diff --git a/gradle.properties b/gradle.properties
index 79d9413ad529cb41a11912abf1b01a3425742c89..b845f60dd63f3cc7d87cdebf80da146e321592dc 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -77,8 +77,8 @@ knife4jVersion =3.0.3
#database
postgresqlVersion =42.2.20
mysqlconnectorjavaVersion =8.0.26
-druidVersion =1.2.6
-druidspringbootstarterVersion =1.2.6
+druidVersion =1.2.8
+druidspringbootstarterVersion =1.2.8
jedisVersion =3.7.0
ehcacheVersion =3.9.6
mybatisVersion =3.5.7
@@ -121,9 +121,9 @@ javaxtransactionapiVersion =1.3
validationapiVersion =2.0.1.Final
jsr173Version =1.0
jaxbapiVersion =2.3.1
-jaxbcoreVersion =2.3.0.1
-jaxbimplVersion =2.3.2
-jaxbxjcVersion =2.3.2
+jaxbcoreVersion =3.0.2
+jaxbimplVersion =3.0.2
+jaxbxjcVersion =3.0.2
classmateVersion =1.5.0
fastjsonVersion =1.2.78
reactivestreamsVersion =1.0.3
diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
index a007fbbe831ddc436d2e515df7cac9b694ce0188..53a06df1e2bbd1d3956416089f1c3fece3dbe525 100644
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -102,8 +102,8 @@ public abstract class AbstractAuthenticationProvider {
WebContext.setAttribute(
WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
} catch (Exception e) {
- String message = "Unexpected exception in " + getProviderName() + " authentication:";
- _logger.error("Login error " + message, e);
+ _logger.error("Login error Unexpected exception in {} authentication:\n{}" ,
+ getProviderName(), e.getMessage());
}
if (authentication== null || !authentication.isAuthenticated()) {
@@ -186,7 +186,7 @@ public abstract class AbstractAuthenticationProvider {
}
final String message = WebContext.getI18nValue("login.error.authtype");
- _logger.debug("Login AuthN type must eq basic or tfa , Error message is " + message);
+ _logger.debug("Login AuthN type must eq basic or tfa , Error message is {}" , message);
throw new BadCredentialsException(message);
}
diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
index e735c3d53a1054ddb8d8670dca77102dfaa99acc..a1301a844e8e12081ac9e0a3ebf6bfaf1e1c31a7 100644
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java
@@ -160,7 +160,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
return authentication;
}else {
String i18nMessage = WebContext.getI18nValue("login.error.username");
- _logger.debug("login user " + loginCredential.getUsername() + " not in this System ." + i18nMessage);
+ _logger.debug("login user {} not in this System . {}" ,
+ loginCredential.getUsername(),i18nMessage);
throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
}
}
@@ -169,7 +170,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
String currentUserSessionId = WebContext.genId();
//Online Tickit Id
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + currentUserSessionId;
- _logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName());
+ _logger.debug("set online Tickit Cookie {} on domain {}",
+ onlineTickitId,
+ this.applicationConfig.getBaseDomainName()
+ );
OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
@@ -191,7 +195,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
_logger.trace("ROLE ADMINISTRATORS Authentication .");
}
}
- _logger.debug("Granted Authority " + grantedAuthoritys);
+ _logger.debug("Granted Authority {}" , grantedAuthoritys);
signinPrincipal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys));
diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java
index 9fe1da767b31f4dfabc7e486ea4bfaa3050f8da6..d8978573ebf30b333386469ad24b4a062681b1e9 100644
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java
@@ -116,7 +116,7 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
}
}
- _logger.debug("passwordvalid : " + passwordMatches);
+ _logger.debug("passwordvalid : {}" , passwordMatches);
if (!passwordMatches) {
passwordPolicyValidator.plusBadPasswordCount(userInfo);
insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "password error");
diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
index a9d9faee692eed7ba9b0e231938336e343776892..d000393f9465fe558cc22a05ffc4335d7e0b63c6 100644
--- a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
+++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java
@@ -48,9 +48,9 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
final static Logger _logger = LoggerFactory.getLogger(SocialSignOnEndpoint.class);
public ModelAndView socialSignOnAuthorize(HttpServletRequest request,String provider){
- _logger.trace("SocialSignOn provider : "+provider);
+ _logger.trace("SocialSignOn provider : " + provider);
String authorizationUrl=buildAuthRequest(provider).authorize(request.getSession().getId());
- _logger.trace("authorize SocialSignOn : "+authorizationUrl);
