mirror of
https://gitee.com/dromara/MaxKey.git
synced 2026-05-14 12:32:09 +08:00
trustAuthentication
This commit is contained in:
Crystal.Sea
@@ -20,11 +20,13 @@ package org.maxkey.authn.support.basic;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.constants.ConstantsLoginType;
|
||||
import org.maxkey.util.AuthorizationHeaderUtils;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
||||
@@ -35,6 +37,10 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
|
||||
|
||||
boolean enable;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationProvider")
|
||||
RealmAuthenticationProvider authenticationProvider ;
|
||||
|
||||
public BasicEntryPoint() {
|
||||
|
||||
}
|
||||
@@ -126,9 +132,8 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
|
||||
}
|
||||
|
||||
if(!isAuthenticated){
|
||||
if(WebContext.setAuthentication(username,ConstantsLoginType.BASIC,"","","success")){
|
||||
authenticationProvider.trustAuthentication(username,ConstantsLoginType.BASIC,"","","success");
|
||||
_logger.info("Authentication "+username+" successful .");
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
|
||||
@@ -20,10 +20,12 @@ package org.maxkey.authn.support.httpheader;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.constants.ConstantsLoginType;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
||||
@@ -35,6 +37,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
|
||||
String headerName;
|
||||
boolean enable;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationProvider")
|
||||
RealmAuthenticationProvider authenticationProvider ;
|
||||
|
||||
String []skipRequestURI={
|
||||
"/oauth/v20/token",
|
||||
@@ -102,9 +107,8 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
|
||||
}
|
||||
|
||||
if(!isAuthenticated){
|
||||
if(WebContext.setAuthentication(httpHeaderUsername,ConstantsLoginType.HTTPHEADER,"","","success")){
|
||||
_logger.info("Authentication "+httpHeaderUsername+" successful .");
|
||||
}
|
||||
authenticationProvider.trustAuthentication(httpHeaderUsername,ConstantsLoginType.HTTPHEADER,"","","success");
|
||||
_logger.info("Authentication "+httpHeaderUsername+" successful .");
|
||||
}
|
||||
|
||||
return true;
|
||||
|
||||
@@ -23,11 +23,11 @@ import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.joda.time.DateTime;
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.constants.ConstantsLoginType;
|
||||
import org.maxkey.crypto.ReciprocalUtils;
|
||||
import org.maxkey.util.DateUtils;
|
||||
import org.maxkey.util.JsonUtils;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
@@ -35,6 +35,8 @@ public class RemoteKerberosService implements KerberosService{
|
||||
private static Logger _logger = LoggerFactory.getLogger(RemoteKerberosService.class);
|
||||
List<KerberosProxy> kerberosProxys;
|
||||
|
||||
RealmAuthenticationProvider authenticationProvider ;
|
||||
|
||||
public boolean login(String kerberosTokenString,String kerberosUserDomain){
|
||||
_logger.debug("encoder Kerberos Token "+kerberosTokenString);
|
||||
_logger.debug("kerberos UserDomain "+kerberosUserDomain);
|
||||
@@ -54,7 +56,8 @@ public class RemoteKerberosService implements KerberosService{
|
||||
DateTime notOnOrAfter=DateUtils.toUtcDate(kerberosToken.getNotOnOrAfter());
|
||||
_logger.debug("Kerberos Token is After Now "+notOnOrAfter.isAfterNow());
|
||||
if(notOnOrAfter.isAfterNow()){
|
||||
return WebContext.setAuthentication(kerberosToken.getPrincipal(),ConstantsLoginType.KERBEROS,kerberosUserDomain,"","success");
|
||||
authenticationProvider.trustAuthentication(kerberosToken.getPrincipal(),ConstantsLoginType.KERBEROS,kerberosUserDomain,"","success");
|
||||
return true;
|
||||
}else{
|
||||
|
||||
return false;
|
||||
|
||||
@@ -20,6 +20,7 @@
|
||||
*/
|
||||
package org.maxkey.authn.support.socialsignon;
|
||||
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
|
||||
import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
|
||||
import org.maxkey.authn.support.socialsignon.service.SocialsAssociateService;
|
||||
@@ -27,6 +28,7 @@ import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
|
