diff --git a/maxkey-lib/mybatis-jpa-extra-2.3.jar b/maxkey-lib/mybatis-jpa-extra-2.3.jar index 7d7ec20c..f4c96604 100644 Binary files a/maxkey-lib/mybatis-jpa-extra-2.3.jar and b/maxkey-lib/mybatis-jpa-extra-2.3.jar differ diff --git a/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar b/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar index 6a0b4825..8148d82c 100644 Binary files a/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar and b/maxkey-lib/mybatis-jpa-extra-spring-boot-starter-2.3.jar differ diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java index 57b689fb..b1775766 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java @@ -39,6 +39,12 @@ public class OAuth2Constants { public static final String CODE = "code"; + + + public static final String TOKEN = "token"; + + public static final String TOKEN_TYPE = "token_type"; + public static final String EXPIRES_IN = "expires_in"; /** @@ -65,8 +71,16 @@ public class OAuth2Constants { * Constant to use while parsing and formatting parameter maps for OAuth2 requests */ public static final String GRANT_TYPE = "grant_type"; + public static final String GRANT_TYPE_CODE = "code"; + public static final String GRANT_TYPE_PASSWORD = "password"; + public static final String GRANT_TYPE_IMPLICIT = "implicit"; + public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code"; + public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials"; + public static final String ACCESS_TOKEN = "access_token"; + + public static final String APPROVAL_PROMPT = "approval_prompt"; } public static class ENDPOINT{ diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java similarity index 90% rename from maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java rename to maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java index 82504df0..3fcac79d 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20AccessConfirmationController.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java @@ -15,13 +15,11 @@ */ -package org.maxkey.authz.oauth2.provider.approval.controller; +package org.maxkey.authz.oauth2.provider.approval.endpoint; -import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; import org.maxkey.authn.SigninPrincipal; -import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint; import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.common.util.OAuth2Utils; import org.maxkey.authz.oauth2.provider.AuthorizationRequest; @@ -34,6 +32,8 @@ import org.maxkey.authz.oauth2.provider.approval.ApprovalStore; import org.maxkey.persistence.service.AppsService; import org.maxkey.web.WebConstants; import org.maxkey.web.WebContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Controller; @@ -50,8 +50,9 @@ import org.springframework.web.servlet.ModelAndView; */ @Controller @SessionAttributes("authorizationRequest") -public class OAuth20AccessConfirmationController { - +public class OAuth20AccessConfirmationEndpoint { + static final Logger _logger = LoggerFactory.getLogger(OAuth20AccessConfirmationEndpoint.class); + @Autowired @Qualifier("appsService") protected AppsService appsService; @@ -78,10 +79,6 @@ public class OAuth20AccessConfirmationController { public ModelAndView getAccessConfirmation( @RequestParam Map model) throws Exception { model.remove("authorizationRequest"); - Map modelRequest = new HashMap(); - for (Object key : model.keySet()) { - modelRequest.put(key.toString(), model.get(key).toString()); - } // Map model AuthorizationRequest clientAuth = @@ -111,9 +108,18 @@ public class OAuth20AccessConfirmationController { approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false"); } } + model.put("scopes", scopes); + if(!model.containsKey(OAuth2Constants.PARAMETER.APPROVAL_PROMPT)) { + model.put(OAuth2Constants.PARAMETER.APPROVAL_PROMPT, client.getApprovalPrompt()); + } + ModelAndView modelAndView = new ModelAndView("authorize/oauth_access_confirmation"); + _logger.debug("Confirmation details "); + for (Object key : model.keySet()) { + _logger.debug("key " + key +"=" + model.get(key)); + } modelAndView.addObject("model", model); return modelAndView; } diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20UserApprovalHandler.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20UserApprovalHandler.java similarity index 98% rename from maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20UserApprovalHandler.java rename to maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20UserApprovalHandler.java index ac144abf..bd5e272b 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/controller/OAuth20UserApprovalHandler.