社交账号关联调整及优化

社交账号关联调整及优化

ReleaseNotes.txt

@@ -5,12 +5,12 @@
 	*(MAXKEY-200604) 修复用户组访问权限删除问题
 	*(MAXKEY-200605) Javascript验证及AJAX提交优化
 	*(MAXKEY-200606) DAO层整合
-	*(MAXKEY-200607) 社交账号关联调整
+	*(MAXKEY-200607) 社交账号关联调整及优化
 	*(MAXKEY-200608) 数据库表字段的注释修复
 	*(MAXKEY-200609) 官方网站优化
 	*(MAXKEY-200610) properties优化
 	*(MAXKEY-200611) 访问控制修复，访问重定向的问题修复
-	*(MAXKEY-200607) 依赖jar升级,消除非必要依赖
+	*(MAXKEY-200612) 依赖jar升级,消除非必要依赖
 	                spring 5.2.6.RELEASE
 					springBoot 2.3.0.RELEASE
 					springSecurity 5.3.2.RELEASE

docs/authn/social.md

@@ -19,7 +19,7 @@
 
 <h3>认证配置</h3>
 文件
-maxkey/config/applicationConfig.properties
+maxkey/maxkey.properties
 
 <pre><code class="ini hljs">
 #enable social sign on
@@ -40,25 +40,13 @@ config.socialsignon.sinaweibo.account.id=id
 config.socialsignon.sinaweibo.sortorder=1
 </code></pre>
 
-配置maxkey/spring/maxkey.xml
-
-<pre><code class="xml hljs">
-&lt;bean id="socialSignOnWeibo" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider"&gt;
-	&lt;property name="provider" value="${config.socialsignon.sinaweibo.provider}"/&gt;
-	&lt;property name="providerName" value="${config.socialsignon.sinaweibo.provider.name}"/&gt;
-	&lt;property name="icon" value="${config.socialsignon.sinaweibo.icon}"/&gt;
-	&lt;property name="clientId" value="${config.socialsignon.sinaweibo.client.id}"/&gt;
-	&lt;property name="clientSecret" value="${config.socialsignon.sinaweibo.client.secret}"/&gt;
-	&lt;property name="sortOrder" value="${config.socialsignon.sinaweibo.sortorder}"/&gt;
-&lt;/bean&gt;
-
-&lt;bean id="socialSignOnProviderService" class="org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService"&gt;
-	&lt;property name="socialSignOnProviders" &gt;
-		&lt;list&gt;
-			&lt;ref bean="socialSignOnWeibo" /&gt;
-		&lt;/list&gt;
-	&lt;/property&gt;
-&lt;/bean&gt;
+配置maxkey/maxkey.properties
+
+<pre><code class="ini hljs">
+#enable social sign on
+config.login.socialsignon=true
+#social sign on providers
+config.login.socialsignon.providers=sinaweibo,google,qq,dingtalk,microsoft,facebook
 </code></pre>
 
 <h3>账号绑定</h3>

maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyRowMapper.java

@@ -2,7 +2,6 @@ package org.maxkey.persistence.db;
 
 import java.sql.ResultSet;
 import java.sql.SQLException;
-
 import org.maxkey.domain.PasswordPolicy;
 import org.springframework.jdbc.core.RowMapper;
 

maxkey-core/src/main/java/org/maxkey/persistence/db/UserInfoRowMapper.java

@@ -2,7 +2,6 @@ package org.maxkey.persistence.db;
 
 import java.sql.ResultSet;
 import java.sql.SQLException;
-
 import org.maxkey.domain.UserInfo;
 import org.springframework.jdbc.core.RowMapper;
 

maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java

@@ -1,10 +1,7 @@
 package org.maxkey;
 