||||
import me.zhyd.oauth.model.AuthCallback;
|
||||
import me.zhyd.oauth.model.AuthResponse;
|
||||
@@ -72,7 +74,9 @@ public class AbstractSocialSignOnEndpoint {
|
||||
@Autowired
|
||||
protected SocialsAssociateService socialsAssociateService;
|
||||
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationProvider")
|
||||
RealmAuthenticationProvider authenticationProvider ;
|
||||
|
||||
protected AuthRequest buildAuthRequest(String provider){
|
||||
|
||||
|
||||
@@ -22,14 +22,11 @@ package org.maxkey.authn.support.socialsignon;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.maxkey.authn.realm.AbstractAuthenticationRealm;
|
||||
import org.maxkey.authn.support.socialsignon.service.SocialsAssociate;
|
||||
import org.maxkey.constants.ConstantsLoginType;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
import org.springframework.stereotype.Controller;
|
||||
@@ -49,11 +46,6 @@ import me.zhyd.oauth.utils.AuthStateUtils;
|
||||
public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
|
||||
final static Logger _logger = LoggerFactory.getLogger(SocialSignOnEndpoint.class);
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationRealm")
|
||||
protected AbstractAuthenticationRealm authenticationRealm;
|
||||
|
||||
|
||||
public ModelAndView socialSignOnAuthorize(String provider){
|
||||
_logger.debug("SocialSignOn provider : "+provider);
|
||||
String authorizationUrl=buildAuthRequest(provider).authorize(AuthStateUtils.createState());
|
||||
@@ -155,13 +147,13 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
|
||||
|
||||
_logger.debug("Social Sign On from "+socialSignOnUserToken.getProvider()+" mapping to user "+socialSignOnUserToken.getUsername());
|
||||
|
||||
if(WebContext.setAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success")){
|
||||
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
|
||||
socialSignOnUserToken.setSocialUserInfo(accountJsonString);
|
||||
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
|
||||
|
||||
this.socialsAssociateService.update(socialSignOnUserToken);
|
||||
}
|
||||
authenticationProvider.trustAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
|
||||
//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
|
||||
socialSignOnUserToken.setSocialUserInfo(accountJsonString);
|
||||
//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
|
||||
|
||||
this.socialsAssociateService.update(socialSignOnUserToken);
|
||||
|
||||
|
||||
}else{
|
||||
WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
|
||||
|
||||
@@ -19,12 +19,14 @@ package org.maxkey.authn.support.wsfederation;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.constants.ConstantsLoginType;
|
||||
import org.maxkey.util.StringUtils;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.opensaml.saml1.core.impl.AssertionImpl;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
|
||||
|
||||
public class WsFederationServiceImpl implements WsFederationService{
|
||||
@@ -32,6 +34,10 @@ public class WsFederationServiceImpl implements WsFederationService{
|
||||
|
||||
private WsFederationConfiguration wsFederationConfiguration;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("authenticationProvider")
|
||||
RealmAuthenticationProvider authenticationProvider ;
|
||||
|
||||
public boolean login(String wsFederationWA,String wsFederationWResult,HttpServletRequest request){
|
||||
// it's an authentication
|
||||
if (StringUtils.isNotEmpty(wsFederationWA) && wsFederationWA.equalsIgnoreCase(WsFederationConstants.WSIGNIN)) {
|
||||
@@ -57,11 +63,11 @@ public class WsFederationServiceImpl implements WsFederationService{
|
||||
wsFederationConfiguration.getUpnSuffix());
|
||||
}
|
||||
|
||||
return WebContext.setAuthentication(
|
||||
authenticationProvider.trustAuthentication(
|
||||
wsFederationCredential.getAttributes().get("").toString(),
|
||||
ConstantsLoginType.WSFEDERATION,
|
||||
"","","success");
|
||||
|
||||
return true;
|
||||
} else {
|
||||
_logger.warn("SAML assertions are blank or no longer valid.");
|
||||
return false;
|
||||
|
||||
Reference in New Issue
Block a user