mirror of
https://gitee.com/dromara/MaxKey.git
synced 2026-05-14 12:32:09 +08:00
ONLINE_TICKET
This commit is contained in:
Crystal.Sea
@@ -251,6 +251,8 @@ public abstract class AbstractAuthenticationProvider {
|
||||
} else {
|
||||
_logger.debug("User Login. ");
|
||||
}
|
||||
//Online Tickit
|
||||
userInfo.setOnlineTickit(WebConstants.ONLINE_TICKET_PREFIX + "-" +userInfo.generateId());
|
||||
}
|
||||
|
||||
return userInfo;
|
||||
|
||||
@@ -34,6 +34,7 @@ public class BasicAuthentication implements Authentication {
|
||||
String remeberMe;
|
||||
String authType;
|
||||
String jwtToken;
|
||||
String onlineTickit;
|
||||
ArrayList<GrantedAuthority> grantedAuthority;
|
||||
boolean authenticated;
|
||||
|
||||
@@ -166,6 +167,14 @@ public class BasicAuthentication implements Authentication {
|
||||
this.grantedAuthority = grantedAuthority;
|
||||
}
|
||||
|
||||
public String getOnlineTickit() {
|
||||
return onlineTickit;
|
||||
}
|
||||
|
||||
public void setOnlineTickit(String onlineTickit) {
|
||||
this.onlineTickit = onlineTickit;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
StringBuilder builder = new StringBuilder();
|
||||
|
||||
@@ -93,7 +93,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
auth.setOnlineTickit(userInfo.getOnlineTickit());
|
||||
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
|
||||
new UsernamePasswordAuthenticationToken(
|
||||
auth,
|
||||
@@ -102,6 +102,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
usernamePasswordAuthenticationToken.setDetails(
|
||||
new WebAuthenticationDetails(WebContext.getRequest()));
|
||||
|
||||
setOnlineTickit(userInfo.getOnlineTickit());
|
||||
|
||||
return usernamePasswordAuthenticationToken;
|
||||
}
|
||||
|
||||
@@ -118,7 +120,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
WebContext.setUserInfo(loadeduserInfo);
|
||||
|
||||
authentication.setAuthenticated(true);
|
||||
|
||||
basicAuth.setOnlineTickit(loadeduserInfo.getOnlineTickit());
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
|
||||
authentication, "PASSWORD", authenticationRealm.grantAuthority(loadeduserInfo));
|
||||
|
||||
@@ -126,6 +128,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
WebContext.setUserInfo(loadeduserInfo);
|
||||
authenticationRealm.insertLoginHistory(loadeduserInfo, basicAuth.getAuthType(), "", "", "SUCCESS");
|
||||
|
||||
setOnlineTickit(loadeduserInfo.getOnlineTickit());
|
||||
|
||||
return authenticationToken;
|
||||
}else {
|
||||
String message = WebContext.getI18nValue("login.error.username");
|
||||
@@ -154,6 +158,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
WebContext.setUserInfo(loadeduserInfo);
|
||||
BasicAuthentication authentication = new BasicAuthentication();
|
||||
authentication.setUsername(loadeduserInfo.getUsername());
|
||||
authentication.setOnlineTickit(loadeduserInfo.getOnlineTickit());
|
||||
UsernamePasswordAuthenticationToken authenticationToken =
|
||||
new UsernamePasswordAuthenticationToken(
|
||||
authentication,
|
||||
@@ -167,6 +172,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
|
||||
authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
|
||||
|
||||
setOnlineTickit(loadeduserInfo.getOnlineTickit());
|
||||
|
||||
return authenticationToken;
|
||||
}else {
|
||||
String i18nMessage = WebContext.getI18nValue("login.error.username");
|
||||
@@ -175,4 +182,13 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
}
|
||||
}
|
||||
|
||||
public void setOnlineTickit(String tickit) {
|
||||
_logger.debug("set online Tickit " + tickit + " on domain "+ this.applicationConfig.getBaseDomainName());
|
||||
WebContext.setCookie(WebContext.getResponse(),
|
||||
this.applicationConfig.getBaseDomainName(),
|
||||
WebConstants.ONLINE_TICKET_NAME,
|
||||
tickit,
|
||||
0);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -59,11 +59,11 @@ public class MvcAutoConfiguration implements InitializingBean {
|
||||
*/
|
||||
@Bean (name = "localeResolver")
|
||||
public CookieLocaleResolver cookieLocaleResolver(
|
||||
@Value("${config.server.domain.sub:maxkey.top}")String subDomainName) {
|
||||
