trustAuthentication

maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java

@@ -20,11 +20,13 @@ package org.maxkey.authn.support.basic;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.util.AuthorizationHeaderUtils;
-import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@@ -35,6 +37,10 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
 	
 	boolean enable;
 	
+	@Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
+	
 	public BasicEntryPoint() {
 	    
     }
@@ -126,9 +132,8 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter {
 		 }
 		 
 		 if(!isAuthenticated){
-			if(WebContext.setAuthentication(username,ConstantsLoginType.BASIC,"","","success")){
+			authenticationProvider.trustAuthentication(username,ConstantsLoginType.BASIC,"","","success");
 				_logger.info("Authentication  "+username+" successful .");
-			}
 		 }
 		
 		 return true;

maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java

@@ -20,10 +20,12 @@ package org.maxkey.authn.support.httpheader;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
-import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@@ -35,6 +37,9 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
 	String headerName;
     boolean enable;
     
+    @Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
 	
 	String []skipRequestURI={
 			"/oauth/v20/token",
@@ -102,9 +107,8 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter {
 		 }
 		 
 		 if(!isAuthenticated){
-			if(WebContext.setAuthentication(httpHeaderUsername,ConstantsLoginType.HTTPHEADER,"","","success")){
-				_logger.info("Authentication  "+httpHeaderUsername+" successful .");
-			}
+			authenticationProvider.trustAuthentication(httpHeaderUsername,ConstantsLoginType.HTTPHEADER,"","","success");
+			_logger.info("Authentication  "+httpHeaderUsername+" successful .");
 		 }
 		
 		 return true;

maxkey-authentications/src/main/java/org/maxkey/authn/support/kerberos/RemoteKerberosService.java

@@ -23,11 +23,11 @@ import java.util.List;
 import java.util.Map;
 
 import org.joda.time.DateTime;
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.crypto.ReciprocalUtils;
 import org.maxkey.util.DateUtils;
 import org.maxkey.util.JsonUtils;
-import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -35,6 +35,8 @@ public class RemoteKerberosService  implements KerberosService{
 	private static Logger _logger = LoggerFactory.getLogger(RemoteKerberosService.class);
 	List<KerberosProxy> kerberosProxys;
 	
+	RealmAuthenticationProvider authenticationProvider ;
+	
 	public boolean login(String kerberosTokenString,String kerberosUserDomain){
 		_logger.debug("encoder Kerberos Token "+kerberosTokenString);
 		_logger.debug("kerberos UserDomain "+kerberosUserDomain);
@@ -54,7 +56,8 @@ public class RemoteKerberosService  implements KerberosService{
 		DateTime notOnOrAfter=DateUtils.toUtcDate(kerberosToken.getNotOnOrAfter());
 		_logger.debug("Kerberos Token is After Now  "+notOnOrAfter.isAfterNow());
 		if(notOnOrAfter.isAfterNow()){
-	    	return WebContext.setAuthentication(kerberosToken.getPrincipal(),ConstantsLoginType.KERBEROS,kerberosUserDomain,"","success");
+	    	authenticationProvider.trustAuthentication(kerberosToken.getPrincipal(),ConstantsLoginType.KERBEROS,kerberosUserDomain,"","success");
+	    	return true;
 		}else{
 			
 			return false;

maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/AbstractSocialSignOnEndpoint.java

@@ -20,6 +20,7 @@
  */
 package org.maxkey.authn.support.socialsignon;
 
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
 import org.maxkey.authn.support.socialsignon.service.SocialsAssociateService;
@@ -27,6 +28,7 @@ import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 
 import me.zhyd.oauth.model.AuthCallback;
 import me.zhyd.oauth.model.AuthResponse;
@@ -72,7 +74,9 @@ public class AbstractSocialSignOnEndpoint {
 	@Autowired
 	protected SocialsAssociateService socialsAssociateService;
 	
-	
+	@Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
  	
   	protected AuthRequest buildAuthRequest(String provider){
   		

maxkey-authentications/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java

@@ -22,14 +22,11 @@ package org.maxkey.authn.support.socialsignon;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.socialsignon.service.SocialsAssociate;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.web.WebAttributes;
 import org.springframework.stereotype.Controller;
@@ -49,11 +46,6 @@ import me.zhyd.oauth.utils.AuthStateUtils;
 public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(SocialSignOnEndpoint.class);
 	
-    @Autowired
-	@Qualifier("authenticationRealm")
-	protected AbstractAuthenticationRealm authenticationRealm;
-    
-    
     public  ModelAndView socialSignOnAuthorize(String provider){
     	_logger.debug("SocialSignOn provider : "+provider);
     	String authorizationUrl=buildAuthRequest(provider).authorize(AuthStateUtils.createState());
@@ -155,13 +147,13 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 
 			_logger.debug("Social Sign On from "+socialSignOnUserToken.getProvider()+" mapping to user "+socialSignOnUserToken.getUsername());
 			
