配置文件优化,参数整合及日志优化
This commit is contained in:
Crystal.Sea
@@ -22,7 +22,6 @@ import java.io.IOException;
|
||||
import java.io.InputStreamReader;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Properties;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
|
||||
@@ -38,7 +37,7 @@ import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
|
||||
import org.maxkey.configuration.EmailConfig;
|
||||
import org.maxkey.constants.ConstantsPersistence;
|
||||
import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
|
||||
import org.maxkey.password.onetimepwd.algorithm.KeyUriFormat;
|
||||
import org.maxkey.password.onetimepwd.algorithm.OtpKeyUriFormat;
|
||||
import org.maxkey.password.onetimepwd.impl.MailOtpAuthn;
|
||||
import org.maxkey.password.onetimepwd.impl.SmsOtpAuthn;
|
||||
import org.maxkey.password.onetimepwd.impl.TimeBasedOtpAuthn;
|
||||
@@ -60,6 +59,7 @@ import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.env.StandardEnvironment;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
@@ -87,27 +87,22 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
|
||||
|
||||
|
||||
@Bean(name = "keyUriFormat")
|
||||
public KeyUriFormat keyUriFormat(
|
||||
@Value("${maxkey.otp.keyuri.format.type:totp}")
|
||||
String keyuriFormatType,
|
||||
@Value("${maxkey.otp.keyuri.format.domain:MaxKey.top}")
|
||||
String keyuriFormatDomain,
|
||||
@Value("${maxkey.otp.keyuri.format.issuer:MaxKey}")
|
||||
String keyuriFormatIssuer,
|
||||
@Value("${maxkey.otp.keyuri.format.digits:6}")
|
||||
int keyuriFormatDigits,
|
||||
@Value("${maxkey.otp.keyuri.format.period:30}")
|
||||
int keyuriFormatPeriod) {
|
||||
@Bean(name = "otpKeyUriFormat")
|
||||
public OtpKeyUriFormat otpKeyUriFormat(
|
||||
@Value("${maxkey.otp.policy.type:totp}")
|
||||
String type,
|
||||
@Value("${maxkey.otp.policy.domain:MaxKey.top}")
|
||||
String domain,
|
||||
@Value("${maxkey.otp.policy.issuer:MaxKey}")
|
||||
String issuer,
|
||||
@Value("${maxkey.otp.policy.digits:6}")
|
||||
int digits,
|
||||
@Value("${maxkey.otp.policy.period:30}")
|
||||
int period) {
|
||||
|
||||
KeyUriFormat keyUriFormat=new KeyUriFormat();
|
||||
keyUriFormat.setType(keyuriFormatType);
|
||||
keyUriFormat.setDomain(keyuriFormatDomain);
|
||||
keyUriFormat.setIssuer(keyuriFormatIssuer);
|
||||
keyUriFormat.setDigits(keyuriFormatDigits);
|
||||
keyUriFormat.setPeriod(keyuriFormatPeriod);
|
||||
_logger.debug("KeyUri Format " + keyUriFormat);
|
||||
return keyUriFormat;
|
||||
OtpKeyUriFormat otpKeyUriFormat=new OtpKeyUriFormat(type,issuer,domain,digits,period);
|
||||
_logger.debug("OTP KeyUri Format " + otpKeyUriFormat);
|
||||
return otpKeyUriFormat;
|
||||
}
|
||||
|
||||
public AbstractAuthenticationRealm ldapAuthenticationRealm(
|
||||
@@ -194,18 +189,26 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
}
|
||||
|
||||
@Bean(name = "timeBasedOtpAuthn")
|
||||
public TimeBasedOtpAuthn timeBasedOtpAuthn() {
|
||||
TimeBasedOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||
public TimeBasedOtpAuthn timeBasedOtpAuthn(
|
||||
@Value("${maxkey.otp.policy.digits:6}")
|
||||
int digits,
|
||||
@Value("${maxkey.otp.policy.period:30}")
|
||||
int period) {
|
||||
TimeBasedOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn(digits , period);
|
||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||
return tfaOtpAuthn;
|
||||
}
|
||||
|
||||
@Bean(name = "tfaOtpAuthn")
|
||||
public AbstractOtpAuthn tfaOptAuthn(
|
||||
@Value("${maxkey.login.mfa.type}")String mfaType,
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
RedisConnectionFactory redisConnFactory) {
|
||||
AbstractOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||
@Value("${maxkey.login.mfa.type}")String mfaType,
|
||||
@Value("${maxkey.otp.policy.digits:6}")
|
||||
int digits,
|
||||
@Value("${maxkey.otp.policy.period:30}")
|
||||
int period,
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
RedisConnectionFactory redisConnFactory) {
|
||||
AbstractOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn(digits , period);
|
||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||
|
||||
if (persistence == ConstantsPersistence.REDIS) {
|
||||
@@ -251,14 +254,14 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
|
||||
@Bean(name = "smsOtpAuthn")
|
||||
public SmsOtpAuthn smsOtpAuthn(
|
||||
@Value("${maxkey.otp.sms}")String optSmsProvider,
|
||||
@Value("${maxkey.otp.sms.provider}")String provider,
|
||||
@Value("${maxkey.server.persistence}") int persistence,
|
||||
Properties applicationProperty,
|
||||
StandardEnvironment environment,
|
||||
