Example 1 with AppsJwtDetails
use of org.maxkey.entity.apps.AppsJwtDetails in project MaxKey by dromara.
the class JwtAuthorizeEndpoint method authorize.
@Operation(summary = "JWT应用ID认证接口", description = "应用ID", method = "GET")
@RequestMapping("/authz/jwt/{id}")
public ModelAndView authorize(HttpServletRequest request, HttpServletResponse response, @PathVariable("id") String id) {
ModelAndView modelAndView = new ModelAndView();
Apps application = getApp(id);
AppsJwtDetails jwtDetails = jwtDetailsService.getAppDetails(id, true);
_logger.debug("" + jwtDetails);
jwtDetails.setAdapter(application.getAdapter());
jwtDetails.setIsAdapter(application.getIsAdapter());
AbstractAuthorizeAdapter adapter;
if (ConstsBoolean.isTrue(jwtDetails.getIsAdapter())) {
Object jwtAdapter = Instance.newInstance(jwtDetails.getAdapter());
try {
BeanUtils.setProperty(jwtAdapter, "jwtDetails", jwtDetails);
} catch (IllegalAccessException | InvocationTargetException e) {
_logger.error("setProperty error . ", e);
}
adapter = (AbstractAuthorizeAdapter) jwtAdapter;
} else {
JwtAdapter jwtAdapter = new JwtAdapter(jwtDetails);
adapter = (AbstractAuthorizeAdapter) jwtAdapter;
}
adapter.setAuthentication((SigninPrincipal) WebContext.getAuthentication().getPrincipal());
adapter.setUserInfo(WebContext.getUserInfo());
adapter.generateInfo();
// sign
adapter.sign(null, jwtDetails.getSignatureKey(), jwtDetails.getSignature());
// encrypt
adapter.encrypt(null, jwtDetails.getAlgorithmKey(), jwtDetails.getAlgorithm());
if (jwtDetails.getTokenType().equalsIgnoreCase("POST")) {
return adapter.authorize(modelAndView);
} else {
_logger.debug("Cookie Name : {}", jwtDetails.getJwtName());
Cookie cookie = new Cookie(jwtDetails.getJwtName(), adapter.serialize());
Integer maxAge = jwtDetails.getExpires();
_logger.debug("Cookie Max Age : {} seconds.", maxAge);
cookie.setMaxAge(maxAge);
cookie.setPath("/");
//
// cookie.setDomain("."+applicationConfig.getBaseDomainName());
// tomcat 8.5
cookie.setDomain(applicationConfig.getBaseDomainName());
_logger.debug("Sub Domain Name : .{}", applicationConfig.getBaseDomainName());
response.addCookie(cookie);
if (jwtDetails.getRedirectUri().indexOf(applicationConfig.getBaseDomainName()) > -1) {
return WebContext.redirect(jwtDetails.getRedirectUri());
} else {
_logger.error(jwtDetails.getRedirectUri() + " not in domain " + applicationConfig.getBaseDomainName());
return null;
}
}
}
Also used :
AbstractAuthorizeAdapter(org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter)
Cookie(javax.servlet.http.Cookie)
AppsJwtDetails(org.maxkey.entity.apps.AppsJwtDetails)
ModelAndView(org.springframework.web.servlet.ModelAndView)
Apps(org.maxkey.entity.apps.Apps)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
JwtAdapter(org.maxkey.authz.jwt.endpoint.adapter.JwtAdapter)
Operation(io.swagger.v3.oas.annotations.Operation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 2 with AppsJwtDetails
use of org.maxkey.entity.apps.AppsJwtDetails in project MaxKey by dromara.
the class AppsJwtDetailsService method getAppDetails.
public AppsJwtDetails getAppDetails(String id, boolean cached) {
AppsJwtDetails details = null;
if (cached) {
details = detailsCache.getIfPresent(id);
if (details == null) {
details = getMapper().getAppDetails(id);
detailsCache.put(id, details);
}
} else {
details = getMapper().getAppDetails(id);
}
return details;
}
Also used :
AppsJwtDetails(org.maxkey.entity.apps.AppsJwtDetails)
Example 3 with AppsJwtDetails
use of org.maxkey.entity.apps.AppsJwtDetails in project MaxKey by dromara.
the class JwtAuthorizeEndpoint method metadata.