-			if(WebContext.setAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success")){
-				//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
-				socialSignOnUserToken.setSocialUserInfo(accountJsonString);
-				//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
-				
-				this.socialsAssociateService.update(socialSignOnUserToken);
-			}
+			authenticationProvider.trustAuthentication(socialSignOnUserToken.getUsername(), ConstantsLoginType.SOCIALSIGNON,this.socialSignOnProvider.getProviderName(),"xe00000004","success");
+			//socialSignOnUserToken.setAccessToken(JsonUtils.object2Json(this.accessToken));
+			socialSignOnUserToken.setSocialUserInfo(accountJsonString);
+			//socialSignOnUserToken.setExAttribute(JsonUtils.object2Json(accessToken.getResponseObject()));
+			
+			this.socialsAssociateService.update(socialSignOnUserToken);
+			
 			
 		}else{
 			WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));

maxkey-authentications/src/main/java/org/maxkey/authn/support/wsfederation/WsFederationServiceImpl.java

@@ -19,12 +19,14 @@ package org.maxkey.authn.support.wsfederation;
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.util.StringUtils;
-import org.maxkey.web.WebContext;
 import org.opensaml.saml1.core.impl.AssertionImpl;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 
 
 public class WsFederationServiceImpl implements   WsFederationService{
@@ -32,6 +34,10 @@ public class WsFederationServiceImpl implements   WsFederationService{
 	
 	private WsFederationConfiguration wsFederationConfiguration;
 	
+	@Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
+	
 	public boolean login(String wsFederationWA,String wsFederationWResult,HttpServletRequest request){
 		// it's an authentication
         if (StringUtils.isNotEmpty(wsFederationWA) && wsFederationWA.equalsIgnoreCase(WsFederationConstants.WSIGNIN)) {
@@ -57,11 +63,11 @@ public class WsFederationServiceImpl implements   WsFederationService{
                     			wsFederationConfiguration.getUpnSuffix());
                     }
 
-                    return WebContext.setAuthentication(
+                    authenticationProvider.trustAuthentication(
                     		wsFederationCredential.getAttributes().get("").toString(),
                     		ConstantsLoginType.WSFEDERATION,
                     		"","","success");
-
+                    return true;
                 } else {
                     _logger.warn("SAML assertions are blank or no longer valid.");
                     return false;

maxkey-core/src/main/java/org/maxkey/authn/support/jwt/JwtLoginService.java

@@ -30,6 +30,7 @@ import java.util.Date;
 import java.util.UUID;
 import javax.servlet.http.HttpServletResponse;
 import org.joda.time.DateTime;
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.configuration.oidc.OIDCProviderMetadataDetails;
 import org.maxkey.constants.ConstantsLoginType;
@@ -47,6 +48,8 @@ public class JwtLoginService {
     OIDCProviderMetadataDetails jwtProviderMetadata;
 
     DefaultJwtSigningAndValidationService jwtSignerValidationService;
+    
+    RealmAuthenticationProvider authenticationProvider ;
 
     public boolean login(String jwt, HttpServletResponse response) {
         _logger.debug("jwt : " + jwt);
@@ -93,9 +96,8 @@ public class JwtLoginService {
             DateTime now = new DateTime();
 
             if (loginResult && now.isBefore(jwtClaimsSet.getExpirationTime().getTime())) {
-                if (WebContext.setAuthentication(username, ConstantsLoginType.JWT, "", "", "success")) {
-                    return true;
-                }
+                authenticationProvider.trustAuthentication(username, ConstantsLoginType.JWT, "", "", "success");
+                return true;
             }
         } catch (java.text.ParseException e) {
             // Invalid signed JWT encoding
@@ -198,4 +200,8 @@ public class JwtLoginService {
         this.jwtSignerValidationService = jwtSignerValidationService;
     }
 
+    public void setAuthenticationProvider(RealmAuthenticationProvider authenticationProvider) {
+        this.authenticationProvider = authenticationProvider;
+    }
+
 }

maxkey-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java

@@ -23,6 +23,7 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.joda.time.DateTime;
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.constants.ConstantsTimeInterval;
@@ -46,6 +47,10 @@ public abstract class AbstractRemeberMeService {
     @Autowired
     @Qualifier("applicationConfig")
     protected ApplicationConfig applicationConfig;
+    
+    @Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
 
