Maxkey v1.0 GA
Maxkey v1.0 GA
This commit is contained in:
shimingxy
@@ -6,6 +6,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
|
||||
@@ -89,8 +90,10 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
|
||||
}
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getJ_username();
|
||||
_logger.debug("principal "+principal);
|
||||
return new Service10ResponseBuilder().success()
|
||||
.setUser(storedTicket.getAuthentication().getPrincipal().toString())
|
||||
.setUser(principal)
|
||||
.serviceResponseBuilder();
|
||||
}else{
|
||||
return new Service10ResponseBuilder().failure()
|
||||
|
||||
@@ -6,6 +6,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
@@ -189,14 +190,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=storedTicket.getAuthentication().getPrincipal().toString();
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getJ_username();
|
||||
_logger.debug("principal "+principal);
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(BOOLEAN.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo queryUserInfo=new UserInfo();
|
||||
queryUserInfo.setUsername(principal);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.load(queryUserInfo);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
|
||||
@@ -6,6 +6,7 @@ package org.maxkey.authz.cas.endpoint;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
|
||||
import org.maxkey.authz.cas.endpoint.ticket.Ticket;
|
||||
@@ -70,14 +71,12 @@ public class Cas30AuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=storedTicket.getAuthentication().getPrincipal().toString();
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getJ_username();
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(BOOLEAN.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo queryUserInfo=new UserInfo();
|
||||
queryUserInfo.setUsername(principal);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.load(queryUserInfo);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
@@ -112,14 +111,12 @@ public class Cas30AuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=storedTicket.getAuthentication().getPrincipal().toString();
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getJ_username();
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(BOOLEAN.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo queryUserInfo=new UserInfo();
|
||||
queryUserInfo.setUsername(principal);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.load(queryUserInfo);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
|
||||
@@ -69,7 +69,7 @@ public class CasAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
HttpServletResponse response,
|
||||
@PathVariable("id") String id){
|
||||
|
||||
AppsCasDetails casDetails=casDetailsService.get(id);
|
||||
AppsCasDetails casDetails=casDetailsService.getAppDetails(id);
|
||||
|
||||
return buildCasModelAndView(casDetails);
|
||||
}
|
||||
|
||||
@@ -39,7 +39,7 @@ public class DesktopAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
public ModelAndView authorize(
|
||||
HttpServletRequest request,
|
||||
@PathVariable("id") String id){
|
||||
AppsDesktopDetails desktopDetails=desktopDetailsService.get(id);
|
||||
AppsDesktopDetails desktopDetails=desktopDetailsService.getAppDetails(id);
|
||||
_logger.debug(""+desktopDetails);
|
||||
|
||||
Accounts appUser=getAccounts(desktopDetails);
|
||||
|
||||
@@ -40,7 +40,7 @@ public class FormBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
public ModelAndView authorize(
|
||||
HttpServletRequest request,
|
||||
@PathVariable("id") String id){
|
||||
AppsFormBasedDetails formBasedDetails=formBasedDetailsService.get(id);
|
||||
AppsFormBasedDetails formBasedDetails=formBasedDetailsService.getAppDetails(id);
|
||||
_logger.debug(""+formBasedDetails);
|
||||
Apps application= getApp(id);
|
||||
formBasedDetails.setAdapter(application.getAdapter());
|
||||
|
||||
@@ -1,12 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" output="bin/main" path="src/main/java">
