apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
apps.protocol.cas=CAS\u8ba4\u8bc1

2
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
View File

@ -45,7 +45,7 @@
</tr>
<tr>
<th style="width:15%;"><@locale code="apps.protocol"/></th>
<td style="width:35%;">
<td style="width:35%;" id="app_protocol_control">
<span id="protocol_text" >${model.protocol!}</span>
<input type="hidden"class="form-control" id="protocol" name="protocol" title="" value="${model.protocol!}"/>
</td>

2
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
View File

@ -55,7 +55,7 @@
</tr>
<tr>
<th><@locale code="apps.icon"/></th>
<td><img id="iconFileImg" width='30' height='30' src='<@base/>/image/${model.id!}'/>
<td><img id="iconFileImg" height='30' src='<@base/>/image/${model.id!}'/>
</td>
<th><@locale code="common.text.sortindex"/></th>
<td>

2
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
View File

@ -17,6 +17,8 @@
};
var protocolArray = new Array();
protocolArray["OAuth_v2.0"]="oauth20";
protocolArray["OAuth_v2.1"]="oauth20";
protocolArray["OpenID_Connect_v1.0"]="oauth20";
protocolArray["SAML_v2.0"]="saml20";
protocolArray["Token_Based"]="tokenbased";
protocolArray["Form_Based"]="formbased";

51
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
View File

@ -4,6 +4,21 @@
<#include "../../layout/header.ftl"/>
<#include "../../layout/common.cssjs.ftl"/>
<#include "../appCommonHead.ftl"/>
<script type="text/javascript">
<!--
$(function(){
if("OAuth_v2.0"=="${model.protocol!}") {
$("#app_protocol_control").html(
'<select id="protocol" name="protocol" class="form-control form-select" >'+
'<option value="OAuth_v2.0" selected >OAuth_v2.0</option>'+
'<option value="OAuth_v2.1" >OAuth_v2.1</option>'+
'<option value="OpenID_Connect_v1.0" >OpenID_Connect_v1.0</option>'+
'</select>'
);
}
});
//-->
</script>
</head>
<body>
<form id="actionForm_app" method="post" type="label" autoclose="true" closeWindow="true"
@ -94,6 +109,27 @@
</td>
</tr>
<tr>
<th>PKCE</th>
<td >
<select id="pkce" name="pkce" class="form-control form-select">
<option value="yes" >
<@locale code="common.text.yes" /></option>
<option value="no" selected>
<@locale code="common.text.no" /></option>
</select>
</td>
<th><@locale code="apps.oauth.approvalPrompt" /></th>
<td >
<select id="approvalPrompt" name="approvalPrompt" class="form-control form-select" >
<option value="force" selected>
<@locale code="apps.oauth.approvalPrompt.force" /></option>
<option value="auto" >
<@locale code="apps.oauth.approvalPrompt.auto" /></option>
</select>
</td>
</tr>
<tr>
<td colspan=4><@locale code="apps.oauth.connect.info" /></td>
</tr>
<tr>
@ -189,20 +225,7 @@
</select>
</td>
</tr>
<tr>
<th><@locale code="apps.oauth.approvalPrompt" /></th>
<td >
<select id="approvalPrompt" name="approvalPrompt" class="form-control form-select" >
<option value="force" selected>
<@locale code="apps.oauth.approvalPrompt.force" /></option>
<option value="auto" >
<@locale code="apps.oauth.approvalPrompt.auto" /></option>
</select>
</td>
<th></th>
<td >
</td>
</tr>
<tr>
<td colspan =4>
<input id="status" type="hidden" name="status" value="1"/>

38
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
View File

@ -55,7 +55,7 @@
<td>phone<input type="checkbox" id="scope_phone" name="scope" value="phone" <#if model.scope?contains('phone') >checked</#if>/></td>
<td>address<input type="checkbox" id="scope_address" name="scope" value="address" <#if model.scope?contains('address') >checked</#if>/></td>
<td>all<input type="checkbox" id="scope_all" name="scope" value="all" <#if model.scope?contains('all') >checked</#if>/></td>
<td><b class="orange">*</b><label for="scope"></label></td>
<td><b class="orange"></b><label for="scope"></label></td>
</tr>
</table>
</td>
@ -96,6 +96,26 @@
</td>
</tr>
<tr>
<th>PKCE</th>
<td >
<select id="pkce" name="pkce" class="form-control form-select">
<option value="yes" <#if "yes"==model.pkce?default("yes") >selected</#if>>
<@locale code="common.text.yes" /></option>
<option value="no" <#if 'no'==model.pkce >selected</#if>>
<@locale code="common.text.no" /></option>
</select>
</td>
<th><@locale code="apps.oauth.approvalPrompt" /></th>
<td >
<select id="approvalPrompt" name="approvalPrompt" class="form-control form-select">
<option value="force" <#if ""==model.approvalPrompt?default("") >selected</#if>>
<@locale code="apps.oauth.approvalPrompt.force" /></option>
<option value="auto" <#if 'auto'==model.approvalPrompt >selected</#if>>
<@locale code="apps.oauth.approvalPrompt.auto" /></option>
</select>
</td>
</tr>
<tr>
<th><@locale code="apps.oauth.connect.idTokenSigningAlgorithm" /></th>
<td >
<select id="idTokenSigningAlgorithm" name="idTokenSigningAlgorithm" class="form-control form-select">
@ -188,21 +208,7 @@
</select>
</td>
</tr>
<tr>
<th><@locale code="apps.oauth.approvalPrompt" /></th>
<td >
<select id="approvalPrompt" name="approvalPrompt" class="form-control form-select">
<option value="force" <#if ""==model.approvalPrompt?default("") >selected</#if>>
<@locale code="apps.oauth.approvalPrompt.force" /></option>
<option value="auto" <#if 'auto'==model.approvalPrompt >selected</#if>>
<@locale code="apps.oauth.approvalPrompt.auto" /></option>
</select>
</td>
<th></th>
<td >
</td>
</tr>
</tbody>
</table>
</td>