logs 优化

gradle.properties

@@ -77,8 +77,8 @@ knife4jVersion                  =3.0.3
 #database
 postgresqlVersion               =42.2.20
 mysqlconnectorjavaVersion       =8.0.26
-druidVersion                    =1.2.6
-druidspringbootstarterVersion   =1.2.6
+druidVersion                    =1.2.8
+druidspringbootstarterVersion   =1.2.8
 jedisVersion                    =3.7.0
 ehcacheVersion                  =3.9.6
 mybatisVersion                  =3.5.7
@@ -121,9 +121,9 @@ javaxtransactionapiVersion      =1.3
 validationapiVersion            =2.0.1.Final
 jsr173Version                   =1.0
 jaxbapiVersion                  =2.3.1
-jaxbcoreVersion                 =2.3.0.1
-jaxbimplVersion                 =2.3.2
-jaxbxjcVersion                  =2.3.2
+jaxbcoreVersion                 =3.0.2
+jaxbimplVersion                 =3.0.2
+jaxbxjcVersion                  =3.0.2
 classmateVersion                =1.5.0
 fastjsonVersion                 =1.2.78
 reactivestreamsVersion          =1.0.3

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -102,8 +102,8 @@ public abstract class AbstractAuthenticationProvider {
             WebContext.setAttribute(
                     WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
         } catch (Exception e) {
-            String message = "Unexpected exception in " + getProviderName() + " authentication:";
-            _logger.error("Login error " + message, e);
+            _logger.error("Login error Unexpected exception in {} authentication:\n{}" ,
+                            getProviderName(), e.getMessage());
         }
         
         if (authentication== null || !authentication.isAuthenticated()) {
@@ -186,7 +186,7 @@ public abstract class AbstractAuthenticationProvider {
         }
         
         final   String message = WebContext.getI18nValue("login.error.authtype");
-        _logger.debug("Login AuthN type must eq basic or tfa ， Error message is " + message);
+        _logger.debug("Login AuthN type must eq basic or tfa ， Error message is {}" , message);
         throw new BadCredentialsException(message);
     }
 

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -160,7 +160,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
             return authentication;
         }else {
             String i18nMessage = WebContext.getI18nValue("login.error.username");
-            _logger.debug("login user  " + loginCredential.getUsername() + " not in this System ." + i18nMessage);
+            _logger.debug("login user {} not in this System . {}" , 
+                            loginCredential.getUsername(),i18nMessage);
             throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
         }
     }
@@ -169,7 +170,10 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
         String currentUserSessionId = WebContext.genId();
         //Online Tickit Id
         String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + currentUserSessionId;
-        _logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName());
+        _logger.debug("set online Tickit Cookie {} on domain {}",
+                        onlineTickitId, 
+                        this.applicationConfig.getBaseDomainName()
+                    );
         
         OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
         
@@ -191,7 +195,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
                 _logger.trace("ROLE ADMINISTRATORS Authentication .");
             }
         }
-        _logger.debug("Granted Authority " + grantedAuthoritys);
+        _logger.debug("Granted Authority {}" , grantedAuthoritys);
         
         signinPrincipal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys));
         

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java

@@ -116,7 +116,7 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
             }
         }
         
-        _logger.debug("passwordvalid : " + passwordMatches);
+        _logger.debug("passwordvalid : {}" , passwordMatches);
         if (!passwordMatches) {
             passwordPolicyValidator.plusBadPasswordCount(userInfo);
             insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "password error");

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java

@@ -48,9 +48,9 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(SocialSignOnEndpoint.class);
 	
     public  ModelAndView socialSignOnAuthorize(HttpServletRequest request,String provider){
-    	_logger.trace("SocialSignOn provider : "+provider);
+    	_logger.trace("SocialSignOn provider : " + provider);
     	String authorizationUrl=buildAuthRequest(provider).authorize(request.getSession().getId());
-		_logger.trace("authorize SocialSignOn : "+authorizationUrl);
+		_logger.trace("authorize SocialSignOn : " + authorizationUrl);
 		return WebContext.redirect(authorizationUrl);
     }
     
