gitee
/
eiam
mirror of https://gitee.com/topiam/eiam
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

优化代码

pull/42/head
smallbun 2023-09-05 21:38:05 +08:00
parent 59365426ea
commit c50753b3bd
9 changed files with 144 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
eiam-protocol/eiam-protocol-form/src/main/java/cn/topiam/employee/protocol/form/endpoint/FormAuthenticationEndpointFilter.java
View File

@ -196,7 +196,7 @@ public final class FormAuthenticationEndpointFilter extends OncePerRequestFilter
}
this.authenticationFailureHandler.onAuthenticationFailure(request, response, ex);
} catch (Exception ex) {
FormError error = new FormError(SERVER_ERROR,ex.getMessage(),FORM_ERROR_URI);
FormError error = new FormError(SERVER_ERROR, ex.getMessage(), FORM_ERROR_URI);
if (this.logger.isTraceEnabled()) {
this.logger.trace(error, ex);
}

17
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/JwtAuthenticationFailureHandler.java
View File

@ -1,3 +1,20 @@
/*
* eiam-protocol-jwt - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.protocol.jwt.authentication;
import java.io.IOException;

21
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/JwtLogoutAuthenticationToken.java
View File

@ -1,3 +1,20 @@
/*
* eiam-protocol-jwt - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.protocol.jwt.authentication;
import java.util.ArrayList;
@ -62,7 +79,7 @@ public class JwtLogoutAuthenticationToken extends AbstractAuthenticationToken {
* @return {@code true} if {@link #getPrincipal()} is authenticated, {@code false} otherwise
*/
public boolean isPrincipalAuthenticated() {
return !AnonymousAuthenticationToken.class.isAssignableFrom(this.principal.getClass()) &&
this.principal.isAuthenticated();
return !AnonymousAuthenticationToken.class.isAssignableFrom(this.principal.getClass())
&& this.principal.isAuthenticated();
}
}

1
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/JwtRequestAuthenticationToken.java
View File

@ -56,7 +56,6 @@ public class JwtRequestAuthenticationToken extends AbstractAuthenticationToken {
@Getter
private final Map<String, Object> additionalParameters;
public JwtRequestAuthenticationToken(Authentication principal, String targetUrl,
JwtProtocolConfig config,
Map<String, Object> additionalParameters) {

33
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/OidcLogoutAuthenticationProvider.java
View File

@ -1,17 +1,19 @@
/*
* Copyright 2020-2023 the original author or authors.
* eiam-protocol-jwt - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* https://www.apache.org/licenses/LICENSE-2.0
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.protocol.jwt.authentication;
@ -28,20 +30,17 @@ import org.springframework.security.core.session.SessionRegistry;
*/
public final class OidcLogoutAuthenticationProvider implements AuthenticationProvider {
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
JwtLogoutAuthenticationToken logoutAuthenticationToken= (JwtLogoutAuthenticationToken) authentication;
SessionInformation sessionInformation=sessionRegistry.getSessionInformation(logoutAuthenticationToken.getSessionId());
if (sessionInformation.isExpired()){
JwtLogoutAuthenticationToken logoutAuthenticationToken = (JwtLogoutAuthenticationToken) authentication;
SessionInformation sessionInformation = sessionRegistry
.getSessionInformation(logoutAuthenticationToken.getSessionId());
if (sessionInformation.isExpired()) {
}
return null;
}
@Override
public boolean supports(Class<?> authentication) {
return JwtLogoutAuthenticationToken.class.isAssignableFrom(authentication);

3
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/endpoint/JwtAuthenticationEndpointFilter.java
View File

@ -191,7 +191,8 @@ public final class JwtAuthenticationEndpointFilter extends OncePerRequestFilter
}
this.authenticationFailureHandler.onAuthenticationFailure(request, response, ex);
} catch (Exception ex) {
JwtError error = new JwtError(JwtErrorCodes.SERVER_ERROR,ex.getMessage(),JWT_ERROR_URI);
JwtError error = new JwtError(JwtErrorCodes.SERVER_ERROR, ex.getMessage(),
JWT_ERROR_URI);
if (this.logger.isTraceEnabled()) {
this.logger.trace(error, ex);
}

17
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/endpoint/JwtAuthenticationEndpointUtils.java
View File

