LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v3.0.0

Browse Source
This commit is contained in:
Crystal.Sea
2021-09-24 14:37:15 +08:00
parent 5f4c44ec59
commit 2fdd018239
114 changed files with 451 additions and 812 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/exceptions/OAuth2ExceptionJackson2Serializer.java
View File

@@ -26,6 +26,11 @@ import com.fasterxml.jackson.databind.ser.std.StdSerializer;
*/
public class OAuth2ExceptionJackson2Serializer extends StdSerializer<OAuth2Exception> {
/**
*
*/
private static final long serialVersionUID = -767680428859994107L;
public OAuth2ExceptionJackson2Serializer() {
super(OAuth2Exception.class);
}

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/jwt/JwtHelper.java
View File

@@ -113,7 +113,7 @@ class JwtHeaderHelper {
static HeaderParameters parseParams(byte[] header) {
JsonParser jp = null;
try {
jp = f.createJsonParser(header);
jp = f.createParser(header);
String alg = null, enc = null, iv = null;
jp.nextToken();
while (jp.nextToken() != JsonToken.END_OBJECT) {
@@ -163,7 +163,7 @@ class JwtHeaderHelper {
JsonGenerator g = null;
try {
g = f.createJsonGenerator(baos);
g = f.createGenerator(baos);
g.writeStartObject();
g.writeStringField("alg", params.alg);
if (params.enc != null) {

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/jwt/codec/Base64Codec.java
View File

@@ -649,6 +649,11 @@ final class Base64Codec {
class InvalidBase64CharacterException extends IllegalArgumentException {
/**
*
*/
private static final long serialVersionUID = -616861303718228577L;
InvalidBase64CharacterException(String message) {
super(message);
}

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/jwt/crypto/sign/InvalidSignatureException.java
View File

@@ -16,6 +16,11 @@ package org.maxkey.authz.oauth2.jwt.crypto.sign;
* @author Luke Taylor
*/
public class InvalidSignatureException extends RuntimeException {
/**
*
*/
private static final long serialVersionUID = 7078872206905207270L;
public InvalidSignatureException(String message) {
super(message);
}

2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java
View File

@@ -20,10 +20,8 @@ import org.maxkey.authn.online.OnlineTicket;
import org.maxkey.entity.UserInfo;
import org.maxkey.persistence.db.LoginService;
import org.maxkey.web.WebConstants;
import org.maxkey.web.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;

9
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/Approval.java
View File

@@ -23,6 +23,7 @@ import org.maxkey.authz.oauth2.common.util.JsonDateDeserializer;
import org.maxkey.authz.oauth2.common.util.JsonDateSerializer;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
@@ -31,7 +32,7 @@ import com.fasterxml.jackson.databind.annotation.JsonSerialize;
* @author Vidya Val
*
*/
@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
@JsonInclude(JsonInclude.Include.NON_NULL)
public class Approval {
private String userId;
@@ -97,7 +98,8 @@ public class Approval {
this.scope = scope == null ? "" : scope;
}
@JsonSerialize(using = JsonDateSerializer.class, include = JsonSerialize.Inclusion.NON_NULL)
@JsonSerialize(using = JsonDateSerializer.class)
@JsonInclude(JsonInclude.Include.NON_NULL)
public Date getExpiresAt() {
return expiresAt;
}
@@ -112,7 +114,8 @@ public class Approval {
this.expiresAt = expiresAt;
}
@JsonSerialize(using = JsonDateSerializer.class, include = JsonSerialize.Inclusion.NON_NULL)
@JsonSerialize(using = JsonDateSerializer.class)
@JsonInclude(JsonInclude.Include.NON_NULL)
public Date getLastUpdatedAt() {
return lastUpdatedAt;
}

2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/JdbcApprovalStore.java
View File

