diff --git a/ReleaseNotes.txt b/ReleaseNotes.txt
index 018cdda3..3021dd26 100644
--- a/ReleaseNotes.txt
+++ b/ReleaseNotes.txt
@@ -5,12 +5,12 @@
*(MAXKEY-200604) 修复用户组访问权限删除问题
*(MAXKEY-200605) Javascript验证及AJAX提交优化
*(MAXKEY-200606) DAO层整合
- *(MAXKEY-200607) 社交账号关联调整
+ *(MAXKEY-200607) 社交账号关联调整及优化
*(MAXKEY-200608) 数据库表字段的注释修复
*(MAXKEY-200609) 官方网站优化
*(MAXKEY-200610) properties优化
*(MAXKEY-200611) 访问控制修复,访问重定向的问题修复
- *(MAXKEY-200607) 依赖jar升级,消除非必要依赖
+ *(MAXKEY-200612) 依赖jar升级,消除非必要依赖
spring 5.2.6.RELEASE
springBoot 2.3.0.RELEASE
springSecurity 5.3.2.RELEASE
diff --git a/docs/authn/social.md b/docs/authn/social.md
index 125993c3..9ac881f3 100644
--- a/docs/authn/social.md
+++ b/docs/authn/social.md
@@ -19,7 +19,7 @@
认证配置
文件
-maxkey/config/applicationConfig.properties
+maxkey/maxkey.properties
#enable social sign on
@@ -40,25 +40,13 @@ config.socialsignon.sinaweibo.account.id=id
config.socialsignon.sinaweibo.sortorder=1
-配置maxkey/spring/maxkey.xml
+配置maxkey/maxkey.properties
-
-<bean id="socialSignOnWeibo" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider">
- <property name="provider" value="${config.socialsignon.sinaweibo.provider}"/>
- <property name="providerName" value="${config.socialsignon.sinaweibo.provider.name}"/>
- <property name="icon" value="${config.socialsignon.sinaweibo.icon}"/>
- <property name="clientId" value="${config.socialsignon.sinaweibo.client.id}"/>
- <property name="clientSecret" value="${config.socialsignon.sinaweibo.client.secret}"/>
- <property name="sortOrder" value="${config.socialsignon.sinaweibo.sortorder}"/>
-</bean>
-
-<bean id="socialSignOnProviderService" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService">
- <property name="socialSignOnProviders" >
- <list>
- <ref bean="socialSignOnWeibo" />
- </list>
- </property>
-</bean>
+
+#enable social sign on
+config.login.socialsignon=true
+#social sign on providers
+config.login.socialsignon.providers=sinaweibo,google,qq,dingtalk,microsoft,facebook
账号绑定
diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyRowMapper.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyRowMapper.java
index 1b7aca7e..043986b8 100644
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyRowMapper.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyRowMapper.java
@@ -2,7 +2,6 @@ package org.maxkey.persistence.db;
import java.sql.ResultSet;
import java.sql.SQLException;
-
import org.maxkey.domain.PasswordPolicy;
import org.springframework.jdbc.core.RowMapper;
diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/UserInfoRowMapper.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/UserInfoRowMapper.java
index fa82d7ac..486d9d4f 100644
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/UserInfoRowMapper.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/UserInfoRowMapper.java
@@ -2,7 +2,6 @@ package org.maxkey.persistence.db;
import java.sql.ResultSet;
import java.sql.SQLException;
-
import org.maxkey.domain.UserInfo;
import org.springframework.jdbc.core.RowMapper;
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
index a287de48..cfa7fcda 100644
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
@@ -1,10 +1,7 @@
package org.maxkey;
-import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
-import java.util.Properties;
-
import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
@@ -17,9 +14,6 @@ import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm
import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer;
import org.maxkey.authn.support.kerberos.KerberosProxy;
import org.maxkey.authn.support.kerberos.RemoteKerberosService;
-import org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService;
-import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
-import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
import org.maxkey.authz.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter;