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20UserApprovalHandler.java @@ -14,7 +14,7 @@ * limitations under the License. */ -package org.maxkey.authz.oauth2.provider.approval.controller; +package org.maxkey.authz.oauth2.provider.approval.endpoint; import java.util.Collection; diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java index bc593ed3..16ba153a 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java @@ -20,10 +20,8 @@ import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; import java.util.Set; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.maxkey.authz.oauth2.common.OAuth2AccessToken; import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException; @@ -62,8 +60,6 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.SessionAttributes; -import org.springframework.web.bind.support.DefaultSessionAttributeStore; -import org.springframework.web.bind.support.SessionAttributeStore; import org.springframework.web.bind.support.SessionStatus; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.View; @@ -71,10 +67,8 @@ import org.springframework.web.servlet.view.RedirectView; import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponentsBuilder; import org.springframework.web.util.UriTemplate; - import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; - import org.maxkey.authz.oauth2.provider.ClientDetailsService; /** @@ -114,8 +108,6 @@ public class AuthorizationEndpoint extends AbstractEndpoint { private UserApprovalHandler userApprovalHandler = new DefaultUserApprovalHandler(); - private SessionAttributeStore sessionAttributeStore = new DefaultSessionAttributeStore(); - private OAuth2RequestValidator oauth2RequestValidator = new DefaultOAuth2RequestValidator(); private String userApprovalPage = "forward:" + OAuth2Constants.ENDPOINT.ENDPOINT_APPROVAL_CONFIRM; @@ -124,9 +116,6 @@ public class AuthorizationEndpoint extends AbstractEndpoint { private Object implicitLock = new Object(); - public void setSessionAttributeStore(SessionAttributeStore sessionAttributeStore) { - this.sessionAttributeStore = sessionAttributeStore; - } public void setErrorPage(String errorPage) { this.errorPage = errorPage; @@ -144,7 +133,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint { Set responseTypes = authorizationRequest.getResponseTypes(); - if (!responseTypes.contains("token") && !responseTypes.contains("code")) { + if (!responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN) && !responseTypes.contains(OAuth2Constants.PARAMETER.CODE)) { throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes); } @@ -188,10 +177,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint { // Validation is all done, so we can check for auto approval... if (authorizationRequest.isApproved()) { - if (responseTypes.contains("token")) { + if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) { return getImplicitGrantResponse(authorizationRequest); } - if (responseTypes.contains("code")) { + if (responseTypes.contains(OAuth2Constants.PARAMETER.CODE)) { return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal)); } @@ -245,11 +234,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint { if (!authorizationRequest.isApproved()) { return new RedirectView(getUnsuccessfulRedirect(authorizationRequest, - new UserDeniedAuthorizationException("User denied access"), responseTypes.contains("token")), + new UserDeniedAuthorizationException("User denied access"), responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)), false, true, false); } - if (responseTypes.contains("token")) { + if (responseTypes.contains(OAuth2Constants.PARAMETER.TOKEN)) { return getImplicitGrantResponse(authorizationRequest).getView(); } @@ -326,26 +315,26 @@ public class AuthorizationEndpoint extends AbstractEndpoint { url.append("#"); } - url.append("access_token={access_token}"); - url.append("&token_type={token_type}"); - vars.put("access_token", accessToken.getValue()); - vars.put("token_type", accessToken.getTokenType()); + url.append(templateUrlVar(OAuth2Constants.PARAMETER.ACCESS_TOKEN)); + url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.TOKEN_TYPE)); + vars.put(OAuth2Constants.PARAMETER.ACCESS_TOKEN, accessToken.getValue()); + vars.put(OAuth2Constants.PARAMETER.TOKEN_TYPE, accessToken.getTokenType()); String state = authorizationRequest.getState(); if (state != null) { - url.append("&state={state}"); - vars.put("state", state); + url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.STATE)); + vars.put(OAuth2Constants.PARAMETER.STATE, state); } Date expiration = accessToken.getExpiration(); if (expiration != null) { long expires_in = (expiration.getTime() - System.currentTimeMillis()) / 