LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

captcha invalid

Browse Source 
验证码登录无效
This commit is contained in:
shimingxy
2020-04-09 23:56:40 +08:00
parent e43b80cc0d
commit 8a6821d600
5 changed files with 36 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -81,7 +81,7 @@
| --------| :----- | :---- | :----: | | --------| :----- | :---- | :----: |
| v 1.3.0 GA | 2020/04/04 | <a href="https://pan.baidu.com/s/1o7vfBeq21Az_0s0tJvObOw" target="_blank">链接下载</a> | **20bj** | | v 1.3.0 GA | 2020/04/04 | <a href="https://pan.baidu.com/s/1o7vfBeq21Az_0s0tJvObOw" target="_blank">链接下载</a> | **20bj** |
| v 1.2.1 GA | 2020/02/29 | <a href="https://pan.baidu.com/s/1FDkJ4DOMQq8tPAXrIfDeKA" target="_blank">链接下载</a> | **yutq** | | v 1.2.1 GA | 2020/02/29 | <a href="https://pan.baidu.com/s/1FDkJ4DOMQq8tPAXrIfDeKA" target="_blank">链接下载</a> | **yutq** |
| v 1.2.0 GA | 2020/01/18 | <a href="https://pan.baidu.com/s/1NDeB_g_-6Qbn_bHkTGnFGA" target="_blank">链接下载</a> | **6bda** | | v 1.2.0 GA | 2020/01/18 | <a href="https://pan.baidu.com/s/1NDeB_g_-6Qbn_bHkTGnFGA" target="_blank">链接下载</a> | **6bda** |
| v 1.0 GA | 2019/12/06 | <a href="https://pan.baidu.com/s/15j7RSUQybCVlHx8uyFk2rQ" target="_blank">链接下载</a> | **g17z** | | v 1.0 GA | 2019/12/06 | <a href="https://pan.baidu.com/s/15j7RSUQybCVlHx8uyFk2rQ" target="_blank">链接下载</a> | **g17z** |
------------ ------------

2
docs/authn/social.md
View File

@@ -19,7 +19,7 @@
<h3>认证配置</h3> <h3>认证配置</h3>
文件 文件
maxkey/config/applicationLogin.properties maxkey/config/applicationConfig.properties
<pre><code class="ini hljs"> <pre><code class="ini hljs">
#enable social sign on #enable social sign on