|
||||
<attributes>
|
||||
<attribute name="gradle_scope" value="main"/>
|
||||
<attribute name="gradle_used_by_scope" value="main,test"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8/"/>
|
||||
<classpathentry kind="con" path="org.eclipse.buildship.core.gradleclasspathcontainer"/>
|
||||
<classpathentry kind="output" path="bin/default"/>
|
||||
</classpath>
|
||||
@@ -1,29 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<projectDescription>
|
||||
<name>maxkey-protocol-ltpa</name>
|
||||
<comment>maxkey-protocol-ltpa</comment>
|
||||
<projects>
|
||||
</projects>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.common.project.facet.core.builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
||||
@@ -1,10 +0,0 @@
|
||||
build.commands=org.eclipse.jdt.core.javabuilder
|
||||
connection.arguments=
|
||||
connection.gradle.distribution=GRADLE_DISTRIBUTION(WRAPPER)
|
||||
connection.java.home=null
|
||||
connection.jvm.arguments=
|
||||
containers=org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7/
|
||||
derived.resources=.gradle,build
|
||||
eclipse.preferences.version=1
|
||||
natures=org.eclipse.jdt.core.javanature
|
||||
project.path=\:maxkey-protocols\:maxkey-protocol-ltpa
|
||||
@@ -1,2 +0,0 @@
|
||||
eclipse.preferences.version=1
|
||||
encoding/<project>=UTF-8
|
||||
@@ -1,16 +0,0 @@
|
||||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.builder.cleanOutputFolder=clean
|
||||
org.eclipse.jdt.core.builder.duplicateResourceTask=warning
|
||||
org.eclipse.jdt.core.builder.invalidClasspath=abort
|
||||
org.eclipse.jdt.core.builder.recreateModifiedClassFileInOutputFolder=ignore
|
||||
org.eclipse.jdt.core.builder.resourceCopyExclusionFilter=*.launch
|
||||
org.eclipse.jdt.core.circularClasspath=warning
|
||||
org.eclipse.jdt.core.classpath.exclusionPatterns=enabled
|
||||
org.eclipse.jdt.core.classpath.multipleOutputLocations=enabled
|
||||
org.eclipse.jdt.core.classpath.outputOverlappingAnotherSource=error
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
|
||||
org.eclipse.jdt.core.compiler.compliance=1.8
|
||||
org.eclipse.jdt.core.compiler.maxProblemPerUnit=100
|
||||
org.eclipse.jdt.core.compiler.source=1.8
|
||||
org.eclipse.jdt.core.incompatibleJDKLevel=ignore
|
||||
org.eclipse.jdt.core.incompleteClasspath=error
|
||||
@@ -1,2 +0,0 @@
|
||||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.launching.PREF_STRICTLY_COMPATIBLE_JRE_NOT_AVAILABLE=warning
|
||||
@@ -1,5 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
|
||||
<wb-module deploy-name="maxkey-protocol-ltpa">
|
||||
<wb-resource deploy-path="/" source-path="/src/main/java"/>
|
||||
</wb-module>
|
||||
</project-modules>
|
||||
@@ -1,7 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<faceted-project>
|
||||
<fixed facet="java"/>
|
||||
<fixed facet="jst.utility"/>
|
||||
<installed facet="jst.utility" version="1.0"/>
|
||||
<installed facet="java" version="1.8"/>
|
||||
</faceted-project>
|
||||
@@ -1,2 +0,0 @@
|
||||
boot.validation.initialized=true
|
||||
eclipse.preferences.version=1
|
||||
@@ -1,3 +0,0 @@
|
||||
Manifest-Version: 1.0
|
||||
Class-Path:
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
|
||||
description = "maxkey-protocol-ltpa"
|
||||
|
||||
|
||||
dependencies {
|
||||
//local jars
|
||||
compile fileTree(dir: '../maxkey-lib/*/', include: '*.jar')
|
||||
|
||||
compile project(":maxkey-core")
|
||||
compile project(":maxkey-dao")
|
||||
compile project(":maxkey-jose-jwt")
|
||||
compile project(":maxkey-client-sdk")
|
||||
compile project(":maxkey-protocols:maxkey-protocol-authorize")
|
||||
|
||||
|
||||
}
|
||||
@@ -1,3 +0,0 @@
|
||||
Manifest-Version: 1.0
|
||||
Class-Path:
|
||||
|
||||
@@ -1,105 +0,0 @@
|
||||
/**
|
||||
*
|
||||
*/
|
||||
package org.maxkey.authz.ltpa.endpoint;
|
||||
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.authz.ltpa.endpoint.adapter.LtpaDefaultAdapter;
|
||||
import org.maxkey.config.ApplicationConfig;
|
||||