@@ -83,7 +83,7 @@ public class JdbcApprovalStore implements ApprovalStore {
private boolean handleRevocationsAsExpiry = false;
public JdbcApprovalStore(DataSource dataSource) {
Assert.notNull(dataSource);
Assert.notNull(dataSource,"DataSource must not null");
this.jdbcTemplate = new JdbcTemplate(dataSource);
}

3
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/code/RandomValueAuthorizationCodeServices.java
View File

@@ -20,7 +20,6 @@ package org.maxkey.authz.oauth2.provider.code;
import java.util.UUID;
import org.maxkey.authz.oauth2.common.exceptions.InvalidGrantException;
import org.maxkey.authz.oauth2.common.util.RandomValueStringGenerator;
import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
/**
@@ -32,7 +31,7 @@ import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
public abstract class RandomValueAuthorizationCodeServices implements AuthorizationCodeServices {
//default Random code Generator
private RandomValueStringGenerator generator = new RandomValueStringGenerator();
//private RandomValueStringGenerator generator = new RandomValueStringGenerator();
protected abstract void store(String code, OAuth2Authentication authentication);

3
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java
View File

@@ -36,14 +36,11 @@ import org.apache.commons.logging.LogFactory;
import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
import org.maxkey.authz.oauth2.common.OAuth2Constants;
import org.maxkey.authz.oauth2.common.exceptions.InvalidTokenException;
import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
import org.maxkey.authz.oauth2.provider.token.AccessTokenConverter;
import org.maxkey.authz.oauth2.provider.token.DefaultAccessTokenConverter;
import org.maxkey.authz.oauth2.provider.token.ResourceServerTokenServices;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

4
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/RemoteTokenServices.java
View File

@@ -31,6 +31,7 @@ package org.maxkey.authz.oauth2.provider.token;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Base64;
import java.util.Map;
import org.apache.commons.logging.Log;
@@ -44,7 +45,6 @@ import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.util.Assert;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
@@ -134,7 +134,7 @@ public class RemoteTokenServices implements ResourceServerTokenServices {
private String getAuthorizationHeader(String clientId, String clientSecret) {
String creds = String.format("%s:%s", clientId, clientSecret);
try {
return "Basic " + new String(Base64.encode(creds.getBytes("UTF-8")));
return "Basic " + new String(Base64.getEncoder().encodeToString(creds.getBytes("UTF-8")));
}
catch (UnsupportedEncodingException e) {
throw new IllegalStateException("Could not convert String");

6
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/store/JwtAccessTokenConverter.java
View File

@@ -33,6 +33,7 @@ import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Base64;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.Map;
@@ -62,7 +63,6 @@ import org.maxkey.authz.oauth2.provider.token.AccessTokenConverter;
import org.maxkey.authz.oauth2.provider.token.DefaultAccessTokenConverter;
import org.maxkey.authz.oauth2.provider.token.TokenEnhancer;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.util.Assert;
/**
@@ -144,7 +144,7 @@ public class JwtAccessTokenConverter implements TokenEnhancer, AccessTokenConver
signer = new RsaSigner((RSAPrivateKey) privateKey);
RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
verifier = new RsaVerifier(publicKey);
verifierKey = "-----BEGIN PUBLIC KEY-----\n" + new String(Base64.encode(publicKey.getEncoded()))
verifierKey = "-----BEGIN PUBLIC KEY-----\n" + new String(Base64.getMimeEncoder().encodeToString(publicKey.getEncoded()))
+ "\n-----END PUBLIC KEY-----";
}
@@ -155,7 +155,7 @@ public class JwtAccessTokenConverter implements TokenEnhancer, AccessTokenConver
* @param key the key to be used for signing JWTs.
*/
public void setSigningKey(String key) {
Assert.hasText(key);
Assert.hasText(key,"key must not be empty");
key = key.trim();
this.signingKey = key;

27
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/store/RedisTokenStore.java
View File