+ _logger.trace("authorize SocialSignOn : " + authorizationUrl);
return WebContext.redirect(authorizationUrl);
}
@@ -77,12 +77,16 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
socialSignOnUser.setProvider(provider);
socialSignOnUser.setUserId(WebContext.getUserInfo().getId());
socialSignOnUser.setUsername(WebContext.getUserInfo().getUsername());
- _logger.debug("Social Sign On unbind "+provider+" from user "+WebContext.getUserInfo().getUsername());
+ _logger.debug("Social Sign On unbind {} from user {}",
+ provider,
+ WebContext.getUserInfo().getUsername()
+ );
socialsAssociateService.delete(socialSignOnUser);
- if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
- return WebContext.redirect(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI).toString());
+ Object redirect_uri = WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI);
+ if(redirect_uri != null){
+ return WebContext.redirect(redirect_uri.toString());
}else{
return WebContext.forward("/socialsignon/list");
}
@@ -105,7 +109,8 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
socialSignOnAuthorize(request,provider);
SocialSignOnProvider socialSignOnProvider = socialSignOnProviderService.get(provider);
socialSignOnProvider.setState(request.getSession().getId());
- socialSignOnProvider.setRedirectUri(applicationConfig.getServerPrefix()+ "/logon/oauth20/callback/"+provider);
+ socialSignOnProvider.setRedirectUri(applicationConfig.getServerPrefix()+
+ "/logon/oauth20/callback/"+provider);
return socialSignOnProvider;
}
@@ -123,20 +128,21 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
socialsAssociate.setSocialUserId(this.accountId);
//for login
- String socialSignOnType= "";
- if(WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION)!=null){
- socialSignOnType=WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION).toString();
- }
+ String socialSignOnType=
+ (WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION)!=null) ?
+ (WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION).toString()) : "";
+
- if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)||socialSignOnType.equals("")){
+ if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)
+ ||socialSignOnType.equals("")){
socialSignOn(socialsAssociate);
return WebContext.redirect("/index");
}else{
socialBind(socialsAssociate);
}
-
- if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
- return WebContext.redirect(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI).toString());
+ Object redirect_uri = WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI);
+ if(redirect_uri != null){
+ return WebContext.redirect(redirect_uri.toString());
}else{
return WebContext.forward("/socialsignon/list");
}
@@ -171,11 +177,15 @@ public class SocialSignOnEndpoint extends AbstractSocialSignOnEndpoint{
_logger.debug("Loaded SocialSignOn Socials Associate : "+socialsAssociate);
if(null == socialsAssociate) {
- WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
+ WebContext.getRequest().getSession().setAttribute(
+ WebAttributes.AUTHENTICATION_EXCEPTION,
+ new BadCredentialsException(WebContext.getI18nValue("login.error.social"))
+ );
return false;
}
- _logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername());
+ _logger.debug("Social Sign On from {} mapping to user {}",
+ socialsAssociate.getProvider(),socialsAssociate.getUsername());
LoginCredential loginCredential =new LoginCredential(
socialsAssociate.getUsername(),"",ConstantsLoginType.SOCIALSIGNON);
diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java
index ddecf2f98839a0010a601a1912474afb34e7d906..cc5495591431650b510dad0f7253a359dfa72550 100644
--- a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java
+++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java
@@ -23,6 +23,7 @@ import java.sql.Types;
import java.util.Date;
import java.util.List;
+import org.maxkey.constants.ConstantsDatabase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.jdbc.core.JdbcTemplate;
@@ -45,22 +46,16 @@ public class JdbcSocialsAssociateService implements SocialsAssociateService{
private final JdbcTemplate jdbcTemplate;
- private String jdbcType;
-
public JdbcSocialsAssociateService(JdbcTemplate jdbcTemplate) {
this.jdbcTemplate=jdbcTemplate;
- try {
- jdbcType = jdbcTemplate.getDataSource().getConnection().getMetaData().getDatabaseProductName();
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
}
@Override
public boolean insert(SocialsAssociate socialsAssociate) {
socialsAssociate.setId(socialsAssociate.generateId());
- jdbcTemplate.update("Oracle".equals(jdbcType)?DEFAULT_DEFAULT_INSERT_STATEMENT_ORACLE:DEFAULT_DEFAULT_INSERT_STATEMENT,
+ jdbcTemplate.update(
+ ConstantsDatabase.compare(ConstantsDatabase.ORACLE)?
