Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
MaxKey单点登录官方(MaxKeyTop)
MaxKey
提交
eca33676
MaxKey
项目概览
MaxKey单点登录官方(MaxKeyTop)
/
MaxKey
8 个月 前同步成功
通知
75
Star
3
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
1
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
1
Issue
1
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
eca33676
编写于
10月 09, 2021
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
OAuth 2 PKCE 持久化
上级
121fe412
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
115 addition
and
40 deletion
+115
-40
maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
.../main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
+15
-1
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
...org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
+5
-0
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
...entity/apps/oauth2/provider/client/BaseClientDetails.java
+20
-0
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
...uthz/oauth2/provider/client/JdbcClientDetailsService.java
+9
-4
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
...ey-web-mgt/src/main/resources/messages/message.properties
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
...web-mgt/src/main/resources/messages/message_en.properties
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
...-mgt/src/main/resources/messages/message_zh_CN.properties
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
.../src/main/resources/templates/views/apps/appAddCommon.ftl
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
...c/main/resources/templates/views/apps/appUpdateCommon.ftl
+1
-1
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
...-mgt/src/main/resources/templates/views/apps/appsList.ftl
+2
-0
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
...rc/main/resources/templates/views/apps/oauth20/appAdd.ftl
+37
-14
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
...main/resources/templates/views/apps/oauth20/appUpdate.ftl
+22
-16
未找到文件。
maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java
浏览文件 @
eca33676
...
...
@@ -62,6 +62,8 @@ public class AppsOAuth20Details extends Apps {
private
String
userInfoEncryptionMethod
;
private
String
jwksUri
;
private
String
pkce
;
/**
*
...
...
@@ -88,7 +90,7 @@ public class AppsOAuth20Details extends Apps {
this
.
setVendor
(
application
.
getVendor
());
this
.
setVendorUrl
(
application
.
getVendorUrl
());
this
.
setVisible
(
application
.
getVisible
());
this
.
clientSecret
=
baseClientDetails
.
getClientSecret
();
this
.
scope
=
baseClientDetails
.
getScope
().
toString
();
this
.
resourceIds
=
baseClientDetails
.
getResourceIds
().
toString
();
...
...
@@ -110,7 +112,17 @@ public class AppsOAuth20Details extends Apps {
this
.
jwksUri
=
baseClientDetails
.
getJwksUri
();
this
.
approvalPrompt
=
baseClientDetails
.
getApprovalPrompt
();
this
.
pkce
=
baseClientDetails
.
getPkce
();
}
public
String
getPkce
()
{
return
pkce
;
}
public
void
setPkce
(
String
pkce
)
{
this
.
pkce
=
pkce
;
}
/**
...
...
@@ -327,6 +339,8 @@ public class AppsOAuth20Details extends Apps {
baseClientDetails
.
setJwksUri
(
this
.
getJwksUri
());
baseClientDetails
.
setApprovalPrompt
(
this
.
getApprovalPrompt
());
baseClientDetails
.
setPkce
(
this
.
getPkce
());
baseClientDetails
.
setProtocol
(
this
.
getProtocol
());
return
baseClientDetails
;
}
...
...
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java
浏览文件 @
eca33676
...
...
@@ -147,5 +147,10 @@ public interface ClientDetails extends Serializable {
public
String
getJwksUri
();
public
String
getApprovalPrompt
();
public
String
getPkce
();
public
String
getProtocol
();
}
maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java
浏览文件 @
eca33676
...
...
@@ -94,6 +94,10 @@ public class BaseClientDetails implements ClientDetails {
private
String
approvalPrompt
;
private
String
pkce
;
private
String
protocol
;
public
BaseClientDetails
()
{
}
...
...
@@ -370,6 +374,22 @@ public class BaseClientDetails implements ClientDetails {
public
void
setApprovalPrompt
(
String
approvalPrompt
)
{
this
.
approvalPrompt
=
approvalPrompt
;
}
public
String
getPkce
()
{
return
pkce
;
}
public
void
setPkce
(
String
pkce
)
{
this
.
pkce
=
pkce
;
}
public
String
getProtocol
()
{
return
protocol
;
}
public
void
setProtocol
(
String
protocol
)
{
this
.
protocol
=
protocol
;
}
@Override
public
int
hashCode
()
{
...