@@ -77,12 +77,16 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		socialSignOnUser.setProvider(provider);
 		socialSignOnUser.setUserId(WebContext.getUserInfo().getId());
 		socialSignOnUser.setUsername(WebContext.getUserInfo().getUsername());
-		_logger.debug("Social Sign On unbind "+provider+" from user "+WebContext.getUserInfo().getUsername());
+		_logger.debug("Social Sign On unbind {} from user {}",
+		                provider,
+		                WebContext.getUserInfo().getUsername()
+		          );
 		
 		socialsAssociateService.delete(socialSignOnUser);
 		
-		if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
-			return WebContext.redirect(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI).toString());
+		Object redirect_uri = WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI);
+		if(redirect_uri != null){
+			return WebContext.redirect(redirect_uri.toString());
 		}else{
 			return WebContext.forward("/socialsignon/list");
 		}
@@ -105,7 +109,8 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		socialSignOnAuthorize(request,provider);
 		SocialSignOnProvider socialSignOnProvider = socialSignOnProviderService.get(provider);
 		socialSignOnProvider.setState(request.getSession().getId());
-		socialSignOnProvider.setRedirectUri(applicationConfig.getServerPrefix()+ "/logon/oauth20/callback/"+provider);
+		socialSignOnProvider.setRedirectUri(applicationConfig.getServerPrefix()+ 
+		                                    "/logon/oauth20/callback/"+provider);
 		return socialSignOnProvider;
 	}
 	
@@ -123,20 +128,21 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
     		socialsAssociate.setSocialUserId(this.accountId);
     		
     		//for login
-    		String socialSignOnType= "";
-    		if(WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION)!=null){
-    			socialSignOnType=WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION).toString();
-    		}
+    		String socialSignOnType= 
+    		        (WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION)!=null) ? 
+    		                  (WebContext.getAttribute(SOCIALSIGNON_TYPE_SESSION).toString()) : "";
+    		
     		
-    		if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)||socialSignOnType.equals("")){
+    		if(socialSignOnType.equals(SOCIALSIGNON_TYPE.SOCIALSIGNON_TYPE_LOGON)
+    		        ||socialSignOnType.equals("")){
     			socialSignOn(socialsAssociate);
     			return WebContext.redirect("/index");
     		}else{
     			socialBind(socialsAssociate);
     		}
-    		
-    		if(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI)!=null){
-    			return WebContext.redirect(WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI).toString());
+    		Object redirect_uri = WebContext.getAttribute(SOCIALSIGNON_SESSION_REDIRECT_URI);
+    		if(redirect_uri != null){
+    			return WebContext.redirect(redirect_uri.toString());
     		}else{
     			return WebContext.forward("/socialsignon/list");
     		}
@@ -171,11 +177,15 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		_logger.debug("Loaded SocialSignOn Socials Associate : "+socialsAssociate);
 		
 		if(null == socialsAssociate) {
-		    WebContext.getRequest().getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, new BadCredentialsException(WebContext.getI18nValue("login.error.social")));
+		    WebContext.getRequest().getSession().setAttribute(
+		            WebAttributes.AUTHENTICATION_EXCEPTION, 
+		            new BadCredentialsException(WebContext.getI18nValue("login.error.social"))
+		          );
             return false;
 		}
 		
-		_logger.debug("Social Sign On from "+socialsAssociate.getProvider()+" mapping to user "+socialsAssociate.getUsername());
+		_logger.debug("Social Sign On from {} mapping to user {}",
+		                socialsAssociate.getProvider(),socialsAssociate.getUsername());
 		
 		LoginCredential loginCredential =new LoginCredential(
 		        socialsAssociate.getUsername(),"",ConstantsLoginType.SOCIALSIGNON);

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java

@@ -23,6 +23,7 @@ import java.sql.Types;
 import java.util.Date;
 import java.util.List;
 
+import org.maxkey.constants.ConstantsDatabase;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
@@ -45,22 +46,16 @@ public class JdbcSocialsAssociateService   implements SocialsAssociateService{
 
 	private final JdbcTemplate jdbcTemplate;
 	