+ DEFAULT_DEFAULT_INSERT_STATEMENT_ORACLE:DEFAULT_DEFAULT_INSERT_STATEMENT,
new Object[] {
socialsAssociate.getId(),
socialsAssociate.getUserId(),
@@ -70,7 +65,10 @@ public class JdbcSocialsAssociateService implements SocialsAssociateService{
socialsAssociate.getAccessToken(),
socialsAssociate.getSocialUserInfo(),
socialsAssociate.getExAttribute()},
- new int[] {Types.VARCHAR, Types.VARCHAR,Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR });
+ new int[] {
+ Types.VARCHAR, Types.VARCHAR,Types.VARCHAR,Types.VARCHAR,
+ Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR
+ });
return true;
}
@@ -111,7 +109,13 @@ public class JdbcSocialsAssociateService implements SocialsAssociateService{
@Override
public boolean update(SocialsAssociate socialsAssociate) {
jdbcTemplate.update(DEFAULT_DEFAULT_UPDATE_STATEMENT,
- new Object[] {socialsAssociate.getAccessToken(),socialsAssociate.getSocialUserInfo(),socialsAssociate.getExAttribute(),new Date(),socialsAssociate.getId()},
+ new Object[] {
+ socialsAssociate.getAccessToken(),
+ socialsAssociate.getSocialUserInfo(),
+ socialsAssociate.getExAttribute(),
+ new Date(),
+ socialsAssociate.getId()
+ },
new int[] {Types.VARCHAR, Types.VARCHAR,Types.VARCHAR, Types.TIMESTAMP,Types.VARCHAR });
return false;
}
diff --git a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java
index f149f6752ce99dbcfec3eaf7037c29ee6096088f..aa6433f88325d8f9ace10f369672fcfe11cfd4d1 100644
--- a/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java
+++ b/maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java
@@ -146,7 +146,7 @@ public class SocialSignOnProviderService{
}
}
- _logger.debug(""+this.socialSignOnProviders);
+ _logger.debug("social SignOn Providers {}" , this.socialSignOnProviders);
}
}
diff --git a/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java b/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java
index 847cc7af36f04faff530610f656bb87b104e87fe..4aa35258d8314baa2d5ddfe906780517a6176dde 100644
--- a/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java
+++ b/maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java
@@ -21,6 +21,7 @@
package org.maxkey.crypto;
import java.io.UnsupportedEncodingException;
+import java.security.Provider;
import java.security.Security;
import javax.crypto.Cipher;
@@ -28,6 +29,7 @@ import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.logging.LogFactory;
+import org.maxkey.util.Instance;
import org.maxkey.util.StringGenerator;
/**
@@ -56,11 +58,12 @@ public final class ReciprocalUtils {
static {
if(System.getProperty("java.version").startsWith("1.8")) {
try {
- Security.addProvider(new com.sun.crypto.provider.SunJCE());
+ Security.addProvider((Provider)Instance.newInstance("com.sun.crypto.provider.SunJCE"));
}catch (Exception e) {
e.printStackTrace();
}
}
+ //else not need to add see jdk-17\conf\security\java.security,SunJCE
}
public static byte[] encode(byte[] simpleBytes, SecretKey secretKey, String algorithm) {
diff --git a/maxkey-common/src/test/java/org/maxkey/util/InstanceTest.java b/maxkey-common/src/test/java/org/maxkey/util/InstanceTest.java
new file mode 100644
index 0000000000000000000000000000000000000000..e22320d02baa34581e7f6a288763b0ba9697965d
--- /dev/null
+++ b/maxkey-common/src/test/java/org/maxkey/util/InstanceTest.java
@@ -0,0 +1,23 @@
+package org.maxkey.util;
+
+import java.security.Provider;
+import java.security.Security;
+
+import org.maxkey.client.crypto.ReciprocalUtils;
+
+public class InstanceTest {
+
+ public static void main(String[] args) {
