jwt
This commit is contained in:
MaxKey
@@ -34,7 +34,6 @@ import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
@@ -61,8 +60,8 @@ public class AuthorizeBaseEndpoint {
|
||||
//session中为空或者id不一致重新加载
|
||||
if(app == null || !app.getId().equalsIgnoreCase(id)) {
|
||||
app = appsService.get(id,true);
|
||||
WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP, app);
|
||||
}
|
||||
WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP, app);
|
||||
}
|
||||
if(app == null){
|
||||
_logger.error("Applications id " + id + " is not exist.");
|
||||
|
||||
@@ -169,6 +169,8 @@ public class JwtAdapter extends AbstractAuthorizeAdapter {
|
||||
modelAndView.addObject("token",serialize());
|
||||
modelAndView.addObject("jwtName",jwtDetails.getJwtName());
|
||||
|
||||
modelAndView.addObject("tokenType",jwtDetails.getTokenType().toLowerCase());
|
||||
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
|
||||
@@ -83,7 +83,7 @@ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
@CurrentUser UserInfo currentUser){
|
||||
ModelAndView modelAndView=new ModelAndView();
|
||||
Apps application = getApp(id);
|
||||
AppsJwtDetails jwtDetails = jwtDetailsService.getAppDetails(id , true);
|
||||
AppsJwtDetails jwtDetails = jwtDetailsService.getAppDetails(application.getId() , true);
|
||||
_logger.debug(""+jwtDetails);
|
||||
jwtDetails.setAdapter(application.getAdapter());
|
||||
jwtDetails.setIsAdapter(application.getIsAdapter());
|
||||
@@ -110,34 +110,7 @@ public class JwtAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
//encrypt
|
||||
adapter.encrypt(null, jwtDetails.getAlgorithmKey(), jwtDetails.getAlgorithm());
|
||||
|
||||
if(jwtDetails.getTokenType().equalsIgnoreCase("POST")) {
|
||||
return adapter.authorize(modelAndView);
|
||||
}else {
|
||||
_logger.debug("Cookie Name : {}" , jwtDetails.getJwtName());
|
||||
|
||||
Cookie cookie= new Cookie(jwtDetails.getJwtName(),adapter.serialize());
|
||||
|
||||
Integer maxAge = jwtDetails.getExpires();
|
||||
_logger.debug("Cookie Max Age : {} seconds." , maxAge);
|
||||
cookie.setMaxAge(maxAge);
|
||||
|
||||
cookie.setPath("/");
|
||||
//
|
||||
//cookie.setDomain("."+applicationConfig.getBaseDomainName());
|
||||
//tomcat 8.5
|
||||
cookie.setDomain(applicationConfig.getBaseDomainName());
|
||||
|
||||
_logger.debug("Sub Domain Name : .{}",applicationConfig.getBaseDomainName());
|
||||
response.addCookie(cookie);
|
||||
|
||||
if(jwtDetails.getRedirectUri().indexOf(applicationConfig.getBaseDomainName())>-1){
|
||||
return WebContext.redirect(jwtDetails.getRedirectUri());
|
||||
}else{
|
||||
_logger.error(jwtDetails.getRedirectUri()+" not in domain "+applicationConfig.getBaseDomainName());
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
return adapter.authorize(modelAndView);
|
||||
}
|
||||
|
||||
@Operation(summary = "JWT JWK元数据接口", description = "参数mxk_metadata_APPID",method="GET")
|
||||
|
||||
@@ -129,6 +129,7 @@ public class OAuth20AccessConfirmationEndpoint {
|
||||
for (Object key : model.keySet()) {
|
||||
_logger.trace("key " + key +"=" + model.get(key));
|
||||
}
|
||||
|
||||
model.put("authorizeApproveUri", applicationConfig.getFrontendUri()+"/#/authz/oauth2approve");
|
||||
|
||||
modelAndView.addObject("model", model);
|
||||
|
||||
@@ -102,7 +102,7 @@ import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
public class AuthorizationEndpoint extends AbstractEndpoint {
|
||||
final static Logger _logger = LoggerFactory.getLogger(AuthorizationEndpoint.class);
|
||||
|
||||
private static final String OAUTH_V20_AUTHORIZATION_URL = "%s" + OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE + "?client_id=%s&response_type=code&redirect_uri=%s&approval_prompt=auto";
|
||||
private static final String OAUTH_V20_AUTHORIZATION_URL = "" + OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE + "?client_id=%s&response_type=code&redirect_uri=%s&approval_prompt=auto";
|
||||
|
||||
private RedirectResolver redirectResolver = new DefaultRedirectResolver();
|
||||
|
||||
@@ -132,7 +132,6 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
|
||||
String authorizationUrl = "";
|
||||
try {
|
||||
authorizationUrl = String.format(OAUTH_V20_AUTHORIZATION_URL,
|
||||
applicationConfig.getServerPrefix(),
|
||||
clientDetails.getClientId(),
|
||||
HttpEncoder.encode(clientDetails.getRegisteredRedirectUri().toArray()[0].toString())
|
||||
);
|
||||
|
||||
Reference in New Issue
Block a user