_logger.debug("subDomainName " + subDomainName);
|
||||
@Value("${config.server.domain:maxkey.top}")String domainName) {
|
||||
_logger.debug("DomainName " + domainName);
|
||||
CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
|
||||
cookieLocaleResolver.setCookieName("maxkey_lang");
|
||||
cookieLocaleResolver.setCookieDomain(subDomainName);
|
||||
cookieLocaleResolver.setCookieDomain(domainName);
|
||||
cookieLocaleResolver.setCookieMaxAge(604800);
|
||||
return cookieLocaleResolver;
|
||||
}
|
||||
|
||||
@@ -71,8 +71,12 @@ public class WebConstants {
|
||||
|
||||
public static final String AUTHENTICATION = "current_authentication";
|
||||
|
||||
public static final String THEME_COOKIE_NAME = "maxkey_theme";
|
||||
public static final String THEME_COOKIE_NAME = "theme_value";
|
||||
|
||||
public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";
|
||||
|
||||
public static final String ONLINE_TICKET_NAME = "online_ticket";
|
||||
|
||||
public static final String ONLINE_TICKET_PREFIX = "OT";
|
||||
|
||||
}
|
||||
|
||||
@@ -155,6 +155,11 @@ public final class WebContext {
|
||||
RequestContextHolder.getRequestAttributes()).getRequest();
|
||||
}
|
||||
|
||||
public static HttpServletResponse getResponse() {
|
||||
return ((ServletRequestAttributes)
|
||||
RequestContextHolder.getRequestAttributes()).getResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* get Http Context full Path.
|
||||
*
|
||||
@@ -336,11 +341,14 @@ public final class WebContext {
|
||||
* @param time cookie的存在时间
|
||||
*/
|
||||
public static HttpServletResponse setCookie(
|
||||
HttpServletResponse response, String name, String value, int time) {
|
||||
HttpServletResponse response, String domain ,String name, String value, int time) {
|
||||
// new一个Cookie对象,键值对为参数
|
||||
Cookie cookie = new Cookie(name, value);
|
||||
// tomcat下多应用共享
|
||||
cookie.setPath("/");
|
||||
if(domain != null) {
|
||||
cookie.setDomain(domain);
|
||||
}
|
||||
// 如果cookie的值中含有中文时,需要对cookie进行编码,不然会产生乱码
|
||||
try {
|
||||
URLEncoder.encode(value, "utf-8");
|
||||
@@ -348,7 +356,9 @@ public final class WebContext {
|
||||
e.printStackTrace();
|
||||
}
|
||||
// 单位:秒
|
||||
if(time > 0) {
|
||||
cookie.setMaxAge(time);
|
||||
}
|
||||
// 将Cookie添加到Response中,使之生效
|
||||
response.addCookie(cookie); // addCookie后,如果已经存在相同名字的cookie,则最新的覆盖旧的cookie
|
||||
return response;
|
||||
|
||||
@@ -76,7 +76,7 @@ public class ThemeTagDirective implements TemplateDirectiveModel {
|
||||
if (request.getAttribute(WebConstants.THEME_COOKIE_NAME) == null
|
||||
&& null != WebContext.getUserInfo()) {
|
||||
request.setAttribute(WebConstants.THEME_COOKIE_NAME, "theme");
|
||||
WebContext.setCookie(response,
|
||||
WebContext.setCookie(response, null,
|
||||
WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
|
||||
}
|
||||
|
||||
|
||||
@@ -86,12 +86,19 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
|
||||
@RequestParam(value = CasConstants.PARAMETER.SERVICE) String service,
|
||||
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew
|
||||
){
|
||||
_logger.debug("serviceValidate "
|
||||
+ " ticket " + ticket
|
||||
+" , service " + service
|
||||
+" , renew " + renew
|
||||
);
|
||||
|
||||
Ticket storedTicket=null;
|
||||
try {
|
||||
storedTicket = ticketServices.consumeTicket(ticket);
|
||||
} catch (Exception e) {
|
||||
// TODO Auto-generated catch block
|
||||
e.printStackTrace();
|
||||
_logger.error("consume Ticket error " , e);
|
||||
}
|
||||
|
||||
if(storedTicket!=null){
|
||||
@@ -101,6 +108,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
|
||||
.setUser(principal)
|
||||
.serviceResponseBuilder();
|
||||
}else{
|
||||
_logger.debug("Ticket not found .");
|
||||
return new Service10ResponseBuilder().failure()
|
||||
.serviceResponseBuilder();
|
||||
}
|
||||
|
||||
@@ -173,6 +173,13 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
|
||||
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
|
||||
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
|
||||
_logger.debug("serviceValidate "
|
||||
+ " ticket " + ticket
|
||||
