LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

captcha invalid

Browse Source 
验证码登录无效
This commit is contained in:
shimingxy
2020-04-09 23:56:40 +08:00
parent e43b80cc0d
commit 8a6821d600
5 changed files with 36 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -81,7 +81,7 @@
| --------| :----- | :---- | :----: |
| v 1.3.0 GA | 2020/04/04 | <a href="https://pan.baidu.com/s/1o7vfBeq21Az_0s0tJvObOw" target="_blank">链接下载</a> | **20bj** |
| v 1.2.1 GA | 2020/02/29 | <a href="https://pan.baidu.com/s/1FDkJ4DOMQq8tPAXrIfDeKA" target="_blank">链接下载</a> | **yutq** |
| v 1.2.0 GA | 2020/01/18 | <a href="https://pan.baidu.com/s/1NDeB_g_-6Qbn_bHkTGnFGA" target="_blank">链接下载</a> | **6bda** |
| v 1.2.0 GA | 2020/01/18 | <a href="https://pan.baidu.com/s/1NDeB_g_-6Qbn_bHkTGnFGA" target="_blank">链接下载</a> | **6bda** |
| v 1.0 GA | 2019/12/06 | <a href="https://pan.baidu.com/s/15j7RSUQybCVlHx8uyFk2rQ" target="_blank">链接下载</a> | **g17z** |
------------

2
docs/authn/social.md
View File

@@ -19,7 +19,7 @@
<h3>认证配置</h3>
文件
maxkey/config/applicationLogin.properties
maxkey/config/applicationConfig.properties
<pre><code class="ini hljs">
#enable social sign on

69
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
View File

@@ -13,7 +13,6 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
@@ -70,12 +69,10 @@ public abstract class AbstractAuthenticationProvider {
_logger.error("Failed to authenticate user {} via {}: {}",
new Object[] {
authentication.getPrincipal(), getProviderName(), e.getMessage() });
throw e;
} catch (Exception e) {
e.printStackTrace();
String message = "Unexpected exception in " + getProviderName() + " authentication:";
_logger.error(message, e);
throw new AuthenticationServiceException(message, e);
_logger.error("Login error " + message, e);
}
if (!authentication.isAuthenticated()) {
return authentication;
@@ -143,11 +140,16 @@ public abstract class AbstractAuthenticationProvider {
}
protected void authTypeValid(String authType) {
if (authType == null) {
String message = WebContext.getI18nValue("login.error.authtype");
_logger.debug("login AuthN type can not been null .");
throw new BadCredentialsException(message);
final String message = WebContext.getI18nValue("login.error.authtype");
_logger.debug("Login AuthN Type " + authType);
if (authType != null && (
authType.equalsIgnoreCase("basic")
|| authType.equalsIgnoreCase("tfa"))
) {
return;
}
_logger.debug("Login AuthN type must eq basic or tfa .");
throw new BadCredentialsException(message);
}
/**
@@ -157,19 +159,17 @@ public abstract class AbstractAuthenticationProvider {
* @param captcha String
*/
protected void captchaValid(String captcha, String authType) {
if (applicationConfig.getLoginConfig().isCaptcha()) {
// for basic
if (authType.equalsIgnoreCase("common")) {
_logger.info("captcha : "
+ WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString());
if (captcha == null || !captcha
.equals(WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString())) {
String message = WebContext.getI18nValue("login.error.captcha");
_logger.debug("login captcha valid error.");
throw new BadCredentialsException(message);
}
// for basic
if (applicationConfig.getLoginConfig().isCaptcha() && authType.equalsIgnoreCase("basic")) {
_logger.info("captcha : "
+ WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString());
if (captcha == null || !captcha
.equals(WebContext.getSession().getAttribute(
WebConstants.KAPTCHA_SESSION_KEY).toString())) {
String message = WebContext.getI18nValue("login.error.captcha");
_logger.debug("login captcha valid error.");
throw new BadCredentialsException(message);
}
}
}
@@ -183,22 +183,19 @@ public abstract class AbstractAuthenticationProvider {
*/
protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) {
// for one time password 2 factor
if (applicationConfig.getLoginConfig().isOneTimePwd()) {
if (authType.equalsIgnoreCase("tfa")) {
UserInfo validUserInfo = new UserInfo();
validUserInfo.setUsername(userInfo.getUsername());
String sharedSecret =
PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret());
validUserInfo.setSharedSecret(sharedSecret);
validUserInfo.setSharedCounter(userInfo.getSharedCounter());
validUserInfo.setId(userInfo.getId());
if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
String message = WebContext.getI18nValue("login.error.captcha");
_logger.debug("login captcha valid error.");
throw new BadCredentialsException(message);
}
if (applicationConfig.getLoginConfig().isOneTimePwd() && authType.equalsIgnoreCase("tfa")) {
UserInfo validUserInfo = new UserInfo();
validUserInfo.setUsername(userInfo.getUsername());
String sharedSecret =
PasswordReciprocal.getInstance().decoder(userInfo.getSharedSecret());
validUserInfo.setSharedSecret(sharedSecret);
validUserInfo.setSharedCounter(userInfo.getSharedCounter());
validUserInfo.setId(userInfo.getId());
if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
String message = WebContext.getI18nValue("login.error.captcha");
_logger.debug("login captcha valid error.");
throw new BadCredentialsException(message);
}
}
}

4
maxkey-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
View File

@@ -6,9 +6,7 @@ import java.sql.Types;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import org.joda.time.DateTime;
import org.joda.time.Duration;
import org.joda.time.format.DateTimeFormat;
@@ -125,7 +123,7 @@ public abstract class AbstractAuthenticationRealm {
if (getPasswordPolicy().getExpiration() > 0) {
String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
_logger.info("last password set date <EFBFBD>" + passwordLastSetTimeString);
_logger.info("last password set date " + passwordLastSetTimeString);
DateTime currentdateTime = new DateTime();
DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,

5
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
View File

@@ -7,17 +7,12 @@ import javax.servlet.http.HttpServletResponse;
import org.maxkey.authn.BasicAuthentication;
import org.maxkey.authn.RealmAuthenticationProvider;
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
import org.maxkey.authn.support.jwt.JwtLoginService;
import org.maxkey.authn.support.kerberos.KerberosService;
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
import org.maxkey.authn.support.wsfederation.WsFederationConstants;
import org.maxkey.authn.support.wsfederation.WsFederationService;
import org.maxkey.config.ApplicationConfig;
import org.maxkey.dao.service.UserInfoService;
import org.maxkey.domain.Registration;
import org.maxkey.domain.UserInfo;
import org.maxkey.util.StringUtils;
import org.maxkey.web.WebConstants;