import org.maxkey.constants.BOOLEAN;
|
||||
import org.maxkey.dao.service.AppsTokenBasedDetailsService;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.domain.apps.AppsTokenBasedDetails;
|
||||
import org.maxkey.util.Instance;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
* @author Crystal.Sea
|
||||
*
|
||||
*/
|
||||
@Controller
|
||||
public class LtpaAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
|
||||
final static Logger _logger = LoggerFactory.getLogger(LtpaAuthorizeEndpoint.class);
|
||||
@Autowired
|
||||
AppsTokenBasedDetailsService tokenBasedDetailsService;
|
||||
|
||||
@Autowired
|
||||
ApplicationConfig applicationConfig;
|
||||
|
||||
LtpaDefaultAdapter defaultLtpaAdapter=new LtpaDefaultAdapter();
|
||||
|
||||
@RequestMapping("/authz/ltpa/{id}")
|
||||
public ModelAndView authorize(
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
@PathVariable("id") String id){
|
||||
|
||||
|
||||
AppsTokenBasedDetails ltpaDetails=tokenBasedDetailsService.get(id);
|
||||
_logger.debug(""+ltpaDetails);
|
||||
String cookieValue="";
|
||||
Apps application= getApp(id);
|
||||
ltpaDetails.setAdapter(application.getAdapter());
|
||||
ltpaDetails.setIsAdapter(application.getIsAdapter());
|
||||
|
||||
AbstractAuthorizeAdapter adapter;
|
||||
|
||||
if(BOOLEAN.isTrue(ltpaDetails.getIsAdapter())){
|
||||
adapter =(AbstractAuthorizeAdapter)Instance.newInstance(ltpaDetails.getAdapter());
|
||||
}else{
|
||||
adapter =(AbstractAuthorizeAdapter)defaultLtpaAdapter;
|
||||
}
|
||||
|
||||
String tokenData=adapter.generateInfo(
|
||||
WebContext.getUserInfo(),
|
||||
ltpaDetails);
|
||||
|
||||
String encryptTokenData=adapter.encrypt(
|
||||
tokenData,
|
||||
ltpaDetails.getAlgorithmKey(),
|
||||
ltpaDetails.getAlgorithm());
|
||||
|
||||
String signTokenData=adapter.sign(
|
||||
encryptTokenData,
|
||||
ltpaDetails);
|
||||
|
||||
cookieValue=signTokenData;
|
||||
|
||||
_logger.debug("Cookie Name : "+ltpaDetails.getCookieName());
|
||||
|
||||
Cookie cookie= new Cookie(ltpaDetails.getCookieName(),cookieValue);
|
||||
|
||||
Integer maxAge=Integer.parseInt(ltpaDetails.getExpires())*60;
|
||||
_logger.debug("Cookie Max Age :"+maxAge+" seconds.");
|
||||
cookie.setMaxAge(maxAge);
|
||||
|
||||
cookie.setPath("/");
|
||||
//
|
||||
//cookie.setDomain("."+applicationConfig.getSubDomainName());
|
||||
//tomcat 8.5
|
||||
cookie.setDomain(applicationConfig.getSubDomainName());
|
||||
|
||||
_logger.debug("Sub Domain Name : "+"."+applicationConfig.getSubDomainName());
|
||||
response.addCookie(cookie);
|
||||
|
||||
if(ltpaDetails.getRedirectUri().indexOf(applicationConfig.getSubDomainName())>-1){
|
||||
return WebContext.redirect(ltpaDetails.getRedirectUri());
|
||||
}else{
|
||||
_logger.error(ltpaDetails.getRedirectUri()+" not in domain "+applicationConfig.getSubDomainName());
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,83 +0,0 @@
|
||||
package org.maxkey.authz.ltpa.endpoint.adapter;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.constants.BOOLEAN;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.domain.apps.AppsTokenBasedDetails;
|
||||
import org.maxkey.util.DateUtils;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.util.StringGenerator;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
public class LtpaDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
final static Logger _logger = LoggerFactory.getLogger(LtpaDefaultAdapter.class);
|
||||
@Override
|
||||
public String generateInfo(UserInfo userInfo,Object app) {
|
||||
AppsTokenBasedDetails details=(AppsTokenBasedDetails)app;
|
||||
HashMap<String,String> beanMap=new HashMap<String,String>();
|
||||
|
||||
beanMap.put("randomId",(new StringGenerator()).uuidGenerate());
|
||||
|
||||
if(BOOLEAN.isTrue(details.getUid())){
|
||||
beanMap.put("uid",userInfo.getId());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getUsername())){
|
||||
beanMap.put("username", userInfo.getUsername());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getEmail())){
