TimeBasedOtpAuthn

2026-05-14 20:50:14 +08:00 · 2021-03-25 15:55:39 +08:00
parent d4007dff38
commit 5d5ac8dab1
4 changed files with 76 additions and 6 deletions
--- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java
@@ -43,6 +43,7 @@ import org.springframework.context.annotation.ComponentScan;
    "org.maxkey.web.contorller",
    "org.maxkey.web.apps.contorller",
    "org.maxkey.web.endpoint",
+    "org.maxkey.web.api.endpoint",
    "org.maxkey.authn",
    "org.maxkey.persistence",
    "org.maxkey.web",
--- a/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java
@@ -26,6 +26,7 @@ import org.maxkey.authz.oauth2.provider.token.store.JdbcTokenStore;
 import org.maxkey.authz.oauth2.provider.token.store.RedisTokenStore;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.jobs.DynamicGroupsJob;
+import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.maxkey.password.onetimepwd.impl.TimeBasedOtpAuthn;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
@@ -131,11 +132,11 @@ public class MaxKeyMgtConfig  implements InitializingBean {
        return authenticationRealm;
    }

-	@Bean(name = "tfaOptAuthn")
-    public TimeBasedOtpAuthn tfaOptAuthn() {
-	    TimeBasedOtpAuthn tfaOptAuthn = new TimeBasedOtpAuthn();
+	@Bean(name = "timeBasedOtpAuthn")
+    public AbstractOtpAuthn timeBasedOtpAuthn() {
+		AbstractOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
 	    _logger.debug("TimeBasedOtpAuthn inited.");
-        return tfaOptAuthn;
+        return tfaOtpAuthn;
    }
 	
    /**
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
@@ -0,0 +1,68 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.api.endpoint;
+
+import org.maxkey.crypto.password.PasswordReciprocal;
+import org.maxkey.domain.UserInfo;
+import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.persistence.service.UserInfoService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+
+@Api(tags = "基于时间令牌验证 API文档模块")
+@Controller
+@RequestMapping(value={"/im/api/otp"})
+public class RestTimeBasedOtpController {
+
+	@Autowired
+    @Qualifier("timeBasedOtpAuthn")
+    protected AbstractOtpAuthn timeBasedOtpAuthn;
+    
+    @Autowired
+    @Qualifier("userInfoService")
+    private UserInfoService userInfoService;
+    
+    @ApiOperation(value = "基于时间令牌验证 API文档模块", notes = "传递参数username和token",httpMethod="GET")
+    @ResponseBody
+    @RequestMapping(value = "/timebased/validate", method = RequestMethod.GET)
+    public boolean getUser(@RequestParam String username,
+    							 @RequestParam String token) {
+    	
+    	UserInfo validUserInfo = userInfoService.loadByUsername(username);
+    	if(validUserInfo != null) {
+    		 String sharedSecret = 
+                     PasswordReciprocal.getInstance().decoder(validUserInfo.getSharedSecret());
+             validUserInfo.setSharedSecret(sharedSecret);
+             validUserInfo.setSharedCounter(validUserInfo.getSharedCounter());
+    		if(timeBasedOtpAuthn.validate(validUserInfo, token)) {
+    			return true;
+    		}
+    	}
+    	
+        return false;
+    }
+
+ 
+}
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
@@ -164,8 +164,8 @@ public class MaxKeyConfig  implements InitializingBean {
        return authenticationRealm;
    }
    
-	@Bean(name = "tfaOtpAuthn")
-    public TimeBasedOtpAuthn tfaOptAuthn() {
+	@Bean(name = "timeBasedOtpAuthn")
+    public TimeBasedOtpAuthn timeBasedOtpAuthn() {
 	    TimeBasedOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
 	    _logger.debug("TimeBasedOtpAuthn inited.");
        return tfaOtpAuthn;