#I844NY 消除Session与Authentication来回嵌套

2025-12-07 01:18:27 +08:00 · 2023-09-26 14:17:45 +08:00 · 2023-09-26 14:17:45 +08:00 · ef4bfb86f0
commit ef4bfb86f0
parent b111a52ccc
16 changed files with 28 additions and 28 deletions
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java
@ -32,7 +32,7 @@ public class SignPrincipal implements  UserDetails {
    
    UserDetails userDetails;
    
-    Session session;
+    String sessionId;
    ArrayList<GrantedAuthority> grantedAuthority;
    ArrayList<GrantedAuthority> grantedAuthorityApps;
    boolean authenticated;
@ -71,7 +71,7 @@ public class SignPrincipal implements  UserDetails {
        this.accountNonLocked  = true;
        this.credentialsNonExpired =true;
        this.enabled = true;
-        this.session = session;
+        this.sessionId = session.getId();
        this.userInfo.setSessionId(session.getId());
    }
    
@ -120,13 +120,6 @@ public class SignPrincipal implements  UserDetails {
        this.grantedAuthority = grantedAuthority;
    }

-    public Session getSession() {
-        return session;
-    }
-
-    public void setSession(Session session) {
-        this.session = session;
-    }

    public boolean isRoleAdministrators() {
        return roleAdministrators;
@ -152,6 +145,15 @@ public class SignPrincipal implements  UserDetails {
        return this.credentialsNonExpired;
    }

+    
+    public String getSessionId() {
+		return sessionId;
+	}
+
+	public void setSessionId(String sessionId) {
+		this.sessionId = sessionId;
+	}
+
 	@Override
    public boolean isEnabled() {
        return this.enabled;
@ -192,8 +194,6 @@ public class SignPrincipal implements  UserDetails {
 		builder.append(userInfo);
 		builder.append(", userDetails=");
 		builder.append(userDetails);
-		builder.append(", session=");
-		builder.append(session);
 		builder.append(", grantedAuthority=");
 		builder.append(grantedAuthority);
 		builder.append(", grantedAuthorityApps=");
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java
@ -89,7 +89,7 @@ public class AuthJwt implements Serializable {
 		this.expiresIn = expiresIn;
 		this.refreshToken = refreshToken;
 		
-		this.ticket = principal.getSession().getId();
+		this.ticket = principal.getSessionId();
 		this.id = principal.getUserInfo().getId();
 		this.username = principal.getUserInfo().getUsername();
 		this.name = this.username;
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java
@ -56,7 +56,7 @@ public class AuthJwtService {
 		 JWTClaimsSet jwtClaims =new  JWTClaimsSet.Builder()
 				.issuer(issuer)
 				.subject(subject)
-				.jwtID(principal.getSession().getId())
+				.jwtID(principal.getSessionId())
 				.issueTime(currentDateTime.toDate())
 				.expirationTime(expirationTime)
 				.claim("locale", userInfo.getLocale())
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java
@ -65,7 +65,7 @@ public class HttpSessionListenerAdapter implements HttpSessionListener {
        			session.getId(), 
        			signPrincipal.getUserInfo().getId(),
        			signPrincipal.getUserInfo().getUsername(),
-        			signPrincipal.getSession().getId());
+        			signPrincipal.getSessionId());
        	}else if(principal instanceof User) {
        		User user = (User)principal;
        		_logger.trace("{} HttpSession Id  {} for username {} password {} Destroyed" ,
--- a/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java
+++ b/maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java
@ -35,7 +35,7 @@ public class ProductEnvironment {
            String key = it.next();
            logger.trace("{}   =   {}" , key , map.get(key));
        }
-        logger.debug("APP_HOME" + "   =   {}" , PathUtils.getInstance().getAppPath());
+        logger.info("APP_HOME" + "   =   {}" , PathUtils.getInstance().getAppPath());

