AuthorizationUtils

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -101,14 +101,12 @@ public abstract class AbstractAuthenticationProvider {
      * @return
      */
     public UsernamePasswordAuthenticationToken createOnlineTicket(LoginCredential credential,UserInfo userInfo) {
-        //Online Tickit
-        Session onlineTicket = new Session();
+        //create session
+        Session session = new Session();
+
+        //set session with principal
+        SignPrincipal principal = new SignPrincipal(userInfo,session);
 
-        userInfo.setOnlineTicket(onlineTicket.getId());
-        
-        SigninPrincipal principal = new SigninPrincipal(userInfo);
-        //set OnlineTicket
-        principal.setSession(onlineTicket);
         ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
         principal.setAuthenticated(true);
         
@@ -132,15 +130,15 @@ public abstract class AbstractAuthenticationProvider {
         authenticationToken.setDetails(
                 new WebAuthenticationDetails(WebContext.getRequest()));
         
-        onlineTicket.setAuthentication(authenticationToken);
-        
-        //store session
-        this.sessionService.store(onlineTicket.getId(), onlineTicket);
-        
         /*
          *  put Authentication to current session context
          */
-        AuthorizationUtils.setAuthentication(authenticationToken);
+        session.setAuthentication(authenticationToken);
+        
+        //store session
+        this.sessionService.store(session.getId(), session);
+        
+        AuthorizationUtils.setSession(session);
      
         return authenticationToken;
     }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SigninPrincipal.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SignPrincipal.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -26,7 +26,7 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 
-public class SigninPrincipal implements  UserDetails {
+public class SignPrincipal implements  UserDetails {
     private static final long serialVersionUID = -110742975439268030L;
     UserInfo userInfo;
     
@@ -49,25 +49,36 @@ public class SigninPrincipal implements  UserDetails {
     /**
      * SigninPrincipal.
      */
-    public SigninPrincipal() {
+    public SignPrincipal() {
     }
     
     /**
-     * SigninPrincipal.
+     * SignPrincipal.
      */
-    public SigninPrincipal(UserInfo userInfo) {
+    public SignPrincipal(UserInfo userInfo) {
+        this.userInfo = userInfo;
+        this.authenticated = true;
+        this.accountNonExpired = true;
+        this.accountNonLocked  = true;
+        this.credentialsNonExpired =true;
+        this.enabled = true;
+    }
+    
+    public SignPrincipal(UserInfo userInfo,Session session) {
         this.userInfo = userInfo;
         this.authenticated = true;
         this.accountNonExpired = true;
         this.accountNonLocked  = true;
         this.credentialsNonExpired =true;
         this.enabled = true;
+        this.session = session;
+        this.userInfo.setSessionId(session.getId());
     }
     
     /**
      * SigninPrincipal.
      */
-    public SigninPrincipal(UserDetails userDetails) {
+    public SignPrincipal(UserDetails userDetails) {
         this.userDetails = userDetails;
         this.authenticated = true;
     }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java

@@ -21,7 +21,7 @@ import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 
@@ -57,7 +57,7 @@ public class AuthJwt implements Serializable {
 	}
 	
 	public AuthJwt(String token, Authentication  authentication) {
-		SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal());
+		SignPrincipal principal = ((SignPrincipal)authentication.getPrincipal());
 		
 		this.token = token;
 		this.ticket = principal.getSession().getId();

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java

@@ -22,7 +22,7 @@ import java.util.Date;
 
 import org.apache.commons.lang3.StringUtils;
 import org.joda.time.DateTime;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.configuration.AuthJwkConfig;
 import org.maxkey.crypto.jwt.HMAC512Service;
 import org.maxkey.entity.UserInfo;
@@ -86,7 +86,7 @@ public class AuthJwtService {
 	 * @return
 	 */
 	public String genJwt(Authentication authentication) {
-		SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal());
+		SignPrincipal principal = ((SignPrincipal)authentication.getPrincipal());
 		UserInfo userInfo = principal.getUserInfo();
 		DateTime currentDateTime = DateTime.now();
 		Date expirationTime = currentDateTime.plusSeconds(authJwkConfig.getExpires()).toDate();