1000; - url.append("&expires_in={expires_in}"); - vars.put("expires_in", expires_in); + url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.EXPIRES_IN)); + vars.put(OAuth2Constants.PARAMETER.EXPIRES_IN, expires_in); } String originalScope = authorizationRequest.getRequestParameters().get(OAuth2Utils.SCOPE); if (originalScope == null || !OAuth2Utils.parseParameterList(originalScope).equals(accessToken.getScope())) { - url.append("&" + OAuth2Utils.SCOPE + "={scope}"); - vars.put("scope", OAuth2Utils.formatParameterList(accessToken.getScope())); + url.append("&").append(templateUrlVar(OAuth2Constants.PARAMETER.SCOPE)); + vars.put(OAuth2Constants.PARAMETER.SCOPE, OAuth2Utils.formatParameterList(accessToken.getScope())); } Map additionalInformation = accessToken.getAdditionalInformation(); for (String key : additionalInformation.keySet()) { @@ -359,6 +348,10 @@ public class AuthorizationEndpoint extends AbstractEndpoint { // Do not include the refresh token (even if there is one) return template.expand(vars).toString(); } + + public String templateUrlVar(String parameterName) { + return parameterName + "={" + parameterName + "}"; + } private String generateCode(AuthorizationRequest authorizationRequest, Authentication authentication) throws AuthenticationException { @@ -376,7 +369,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint { catch (OAuth2Exception e) { if (authorizationRequest.getState() != null) { - e.addAdditionalInformation("state", authorizationRequest.getState()); + e.addAdditionalInformation(OAuth2Constants.PARAMETER.STATE, authorizationRequest.getState()); } throw e; @@ -391,11 +384,11 @@ public class AuthorizationEndpoint extends AbstractEndpoint { } Map query = new LinkedHashMap(); - query.put("code", authorizationCode); + query.put(OAuth2Constants.PARAMETER.CODE, authorizationCode); String state = authorizationRequest.getState(); if (state != null) { - query.put("state", state); + query.put(OAuth2Constants.PARAMETER.STATE, state); } //this is for cas @@ -421,7 +414,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint { query.put("error_description", failure.getMessage()); if (authorizationRequest.getState() != null) { - query.put("state", authorizationRequest.getState()); + query.put(OAuth2Constants.PARAMETER.STATE, authorizationRequest.getState()); } if (failure.getAdditionalInformation() != null) { diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java index b352821c..2c56bf10 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java @@ -84,7 +84,7 @@ public class CheckTokenEndpoint { @ApiOperation(value = "OAuth 2.0 token检查接口", notes = "传递参数token",httpMethod="POST") @RequestMapping(value = OAuth2Constants.ENDPOINT.ENDPOINT_CHECK_TOKEN) @ResponseBody - public Map checkToken(@RequestParam("token") String value) { + public Map checkToken(@RequestParam(OAuth2Constants.PARAMETER.TOKEN) String value) { OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value); if (token == null) { diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java index ff761a6a..c5027846 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java @@ -133,7 +133,7 @@ public class TokenEndpoint extends AbstractEndpoint { if (!StringUtils.hasText(tokenRequest.getGrantType())) { throw new InvalidRequestException("Missing grant type"); } - if (tokenRequest.getGrantType().equals("implicit")) { + if (tokenRequest.getGrantType().equals(OAuth2Constants.PARAMETER.GRANT_TYPE_IMPLICIT)) { throw new InvalidGrantException("Implicit grant type not supported from token endpoint"); } @@ -150,7 +150,8 @@ public class TokenEndpoint extends AbstractEndpoint { /**crystal.sea * code must uuid format */ - if (parameters.get("code") != null &&!StringGenerator.uuidMatches(parameters.get("code"))) { + if (parameters.get(OAuth2Constants.PARAMETER.CODE) != null + &&!StringGenerator.uuidMatches(parameters.get(OAuth2Constants.PARAMETER.CODE))) { throw new InvalidRequestException("The code is not valid format ."); } @@ -221,11 +222,11 @@ public class TokenEndpoint extends AbstractEndpoint { } private boolean isRefreshTokenRequest(Map parameters) { - return "refresh_token".equals(parameters.get("grant_type")) && parameters.get("refresh_token") != null; + return "refresh_token".equals(parameters.get(OAuth2Constants.PARAMETER.GRANT_TYPE)) && parameters.get("refresh_token") != null; } private boolean isAuthCodeRequest(Map parameters) { - return "authorization_code".equals(parameters.get("grant_type")) && parameters.get("code") != null; + return "authorization_code".equals(parameters.get(OAuth2Constants.PARAMETER.GRANT_TYPE)) && parameters.get(OAuth2Constants.PARAMETER.CODE) != null; } public void