mobile login

2026-05-15 13:02:07 +08:00 · 2021-05-17 11:34:39 +08:00
parent ff3d97d51f
commit b378f9fa2f
27 changed files with 447 additions and 309 deletions
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -47,11 +47,18 @@ public abstract class AbstractAuthenticationProvider {
    private static final Logger _logger = 
            LoggerFactory.getLogger(AbstractAuthenticationProvider.class);

+    public class AuthType{
+    	public final static String NORMAL 	= "normal";
+    	public final static String TFA 		= "tfa";
+    	public final static String MOBILE 	= "mobile";
+    }
    protected ApplicationConfig applicationConfig;

    protected AbstractAuthenticationRealm authenticationRealm;

    protected AbstractOtpAuthn tfaOtpAuthn;
+    
+    protected AbstractOtpAuthn smsOtpAuthn;

    protected AbstractRemeberMeService remeberMeService;
    
@@ -176,8 +183,10 @@ public abstract class AbstractAuthenticationProvider {
    protected void authTypeValid(String authType) {
        _logger.debug("Login AuthN Type  " + authType);
        if (authType != null && (
-                authType.equalsIgnoreCase("basic") 
-                || authType.equalsIgnoreCase("tfa"))
+                authType.equalsIgnoreCase(AuthType.NORMAL) 
+                || authType.equalsIgnoreCase(AuthType.TFA)
+                || authType.equalsIgnoreCase(AuthType.MOBILE)
+        		)
            ) {
            return;
        }
@@ -195,7 +204,8 @@ public abstract class AbstractAuthenticationProvider {
     */
    protected void captchaValid(String captcha, String authType) {
        // for basic
-        if (applicationConfig.getLoginConfig().isCaptcha() && authType.equalsIgnoreCase("basic")) {
+        if (applicationConfig.getLoginConfig().isCaptcha() 
+        		&& authType.equalsIgnoreCase(AuthType.NORMAL)) {
            _logger.info("captcha : "
                    + WebContext.getSession().getAttribute(
                            WebConstants.KAPTCHA_SESSION_KEY).toString());
@@ -218,7 +228,8 @@ public abstract class AbstractAuthenticationProvider {
     */
    protected void tftcaptchaValid(String otpCaptcha, String authType, UserInfo userInfo) {
        // for one time password 2 factor
-        if (applicationConfig.getLoginConfig().isMfa() && authType.equalsIgnoreCase("tfa")) {
+        if (applicationConfig.getLoginConfig().isMfa() 
+        		&& authType.equalsIgnoreCase(AuthType.TFA)) {
            UserInfo validUserInfo = new UserInfo();
            validUserInfo.setUsername(userInfo.getUsername());
            validUserInfo.setSharedSecret(userInfo.getSharedSecret());
@@ -231,6 +242,28 @@ public abstract class AbstractAuthenticationProvider {
            }
        }
    }
+    
+    /**
+     * mobile validate.
+     * 
+     * @param otpCaptcha String
+     * @param authType   String
+     * @param userInfo   UserInfo
+     */
+    protected void mobilecaptchaValid(String password, String authType, UserInfo userInfo) {
+        // for mobile password
+        if (applicationConfig.getLoginConfig().isMfa() 
+        		&& authType.equalsIgnoreCase(AuthType.MOBILE)) {
+            UserInfo validUserInfo = new UserInfo();
+            validUserInfo.setUsername(userInfo.getUsername());
+            validUserInfo.setId(userInfo.getId());
+            if (password == null || !smsOtpAuthn.validate(validUserInfo, password)) {
+                String message = WebContext.getI18nValue("login.error.captcha");
+                _logger.debug("login captcha valid error.");
+                throw new BadCredentialsException(message);
+            }
+        }
+    }

    /**
     * login user by j_username and j_cname first query user by j_cname if first
@@ -328,7 +361,8 @@ public abstract class AbstractAuthenticationProvider {
    public void setOnlineTicketServices(OnlineTicketServices onlineTicketServices) {
        this.onlineTicketServices = onlineTicketServices;
    }
-    
-    

+	public void setSmsOtpAuthn(AbstractOtpAuthn smsOtpAuthn) {
+		this.smsOtpAuthn = smsOtpAuthn;
+	}
 }
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
@@ -62,11 +62,13 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
    		AbstractAuthenticationRealm authenticationRealm,
    		ApplicationConfig applicationConfig,
    	    AbstractOtpAuthn tfaOtpAuthn,
+    	    AbstractOtpAuthn smsOtpAuthn,
    	    AbstractRemeberMeService remeberMeService,
    	    OnlineTicketServices onlineTicketServices) {
 		this.authenticationRealm = authenticationRealm;
 		this.applicationConfig = applicationConfig;
 		this.tfaOtpAuthn = tfaOtpAuthn;
+		this.smsOtpAuthn = smsOtpAuthn;
 		this.remeberMeService =  remeberMeService;
 		this.onlineTicketServices = onlineTicketServices;
 	}
@@ -96,9 +98,12 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider

        tftcaptchaValid(loginCredential.getOtpCaptcha(),loginCredential.getAuthType(),userInfo);

-        authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
-
-        authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword());
+        if(loginCredential.getAuthType().equalsIgnoreCase(AuthType.MOBILE)) {
+        	mobilecaptchaValid(loginCredential.getPassword(),loginCredential.getAuthType(),userInfo);
+        }else {
+        	authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
+        	authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword());
+        }
        
        UsernamePasswordAuthenticationToken authenticationToken = setOnline(loginCredential,userInfo);
        //RemeberMe Config check then set  RemeberMe cookies
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java
@@ -51,7 +51,6 @@ import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.datasource.DataSourceTransactionManager;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
-
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder;
 import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder;
@@ -77,14 +76,17 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
    		AbstractAuthenticationRealm authenticationRealm,
    		ApplicationConfig applicationConfig,
    	    AbstractOtpAuthn tfaOtpAuthn,
+    	    AbstractOtpAuthn smsOtpAuthn,
    	    AbstractRemeberMeService remeberMeService,
    	    OnlineTicketServices onlineTicketServices
    		) {
+       
    	_logger.debug("init authenticationProvider .");
        return new RealmAuthenticationProvider(
        		authenticationRealm,
        		applicationConfig,
        		tfaOtpAuthn,
+        		smsOtpAuthn,
        		remeberMeService,
        		onlineTicketServices
        		);