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java

@@ -21,7 +21,7 @@ import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
 import org.maxkey.entity.Groups;
 import org.maxkey.entity.HistoryLogin;
@@ -124,9 +124,9 @@ public abstract class AbstractAuthenticationRealm {
         historyLogin.setSessionId(WebContext.genId());
         historyLogin.setSessionStatus(7);
         Authentication  authentication  = (Authentication ) WebContext.getAttribute(WebConstants.AUTHENTICATION);
-        if(authentication.getPrincipal() instanceof SigninPrincipal) {
+        if(authentication.getPrincipal() instanceof SignPrincipal) {
         	  historyLogin.setSessionStatus(1);
-              historyLogin.setSessionId(userInfo.getOnlineTicket());
+              historyLogin.setSessionId(userInfo.getSessionId());
         }
         
         _logger.debug("user session id is {} . ",historyLogin.getSessionId());

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java

@@ -22,7 +22,7 @@ import java.text.ParseException;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.jwt.AuthJwtService;
 import org.maxkey.authn.session.Session;
 import org.maxkey.authn.session.SessionService;
@@ -44,7 +44,7 @@ public class AuthorizationUtils {
 			AuthJwtService authJwtService,
 			SessionService sessionService
 			) throws ParseException{
-		 if(getAuthentication() == null) {
+		 if(getSession() == null) {
 			Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
 			if(authCookie != null ) {
 		    	String  authorization =  authCookie.getValue();
@@ -59,7 +59,7 @@ public class AuthorizationUtils {
 			AuthJwtService authJwtService,
 			SessionService sessionService
 			) throws ParseException{
-		 if(getAuthentication() == null) {
+		 if(getSession() == null) {
 			 String  authorization = AuthorizationHeaderUtils.resolveBearer(request);
 			if(authorization != null ) {
 				doJwtAuthenticate(authorization,authJwtService,sessionService);
@@ -73,48 +73,63 @@ public class AuthorizationUtils {
 			AuthJwtService authJwtService,
 			SessionService sessionService) throws ParseException {
 		if(authJwtService.validateJwtToken(authorization)) {
-			String ticket = authJwtService.resolveJWTID(authorization);
-			Session onlineTicket = sessionService.get(ticket);
-			if(onlineTicket != null) {
-				setAuthentication(onlineTicket.getAuthentication());
+			String sessionId = authJwtService.resolveJWTID(authorization);
+			Session session = sessionService.get(sessionId);
+			if(session != null) {
+				setSession(session);
+				setAuthentication(session.getAuthentication());
 			}
 		}
 	}
 	
-    public static void setAuthentication(Authentication authentication) {
-    	WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication);
+    public static void setSession(Session session) {
+    	WebContext.setAttribute(WebConstants.SESSION, session);
+    }
+
+    public static Session getSession() {
+    	Session session = getSession(WebContext.getRequest());
+        return session;
+    }
+    
+    public static Session getSession(HttpServletRequest request) {
+    	Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION);
+        return session;
     }
 
     public static Authentication getAuthentication() {
-        Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest());
+    	Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest());
         return authentication;
     }
     
     public static Authentication getAuthentication(HttpServletRequest request) {
-        Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION);
+    	Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION);
         return authentication;
     }
     
+    public static void setAuthentication(Authentication authentication) {
+    	WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication);
+    }
+
     public static  boolean isAuthenticated() {
-    	return getAuthentication() != null;
+    	return getSession() != null;
     }
     
     public static  boolean isNotAuthenticated() {
     	return ! isAuthenticated();
     }
     
