220413

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -156,42 +156,30 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
     }
     
     public UsernamePasswordAuthenticationToken createOnlineSession(LoginCredential credential,UserInfo userInfo) {
-        String currentUserSessionId = WebContext.genId();
-        //Online Tickit Id
-        String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + currentUserSessionId;
-        _logger.debug("set online Tickit Cookie {} on domain {}",
-                        onlineTickitId, 
-                        this.applicationConfig.getBaseDomainName()
-                    );
-        
-        OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
-        
-        //set ONLINE_TICKET cookie
-        WebContext.setCookie(WebContext.getResponse(), 
-                this.applicationConfig.getBaseDomainName(), 
-                WebConstants.ONLINE_TICKET_NAME, 
-                onlineTickitId);
-        userInfo.setOnlineTicket(currentUserSessionId);
+        //Online Tickit
+        OnlineTicket onlineTicket = new OnlineTicket();
+
+        userInfo.setOnlineTicket(onlineTicket.getTicketId());
         
-        SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
+        SigninPrincipal principal = new SigninPrincipal(userInfo);
         //set OnlineTicket
-        signinPrincipal.setOnlineTicket(onlineTicket);
+        principal.setOnlineTicket(onlineTicket);
         ArrayList<GrantedAuthority> grantedAuthoritys = authenticationRealm.grantAuthority(userInfo);
-        signinPrincipal.setAuthenticated(true);
+        principal.setAuthenticated(true);
         
         for(GrantedAuthority administratorsAuthority : grantedAdministratorsAuthoritys) {
             if(grantedAuthoritys.contains(administratorsAuthority)) {
-                signinPrincipal.setRoleAdministrators(true);
+            	principal.setRoleAdministrators(true);
                 _logger.trace("ROLE ADMINISTRATORS Authentication .");
             }
         }
         _logger.debug("Granted Authority {}" , grantedAuthoritys);
         
-        signinPrincipal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys));
+        principal.setGrantedAuthorityApps(authenticationRealm.queryAuthorizedApps(grantedAuthoritys));
         
         UsernamePasswordAuthenticationToken authenticationToken =
                 new UsernamePasswordAuthenticationToken(
-                        signinPrincipal, 
+                		principal, 
                         "PASSWORD", 
                         grantedAuthoritys
                 );
@@ -202,7 +190,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
         onlineTicket.setAuthentication(authenticationToken);
         
         //store onlineTicket
-        this.onlineTicketServices.store(onlineTickitId, onlineTicket);
+        this.onlineTicketServices.store(onlineTicket.getTicketId(), onlineTicket);
         
         /*
          *  put Authentication to current session context

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/CurrentUser.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.annotation;
 
 import java.lang.annotation.Documented;
@@ -10,4 +27,4 @@ import java.lang.annotation.RetentionPolicy;
 @Retention(RetentionPolicy.RUNTIME)
 @Documented
 public @interface CurrentUser {
-}
+}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/annotation/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.authn.annotation;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authn.annotation;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwt.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.jwt;
 
 import java.util.ArrayList;
@@ -35,18 +52,18 @@ public class AuthJwt {
 	}
 	
 	public AuthJwt(String token, Authentication  authentication) {
-		SigninPrincipal signinPrincipal = ((SigninPrincipal)authentication.getPrincipal());
+		SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal());
 		
 		this.token = token;
-		this.ticket = signinPrincipal.getOnlineTicket().getTicketId().substring(3);
+		this.ticket = principal.getOnlineTicket().getTicketId();
 		
-		this.id = signinPrincipal.getUserInfo().getId();
-		this.username = signinPrincipal.getUserInfo().getUsername();
+		this.id = principal.getUserInfo().getId();
+		this.username = principal.getUserInfo().getUsername();
 		this.name = this.username;
-		this.displayName = signinPrincipal.getUserInfo().getDisplayName();
-		this.email = signinPrincipal.getUserInfo().getEmail();
-		this.instId = signinPrincipal.getUserInfo().getInstId();
-		this.instName = signinPrincipal.getUserInfo().getInstName();
+		this.displayName = principal.getUserInfo().getDisplayName();
+		this.email = principal.getUserInfo().getEmail();
+		this.instId = principal.getUserInfo().getInstId();
+		this.instName = principal.getUserInfo().getInstName();
 		
 		this.authorities = new ArrayList<String>();
 		for(GrantedAuthority grantedAuthority :authentication.getAuthorities()) {