+ if(System.getProperty("java.version").startsWith("1.8")) {
+ System.out.println("1.8");
+ Security.addProvider((Provider)Instance.newInstance("com.sun.crypto.provider.SunJCE"));
+ System.out.println(ReciprocalUtils.encode("ddddd"));
+
+ System.out.println(ReciprocalUtils.encode("ddfs"));
+ }else {
+ System.out.println("other");
+ }
+
+ }
+
+}
diff --git a/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java b/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
index 74989ce0cd28d3da23c8c3e9f19c73dba6c207d5..e7a8c2914801b1409d2bf7e4ccfb4d1a67670dde 100644
--- a/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java
@@ -78,6 +78,8 @@ public class ApplicationConfig {
@Value("${maxkey.notices.visible:false}")
private boolean noticesVisible;
+ public static String databaseProduct = "MySQL";
+
public int getPort() {
return port;
diff --git a/maxkey-core/src/main/java/org/maxkey/constants/ConstantsDatabase.java b/maxkey-core/src/main/java/org/maxkey/constants/ConstantsDatabase.java
new file mode 100644
index 0000000000000000000000000000000000000000..1c40a942cd2cab39e743fb1c417635ef77128948
--- /dev/null
+++ b/maxkey-core/src/main/java/org/maxkey/constants/ConstantsDatabase.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+package org.maxkey.constants;
+
+import org.maxkey.configuration.ApplicationConfig;
+
+public class ConstantsDatabase {
+
+ public static String MYSQL = "MySQL";
+
+ public static String POSTGRESQL = "PostgreSQL";
+
+ public static String ORACLE = "Oracle";
+
+ public static String MSSQLSERVER = "SQL Server";
+
+ public static String DB2 = "db2";
+
+ public static boolean compare(String databaseProduct) {
+ if(databaseProduct.equalsIgnoreCase(ApplicationConfig.databaseProduct)) {
+ return true;
+ }
+ return false;
+ }
+
+}
diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java
index d8de54afde3ed8489095a32f882e00222cdbc3f3..8dfc22d70c2eabe684b033181967aad0e64db773 100644
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java
@@ -77,14 +77,16 @@ public class LoginHistoryService {
public void logoff(String lastLogoffTime,String sessionId) {
- _logger.debug(" sessionId " +sessionId +" , lastlogofftime " + lastLogoffTime);
+ _logger.debug(" sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime);
jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
new Object[] { lastLogoffTime, sessionId },
new int[] { Types.VARCHAR, Types.VARCHAR });
}
public void logoff(HistoryLogin historyLogin) {
- _logger.debug(" sessionId " +historyLogin.getSessionId() +" , LogoutTime " + historyLogin.getLogoutTime());
+ _logger.debug(" sessionId {} , LogoutTime {}" ,
+ historyLogin.getSessionId(), historyLogin.getLogoutTime()
+ );
jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
new Object[] { historyLogin.getLogoutTime(), historyLogin.getSessionId() },
new int[] { Types.VARCHAR, Types.VARCHAR });
diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java
index 39c4ab13987ec60066a104c77b1075c4218b4a4c..4ddcae38a3198d62694948b1e6e62425bd1f4bf2 100644
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java
@@ -121,9 +121,10 @@ public class LoginService {
jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.LOCK);
}
} catch (Exception e) {
- e.printStackTrace();
+ _logger.error("lockUser Exception",e);
}
}
@@ -138,9 +139,10 @@ public class LoginService {
jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.ACTIVE);
}
} catch (Exception e) {
- e.printStackTrace();
+ _logger.error("unlockUser Exception",e);
}
}
@@ -155,10 +157,10 @@ public class LoginService {
jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.ACTIVE);