import org.maxkey.constants.ConstantsProperties;
import org.maxkey.crypto.password.opt.algorithm.KeyUriFormat;
@@ -34,16 +28,12 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;
import org.springframework.context.annotation.PropertySource;
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
import org.springframework.jdbc.core.JdbcTemplate;
@@ -69,8 +59,7 @@ import org.springframework.jdbc.core.JdbcTemplate;
"org.maxkey.authz.exapi.endpoint",
"org.maxkey.authz.formbased.endpoint",
"org.maxkey.authz.ltpa.endpoint",
- "org.maxkey.authz.token.endpoint",
- "org.maxkey.web.authentication.support.socialsignon"
+ "org.maxkey.authz.token.endpoint"
})
public class MaxKeyConfig implements InitializingBean {
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
@@ -239,45 +228,7 @@ public class MaxKeyConfig implements InitializingBean {
return kerberosService;
}
- @Bean(name = "socialSignOnProviderService")
- @ConditionalOnClass(SocialSignOnProvider.class)
- public SocialSignOnProviderService socialSignOnProviderService() throws IOException {
- SocialSignOnProviderService socialSignOnProviderService = new SocialSignOnProviderService();
-
- Resource resource = new ClassPathResource(
- ConstantsProperties.classPathResource(ConstantsProperties.classPathResource(ConstantsProperties.maxKeyPropertySource)));
- Properties properties = new Properties();
- properties.load(resource.getInputStream());
- String [] providerList =properties.get("config.login.socialsignon.providers").toString().split(",");
- List socialSignOnProviderList = new ArrayList();
- for(String provider : providerList) {
- String providerName = properties.getProperty("config.socialsignon."+provider+".provider.name");
- String icon=properties.getProperty("config.socialsignon."+provider+".icon");
- String clientId=properties.getProperty("config.socialsignon."+provider+".client.id");
- String clientSecret=properties.getProperty("config.socialsignon."+provider+".client.secret");
- String sortOrder = properties.getProperty("config.socialsignon."+provider+".sortorder");
- SocialSignOnProvider socialSignOnProvider = new SocialSignOnProvider();
- socialSignOnProvider.setProvider(provider);
- socialSignOnProvider.setProviderName(providerName);
- socialSignOnProvider.setIcon(icon);
- socialSignOnProvider.setClientId(clientId);
- socialSignOnProvider.setClientSecret(clientSecret);
- socialSignOnProvider.setSortOrder(Integer.valueOf(sortOrder));
- _logger.debug("socialSignOnProvider " + socialSignOnProvider);
- socialSignOnProviderList.add(socialSignOnProvider);
- }
- socialSignOnProviderService.setSocialSignOnProviders(socialSignOnProviderList);
- _logger.debug("SocialSignOnProviderService inited.");
- return socialSignOnProviderService;
- }
-
- @Bean(name = "socialsAssociateService")
- public JdbcSocialsAssociateService socialsAssociateService(
- JdbcTemplate jdbcTemplate) {
- JdbcSocialsAssociateService socialsAssociateService = new JdbcSocialsAssociateService(jdbcTemplate);
- _logger.debug("JdbcSocialsAssociateService inited.");
- return socialsAssociateService;
- }
+
@Override
public void afterPropertiesSet() throws Exception {
diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java b/maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java
new file mode 100644
index 00000000..21119659
--- /dev/null
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java
@@ -0,0 +1,78 @@
+package org.maxkey.autoconfigure;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService;
+import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
+import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
+import org.maxkey.constants.ConstantsProperties;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+@Configuration
+@ComponentScan(basePackages = {
+ "org.maxkey.authn.support.socialsignon"
+})