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/AuthJwtService.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.jwt;
 
 import java.text.ParseException;
@@ -33,18 +50,18 @@ public class AuthJwtService {
 	
 	public String generateToken(Authentication authentication) {
 		String token = "";
-		SigninPrincipal signinPrincipal = ((SigninPrincipal)authentication.getPrincipal());
-		UserInfo userInfo = signinPrincipal.getUserInfo();
+		SigninPrincipal principal = ((SigninPrincipal)authentication.getPrincipal());
+		UserInfo userInfo = principal.getUserInfo();
 		DateTime currentDateTime = DateTime.now();
 		Date expirationTime = currentDateTime.plusSeconds(authJwkConfig.getExpires()).toDate();
 		_logger.debug("expiration Time : {}" , expirationTime);
-		String subject = signinPrincipal.getUsername();
+		String subject = principal.getUsername();
 		_logger.trace("jwt subject : {}" , subject);
 		
 		 JWTClaimsSet jwtClaims =new  JWTClaimsSet.Builder()
 				.issuer(authJwkConfig.getIssuer())
 				.subject(subject)
-				.jwtID(signinPrincipal.getOnlineTicket().getTicketId())
+				.jwtID(principal.getOnlineTicket().getFormattedTicketId())
 				.issueTime(currentDateTime.toDate())
 				.expirationTime(expirationTime)
 				.claim("locale", userInfo.getLocale())

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/jwt/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.authn.jwt;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authn.jwt;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/AbstractOnlineTicketService.java

@@ -0,0 +1,124 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authn.online;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Types;
+import java.time.LocalTime;
+import java.util.Date;
+import java.util.List;
+
+import org.maxkey.entity.HistoryLogin;
+import org.maxkey.entity.UserInfo;
+import org.maxkey.util.DateUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.jdbc.core.JdbcTemplate;
+import org.springframework.jdbc.core.RowMapper;
+
+public class AbstractOnlineTicketService  implements OnlineTicketService{
+	private static Logger _logger = LoggerFactory.getLogger(AbstractOnlineTicketService.class);
+	
+	protected JdbcTemplate jdbcTemplate;
+	
+	private static final String DEFAULT_DEFAULT_SELECT_STATEMENT = 
+			"select id,sessionid,userId,username,displayname,logintime from mxk_history_login where sessionstatus = 1";
+	
+    private static final String LOGOUT_USERINFO_UPDATE_STATEMENT = 
+    		"update mxk_userinfo set lastlogofftime = ? , online = " + UserInfo.ONLINE.OFFLINE + "  where id = ?";
+	
+    private static final String HISTORY_LOGOUT_UPDATE_STATEMENT = 
+    		"update mxk_history_login set logouttime = ? ,sessionstatus = 7 where  sessionid = ?";
+
+    
+	public List<HistoryLogin> query() {
+		List<HistoryLogin> listOnlineTicket = jdbcTemplate.query(
+				DEFAULT_DEFAULT_SELECT_STATEMENT, 
+				new OnlineTicketRowMapper());
+		return listOnlineTicket;
+	}
+	
+    public void profileLastLogoffTime(String userId,String lastLogoffTime) {
+        _logger.trace("userId {} , lastlogofftime {}" ,userId, lastLogoffTime);
+        jdbcTemplate.update(	LOGOUT_USERINFO_UPDATE_STATEMENT, 
+        		new Object[] { lastLogoffTime, userId },
+                new int[] { 	Types.TIMESTAMP, Types.VARCHAR });
+    }
+    
+    public void sessionLogoff(String sessionId,String lastLogoffTime) {
+        _logger.trace("sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime);
+        jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
+                new Object[] { lastLogoffTime, sessionId },                           
+                new int[] { Types.VARCHAR, Types.VARCHAR });
+    }
+    
+    @Override
+    public void terminate(String onlineTicket,String userId,String username) {
+    	String lastLogoffTime = DateUtils.formatDateTime(new Date());
+    	 _logger.trace("{} user {} terminate Ticket {} ." ,lastLogoffTime,username, onlineTicket);
+    	this.profileLastLogoffTime(userId, lastLogoffTime);
+    	this.sessionLogoff(userId, lastLogoffTime);
+    	remove(onlineTicket);
+    }
+    
+	private final class OnlineTicketRowMapper  implements RowMapper<HistoryLogin> {
+		@Override
+		public HistoryLogin mapRow(ResultSet rs, int rowNum)
+				throws SQLException {
+			HistoryLogin history=new HistoryLogin();
+			history.setId(rs.getString(1));
+			history.setSessionId(rs.getString(2));
+			history.setUserId(rs.getString(3));
+			history.setUsername(rs.getString(4));
+			history.setDisplayName(rs.getString(5));
+			history.setLoginTime(rs.getString(6));
+			return history;
+		}
+	}
+
+	@Override
+	public void store(String ticketId, OnlineTicket ticket) {
+		
+	}
+
+	@Override
+	public OnlineTicket remove(String ticket) {
+		return null;
+	}
+
+	@Override
+	public OnlineTicket get(String ticketId) {
+		return null;
+	}
+
+	@Override
+	public void refresh(String ticketId, LocalTime refreshTime) {
+		
+	}
+
+	@Override
+	public void refresh(String ticketId) {
+		
+	}
+
+	@Override
+	public void setValiditySeconds(int validitySeconds) {
+		
+	}
+}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/InMemoryOnlineTicketService.java

