提交短信认证后端逻辑判断

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java

@@ -1,19 +1,19 @@
 /*
  * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
- 
+
 
 package org.maxkey.authn;
 
@@ -25,9 +25,9 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 
 public class LoginCredential  implements Authentication {
-    
+
     /**
-     * 
+     *
      */
     private static final long serialVersionUID = 3125709257481600320L;
     String congress;
@@ -44,12 +44,12 @@ public class LoginCredential  implements Authentication {
     String code;
     String message = WebConstants.LOGIN_RESULT.SUCCESS;
     String instId;
-    
-    
+
+
     ArrayList<GrantedAuthority> grantedAuthority;
     boolean authenticated;
     boolean roleAdministrators;
-
+    String mobile;
     /**
      * BasicAuthentication.
      */
@@ -64,16 +64,16 @@ public class LoginCredential  implements Authentication {
         this.password = password;
         this.authType = authType;
     }
-    
+
     public String getCongress() {
-		return congress;
-	}
+        return congress;
+    }
 
-	public void setCongress(String congress) {
-		this.congress = congress;
-	}
+    public void setCongress(String congress) {
+        this.congress = congress;
+    }
 
-	@Override
+    @Override
     public String getName() {
         return "Login Credential";
     }
@@ -127,14 +127,14 @@ public class LoginCredential  implements Authentication {
     }
 
     public String getState() {
-		return state;
-	}
+        return state;
+    }
 
-	public void setState(String state) {
-		this.state = state;
-	}
+    public void setState(String state) {
+        this.state = state;
+    }
 
-	public String getCaptcha() {
+    public String getCaptcha() {
         return captcha;
     }
 
@@ -223,51 +223,62 @@ public class LoginCredential  implements Authentication {
     }
 
     public String getInstId() {
-		return instId;
-	}
-
-	public void setInstId(String instId) {
-		this.instId = instId;
-	}
-
-	@Override
-	public String toString() {
-		StringBuilder builder = new StringBuilder();
-		builder.append("LoginCredential [congress=");
-		builder.append(congress);
-		builder.append(", username=");
-		builder.append(username);
-		builder.append(", password=");
-		builder.append(password);
-		builder.append(", state=");
-		builder.append(state);
-		builder.append(", captcha=");
-		builder.append(captcha);
-		builder.append(", otpCaptcha=");
-		builder.append(otpCaptcha);
-		builder.append(", remeberMe=");
-		builder.append(remeberMe);
-		builder.append(", authType=");
-		builder.append(authType);
-		builder.append(", jwtToken=");
-		builder.append(jwtToken);
-		builder.append(", onlineTicket=");
-		builder.append(onlineTicket);
-		builder.append(", provider=");
-		builder.append(provider);
-		builder.append(", code=");
-		builder.append(code);
-		builder.append(", message=");
-		builder.append(message);
-		builder.append(", instId=");
-		builder.append(instId);
-		builder.append(", grantedAuthority=");
-		builder.append(grantedAuthority);
-		builder.append(", authenticated=");
-		builder.append(authenticated);
-		builder.append(", roleAdministrators=");
-		builder.append(roleAdministrators);
-		builder.append("]");
-		return builder.toString();
-	}
-}
+        return instId;
+    }
+
+    public void setInstId(String instId) {
+        this.instId = instId;
+    }
+
+    public String getMobile() {
+        return mobile;
+    }
+
+    public void setMobile(String mobile) {
+        this.mobile = mobile;
+    }
+
+
+    @Override
+    public String toString() {
+        StringBuilder builder = new StringBuilder();
+        builder.append("LoginCredential [congress=");
+        builder.append(congress);
+        builder.append(", username=");
+        builder.append(username);
+        builder.append(", password=");
+        builder.append(password);
+        builder.append(", state=");
+        builder.append(state);
+        builder.append(", mobile=");
+        builder.append(mobile);
+        builder.append(", captcha=");
+        builder.append(captcha);
+        builder.append(", otpCaptcha=");
+        builder.append(otpCaptcha);
+        builder.append(", remeberMe=");
+        builder.append(remeberMe);
+        builder.append(", authType=");
+        builder.append(authType);
+        builder.append(", jwtToken=");
+        builder.append(jwtToken);
+        builder.append(", onlineTicket=");
+        builder.append(onlineTicket);
+        builder.append(", provider=");
+        builder.append(provider);
+        builder.append(", code=");
+        builder.append(code);
+        builder.append(", message=");
+        builder.append(message);
+        builder.append(", instId=");
+        builder.append(instId);
+        builder.append(", grantedAuthority=");
+        builder.append(grantedAuthority);
+        builder.append(", authenticated=");
+        builder.append(authenticated);
+        builder.append(", roleAdministrators=");
+        builder.append(roleAdministrators);
+        builder.append("]");
+        return builder.toString();
+    }
+}

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/MobileAuthenticationProvider.java

@@ -1,19 +1,19 @@
 /*
  * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *     http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
- 
+
 
 package org.maxkey.authn.provider.impl;
 