@Operation(summary = "JWT JWK元数据接口", description = "参数mxk_metadata_APPID", method = "GET")
@RequestMapping(value = "/metadata/jwt/" + WebConstants.MXK_METADATA_PREFIX + "{appid}.{mediaType}", method = { RequestMethod.POST, RequestMethod.GET })
@ResponseBody
public String metadata(HttpServletRequest request, HttpServletResponse response, @PathVariable("appid") String appId, @PathVariable("mediaType") String mediaType) {
AppsJwtDetails jwtDetails = jwtDetailsService.getAppDetails(appId, true);
if (jwtDetails != null) {
String jwkSetString = "";
if (!jwtDetails.getSignature().equalsIgnoreCase("none")) {
jwkSetString = jwtDetails.getSignatureKey();
}
if (!jwtDetails.getAlgorithm().equalsIgnoreCase("none")) {
if (StringUtils.isBlank(jwkSetString)) {
jwkSetString = jwtDetails.getAlgorithmKey();
} else {
jwkSetString = jwkSetString + "," + jwtDetails.getAlgorithmKey();
}
}
JWKSetKeyStore jwkSetKeyStore = new JWKSetKeyStore("{\"keys\": [" + jwkSetString + "]}");
if (StringUtils.isNotBlank(mediaType) && mediaType.equalsIgnoreCase(HttpRequestAdapter.MediaType.XML)) {
response.setContentType(ContentType.APPLICATION_XML_UTF8);
} else {
response.setContentType(ContentType.APPLICATION_JSON_UTF8);
}
return jwkSetKeyStore.toString(mediaType);
}
return appId + " not exist.";
}
Also used :
AppsJwtDetails(org.maxkey.entity.apps.AppsJwtDetails)
JWKSetKeyStore(org.maxkey.crypto.jose.keystore.JWKSetKeyStore)
Operation(io.swagger.v3.oas.annotations.Operation)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 4 with AppsJwtDetails
use of org.maxkey.entity.apps.AppsJwtDetails in project MaxKey by dromara.
the class JwtDetailsController method forwardUpdate.
@RequestMapping(value = { "/forwardUpdate/{id}" })
public ModelAndView forwardUpdate(@PathVariable("id") String id) {
ModelAndView modelAndView = new ModelAndView("apps/jwt/appUpdate");
AppsJwtDetails jwtDetails = jwtDetailsService.getAppDetails(id, false);
decoderSecret(jwtDetails);
jwtDetails.transIconBase64();
modelAndView.addObject("model", jwtDetails);
return modelAndView;
}
Also used :
AppsJwtDetails(org.maxkey.entity.apps.AppsJwtDetails)
ModelAndView(org.springframework.web.servlet.ModelAndView)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 5 with AppsJwtDetails
use of org.maxkey.entity.apps.AppsJwtDetails in project MaxKey by dromara.
the class JwtDetailsController method forwardAdd.
@RequestMapping(value = { "/forwardAdd" })
public ModelAndView forwardAdd() {
ModelAndView modelAndView = new ModelAndView("apps/jwt/appAdd");
AppsJwtDetails jwtDetails = new AppsJwtDetails();
jwtDetails.setId(jwtDetails.generateId());
jwtDetails.setProtocol(ConstsProtocols.JWT);
jwtDetails.setSecret(ReciprocalUtils.generateKey(""));
jwtDetails.setUserPropertys("userPropertys");
modelAndView.addObject("model", jwtDetails);
return modelAndView;
}
Also used :
AppsJwtDetails(org.maxkey.entity.apps.AppsJwtDetails)
ModelAndView(org.springframework.web.servlet.ModelAndView)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
AppsJwtDetails (org.maxkey.entity.apps.AppsJwtDetails)5
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4
ModelAndView (org.springframework.web.servlet.ModelAndView)3
Operation (io.swagger.v3.oas.annotations.Operation)2
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
Cookie (javax.servlet.http.Cookie)1
AbstractAuthorizeAdapter (org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter)1
JwtAdapter (org.maxkey.authz.jwt.endpoint.adapter.JwtAdapter)1
JWKSetKeyStore (org.maxkey.crypto.jose.keystore.JWKSetKeyStore)1
Apps (org.maxkey.entity.apps.Apps)1
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1
