AuthorizationUtils

2022-04-12 22:31:41 +08:00
parent 742b660453
commit 50bfb3087e
75 changed files with 766 additions and 1638 deletions
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java
@@ -19,7 +19,7 @@ package org.maxkey.authz.oauth2.provider.approval.endpoint;

 import java.util.LinkedHashMap;
 import java.util.Map;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
@@ -95,8 +95,7 @@ public class OAuth20AccessConfirmationEndpoint {
 	        for (String scope : clientAuth.getScope()) {
 	            scopes.put(OAuth2Constants.PARAMETER.SCOPE_PREFIX + scope, "false");
 	        }
-	        String principal = 
-	                ((SigninPrincipal) WebContext.getAuthentication().getPrincipal()).getUsername();
+	        String principal = AuthorizationUtils.getPrincipal().getUsername();
 	        for (Approval approval : approvalStore.getApprovals(principal, client.getClientId())) {
 	            if (clientAuth.getScope().contains(approval.getScope())) {
 	                scopes.put(OAuth2Constants.PARAMETER.SCOPE_PREFIX + approval.getScope(),
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
@@ -22,6 +22,8 @@ import java.util.Map;
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
+import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException;
@@ -150,7 +152,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 	            @RequestParam Map<String, String> parameters,
 	            SessionStatus sessionStatus) {
 	    
-		 Principal principal=(Principal)WebContext.getAuthentication();
+		 Principal principal=(Principal)AuthorizationUtils.getAuthentication();
 		// Pull out the authorization request first, using the OAuth2RequestFactory. All further logic should
 		// query off of the authorization request instead of referring back to the parameters map. The contents of the
 		// parameters map will be stored without change in the AuthorizationRequest object once it is created.
@@ -241,7 +243,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 	                Map<String, ?> model,
 	                SessionStatus sessionStatus) {
 	    
-		Principal principal=(Principal)WebContext.getAuthentication();
+		Principal principal=(Principal)AuthorizationUtils.getAuthentication();
 		if (!(principal instanceof Authentication)) {
 			sessionStatus.setComplete();
 			throw new InsufficientAuthenticationException(
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
@@ -23,6 +23,7 @@ import java.util.Map;
 import java.util.Set;

 import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken;
 import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
@@ -38,7 +39,6 @@ import org.maxkey.authz.oauth2.provider.TokenRequest;
 import org.maxkey.authz.oauth2.provider.request.DefaultOAuth2RequestValidator;
 import org.maxkey.entity.apps.oauth2.provider.ClientDetails;
 import org.maxkey.util.StringGenerator;
-import org.maxkey.web.WebContext;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpMethod;
 import org.springframework.http.HttpStatus;
@@ -114,7 +114,7 @@ public class TokenEndpoint extends AbstractEndpoint {
 		// TokenEndpointAuthenticationFilter
 		OAuth2AccessToken token = null;
 	    try {
-		    Object principal = WebContext.getAuthentication();
+		    Object principal = AuthorizationUtils.getAuthentication();
 	
 			if (!(principal instanceof Authentication)) {
 				throw new InsufficientAuthenticationException(
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
@@ -32,6 +32,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
 import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
@@ -154,7 +155,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 				}
 				auth.setAuthenticated(true);
 				UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities());
-				WebContext.setAuthentication(simpleUserAuthentication);
+				AuthorizationUtils.setAuthentication(simpleUserAuthentication);
 			}

 		}
@@ -208,7 +209,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 	
 			OAuth2Request storedOAuth2Request = oAuth2RequestFactory.createOAuth2Request(authorizationRequest);
 			
-			WebContext.setAuthentication(new OAuth2Authentication(storedOAuth2Request, authResult));
+			AuthorizationUtils.setAuthentication(new OAuth2Authentication(storedOAuth2Request, authResult));
 	
 			onSuccessfulAuthentication(request, response, authResult);
 	
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oidc/idtoken/OIDCIdTokenEnhancer.java
@@ -30,6 +30,7 @@ import java.util.UUID;
 import org.apache.commons.lang3.StringUtils;
 import org.joda.time.DateTime;
 import org.joda.time.format.DateTimeFormat;
+import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken;
 import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
@@ -40,7 +41,6 @@ import org.maxkey.configuration.oidc.OIDCProviderMetadata;
 import org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService;
 import org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
 import org.maxkey.entity.apps.oauth2.provider.ClientDetails;
-import org.maxkey.web.WebContext;

 import com.nimbusds.jose.util.Base64URL;
 import org.slf4j.Logger;
@@ -125,7 +125,7 @@ public class OIDCIdTokenEnhancer implements TokenEnhancer {
 			if (request.getExtensions().containsKey("max_age")
 					|| (request.getExtensions().containsKey("idtoken")) // parse the ID Token claims (#473) -- for now assume it could be in there
 					) {
-				DateTime loginDate = DateTime.parse(WebContext.getUserInfo().getLastLoginTime(), DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
+				DateTime loginDate = DateTime.parse(AuthorizationUtils.getUserInfo().getLastLoginTime(), DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
 				builder.claim("auth_time",  loginDate.getMillis()/1000);
 			}