bug修复+代码调整+日志优化
This commit is contained in:
MaxKey
@@ -56,7 +56,7 @@ public class AuthorizeBaseEndpoint {
|
||||
protected Apps getApp(String id){
|
||||
Apps app=(Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
|
||||
if(StringUtils.isBlank(id)) {
|
||||
_logger.error("parameter for app id " + id + " is null.");
|
||||
_logger.error("parameter for app id {} is null.",id);
|
||||
}else {
|
||||
//session中为空或者id不一致重新加载
|
||||
if(app == null || !app.getId().equalsIgnoreCase(id)) {
|
||||
@@ -65,7 +65,7 @@ public class AuthorizeBaseEndpoint {
|
||||
WebContext.setAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP, app);
|
||||
}
|
||||
if(app == null){
|
||||
_logger.error("Applications id " + id + " is not exist.");
|
||||
_logger.error("Applications id {} is not exist.",id);
|
||||
}
|
||||
return app;
|
||||
}
|
||||
|
||||
@@ -28,13 +28,7 @@ import org.dromara.maxkey.entity.Accounts;
|
||||
import org.dromara.maxkey.entity.Message;
|
||||
import org.dromara.maxkey.entity.apps.Apps;
|
||||
import org.dromara.maxkey.entity.idm.UserInfo;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
/**
|
||||
* @author Crystal.Sea
|
||||
@@ -44,7 +38,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
@RequestMapping(value = { "/authz/credential" })
|
||||
public class AuthorizeCredentialEndpoint extends AuthorizeBaseEndpoint{
|
||||
|
||||
@RequestMapping("/get/{appId}")
|
||||
@GetMapping("/get/{appId}")
|
||||
public Message<Accounts> get(
|
||||
@PathVariable("appId") String appId,
|
||||
@CurrentUser UserInfo currentUser){
|
||||
@@ -64,30 +58,30 @@ public class AuthorizeCredentialEndpoint extends AuthorizeBaseEndpoint{
|
||||
account.setCreateType("manual");
|
||||
account.setStatus(ConstsStatus.ACTIVE);
|
||||
}
|
||||
return new Message<Accounts>(account);
|
||||
return new Message<>(account);
|
||||
}
|
||||
|
||||
@RequestMapping("/update")
|
||||
@PutMapping("/update")
|
||||
public Message<Accounts> update(
|
||||
@RequestBody Accounts account,
|
||||
@CurrentUser UserInfo currentUser){
|
||||
if(StringUtils.isNotEmpty(account.getRelatedPassword())
|
||||
if(StringUtils.isNotEmpty(account.getRelatedUsername())
|
||||
&&StringUtils.isNotEmpty(account.getRelatedPassword())){
|
||||
account.setInstId(currentUser.getInstId());
|
||||
account.setRelatedPassword(
|
||||
PasswordReciprocal.getInstance().encode(account.getRelatedPassword()));
|
||||
if(accountsService.get(account.getId()) == null) {
|
||||
if(accountsService.insert(account)){
|
||||
return new Message<Accounts>();
|
||||
return new Message<>();
|
||||
}
|
||||
}else {
|
||||
if(accountsService.update(account)){
|
||||
return new Message<Accounts>();
|
||||
return new Message<>();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return new Message<Accounts>(Message.FAIL);
|
||||
return new Message<>(Message.FAIL);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -30,8 +30,8 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
@@ -52,13 +52,11 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
|
||||
//all single sign on url
|
||||
@Operation(summary = "认证总地址接口", description = "参数应用ID,分发到不同应用的认证地址",method="GET")
|
||||
@RequestMapping("/authz/{id}")
|
||||
public ModelAndView authorize(
|
||||
HttpServletRequest request,
|
||||
@PathVariable("id") String id){
|
||||
ModelAndView modelAndView=null;
|
||||
Apps app=getApp(id);
|
||||
@GetMapping("/authz/{id}")
|
||||
public ModelAndView authorize(HttpServletRequest request,@PathVariable("id") String id){
|
||||
Apps app = getApp(id);
|
||||
WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, app.getId());
|
||||
ModelAndView modelAndView = WebContext.redirect(app.getLoginUrl());
|
||||
|
||||
if(app.getProtocol().equalsIgnoreCase(ConstsProtocols.EXTEND_API)){
|
||||
modelAndView=WebContext.forward("/authz/api/"+app.getId());
|
||||
@@ -81,13 +79,13 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.BASIC)){
|
||||
modelAndView=WebContext.redirect(app.getLoginUrl());
|
||||
}
|
||||
|
||||
_logger.debug(modelAndView.getViewName());
|
||||
|
||||