-import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
-import java.util.Properties;
-
 import org.apache.catalina.Context;
 import org.apache.catalina.connector.Connector;
 import org.apache.tomcat.util.descriptor.web.SecurityCollection;
@@ -17,9 +14,6 @@ import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm
 import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer;
 import org.maxkey.authn.support.kerberos.KerberosProxy;
 import org.maxkey.authn.support.kerberos.RemoteKerberosService;
-import org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService;
-import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
-import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
 import org.maxkey.authz.oauth2.provider.endpoint.TokenEndpointAuthenticationFilter;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.crypto.password.opt.algorithm.KeyUriFormat;
@@ -34,16 +28,12 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;
 import org.springframework.context.annotation.PropertySource;
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
 import org.springframework.jdbc.core.JdbcTemplate;
 
 
@@ -69,8 +59,7 @@ import org.springframework.jdbc.core.JdbcTemplate;
         "org.maxkey.authz.exapi.endpoint",
         "org.maxkey.authz.formbased.endpoint",
         "org.maxkey.authz.ltpa.endpoint",
-        "org.maxkey.authz.token.endpoint",
-        "org.maxkey.web.authentication.support.socialsignon"
+        "org.maxkey.authz.token.endpoint"
 })
 public class MaxKeyConfig  implements InitializingBean {
     private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
@@ -239,45 +228,7 @@ public class MaxKeyConfig  implements InitializingBean {
         return kerberosService;
     }
     
-    @Bean(name = "socialSignOnProviderService")
-    @ConditionalOnClass(SocialSignOnProvider.class)
-    public SocialSignOnProviderService socialSignOnProviderService() throws IOException {
-        SocialSignOnProviderService socialSignOnProviderService = new SocialSignOnProviderService();
-        
-        Resource resource = new ClassPathResource(
-                ConstantsProperties.classPathResource(ConstantsProperties.classPathResource(ConstantsProperties.maxKeyPropertySource)));
-        Properties properties = new Properties();
-        properties.load(resource.getInputStream());
-        String [] providerList =properties.get("config.login.socialsignon.providers").toString().split(",");
-        List<SocialSignOnProvider> socialSignOnProviderList = new ArrayList<SocialSignOnProvider>();
-        for(String provider : providerList) {
-            String providerName = properties.getProperty("config.socialsignon."+provider+".provider.name");
-            String icon=properties.getProperty("config.socialsignon."+provider+".icon");
-            String clientId=properties.getProperty("config.socialsignon."+provider+".client.id");
-            String clientSecret=properties.getProperty("config.socialsignon."+provider+".client.secret");
-            String sortOrder = properties.getProperty("config.socialsignon."+provider+".sortorder");
-            SocialSignOnProvider socialSignOnProvider = new SocialSignOnProvider();
-            socialSignOnProvider.setProvider(provider);
-            socialSignOnProvider.setProviderName(providerName);
-            socialSignOnProvider.setIcon(icon);
-            socialSignOnProvider.setClientId(clientId);
-            socialSignOnProvider.setClientSecret(clientSecret);
-            socialSignOnProvider.setSortOrder(Integer.valueOf(sortOrder));
-            _logger.debug("socialSignOnProvider " + socialSignOnProvider);
-            socialSignOnProviderList.add(socialSignOnProvider);            
-        }
-        socialSignOnProviderService.setSocialSignOnProviders(socialSignOnProviderList);
-        _logger.debug("SocialSignOnProviderService inited.");
-        return socialSignOnProviderService;
-    }
-    
-    @Bean(name = "socialsAssociateService")
-    public JdbcSocialsAssociateService socialsAssociateService(
-                JdbcTemplate jdbcTemplate) {
-        JdbcSocialsAssociateService socialsAssociateService = new JdbcSocialsAssociateService(jdbcTemplate);
-        _logger.debug("JdbcSocialsAssociateService inited.");
-        return socialsAssociateService;
-    }
+
     
     @Override
     public void afterPropertiesSet() throws Exception {

maxkey-web-maxkey/src/main/java/org/maxkey/autoconfigure/SocialSignOnAutoConfiguration.java