@@ -23,12 +23,13 @@ import java.util.concurrent.TimeUnit;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.jdbc.core.JdbcTemplate;
 
 import com.github.benmanes.caffeine.cache.Cache;
 import com.github.benmanes.caffeine.cache.Caffeine;
 
 
-public class InMemoryOnlineTicketService implements OnlineTicketService{
+public class InMemoryOnlineTicketService extends AbstractOnlineTicketService{
     private static final Logger _logger = LoggerFactory.getLogger(InMemoryOnlineTicketService.class);
 
 	protected  static  Cache<String, OnlineTicket> onlineTicketStore = 
@@ -37,8 +38,9 @@ public class InMemoryOnlineTicketService implements OnlineTicketService{
         	            .maximumSize(200000)
         	            .build();
 	
-	public InMemoryOnlineTicketService() {
+	public InMemoryOnlineTicketService(JdbcTemplate jdbcTemplate) {
         super();
+        this.jdbcTemplate = jdbcTemplate;
     }
 
     @Override

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicket.java

@@ -22,18 +22,16 @@ import java.time.LocalTime;
 import java.util.HashMap;
 
 import org.maxkey.entity.apps.Apps;
+import org.maxkey.web.WebContext;
 import org.springframework.security.core.Authentication;
 
 public class OnlineTicket implements Serializable{
-
-    /**
-     * 
-     */
+	private static final long   serialVersionUID = 9008067569150338296L;
+	
+	public static final  String ONLINE_TICKET_PREFIX = "OT";
     
     public static final  int    MAX_EXPIRY_DURATION = 60 * 10; //default 10 minutes.
     
-    private static final long   serialVersionUID = 9008067569150338296L;
-
     public String ticketId;
     
     public LocalTime ticketTime;
@@ -42,6 +40,11 @@ public class OnlineTicket implements Serializable{
     
     private HashMap<String , Apps> authorizedApps = new HashMap<String , Apps>();
     
+    public OnlineTicket() {
+        super();
+        this.ticketId = WebContext.genId();;
+        this.ticketTime = LocalTime.now();
+    }
 
     public OnlineTicket(String ticketId) {
         super();
@@ -56,18 +59,17 @@ public class OnlineTicket implements Serializable{
         this.ticketTime = LocalTime.now();
     }
     
-    
-
     public String getTicketId() {
+		return ticketId;
+	}
+
+	public String getFormattedTicketId() {
         return ticketId;
     }
 