}
} catch (Exception e) {
- e.printStackTrace();
- _logger.error(e.getMessage());
+ _logger.error("resetBadPasswordCountAndLockout Exception",e);
}
}
diff --git a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
index a2a3801773267da1004931faeb2d5958b9b41cb9..4d624a42d867bcf6ff15b6351a1fe7809e572600 100644
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java
@@ -219,7 +219,7 @@ public class PasswordPolicyValidator {
String passwordPolicyMessage = "";
for (String msg : validator.getMessages(result)) {
passwordPolicyMessage = passwordPolicyMessage + msg + "
";
- _logger.debug("Rule Message " + msg);
+ _logger.debug("Rule Message {}" , msg);
}
WebContext.setAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT, passwordPolicyMessage);
return false;
@@ -250,9 +250,13 @@ public class PasswordPolicyValidator {
DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
Duration duration = new Duration(badPasswordTime, currentdateTime);
int intDuration = Integer.parseInt(duration.getStandardHours() + "");
- _logger.debug("bad Password duration " + intDuration
- + " , password policy Duration "+passwordPolicy.getDuration()
- + " , validate result " + (intDuration > passwordPolicy.getDuration()));
+ _logger.debug("bad Password duration {} , " +
+ "password policy Duration {} , "+
+ "validate result {}" ,
+ intDuration,
+ passwordPolicy.getDuration(),
+ (intDuration > passwordPolicy.getDuration())
+ );
//auto unlock attempts when intDuration > set Duration
if(intDuration > passwordPolicy.getDuration()) {
_logger.debug("resetAttempts ...");
@@ -310,15 +314,19 @@ public class PasswordPolicyValidator {
*/
if (passwordPolicy.getExpiration() > 0) {
String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
- _logger.info("last password set date " + passwordLastSetTimeString);
+ _logger.info("last password set date {}" , passwordLastSetTimeString);
DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,
DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
Duration duration = new Duration(changePwdDateTime, currentdateTime);
int intDuration = Integer.parseInt(duration.getStandardDays() + "");
- _logger.debug("password Last Set duration day " + intDuration
- + " , password policy Expiration " +passwordPolicy.getExpiration()
- +" , validate result " + (intDuration <= passwordPolicy.getExpiration()));
+ _logger.debug("password Last Set duration day {} , " +
+ "password policy Expiration {} , " +
+ "validate result {}",
+ intDuration,
+ passwordPolicy.getExpiration(),
+ intDuration <= passwordPolicy.getExpiration()
+ );
if (intDuration > passwordPolicy.getExpiration()) {
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
ConstantsPasswordSetType.PASSWORD_EXPIRED);
@@ -339,9 +347,10 @@ public class PasswordPolicyValidator {
jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.LOCK);
}
} catch (Exception e) {
- e.printStackTrace();
+ _logger.error("lockUser Exception",e);
}
}
@@ -357,9 +366,10 @@ public class PasswordPolicyValidator {
jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.ACTIVE);
}
} catch (Exception e) {
- e.printStackTrace();
+ _logger.error("unlockUser Exception",e);
}
}
@@ -374,10 +384,10 @@ public class PasswordPolicyValidator {
jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
+ userInfo.setIsLocked(ConstantsStatus.ACTIVE);
}
} catch (Exception e) {
- e.printStackTrace();
- _logger.error(e.getMessage());
+ _logger.error("resetAttempts Exception",e);
}
}
@@ -392,8 +402,7 @@ public class PasswordPolicyValidator {
new Object[] { badPasswordCount, new Date(), userId },