-    public static SigninPrincipal getPrincipal() {
+    public static SignPrincipal getPrincipal() {
     	 Authentication authentication =  getAuthentication();
     	return getPrincipal(authentication);
     }
     
-    public static SigninPrincipal getPrincipal(Authentication authentication) {
-    	return authentication == null ? null : (SigninPrincipal) authentication.getPrincipal();
+    public static SignPrincipal getPrincipal(Authentication authentication) {
+    	return authentication == null ? null : (SignPrincipal) authentication.getPrincipal();
    }
     
     public static UserInfo getUserInfo(Authentication authentication) {
     	UserInfo userInfo = null;
-    	SigninPrincipal principal = getPrincipal(authentication);
+    	SignPrincipal principal = getPrincipal(authentication);
     	if(principal != null ) {
         	userInfo = principal.getUserInfo();
         }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java

@@ -22,7 +22,7 @@ import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpSessionEvent;
 import javax.servlet.http.HttpSessionListener;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.util.DateUtils;
 import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
@@ -53,7 +53,7 @@ public class SessionListenerAdapter implements HttpSessionListener {
     public void sessionDestroyed(HttpSessionEvent sessionEvent) {
         HttpSession session = sessionEvent.getSession();
         Authentication  authentication  = (Authentication ) session.getAttribute(WebConstants.AUTHENTICATION);
-        SigninPrincipal principal = AuthorizationUtils.getPrincipal(authentication);
+        SignPrincipal principal = AuthorizationUtils.getPrincipal(authentication);
         if(principal != null ) {
         	_logger.trace("{} HttpSession Id  {} for userId  {} , username  {} @Ticket {} Destroyed" ,
         			DateUtils.formatDateTime(new Date()),

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java

@@ -21,7 +21,7 @@ import javax.servlet.RequestDispatcher;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.jwt.AuthJwtService;
 import org.maxkey.authn.session.SessionService;
 import org.maxkey.authn.web.AuthorizationUtils;
@@ -60,7 +60,7 @@ public class PermissionInterceptor  implements AsyncHandlerInterceptor  {
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
 		 _logger.trace("Permission Interceptor .");
 		 AuthorizationUtils.authenticate(request, authJwtService, sessionService);
-		 SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+		 SignPrincipal principal = AuthorizationUtils.getPrincipal();
 		//判断用户是否登录,判断用户是否登录用户
 		if(principal == null){
 			_logger.trace("No Authentication ... forward to /auth/entrypoint");

maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java

@@ -46,7 +46,7 @@ public class UserInfo extends JpaBaseEntity {
     
     public  static final String DEFAULT_PASSWORD_SUFFIX = "MaxKey@888";
     
-    String onlineTicket;
+    String sessionId;
     
     //
     @Id
@@ -384,12 +384,12 @@ public class UserInfo extends JpaBaseEntity {
         this.id = id;
     }
 
-    public String getOnlineTicket() {
-		return onlineTicket;
+	public String getSessionId() {
+		return sessionId;
 	}
 
-	public void setOnlineTicket(String onlineTicket) {
-		this.onlineTicket = onlineTicket;
+	public void setSessionId(String sessionId) {
+		this.sessionId = sessionId;
 	}
 
 	/**

maxkey-core/src/main/java/org/maxkey/web/WebConstants.java

@@ -81,6 +81,8 @@ public class WebConstants {
 
     public static final  String AUTHENTICATION = "current_authentication";
     
+    public static final  String SESSION = "current_session";
+    
     public static final  String THEME_COOKIE_NAME = "mxk_theme_value";
     
     public static final  String LOGIN_ERROR_SESSION_MESSAGE 

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java

@@ -20,7 +20,7 @@ package org.maxkey.authz.endpoint.adapter;
 import java.io.UnsupportedEncodingException;
 import org.apache.commons.codec.binary.Hex;
 import org.apache.commons.lang3.StringUtils;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.crypto.Base64Utils;
 import org.maxkey.crypto.ReciprocalUtils;
@@ -44,7 +44,7 @@ public abstract class AbstractAuthorizeAdapter {
 	
 	protected Accounts account;
 	