-
-
     public void setTicketId(String ticketId) {
         this.ticketId = ticketId;
     }
-
     
     public LocalTime getTicketTime() {
         return ticketTime;
@@ -81,20 +83,14 @@ public class OnlineTicket implements Serializable{
         return authentication;
     }
 
-
-
     public void setAuthentication(Authentication authentication) {
         this.authentication = authentication;
     }
 
-  
-
     public HashMap<String, Apps> getAuthorizedApps() {
         return authorizedApps;
     }
 
-
-
     public void setAuthorizedApps(HashMap<String, Apps> authorizedApps) {
         this.authorizedApps = authorizedApps;
     }
@@ -103,8 +99,6 @@ public class OnlineTicket implements Serializable{
         this.authorizedApps.put(authorizedApp.getId(), authorizedApp);
     }
 
-
-
     @Override
     public String toString() {
         StringBuilder builder = new StringBuilder();

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketService.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -32,4 +32,6 @@ public interface OnlineTicketService {
     public void refresh(String ticketId);
 
     public void setValiditySeconds(int validitySeconds);
+    
+    public void terminate(String onlineTicket,String userId,String username);
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServiceFactory.java

@@ -34,12 +34,12 @@ public class OnlineTicketServiceFactory {
 		 
 		 OnlineTicketService onlineTicketServices = null;
 		if (persistence == ConstsPersistence.INMEMORY) {
-		    onlineTicketServices = new InMemoryOnlineTicketService();
+		    onlineTicketServices = new InMemoryOnlineTicketService(jdbcTemplate);
 		    _logger.debug("InMemoryOnlineTicketServices");
 		} else if (persistence == ConstsPersistence.JDBC) {
 		    _logger.debug("OnlineTicketServices not support "); 
 		} else if (persistence == ConstsPersistence.REDIS) {
-		    onlineTicketServices = new RedisOnlineTicketService(redisConnFactory);
+		    onlineTicketServices = new RedisOnlineTicketService(redisConnFactory,jdbcTemplate);
 		    _logger.debug("RedisOnlineTicketServices");
 		}
 		

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/RedisOnlineTicketService.java

@@ -24,9 +24,10 @@ import org.maxkey.persistence.redis.RedisConnection;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.jdbc.core.JdbcTemplate;
 
 
-public class RedisOnlineTicketService implements OnlineTicketService {
+public class RedisOnlineTicketService extends AbstractOnlineTicketService {
     private static final Logger _logger = LoggerFactory.getLogger(RedisOnlineTicketService.class);
 	
 	protected int serviceTicketValiditySeconds = 60 * 30; //default 30 minutes.
@@ -37,9 +38,12 @@ public class RedisOnlineTicketService implements OnlineTicketService {
 	/**
 	 * @param connectionFactory
 	 */
-	public RedisOnlineTicketService(RedisConnectionFactory connectionFactory) {
+	public RedisOnlineTicketService(
+			RedisConnectionFactory connectionFactory,
+			JdbcTemplate jdbcTemplate) {
 		super();
 		this.connectionFactory = connectionFactory;
+		this.jdbcTemplate = jdbcTemplate;
 	}
 	
 	/**

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java

@@ -20,7 +20,6 @@ package org.maxkey.authn.realm;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
-import javax.servlet.http.HttpServletResponse;
 
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
@@ -157,32 +156,6 @@ public abstract class AbstractAuthenticationRealm {
 
         return true;
     }
-
-    /**
-     * logout user and remove RemeberMe token 
-     * @param response
-     * @return
-     */
-    public boolean logout(HttpServletResponse response) {
-    	 Authentication  authentication  = (Authentication ) WebContext.getAttribute(WebConstants.AUTHENTICATION);
-    	 
-         if(authentication != null && authentication.getPrincipal() instanceof SigninPrincipal) {
-         	SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal());
-         	UserInfo userInfo = signinPrincipal.getUserInfo();
-            userInfo.setLastLogoffTime(DateUtils.formatDateTime(new Date()));
-        
-            loginHistoryRepository.logoff(userInfo.getLastLogoffTime(), signinPrincipal.getOnlineTicket().getTicketId());
-
-            
-            loginRepository.updateLastLogoff(userInfo);
-            
-            _logger.debug("Session " + signinPrincipal.getOnlineTicket().getTicketId() + ", user "
-                    + userInfo.getUsername() + " Logout, datetime " + userInfo.getLastLogoffTime() + " .");
-         }
-        return true;
-
-    }
-    
     
     public Browser  resolveBrowser() {
         Browser browser =new Browser();