+@PropertySource(ConstantsProperties.maxKeyPropertySource)
+public class SocialSignOnAutoConfiguration implements InitializingBean {
+ private static final Logger _logger = LoggerFactory.getLogger(SocialSignOnAutoConfiguration.class);
+
+ @Bean(name = "socialSignOnProviderService")
+ @ConditionalOnClass(SocialSignOnProvider.class)
+ public SocialSignOnProviderService socialSignOnProviderService() throws IOException {
+ SocialSignOnProviderService socialSignOnProviderService = new SocialSignOnProviderService();
+
+ Resource resource = new ClassPathResource(
+ ConstantsProperties.classPathResource(ConstantsProperties.classPathResource(ConstantsProperties.maxKeyPropertySource)));
+ Properties properties = new Properties();
+ properties.load(resource.getInputStream());
+ String [] providerList =properties.get("config.login.socialsignon.providers").toString().split(",");
+ List socialSignOnProviderList = new ArrayList();
+ for(String provider : providerList) {
+ String providerName = properties.getProperty("config.socialsignon."+provider+".provider.name");
+ String icon=properties.getProperty("config.socialsignon."+provider+".icon");
+ String clientId=properties.getProperty("config.socialsignon."+provider+".client.id");
+ String clientSecret=properties.getProperty("config.socialsignon."+provider+".client.secret");
+ String sortOrder = properties.getProperty("config.socialsignon."+provider+".sortorder");
+ SocialSignOnProvider socialSignOnProvider = new SocialSignOnProvider();
+ socialSignOnProvider.setProvider(provider);
+ socialSignOnProvider.setProviderName(providerName);
+ socialSignOnProvider.setIcon(icon);
+ socialSignOnProvider.setClientId(clientId);
+ socialSignOnProvider.setClientSecret(clientSecret);
+ socialSignOnProvider.setSortOrder(Integer.valueOf(sortOrder));
+ _logger.debug("socialSignOnProvider " + socialSignOnProvider);
+ socialSignOnProviderList.add(socialSignOnProvider);
+ }
+ socialSignOnProviderService.setSocialSignOnProviders(socialSignOnProviderList);
+ _logger.debug("SocialSignOnProviderService inited.");
+ return socialSignOnProviderService;
+ }
+
+ @Bean(name = "socialsAssociateService")
+ public JdbcSocialsAssociateService socialsAssociateService(
+ JdbcTemplate jdbcTemplate) {
+ JdbcSocialsAssociateService socialsAssociateService = new JdbcSocialsAssociateService(jdbcTemplate);
+ _logger.debug("JdbcSocialsAssociateService inited.");
+ return socialsAssociateService;
+ }
+
+
+ @Override
+ public void afterPropertiesSet() throws Exception {
+ // TODO Auto-generated method stub
+
+ }
+}
diff --git a/maxkey-web-maxkey/src/main/resources/META-INF/spring.factories b/maxkey-web-maxkey/src/main/resources/META-INF/spring.factories
index 2889443f..64a35b63 100644
--- a/maxkey-web-maxkey/src/main/resources/META-INF/spring.factories
+++ b/maxkey-web-maxkey/src/main/resources/META-INF/spring.factories
@@ -7,4 +7,5 @@ org.maxkey.autoconfigure.RedisAutoConfiguration,\
org.maxkey.autoconfigure.CasAutoConfiguration,\
org.maxkey.autoconfigure.Oauth20AutoConfiguration,\
org.maxkey.autoconfigure.Saml20AutoConfiguration,\
+org.maxkey.autoconfigure.SocialSignOnAutoConfiguration,\
org.maxkey.MaxKeyMvcConfig
diff --git a/maxkey-web-maxkey/src/main/resources/maxkey.properties b/maxkey-web-maxkey/src/main/resources/maxkey.properties
index 2b5bae37..47b214ae 100644
--- a/maxkey-web-maxkey/src/main/resources/maxkey.properties
+++ b/maxkey-web-maxkey/src/main/resources/maxkey.properties
@@ -58,11 +58,8 @@ config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn
############################################################################
# HTTPHEADER Login configuration
############################################################################
-
config.support.httpheader.enable=false
-
config.support.httpheader.headername=header-user
-