@@ -42,85 +42,90 @@ import org.springframework.security.core.AuthenticationException;
  *
  */
 public class MobileAuthenticationProvider extends AbstractAuthenticationProvider {
-	
+
     private static final Logger _logger =
             LoggerFactory.getLogger(MobileAuthenticationProvider.class);
 
     public String getProviderName() {
         return "mobile" + PROVIDER_SUFFIX;
     }
-    
+
 
     public MobileAuthenticationProvider() {
-		super();
-	}
+        super();
+    }
 
 
     public MobileAuthenticationProvider(
-    		AbstractAuthenticationRealm authenticationRealm,
-    		ApplicationConfig applicationConfig,
-    	    OtpAuthnService otpAuthnService,
-    	    SessionManager sessionManager) {
-		this.authenticationRealm = authenticationRealm;
-		this.applicationConfig = applicationConfig;
-		this.otpAuthnService = otpAuthnService;
-		this.sessionManager = sessionManager;
-	}
+            AbstractAuthenticationRealm authenticationRealm,
+            ApplicationConfig applicationConfig,
+            OtpAuthnService otpAuthnService,
+            SessionManager sessionManager) {
+        this.authenticationRealm = authenticationRealm;
+        this.applicationConfig = applicationConfig;
+        this.otpAuthnService = otpAuthnService;
+        this.sessionManager = sessionManager;
+    }
 
     @Override
-	public Authentication doAuthenticate(LoginCredential loginCredential) {
-		UsernamePasswordAuthenticationToken authenticationToken = null;
-		_logger.debug("Trying to authenticate user '{}' via {}", 
+    public Authentication doAuthenticate(LoginCredential loginCredential) {
+        UsernamePasswordAuthenticationToken authenticationToken = null;
+        _logger.debug("Trying to authenticate user '{}' via {}",
                 loginCredential.getPrincipal(), getProviderName());
         try {
-        	
-	        _logger.debug("authentication " + loginCredential);
-
-	        emptyPasswordValid(loginCredential.getPassword());
-	
-	        emptyUsernameValid(loginCredential.getUsername());
-	
-	        UserInfo userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
-	
-	        statusValid(loginCredential , userInfo);
-
-	        //Validate PasswordPolicy
-	        authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
-	        
-	        mobileCaptchaValid(loginCredential.getPassword(),userInfo);
-
-	        //apply PasswordSetType and resetBadPasswordCount
-	        authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo);
-	        
-	        authenticationToken = createOnlineTicket(loginCredential,userInfo);
-	        // user authenticated
-	        _logger.debug("'{}' authenticated successfully by {}.", 
-	        		loginCredential.getPrincipal(), getProviderName());
-	        
-	        authenticationRealm.insertLoginHistory(userInfo, 
-							        				ConstsLoginType.LOCAL, 
-									                "", 
-									                "xe00000004", 
-									                WebConstants.LOGIN_RESULT.SUCCESS);
+
+            //如果是验证码登录，设置mobile为username
+            loginCredential.setUsername(loginCredential.getMobile());
+            //设置密码为验证码
+            loginCredential.setPassword(loginCredential.getOtpCaptcha());
+
+            _logger.debug("authentication " + loginCredential);
+
+            emptyPasswordValid(loginCredential.getPassword());
+
+            emptyUsernameValid(loginCredential.getUsername());
+
+            UserInfo userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
+
+            statusValid(loginCredential , userInfo);
+
+            //Validate PasswordPolicy 取消密码策略验证
+            //authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
+
+            mobileCaptchaValid(loginCredential.getPassword(),userInfo);
+
+            //apply PasswordSetType and resetBadPasswordCount
+            authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo);
+
+            authenticationToken = createOnlineTicket(loginCredential,userInfo);
+            // user authenticated
+            _logger.debug("'{}' authenticated successfully by {}.",
+                    loginCredential.getPrincipal(), getProviderName());
+
+            authenticationRealm.insertLoginHistory(userInfo,
+                    ConstsLoginType.LOCAL,
+                    "",
+                    "xe00000004",
+                    WebConstants.LOGIN_RESULT.SUCCESS);
         } catch (AuthenticationException e) {
             _logger.error("Failed to authenticate user {} via {}: {}",
                     new Object[] {  loginCredential.getPrincipal(),
-                                    getProviderName(),
-                                    e.getMessage() });
+                            getProviderName(),
+                            e.getMessage() });
             WebContext.setAttribute(
                     WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
         } catch (Exception e) {
             _logger.error("Login error Unexpected exception in {} authentication:\n{}" ,
-                            getProviderName(), e.getMessage());
+                    getProviderName(), e.getMessage());
         }
-       
+
         return  authenticationToken;
     }
-    
-    
+
+
     /**
      * mobile validate.
-     * 
+     *
      * @param otpCaptcha String
      * @param authType   String
      * @param userInfo   UserInfo
@@ -139,5 +144,5 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
             }
         }
     }
-  
-}
+
+}