From ef4bfb86f0739e058ded645703ac7c656f1377fb Mon Sep 17 00:00:00 2001 From: MaxKey Date: Tue, 26 Sep 2023 14:17:45 +0800 Subject: [PATCH] =?UTF-8?q?#I844NY=20=20=E6=B6=88=E9=99=A4Session=E4=B8=8E?= =?UTF-8?q?Authentication=E6=9D=A5=E5=9B=9E=E5=B5=8C=E5=A5=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dromara/maxkey/authn/SignPrincipal.java | 24 +++++++++---------- .../org/dromara/maxkey/authn/jwt/AuthJwt.java | 2 +- .../maxkey/authn/jwt/AuthJwtService.java | 2 +- .../authn/web/HttpSessionListenerAdapter.java | 2 +- .../maxkey/web/ProductEnvironment.java | 2 +- .../singlelogout/DefaultSingleLogout.java | 2 +- .../cas/endpoint/CasAuthorizeEndpoint.java | 2 +- .../endpoint/adapter/CasDefaultAdapter.java | 2 +- .../cas/endpoint/adapter/CasPlainAdapter.java | 2 +- .../jwt/endpoint/adapter/JwtAdapter.java | 2 +- .../provider/OAuth2UserDetailsService.java | 2 +- .../endpoint/OAuthDefaultUserInfoAdapter.java | 2 +- .../endpoint/UserInfoOIDCEndpoint.java | 4 ++-- .../provider/endpoint/AssertionEndpoint.java | 2 +- .../adapter/TokenBasedDefaultAdapter.java | 2 +- .../HistorySignOnAppInterceptor.java | 2 +- 16 files changed, 28 insertions(+), 28 deletions(-) diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java index dd841c85c..619b4e673 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java @@ -32,7 +32,7 @@ public class SignPrincipal implements UserDetails { UserDetails userDetails; - Session session; + String sessionId; ArrayList grantedAuthority; ArrayList grantedAuthorityApps; boolean authenticated; @@ -71,7 +71,7 @@ public class SignPrincipal implements UserDetails { this.accountNonLocked = true; this.credentialsNonExpired =true; this.enabled = true; - this.session = session; + this.sessionId = session.getId(); this.userInfo.setSessionId(session.getId()); } @@ -120,13 +120,6 @@ public class SignPrincipal implements UserDetails { this.grantedAuthority = grantedAuthority; } - public Session getSession() { - return session; - } - - public void setSession(Session session) { - this.session = session; - } public boolean isRoleAdministrators() { return roleAdministrators; @@ -152,7 +145,16 @@ public class SignPrincipal implements UserDetails { return this.credentialsNonExpired; } - @Override + + public String getSessionId() { + return sessionId; + } + + public void setSessionId(String sessionId) { + this.sessionId = sessionId; + } + + @Override public boolean isEnabled() { return this.enabled; } @@ -192,8 +194,6 @@ public class SignPrincipal implements UserDetails { builder.append(userInfo); builder.append(", userDetails="); builder.append(userDetails); - builder.append(", session="); - builder.append(session); builder.append(", grantedAuthority="); builder.append(grantedAuthority); builder.append(", grantedAuthorityApps="); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java index 1b5ae7711..86f09a580 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java @@ -89,7 +89,7 @@ public class AuthJwt implements Serializable { this.expiresIn = expiresIn; this.refreshToken = refreshToken; - this.ticket = principal.getSession().getId(); + this.ticket = principal.getSessionId(); this.id = principal.getUserInfo().getId(); this.username = principal.getUserInfo().getUsername(); this.name = this.username; diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java index d33a4b2af..7a94d7427 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java @@ -56,7 +56,7 @@ public class AuthJwtService { JWTClaimsSet jwtClaims =new JWTClaimsSet.Builder() .issuer(issuer) .subject(subject) - .jwtID(principal.getSession().getId()) + .jwtID(principal.getSessionId()) .issueTime(currentDateTime.toDate()) .expirationTime(expirationTime) .claim("locale", userInfo.getLocale()) diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java index 5b85bd829..b59d60ae3 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java @@ -65,7 +65,7 @@ public class HttpSessionListenerAdapter implements HttpSessionListener { session.getId(), signPrincipal.getUserInfo().getId(), signPrincipal.getUserInfo().getUsername(), - signPrincipal.getSession().getId()); + signPrincipal.getSessionId()); }else if(principal instanceof User) { User user = (User)principal; _logger.trace("{} HttpSession Id {} for username {} password {} Destroyed" , diff --git a/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java b/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java index 49c09c5dd..79bbf0244 100644 --- a/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java +++ b/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java @@ -35,7 +35,7 @@ public class ProductEnvironment { String key = it.next(); logger.trace("{} = {}" , key , map.get(key)); } - logger.debug("APP_HOME" + " = {}" , PathUtils.getInstance().getAppPath()); + logger.info("APP_HOME" + " = {}" , PathUtils.getInstance().getAppPath()); Processor processor = ArchUtils.getProcessor(); if (Objects.isNull(processor)){ diff --git a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java index 94a30fd66..8b73a375b 100644 --- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java +++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java @@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{ logoutParameters.put("principal", authentication.getName()); logoutParameters.put("request", "logoutRequest"); logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP)); - logoutParameters.put("ticket", ((SignPrincipal)authentication.getPrincipal()).getSession().getFormattedId()); + logoutParameters.put("ticket", ((SignPrincipal)authentication.getPrincipal()).getSessionId()); postMessage(logoutApp.getLogoutUrl(),logoutParameters); } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java index 97e882b18..b997f51c2 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java @@ -155,7 +155,7 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{ if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) { _logger.debug("CAS LogoutType BACK_CHANNEL ... "); - String sessionId = AuthorizationUtils.getPrincipal().getSession().getId(); + String sessionId = AuthorizationUtils.getPrincipal().getSessionId(); _logger.trace("get session by id {} . ",sessionId); Session session = sessionManager.get(sessionId); _logger.trace("current session {} ",session); diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java index 056ea8e63..1ef29f76c 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java @@ -76,7 +76,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter { serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId()); serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion())); serviceResponseBuilder.setAttribute("institution", userInfo.getInstId()); - serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId()); + serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId()); return serviceResponseBuilder; } diff --git a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java index 479590536..f9c2d59ce 100644 --- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java +++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java @@ -61,7 +61,7 @@ public class CasPlainAdapter extends AbstractAuthorizeAdapter { serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId()); serviceResponseBuilder.setAttribute("workRegion",userInfo.getWorkRegion()); serviceResponseBuilder.setAttribute("institution", userInfo.getInstId()); - serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId()); + serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId()); return serviceResponseBuilder; } diff --git a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java index c6882e598..d5dc01e5f 100644 --- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java +++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java @@ -82,7 +82,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter { .claim("user_id", userInfo.getId()) .claim("external_id", userInfo.getId()) .claim("locale", userInfo.getLocale()) - .claim(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId()) + .claim(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId()) .claim("kid", jwtDetails.getId()+ "_sig") .claim("institution", userInfo.getInstId()) .build(); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java index 1db0e3b93..5f0bb7a03 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java @@ -50,7 +50,7 @@ public class OAuth2UserDetailsService implements UserDetailsService { SignPrincipal principal = new SignPrincipal(userInfo); Session onlineTicket = new Session(onlineTickitId); //set OnlineTicket - principal.setSession(onlineTicket); + principal.setSessionId(onlineTicket.getId()); ArrayList grantedAuthoritys = loginRepository.grantAuthority(userInfo); principal.setAuthenticated(true); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java index 32e73f5d6..1cc886ba3 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java @@ -66,7 +66,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter { beanMap.put("state", userInfo.getWorkRegion()); beanMap.put("gender", userInfo.getGender()); beanMap.put("institution", userInfo.getInstId()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId()); String info= JsonUtils.toString(beanMap); diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java index d9da32a8f..5234a97d9 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java @@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint { String userJson = ""; Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder(); - SignPrincipal authentication = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(); + SignPrincipal oauthPrincipal = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(); String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject()); _logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" , @@ -134,7 +134,7 @@ public class UserInfoOIDCEndpoint { jwtClaimsSetBuilder.claim("sub", subject); jwtClaimsSetBuilder.claim("institution", userInfo.getInstId()); - jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getSession().getFormattedId()); + jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, oauthPrincipal.getSessionId()); if(scopes.contains("profile")){ jwtClaimsSetBuilder.claim("userId", userInfo.getId()); diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java index e657e0b8c..078841aac 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java @@ -79,7 +79,7 @@ public class AssertionEndpoint { logger.debug("AuthnRequestInfo: {}", authnRequestInfo); HashMap attributeMap=new HashMap(); attributeMap.put(WebConstants.ONLINE_TICKET_NAME, - AuthorizationUtils.getPrincipal().getSession().getFormattedId()); + AuthorizationUtils.getPrincipal().getSessionId()); //saml20Details Response authResponse = authnResponseGenerator.generateAuthnResponse( diff --git a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java index 72ae919a0..dcbd8dc5d 100644 --- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java +++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java @@ -73,7 +73,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter { } beanMap.put("displayName", userInfo.getDisplayName()); - beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId()); + beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId()); /* * use UTC date time format diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java index 9210b5af7..644dec61a 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java @@ -63,7 +63,7 @@ public class HistorySignOnAppInterceptor implements AsyncHandlerInterceptor { SignPrincipal principal = AuthorizationUtils.getPrincipal(); if(principal != null && app !=null) { final UserInfo userInfo = principal.getUserInfo(); - String sessionId = principal.getSession().getId(); + String sessionId = principal.getSessionId(); logger.debug("sessionId : {} , appId {}" , sessionId , app.getId()); HistoryLoginApps historyLoginApps = new HistoryLoginApps(); historyLoginApps.setAppId(app.getId());