...
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
浏览文件 @
eca33676
...
...
@@ -60,7 +60,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
+
"AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, "
+
"REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, APPROVALPROMPT , "
+
"IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, "
+
"USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI"
;
+
"USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI
, PKCE, PROTOCOL
"
;
private
static
final
String
CLIENT_FIELDS
=
"client_secret, "
+
CLIENT_FIELDS_FOR_UPDATE
;
...
...
@@ -72,7 +72,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
private
static
final
String
DEFAULT_SELECT_STATEMENT
=
BASE_FIND_STATEMENT
+
" where client_id = ?"
;
private
static
final
String
DEFAULT_INSERT_STATEMENT
=
"insert into mxk_apps_oauth_client_details ("
+
CLIENT_FIELDS
+
", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"
;
+
", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?
,?,?
)"
;
private
static
final
String
DEFAULT_UPDATE_STATEMENT
=
"update mxk_apps_oauth_client_details "
+
"set "
+
CLIENT_FIELDS_FOR_UPDATE
.
replaceAll
(
", "
,
"=?, "
)
+
"=? where client_id = ?"
;
...
...
@@ -196,7 +196,11 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
clientDetails
.
getIdTokenSigningAlgorithm
(),
clientDetails
.
getIdTokenEncryptedAlgorithm
(),
clientDetails
.
getIdTokenEncryptionMethod
(),
clientDetails
.
getUserInfoSigningAlgorithm
(),
clientDetails
.
getUserInfoEncryptedAlgorithm
(),
clientDetails
.
getUserInfoEncryptionMethod
(),
clientDetails
.
getJwksUri
(),
clientDetails
.
getClientId
()
};
clientDetails
.
getUserInfoEncryptionMethod
(),
clientDetails
.
getJwksUri
(),
clientDetails
.
getPkce
(),
clientDetails
.
getProtocol
(),
clientDetails
.
getClientId
()
};
}
private
String
getAutoApproveScopes
(
ClientDetails
clientDetails
)
{
...
...
@@ -279,7 +283,8 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
details
.
setUserInfoSigningAlgorithm
(
rs
.
getString
(
"USERINFOSIGNINGALGORITHM"
));
details
.
setJwksUri
(
rs
.
getString
(
"JWKSURI"
));
details
.
setApprovalPrompt
(
rs
.
getString
(
"APPROVALPROMPT"
));
details
.
setPkce
(
rs
.
getString
(
"PKCE"
));
details
.
setProtocol
(
rs
.
getString
(
"PROTOCOL"
));
String
json
=
rs
.
getString
(
10
);
if
(
json
!=
null
)
{
try
{
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties
浏览文件 @
eca33676
...
...
@@ -270,7 +270,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased
=
\u8868\u5355\u
8ba4
\u
8bc1
apps.protocol.desktop
=
\u
684c
\u9762\u
8ba4
\u
8bc1
apps.protocol.tokenbased
=
\u
4ee4
\u
724c
\u
8ba4
\u
8bc1
apps.protocol.oauth2.0
=
OAuth2.
0
apps.protocol.oauth2.0
=
OAuth2.
x
apps.protocol.saml2.0
=
SAML2.0
apps.protocol.ltpa
=
\u
8f7b
\u
91cf
\u
7ea7
\u
8ba4
\u
8bc1(LTPA)
apps.protocol.cas
=
CAS
\u
8ba4
\u
8bc1
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties
浏览文件 @
eca33676
...
...
@@ -273,7 +273,7 @@ apps.category=category
apps.protocol.formbased
=
formbased
apps.protocol.desktop
=
desktop
apps.protocol.tokenbased
=
tokenbased
apps.protocol.oauth2.0
=
OAuth2.
0
apps.protocol.oauth2.0
=
OAuth2.
x
apps.protocol.saml2.0
=
SAML2.0
apps.protocol.ltpa
=
Lightweight Third-Party(LTPA)
apps.protocol.cas
=
CAS
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties
浏览文件 @
eca33676
...
...