@@ -0,0 +1,78 @@
+package org.maxkey.autoconfigure;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Properties;
+
+import org.maxkey.authn.support.socialsignon.service.JdbcSocialsAssociateService;
+import org.maxkey.authn.support.socialsignon.service.SocialSignOnProvider;
+import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
+import org.maxkey.constants.ConstantsProperties;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+import org.springframework.jdbc.core.JdbcTemplate;
+
+@Configuration
+@ComponentScan(basePackages = {
+        "org.maxkey.authn.support.socialsignon"
+})
+@PropertySource(ConstantsProperties.maxKeyPropertySource)
+public class SocialSignOnAutoConfiguration implements InitializingBean {
+    private static final  Logger _logger = LoggerFactory.getLogger(SocialSignOnAutoConfiguration.class);
+    
+    @Bean(name = "socialSignOnProviderService")
+    @ConditionalOnClass(SocialSignOnProvider.class)
+    public SocialSignOnProviderService socialSignOnProviderService() throws IOException {
+        SocialSignOnProviderService socialSignOnProviderService = new SocialSignOnProviderService();
+        
+        Resource resource = new ClassPathResource(
+                ConstantsProperties.classPathResource(ConstantsProperties.classPathResource(ConstantsProperties.maxKeyPropertySource)));
+        Properties properties = new Properties();
+        properties.load(resource.getInputStream());
+        String [] providerList =properties.get("config.login.socialsignon.providers").toString().split(",");
+        List<SocialSignOnProvider> socialSignOnProviderList = new ArrayList<SocialSignOnProvider>();
+        for(String provider : providerList) {
+            String providerName = properties.getProperty("config.socialsignon."+provider+".provider.name");
+            String icon=properties.getProperty("config.socialsignon."+provider+".icon");
+            String clientId=properties.getProperty("config.socialsignon."+provider+".client.id");
+            String clientSecret=properties.getProperty("config.socialsignon."+provider+".client.secret");
+            String sortOrder = properties.getProperty("config.socialsignon."+provider+".sortorder");
+            SocialSignOnProvider socialSignOnProvider = new SocialSignOnProvider();
+            socialSignOnProvider.setProvider(provider);
+            socialSignOnProvider.setProviderName(providerName);
+            socialSignOnProvider.setIcon(icon);
+            socialSignOnProvider.setClientId(clientId);
+            socialSignOnProvider.setClientSecret(clientSecret);
+            socialSignOnProvider.setSortOrder(Integer.valueOf(sortOrder));
+            _logger.debug("socialSignOnProvider " + socialSignOnProvider);
+            socialSignOnProviderList.add(socialSignOnProvider);            
+        }
+        socialSignOnProviderService.setSocialSignOnProviders(socialSignOnProviderList);
+        _logger.debug("SocialSignOnProviderService inited.");
+        return socialSignOnProviderService;
+    }
+    
+    @Bean(name = "socialsAssociateService")
+    public JdbcSocialsAssociateService socialsAssociateService(
+                JdbcTemplate jdbcTemplate) {
+        JdbcSocialsAssociateService socialsAssociateService = new JdbcSocialsAssociateService(jdbcTemplate);
+        _logger.debug("JdbcSocialsAssociateService inited.");
+        return socialsAssociateService;
+    }
+   
+
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        // TODO Auto-generated method stub
+        
+    }
+}

maxkey-web-maxkey/src/main/resources/META-INF/spring.factories

@@ -7,4 +7,5 @@ org.maxkey.autoconfigure.RedisAutoConfiguration,\
 org.maxkey.autoconfigure.CasAutoConfiguration,\
 org.maxkey.autoconfigure.Oauth20AutoConfiguration,\
 org.maxkey.autoconfigure.Saml20AutoConfiguration,\
+org.maxkey.autoconfigure.SocialSignOnAutoConfiguration,\
 org.maxkey.MaxKeyMvcConfig

maxkey-web-maxkey/src/main/resources/maxkey.properties

@@ -58,11 +58,8 @@ config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn
 ############################################################################ 
 #                HTTPHEADER Login configuration
 ############################################################################
-
 config.support.httpheader.enable=false
-
 config.support.httpheader.headername=header-user
-
 # iv-user is for IBM Security Access Manager
 #config.httpheader.headername=iv-user
 