new int[] { Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
} catch (Exception e) {
- e.printStackTrace();
- _logger.error(e.getMessage());
+ _logger.error("setBadPasswordCount Exception",e);
}
}
diff --git a/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java b/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java
index 5eda07a02c752283ca627b829ef0259afddda893..724a689ba2f4e391fef44caed9387425a7154fc1 100644
--- a/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java
@@ -31,6 +31,7 @@ import org.apache.commons.lang.SystemUtils;
import org.apache.commons.lang3.ArchUtils;
import org.joda.time.DateTime;
import org.maxkey.cache.CacheFactory;
+import org.maxkey.configuration.ApplicationConfig;
import org.maxkey.util.PathUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -130,34 +131,36 @@ public class InitializeContext extends HttpServlet {
.getConnection();
java.sql.DatabaseMetaData databaseMetaData = connection.getMetaData();
- _logger.debug("DatabaseProductName : "
- + databaseMetaData.getDatabaseProductName());
- _logger.debug("DatabaseProductVersion: "
- + databaseMetaData.getDatabaseProductVersion());
- _logger.trace("DatabaseMajorVersion : "
- + databaseMetaData.getDatabaseMajorVersion());
- _logger.trace("DatabaseMinorVersion : "
- + databaseMetaData.getDatabaseMinorVersion());
- _logger.trace("supportsTransactions : "
- + databaseMetaData.supportsTransactions());
- _logger.trace("DefaultTransaction : "
- + databaseMetaData.getDefaultTransactionIsolation());
- _logger.trace("MaxConnections : "
- + databaseMetaData.getMaxConnections());
+ ApplicationConfig.databaseProduct = databaseMetaData.getDatabaseProductName();
+
+ _logger.debug("DatabaseProductName : {}",
+ databaseMetaData.getDatabaseProductName());
+ _logger.debug("DatabaseProductVersion: {}" ,
+ databaseMetaData.getDatabaseProductVersion());
+ _logger.trace("DatabaseMajorVersion : {}" ,
+ databaseMetaData.getDatabaseMajorVersion());
+ _logger.trace("DatabaseMinorVersion : {}" ,
+ databaseMetaData.getDatabaseMinorVersion());
+ _logger.trace("supportsTransactions : {}" ,
+ databaseMetaData.supportsTransactions());
+ _logger.trace("DefaultTransaction : {}" ,
+ databaseMetaData.getDefaultTransactionIsolation());
+ _logger.trace("MaxConnections : {}" ,
+ databaseMetaData.getMaxConnections());
_logger.trace("");
- _logger.trace("JDBCMajorVersion : "
- + databaseMetaData.getJDBCMajorVersion());
- _logger.trace("JDBCMinorVersion : "
- + databaseMetaData.getJDBCMinorVersion());
- _logger.trace("DriverName : "
- + databaseMetaData.getDriverName());
- _logger.trace("DriverVersion : "
- + databaseMetaData.getDriverVersion());
+ _logger.trace("JDBCMajorVersion : {}" ,
+ databaseMetaData.getJDBCMajorVersion());
+ _logger.trace("JDBCMinorVersion : {}" ,
+ databaseMetaData.getJDBCMinorVersion());
+ _logger.trace("DriverName : {}" ,
+ databaseMetaData.getDriverName());
+ _logger.trace("DriverVersion : {}" ,
+ databaseMetaData.getDriverVersion());
_logger.debug("");
- _logger.debug("DBMS URL : "
- + databaseMetaData.getURL());
- _logger.debug("UserName : "
- + databaseMetaData.getUserName());
+ _logger.debug("DBMS URL : {}" ,
+ databaseMetaData.getURL());
+ _logger.debug("UserName : {}" ,
+ databaseMetaData.getUserName());
_logger.debug("-----------------------------------------------------------");
} catch (SQLException e) {
e.printStackTrace();
@@ -184,7 +187,7 @@ public class InitializeContext extends HttpServlet {
Iterator> it =WebContext.properties.getPropertySources().iterator();
while(it.hasNext()) {