-	private String jdbcType;
-	
 	public JdbcSocialsAssociateService(JdbcTemplate jdbcTemplate) {
 		this.jdbcTemplate=jdbcTemplate;	
-		try {
-    		jdbcType = jdbcTemplate.getDataSource().getConnection().getMetaData().getDatabaseProductName();
-		} catch (Exception e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
 	}
 
 	@Override
 	public boolean insert(SocialsAssociate socialsAssociate) {
 		socialsAssociate.setId(socialsAssociate.generateId());
-		jdbcTemplate.update("Oracle".equals(jdbcType)?DEFAULT_DEFAULT_INSERT_STATEMENT_ORACLE:DEFAULT_DEFAULT_INSERT_STATEMENT, 
+		jdbcTemplate.update(
+		        ConstantsDatabase.compare(ConstantsDatabase.ORACLE)?
+		                DEFAULT_DEFAULT_INSERT_STATEMENT_ORACLE:DEFAULT_DEFAULT_INSERT_STATEMENT, 
 				new Object[] { 
 					socialsAssociate.getId(),
 					socialsAssociate.getUserId(),
@@ -70,7 +65,10 @@ public class JdbcSocialsAssociateService   implements SocialsAssociateService{
 					socialsAssociate.getAccessToken(),
 					socialsAssociate.getSocialUserInfo(),
 					socialsAssociate.getExAttribute()},
-				new int[] {Types.VARCHAR, Types.VARCHAR,Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR });
+				new int[] {
+				        Types.VARCHAR, Types.VARCHAR,Types.VARCHAR,Types.VARCHAR, 
+				        Types.VARCHAR,Types.VARCHAR, Types.VARCHAR,Types.VARCHAR 
+				});
 		return true;
 	}
 
@@ -111,7 +109,13 @@ public class JdbcSocialsAssociateService   implements SocialsAssociateService{
 	@Override
 	public boolean update(SocialsAssociate socialsAssociate) {
 		jdbcTemplate.update(DEFAULT_DEFAULT_UPDATE_STATEMENT, 
-				new Object[] {socialsAssociate.getAccessToken(),socialsAssociate.getSocialUserInfo(),socialsAssociate.getExAttribute(),new Date(),socialsAssociate.getId()},
+				new Object[] {
+				        socialsAssociate.getAccessToken(),
+				        socialsAssociate.getSocialUserInfo(),
+				        socialsAssociate.getExAttribute(),
+				        new Date(),
+				        socialsAssociate.getId()
+				},
 				new int[] {Types.VARCHAR, Types.VARCHAR,Types.VARCHAR, Types.TIMESTAMP,Types.VARCHAR });
 		return false;
 	}

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java

@@ -146,7 +146,7 @@ public class SocialSignOnProviderService{
 		    }
 		}
 		
-		_logger.debug(""+this.socialSignOnProviders);
+		_logger.debug("social SignOn Providers {}" , this.socialSignOnProviders);
 	}
 	
 }

maxkey-common/src/main/java/org/maxkey/crypto/ReciprocalUtils.java

@@ -21,6 +21,7 @@
 package org.maxkey.crypto;
 
 import java.io.UnsupportedEncodingException;
+import java.security.Provider;
 import java.security.Security;
 
 import javax.crypto.Cipher;
@@ -28,6 +29,7 @@ import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.apache.commons.logging.LogFactory;
+import org.maxkey.util.Instance;
 import org.maxkey.util.StringGenerator;
 
 /**
@@ -56,11 +58,12 @@ public final class ReciprocalUtils {
     static {
         if(System.getProperty("java.version").startsWith("1.8")) {
             try {
-                Security.addProvider(new com.sun.crypto.provider.SunJCE());
+                Security.addProvider((Provider)Instance.newInstance("com.sun.crypto.provider.SunJCE"));
             }catch (Exception e) {
                 e.printStackTrace();
             }
         }
+        //else not need to add see jdk-17\conf\security\java.security,SunJCE
     }
     
     public static byte[] encode(byte[] simpleBytes, SecretKey secretKey, String algorithm) {