@@ -94,12 +91,48 @@ config.support.wsfederation.logoutUrl=https://adfs.maxkey.org/adfs/ls/?wa=wsigno
 #############################################################################
 
 #############################################################################
+#                OIDC V1.0 METADATA configuration
 config.oidc.metadata.issuer=${config.server.name}/maxkey
 config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
 config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
 config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo
+
 #############################################################################
+#                SAML V2.0 configuration
+#saml common
+config.saml.v20.max.parser.pool.size=2
+config.saml.v20.assertion.validity.time.ins.seconds=90
+config.saml.v20.replay.cache.life.in.millis=14400000
+config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
+config.saml.v20.issue.instant.check.validity.time.in.seconds=300
+
+
+#saml idp keystore
+config.saml.v20.idp.keystore.password=maxkey
+config.saml.v20.idp.keystore.private.key.password=maxkey
+config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+#keystore id for sec
+config.saml.v20.idp.issuing.entity.id=maxkey.org
+config.saml.v20.idp.issuer=https://sso.maxkey.org/maxkey/saml
+ 
+config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.org/
+
+#saml sp keystore
+config.saml.v20.sp.keystore.password=maxkey
+config.saml.v20.sp.keystore.private.key.password=maxkey
+config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
+config.saml.v20.sp.issuing.entity.id=client.maxkey.org
 
+#Saml v20 METADATA
+config.saml.v20.metadata.orgName=maxkey
+config.saml.v20.metadata.orgDisplayName=maxkey
+config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
+config.saml.v20.metadata.contactType=technical
+config.saml.v20.metadata.company=maxkey
+config.saml.v20.metadata.givenName=maxkey
+config.saml.v20.metadata.surName=maxkey
+config.saml.v20.metadata.emailAddress=shimingxy@163.com
+config.saml.v20.metadata.telephoneNumber=4008981111
 
 ############################################################################
 #              Social Sign On Configuration                                #
@@ -160,40 +193,3 @@ config.socialsignon.facebook.client.id=appKey
 config.socialsignon.facebook.client.secret=appSecret
 config.socialsignon.facebook.account.id=id
 config.socialsignon.facebook.sortorder=7
-
-############################################################################
-#                SAML V2.0 configuration
-#saml common
-config.saml.v20.max.parser.pool.size=2
-config.saml.v20.assertion.validity.time.ins.seconds=90
-config.saml.v20.replay.cache.life.in.millis=14400000
-config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
-config.saml.v20.issue.instant.check.validity.time.in.seconds=300
-
-
-#saml idp keystore
-config.saml.v20.idp.keystore.password=maxkey
-config.saml.v20.idp.keystore.private.key.password=maxkey
-config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
-#keystore id for sec
-config.saml.v20.idp.issuing.entity.id=maxkey.org
-config.saml.v20.idp.issuer=https://sso.maxkey.org/maxkey/saml
- 
-config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.org/
-
-#saml sp keystore
-config.saml.v20.sp.keystore.password=maxkey
-config.saml.v20.sp.keystore.private.key.password=maxkey
-config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
-config.saml.v20.sp.issuing.entity.id=client.maxkey.org
-
-#Saml v20 Metadata
-config.saml.v20.metadata.orgName=maxkey
-config.saml.v20.metadata.orgDisplayName=maxkey
-config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
-config.saml.v20.metadata.contactType=technical
-config.saml.v20.metadata.company=maxkey
-config.saml.v20.metadata.givenName=maxkey
-config.saml.v20.metadata.surName=maxkey
-config.saml.v20.metadata.emailAddress=shimingxy@163.com
-config.saml.v20.metadata.telephoneNumber=4008981111