-	protected SigninPrincipal principal;
+	protected SignPrincipal principal;
 	
 	public abstract Object generateInfo();
 	
@@ -127,7 +127,7 @@ public abstract class AbstractAuthorizeAdapter {
 		return "";
 	};
 
-	public void setPrincipal(SigninPrincipal principal) {
+	public void setPrincipal(SignPrincipal principal) {
 		this.principal = principal;
 		this.userInfo = principal.getUserInfo();
 	}

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java

@@ -20,7 +20,7 @@ package org.maxkey.authz.singlelogout;
 import java.util.HashMap;
 import java.util.UUID;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.util.DateUtils;
 import org.springframework.security.core.Authentication;
@@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
         logoutParameters.put("principal", authentication.getName());
         logoutParameters.put("request",  "logoutRequest");
         logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
-        logoutParameters.put("ticket",  ((SigninPrincipal)authentication.getPrincipal()).getSession().getFormattedId());
+        logoutParameters.put("ticket",  ((SignPrincipal)authentication.getPrincipal()).getSession().getFormattedId());
         postMessage(logoutApp.getLogoutUrl(),logoutParameters);
         
     }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java

@@ -23,7 +23,7 @@ package org.maxkey.authz.cas.endpoint;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authz.cas.endpoint.response.Service10ResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
@@ -105,7 +105,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
 		}
 		
 		if(storedTicket != null){
-			String principal=((SigninPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername();
+			String principal=((SignPrincipal)storedTicket.getAuthentication().getPrincipal()).getUsername();
 			_logger.debug("principal "+principal);
 			return new Service10ResponseBuilder().success()
 					.setUser(principal)

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java

@@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.beanutils.BeanUtils;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
@@ -204,7 +204,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
+		    SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
 			if(StringUtils.isNotBlank(pgtUrl)) {
 				ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
 				String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
@@ -332,7 +332,7 @@ Response on ticket validation failure:
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
+		    SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
 			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				try {

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java

@@ -26,7 +26,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.beanutils.BeanUtils;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authz.cas.endpoint.response.ProxyServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.cas.endpoint.ticket.CasConstants;
@@ -86,7 +86,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
+		    SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
 			if(StringUtils.isNotBlank(pgtUrl)) {
 				ProxyGrantingTicketIOUImpl proxyGrantingTicketIOUImpl =new ProxyGrantingTicketIOUImpl();
 				String proxyGrantingTicketIOU=casProxyGrantingTicketServices.createTicket(proxyGrantingTicketIOUImpl);
@@ -177,7 +177,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-		    SigninPrincipal authentication = ((SigninPrincipal)storedTicket.getAuthentication().getPrincipal());
+		    SignPrincipal authentication = ((SignPrincipal)storedTicket.getAuthentication().getPrincipal());
 			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				Object samlAdapter = Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				try {

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java

@@ -15,7 +15,7 @@ package org.maxkey.authz.oauth2.provider;
 import java.util.ArrayList;
 
 import org.maxkey.authn.AbstractAuthenticationProvider;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.session.Session;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.LoginRepository;
@@ -47,7 +47,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 		
 		String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
 		
-		SigninPrincipal principal = new SigninPrincipal(userInfo);
+		SignPrincipal principal = new SignPrincipal(userInfo);
 		Session onlineTicket = new Session(onlineTickitId);
 		//set OnlineTicket
 		principal.setSession(onlineTicket);

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java

@@ -93,7 +93,7 @@ public class OAuth20AccessConfirmationEndpoint {
     	try {
 	        // Map<String, Object> model
 	        AuthorizationRequest clientAuth = 
-	        		(AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest");
+	        		(AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
 	        ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true);
 	        model.put("oauth_approval", WebContext.genId());
 	        model.put("auth_request", clientAuth);
@@ -139,7 +139,7 @@ public class OAuth20AccessConfirmationEndpoint {
     	if(StringUtils.isNotBlank(oauth_approval)) {
 	    	try {
 		        AuthorizationRequest clientAuth = 
-		        		(AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest");
+		        		(AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
 		        ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId(),true);
 