_logger.debug("redirect to view {}",modelAndView.getViewName());
|
||||
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
@RequestMapping("/authz/refused")
|
||||
@GetMapping("/authz/refused")
|
||||
public ModelAndView refused(){
|
||||
ModelAndView modelAndView = new ModelAndView("authorize/authorize_refused");
|
||||
Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
|
||||
|
||||
@@ -26,8 +26,8 @@ import org.dromara.maxkey.entity.idm.UserInfo;
|
||||
import org.dromara.maxkey.web.WebConstants;
|
||||
import org.dromara.maxkey.web.WebContext;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
@@ -39,27 +39,27 @@ import jakarta.servlet.http.HttpServletRequest;
|
||||
@Controller
|
||||
public class AuthorizeProtectedEndpoint{
|
||||
|
||||
@RequestMapping("/authz/protected/forward")
|
||||
@GetMapping("/authz/protected/forward")
|
||||
public ModelAndView forwardProtectedForward(
|
||||
HttpServletRequest request ){
|
||||
String redirect_uri=request.getAttribute("redirect_uri").toString();
|
||||
String redirectUri=request.getAttribute("redirect_uri").toString();
|
||||
ModelAndView modelAndView=new ModelAndView("authorize/protected/forward");
|
||||
modelAndView.addObject("redirect_uri", redirect_uri);
|
||||
modelAndView.addObject("redirect_uri", redirectUri);
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
@RequestMapping("/authz/protected")
|
||||
@GetMapping("/authz/protected")
|
||||
public ModelAndView authorizeProtected(
|
||||
@RequestParam("password") String password,
|
||||
@RequestParam("redirect_uri") String redirect_uri,
|
||||
@RequestParam("redirect_uri") String redirectUri,
|
||||
@CurrentUser UserInfo currentUser){
|
||||
if( currentUser.getAppLoginPassword().equals(PasswordReciprocal.getInstance().encode(password))){
|
||||
WebContext.setAttribute(WebConstants.CURRENT_SINGLESIGNON_URI, redirect_uri);
|
||||
return WebContext.redirect(redirect_uri);
|
||||
WebContext.setAttribute(WebConstants.CURRENT_SINGLESIGNON_URI, redirectUri);
|
||||
return WebContext.redirect(redirectUri);
|
||||
}
|
||||
|
||||
ModelAndView modelAndView=new ModelAndView("authorize/protected/forward");
|
||||
modelAndView.addObject("redirect_uri", redirect_uri);
|
||||
modelAndView.addObject("redirect_uri", redirectUri);
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
|
||||
@@ -57,8 +57,8 @@ public abstract class AbstractAuthorizeAdapter {
|
||||
KeyStoreLoader keyStoreLoader = WebContext.getBean("keyStoreLoader",KeyStoreLoader.class);
|
||||
try {
|
||||
byte[] signData= CertSigner.sign(data.toString().getBytes(), keyStoreLoader.getKeyStore(), keyStoreLoader.getEntityName(), keyStoreLoader.getKeystorePassword());
|
||||
_logger.debug("signed Token : "+data);
|
||||
_logger.debug("signature : "+signData.toString());
|
||||
_logger.debug("signed Token : {}",data);
|
||||
_logger.debug("signature : {}",signData.toString());
|
||||
|
||||
return Base64Utils.base64UrlEncode(data.toString().getBytes("UTF-8"))+"."+Base64Utils.base64UrlEncode(signData);
|
||||
} catch (UnsupportedEncodingException e) {
|
||||
@@ -79,8 +79,8 @@ public abstract class AbstractAuthorizeAdapter {
|
||||
public Object encrypt(Object data,String algorithmKey,String algorithm){
|
||||
|
||||
algorithmKey = PasswordReciprocal.getInstance().decoder(algorithmKey);
|
||||
_logger.debug("algorithm : "+algorithm);
|
||||
_logger.debug("algorithmKey : "+algorithmKey);
|
||||
_logger.debug("algorithm : {}",algorithm);
|
||||
_logger.debug("algorithmKey : {}",algorithmKey);
|
||||
//Chinese , encode data to HEX
|
||||
try {
|
||||
data = new String(Hex.encodeHex(data.toString().getBytes("UTF-8")));
|
||||
@@ -89,7 +89,7 @@ public abstract class AbstractAuthorizeAdapter {
|
||||
}
|
||||
byte[] encodeData = ReciprocalUtils.encode(data.toString(), algorithmKey, algorithm);
|
||||
String tokenString = Base64Utils.base64UrlEncode(encodeData);
|
||||
_logger.trace("Reciprocal then HEX Token : "+tokenString);
|
||||
_logger.trace("Reciprocal then HEX Token : {}",tokenString);
|
||||
|
||||
return tokenString;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user