maxkey-common/src/test/java/org/maxkey/util/InstanceTest.java

+package org.maxkey.util;
+
+import java.security.Provider;
+import java.security.Security;
+
+import org.maxkey.client.crypto.ReciprocalUtils;
+
+public class InstanceTest {
+
+    public static void main(String[] args) {
+        if(System.getProperty("java.version").startsWith("1.8")) {
+            System.out.println("1.8");
+            Security.addProvider((Provider)Instance.newInstance("com.sun.crypto.provider.SunJCE"));
+            System.out.println(ReciprocalUtils.encode("ddddd"));
+            
+            System.out.println(ReciprocalUtils.encode("ddfs"));
+        }else {
+            System.out.println("other");
+        }
+        
+    }
+
+}

maxkey-core/src/main/java/org/maxkey/configuration/ApplicationConfig.java

@@ -78,6 +78,8 @@ public class ApplicationConfig {
     @Value("${maxkey.notices.visible:false}")
     private boolean noticesVisible;
     
+    public static String  databaseProduct = "MySQL";
+    
     
     public int getPort() {
         return port;

maxkey-core/src/main/java/org/maxkey/constants/ConstantsDatabase.java

+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.constants;
+
+import org.maxkey.configuration.ApplicationConfig;
+
+public class ConstantsDatabase {
+
+    public static String  MYSQL         = "MySQL";
+    
+    public static String  POSTGRESQL    = "PostgreSQL";
+    
+    public static String  ORACLE        = "Oracle";
+    
+    public static String  MSSQLSERVER   = "SQL Server";
+    
+    public static String  DB2           = "db2";
+    
+    public static boolean compare(String databaseProduct) {
+        if(databaseProduct.equalsIgnoreCase(ApplicationConfig.databaseProduct)) {
+            return true;
+        }
+        return false;
+    }
+
+}

maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java

@@ -77,14 +77,16 @@ public class LoginHistoryService {
     
     
     public void logoff(String lastLogoffTime,String sessionId) {
-        _logger.debug(" sessionId " +sessionId +" , lastlogofftime " + lastLogoffTime);
+        _logger.debug(" sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime);
         jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
                 new Object[] { lastLogoffTime, sessionId },                           
                 new int[] { Types.VARCHAR, Types.VARCHAR });
     }
     
     public void logoff(HistoryLogin historyLogin) {
-        _logger.debug(" sessionId " +historyLogin.getSessionId() +" , LogoutTime " + historyLogin.getLogoutTime());
+        _logger.debug(" sessionId {} , LogoutTime {}" ,
+                    historyLogin.getSessionId(), historyLogin.getLogoutTime()
+                );
         jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
                 new Object[] { historyLogin.getLogoutTime(), historyLogin.getSessionId() },                           
                 new int[] { Types.VARCHAR, Types.VARCHAR });

maxkey-core/src/main/java/org/maxkey/persistence/db/LoginService.java

@@ -121,9 +121,10 @@ public class LoginService {
                 jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
                         new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
                         new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+                userInfo.setIsLocked(ConstantsStatus.LOCK);
             }
         } catch (Exception e) {
-            e.printStackTrace();
+            _logger.error("lockUser Exception",e);
         }
     }
 
@@ -138,9 +139,10 @@ public class LoginService {
                 jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
                         new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
                         new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+                userInfo.setIsLocked(ConstantsStatus.ACTIVE);
             }
         } catch (Exception e) {
-            e.printStackTrace();
+            _logger.error("unlockUser Exception",e);
         }
     }
 
@@ -155,10 +157,10 @@ public class LoginService {
                 jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
                         new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
                         new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
+                userInfo.setIsLocked(ConstantsStatus.ACTIVE);
             }
         } catch (Exception e) {
-            e.printStackTrace();
-            _logger.error(e.getMessage());
+            _logger.error("resetBadPasswordCountAndLockout Exception",e);
         }
     }
 

maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java

@@ -219,7 +219,7 @@ public class PasswordPolicyValidator {
            String passwordPolicyMessage = "";
            for (String msg : validator.getMessages(result)) {
                passwordPolicyMessage = passwordPolicyMessage + msg + "<br>";
-               _logger.debug("Rule Message " + msg);
+               _logger.debug("Rule Message {}" , msg);
            }
            WebContext.setAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT, passwordPolicyMessage);
            return false;
@@ -250,9 +250,13 @@ public class PasswordPolicyValidator {
                     DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
             Duration duration = new Duration(badPasswordTime, currentdateTime);
             int intDuration = Integer.parseInt(duration.getStandardHours() + "");
-            _logger.debug("bad Password duration " + intDuration
-                    + " , password policy Duration "+passwordPolicy.getDuration()
-                    + " , validate result " + (intDuration > passwordPolicy.getDuration()));
+            _logger.debug("bad Password duration {} , " + 
+                          "password policy Duration {} , "+
+                          "validate result {}" ,
+                          intDuration,
+                          passwordPolicy.getDuration(), 
+                          (intDuration > passwordPolicy.getDuration())
+                    );
             //auto unlock attempts when intDuration > set Duration
             if(intDuration > passwordPolicy.getDuration()) {
                 _logger.debug("resetAttempts ...");
@@ -310,15 +314,19 @@ public class PasswordPolicyValidator {
         */
        if (passwordPolicy.getExpiration() > 0) {
            String passwordLastSetTimeString = userInfo.getPasswordLastSetTime().substring(0, 19);
-           _logger.info("last password set date " + passwordLastSetTimeString);
+           _logger.info("last password set date {}" , passwordLastSetTimeString);
 
            DateTime changePwdDateTime = DateTime.parse(passwordLastSetTimeString,
                    DateTimeFormat.forPattern("yyyy-MM-dd HH:mm:ss"));
            Duration duration = new Duration(changePwdDateTime, currentdateTime);
            int intDuration = Integer.parseInt(duration.getStandardDays() + "");
-           _logger.debug("password Last Set duration day " + intDuration
-                   + " , password policy Expiration " +passwordPolicy.getExpiration()
-                   +" , validate result " + (intDuration <= passwordPolicy.getExpiration()));
+           _logger.debug("password Last Set duration day {} , " +
+                         "password policy Expiration {} , " +
+                         "validate result {}", 
+                    intDuration,
+                    passwordPolicy.getExpiration(),
+                    intDuration <= passwordPolicy.getExpiration()
+                );
            if (intDuration > passwordPolicy.getExpiration()) {
                WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
                        ConstantsPasswordSetType.PASSWORD_EXPIRED);
@@ -339,9 +347,10 @@ public class PasswordPolicyValidator {
                jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
                        new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
                        new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+               userInfo.setIsLocked(ConstantsStatus.LOCK);
            }
        } catch (Exception e) {
-           e.printStackTrace();
+           _logger.error("lockUser Exception",e);
        }
    }
    
@@ -357,9 +366,10 @@ public class PasswordPolicyValidator {
                jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
                        new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
                        new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
+               userInfo.setIsLocked(ConstantsStatus.ACTIVE);
            }
        } catch (Exception e) {
-           e.printStackTrace();
+           _logger.error("unlockUser Exception",e);
        }
    }
 
@@ -374,10 +384,10 @@ public class PasswordPolicyValidator {
                jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
                        new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
                        new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
+               userInfo.setIsLocked(ConstantsStatus.ACTIVE);
            }
        } catch (Exception e) {
-           e.printStackTrace();
-           _logger.error(e.getMessage());
+           _logger.error("resetAttempts Exception",e);
        }
    }
 
@@ -392,8 +402,7 @@ public class PasswordPolicyValidator {
                    new Object[] { badPasswordCount, new Date(), userId },
                    new int[] { Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
        } catch (Exception e) {
-           e.printStackTrace();
-           _logger.error(e.getMessage());
+           _logger.error("setBadPasswordCount Exception",e);
        }
    }
    

maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java

@@ -31,6 +31,7 @@ import org.apache.commons.lang.SystemUtils;
 import org.apache.commons.lang3.ArchUtils;
 import org.joda.time.DateTime;
 import org.maxkey.cache.CacheFactory;
+import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.util.PathUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -130,34 +131,36 @@ public class InitializeContext extends HttpServlet {
                         .getConnection();
 