@@ -272,7 +272,7 @@ apps.category=\u7c7b\u578b
apps.protocol.formbased
=
\u8868\u5355\u
8ba4
\u
8bc1
apps.protocol.desktop
=
\u
684c
\u9762\u
8ba4
\u
8bc1
apps.protocol.tokenbased
=
\u
4ee4
\u
724c
\u
8ba4
\u
8bc1
apps.protocol.oauth2.0
=
OAuth2.
0
apps.protocol.oauth2.0
=
OAuth2.
x
apps.protocol.saml2.0
=
SAML2.0
apps.protocol.ltpa
=
\u
8f7b
\u
91cf
\u
7ea7
\u
8ba4
\u
8bc1(LTPA)
apps.protocol.cas
=
CAS
\u
8ba4
\u
8bc1
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl
浏览文件 @
eca33676
...
...
@@ -45,7 +45,7 @@
</tr>
<tr>
<th style="width:15%;"><@locale code="apps.protocol"/>:</th>
<td style="width:35%;">
<td style="width:35%;"
id="app_protocol_control"
>
<span id="protocol_text" >${model.protocol!}</span>
<input type="hidden"class="form-control" id="protocol" name="protocol" title="" value="${model.protocol!}"/>
</td>
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl
浏览文件 @
eca33676
...
...
@@ -55,7 +55,7 @@
</tr>
<tr>
<th><@locale code="apps.icon"/>:</th>
<td><img id="iconFileImg"
width='30'
height='30' src='<@base/>/image/${model.id!}'/>
<td><img id="iconFileImg" height='30' src='<@base/>/image/${model.id!}'/>
</td>
<th><@locale code="common.text.sortindex"/></th>
<td>
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl
浏览文件 @
eca33676
...
...
@@ -17,6 +17,8 @@
};
var
protocolArray
=
new
Array
();
protocolArray
[
"
OAuth_v2.0
"
]
=
"
oauth20
"
;
protocolArray
[
"
OAuth_v2.1
"
]
=
"
oauth20
"
;
protocolArray
[
"
OpenID_Connect_v1.0
"
]
=
"
oauth20
"
;
protocolArray
[
"
SAML_v2.0
"
]
=
"
saml20
"
;
protocolArray
[
"
Token_Based
"
]
=
"
tokenbased
"
;
protocolArray
[
"
Form_Based
"
]
=
"
formbased
"
;
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl
浏览文件 @
eca33676
...
...
@@ -4,6 +4,21 @@
<
#include
"../../
layout
/
header.ftl
"
/>
<
#include
"../../
layout
/
common.cssjs.ftl
"
/>
<
#include
"../
appCommonHead.ftl
"
/>
<script
type=
"text/javascript"
>
<!--
$
(
function
(){
if
(
"
OAuth_v2.0
"
==
"
${model.protocol!}
"
)
{
$
(
"
#app_protocol_control
"
).
html
(
'
<select id="protocol" name="protocol" class="form-control form-select" >
'
+
'
<option value="OAuth_v2.0" selected >OAuth_v2.0</option>
'
+
'
<option value="OAuth_v2.1" >OAuth_v2.1</option>
'
+
'
<option value="OpenID_Connect_v1.0" >OpenID_Connect_v1.0</option>
'
+
'
</select>
'
);
}
});
//-->
</script>
</head>
<body>
<form
id=
"actionForm_app"
method=
"post"
type=
"label"
autoclose=
"true"
closeWindow=
"true"
...
...
@@ -94,6 +109,27 @@
</td>
</tr>
<tr>
<th>
PKCE:
</th>
<td
>
<select
id=
"pkce"
name=
"pkce"
class=
"form-control form-select"
>
<option
value=
"yes"
>
<
@
locale
code=
"common.text.yes"
/></option>
<option
value=
"no"
selected
>
<
@
locale
code=
"common.text.no"
/></option>
</select>
</td>
<th><
@
locale
code=
"apps.oauth.approvalPrompt"
/>
:
</th>
<td
>
<select
id=
"approvalPrompt"
name=
"approvalPrompt"
class=
"form-control form-select"
>
<option
value=
"force"
selected
>
<
@
locale
code=
"apps.oauth.approvalPrompt.force"
/></option>
<option
value=
"auto"
>
<
@
locale
code=
"apps.oauth.approvalPrompt.auto"
/></option>
</select>
</td>
</tr>
<tr>
<td
colspan=
4
><
@
locale
code=
"apps.oauth.connect.info"
/></td>
</tr>
<tr>
...
