mirror of
https://gitee.com/dromara/MaxKey.git
synced 2026-05-14 12:32:09 +08:00
jwt
This commit is contained in:
MaxKey
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
|
||||
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -14,103 +14,68 @@
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
|
||||
package org.maxkey.authn.support.jwt;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.AbstractAuthenticationProvider;
|
||||
import org.maxkey.authn.LoginCredential;
|
||||
import org.maxkey.authn.web.AuthorizationUtils;
|
||||
import org.maxkey.authn.jwt.AuthJwt;
|
||||
import org.maxkey.authn.jwt.AuthTokenService;
|
||||
import org.maxkey.configuration.ApplicationConfig;
|
||||
import org.maxkey.constants.ConstsLoginType;
|
||||
import org.maxkey.entity.Message;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.AsyncHandlerInterceptor;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import com.nimbusds.jwt.SignedJWT;
|
||||
|
||||
|
||||
public class HttpJwtEntryPoint implements AsyncHandlerInterceptor {
|
||||
@Controller
|
||||
@RequestMapping(value = "/login")
|
||||
public class HttpJwtEntryPoint {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(HttpJwtEntryPoint.class);
|
||||
|
||||
boolean enable;
|
||||
|
||||
@Autowired
|
||||
ApplicationConfig applicationConfig;
|
||||
|
||||
@Autowired
|
||||
AbstractAuthenticationProvider authenticationProvider ;
|
||||
|
||||
|
||||
@Autowired
|
||||
AuthTokenService authTokenService;
|
||||
|
||||
@Autowired
|
||||
JwtLoginService jwtLoginService;
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
|
||||
boolean isAuthenticated= AuthorizationUtils.isAuthenticated();
|
||||
String jwt = request.getParameter(WebConstants.JWT_TOKEN_PARAMETER);
|
||||
|
||||
if(!enable
|
||||
|| isAuthenticated
|
||||
|| jwt == null){
|
||||
return true;
|
||||
}
|
||||
|
||||
_logger.debug("JWT Login Start ...");
|
||||
_logger.trace("Request url : "+ request.getRequestURL());
|
||||
_logger.trace("Request URI : "+ request.getRequestURI());
|
||||
_logger.trace("Request ContextPath : "+ request.getContextPath());
|
||||
_logger.trace("Request ServletPath : "+ request.getServletPath());
|
||||
_logger.trace("RequestSessionId : "+ request.getRequestedSessionId());
|
||||
_logger.trace("isRequestedSessionIdValid : "+ request.isRequestedSessionIdValid());
|
||||
_logger.trace("getSession : "+ request.getSession(false));
|
||||
|
||||
// session not exists,session timeout,recreate new session
|
||||
if(request.getSession(false) == null) {
|
||||
_logger.trace("recreate new session .");
|
||||
request.getSession(true);
|
||||
}
|
||||
|
||||
_logger.trace("getSession.getId : "+ request.getSession().getId());
|
||||
|
||||
//for jwt Login
|
||||
_logger.debug("jwt : " + jwt);
|
||||
|
||||
SignedJWT signedJWT = jwtLoginService.jwtTokenValidation(jwt);
|
||||
if(signedJWT != null) {
|
||||
String username =signedJWT.getJWTClaimsSet().getSubject();
|
||||
LoginCredential loginCredential =new LoginCredential(username,"",ConstsLoginType.JWT);
|
||||
authenticationProvider.authenticate(loginCredential,true);
|
||||
_logger.debug("JWT Logined in , username " + username);
|
||||
}
|
||||
@RequestMapping(value={"/jwt"}, produces = {MediaType.APPLICATION_JSON_VALUE})
|
||||
public ResponseEntity<?> jwt(@RequestParam(value = WebConstants.JWT_TOKEN_PARAMETER, required = false) String jwt) {
|
||||
try {
|
||||
//for jwt Login
|
||||
_logger.debug("jwt : " + jwt);
|
||||
|
||||
SignedJWT signedJWT = jwtLoginService.jwtTokenValidation(jwt);
|
||||
|
||||
if(signedJWT != null) {
|
||||
String username =signedJWT.getJWTClaimsSet().getSubject();
|
||||
LoginCredential loginCredential =new LoginCredential(username,"",ConstsLoginType.JWT);
|
||||
Authentication authentication = authenticationProvider.authenticate(loginCredential,true);
|
||||
_logger.debug("JWT Logined in , username " + username);
|
||||
AuthJwt authJwt = authTokenService.genAuthJwt(authentication);
|
||||
return new Message<AuthJwt>(authJwt).buildResponse();
|
||||
}
|
||||
}catch(Exception e) {
|
||||
_logger.error("Exception ",e);
|
||||
}
|
||||
|
||||
return true;
|
||||
return new Message<AuthJwt>(Message.FAIL).buildResponse();
|
||||
}
|
||||
|
||||
public HttpJwtEntryPoint() {
|
||||
super();
|
||||
}
|
||||
|
||||
public HttpJwtEntryPoint (boolean enable) {
|
||||
super();
|
||||
this.enable = enable;
|
||||
}
|
||||
|
||||
public HttpJwtEntryPoint(AbstractAuthenticationProvider authenticationProvider, JwtLoginService jwtLoginService,
|
||||
ApplicationConfig applicationConfig, boolean enable) {
|
||||
super();
|
||||
this.authenticationProvider = authenticationProvider;
|
||||
this.jwtLoginService = jwtLoginService;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.enable = enable;
|
||||
}
|
||||
|
||||
public boolean isEnable() {
|
||||
return enable;
|
||||
}
|
||||
|
||||
public void setEnable(boolean enable) {
|
||||
this.enable = enable;
|
||||
}
|
||||
|
||||
public void setApplicationConfig(ApplicationConfig applicationConfig) {
|
||||
this.applicationConfig = applicationConfig;
|
||||
|
||||
Reference in New Issue
Block a user