+" , service " + service
|
||||
+" , pgtUrl " + pgtUrl
|
||||
+" , renew " + renew
|
||||
+" , format " + format
|
||||
);
|
||||
|
||||
setContentType(request,response,format);
|
||||
|
||||
@@ -186,13 +193,15 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
|
||||
BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
|
||||
String principal=authentication.getUsername();
|
||||
_logger.debug("principal "+principal);
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
userInfo.setOnlineTickit(authentication.getOnlineTickit());
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
@@ -274,7 +283,13 @@ Response on ticket validation failure:
|
||||
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
|
||||
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
|
||||
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
|
||||
|
||||
_logger.debug("proxyValidate "
|
||||
+ " ticket " + ticket
|
||||
+" , service " + service
|
||||
+" , pgtUrl " + pgtUrl
|
||||
+" , renew " + renew
|
||||
+" , format " + format
|
||||
);
|
||||
setContentType(request,response,format);
|
||||
|
||||
Ticket storedTicket=null;
|
||||
@@ -358,7 +373,11 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
|
||||
@RequestParam(value = CasConstants.PARAMETER.PROXY_GRANTING_TICKET) String pgt,
|
||||
@RequestParam(value = CasConstants.PARAMETER.TARGET_SERVICE) String targetService,
|
||||
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
|
||||
|
||||
_logger.debug("proxy "
|
||||
+ " pgt " + pgt
|
||||
+" , targetService " + targetService
|
||||
+" , format " + format
|
||||
);
|
||||
setContentType(request,response,format);
|
||||
|
||||
ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();
|
||||
|
||||
@@ -57,6 +57,13 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
|
||||
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
|
||||
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
|
||||
_logger.debug("serviceValidate "
|
||||
+ " ticket " + ticket
|
||||
+" , service " + service
|
||||
+" , pgtUrl " + pgtUrl
|
||||
+" , renew " + renew
|
||||
+" , format " + format
|
||||
);
|
||||
|
||||
setContentType(request,response,format);
|
||||
|
||||
@@ -69,12 +76,14 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
|
||||
|
||||
if(storedTicket!=null){
|
||||
String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
|
||||
BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
|
||||
String principal=authentication.getUsername();
|
||||
serviceResponseBuilder.success().setUser(principal);
|
||||
|
||||
if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
|
||||
AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
|
||||
UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
|
||||
userInfo.setOnlineTickit(authentication.getOnlineTickit());
|
||||
adapter.generateInfo(userInfo, serviceResponseBuilder);
|
||||
}
|
||||
}else{
|
||||
@@ -96,7 +105,13 @@ public class Cas30AuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
|
||||
@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
|
||||
@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
|
||||
|
||||
_logger.debug("proxyValidate "
|
||||
+ " ticket " + ticket
|
||||
+" , service " + service
|
||||
+" , pgtUrl " + pgtUrl
|
||||
+" , renew " + renew
|
||||
+" , format " + format
|
||||
);
|
||||
setContentType(request,response,format);
|
||||
|
||||
Ticket storedTicket=null;
|
||||
|
||||
@@ -103,6 +103,10 @@ public class CasAuthorizeEndpoint extends CasBaseAuthorizeEndpoint{
|
||||
callbackUrl.append("?");
|
||||
}
|
||||
|
||||
if(callbackUrl.indexOf("&") != -1) {
|
||||
callbackUrl.append("&");
|
||||
}
|
||||
|
||||
//append ticket
|
||||
callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket);
|
||||
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.apache.commons.codec.binary.Base64;
|
||||
import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
@@ -65,6 +66,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
|
||||
serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
|
||||
|
||||
serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTickit());