     // follow function is for persist
     public abstract void save(RemeberMe remeberMe);
@@ -112,15 +117,14 @@ public abstract class AbstractRemeberMeService {
         DateTime expiryDate = loginDate.plusSeconds(getRemeberMeValidity());
         DateTime now = new DateTime();
         if (now.isBefore(expiryDate)) {
-            if (WebContext.setAuthentication(
+            authenticationProvider.trustAuthentication(
                     storeRemeberMe.getUsername(), 
                     ConstantsLoginType.REMEBER_ME, 
                     "", 
                     "", 
-                    "success")
-            ) {
-                return updateRemeberMe(remeberMeCookie, response);
-            }
+                    "success");
+            return updateRemeberMe(remeberMeCookie, response);
+
         }
         return false;
     }

maxkey-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java

@@ -22,6 +22,8 @@ import com.nimbusds.jose.JWEAlgorithm;
 import java.net.URI;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
+
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.support.jwt.JwtLoginService;
 import org.maxkey.configuration.oidc.OIDCProviderMetadataDetails;
 import org.maxkey.constants.ConstantsProperties;
@@ -124,11 +126,13 @@ public class JwtAuthnAutoConfiguration implements InitializingBean {
     @Bean(name = "jwtLoginService")
     public JwtLoginService jwtLoginService(
             DefaultJwtSigningAndValidationService jwtSignerValidationService,
-            OIDCProviderMetadataDetails oidcProviderMetadata) {
-        JwtLoginService jwkSetKeyStore = new JwtLoginService();
-        jwkSetKeyStore.setJwtSignerValidationService(jwtSignerValidationService);
-        jwkSetKeyStore.setJwtProviderMetadata(oidcProviderMetadata);
-        return jwkSetKeyStore;
+            OIDCProviderMetadataDetails oidcProviderMetadata,
+            RealmAuthenticationProvider authenticationProvider) {
+        JwtLoginService jwtLoginService = new JwtLoginService();
+        jwtLoginService.setJwtSignerValidationService(jwtSignerValidationService);
+        jwtLoginService.setJwtProviderMetadata(oidcProviderMetadata);
+        jwtLoginService.setAuthenticationProvider(authenticationProvider);
+        return jwtLoginService;
     }
     
  

maxkey-core/src/main/java/org/maxkey/web/WebContext.java

@@ -28,7 +28,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import org.apache.commons.logging.LogFactory;
-import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.util.DateUtils;
@@ -113,7 +112,7 @@ public final class WebContext {
      * @param code String
      * @param message String
      * @return boolean
-     */
+     
     public static boolean setAuthentication(String username, 
                                             String type, 
                                             String provider, 
@@ -125,7 +124,7 @@ public final class WebContext {
         authenticationProvider.trustAuthentication(username, type, provider, code, message);
         
         return isAuthenticated();
-    }
+    }*/
 
     public static void setAuthentication(Authentication authentication) {
         setAttribute(WebConstants.AUTHENTICATION, authentication);

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java

@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.Validate;
+import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authz.saml.common.EndpointGenerator;
 import org.maxkey.authz.saml.common.TrustResolver;
 import org.maxkey.authz.saml.service.IDService;
@@ -44,7 +45,6 @@ import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.crypto.keystore.KeyStoreLoader;
 import org.maxkey.domain.apps.AppsSAML20Details;
 import org.maxkey.persistence.service.AppsSaml20DetailsService;
-import org.maxkey.web.WebContext;
 import org.opensaml.common.binding.SAMLMessageContext;
 import org.opensaml.common.binding.security.IssueInstantRule;
 import org.opensaml.common.binding.security.MessageReplayRule;
@@ -88,6 +88,10 @@ public class ConsumerEndpoint {
 	@Autowired
 	@Qualifier("idService")
 	private IDService idService;
+	
+	@Autowired
+    @Qualifier("authenticationProvider")
+    RealmAuthenticationProvider authenticationProvider ;
 
 	private String singleSignOnServiceURL;
 	private String assertionConsumerServiceURL;
@@ -178,7 +182,7 @@ public class ConsumerEndpoint {
 	
 		logger.debug("assertion.getID() ", assertion.getAuthnStatements());
 		
-		WebContext.setAuthentication(username, ConstantsLoginType.SAMLTRUST,"","","success");
+		authenticationProvider.trustAuthentication(username, ConstantsLoginType.SAMLTRUST,"","","success");
 
 		ModelAndView mav = new ModelAndView();
 		mav.addObject("username", username);

maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/CasAutoConfiguration.java

@@ -84,7 +84,7 @@ public class CasAutoConfiguration implements InitializingBean {
         TicketServices casTicketServices = null;
         if (persistence == 0) {
             casTicketServices = new InMemoryTicketGrantingTicketServices();
-            _logger.debug("InMemoryTicketServices");
+            _logger.debug("InMemoryTicketGrantingTicketServices");
         } else if (persistence == 1) {
             //
             //casTicketServices = new JdbcTicketServices(jdbcTemplate);