|
||||
beanMap.put("email", userInfo.getEmail());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getWindowsAccount())){
|
||||
beanMap.put("windowsAccount", userInfo.getWindowsAccount());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getEmployeeNumber())){
|
||||
beanMap.put("employeeNumber", userInfo.getEmployeeNumber());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getDepartmentId())){
|
||||
beanMap.put("departmentId", userInfo.getDepartmentId());
|
||||
}
|
||||
if(BOOLEAN.isTrue(details.getDepartment())){
|
||||
beanMap.put("department", userInfo.getDepartment());
|
||||
}
|
||||
|
||||
beanMap.put("displayName", userInfo.getDisplayName());
|
||||
|
||||
/*
|
||||
* use UTC date time format
|
||||
* current date plus expires minute
|
||||
*/
|
||||
Integer expiresLong=Integer.parseInt(details.getExpires());
|
||||
Date currentDate=new Date();
|
||||
Date expiresDate=DateUtils.addMinutes(currentDate,expiresLong);
|
||||
String expiresString=DateUtils.toUtc(expiresDate);
|
||||
_logger.debug("UTC Local current date : "+DateUtils.toUtcLocal(currentDate));
|
||||
_logger.debug("UTC current Date : "+DateUtils.toUtc(currentDate));
|
||||
_logger.debug("UTC expires Date : "+DateUtils.toUtc(expiresDate));
|
||||
|
||||
beanMap.put("at", DateUtils.toUtc(currentDate));
|
||||
|
||||
beanMap.put("expires", expiresString);
|
||||
|
||||
String jsonString=JsonUtils.object2Json(beanMap);
|
||||
_logger.debug("Token : "+jsonString);
|
||||
|
||||
return jsonString;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encrypt(String data, String algorithmKey, String algorithm) {
|
||||
return super.encrypt(data, algorithmKey, algorithm);
|
||||
}
|
||||
|
||||
@Override
|
||||
public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -5,6 +5,7 @@ import java.util.HashMap;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
|
||||
import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
|
||||
import org.maxkey.authz.oauth2.provider.ClientDetailsService;
|
||||
@@ -51,8 +52,7 @@ public class OAuth20AccessConfirmationController {
|
||||
for(Object key:model.keySet()){
|
||||
modelRequest.put(key.toString(), model.get(key).toString());
|
||||
}
|
||||
Principal principal=(Principal)WebContext.getAuthentication().getPrincipal();
|
||||
|
||||
String principal=((BasicAuthentication)WebContext.getAuthentication().getPrincipal()).getJ_username();
|
||||
//Map<String, Object> model
|
||||
AuthorizationRequest clientAuth = (AuthorizationRequest) WebContext.getAttribute("authorizationRequest");
|
||||
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
|
||||
@@ -63,7 +63,8 @@ public class OAuth20AccessConfirmationController {
|
||||
for (String scope : clientAuth.getScope()) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
|
||||
}
|
||||
for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
|
||||
|
||||
for (Approval approval : approvalStore.getApprovals(principal, client.getClientId())) {
|
||||
if (clientAuth.getScope().contains(approval.getScope())) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
|
||||
approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
|
||||
|
||||
@@ -27,6 +27,7 @@ import javax.servlet.FilterConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.annotation.WebFilter;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -73,6 +74,7 @@ import org.springframework.web.HttpRequestMethodNotSupportedException;
|
||||
* @author Dave Syer
|
||||
*
|
||||
*/
|
||||
@WebFilter(filterName = "TokenEndpointAuthenticationFilter", urlPatterns = "/oauth/v20/token/*")
|
||||
public class TokenEndpointAuthenticationFilter implements Filter {
|
||||
|
||||
private static final Log logger = LogFactory.getLog(TokenEndpointAuthenticationFilter.class);
|
||||
|
||||
@@ -64,8 +64,8 @@ public class UserInfoEndpoint {
|
||||
private UserInfoService userInfoService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("applicationsService")