- _logger.debug("propertySource " + it.next());
+ _logger.debug("propertySource {}" , it.next());
}
_logger.trace("-----------------------------------------------------------");
}
@@ -205,21 +208,31 @@ public class InitializeContext extends HttpServlet {
// out
for (Iterator it = keyValueSet.iterator(); it.hasNext();) {
String key = (String) it.next();
- _logger.trace(key + " = " + map.get(key));
+ _logger.trace(key + " = {}" , map.get(key));
}
- _logger.debug("APP_HOME" + " = " + PathUtils.getInstance().getAppPath());
- _logger.debug("OS : "+SystemUtils.OS_NAME +
- "("+SystemUtils.OS_ARCH+" " +ArchUtils.getProcessor().getType()+"),"+
- " version " +SystemUtils.OS_VERSION+""
+ _logger.debug("APP_HOME" + " = {}" , PathUtils.getInstance().getAppPath());
+ _logger.debug("OS : {}({} {}), version {}",
+ SystemUtils.OS_NAME,
+ SystemUtils.OS_ARCH,
+ ArchUtils.getProcessor().getType(),
+ SystemUtils.OS_VERSION
+
);
- _logger.debug("COMPUTER: "+map.get("COMPUTERNAME") +", "+
- "USERNAME : "+map.get("USERNAME")
+ _logger.debug("COMPUTER: {}, USERNAME : {}",
+ map.get("COMPUTERNAME") ,
+ map.get("USERNAME")
);
_logger.debug("JAVA :");
- _logger.debug(SystemUtils.JAVA_VENDOR+
- " java version "+SystemUtils.JAVA_VERSION +", class "+SystemUtils.JAVA_CLASS_VERSION);
- _logger.debug(SystemUtils.JAVA_VM_NAME+
- " (build "+SystemUtils.JAVA_VM_VERSION +", "+ SystemUtils.JAVA_VM_INFO+")");
+ _logger.debug("{} java version {}, class {}",
+ SystemUtils.JAVA_VENDOR,
+ SystemUtils.JAVA_VERSION,
+ SystemUtils.JAVA_CLASS_VERSION
+ );
+ _logger.debug("{} (build {}, {})",
+ SystemUtils.JAVA_VM_NAME,
+ SystemUtils.JAVA_VM_VERSION,
+ SystemUtils.JAVA_VM_INFO
+ );
_logger.debug("-----------------------------------------------------------");
@@ -232,12 +245,12 @@ public class InitializeContext extends HttpServlet {
_logger.info("-----------------------------------------------------------");
_logger.info("+ MaxKey ");
_logger.info("+ Single Sign On ( SSO ) ");
- _logger.info("+ Version "
- + WebContext.properties.getProperty("application.formatted-version"));
+ _logger.info("+ Version {}",
+ WebContext.properties.getProperty("application.formatted-version"));
_logger.info("+");
- _logger.info("+ "+ ((char)0xA9) + "Copyright 2018-"
- + (new DateTime().getYear())
- + " https://www.maxkey.top/");
+ _logger.info("+ {}Copyright 2018-{} https://www.maxkey.top/",
+ (char)0xA9 , new DateTime().getYear()
+ );
_logger.info("+ Licensed under the Apache License, Version 2.0 ");
_logger.info("-----------------------------------------------------------");
}
diff --git a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java
index b177576649b44d05b936500dceffbb07743cf940..3addf8867d17dc0c2b2c3bf6486cb462df92ef25 100644
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java
@@ -23,85 +23,94 @@ public class OAuth2Constants {
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String CLIENT_ID = "client_id";
+ public static final String CLIENT_ID = "client_id";
- public static final String CLIENT_SECRET = "client_secret";
+ public static final String CLIENT_SECRET = "client_secret";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String STATE = "state";
+ public static final String STATE = "state";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String SCOPE = "scope";
+ public static final String SCOPE = "scope";
- public static final String CODE = "code";
+ public static final String CODE = "code";
- public static final String TOKEN = "token";
+ public static final String TOKEN = "token";
- public static final String TOKEN_TYPE = "token_type";