...
@@ -189,20 +225,7 @@
</select>
</td>
</tr>
<tr>
<th><
@
locale
code=
"apps.oauth.approvalPrompt"
/>
:
</th>
<td
>
<select
id=
"approvalPrompt"
name=
"approvalPrompt"
class=
"form-control form-select"
>
<option
value=
"force"
selected
>
<
@
locale
code=
"apps.oauth.approvalPrompt.force"
/></option>
<option
value=
"auto"
>
<
@
locale
code=
"apps.oauth.approvalPrompt.auto"
/></option>
</select>
</td>
<th></th>
<td
>
</td>
</tr>
<tr>
<td
colspan =
4
>
<input
id=
"status"
type=
"hidden"
name=
"status"
value=
"1"
/>
...
...
maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl
浏览文件 @
eca33676
...
...
@@ -55,7 +55,7 @@
<td>
phone
<input
type=
"checkbox"
id=
"scope_phone"
name=
"scope"
value=
"phone"
<
#if
model.scope
?
contains
('
phone
')
>
checked
</
#
if>
/>
</td>
<td>
address
<input
type=
"checkbox"
id=
"scope_address"
name=
"scope"
value=
"address"
<
#if
model.scope
?
contains
('
address
')
>
checked
</
#
if>
/>
</td>
<td>
all
<input
type=
"checkbox"
id=
"scope_all"
name=
"scope"
value=
"all"
<
#if
model.scope
?
contains
('
all
')
>
checked
</
#
if>
/>
</td>
<td><b
class=
"orange"
>
*
</b><label
for=
"scope"
></label></td>
<td><b
class=
"orange"
></b><label
for=
"scope"
></label></td>
</tr>
</table>
</td>
...
...
@@ -96,6 +96,26 @@
</td>
</tr>
<tr>
<th>
PKCE:
</th>
<td
>
<select
id=
"pkce"
name=
"pkce"
class=
"form-control form-select"
>
<option
value=
"yes"
<
#if
"
yes
"==
model.pkce
?
default
("
yes
")
>
selected
</
#
if>
>
<
@
locale
code=
"common.text.yes"
/></option>
<option
value=
"no"
<
#if
'
no
'==
model.pkce
>
selected
</
#
if>
>
<
@
locale
code=
"common.text.no"
/></option>
</select>
</td>
<th><
@
locale
code=
"apps.oauth.approvalPrompt"
/>
:
</th>
<td
>
<select
id=
"approvalPrompt"
name=
"approvalPrompt"
class=
"form-control form-select"
>
<option
value=
"force"
<
#if
""==
model.approvalPrompt
?
default
("")
>
selected
</
#
if>
>
<
@
locale
code=
"apps.oauth.approvalPrompt.force"
/></option>
<option
value=
"auto"
<
#if
'
auto
'==
model.approvalPrompt
>
selected
</
#
if>
>
<
@
locale
code=
"apps.oauth.approvalPrompt.auto"
/></option>
</select>
</td>
</tr>
<tr>
<th><
@
locale
code=
"apps.oauth.connect.idTokenSigningAlgorithm"
/>
:
</th>
<td
>
<select
id=
"idTokenSigningAlgorithm"
name=
"idTokenSigningAlgorithm"
class=
"form-control form-select"
>
...
...
@@ -188,21 +208,7 @@
</select>
</td>
</tr>
<tr>
<th><
@
locale
code=
"apps.oauth.approvalPrompt"
/>
:
</th>
<td
>
<select
id=
"approvalPrompt"
name=
"approvalPrompt"
class=
"form-control form-select"
>
<option
value=
"force"
<
#if
""==
model.approvalPrompt
?
default
("")
>
selected
</
#
if>
>
<
@
locale
code=
"apps.oauth.approvalPrompt.force"
/></option>
<option
value=
"auto"
<
#if
'
auto
'==
model.approvalPrompt
>
selected
</
#
if>
>
<
@
locale
code=
"apps.oauth.approvalPrompt.auto"
/></option>
</select>
</td>
<th></th>
<td
>
</td>
</tr>
</tbody>
</table>
</td>
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录