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.web;
 
 import java.text.ParseException;
@@ -17,7 +34,7 @@ import org.springframework.security.core.Authentication;
 
 public class AuthorizationUtils {
 
-	static final String Authorization = "Authorization";
+	static final String Authorization_Cookie = "AuthJWT";
 	
 	public static  void authenticateWithCookie(
 			HttpServletRequest request,
@@ -25,10 +42,10 @@ public class AuthorizationUtils {
 			OnlineTicketService onlineTicketService
 			) throws ParseException{
 		 if(getAuthentication() == null) {
-			Cookie authCookie = WebContext.getCookie(request, Authorization);
+			Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie);
 			if(authCookie != null ) {
 		    	String  authorization =  authCookie.getValue();
-		    	doAuthenticate(authorization,authJwtService,onlineTicketService);
+		    	doJwtAuthenticate(authorization,authJwtService,onlineTicketService);
 			}
 		 }
 	}
@@ -41,12 +58,12 @@ public class AuthorizationUtils {
 		 if(getAuthentication() == null) {
 			 String  authorization = AuthorizationHeaderUtils.resolveBearer(request);
 			if(authorization != null ) {
-		    	doAuthenticate(authorization,authJwtService,onlineTicketService);
+				doJwtAuthenticate(authorization,authJwtService,onlineTicketService);
 			}
 		 }
 	}
 	
-	public static void doAuthenticate(
+	public static void doJwtAuthenticate(
 			String  authorization,
 			AuthJwtService authJwtService,
 			OnlineTicketService onlineTicketService) throws ParseException {
@@ -59,13 +76,17 @@ public class AuthorizationUtils {
 		}
 	}
 	
-	
     public static void setAuthentication(Authentication authentication) {
     	WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication);
     }
 
     public static Authentication getAuthentication() {
-        Authentication authentication = (Authentication) WebContext.getAttribute(WebConstants.AUTHENTICATION);
+        Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest());
+        return authentication;
+    }
+    
+    public static Authentication getAuthentication(HttpServletRequest request) {
+        Authentication authentication = (Authentication) request.getSession().getAttribute(WebConstants.AUTHENTICATION);
         return authentication;
     }
     
@@ -74,22 +95,29 @@ public class AuthorizationUtils {
     }
     
     public static  boolean isNotAuthenticated() {
-    	return getAuthentication() == null;
+    	return ! isAuthenticated();
     }
     
     public static SigninPrincipal getPrincipal() {
     	 Authentication authentication =  getAuthentication();
-    	return authentication == null ? null :(SigninPrincipal) authentication.getPrincipal();
+    	return getPrincipal(authentication);
     }
     
-    public static UserInfo getUserInfo() {
-    	Authentication authentication =  getAuthentication();
+    public static SigninPrincipal getPrincipal(Authentication authentication) {
+    	return authentication == null ? null : (SigninPrincipal) authentication.getPrincipal();
+   }
+    
+    public static UserInfo getUserInfo(Authentication authentication) {
     	UserInfo userInfo = null;
-    	if(isAuthenticated() && (authentication.getPrincipal() instanceof SigninPrincipal)) {
-        	SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal());
-        	userInfo = signinPrincipal.getUserInfo();
+    	SigninPrincipal principal = getPrincipal(authentication);
+    	if(principal != null ) {
+        	userInfo = principal.getUserInfo();
         }
     	return userInfo;
     }
+    
+    public static UserInfo getUserInfo() {
+    	return getUserInfo(getAuthentication());
+    }
 	
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/CurrentUserMethodArgumentResolver.java

@@ -1,6 +1,22 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.web;
 