+ public static final String TOKEN_TYPE = "token_type";
- public static final String EXPIRES_IN = "expires_in";
+ public static final String EXPIRES_IN = "expires_in";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String REDIRECT_URI = "redirect_uri";
+ public static final String REDIRECT_URI = "redirect_uri";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String RESPONSE_TYPE = "response_type";
+ public static final String RESPONSE_TYPE = "response_type";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
+ public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
/**
* Constant to use as a prefix for scope approval
*/
- public static final String SCOPE_PREFIX = "scope.";
+ public static final String SCOPE_PREFIX = "scope.";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
- public static final String GRANT_TYPE = "grant_type";
- public static final String GRANT_TYPE_CODE = "code";
- public static final String GRANT_TYPE_PASSWORD = "password";
- public static final String GRANT_TYPE_IMPLICIT = "implicit";
- public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
- public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
+ public static final String GRANT_TYPE = "grant_type";
+ public static final String GRANT_TYPE_CODE = "code";
+ public static final String GRANT_TYPE_PASSWORD = "password";
+ public static final String GRANT_TYPE_IMPLICIT = "implicit";
+ public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
+ public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
- public static final String ACCESS_TOKEN = "access_token";
+ public static final String ACCESS_TOKEN = "access_token";
- public static final String APPROVAL_PROMPT = "approval_prompt";
+ public static final String APPROVAL_PROMPT = "approval_prompt";
+
+ //https://datatracker.ietf.org/doc/html/rfc7636 PKCE
+ //Proof Key for Code Exchange by OAuth Public Clients
+ public static final String CODE_CHALLENGE = "code_challenge" ;
+
+ public static final String CODE_CHALLENGE_METHOD = "code_challenge_method" ;
+
+ public static final String CODE_VERIFIER = "code_verifier" ;
+
}
public static class ENDPOINT{
- public final static String ENDPOINT_BASE = "/authz/oauth/v20";
+ public final static String ENDPOINT_BASE = "/authz/oauth/v20";
- public final static String ENDPOINT_AUTHORIZE = ENDPOINT_BASE + "/authorize";
+ public final static String ENDPOINT_AUTHORIZE = ENDPOINT_BASE + "/authorize";
- public final static String ENDPOINT_TOKEN = ENDPOINT_BASE + "/token";
+ public final static String ENDPOINT_TOKEN = ENDPOINT_BASE + "/token";
- public final static String ENDPOINT_CHECK_TOKEN = ENDPOINT_BASE + "/check_token";
+ public final static String ENDPOINT_CHECK_TOKEN = ENDPOINT_BASE + "/check_token";
- public final static String ENDPOINT_TOKEN_KEY = ENDPOINT_BASE + "/token_key";
+ public final static String ENDPOINT_TOKEN_KEY = ENDPOINT_BASE + "/token_key";
- public final static String ENDPOINT_APPROVAL_CONFIRM = ENDPOINT_BASE + "/approval_confirm";
+ public final static String ENDPOINT_APPROVAL_CONFIRM = ENDPOINT_BASE + "/approval_confirm";
- public final static String ENDPOINT_ERROR = ENDPOINT_BASE + "/error";
+ public final static String ENDPOINT_ERROR = ENDPOINT_BASE + "/error";
- public final static String ENDPOINT_USERINFO = "/api/oauth/v20/me";
+ public final static String ENDPOINT_USERINFO = "/api/oauth/v20/me";
- public final static String ENDPOINT_OPENID_CONNECT_USERINFO = "/api/connect/v10/userinfo";
+ public final static String ENDPOINT_OPENID_CONNECT_USERINFO = "/api/connect/v10/userinfo";
}
}