                 java.sql.DatabaseMetaData databaseMetaData = connection.getMetaData();
-                _logger.debug("DatabaseProductName   :   " 
-                        + databaseMetaData.getDatabaseProductName());
-                _logger.debug("DatabaseProductVersion:   " 
-                        + databaseMetaData.getDatabaseProductVersion());
-                _logger.trace("DatabaseMajorVersion  :   " 
-                        + databaseMetaData.getDatabaseMajorVersion());
-                _logger.trace("DatabaseMinorVersion  :   " 
-                        + databaseMetaData.getDatabaseMinorVersion());
-                _logger.trace("supportsTransactions  :   " 
-                        + databaseMetaData.supportsTransactions());
-                _logger.trace("DefaultTransaction    :   " 
-                        + databaseMetaData.getDefaultTransactionIsolation());
-                _logger.trace("MaxConnections        :   " 
-                        + databaseMetaData.getMaxConnections());
+                ApplicationConfig.databaseProduct = databaseMetaData.getDatabaseProductName();
+                
+                _logger.debug("DatabaseProductName   :   {}", 
+                         databaseMetaData.getDatabaseProductName());
+                _logger.debug("DatabaseProductVersion:   {}" ,
+                         databaseMetaData.getDatabaseProductVersion());
+                _logger.trace("DatabaseMajorVersion  :   {}" ,
+                         databaseMetaData.getDatabaseMajorVersion());
+                _logger.trace("DatabaseMinorVersion  :   {}" ,
+                         databaseMetaData.getDatabaseMinorVersion());
+                _logger.trace("supportsTransactions  :   {}" ,
+                         databaseMetaData.supportsTransactions());
+                _logger.trace("DefaultTransaction    :   {}" ,
+                         databaseMetaData.getDefaultTransactionIsolation());
+                _logger.trace("MaxConnections        :   {}" ,
+                         databaseMetaData.getMaxConnections());
                 _logger.trace("");
-                _logger.trace("JDBCMajorVersion      :   " 
-                        + databaseMetaData.getJDBCMajorVersion());
-                _logger.trace("JDBCMinorVersion      :   " 
-                        + databaseMetaData.getJDBCMinorVersion());
-                _logger.trace("DriverName            :   " 
-                        + databaseMetaData.getDriverName());
-                _logger.trace("DriverVersion         :   " 
-                        + databaseMetaData.getDriverVersion());
+                _logger.trace("JDBCMajorVersion      :   {}" ,
+                         databaseMetaData.getJDBCMajorVersion());
+                _logger.trace("JDBCMinorVersion      :   {}" ,
+                         databaseMetaData.getJDBCMinorVersion());
+                _logger.trace("DriverName            :   {}" ,
+                         databaseMetaData.getDriverName());
+                _logger.trace("DriverVersion         :   {}" ,
+                         databaseMetaData.getDriverVersion());
                 _logger.debug("");
-                _logger.debug("DBMS  URL             :   " 
-                        + databaseMetaData.getURL());
-                _logger.debug("UserName              :   " 
-                        + databaseMetaData.getUserName());
+                _logger.debug("DBMS  URL             :   {}" ,
+                         databaseMetaData.getURL());
+                _logger.debug("UserName              :   {}" ,
+                         databaseMetaData.getUserName());
                 _logger.debug("-----------------------------------------------------------");
             } catch (SQLException e) {
                 e.printStackTrace();
@@ -184,7 +187,7 @@ public class InitializeContext extends HttpServlet {
   
