OIDC接口优化 #I4VFYD

2022-02-27 21:32:36 +08:00
parent 933780d082
commit 545e2c1a96
10 changed files with 67 additions and 55 deletions
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
@@ -136,10 +136,6 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 		final HttpServletRequest request = (HttpServletRequest) req;
 		final HttpServletResponse response = (HttpServletResponse) res;

-		if(_logger.isTraceEnabled()) {
-			WebContext.printRequest(request);
-		}
-		
 		try {
 			String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE);
 			if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) {
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
@@ -18,13 +18,13 @@
 package org.maxkey.authz.oauth2.provider.userinfo.endpoint;

 import java.lang.reflect.InvocationTargetException;
-import java.util.Enumeration;
 import java.util.HashMap;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.apache.commons.beanutils.BeanUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
@@ -48,7 +48,6 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -83,27 +82,18 @@ public class UserInfoEndpoint {
 	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_USERINFO, method={RequestMethod.POST, RequestMethod.GET}) 
 	public void apiV20UserInfo(
 			@RequestParam(value = "access_token", required = false) String access_token,
-			@RequestHeader(value = "authorization", required = false) String authorization_bearer,
            HttpServletRequest request, 
            HttpServletResponse response) {	        
-	        if(access_token == null && authorization_bearer!= null) {
-	        	if(_logger.isTraceEnabled()) {
-		        	_logger.trace("getRequestURL : "+request.getRequestURL());
-			        Enumeration<String> headerNames = request.getHeaderNames();
-			        while (headerNames.hasMoreElements()) {
-			          String key = (String) headerNames.nextElement();
-			          String value = request.getHeader(key);
-			          _logger.trace("Header key "+key +" , value " + value);
-			        }
-		        }
+	        if(StringUtils.isBlank(access_token)) {
 	        	//for header authorization bearer
-	        	access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
+	        	access_token = AuthorizationHeaderUtils.resolveBearer(request);
 	        }
 	        
-			String principal="";
 			if (!StringGenerator.uuidMatches(access_token)) {
 				httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json"); 
 			}
+			
+			String principal="";
 			OAuth2Authentication oAuth2Authentication =null;
 			try{
 				 oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token);
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java
@@ -42,6 +42,7 @@ import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.oauth2.provider.ClientDetails;
 import org.maxkey.persistence.service.AppsService;
 import org.maxkey.persistence.service.UserInfoService;
+import org.maxkey.util.AuthorizationHeaderUtils;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
 import org.maxkey.web.HttpResponseAdapter;
@@ -51,7 +52,6 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -100,15 +100,15 @@ public class UserInfoOIDCEndpoint {
    @Operation(summary = "OIDC 用户信息接口", description = "传递Authorization参数access_token",method="GET")
 	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_OPENID_CONNECT_USERINFO, method={RequestMethod.POST, RequestMethod.GET})
 	@ResponseBody
-	public String connect10aUserInfo(
-			@RequestHeader(value = "Authorization", required = true) String access_token,
-			HttpServletRequest request, 
-			HttpServletResponse response) {
-		String principal="";
+	public String connect10aUserInfo(HttpServletRequest request, 
+									 HttpServletResponse response) {
+    	String access_token = AuthorizationHeaderUtils.resolveBearer(request);
+		
 		if (!StringGenerator.uuidMatches(access_token)) {
 			return JsonUtils.gson2Json(accessTokenFormatError(access_token));
 		}
 		
+		String principal="";
 		OAuth2Authentication oAuth2Authentication =null;
 		try{
 			 oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token);