69
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@@ -13,7 +13,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@@ -70,12 +69,10 @@ public abstract class AbstractAuthenticationProvider {
_logger.error("Failed to authenticate user {} via {}: {}", _logger.error("Failed to authenticate user {} via {}: {}",
new Object[] { new Object[] {
authentication.getPrincipal(), getProviderName(), e.getMessage() }); authentication.getPrincipal(), getProviderName(), e.getMessage() });
throw e;
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
String message = "Unexpected exception in " + getProviderName() + " authentication:"; String message = "Unexpected exception in " + getProviderName() + " authentication:";
_logger.error(message, e); _logger.error("Login error " + message, e);
throw new AuthenticationServiceException(message, e);
} }
if (!authentication.isAuthenticated()) { if (!authentication.isAuthenticated()) {
return authentication; return authentication;
@@ -143,11 +140,16 @@ public abstract class AbstractAuthenticationProvider {
} }
protected void authTypeValid(String authType) { protected void authTypeValid(String authType) {
if (authType == null) { final String message = WebContext.getI18nValue("login.error.authtype");
String message = WebContext.getI18nValue("login.error.authtype"); _logger.debug("Login AuthN Type " + authType);
_logger.debug("login AuthN type can not been null ."); if (authType != null && (
throw new BadCredentialsException(message); authType.equalsIgnoreCase("basic")
|| authType.equalsIgnoreCase("tfa"))
) {
return;
} }
_logger.debug("Login AuthN type must eq basic or tfa .");
throw new BadCredentialsException(message);
} }
/** /**
@@ -157,19 +159,17 @@ public abstract class AbstractAuthenticationProvider {
* @param captcha String * @param captcha String
*/ */
protected void captchaValid(String captcha, String authType) { protected void captchaValid(String captcha, String authType) {
if (applicationConfig.getLoginConfig().isCaptcha()) { // for basic
// for basic if (applicationConfig.getLoginConfig().isCaptcha() && authType.equalsIgnoreCase("basic")) {
if (authType.equalsIgnoreCase("common")) { _logger.info("captcha : "
_logger.info("captcha : " + WebContext.getSession().getAttribute(
+ WebContext.getSession().getAttribute( WebConstants.KAPTCHA_SESSION_KEY).toString());
WebConstants.KAPTCHA_SESSION_KEY).toString()); if (captcha == null || !captcha
if (captcha == null || !captcha .equals(WebContext.getSession().getAttribute(
.equals(WebContext.getSession().getAttribute( WebConstants.KAPTCHA_SESSION_KEY).toString())) {
WebConstants.KAPTCHA_SESSION_KEY).toString())) { String message = WebContext.getI18nValue("login.error.captcha");
String message = WebContext.getI18nValue("login.error.captcha"); _logger.debug("login captcha valid error.");
_logger.debug("login captcha valid error."); throw new BadCredentialsException(message);
throw new BadCredentialsException(message);
}
} }
} }
} }
@@ -183,22 +183,19 @@ public abstract class AbstractAuthenticationProvider {
*/ */
protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) { protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) {
// for one time password 2 factor // for one time password 2 factor
if (applicationConfig.getLoginConfig().isOneTimePwd()) { if (applicationConfig.getLoginConfig().isOneTimePwd() && authType.equalsIgnoreCase("tfa")) {
if (authType.equalsIgnoreCase("tfa")) { UserInfo validUserInfo = new UserInfo();
UserInfo validUserInfo = new UserInfo(); validUserInfo.setUsername(userInfo.getUsername());
validUserInfo.setUsername(userInfo.getUsername()); String sharedSecret =
String sharedSecret = PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret());
PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret()); validUserInfo.setSharedSecret(sharedSecret);
validUserInfo.setSharedSecret(sharedSecret); validUserInfo.setSharedCounter(userInfo.getSharedCounter());
validUserInfo.setSharedCounter(userInfo.getSharedCounter()); validUserInfo.setId(userInfo.getId());
validUserInfo.setId(userInfo.getId()); if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) { String message = WebContext.getI18nValue("login.error.captcha");
String message = WebContext.getI18nValue("login.error.captcha"); _logger.debug("login captcha valid error.");
_logger.debug("login captcha valid error."); throw new BadCredentialsException(message);
throw new BadCredentialsException(message);
}
} }
} }
} }

4
maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
View File

@@ -6,9 +6,7 @@ import java.sql.Types;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Date; import java.util.Date;
import java.util.List; import java.util.List;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.joda.time.DateTime; import org.joda.time.DateTime;
import org.joda.time.Duration; import org.joda.time.Duration;
import org.joda.time.format.DateTimeFormat; import org.joda.time.format.DateTimeFormat;
@@ -125,7 +123,7 @@ public abstract class AbstractAuthenticationRealm {
if (getPasswordPolicy().getExpiration() > 0) { if (getPasswordPolicy().getExpiration() > 0) {
String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19); String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
_logger.info("last password set date <EFBFBD>" + passwordLastSetTimeString); _logger.info("last password set date " + passwordLastSetTimeString);
DateTime currentdateTime = new DateTime(); DateTime currentdateTime = new DateTime();
DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString, DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,

5
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
View File

@@ -7,17 +7,12 @@ import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication; import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.RealmAuthenticationProvider; import org.maxkey.authn.RealmAuthenticationProvider;
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
import org.maxkey.authn.support.jwt.JwtLoginService;
import org.maxkey.authn.support.kerberos.KerberosService; import org.maxkey.authn.support.kerberos.KerberosService;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService; import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService; import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
import org.maxkey.authn.support.wsfederation.WsFederationConstants; import org.maxkey.authn.support.wsfederation.WsFederationConstants;
import org.maxkey.authn.support.wsfederation.WsFederationService;
import org.maxkey.config.ApplicationConfig; import org.maxkey.config.ApplicationConfig;
import org.maxkey.dao.service.UserInfoService; import org.maxkey.dao.service.UserInfoService;
import org.maxkey.domain.Registration;
import org.maxkey.domain.UserInfo; import org.maxkey.domain.UserInfo;
import org.maxkey.util.StringUtils; import org.maxkey.util.StringUtils;
import org.maxkey.web.WebConstants; import org.maxkey.web.WebConstants;