add banner
add banner
This commit is contained in:
shimingxy
@@ -2,11 +2,15 @@ package org.maxkey;
|
||||
|
||||
import org.maxkey.authz.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.web.server.ConfigurableWebServerFactory;
|
||||
import org.springframework.boot.web.server.ErrorPage;
|
||||
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.ImportResource;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
@Configuration
|
||||
@ImportResource(locations={"classpath:spring/maxkey.xml"})
|
||||
@@ -32,4 +36,24 @@ public class MaxKeyConfig {
|
||||
registration.setOrder(1);
|
||||
return registration;
|
||||
}
|
||||
|
||||
/**
|
||||
* 配置默认错误页面(仅用于内嵌tomcat启动时)
|
||||
* 使用这种方式,在打包为war后不起作用
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Bean
|
||||
public WebServerFactoryCustomizer<ConfigurableWebServerFactory> webServerFactoryCustomizer() {
|
||||
return new WebServerFactoryCustomizer<ConfigurableWebServerFactory>() {
|
||||
@Override
|
||||
public void customize(ConfigurableWebServerFactory factory) {
|
||||
ErrorPage errorPage400 = new ErrorPage(HttpStatus.BAD_REQUEST,"/error-400");
|
||||
ErrorPage errorPage404 = new ErrorPage(HttpStatus.NOT_FOUND,"/error-404");
|
||||
ErrorPage errorPage500 = new ErrorPage(HttpStatus.INTERNAL_SERVER_ERROR,"/error-500");
|
||||
factory.addErrorPages(errorPage400, errorPage404,errorPage500);
|
||||
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,7 +12,7 @@ import org.maxkey.dao.service.UserInfoService;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.util.RQCodeUtils;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.maxkey.web.endpoint.ImageEndpoint;
|
||||
import org.maxkey.web.ImageEndpoint;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@@ -36,34 +36,25 @@ public class OneTimePasswordController {
|
||||
private UserInfoService userInfoService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("timeBasedKeyUriFormat")
|
||||
KeyUriFormat timeBasedKeyUriFormat;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("counterBasedKeyUriFormat")
|
||||
KeyUriFormat counterBasedKeyUriFormat;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("hotpKeyUriFormat")
|
||||
KeyUriFormat hotpKeyUriFormat;
|
||||
@Qualifier("keyUriFormat")
|
||||
KeyUriFormat keyUriFormat;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("passwordReciprocal")
|
||||
PasswordReciprocal passwordReciprocal;
|
||||
|
||||
|
||||
@RequestMapping(value={"/timebased"})
|
||||
public ModelAndView timebased(){
|
||||
ModelAndView modelAndView=new ModelAndView("safe/timeBased");
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
timeBasedKeyUriFormat.setSecret(sharedSecret);
|
||||
String otpauth=timeBasedKeyUriFormat.format(userInfo.getUsername());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
String otpauth=keyUriFormat.format(userInfo.getUsername());
|
||||
byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRQCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", timeBasedKeyUriFormat);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -72,7 +63,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value={"gen/timebased"})
|
||||
public ModelAndView gentimebased(){
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret=OTPSecret.generate(timeBasedKeyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
|
||||
String sharedSecret=Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret=passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
@@ -87,15 +78,15 @@ public class OneTimePasswordController {
|
||||
ModelAndView modelAndView=new ModelAndView("safe/counterBased");
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
counterBasedKeyUriFormat.setSecret(sharedSecret);
|
||||
counterBasedKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth=counterBasedKeyUriFormat.format(userInfo.getUsername());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth=keyUriFormat.format(userInfo.getUsername());
|
||||
|
||||
byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRQCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", counterBasedKeyUriFormat);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -105,7 +96,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value={"gen/counterbased"})
|
||||
public ModelAndView gencounterbased(){
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret=OTPSecret.generate(counterBasedKeyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
|
||||
String sharedSecret=Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret=passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
@@ -120,14 +111,14 @@ public class OneTimePasswordController {
|
||||
ModelAndView modelAndView=new ModelAndView("safe/hotp");
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
String sharedSecret=passwordReciprocal.decoder(userInfo.getSharedSecret());
|
||||
hotpKeyUriFormat.setSecret(sharedSecret);
|
||||
hotpKeyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth=hotpKeyUriFormat.format(userInfo.getUsername());
|
||||
keyUriFormat.setSecret(sharedSecret);
|
||||
keyUriFormat.setCounter(Long.parseLong(userInfo.getSharedCounter()));
|
||||
String otpauth=keyUriFormat.format(userInfo.getUsername());
|
||||
byte[] byteSharedSecret=Base32Utils.decode(sharedSecret);
|
||||
String hexSharedSecret=Hex.encodeHexString(byteSharedSecret);
|
||||
modelAndView.addObject("id", genRQCode(otpauth));
|
||||
modelAndView.addObject("userInfo", userInfo);
|
||||
