authentications

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -32,8 +32,6 @@ import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
@@ -50,24 +48,14 @@ public abstract class AbstractAuthenticationProvider {
     private static final Logger _logger = 
             LoggerFactory.getLogger(AbstractAuthenticationProvider.class);
 
-    @Autowired
-    @Qualifier("applicationConfig")
     protected ApplicationConfig applicationConfig;
 
-    @Autowired
-    @Qualifier("authenticationRealm")
     protected AbstractAuthenticationRealm authenticationRealm;
 
-    @Autowired
-    @Qualifier("tfaOptAuthn")
     protected AbstractOtpAuthn tfaOptAuthn;
 
-    @Autowired
-    @Qualifier("remeberMeService")
     protected AbstractRemeberMeService remeberMeService;
     
-    @Autowired
-    @Qualifier("onlineTicketServices")
     protected OnlineTicketServices onlineTicketServices;
     
     public static  ArrayList<GrantedAuthority> grantedAdministratorsAuthoritys = new ArrayList<GrantedAuthority>();

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -20,6 +20,11 @@ package org.maxkey.authn;
 import java.util.ArrayList;
 
 import org.maxkey.authn.online.OnlineTicket;
+import org.maxkey.authn.online.OnlineTicketServices;
+import org.maxkey.authn.realm.AbstractAuthenticationRealm;
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
+import org.maxkey.configuration.ApplicationConfig;
+import org.maxkey.crypto.password.otp.AbstractOtpAuthn;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
@@ -46,8 +51,27 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
     protected String getProviderName() {
         return "RealmAuthenticationProvider";
     }
+    
 
-    @Override
+    public RealmAuthenticationProvider() {
+		super();
+	}
+
+
+    public RealmAuthenticationProvider(
+    		AbstractAuthenticationRealm authenticationRealm,
+    		ApplicationConfig applicationConfig,
+    	    AbstractOtpAuthn tfaOptAuthn,
+    	    AbstractRemeberMeService remeberMeService,
+    	    OnlineTicketServices onlineTicketServices) {
+		this.authenticationRealm = authenticationRealm;
+		this.applicationConfig = applicationConfig;
+		this.tfaOptAuthn = tfaOptAuthn;
+		this.remeberMeService =  remeberMeService;
+		this.onlineTicketServices = onlineTicketServices;
+	}
+
+	@Override
     protected Authentication doInternalAuthenticate(LoginCredential loginCredential) {
 
         _logger.debug("authentication " + loginCredential);

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java

@@ -49,17 +49,12 @@ public abstract class AbstractAuthenticationRealm {
     
     protected boolean provisioning;
     
-    @Autowired
     protected PasswordPolicyValidator passwordPolicyValidator;
     
-    @Autowired
     protected LoginService loginService;
-    
-    @Autowired
+
     protected LoginHistoryService loginHistoryService;
 
-    @Autowired
-    @Qualifier("remeberMeService")
     protected AbstractRemeberMeService remeberMeService;
 
     /**

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java

@@ -24,7 +24,6 @@ import org.maxkey.domain.UserInfo;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -38,8 +37,8 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 public class DefaultJdbcAuthenticationRealm extends AbstractAuthenticationRealm {
     private static Logger _logger = LoggerFactory.getLogger(DefaultJdbcAuthenticationRealm.class);
 
-    @Autowired
-    private PasswordEncoder passwordEncoder;
+
+    protected PasswordEncoder passwordEncoder;
 
     public DefaultJdbcAuthenticationRealm() {
 

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java

@@ -17,9 +17,14 @@
 
 package org.maxkey.authn.realm.jdbc;
 
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
+import org.maxkey.persistence.db.LoginHistoryService;
+import org.maxkey.persistence.db.LoginService;
+import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.security.crypto.password.PasswordEncoder;
 
 /**
  * JdbcAuthenticationRealm.
@@ -36,5 +41,23 @@ public class JdbcAuthenticationRealm extends DefaultJdbcAuthenticationRealm {
     public JdbcAuthenticationRealm(JdbcTemplate jdbcTemplate) {
         this.jdbcTemplate = jdbcTemplate;
     }
+    
+    public JdbcAuthenticationRealm(
+    		PasswordEncoder passwordEncoder,
+    		PasswordPolicyValidator passwordPolicyValidator,
+    		LoginService loginService,
+    		LoginHistoryService loginHistoryService,
+    		AbstractRemeberMeService remeberMeService,
+    	    JdbcTemplate jdbcTemplate) {
+    	
+    	this.passwordEncoder =passwordEncoder;
+    	this.passwordPolicyValidator=passwordPolicyValidator;
+    	this.loginService = loginService;
+    	this.loginHistoryService = loginHistoryService;
+    	this.remeberMeService = remeberMeService;
+        this.jdbcTemplate = jdbcTemplate;
+    }
+    
+    
 