@@ -43,20 +43,22 @@ import java.util.Date;
public class RedisTokenStore implements TokenStore {
static final Logger _logger = LoggerFactory.getLogger(RedisTokenStore.class);
private static final String ACCESS = "REDIS_OAUTH_V20_ACCESS_";
private static final String AUTH_TO_ACCESS = "REDIS_OAUTH_V20_AUTH_TO_ACCESS_";
private static final String AUTH = "REDIS_OAUTH_V20_AUTH_";
private static final String REFRESH_AUTH = "REDIS_OAUTH_V20_REFRESH_AUTH_";
private static final String ACCESS_TO_REFRESH = "REDIS_OAUTH_V20_ACCESS_TO_REFRESH_";
private static final String REFRESH = "REDIS_OAUTH_V20_REFRESH_";
private static final String REFRESH_TO_ACCESS = "REDIS_OAUTH_V20_REFRESH_TO_ACCESS_";
private static final String CLIENT_ID_TO_ACCESS = "REDIS_OAUTH_V20_CLIENT_ID_TO_ACCESS_";
private static final String UNAME_TO_ACCESS = "REDIS_OAUTH_V20_UNAME_TO_ACCESS_";
private static final String PREFIX = "REDIS_OAUTH_V20_";
private static final String ACCESS = PREFIX + "ACCESS_";
private static final String AUTH_TO_ACCESS = PREFIX + "AUTH_TO_ACCESS_";
private static final String AUTH = PREFIX + "AUTH_";
private static final String REFRESH_AUTH = PREFIX + "REFRESH_AUTH_";
private static final String ACCESS_TO_REFRESH = PREFIX + "ACCESS_TO_REFRESH_";
private static final String REFRESH = PREFIX + "REFRESH_";
private static final String REFRESH_TO_ACCESS = PREFIX + "REFRESH_TO_ACCESS_";
private static final String CLIENT_ID_TO_ACCESS = PREFIX + "CLIENT_ID_TO_ACCESS_";
private static final String UNAME_TO_ACCESS = PREFIX + "UNAME_TO_ACCESS_";
private final RedisConnectionFactory connectionFactory;
private AuthenticationKeyGenerator authenticationKeyGenerator = new DefaultAuthenticationKeyGenerator();
private String prefix = "";
public RedisTokenStore(RedisConnectionFactory connectionFactory) {
this.connectionFactory = connectionFactory;
@@ -66,11 +68,6 @@ public class RedisTokenStore implements TokenStore {
this.authenticationKeyGenerator = authenticationKeyGenerator;
}
public void setPrefix(String prefix) {
this.prefix = prefix;
}
private RedisConnection getConnection() {
return connectionFactory.getConnection();
}

3
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java
View File

@@ -47,6 +47,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.common.base.Strings;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
@@ -164,7 +165,7 @@ public class OIDCIdTokenEnhancer implements TokenEnhancer {
logger.error("Couldn't create Jwt Encryption Service");
}
} else {
if (signingAlg==null||signingAlg.equals("none")) {
if (signingAlg==null||signingAlg.equals(Algorithm.NONE)) {
// unsigned ID token
idToken = new PlainJWT(builder.build());
} else {

2
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java
View File

@@ -150,7 +150,7 @@ public class Oauth20AutoConfiguration implements InitializingBean {
throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
DefaultJwtEncryptionAndDecryptionService jwtEncryptionService =
new DefaultJwtEncryptionAndDecryptionService(jwtSetKeyStore);
jwtEncryptionService.setDefaultAlgorithm(JWEAlgorithm.RSA1_5);//RSA1_5
jwtEncryptionService.setDefaultAlgorithm(JWEAlgorithm.RSA_OAEP_256);//RSA1_5
jwtEncryptionService.setDefaultDecryptionKeyId("maxkey_rsa");
jwtEncryptionService.setDefaultEncryptionKeyId("maxkey_rsa");
return jwtEncryptionService;

3
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/resources/META-INF/MANIFEST.MF
View File

@@ -1,3 +0,0 @@
Manifest-Version: 1.0
Class-Path: