OAuth 2 PKCE 持久化

maxkey-core/src/main/java/org/maxkey/entity/apps/AppsOAuth20Details.java

@@ -62,6 +62,8 @@ public class AppsOAuth20Details extends Apps {
     private String userInfoEncryptionMethod;
 
     private String jwksUri;
+    
+    private String pkce;
 
     /**
      * 
@@ -88,7 +90,7 @@ public class AppsOAuth20Details extends Apps {
         this.setVendor(application.getVendor());
         this.setVendorUrl(application.getVendorUrl());
         this.setVisible(application.getVisible());
-
+        
         this.clientSecret = baseClientDetails.getClientSecret();
         this.scope = baseClientDetails.getScope().toString();
         this.resourceIds = baseClientDetails.getResourceIds().toString();
@@ -110,7 +112,17 @@ public class AppsOAuth20Details extends Apps {
 
         this.jwksUri = baseClientDetails.getJwksUri();
         this.approvalPrompt = baseClientDetails.getApprovalPrompt();
+        
+        this.pkce = baseClientDetails.getPkce();
+
+    }
+
+    public String getPkce() {
+        return pkce;
+    }
 
+    public void setPkce(String pkce) {
+        this.pkce = pkce;
     }
 
     /**
@@ -327,6 +339,8 @@ public class AppsOAuth20Details extends Apps {
 
         baseClientDetails.setJwksUri(this.getJwksUri());
         baseClientDetails.setApprovalPrompt(this.getApprovalPrompt());
+        baseClientDetails.setPkce(this.getPkce());
+        baseClientDetails.setProtocol(this.getProtocol());
 
         return baseClientDetails;
     }

maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/ClientDetails.java

@@ -147,5 +147,10 @@ public interface ClientDetails extends Serializable {
 	public String getJwksUri();
 	
 	public String getApprovalPrompt();
+	
+	public String getPkce();
+	
+	public String getProtocol();
+	
 
 }

maxkey-core/src/main/java/org/maxkey/entity/apps/oauth2/provider/client/BaseClientDetails.java

@@ -94,6 +94,10 @@ public class BaseClientDetails implements ClientDetails {
 	
 	private String approvalPrompt;
 	
+	private String pkce;
+	
+	private String protocol;
+	
 	
 	public BaseClientDetails() {
 	}
@@ -370,6 +374,22 @@ public class BaseClientDetails implements ClientDetails {
     public void setApprovalPrompt(String approvalPrompt) {
         this.approvalPrompt = approvalPrompt;
     }
+ 
+    public String getPkce() {
+        return pkce;
+    }
+
+    public void setPkce(String pkce) {
+        this.pkce = pkce;
+    }
+
+    public String getProtocol() {
+        return protocol;
+    }
+
+    public void setProtocol(String protocol) {
+        this.protocol = protocol;
+    }
 
     @Override
 	public int hashCode() {

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java

@@ -60,7 +60,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
             + "AUTHORIZED_GRANT_TYPES, WEB_SERVER_REDIRECT_URI, AUTHORITIES, ACCESS_TOKEN_VALIDITY, "
             + "REFRESH_TOKEN_VALIDITY, ADDITIONAL_INFORMATION, AUTOAPPROVE, APPROVALPROMPT , "
             + "IDTOKENSIGNINGALGORITHM, IDTOKENENCRYPTEDALGORITHM, IDTOKENENCRYPTIONMETHOD, "
-            + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI";
+            + "USERINFOSIGNINGALGORITHM, USERINFOCRYPTEDALGORITHM, USERINFOENCRYPTIONMETHOD, JWKSURI, PKCE, PROTOCOL";
 
     private static final String CLIENT_FIELDS = "client_secret, " + CLIENT_FIELDS_FOR_UPDATE;
 
@@ -72,7 +72,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
     private static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?";
 
     private static final String DEFAULT_INSERT_STATEMENT = "insert into mxk_apps_oauth_client_details (" + CLIENT_FIELDS
-            + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
+            + ", client_id) values (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
 
     private static final String DEFAULT_UPDATE_STATEMENT = "update mxk_apps_oauth_client_details " + "set "
             + CLIENT_FIELDS_FOR_UPDATE.replaceAll(", ", "=?, ") + "=? where client_id = ?";
@@ -196,7 +196,11 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
                 clientDetails.getIdTokenSigningAlgorithm(),
                 clientDetails.getIdTokenEncryptedAlgorithm(), clientDetails.getIdTokenEncryptionMethod(),
                 clientDetails.getUserInfoSigningAlgorithm(), clientDetails.getUserInfoEncryptedAlgorithm(),
-                clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), clientDetails.getClientId() };
+                clientDetails.getUserInfoEncryptionMethod(), clientDetails.getJwksUri(), 
+                clientDetails.getPkce(), clientDetails.getProtocol(),
+                clientDetails.getClientId()
+                
+            };
     }
 
     private String getAutoApproveScopes(ClientDetails clientDetails) {
@@ -279,7 +283,8 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
             details.setUserInfoSigningAlgorithm(rs.getString("USERINFOSIGNINGALGORITHM"));
             details.setJwksUri(rs.getString("JWKSURI"));
             details.setApprovalPrompt(rs.getString("APPROVALPROMPT"));
-
+            details.setPkce(rs.getString("PKCE"));
+            details.setProtocol(rs.getString("PROTOCOL"));
             String json = rs.getString(10);
             if (json != null) {
                 try {

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message.properties

@@ -270,7 +270,7 @@ apps.category=\u7c7b\u578b
 apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
 apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
 apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
 apps.protocol.saml2.0=SAML2.0
 apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
 apps.protocol.cas=CAS\u8ba4\u8bc1

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_en.properties

@@ -273,7 +273,7 @@ apps.category=category
 apps.protocol.formbased=formbased
 apps.protocol.desktop=desktop
 apps.protocol.tokenbased=tokenbased
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
 apps.protocol.saml2.0=SAML2.0
 apps.protocol.ltpa=Lightweight Third-Party(LTPA)
 apps.protocol.cas=CAS 

maxkey-webs/maxkey-web-mgt/src/main/resources/messages/message_zh_CN.properties

@@ -272,7 +272,7 @@ apps.category=\u7c7b\u578b
 apps.protocol.formbased=\u8868\u5355\u8ba4\u8bc1
 apps.protocol.desktop=\u684c\u9762\u8ba4\u8bc1
 apps.protocol.tokenbased=\u4ee4\u724c\u8ba4\u8bc1
-apps.protocol.oauth2.0=OAuth2.0
+apps.protocol.oauth2.0=OAuth2.x
 apps.protocol.saml2.0=SAML2.0
 apps.protocol.ltpa=\u8f7b\u91cf\u7ea7\u8ba4\u8bc1(LTPA)
 apps.protocol.cas=CAS\u8ba4\u8bc1

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appAddCommon.ftl

@@ -45,7 +45,7 @@
       </tr>
       <tr>
          <th style="width:15%;"><@locale code="apps.protocol"/>：</th>
-         <td style="width:35%;">
+         <td style="width:35%;" id="app_protocol_control">
          	<span  id="protocol_text" >${model.protocol!}</span>
             <input type="hidden"class="form-control"  id="protocol" name="protocol"  title="" value="${model.protocol!}"/>
          </td>

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appUpdateCommon.ftl

@@ -55,7 +55,7 @@
       </tr>
       <tr>
          <th><@locale code="apps.icon"/>：</th>
-         <td><img id="iconFileImg" width='30' height='30' src='<@base/>/image/${model.id!}'/>
+         <td><img id="iconFileImg" height='30' src='<@base/>/image/${model.id!}'/>
          </td>
          <th><@locale code="common.text.sortindex"/></th>
          <td>

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/appsList.ftl

@@ -17,6 +17,8 @@
 	};
 	var protocolArray = new Array();	
 	protocolArray["OAuth_v2.0"]="oauth20";
+	protocolArray["OAuth_v2.1"]="oauth20";
+	protocolArray["OpenID_Connect_v1.0"]="oauth20";
 	protocolArray["SAML_v2.0"]="saml20";
 	protocolArray["Token_Based"]="tokenbased";
 	protocolArray["Form_Based"]="formbased";