@ -1,3 +1,20 @@
/*
* eiam-protocol-jwt - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.protocol.jwt.endpoint;
import cn.topiam.employee.protocol.jwt.exception.JwtAuthenticationException;

26
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/endpoint/JwtLogoutAuthenticationEndpointFilter.java
View File

@ -70,7 +70,7 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
/**
* AuthenticationSuccessHandler
*/
private AuthenticationSuccessHandler authenticationSuccessHandler=this::sendAuthorizationResponse;
private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAuthorizationResponse;
/**
* LogoutHandler
@ -92,16 +92,16 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
*/
private final AuthenticationManager authenticationManager;
public JwtLogoutAuthenticationEndpointFilter(RequestMatcher requestMatcher,
SessionRegistry sessionRegistry, AuthenticationManager authenticationManager) {
SessionRegistry sessionRegistry,
AuthenticationManager authenticationManager) {
Assert.notNull(requestMatcher, "requestMatcher cannot be empty");
Assert.notNull(sessionRegistry, "sessionRegistry cannot be empty");
Assert.notNull(sessionRegistry, "authenticationManager cannot be empty");
this.authenticationManager = authenticationManager;
this.logoutHandler = new SecurityContextLogoutHandler();
this.requestMatcher = requestMatcher;
authenticationConverter=new JwtLogoutAuthenticationConverter();
authenticationConverter = new JwtLogoutAuthenticationConverter();
}
public void setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
@ -150,13 +150,15 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
return;
}
try {
Authentication authentication= authenticationConverter.convert(request);
Authentication authentication = authenticationConverter.convert(request);
if (authentication instanceof AbstractAuthenticationToken) {
((AbstractAuthenticationToken) authentication)
.setDetails(this.authenticationDetailsSource.buildDetails(request));
}
Authentication authenticationResult= authenticationManager.authenticate(authentication);
authenticationSuccessHandler.onAuthenticationSuccess(request,response,authenticationResult);
Authentication authenticationResult = authenticationManager
.authenticate(authentication);
authenticationSuccessHandler.onAuthenticationSuccess(request, response,
authenticationResult);
} catch (JwtAuthenticationException ex) {
if (this.logger.isTraceEnabled()) {
this.logger.trace(LogMessage.format("JWT logout request failed: %s", ex.getError()),
@ -164,7 +166,8 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
}
this.authenticationFailureHandler.onAuthenticationFailure(request, response, ex);
} catch (Exception ex) {
JwtError error = new JwtError(JwtErrorCodes.SERVER_ERROR,ex.getMessage(),JWT_ERROR_URI);
JwtError error = new JwtError(JwtErrorCodes.SERVER_ERROR, ex.getMessage(),
JWT_ERROR_URI);
if (this.logger.isTraceEnabled()) {
this.logger.trace(error, ex);
}
@ -173,7 +176,6 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
}
}
/**
*
*
@ -183,10 +185,10 @@ public final class JwtLogoutAuthenticationEndpointFilter extends OncePerRequestF
*/
private void sendAuthorizationResponse(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) {
JwtLogoutAuthenticationToken jwtLogoutAuthentication= (JwtLogoutAuthenticationToken) authentication;
JwtLogoutAuthenticationToken jwtLogoutAuthentication = (JwtLogoutAuthenticationToken) authentication;
// Check for active user session
if (jwtLogoutAuthentication.isPrincipalAuthenticated() &&
StringUtils.hasText(jwtLogoutAuthentication.getSessionId())) {
if (jwtLogoutAuthentication.isPrincipalAuthenticated()
&& StringUtils.hasText(jwtLogoutAuthentication.getSessionId())) {
// Perform logout
this.logoutHandler.logout(request, response,
(Authentication) jwtLogoutAuthentication.getPrincipal());

24
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/endpoint/authentication/JwtLogoutAuthenticationConverter.java
View File

@ -1,17 +1,19 @@
/*
* Copyright 2020-2023 the original author or authors.
* eiam-protocol-jwt - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* https://www.apache.org/licenses/LICENSE-2.0
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.protocol.jwt.endpoint.authentication;
@ -61,7 +63,7 @@ public final class JwtLogoutAuthenticationConverter implements AuthenticationCon
principal = ANONYMOUS_AUTHENTICATION;
}
return new JwtLogoutAuthenticationToken(principal,sessionId);
return new JwtLogoutAuthenticationToken(principal, sessionId);
}
}