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
@@ -23,6 +23,7 @@ import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.util.StringGenerator;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
|
||||
@@ -43,6 +44,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
|
||||
beanMap.put("title", userInfo.getJobTitle());
|
||||
beanMap.put("state", userInfo.getWorkRegion());
|
||||
beanMap.put("gender", userInfo.getGender());
|
||||
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
|
||||
|
||||
String info= JsonUtils.object2Json(beanMap);
|
||||
|
||||
|
||||
@@ -26,6 +26,7 @@ import java.util.UUID;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
|
||||
import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
|
||||
import org.maxkey.authz.oauth2.provider.ClientDetailsService;
|
||||
@@ -46,7 +47,7 @@ import org.maxkey.persistence.service.UserInfoService;
|
||||
import org.maxkey.util.Instance;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.util.StringGenerator;
|
||||
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@@ -134,7 +135,8 @@ public class UserInfoEndpoint {
|
||||
}else{
|
||||
adapter =(AbstractAuthorizeAdapter)defaultOAuthUserInfoAdapter;
|
||||
}
|
||||
|
||||
BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
|
||||
userInfo.setOnlineTickit(authentication.getOnlineTickit());
|
||||
String jsonData=adapter.generateInfo(userInfo, app);
|
||||
return jsonData;
|
||||
}catch(OAuth2Exception e){
|
||||
@@ -170,7 +172,10 @@ public class UserInfoEndpoint {
|
||||
String userJson="";
|
||||
Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
|
||||
|
||||
BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
|
||||
|
||||
jwtClaimsSetBuilder.claim("sub", userInfo.getId());
|
||||
jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTickit());
|
||||
|
||||
if(scopes.contains("profile")){
|
||||
jwtClaimsSetBuilder.claim("name", userInfo.getUsername());
|
||||
|
||||
@@ -27,6 +27,8 @@ import org.maxkey.authz.saml.common.EndpointGenerator;
|
||||
import org.maxkey.authz.saml20.binding.BindingAdapter;
|
||||
import org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator;
|
||||
import org.maxkey.domain.apps.AppsSAML20Details;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.opensaml.saml2.core.Response;
|
||||
import org.opensaml.saml2.metadata.Endpoint;
|
||||
import org.opensaml.ws.message.encoder.MessageEncodingException;
|
||||
@@ -70,6 +72,9 @@ public class AssertionEndpoint {
|
||||
logger.debug("AuthnRequestInfo: {}", authnRequestInfo);
|
||||
|
||||
HashMap <String,String>attributeMap=new HashMap<String,String>();
|
||||
|
||||
attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTickit());
|
||||
|
||||
//saml20Details
|
||||
Response authResponse = authnResponseGenerator.generateAuthnResponse(
|
||||
saml20Details,
|
||||
|
||||
@@ -26,6 +26,7 @@ import org.maxkey.domain.apps.AppsTokenBasedDetails;
|
||||
import org.maxkey.util.DateUtils;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.util.StringGenerator;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
@@ -70,6 +71,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
|
||||
}
|
||||
|
||||
beanMap.put("displayName", userInfo.getDisplayName());
|
||||
beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
|
||||
|
||||
/*
|
||||
* use UTC date time format
|
||||
|
||||
@@ -28,6 +28,7 @@ import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService;
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.domain.apps.AppsTokenBasedDetails;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@@ -67,6 +68,7 @@ public class TokenBasedJWTAdapter extends AbstractAuthorizeAdapter {
|
||||
.claim("user_id", userInfo.getId())
|
||||
.claim("external_id", userInfo.getId())
|
||||
.claim("locale", userInfo.getLocale())
|
||||
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
|
||||
.claim("kid", jwtSignerService.getDefaultSignerKeyId())
|
||||
.build();
|
||||
|
||||
|
||||
@@ -30,6 +30,7 @@ import org.maxkey.crypto.jwt.signer.service.impl.SymmetricSigningAndValidationSe
|
||||