             Iterator<PropertySource<?>> it =WebContext.properties.getPropertySources().iterator();
             while(it.hasNext()) {
-            	 _logger.debug("propertySource " + it.next());
+            	 _logger.debug("propertySource {}" , it.next());
             }
             _logger.trace("-----------------------------------------------------------");
         }
@@ -205,21 +208,31 @@ public class InitializeContext extends HttpServlet {
         // out
         for (Iterator<String> it = keyValueSet.iterator(); it.hasNext();) {
             String key = (String) it.next();
-            _logger.trace(key + "   =   " + map.get(key));
+            _logger.trace(key + "   =   {}" , map.get(key));
         }
-        _logger.debug("APP_HOME" + "   =   " + PathUtils.getInstance().getAppPath());
-        _logger.debug("OS      : "+SystemUtils.OS_NAME +
-                    "("+SystemUtils.OS_ARCH+" " +ArchUtils.getProcessor().getType()+"),"+
-                    " version " +SystemUtils.OS_VERSION+""
+        _logger.debug("APP_HOME" + "   =   {}" , PathUtils.getInstance().getAppPath());
+        _logger.debug("OS      : {}({} {}), version {}",
+                    SystemUtils.OS_NAME,
+                    SystemUtils.OS_ARCH,
+                    ArchUtils.getProcessor().getType(),
+                    SystemUtils.OS_VERSION
+                    
                 );
-        _logger.debug("COMPUTER: "+map.get("COMPUTERNAME") +", "+
-                        "USERNAME : "+map.get("USERNAME")
+        _logger.debug("COMPUTER: {}, USERNAME : {}",
+                        map.get("COMPUTERNAME") ,
+                        map.get("USERNAME")
                 );
         _logger.debug("JAVA    :");
-        _logger.debug(SystemUtils.JAVA_VENDOR+
-                    " java version "+SystemUtils.JAVA_VERSION +", class "+SystemUtils.JAVA_CLASS_VERSION);
-        _logger.debug(SystemUtils.JAVA_VM_NAME+
-                    " (build "+SystemUtils.JAVA_VM_VERSION +", "+ SystemUtils.JAVA_VM_INFO+")");
+        _logger.debug("{} java version {}, class {}",
+                        SystemUtils.JAVA_VENDOR,
+                        SystemUtils.JAVA_VERSION,
+                        SystemUtils.JAVA_CLASS_VERSION
+                    );
+        _logger.debug("{} (build {}, {})",
+                        SystemUtils.JAVA_VM_NAME,
+                        SystemUtils.JAVA_VM_VERSION,
+                        SystemUtils.JAVA_VM_INFO
+                    );
     
         _logger.debug("-----------------------------------------------------------");
         
@@ -232,12 +245,12 @@ public class InitializeContext extends HttpServlet {
         _logger.info("-----------------------------------------------------------");
         _logger.info("+                                MaxKey ");
         _logger.info("+                      Single   Sign   On ( SSO ) ");
-        _logger.info("+                           Version "
-                    + WebContext.properties.getProperty("application.formatted-version"));
+        _logger.info("+                           Version {}", 
+                        WebContext.properties.getProperty("application.formatted-version"));
         _logger.info("+");
-        _logger.info("+                  "+  ((char)0xA9) + "Copyright 2018-"
-        			+ (new DateTime().getYear())
-        			+ " https://www.maxkey.top/");
+        _logger.info("+                  {}Copyright 2018-{} https://www.maxkey.top/",
+        			    (char)0xA9 , new DateTime().getYear()
+        			);
         _logger.info("+                 Licensed under the Apache License, Version 2.0 ");
         _logger.info("-----------------------------------------------------------");
     }

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/common/OAuth2Constants.java

@@ -23,85 +23,94 @@ public class OAuth2Constants {
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String CLIENT_ID = "client_id";
+		public static final String CLIENT_ID              = "client_id";
 		
-		public static final String CLIENT_SECRET = "client_secret";
+		public static final String CLIENT_SECRET          = "client_secret";
 		
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String STATE = "state";
+		public static final String STATE                  = "state";
 
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String SCOPE = "scope";
+		public static final String SCOPE                  = "scope";
 
-		public static final String CODE = "code";
+		public static final String CODE                   = "code";
 		
 		
 		
-		public static final String TOKEN = "token";
+		public static final String TOKEN                  = "token";
 		
-		public static final String TOKEN_TYPE = "token_type";
+		public static final String TOKEN_TYPE             = "token_type";
 		
-		public static final String EXPIRES_IN = "expires_in";
+		public static final String EXPIRES_IN             = "expires_in";
 		