# iv-user is for IBM Security Access Manager
#config.httpheader.headername=iv-user
@@ -94,12 +91,48 @@ config.support.wsfederation.logoutUrl=https://adfs.maxkey.org/adfs/ls/?wa=wsigno
#############################################################################
#############################################################################
+# OIDC V1.0 METADATA configuration
config.oidc.metadata.issuer=${config.server.name}/maxkey
config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo
-#############################################################################
+#############################################################################
+# SAML V2.0 configuration
+#saml common
+config.saml.v20.max.parser.pool.size=2
+config.saml.v20.assertion.validity.time.ins.seconds=90
+config.saml.v20.replay.cache.life.in.millis=14400000
+config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
+config.saml.v20.issue.instant.check.validity.time.in.seconds=300
+
+
+#saml idp keystore
+config.saml.v20.idp.keystore.password=maxkey
+config.saml.v20.idp.keystore.private.key.password=maxkey
+config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+#keystore id for sec
+config.saml.v20.idp.issuing.entity.id=maxkey.org
+config.saml.v20.idp.issuer=https://sso.maxkey.org/maxkey/saml
+
+config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.org/
+
+#saml sp keystore
+config.saml.v20.sp.keystore.password=maxkey
+config.saml.v20.sp.keystore.private.key.password=maxkey
+config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
+config.saml.v20.sp.issuing.entity.id=client.maxkey.org
+
+#Saml v20 METADATA
+config.saml.v20.metadata.orgName=maxkey
+config.saml.v20.metadata.orgDisplayName=maxkey
+config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
+config.saml.v20.metadata.contactType=technical
+config.saml.v20.metadata.company=maxkey
+config.saml.v20.metadata.givenName=maxkey
+config.saml.v20.metadata.surName=maxkey
+config.saml.v20.metadata.emailAddress=shimingxy@163.com
+config.saml.v20.metadata.telephoneNumber=4008981111
############################################################################
# Social Sign On Configuration #
@@ -160,40 +193,3 @@ config.socialsignon.facebook.client.id=appKey
config.socialsignon.facebook.client.secret=appSecret
config.socialsignon.facebook.account.id=id
config.socialsignon.facebook.sortorder=7
-
-############################################################################
-# SAML V2.0 configuration
-#saml common
-config.saml.v20.max.parser.pool.size=2
-config.saml.v20.assertion.validity.time.ins.seconds=90
-config.saml.v20.replay.cache.life.in.millis=14400000
-config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
-config.saml.v20.issue.instant.check.validity.time.in.seconds=300
-
-
-#saml idp keystore
-config.saml.v20.idp.keystore.password=maxkey
-config.saml.v20.idp.keystore.private.key.password=maxkey
-config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
-#keystore id for sec
-config.saml.v20.idp.issuing.entity.id=maxkey.org
-config.saml.v20.idp.issuer=https://sso.maxkey.org/maxkey/saml
-
-config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.org/
-
-#saml sp keystore
-config.saml.v20.sp.keystore.password=maxkey
-config.saml.v20.sp.keystore.private.key.password=maxkey
-config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
-config.saml.v20.sp.issuing.entity.id=client.maxkey.org
-
-#Saml v20 Metadata
-config.saml.v20.metadata.orgName=maxkey
-config.saml.v20.metadata.orgDisplayName=maxkey
-config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
-config.saml.v20.metadata.contactType=technical
-config.saml.v20.metadata.company=maxkey
-config.saml.v20.metadata.givenName=maxkey
-config.saml.v20.metadata.surName=maxkey
-config.saml.v20.metadata.emailAddress=shimingxy@163.com
-config.saml.v20.metadata.telephoneNumber=4008981111
\ No newline at end of file