 		        Apps  app = appsService.get(client.getClientId(),true);

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java

@@ -227,7 +227,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 			// Place auth request into the model so that it is stored in the session
 			// for approveOrDeny to use. That way we make sure that auth request comes from the session,
 			// so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
-            momentaryService.put(currentUser.getOnlineTicket(), "authorizationRequest", authorizationRequest);
+            momentaryService.put(currentUser.getSessionId(), "authorizationRequest", authorizationRequest);
             
 			return getUserApprovalPageResponse(model, authorizationRequest, (Authentication) principal);
 
@@ -255,7 +255,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 					"User must be authenticated with Spring Security before authorizing an access token.");
 		}
 
-		AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getOnlineTicket(), "authorizationRequest");
+		AuthorizationRequest authorizationRequest = (AuthorizationRequest) momentaryService.get(currentUser.getSessionId(), "authorizationRequest");
 
 		if (authorizationRequest == null) {
 			sessionStatus.setComplete();

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java

@@ -22,7 +22,7 @@ import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.DefaultOAuth2AccessToken;
 import org.maxkey.authz.oauth2.common.OAuth2AccessToken;
@@ -196,7 +196,7 @@ public class TokenEndpoint extends AbstractEndpoint {
 			clientId = ((OAuth2Authentication) client).getOAuth2Request().getClientId();
 		}
 		if (client instanceof UsernamePasswordAuthenticationToken) {
-		    clientId = ((SigninPrincipal)client.getPrincipal()).getUsername();
+		    clientId = ((SignPrincipal)client.getPrincipal()).getUsername();
 		}
 		return clientId;
 	}

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java

@@ -31,7 +31,7 @@ import javax.servlet.annotation.WebFilter;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
@@ -145,13 +145,13 @@ public class TokenEndpointAuthenticationFilter implements Filter {
 			}else {
 				Authentication authentication=ClientCredentials(request,response);
 				_logger.trace("getPrincipal " + authentication.getPrincipal().getClass());
-				SigninPrincipal auth = null;
-				if(authentication.getPrincipal() instanceof SigninPrincipal) {
+				SignPrincipal auth = null;
+				if(authentication.getPrincipal() instanceof SignPrincipal) {
 					//authorization_code
-					auth = (SigninPrincipal)authentication.getPrincipal();
+					auth = (SignPrincipal)authentication.getPrincipal();
 				}else {
 					//client_credentials
-					auth =new SigninPrincipal((User)authentication.getPrincipal());
+					auth =new SignPrincipal((User)authentication.getPrincipal());
 				}
 				auth.setAuthenticated(true);
 				UsernamePasswordAuthenticationToken simpleUserAuthentication = new UsernamePasswordAuthenticationToken(auth, authentication.getCredentials(), authentication.getAuthorities());

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java

@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.beanutils.BeanUtils;
 import org.apache.commons.lang3.StringUtils;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
@@ -114,7 +114,7 @@ public class UserInfoEndpoint {
 				 }else{
 					adapter =(AbstractAuthorizeAdapter)new OAuthDefaultUserInfoAdapter(clientDetails);
 				 }
-				 adapter.setPrincipal((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal());
+				 adapter.setPrincipal((SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal());
 				 adapter.setApp(app);
 				 
 				Object jsonData = adapter.generateInfo();

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java

@@ -28,7 +28,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang3.StringUtils;
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.oauth2.common.OAuth2Constants;
 import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
@@ -113,7 +113,7 @@ public class UserInfoOIDCEndpoint {
 		try{
 			 oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token);
 			 