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appAdd.ftl

@@ -4,6 +4,21 @@
 	<#include  "../../layout/header.ftl"/>
 	<#include  "../../layout/common.cssjs.ftl"/>
 	<#include  "../appCommonHead.ftl"/>
+	<script type="text/javascript">
+    <!--
+    $(function(){ 
+        if("OAuth_v2.0"=="${model.protocol!}") { 
+            $("#app_protocol_control").html(
+                '<select  id="protocol" name="protocol" class="form-control  form-select" >'+
+                    '<option value="OAuth_v2.0" selected >OAuth_v2.0</option>'+
+                    '<option value="OAuth_v2.1" >OAuth_v2.1</option>'+
+                    '<option value="OpenID_Connect_v1.0" >OpenID_Connect_v1.0</option>'+
+                '</select>'
+            );
+        }
+    });
+    //-->
+    </script>
 </head>
 <body>
 <form id="actionForm_app"  method="post" type="label" autoclose="true"    closeWindow="true"
@@ -94,6 +109,27 @@
 					</td>
 				</tr>
 				<tr>
+                    <th>PKCE：</th>
+                    <td >
+                        <select  id="pkce" name="pkce" class="form-control  form-select">
+                            <option value="yes"  >
+                                <@locale code="common.text.yes" /></option>
+                            <option value="no" selected>
+                                <@locale code="common.text.no" /></option>
+                        </select>
+                    </td>
+                    <th><@locale code="apps.oauth.approvalPrompt" />：</th>
+                    <td >
+                        <select  id="approvalPrompt" name="approvalPrompt"  class="form-control  form-select" >
+                            <option value="force" selected>
+                                <@locale code="apps.oauth.approvalPrompt.force" /></option>
+                            <option value="auto"  >
+                                <@locale code="apps.oauth.approvalPrompt.auto" /></option>
+                        </select>
+                    </td>
+                    
+                </tr>
+				<tr>
 					<td colspan=4><@locale code="apps.oauth.connect.info" /></td>
 				</tr>
 				<tr>
@@ -189,20 +225,7 @@
 						</select>
 					</td>
 				</tr>
-				<tr>
-					<th><@locale code="apps.oauth.approvalPrompt" />：</th>
-					<td >
-						<select  id="approvalPrompt" name="approvalPrompt"  class="form-control  form-select" >
-							<option value="force" selected>
-								<@locale code="apps.oauth.approvalPrompt.force" /></option>
-							<option value="auto"  >
-								<@locale code="apps.oauth.approvalPrompt.auto" /></option>
-						</select>
-					</td>
-					<th></th>
-					<td >
-					</td>
-				</tr>
+				
 				<tr>
 					<td colspan =4>
 						<input  id="status" type="hidden" name="status"  value="1"/>

maxkey-webs/maxkey-web-mgt/src/main/resources/templates/views/apps/oauth20/appUpdate.ftl

@@ -55,7 +55,7 @@
 								<td>phone<input type="checkbox" id="scope_phone" name="scope" value="phone" <#if   model.scope?contains('phone') >checked</#if>/></td>
 								<td>address<input type="checkbox" id="scope_address" name="scope" value="address" <#if   model.scope?contains('address') >checked</#if>/></td>
 								<td>all<input type="checkbox" id="scope_all" name="scope" value="all" <#if   model.scope?contains('all') >checked</#if>/></td>
-								<td><b class="orange">*</b><label for="scope"></label></td>
+								<td><b class="orange"></b><label for="scope"></label></td>
 							</tr>
 						</table>
 					</td>
@@ -96,6 +96,26 @@
 					</td>
 				</tr>
 				<tr>
+                    <th>PKCE：</th>
+                    <td >
+                        <select  id="pkce" name="pkce" class="form-control  form-select">
+                            <option value="yes"  <#if   "yes"==model.pkce?default("yes") >selected</#if>>
+                                <@locale code="common.text.yes" /></option>
+                            <option value="no"  <#if   'no'==model.pkce >selected</#if>>
+                                <@locale code="common.text.no" /></option>
+                        </select>
+                    </td>
+                    <th><@locale code="apps.oauth.approvalPrompt" />：</th>
+                    <td >
+                        <select  id="approvalPrompt" name="approvalPrompt" class="form-control  form-select">
+                            <option value="force"  <#if   ""==model.approvalPrompt?default("") >selected</#if>>
+                                <@locale code="apps.oauth.approvalPrompt.force" /></option>
+                            <option value="auto"  <#if   'auto'==model.approvalPrompt >selected</#if>>
+                                <@locale code="apps.oauth.approvalPrompt.auto" /></option>
+                        </select>
+                    </td>
+                </tr>
+				<tr>
 					<th><@locale code="apps.oauth.connect.idTokenSigningAlgorithm" />：</th>
 					<td >
 						<select  id="idTokenSigningAlgorithm" name="idTokenSigningAlgorithm" class="form-control  form-select">
@@ -188,21 +208,7 @@
 						</select>
 					</td>
 				</tr>
-				<tr>
-					<th><@locale code="apps.oauth.approvalPrompt" />：</th>
-					<td >
-						<select  id="approvalPrompt" name="approvalPrompt" class="form-control  form-select">
-							<option value="force"  <#if   ""==model.approvalPrompt?default("") >selected</#if>>
-								<@locale code="apps.oauth.approvalPrompt.force" /></option>
-							<option value="auto"  <#if   'auto'==model.approvalPrompt >selected</#if>>
-								<@locale code="apps.oauth.approvalPrompt.auto" /></option>
-						</select>
-					</td>
-					<th></th>
-					<td >
-
-					</td>
-				</tr>
+				
 				</tbody>
 			  </table>
   	       </td>