        Processor processor = ArchUtils.getProcessor();
        if (Objects.isNull(processor)){
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java
@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
        logoutParameters.put("principal", authentication.getName());
        logoutParameters.put("request",  "logoutRequest");
        logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
-        logoutParameters.put("ticket",  ((SignPrincipal)authentication.getPrincipal()).getSession().getFormattedId());
+        logoutParameters.put("ticket",  ((SignPrincipal)authentication.getPrincipal()).getSessionId());
        postMessage(logoutApp.getLogoutUrl(),logoutParameters);
        
    }
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
@ -155,7 +155,7 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		
 		if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
 			_logger.debug("CAS LogoutType BACK_CHANNEL ... ");
-			String sessionId = AuthorizationUtils.getPrincipal().getSession().getId();
+			String sessionId = AuthorizationUtils.getPrincipal().getSessionId();
 			_logger.trace("get session by id {} . ",sessionId);
 		    Session session  = sessionManager.get(sessionId);
 		    _logger.trace("current session {}  ",session);
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java
@ -76,7 +76,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
 		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
-		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId());
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId());
 	
 		return serviceResponseBuilder;
 	}
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java
@ -61,7 +61,7 @@ public class CasPlainAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",userInfo.getWorkRegion());
 		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
-		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId());
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId());
 	
 		return serviceResponseBuilder;
 	}
--- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java
@ -82,7 +82,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter {
 				.claim("user_id", userInfo.getId())
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
-				.claim(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId())
+				.claim(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId())
 				.claim("kid", jwtDetails.getId()+ "_sig")
 				.claim("institution", userInfo.getInstId())
 				.build();
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
@ -50,7 +50,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 		SignPrincipal principal = new SignPrincipal(userInfo);
 		Session onlineTicket = new Session(onlineTickitId);
 		//set OnlineTicket
-		principal.setSession(onlineTicket);
+		principal.setSessionId(onlineTicket.getId());
        
        ArrayList<GrantedAuthority> grantedAuthoritys = loginRepository.grantAuthority(userInfo);
        principal.setAuthenticated(true);
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
@ -66,7 +66,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		beanMap.put("state", userInfo.getWorkRegion());
 		beanMap.put("gender", userInfo.getGender());
 		beanMap.put("institution", userInfo.getInstId());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId());
 		
 		String info= JsonUtils.toString(beanMap);
 		
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint {
 			 String userJson = "";
 			 Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
 			 
-			 SignPrincipal authentication = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
+			 SignPrincipal oauthPrincipal = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
 			 
 			 String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject());
 			 _logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" , 
@ -134,7 +134,7 @@ public class UserInfoOIDCEndpoint {
 			 
 			 jwtClaimsSetBuilder.claim("sub", subject);
 			 jwtClaimsSetBuilder.claim("institution", userInfo.getInstId());
-			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getSession().getFormattedId());
+			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, oauthPrincipal.getSessionId());
 			 
 		 	if(scopes.contains("profile")){
 		 		jwtClaimsSetBuilder.claim("userId", userInfo.getId());
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java
@ -79,7 +79,7 @@ public class AssertionEndpoint {
 		logger.debug("AuthnRequestInfo: {}", authnRequestInfo);
 		HashMap <String,String>attributeMap=new HashMap<String,String>();
 		attributeMap.put(WebConstants.ONLINE_TICKET_NAME, 
-		        AuthorizationUtils.getPrincipal().getSession().getFormattedId());
+		        AuthorizationUtils.getPrincipal().getSessionId());
 		
 		//saml20Details
 		Response authResponse = authnResponseGenerator.generateAuthnResponse(
--- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java
@ -73,7 +73,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
 		}
 		
 		beanMap.put("displayName", userInfo.getDisplayName());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId());
 		
 		/*
 		 * use UTC date time format
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java
@ -63,7 +63,7 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
        SignPrincipal principal = AuthorizationUtils.getPrincipal();
        if(principal != null && app !=null) {
        	final UserInfo userInfo = principal.getUserInfo();
-        	String sessionId = principal.getSession().getId();
+        	String sessionId = principal.getSessionId();
        	 logger.debug("sessionId : {} , appId {}" , sessionId , app.getId());
             HistoryLoginApps historyLoginApps = new HistoryLoginApps();
             historyLoginApps.setAppId(app.getId());