modelAndView.addObject("format", hotpKeyUriFormat);
|
||||
modelAndView.addObject("format", keyUriFormat);
|
||||
modelAndView.addObject("sharedSecret", sharedSecret);
|
||||
modelAndView.addObject("hexSharedSecret", hexSharedSecret);
|
||||
return modelAndView;
|
||||
@@ -137,7 +128,7 @@ public class OneTimePasswordController {
|
||||
@RequestMapping(value={"gen/hotp"})
|
||||
public ModelAndView genhotp(){
|
||||
UserInfo userInfo=WebContext.getUserInfo();
|
||||
byte[] byteSharedSecret=OTPSecret.generate(hotpKeyUriFormat.getCrypto());
|
||||
byte[] byteSharedSecret=OTPSecret.generate(keyUriFormat.getCrypto());
|
||||
String sharedSecret=Base32Utils.encode(byteSharedSecret);
|
||||
sharedSecret=passwordReciprocal.encode(sharedSecret);
|
||||
userInfo.setSharedSecret(sharedSecret);
|
||||
|
||||
@@ -1,138 +0,0 @@
|
||||
package org.maxkey.web.endpoint;
|
||||
|
||||
import java.awt.image.BufferedImage;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
||||
import javax.imageio.ImageIO;
|
||||
import javax.servlet.ServletOutputStream;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
import com.google.code.kaptcha.Producer;
|
||||
|
||||
/**
|
||||
* @author Crystal.Sea
|
||||
*
|
||||
*/
|
||||
@Controller
|
||||
public class ImageEndpoint {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(ImageEndpoint.class);
|
||||
|
||||
@Autowired
|
||||
private Producer captchaProducer;
|
||||
|
||||
/**
|
||||
* captcha image Producer
|
||||
* @param request
|
||||
* @param response
|
||||
*/
|
||||
@RequestMapping(value = "/captcha")
|
||||
public void captchaHandleRequest(HttpServletRequest request,HttpServletResponse response){
|
||||
try{
|
||||
// Set to expire far in the past.
|
||||
response.setDateHeader("Expires", 0);
|
||||
// Set standard HTTP/1.1 no-cache headers.
|
||||
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
|
||||
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
|
||||
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
|
||||
// Set standard HTTP/1.0 no-cache header.
|
||||
response.setHeader("Pragma", "no-cache");
|
||||
// return a jpeg
|
||||
response.setContentType("image/jpeg");
|
||||
// create the text for the image
|
||||
String capText = captchaProducer.createText();
|
||||
_logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
|
||||
// store the text in the session
|
||||
request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
|
||||
// create the image with the text
|
||||
BufferedImage bi = captchaProducer.createImage(capText);
|
||||
ServletOutputStream out = response.getOutputStream();
|
||||
// write the data out
|
||||
ImageIO.write(bi, "jpg", out);
|
||||
|
||||
out.flush();
|
||||
out.close();
|
||||
}catch(Exception e) {
|
||||
_logger.error("captcha Producer Error " + e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* image Producer
|
||||
* @param request
|
||||
* @param response
|
||||
* @return
|
||||
* @throws Exception
|
||||
*/
|
||||
|
||||
@RequestMapping("/image/{id}")
|
||||
public void imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
|
||||
// Set to expire far in the past.
|
||||
response.setDateHeader("Expires", 0);
|
||||
// Set standard HTTP/1.1 no-cache headers.
|
||||
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
|
||||
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
|
||||
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
|
||||
// Set standard HTTP/1.0 no-cache header.
|
||||
response.setHeader("Pragma", "no-cache");
|
||||
// return a jpeg/gif
|
||||
response.setContentType("image/gif");
|
||||
// create the text for the image
|
||||
byte[]image=(byte[]) request.getSession().getAttribute(id);
|
||||
//request.getSession().removeAttribute(id);
|
||||
// create the image with the text
|
||||
if(image!=null){
|
||||
ServletOutputStream out = response.getOutputStream();
|
||||
// write the data out
|
||||
ImageIO.write(byte2BufferedImage(image), "gif", out);
|
||||
try{
|
||||
out.flush();
|
||||
}finally{
|
||||
out.close();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static BufferedImage byte2BufferedImage(byte[]imageByte){
|
||||
try {
|
||||
InputStream in = new ByteArrayInputStream(imageByte);
|
||||
BufferedImage bufferedImage = ImageIO.read(in);
|
||||
return bufferedImage;
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public static byte[] bufferedImage2Byte(BufferedImage bufferedImage ){
|
||||
try {
|
||||
ByteArrayOutputStream byteArrayOutputStream=new ByteArrayOutputStream();
|
||||
ImageIO.write(bufferedImage,"gif",byteArrayOutputStream);
|
||||
return byteArrayOutputStream.toByteArray();
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public Producer getCaptchaProducer() {
|
||||
return captchaProducer;
|
||||
}
|
||||
|
||||
public void setCaptchaProducer(Producer captchaProducer) {
|
||||
this.captchaProducer = captchaProducer;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@@ -36,9 +36,10 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
|
||||
*/
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
|
||||
_logger.debug("PermissionAdapter preHandle");
|
||||
_logger.trace("PermissionAdapter preHandle");
|
||||
//判断用户是否登录
|
||||
if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色,判断用户是否登录用户
|
||||
_logger.trace("No Authentication ... forward to /login");
|
||||
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
|
||||
dispatcher.forward(request, response);
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user