header authorization

2021-03-23 19:11:54 +08:00
parent d5d47f127b
commit c1c9bb5e87
12 changed files with 122 additions and 76 deletions
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
@@ -17,6 +17,7 @@
 package org.maxkey.authz.oauth2.provider.endpoint;

 import java.io.IOException;
+import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -39,6 +40,8 @@ import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
 import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
 import org.maxkey.authz.oauth2.provider.OAuth2Request;
 import org.maxkey.authz.oauth2.provider.OAuth2RequestFactory;
+import org.maxkey.util.AuthorizationHeaderCredential;
+import org.maxkey.util.AuthorizationHeaderUtils;
 import org.maxkey.web.WebContext;
 import org.springframework.security.authentication.AuthenticationDetailsSource;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -213,13 +216,30 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 	
 	public Authentication ClientCredentials(HttpServletRequest request, HttpServletResponse response)
 				throws AuthenticationException, IOException, ServletException {
-
 			if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) {
 				throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
 			}

 			String clientId = request.getParameter("client_id");
 			String clientSecret = request.getParameter("client_secret");
+			if(clientId == null) {
+				if(logger.isTraceEnabled()) {
+					logger.trace("getRequestURL : "+request.getRequestURL());
+			        Enumeration<String> headerNames = request.getHeaderNames();
+			        while (headerNames.hasMoreElements()) {
+			          String key = (String) headerNames.nextElement();
+			          String value = request.getHeader(key);
+			          logger.trace("Header key "+key +" , value " + value);
+			        }
+				}
+				//for header authorization basic
+				String authorization_bearer =request.getHeader("authorization");
+				AuthorizationHeaderCredential ahc=AuthorizationHeaderUtils.resolve(authorization_bearer);
+				clientId =ahc.getUsername();
+				clientSecret=ahc.getCredential();
+			}
+			
+			 logger.trace("clientId "+clientId +" , clientSecret " + clientSecret);

 			// If the request is already authenticated we can assume that this
 			// filter is not needed
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java
@@ -34,6 +34,8 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		HashMap<String, Object> beanMap = new HashMap<String, Object>();
 		beanMap.put("randomId",(new StringGenerator()).uuidGenerate());
 		beanMap.put("uid", userInfo.getId());
+		//for spring security oauth2
+		beanMap.put("user", userInfo.getUsername());
 		beanMap.put("username", userInfo.getUsername());
 		beanMap.put("employeeNumber", userInfo.getEmployeeNumber());
 		beanMap.put("email", userInfo.getEmail());
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
@@ -49,6 +49,7 @@ import org.maxkey.util.AuthorizationHeaderUtils;
 import org.maxkey.util.Instance;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
+import org.maxkey.web.HttpResponseAdapter;
 import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -106,39 +107,42 @@ public class UserInfoEndpoint {
 	private JwtEncryptionAndDecryptionService jwtEnDecryptionService; 
 	
 	
+	
 	private SymmetricSigningAndValidationServiceBuilder symmetricJwtSignerServiceBuilder
 					=new SymmetricSigningAndValidationServiceBuilder();

 	private RecipientJwtEncryptionAndDecryptionServiceBuilder recipientJwtEnDecryptionServiceBuilder
 					=new RecipientJwtEncryptionAndDecryptionServiceBuilder();

-	
 	OAuthDefaultUserInfoAdapter defaultOAuthUserInfoAdapter=new OAuthDefaultUserInfoAdapter();
 	
+    @Autowired
+    protected HttpResponseAdapter httpResponseAdapter;
+	
 	@ApiOperation(value = "OAuth 2.0 用户信息接口", notes = "传递参数access_token",httpMethod="GET")
 	@RequestMapping(value="/oauth/v20/me") 
-	@ResponseBody
-	public String apiV20UserInfo(
+	public void apiV20UserInfo(
 			@RequestParam(value = "access_token", required = false) String access_token,
 			@RequestHeader(value = "authorization", required = false) String authorization_bearer,
            HttpServletRequest request, 
-            HttpServletResponse response) {
-	        response.setContentType(ContentType.APPLICATION_JSON_UTF8);
+            HttpServletResponse response) {	        
 	        if(access_token == null && authorization_bearer!= null) {
+	        	if(_logger.isTraceEnabled()) {
+		        	_logger.trace("getRequestURL : "+request.getRequestURL());
+			        Enumeration<String> headerNames = request.getHeaderNames();
+			        while (headerNames.hasMoreElements()) {
+			          String key = (String) headerNames.nextElement();
+			          String value = request.getHeader(key);
+			          _logger.trace("Header key "+key +" , value " + value);
+			        }
+		        }
+	        	//for header authorization bearer
 	        	access_token = AuthorizationHeaderUtils.resolveBearer(authorization_bearer);
 	        }
-	        if(_logger.isTraceEnabled()) {
-	        	_logger.trace("getRequestURL : "+request.getRequestURL());
-		        Enumeration<String> headerNames = request.getHeaderNames();
-		        while (headerNames.hasMoreElements()) {
-		          String key = (String) headerNames.nextElement();
-		          String value = request.getHeader(key);
-		          _logger.trace("Header key "+key +" , value " + value);
-		        }
-	        }
+	        
 			String principal="";
 			if (!StringGenerator.uuidMatches(access_token)) {
-				return JsonUtils.gson2Json(accessTokenFormatError(access_token));
+				httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json"); 
 			}
 			OAuth2Authentication oAuth2Authentication =null;
 			try{
@@ -160,12 +164,12 @@ public class UserInfoEndpoint {
 				String jsonData=adapter.generateInfo(
 				        (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal(),
 				        userInfo, app);
-				return jsonData;
+				httpResponseAdapter.write(response,jsonData,"json"); 
 			}catch(OAuth2Exception e){
 				HashMap<String,Object>authzException=new HashMap<String,Object>();
 				authzException.put(OAuth2Exception.ERROR, e.getOAuth2ErrorCode());
 				authzException.put(OAuth2Exception.DESCRIPTION,e.getMessage());
-				return JsonUtils.gson2Json(authzException);
+				httpResponseAdapter.write(response,JsonUtils.gson2Json(authzException),"json"); 
 			}
 	}