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String REDIRECT_URI = "redirect_uri";
+		public static final String REDIRECT_URI           = "redirect_uri";
 
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String RESPONSE_TYPE = "response_type";
+		public static final String RESPONSE_TYPE          = "response_type";
 
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
+		public static final String USER_OAUTH_APPROVAL    = "user_oauth_approval";
 
 		/**
 		 * Constant to use as a prefix for scope approval
 		 */
-		public static final String SCOPE_PREFIX = "scope.";
+		public static final String SCOPE_PREFIX           = "scope.";
 
 		/**
 		 * Constant to use while parsing and formatting parameter maps for OAuth2 requests
 		 */
-		public static final String GRANT_TYPE = "grant_type";
-		public static final String GRANT_TYPE_CODE = "code";
-		public static final String GRANT_TYPE_PASSWORD = "password";
-		public static final String GRANT_TYPE_IMPLICIT = "implicit";
-		public static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
-		public static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
+		public static final String GRANT_TYPE                     = "grant_type";
+		public static final String GRANT_TYPE_CODE                = "code";
+		public static final String GRANT_TYPE_PASSWORD            = "password";
+		public static final String GRANT_TYPE_IMPLICIT            = "implicit";
+		public static final String GRANT_TYPE_AUTHORIZATION_CODE  = "authorization_code";
+		public static final String GRANT_TYPE_CLIENT_CREDENTIALS  = "client_credentials";
 		
 		
-		public static final String ACCESS_TOKEN = "access_token";
+		public static final String ACCESS_TOKEN           = "access_token";
 		
-		public static final String APPROVAL_PROMPT = "approval_prompt";
+		public static final String APPROVAL_PROMPT        = "approval_prompt";
+		
+		//https://datatracker.ietf.org/doc/html/rfc7636 PKCE
+		//Proof Key for Code Exchange by OAuth Public Clients
+		public static final String CODE_CHALLENGE         = "code_challenge" ;
+		
+		public static final String CODE_CHALLENGE_METHOD  = "code_challenge_method" ;
+		
+		public static final String CODE_VERIFIER          = "code_verifier" ;
+		 
 	}
 	
 	public static class ENDPOINT{
 		
-		public final static String ENDPOINT_BASE = "/authz/oauth/v20";
+		public final static String ENDPOINT_BASE                      = "/authz/oauth/v20";
 		
-		public final static String ENDPOINT_AUTHORIZE = ENDPOINT_BASE + "/authorize";
+		public final static String ENDPOINT_AUTHORIZE                 = ENDPOINT_BASE + "/authorize";
 		
-		public final static String ENDPOINT_TOKEN = ENDPOINT_BASE + "/token";
+		public final static String ENDPOINT_TOKEN                     = ENDPOINT_BASE + "/token";
 		
-		public final static String ENDPOINT_CHECK_TOKEN = ENDPOINT_BASE + "/check_token";
+		public final static String ENDPOINT_CHECK_TOKEN               = ENDPOINT_BASE + "/check_token";
 		
-		public final static String ENDPOINT_TOKEN_KEY = ENDPOINT_BASE + "/token_key";
+		public final static String ENDPOINT_TOKEN_KEY                 = ENDPOINT_BASE + "/token_key";
 		
-		public final static String ENDPOINT_APPROVAL_CONFIRM = ENDPOINT_BASE + "/approval_confirm";
+		public final static String ENDPOINT_APPROVAL_CONFIRM          = ENDPOINT_BASE + "/approval_confirm";
 		
-		public final static String ENDPOINT_ERROR = ENDPOINT_BASE + "/error";
+		public final static String ENDPOINT_ERROR                     = ENDPOINT_BASE + "/error";
 		
-		public final static String ENDPOINT_USERINFO = "/api/oauth/v20/me";
+		public final static String ENDPOINT_USERINFO                  = "/api/oauth/v20/me";
 		
-		public final static String ENDPOINT_OPENID_CONNECT_USERINFO = "/api/connect/v10/userinfo";
+		public final static String ENDPOINT_OPENID_CONNECT_USERINFO   = "/api/connect/v10/userinfo";
 		
 	}
 }