|
||||
protected AppsService applicationsService;
|
||||
@Qualifier("appsService")
|
||||
protected AppsService appsService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("jwtSignerValidationService")
|
||||
@@ -100,7 +100,7 @@ public class UserInfoEndpoint {
|
||||
|
||||
String client_id= oAuth2Authentication.getOAuth2Request().getClientId();
|
||||
UserInfo userInfo=queryUserInfo(principal);
|
||||
Apps app=applicationsService.get(client_id);
|
||||
Apps app=appsService.get(client_id);
|
||||
|
||||
String userJson="";
|
||||
|
||||
@@ -281,9 +281,7 @@ public class UserInfoEndpoint {
|
||||
|
||||
public UserInfo queryUserInfo(String uid){
|
||||
_logger.debug("uid : "+uid);
|
||||
UserInfo queryUserInfo=new UserInfo();
|
||||
queryUserInfo.setUsername(uid);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.load(queryUserInfo);
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(uid);
|
||||
return userInfo;
|
||||
}
|
||||
|
||||
|
||||
@@ -70,7 +70,7 @@ public class IdpInitEndpoint {
|
||||
HttpServletResponse response,
|
||||
@PathVariable("appid") String appId)throws Exception {
|
||||
logger.debug("SAML IDP init , app id is "+appId);
|
||||
AppsSAML20Details saml20Details = saml20DetailsService.get(appId);
|
||||
AppsSAML20Details saml20Details = saml20DetailsService.getAppDetails(appId);
|
||||
|
||||
if (saml20Details == null) {
|
||||
logger.error("samlId[" + appId + "] Error .");
|
||||
|
||||
@@ -89,7 +89,7 @@ public class SingleSignOnEndpoint {
|
||||
}
|
||||
|
||||
public void extractSaml20Detail(ExtractBindingAdapter extractBindingAdapter,String samlId) throws Exception{
|
||||
AppsSAML20Details saml20Details = saml20DetailsService.get(samlId);
|
||||
AppsSAML20Details saml20Details = saml20DetailsService.getAppDetails(samlId);
|
||||
|
||||
if (saml20Details == null) {
|
||||
logger.error("Request SAML APPID [" + samlId + "] is not exist .");
|
||||
|
||||
1
maxkey-protocols/maxkey-protocol-tokenbased/bin/main/.gitignore
vendored
Normal file
1
maxkey-protocols/maxkey-protocol-tokenbased/bin/main/.gitignore
vendored
Normal file
@@ -0,0 +1 @@
|
||||
/org/
|
||||
@@ -3,6 +3,7 @@
|
||||
*/
|
||||
package org.maxkey.authz.token.endpoint;
|
||||
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -76,13 +77,43 @@ public class TokenBasedAuthorizeEndpoint extends AuthorizeBaseEndpoint{
|
||||
encryptTokenData,
|
||||
tokenBasedDetails);
|
||||
|
||||
modelAndView=adapter.authorize(
|
||||
WebContext.getUserInfo(),
|
||||
tokenBasedDetails,
|
||||
signTokenData,
|
||||
modelAndView);
|
||||
|
||||
return modelAndView;
|
||||
if(tokenBasedDetails.getTokenType().equalsIgnoreCase("POST")) {
|
||||
modelAndView=adapter.authorize(
|
||||
WebContext.getUserInfo(),
|
||||
tokenBasedDetails,
|
||||
signTokenData,
|
||||
modelAndView);
|
||||
|
||||
return modelAndView;
|
||||
}else {
|
||||
|
||||
String cookieValue="";
|
||||
cookieValue=signTokenData;
|
||||
|
||||
_logger.debug("Cookie Name : "+tokenBasedDetails.getCookieName());
|
||||
|
||||
Cookie cookie= new Cookie(tokenBasedDetails.getCookieName(),cookieValue);
|
||||
|
||||
Integer maxAge=Integer.parseInt(tokenBasedDetails.getExpires())*60;
|
||||
_logger.debug("Cookie Max Age :"+maxAge+" seconds.");
|
||||
cookie.setMaxAge(maxAge);
|
||||
|
||||
cookie.setPath("/");
|
||||
//
|
||||
//cookie.setDomain("."+applicationConfig.getSubDomainName());
|
||||
//tomcat 8.5
|
||||
cookie.setDomain(applicationConfig.getSubDomainName());
|
||||
|
||||
_logger.debug("Sub Domain Name : "+"."+applicationConfig.getSubDomainName());
|
||||
response.addCookie(cookie);
|
||||
|
||||
if(tokenBasedDetails.getRedirectUri().indexOf(applicationConfig.getSubDomainName())>-1){
|
||||
return WebContext.redirect(tokenBasedDetails.getRedirectUri());
|
||||
}else{
|
||||
_logger.error(tokenBasedDetails.getRedirectUri()+" not in domain "+applicationConfig.getSubDomainName());
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user