diff --git a/gradle.properties b/gradle.properties index 904b182f..cf2a9a88 100644 --- a/gradle.properties +++ b/gradle.properties @@ -15,7 +15,7 @@ # */ #maxkey properties group =maxkey.top -version =3.4.0 +version =3.5.0 vendor =https://www.maxkey.top author =MaxKeyTop diff --git a/maxkey-core/src/main/java/org/maxkey/entity/SocialsAssociate.java b/maxkey-core/src/main/java/org/maxkey/entity/SocialsAssociate.java index 0dc34ba1..86a70370 100644 --- a/maxkey-core/src/main/java/org/maxkey/entity/SocialsAssociate.java +++ b/maxkey-core/src/main/java/org/maxkey/entity/SocialsAssociate.java @@ -44,6 +44,9 @@ public class SocialsAssociate extends JpaBaseEntity { private String id; @Column private String provider; + private String providerName; + private String icon; + @Column private String userId; @Column @@ -157,6 +160,23 @@ public class SocialsAssociate extends JpaBaseEntity { this.instId = instId; } + + public String getProviderName() { + return providerName; + } + + public void setProviderName(String providerName) { + this.providerName = providerName; + } + + public String getIcon() { + return icon; + } + + public void setIcon(String icon) { + this.icon = icon; + } + @Override public String toString() { StringBuilder builder = new StringBuilder(); diff --git a/maxkey-gataway/src/main/resources/application.yml b/maxkey-gataway/src/main/resources/application.yml index e4895b78..373bba7b 100644 --- a/maxkey-gataway/src/main/resources/application.yml +++ b/maxkey-gataway/src/main/resources/application.yml @@ -1,7 +1,7 @@ #端口号 application: name: maxkey-gateway-server - formatted-version: v3.4.0 GA + formatted-version: v3.5.0 GA server: port: 9000 spring: diff --git a/maxkey-monitor/src/main/resources/application.properties b/maxkey-monitor/src/main/resources/application.properties index e859736a..2cf5ec7d 100644 --- a/maxkey-monitor/src/main/resources/application.properties +++ b/maxkey-monitor/src/main/resources/application.properties @@ -18,7 +18,7 @@ application.title =MaxKey #for dynamic service discovery spring.application.name =maxkey-monitor -application.formatted-version =v3.4.0 GA +application.formatted-version =v3.5.0 GA #nacos discovery spring.cloud.nacos.discovery.enabled =${NACOS_DISCOVERY_ENABLED:false} spring.cloud.nacos.discovery.instance-enabled =false diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/SocialsAssociateMapper.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/SocialsAssociateMapper.java index f6200f98..f0e3a49e 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/SocialsAssociateMapper.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/SocialsAssociateMapper.java @@ -16,9 +16,13 @@ package org.maxkey.persistence.mapper; +import java.util.List; + import org.apache.mybatis.jpa.persistence.IJpaBaseMapper; import org.maxkey.entity.SocialsAssociate; +import org.maxkey.entity.UserInfo; public interface SocialsAssociateMapper extends IJpaBaseMapper { + public List queryByUser(UserInfo user); } diff --git a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/SocialsAssociatesService.java b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/SocialsAssociatesService.java index ce57f3b3..85493696 100644 --- a/maxkey-persistence/src/main/java/org/maxkey/persistence/service/SocialsAssociatesService.java +++ b/maxkey-persistence/src/main/java/org/maxkey/persistence/service/SocialsAssociatesService.java @@ -17,8 +17,11 @@ package org.maxkey.persistence.service; +import java.util.List; + import org.apache.mybatis.jpa.persistence.JpaBaseService; import org.maxkey.entity.SocialsAssociate; +import org.maxkey.entity.UserInfo; import org.maxkey.persistence.mapper.SocialsAssociateMapper; import org.springframework.stereotype.Repository; @@ -38,5 +41,9 @@ public class SocialsAssociatesService extends JpaBaseService{ return (SocialsAssociateMapper)super.getMapper(); } + + public List queryByUser(UserInfo user) { + return getMapper().queryByUser(user); + } } diff --git a/maxkey-persistence/src/main/resources/org/maxkey/persistence/mapper/xml/mysql/SocialsAssociateMapper.xml b/maxkey-persistence/src/main/resources/org/maxkey/persistence/mapper/xml/mysql/SocialsAssociateMapper.xml new file mode 100644 index 00000000..fca64754 --- /dev/null +++ b/maxkey-persistence/src/main/resources/org/maxkey/persistence/mapper/xml/mysql/SocialsAssociateMapper.xml @@ -0,0 +1,31 @@ + + + + + + + + + \ No newline at end of file diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java index 13311d16..5d7152ff 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java @@ -146,7 +146,7 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer { .addPathPatterns("/logs/**") .addPathPatterns("/userinfo/**") .addPathPatterns("/profile/**") - .addPathPatterns("/safe/**") + .addPathPatterns("/config/**") .addPathPatterns("/historys/**") .addPathPatterns("/access/session/**") .addPathPatterns("/access/session/**/**") diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java index bc14be0a..a6b1576e 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/OneTimePasswordController.java @@ -18,26 +18,29 @@ package org.maxkey.web.contorller; import java.awt.image.BufferedImage; -import java.util.UUID; +import java.util.Base64; +import java.util.HashMap; import org.apache.commons.codec.binary.Hex; +import org.apache.commons.lang3.StringUtils; +import org.maxkey.authn.annotation.CurrentUser; import org.maxkey.crypto.Base32Utils; import org.maxkey.crypto.password.PasswordReciprocal; +import org.maxkey.entity.Message; import org.maxkey.entity.UserInfo; import org.maxkey.password.onetimepwd.algorithm.OtpKeyUriFormat; import org.maxkey.password.onetimepwd.algorithm.OtpSecret; import org.maxkey.persistence.service.UserInfoService; import org.maxkey.util.RQCodeUtils; -import org.maxkey.web.WebContext; import org.maxkey.web.image.ImageEndpoint; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.servlet.ModelAndView; - -import com.xkcoding.http.util.StringUtil; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.ResponseBody; /** @@ -46,7 +49,7 @@ import com.xkcoding.http.util.StringUtil; * */ @Controller -@RequestMapping(value = { "/safe/otp" }) +@RequestMapping(value = { "/config" }) public class OneTimePasswordController { static final Logger _logger = LoggerFactory.getLogger(OneTimePasswordController.class); @@ -58,115 +61,48 @@ public class OneTimePasswordController { @Qualifier("otpKeyUriFormat") OtpKeyUriFormat otpKeyUriFormat; - @Autowired - @Qualifier("passwordReciprocal") - PasswordReciprocal passwordReciprocal; - @RequestMapping(value = {"/timebased"}) - public ModelAndView timebased() { - ModelAndView modelAndView = new ModelAndView("safe/timeBased"); - UserInfo userInfo = WebContext.getUserInfo(); + @ResponseBody + public ResponseEntity timebased(@RequestParam String generate,@CurrentUser UserInfo currentUser) { + HashMaptimebased =new HashMap(); - String sharedSecret = userInfo.getId(); - if(StringUtil.isNotEmpty(userInfo.getSharedSecret())) { - passwordReciprocal.decoder(userInfo.getSharedSecret()); + generate(generate,currentUser); + + String sharedSecret = + PasswordReciprocal.getInstance().decoder(currentUser.getSharedSecret()); + + otpKeyUriFormat.setSecret(sharedSecret); + String otpauth = otpKeyUriFormat.format(currentUser.getUsername()); + byte[] byteSharedSecret = Base32Utils.decode(sharedSecret); + String hexSharedSecret = Hex.encodeHexString(byteSharedSecret); + + timebased.put("displayName", currentUser.getDisplayName()); + timebased.put("username", currentUser.getUsername()); + timebased.put("digits", otpKeyUriFormat.getDigits()); + timebased.put("period", otpKeyUriFormat.getPeriod()); + timebased.put("sharedSecret", sharedSecret); + timebased.put("hexSharedSecret", hexSharedSecret); + timebased.put("rqCode", genRqCode(otpauth)); + return new Message>(timebased).buildResponse(); + } + + public void generate(String generate,@CurrentUser UserInfo currentUser) { + if((StringUtils.isNotBlank(generate) + && generate.equalsIgnoreCase("YES")) + ||StringUtils.isBlank(currentUser.getSharedSecret())) { + + byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto()); + String sharedSecret = Base32Utils.encode(byteSharedSecret); + sharedSecret = PasswordReciprocal.getInstance().encode(sharedSecret); + currentUser.setSharedSecret(sharedSecret); + userInfoService.updateSharedSecret(currentUser); + } - otpKeyUriFormat.setSecret(sharedSecret); - String otpauth = otpKeyUriFormat.format(userInfo.getUsername()); - byte[] byteSharedSecret = Base32Utils.decode(sharedSecret); - String hexSharedSecret = Hex.encodeHexString(byteSharedSecret); - modelAndView.addObject("id", genRqCode(otpauth)); - modelAndView.addObject("userInfo", userInfo); - modelAndView.addObject("format", otpKeyUriFormat); - modelAndView.addObject("sharedSecret", sharedSecret); - modelAndView.addObject("hexSharedSecret", hexSharedSecret); - return modelAndView; } - @RequestMapping(value = {"gen/timebased"}) - public ModelAndView gentimebased() { - UserInfo userInfo = WebContext.getUserInfo(); - byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto()); - String sharedSecret = Base32Utils.encode(byteSharedSecret); - sharedSecret = passwordReciprocal.encode(sharedSecret); - userInfo.setSharedSecret(sharedSecret); - userInfoService.updateSharedSecret(userInfo); - WebContext.setUserInfo(userInfo); - return WebContext.redirect("/safe/otp/timebased"); - } - - - @RequestMapping(value = {"/counterbased"}) - public ModelAndView counterbased() { - ModelAndView modelAndView = new ModelAndView("safe/counterBased"); - UserInfo userInfo = WebContext.getUserInfo(); - String sharedSecret = passwordReciprocal.decoder(userInfo.getSharedSecret()); - otpKeyUriFormat.setSecret(sharedSecret); - otpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter())); - String otpauth = otpKeyUriFormat.format(userInfo.getUsername()); - - byte[] byteSharedSecret = Base32Utils.decode(sharedSecret); - String hexSharedSecret = Hex.encodeHexString(byteSharedSecret); - modelAndView.addObject("id", genRqCode(otpauth)); - modelAndView.addObject("userInfo", userInfo); - modelAndView.addObject("format", otpKeyUriFormat); - modelAndView.addObject("sharedSecret", sharedSecret); - modelAndView.addObject("hexSharedSecret", hexSharedSecret); - return modelAndView; - - } - - @RequestMapping(value = {"gen/counterbased"}) - public ModelAndView gencounterbased() { - UserInfo userInfo = WebContext.getUserInfo(); - byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto()); - String sharedSecret = Base32Utils.encode(byteSharedSecret); - sharedSecret = passwordReciprocal.encode(sharedSecret); - userInfo.setSharedSecret(sharedSecret); - userInfo.setSharedCounter("0"); - userInfoService.updateSharedSecret(userInfo); - WebContext.setUserInfo(userInfo); - return WebContext.redirect("/safe/otp/counterbased"); - } - - @RequestMapping(value = {"/hotp"}) - public ModelAndView hotp() { - ModelAndView modelAndView = new ModelAndView("safe/hotp"); - UserInfo userInfo = WebContext.getUserInfo(); - String sharedSecret = passwordReciprocal.decoder(userInfo.getSharedSecret()); - otpKeyUriFormat.setSecret(sharedSecret); - otpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter())); - String otpauth = otpKeyUriFormat.format(userInfo.getUsername()); - byte[] byteSharedSecret = Base32Utils.decode(sharedSecret); - String hexSharedSecret = Hex.encodeHexString(byteSharedSecret); - modelAndView.addObject("id", genRqCode(otpauth)); - modelAndView.addObject("userInfo", userInfo); - modelAndView.addObject("format", otpKeyUriFormat); - modelAndView.addObject("sharedSecret", sharedSecret); - modelAndView.addObject("hexSharedSecret", hexSharedSecret); - return modelAndView; - - } - - @RequestMapping(value = {"gen/hotp"}) - public ModelAndView genhotp() { - UserInfo userInfo = WebContext.getUserInfo(); - byte[] byteSharedSecret = OtpSecret.generate(otpKeyUriFormat.getCrypto()); - String sharedSecret = Base32Utils.encode(byteSharedSecret); - sharedSecret = passwordReciprocal.encode(sharedSecret); - userInfo.setSharedSecret(sharedSecret); - userInfo.setSharedCounter("0"); - userInfoService.updateSharedSecret(userInfo); - WebContext.setUserInfo(userInfo); - return WebContext.redirect("/safe/otp/hotp"); - } - - public String genRqCode(String otpauth) { BufferedImage bufferedImage = RQCodeUtils.write2BufferedImage(otpauth, "gif", 300, 300); byte[] imageByte = ImageEndpoint.bufferedImage2Byte(bufferedImage); - String uuid = UUID.randomUUID().toString().toLowerCase(); - WebContext.getSession().setAttribute(uuid, imageByte); - return uuid; + return "data:image/png;base64," + Base64.getEncoder().encodeToString(imageByte); } } diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java index 36f572b7..03a76c2c 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SocialSignOnListController.java @@ -17,76 +17,39 @@ package org.maxkey.web.contorller; -import java.util.ArrayList; import java.util.List; -import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService; -import