setOAuth2RequestValidator(OAuth2RequestValidator oAuth2RequestValidator) { diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java index 6a4a5155..d4093e62 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java @@ -153,8 +153,8 @@ public class TokenEndpointAuthenticationFilter implements Filter { } try { - String grantType = request.getParameter("grant_type"); - if (grantType != null && grantType.equals("password")) { + String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE); + if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) { usernamepassword(request,response); }else { Authentication authentication=ClientCredentials(request,response); @@ -198,8 +198,8 @@ public class TokenEndpointAuthenticationFilter implements Filter { Authentication authResult = authenticationManager.authenticate(credentials); logger.debug("Authentication success: " + authResult.getName()); - String clientId = request.getParameter("client_id"); - String clientSecret = request.getParameter("client_secret"); + String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID); + String clientSecret = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_SECRET); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId, clientSecret); Authentication clientAuth = oauth20ClientAuthenticationManager.authenticate(authRequest); @@ -245,8 +245,8 @@ public class TokenEndpointAuthenticationFilter implements Filter { throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" }); } - String clientId = request.getParameter("client_id"); - String clientSecret = request.getParameter("client_secret"); + String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID); + String clientSecret = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_SECRET); if(clientId == null) { //for header authorization basic String authorization_bearer =request.getHeader("authorization"); @@ -305,8 +305,8 @@ public class TokenEndpointAuthenticationFilter implements Filter { * @return an authentication for validation (or null if there is no further authentication) */ protected Authentication extractCredentials(HttpServletRequest request) { - String grantType = request.getParameter("grant_type"); - if (grantType != null && grantType.equals("password")) { + String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE); + if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) { UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken( request.getParameter("username"), request.getParameter("password")); result.setDetails(authenticationDetailsSource.buildDetails(request)); @@ -316,7 +316,7 @@ public class TokenEndpointAuthenticationFilter implements Filter { } private Set getScope(HttpServletRequest request) { - return OAuth2Utils.parseParameterList(request.getParameter("scope")); + return OAuth2Utils.parseParameterList(request.getParameter(OAuth2Constants.PARAMETER.SCOPE)); } public void init(FilterConfig filterConfig) throws ServletException { @@ -346,7 +346,7 @@ public class TokenEndpointAuthenticationFilter implements Filter { uri = uri.substring(0, pathParamIndex); } - String clientId = request.getParameter("client_id"); + String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID); if (clientId == null) { // Give basic auth a chance to work instead (it's preferred anyway) diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java index 4838b282..2523154d 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/DefaultAccessTokenConverter.java @@ -110,6 +110,10 @@ public class DefaultAccessTokenConverter implements AccessTokenConverter { if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) { response.put(AUD, clientToken.getResourceIds()); } + + //default + response.put("active", Boolean.TRUE); + return response; } diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java index b4803756..6deaa53a 100644 --- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java +++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/autoconfigure/Oauth20AutoConfiguration.java @@ -28,7 +28,7 @@ import org.maxkey.authz.oauth2.common.OAuth2Constants; import org.maxkey.authz.oauth2.provider.ClientDetailsService; import org.maxkey.authz.oauth2.provider.OAuth2UserDetailsService; import org.maxkey.authz.oauth2.provider.approval.TokenApprovalStore; -import org.maxkey.authz.oauth2.provider.approval.controller.OAuth20UserApprovalHandler; +import org.maxkey.authz.oauth2.provider.approval.endpoint.OAuth20UserApprovalHandler; import org.maxkey.authz.oauth2.provider.client.ClientDetailsUserDetailsService; import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService; import org.maxkey.authz.oauth2.provider.code.AuthorizationCodeServices;