-			 principal=((SigninPrincipal)oAuth2Authentication.getPrincipal()).getUsername();
+			 principal=((SignPrincipal)oAuth2Authentication.getPrincipal()).getUsername();
 			 
 			 Set<String >scopes = oAuth2Authentication.getOAuth2Request().getScope();
 			 ClientDetails clientDetails = 
@@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint {
 			 String userJson = "";
 			 Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
 			 
-			 SigninPrincipal authentication = (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
+			 SignPrincipal authentication = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
 			 
 			 String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject());
 			 _logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" , 

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java

@@ -86,7 +86,7 @@ public class LoginSessionController {
         try {
             for(String sessionId : StringUtils.string2List(ids, ",")) {
                 _logger.trace("terminate session Id {} ",sessionId);
-                if(currentUser.getOnlineTicket().contains(sessionId)) {
+                if(currentUser.getSessionId().contains(sessionId)) {
                     continue;//skip current session
                 }
                 

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java

@@ -54,10 +54,10 @@ public class LogoutEndpoint {
 	@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
  	public  ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
 		//if logined in have onlineTicket ,need remove or logout back
-		String onlineTicketId = currentUser.getOnlineTicket();
- 		Session onlineTicket = sessionService.get(onlineTicketId);
- 		if(onlineTicket != null) {
-	 		Set<Entry<String, Apps>> entrySet = onlineTicket.getAuthorizedApps().entrySet();
+		String sessionId = currentUser.getSessionId();
+ 		Session session = sessionService.get(sessionId);
+ 		if(session != null) {
+	 		Set<Entry<String, Apps>> entrySet = session.getAuthorizedApps().entrySet();
 	 
 	        Iterator<Entry<String, Apps>> iterator = entrySet.iterator();
 	        while (iterator.hasNext()) {
@@ -70,12 +70,12 @@ public class LogoutEndpoint {
 	                }else {
 	                    singleLogout = new DefaultSingleLogout();
 	                }
-	                singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue());
+	                singleLogout.sendRequest(session.getAuthentication(), mapEntry.getValue());
 	            }
 	        }
 	        
 	        sessionService.terminate(
-	        		onlineTicketId, 
+	        		session.getId(), 
 	        		currentUser.getId(),
 	        		currentUser.getUsername());
  		}

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java

@@ -20,7 +20,7 @@ package org.maxkey.web.interceptor;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authn.SignPrincipal;
 import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.entity.HistoryLoginApps;
 import org.maxkey.entity.UserInfo;
@@ -56,7 +56,7 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
             throws Exception {
         _logger.debug("preHandle");
         final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
-        SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+        SignPrincipal principal = AuthorizationUtils.getPrincipal();
         if(principal != null && app !=null) {
             if(principal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) {
                 _logger.trace("preHandle have authority access " + app);
@@ -81,7 +81,7 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
        
         final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
         
-        SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+        SignPrincipal principal = AuthorizationUtils.getPrincipal();
         if(principal != null && app !=null) {
         	final UserInfo userInfo = principal.getUserInfo();
         	String sessionId = principal.getSession().getId();

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java

@@ -87,7 +87,7 @@ public class LoginSessionController {
         try {
             for(String sessionId : StringUtils.string2List(ids, ",")) {
                 _logger.trace("terminate session Id {} ",sessionId);
-                if(currentUser.getOnlineTicket().contains(sessionId)) {
+                if(currentUser.getSessionId().contains(sessionId)) {
                     continue;//skip current session
                 }
                 sessionService.terminate(sessionId,currentUser.getId(),currentUser.getUsername());

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java

@@ -36,7 +36,7 @@ public class LogoutEndpoint {
  	@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
  	public  ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
  		sessionService.terminate(
- 				currentUser.getOnlineTicket(), 
+ 				currentUser.getSessionId(), 
  				currentUser.getId(),
  				currentUser.getUsername());
  		return new Message<String>().buildResponse();