import org.maxkey.domain.UserInfo;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.domain.apps.AppsTokenBasedDetails;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@@ -67,6 +68,7 @@ public class TokenBasedJWTHS256Adapter extends AbstractAuthorizeAdapter {
|
||||
.claim("email", userInfo.getWorkEmail())
|
||||
.claim("name", userInfo.getUsername())
|
||||
.claim("user_id", userInfo.getId())
|
||||
.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
|
||||
.claim("external_id", userInfo.getId())
|
||||
.claim("locale", userInfo.getLocale())
|
||||
.claim("kid", "SYMMETRIC-KEY")
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
#application
|
||||
application.title=MaxKey
|
||||
application.name=MaxKey-Mgt
|
||||
application.formatted-version=v2.2.1 GA
|
||||
application.formatted-version=v2.3.0 GA
|
||||
#server config
|
||||
#server port
|
||||
server.port=9521
|
||||
|
||||
@@ -2,13 +2,13 @@
|
||||
# MaxKey Management
|
||||
############################################################################
|
||||
# domain name configuration
|
||||
config.server.domain=maxkey.top
|
||||
config.server.domain.sub=sso.${config.server.domain}
|
||||
config.server.name=http://${config.server.domain.sub}
|
||||
config.server.prefix.uri=${config.server.name}:9521/maxkey-mgt
|
||||
config.server.basedomain=maxkey.top
|
||||
config.server.domain=sso.${config.server.basedomain}
|
||||
config.server.name=http://${config.server.domain}
|
||||
config.server.uri=${config.server.name}:9521/maxkey-mgt
|
||||
#default.uri
|
||||
config.server.default.uri=${config.server.prefix.uri}/main
|
||||
config.maxkey.uri=https://${config.server.domain.sub}/maxkey
|
||||
config.server.default.uri=${config.server.uri}/main
|
||||
config.maxkey.uri=https://${config.server.domain}/maxkey
|
||||
#InMemory 0 , Redis 2
|
||||
config.server.persistence=0
|
||||
#identity
|
||||
@@ -62,7 +62,7 @@ config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
|
||||
config.saml.v20.sp.issuing.entity.id=client.maxkey.org
|
||||
|
||||
############################################################################
|
||||
config.oidc.metadata.issuer=https://${config.server.domain.sub}/maxkey
|
||||
config.oidc.metadata.issuer=https://${config.server.domain}/maxkey
|
||||
config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
|
||||
config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
|
||||
config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo
|
||||
|
||||
@@ -176,7 +176,7 @@ public class SafeController {
|
||||
userInfo.setEmail(email);
|
||||
|
||||
userInfo.setTheme(theme);
|
||||
WebContext.setCookie(response, WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
|
||||
WebContext.setCookie(response,null, WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
|
||||
|
||||
userInfoService.changeEmail(userInfo);
|
||||
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
#application
|
||||
application.title=MaxKey
|
||||
application.name=MaxKey
|
||||
application.formatted-version=v2.2.1 GA
|
||||
application.formatted-version=v2.3.0 GA
|
||||
#server config
|
||||
#spring.profiles.active=dev
|
||||
#server port
|
||||
|
||||
@@ -2,12 +2,12 @@
|
||||
# MaxKey
|
||||
############################################################################
|
||||
# domain name configuration
|
||||
config.server.domain=maxkey.top
|
||||
config.server.domain.sub=sso.${config.server.domain}
|
||||
config.server.name=https://${config.server.domain.sub}
|
||||
config.server.prefix.uri=${config.server.name}/maxkey
|
||||
config.server.basedomain=maxkey.top
|
||||
config.server.domain=sso.${config.server.basedomain}
|
||||
config.server.name=https://${config.server.domain}
|
||||
config.server.uri=${config.server.name}/maxkey
|
||||
#default.uri
|
||||
config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
|
||||
config.server.default.uri=${config.server.uri}/maxkey/appList
|
||||
config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
|
||||
#InMemory 0 , Redis 2
|
||||
config.server.persistence=0
|
||||
|
||||
Reference in New Issue
Block a user