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java

@@ -26,9 +26,11 @@ import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
 import org.maxkey.authn.online.InMemoryOnlineTicketServices;
 import org.maxkey.authn.online.OnlineTicketServices;
 import org.maxkey.authn.online.RedisOnlineTicketServices;
+import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService;
 import org.maxkey.authn.support.rememberme.RedisRemeberMeService;
+import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsPersistence;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.password.LdapShaPasswordEncoder;
@@ -37,6 +39,7 @@ import org.maxkey.crypto.password.NoOpPasswordEncoder;
 import org.maxkey.crypto.password.MessageDigestPasswordEncoder;
 import org.maxkey.crypto.password.SM3PasswordEncoder;
 import org.maxkey.crypto.password.StandardPasswordEncoder;
+import org.maxkey.crypto.password.otp.AbstractOtpAuthn;
 import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
@@ -74,8 +77,22 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
     }
     
     @Bean(name = "authenticationProvider")
-    public AbstractAuthenticationProvider authenticationProvider() {
-        return new RealmAuthenticationProvider();
+    public AbstractAuthenticationProvider authenticationProvider(
+    		AbstractAuthenticationRealm authenticationRealm,
+    		ApplicationConfig applicationConfig,
+    	    AbstractOtpAuthn tfaOptAuthn,
+    	    AbstractRemeberMeService remeberMeService,
+    	    OnlineTicketServices onlineTicketServices
+    		) {
+    	
+        return new RealmAuthenticationProvider(
+        		authenticationRealm,
+        		applicationConfig,
+        		tfaOptAuthn,
+        		remeberMeService,
+        		onlineTicketServices
+        		);
+        
     }
     
     @Bean(name = "transactionManager")

maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java

@@ -27,6 +27,9 @@ import org.maxkey.authz.oauth2.provider.token.store.RedisTokenStore;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.password.otp.impl.TimeBasedOtpAuthn;
 import org.maxkey.jobs.DynamicGroupsJob;
+import org.maxkey.persistence.db.LoginHistoryService;
+import org.maxkey.persistence.db.LoginService;
+import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.maxkey.persistence.service.GroupsService;
 import org.opensaml.xml.ConfigurationException;
@@ -39,6 +42,7 @@ import org.quartz.Scheduler;
 import org.quartz.SchedulerException;
 import org.quartz.TriggerBuilder;
 import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
@@ -105,11 +109,24 @@ public class MaxKeyMgtConfig  implements InitializingBean {
     }
     
 	
-	//以下内容可以注释掉后再xml中配置,xml引入在MaxKeyMgtApplication中
+	//浠ヤ笅鍐呭鍙互娉ㄩ噴鎺夊悗鍐峹ml涓厤缃�,xml寮曞叆鍦∕axKeyMgtApplication涓�
 	@Bean(name = "authenticationRealm")
-    public JdbcAuthenticationRealm JdbcAuthenticationRealm(
-                JdbcTemplate jdbcTemplate) {
-        JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(jdbcTemplate);
+	public JdbcAuthenticationRealm authenticationRealm(
+ 			PasswordEncoder passwordEncoder,
+	    		PasswordPolicyValidator passwordPolicyValidator,
+	    		LoginService loginService,
+	    		LoginHistoryService loginHistoryService,
+	    		AbstractRemeberMeService remeberMeService,
+             JdbcTemplate jdbcTemplate) {
+		
+        JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(
+        		passwordEncoder,
+        		passwordPolicyValidator,
+        		loginService,
+        		loginHistoryService,
+        		remeberMeService,
+        		jdbcTemplate);
+        
         _logger.debug("JdbcAuthenticationRealm inited.");
         return authenticationRealm;
     }

maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java

@@ -27,6 +27,7 @@ import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm
 import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer;
 import org.maxkey.authn.support.kerberos.KerberosProxy;
 import org.maxkey.authn.support.kerberos.RemoteKerberosService;
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.constants.ConstantsPersistence;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.password.otp.AbstractOtpAuthn;
@@ -38,6 +39,9 @@ import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnAliyun;
 import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnTencentCloud;
 import org.maxkey.crypto.password.otp.impl.sms.SmsOtpAuthnYunxin;
 import org.maxkey.crypto.password.otp.token.RedisOtpTokenStore;
+import org.maxkey.persistence.db.LoginHistoryService;
+import org.maxkey.persistence.db.LoginService;
+import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.maxkey.persistence.ldap.ActiveDirectoryUtils;
 import org.maxkey.persistence.ldap.LdapUtils;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
@@ -45,12 +49,15 @@ import org.mybatis.spring.annotation.MapperScan;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.security.crypto.password.PasswordEncoder;
 
 
 @Configuration
@@ -105,8 +112,21 @@ public class MaxKeyConfig  implements InitializingBean {
     //可以在此实现其他的登陆认证方式，请实现AbstractAuthenticationRealm
     @Bean(name = "authenticationRealm")
     public JdbcAuthenticationRealm authenticationRealm(
+    			PasswordEncoder passwordEncoder,
+	    		PasswordPolicyValidator passwordPolicyValidator,
+	    		LoginService loginService,
+	    		LoginHistoryService loginHistoryService,
+	    		AbstractRemeberMeService remeberMeService,
                 JdbcTemplate jdbcTemplate) {
-        JdbcAuthenticationRealm authenticationRealm = jdbcAuthenticationRealm(jdbcTemplate);
+    	
+        JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(
+        		passwordEncoder,
+        		passwordPolicyValidator,
+        		loginService,
+        		loginHistoryService,
+        		remeberMeService,
+        		jdbcTemplate);
+        
         return authenticationRealm;
     }