RedisConnectionFactory redisConnFactory) {
|
||||
SmsOtpAuthn smsOtpAuthn = null;
|
||||
if(optSmsProvider.equalsIgnoreCase("SmsOtpAuthnAliyun")) {
|
||||
if(provider.equalsIgnoreCase("aliyun")) {
|
||||
smsOtpAuthn = new SmsOtpAuthnAliyun();
|
||||
}else if(optSmsProvider.equalsIgnoreCase("SmsOtpAuthnTencentCloud")) {
|
||||
}else if(provider.equalsIgnoreCase("tencentcloud")) {
|
||||
smsOtpAuthn = new SmsOtpAuthnTencentCloud();
|
||||
}else {
|
||||
smsOtpAuthn = new SmsOtpAuthnYunxin();
|
||||
@@ -267,10 +270,11 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
|
||||
smsOtpAuthn.setOptTokenStore(redisOptTokenStore);
|
||||
}
|
||||
smsOtpAuthn.setProperties(applicationProperty);
|
||||
|
||||
smsOtpAuthn.setProperties(environment);
|
||||
smsOtpAuthn.initPropertys();
|
||||
|
||||
_logger.debug("SmsOtpAuthn inited.");
|
||||
_logger.debug("SmsOtpAuthn {} inited." ,smsOtpAuthn.getClass().getCanonicalName());
|
||||
return smsOtpAuthn;
|
||||
}
|
||||
|
||||
|
||||
@@ -23,7 +23,7 @@ import org.apache.commons.codec.binary.Hex;
|
||||
import org.maxkey.crypto.Base32Utils;
|
||||
import org.maxkey.crypto.password.PasswordReciprocal;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.password.onetimepwd.algorithm.KeyUriFormat;
|
||||
import org.maxkey.password.onetimepwd.algorithm.OtpKeyUriFormat;
|
||||
import org.maxkey.password.onetimepwd.algorithm.OtpSecret;
|
||||
import org.maxkey.persistence.service.UserInfoService;
|
||||
import org.maxkey.util.RQCodeUtils;
|
||||
@@ -53,8 +53,8 @@ public class OneTimePasswordController {
|
||||
private UserInfoService userInfoService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("keyUriFormat")
|
||||
KeyUriFormat keyUriFormat;
|
||||
@Qualifier("otpKeyUriFormat")
|
||||
OtpKeyUriFormat otpKeyUriFormat;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("passwordReciprocal")
|
||||
@@ -65,13 +65,13 @@ public class OneTimePasswordController {
|
||||
ModelAndView modelAndView = new ModelAndView("safe/timeBased");
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
String sharedSecret = passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
String otpauth = keyUriFormat.format(userInfo.getUsername());
|
||||
otpKeyUriFormat.setSecret(sharedSecret);
|
||||
String otpauth = otpKeyUriFormat.format(userInfo.getUsername());
|
||||
byte[] byteSharedSecret = Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret = Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRqCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("format", otpKeyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -80,7 +80,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value = {"gen/timebased"})
|
||||
public ModelAndView gentimebased() {
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret = OtpSecret.generate(keyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto());
|
||||
String sharedSecret = Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret = passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
@@ -95,15 +95,15 @@ public class OneTimePasswordController {
|
||||
ModelAndView modelAndView = new ModelAndView("safe/counterBased");
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
String sharedSecret = passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth = keyUriFormat.format(userInfo.getUsername());
|
||||
otpKeyUriFormat.setSecret(sharedSecret);
|
||||
otpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth = otpKeyUriFormat.format(userInfo.getUsername());
|
||||
|
||||
byte[] byteSharedSecret = Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret = Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRqCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("format", otpKeyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -113,7 +113,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value = {"gen/counterbased"})
|
||||
public ModelAndView gencounterbased() {
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret = OtpSecret.generate(keyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto());
|
||||
String sharedSecret = Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret = passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
@@ -128,14 +128,14 @@ public class OneTimePasswordController {
|
||||
ModelAndView modelAndView = new ModelAndView("safe/hotp");
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
String sharedSecret = passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth = keyUriFormat.format(userInfo.getUsername());
|
||||
otpKeyUriFormat.setSecret(sharedSecret);
|
||||
otpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth = otpKeyUriFormat.format(userInfo.getUsername());
|
||||
byte[] byteSharedSecret = Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret = Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRqCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("format", otpKeyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -145,7 +145,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value = {"gen/hotp"})
|
||||
public ModelAndView genhotp() {
|
||||
UserInfo userInfo = WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret = OtpSecret.generate(keyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto());
|
||||
String sharedSecret = Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret = passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
|
||||
@@ -176,10 +176,10 @@ spring.kafka.producer.value-serializer =org.apache.kafka.common.seriali
|
||||
|
||||
############################################################################
|
||||
#SMS Message Login configuration #
|
||||
#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud #
|
||||
#aliyun yunxin tencentcloud #
|
||||
############################################################################
|
||||
#default
|
||||
maxkey.otp.sms =${SMS_IMPL:SmsOtpAuthnYunxin}
|
||||
maxkey.otp.sms.provider =${SMS_PROVIDER:yunxin}
|
||||
#aliyun
|
||||
maxkey.otp.sms.aliyun.accesskeyid =${SMS_ALIYUN_ACCESSKEYID:94395d754eb55693043f5d6a2b772ef4}
|
||||
maxkey.otp.sms.aliyun.accesssecret =${SMS_ALIYUN_ACCESSSECRET:05d5485357bc}
|
||||
@@ -199,11 +199,11 @@ maxkey.otp.sms.tencentcloud.sign =${SMS_TENCENTCLOUD_SIGN:1486009
|
||||
############################################################################
|
||||
#Time-based One-Time Password configuration #
|
||||
############################################################################
|
||||
maxkey.otp.keyuri.format.type =totp
|
||||
maxkey.otp.keyuri.format.digits =6
|
||||
maxkey.otp.keyuri.format.issuer =${OTP_KEYURI_ISSUER:MaxKey}
|
||||
maxkey.otp.keyuri.format.domain =${maxkey.server.domain}
|
||||
maxkey.otp.keyuri.format.period =30
|
||||
maxkey.otp.policy.type =totp
|
||||
maxkey.otp.policy.digits =6
|
||||
maxkey.otp.policy.issuer =${OTP_POLICY_ISSUER:MaxKey}
|
||||
maxkey.otp.policy.domain =${maxkey.server.domain}
|
||||
maxkey.otp.policy.period =30
|
||||
|
||||
############################################################################
|
||||
#LDAP Login support configuration #
|
||||
|
||||
@@ -178,10 +178,10 @@ spring.kafka.producer.value-serializer =org.apache.kafka.common.seriali
|
||||
|
||||
############################################################################
|
||||
#SMS Message Login configuration #
|
||||
#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud #
|
||||
#aliyun yunxin tencentcloud #
|
||||
############################################################################
|
||||
#default
|
||||
maxkey.otp.sms =${SMS_IMPL:SmsOtpAuthnYunxin}
|
||||
maxkey.otp.sms.provider =${SMS_PROVIDER:yunxin}
|
||||
#aliyun
|
||||
maxkey.otp.sms.aliyun.accesskeyid =${SMS_ALIYUN_ACCESSKEYID:94395d754eb55693043f5d6a2b772ef4}
|
||||
maxkey.otp.sms.aliyun.accesssecret =${SMS_ALIYUN_ACCESSSECRET:05d5485357bc}
|
||||
@@ -201,11 +201,11 @@ maxkey.otp.sms.tencentcloud.sign =${SMS_TENCENTCLOUD_SIGN:1486009
|
||||
############################################################################
|
||||
#Time-based One-Time Password configuration #
|
||||
############################################################################
|
||||
maxkey.otp.keyuri.format.type =totp
|
||||
maxkey.otp.keyuri.format.digits =6
|
||||
maxkey.otp.keyuri.format.issuer =${OTP_KEYURI_ISSUER:MaxKey}
|
||||
maxkey.otp.keyuri.format.domain =${maxkey.server.domain}
|
||||
maxkey.otp.keyuri.format.period =30
|
||||
maxkey.otp.policy.type =totp
|
||||
maxkey.otp.policy.digits =6
|
||||
maxkey.otp.policy.issuer =${OTP_POLICY_ISSUER:MaxKey}
|
||||
maxkey.otp.policy.domain =${maxkey.server.domain}
|
||||
maxkey.otp.policy.period =30
|
||||
|
||||
############################################################################
|
||||
#LDAP Login support configuration #
|
||||
|
||||
@@ -24,6 +24,8 @@
|
||||
<Logger level="INFO" name="org.apache.logging" ></Logger>
|
||||
<Logger level="DEBUG" name="org.maxkey" ></Logger>
|
||||
<Logger level="ERROR" name="org.reflections.Reflections" ></Logger>
|
||||
<Logger level="OFF" name="org.hibernate.validator.internal.util.Version" ></Logger>
|
||||
|
||||
|
||||
<Root level="INFO">
|
||||
<AppenderRef ref="consolePrint" />
|
||||
|
||||
Reference in New Issue
Block a user