org.maxkey.authn.support.socialsignon.service.SocialsAssociateService; -import org.maxkey.configuration.ApplicationConfig; -import org.maxkey.entity.Institutions; +import org.maxkey.authn.annotation.CurrentUser; +import org.maxkey.entity.Message; import org.maxkey.entity.SocialsAssociate; -import org.maxkey.entity.SocialsProvider; -import org.maxkey.web.WebConstants; -import org.maxkey.web.WebContext; +import org.maxkey.entity.UserInfo; +import org.maxkey.persistence.service.SocialsAssociatesService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.servlet.ModelAndView; +import org.springframework.web.bind.annotation.ResponseBody; @Controller -@RequestMapping(value={"/socialsignon"}) +@RequestMapping(value={"/config/socialsignon"}) public class SocialSignOnListController { final static Logger _logger = LoggerFactory.getLogger(SocialSignOnListController.class); @Autowired - SocialSignOnProviderService socialSignOnProviderService; + protected SocialsAssociatesService socialsAssociatesService; - @Autowired - protected SocialsAssociateService socialSignOnUserService; - @Autowired - @Qualifier("applicationConfig") - protected ApplicationConfig applicationConfig; - - @RequestMapping(value = { "/list" }) - public ModelAndView forwardUpdate() { + @RequestMapping(value={"/fetch"}) + @ResponseBody + public ResponseEntity fetch(@CurrentUser UserInfo currentUser){ - ModelAndView modelAndView=new ModelAndView("social/socialSignOnProvider"); - - Institutions inst = (Institutions)WebContext.getAttribute(WebConstants.CURRENT_INST); - List listSocialSignOnProvider = - socialSignOnProviderService.loadSocialsProviders(inst.getId()).getSocialSignOnProviders(); + List listSocialsAssociate= + socialsAssociatesService.queryByUser(currentUser); - SocialsAssociate socialSignOnUser=new SocialsAssociate(); - socialSignOnUser.setUserId(WebContext.getUserInfo().getId()); - List listSocialSignOnUserToken= socialSignOnUserService.query(socialSignOnUser); - List listBindSocialSignOnProvider=new ArrayList(); - _logger.debug("list SocialSignOnProvider : "+listSocialSignOnProvider); - _logger.debug("list SocialSignOnUserToken : "+listSocialSignOnUserToken); - for (SocialsProvider ssop : listSocialSignOnProvider){ - SocialsProvider socialSignOnProvider=new SocialsProvider(); - socialSignOnProvider.setProvider(ssop.getProvider()); - socialSignOnProvider.setProviderName(ssop.getProviderName()); - socialSignOnProvider.setIcon(ssop.getIcon()); - socialSignOnProvider.setSortOrder(ssop.getSortOrder()); - for(SocialsAssociate ssout :listSocialSignOnUserToken){ - if(ssout.getProvider().equals(ssop.getProvider())){ - socialSignOnProvider.setUserBind(true); - socialSignOnProvider.setBindTime(ssout.getCreatedDate()); - socialSignOnProvider.setLastLoginTime(ssout.getUpdatedDate()); - _logger.debug("binded provider : "+ssout.getProvider()); - } - } - listBindSocialSignOnProvider.add(socialSignOnProvider); - } - - modelAndView.addObject("listSocialSignOnProvider", listBindSocialSignOnProvider); - - return modelAndView; + return new Message>(listSocialsAssociate).buildResponse(); } } diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties index 374e2fa4..eec5d0cb 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties +++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties @@ -16,7 +16,7 @@ #MaxKey Title and Version # ############################################################################ application.title =MaxKey -application.formatted-version =v3.4.0 GA +application.formatted-version =v3.5.0 GA #for dynamic service discovery spring.application.name =maxkey ############################################################################ diff --git a/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties b/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties index a29e25df..06418359 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties +++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties @@ -16,7 +16,7 @@ #MaxKey Title and Version # ############################################################################ application.title =MaxKey-Mgt -application.formatted-version =v3.4.0 GA +application.formatted-version =v3.5.0 GA #for dynamic service discovery spring.application.name =maxkey-mgt ############################################################################