diff --git a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java index d1bcf974..a60b8e4d 100644 --- a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java +++ b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderCredential.java @@ -13,37 +13,35 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.maxkey.util; public class AuthorizationHeaderCredential { - - public static class Credential{ - - public static final String BASIC = "Basic "; - - public static final String BEARER = "Bearer "; + + public static class Credential { + + public static final String BASIC = "Basic "; + + public static final String BEARER = "Bearer "; } - + String credentialType = Credential.BASIC; String username; String credential; String authorization; - + public AuthorizationHeaderCredential(String bearer) { super(); this.credential = bearer; this.credentialType = Credential.BEARER; } - - + public AuthorizationHeaderCredential(String username, String credential) { super(); this.username = username; this.credential = credential; } - + public String getCredentialType() { return credentialType; } @@ -63,24 +61,27 @@ public class AuthorizationHeaderCredential { public String getCredential() { return credential; } + public void setCredential(String credential) { this.credential = credential; } public String transform() { - if(credentialType.equalsIgnoreCase(Credential.BASIC)) { + if (credentialType.equalsIgnoreCase(Credential.BASIC)) { return AuthorizationHeaderUtils.createBasic(username, credential); - }else { + } else { return AuthorizationHeaderUtils.createBearer(credential); } } - - - + + public boolean isBasic() { + return credentialType.equals(Credential.BASIC) ? true : false; + } + @Override public String toString() { return "AuthorizationHeaderCredential [credentialType=" + credentialType + ", username=" + username + ", credential=" + credential + "]"; } - + } diff --git a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java index 1fcf0d75..a2510a87 100644 --- a/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java +++ b/maxkey-common/src/main/java/org/maxkey/util/AuthorizationHeaderUtils.java @@ -17,8 +17,6 @@ package org.maxkey.util; -import java.util.HashMap; - import javax.servlet.http.HttpServletRequest; import org.maxkey.crypto.Base64Utils; @@ -43,6 +41,15 @@ public class AuthorizationHeaderUtils { String encodedAuthUserPass = Base64Utils.encode(authUserPass); return AuthorizationHeaderCredential.Credential.BASIC + encodedAuthUserPass; } + + public static String createBearer(String bearer) { + return AuthorizationHeaderCredential.Credential.BEARER + bearer; + } + + public static AuthorizationHeaderCredential resolve(HttpServletRequest request) { + String authorization = resolveBearer(request); + return resolve(authorization); + } public static AuthorizationHeaderCredential resolve(String authorization) { if (StringUtils.isNotBlank(authorization) && isBasic(authorization)) { @@ -54,34 +61,6 @@ public class AuthorizationHeaderUtils { } } - public static boolean isBasic(String basic) { - if (basic.startsWith(AuthorizationHeaderCredential.Credential.BASIC)) { - return true; - } else { - return false; - } - } - - public static String createBearer(String bearer) { - return AuthorizationHeaderCredential.Credential.BEARER + bearer; - } - - public static String resolveBearer(String bearer) { - if (StringUtils.isNotBlank(bearer) && isBearer(bearer)) { - return bearer.split(" ")[1]; - } else { - return bearer; - } - } - - public static boolean isBearer(String bearer) { - if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) { - return true; - } else { - return false; - } - } - public static String resolveBearer(HttpServletRequest request) { String authorization = StringUtils.isNotBlank(request.getHeader(HEADER_Authorization)) ? @@ -92,10 +71,30 @@ public class AuthorizationHeaderUtils { return null; } - public static HashMap authorization(String authorization) { - HashMap authorizationMap = new HashMap(); - authorizationMap.put(HEADER_Authorization, authorization); - return authorizationMap; + public static boolean isBasic(String basic) { + if (basic.startsWith(AuthorizationHeaderCredential.Credential.BASIC)) { + return true; + } else { + return false; + } } + + static String resolveBearer(String bearer) { + if (StringUtils.isNotBlank(bearer) && isBearer(bearer)) { + return bearer.split(" ")[1]; + } else { + return bearer; + } + } + + static boolean isBearer(String bearer) { + if (bearer.toLowerCase().startsWith(AuthorizationHeaderCredential.Credential.BEARER.toLowerCase())) { + return true; + } else { + return false; + } + } + + } diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java index 7fb45650..0dab68d6 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/interceptor/Oauth20ApiPermissionAdapter.java @@ -58,9 +58,8 @@ public class Oauth20ApiPermissionAdapter implements AsyncHandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { _logger.trace("Oauth20ApiPermissionAdapter preHandle"); - String authorization = request.getHeader(AuthorizationHeaderUtils.HEADER_Authorization); + String accessToken = AuthorizationHeaderUtils.resolveBearer(request); - String accessToken = AuthorizationHeaderUtils.resolveBearer(authorization); OAuth2Authentication authentication = oauth20TokenServices.loadAuthentication(accessToken); //判断应用的accessToken信息