-import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authn.annotation.CurrentUser;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.web.WebConstants;
@@ -14,23 +30,23 @@ import org.springframework.web.method.support.ModelAndViewContainer;
 import org.springframework.web.multipart.support.MissingServletRequestPartException;
 
 public class CurrentUserMethodArgumentResolver implements HandlerMethodArgumentResolver {
+	
+    @Override
+    public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
+    	Authentication  authentication  = 
+    			(Authentication ) webRequest.getAttribute(
+    					WebConstants.AUTHENTICATION, RequestAttributes.SCOPE_SESSION);
+    	UserInfo userInfo  = AuthorizationUtils.getUserInfo(authentication);
+    	if (userInfo != null) {
+            return userInfo;
+        }
+        throw new MissingServletRequestPartException("currentUser");
+    }
+    
     @Override
     public boolean supportsParameter(MethodParameter parameter) {
         return parameter.getParameterType().isAssignableFrom(UserInfo.class)
                 && parameter.hasParameterAnnotation(CurrentUser.class);
     }
     
-    @Override
-    public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) throws Exception {
-    	UserInfo userInfo = null;
-    	Authentication  authentication  = (Authentication ) webRequest.getAttribute(WebConstants.AUTHENTICATION, RequestAttributes.SCOPE_SESSION);
-        if((authentication != null) && (authentication.getPrincipal() instanceof SigninPrincipal)) {
-        	SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal());
-        	userInfo = signinPrincipal.getUserInfo();
-        	if (userInfo != null) {
-                return userInfo;
-            }
-        }
-        throw new MissingServletRequestPartException("currentUser");
-    }
-}
+}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/SessionListenerAdapter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -22,48 +22,22 @@ import javax.servlet.http.HttpSession;
 import javax.servlet.http.HttpSessionEvent;
 import javax.servlet.http.HttpSessionListener;
 
-import org.apache.mybatis.jpa.util.WebContext;
 import org.maxkey.authn.SigninPrincipal;
-import org.maxkey.entity.UserInfo;
-import org.maxkey.persistence.repository.LoginHistoryRepository;
-import org.maxkey.persistence.repository.LoginRepository;
 import org.maxkey.util.DateUtils;
 import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
 
 @WebListener
 public class SessionListenerAdapter implements HttpSessionListener {
-
     private static final Logger _logger = LoggerFactory.getLogger(SessionListenerAdapter.class);
     
-    LoginRepository loginRepository;
-    
-    LoginHistoryRepository loginHistoryRepository;
-    
     public SessionListenerAdapter() {
         super();
         _logger.debug("SessionListenerAdapter inited . ");
     }
 
-    public SessionListenerAdapter(LoginRepository loginRepository, LoginHistoryRepository loginHistoryRepository) {
-        super();
-        this.loginRepository = loginRepository;
-        this.loginHistoryRepository = loginHistoryRepository;
-        _logger.debug("SessionListenerAdapter inited . ");
-    }
-
-    public void init() {
-        if(loginRepository == null ) {
-        	loginRepository = (LoginRepository)WebContext.getBean("loginRepository");
-        	loginHistoryRepository = (LoginHistoryRepository)WebContext.getBean("loginHistoryRepository");
-            _logger.debug("SessionListenerAdapter function inited . ");
-        }
-        _logger.info("SecurityContextHolder StrategyName " + SessionSecurityContextHolderStrategy.class.getCanonicalName());
-        SecurityContextHolder.setStrategyName(SessionSecurityContextHolderStrategy.class.getCanonicalName());
-    }
     /**
      * session Created
      */
@@ -79,31 +53,16 @@ public class SessionListenerAdapter implements HttpSessionListener {
     public void sessionDestroyed(HttpSessionEvent sessionEvent) {
         HttpSession session = sessionEvent.getSession();
         Authentication  authentication  = (Authentication ) session.getAttribute(WebConstants.AUTHENTICATION);
-        if(authentication != null && authentication.getPrincipal() instanceof SigninPrincipal) {
-        	SigninPrincipal signinPrincipal = ((SigninPrincipal) authentication.getPrincipal());
-        	_logger.trace("session Id : " + session.getId());
-        	init();
-        	UserInfo userInfo = signinPrincipal.getUserInfo();
-        	userInfo.setLastLogoffTime(DateUtils.formatDateTime(new Date()));
-        	loginRepository.updateLastLogoff(userInfo);
-        	loginHistoryRepository.logoff(userInfo.getLastLogoffTime(), userInfo.getOnlineTicket());
-          
-        	_logger.debug(
-                  "session {} Destroyed as {} userId : {} , username : {}" ,
-                  userInfo.getOnlineTicket(),
-                  userInfo.getLastLogoffTime(),
-                  userInfo.getId(),
-                  userInfo.getUsername());
+        SigninPrincipal principal = AuthorizationUtils.getPrincipal(authentication);
+        if(principal != null ) {
+        	_logger.trace("{} HttpSession Id  {} for userId  {} , username  {} @Ticket {} Destroyed" ,
+        			DateUtils.formatDateTime(new Date()),
+        			session.getId(), 
+        			principal.getUserInfo().getId(),
+        			principal.getUserInfo().getUsername(),
+        			principal.getOnlineTicket().getTicketId());
         }
         
     }
 
-	public void setLoginRepository(LoginRepository loginRepository) {
-		this.loginRepository = loginRepository;
-	}
-
-	public void setLoginHistoryRepository(LoginHistoryRepository loginHistoryRepository) {
-		this.loginHistoryRepository = loginHistoryRepository;
-	}
-
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/UnauthorizedEntryPoint.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.authn.web;
 
 import java.io.IOException;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/PermissionInterceptor.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -33,8 +33,6 @@ import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.AsyncHandlerInterceptor;
 /**
  * 权限Interceptor处理
- * 权限处理需在servlet.xml中配置
- *  mvc:interceptors  permission
  * @author Crystal.Sea
  *
  */
@@ -51,6 +49,8 @@ public class PermissionInterceptor  implements AsyncHandlerInterceptor  {
 	@Autowired
 	AuthJwtService authJwtService ;
 	
+	boolean mgmt = false;
+	
 	/*
 	 * 请求前处理
 	 *  (non-Javadoc)
@@ -60,25 +60,29 @@ public class PermissionInterceptor  implements AsyncHandlerInterceptor  {
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
 		 _logger.trace("PermissionAdapter preHandle");
 		 AuthorizationUtils.authenticate(request, authJwtService, onlineTicketService);
-		//判断用户是否登录
-		if(AuthorizationUtils.getAuthentication()==null
-		        ||AuthorizationUtils.getAuthentication().getAuthorities()==null){//判断用户和角色，判断用户是否登录用户
+		 SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+		//判断用户是否登录,判断用户是否登录用户
+		if(principal == null){
 			_logger.trace("No Authentication ... forward to /auth/entrypoint");
 			RequestDispatcher dispatcher = request.getRequestDispatcher("/auth/entrypoint");
 		    dispatcher.forward(request, response);
 		    return false;
 		}
 		
-		//非管理员用户直接注销
-		if (!((SigninPrincipal) AuthorizationUtils.getAuthentication().getPrincipal()).isRoleAdministrators()) {
+		//管理端必须使用管理员登录,非管理员用户直接注销
+		if (this.mgmt && !principal.isRoleAdministrators()) {
 		    _logger.debug("Not ADMINISTRATORS Authentication .");
-		    RequestDispatcher dispatcher = request.getRequestDispatcher("/logout");
+		    RequestDispatcher dispatcher = request.getRequestDispatcher("/auth/entrypoint");
 		    dispatcher.forward(request, response);
 		    return false;
 		}
 		
-		boolean hasAccess=true;
-		
-		return hasAccess;
+		return true;
 	}
+
+	public void setMgmt(boolean mgmt) {
+		this.mgmt = mgmt;
+		_logger.debug("Permission for ADMINISTRATORS {}", this.mgmt);
+	}
+	
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/interceptor/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.authn.web.interceptor;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authn.web.interceptor;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.authn.web;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authn.web;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java

@@ -137,13 +137,8 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
     }
     
     @Bean(name = "sessionListenerAdapter")
-    public SessionListenerAdapter sessionListenerAdapter(
-                LoginRepository loginRepository,
-                LoginHistoryRepository loginHistoryRepository
-            ) {
-        SessionListenerAdapter sessionListenerAdapter =
-                new SessionListenerAdapter(loginRepository,loginHistoryRepository);
-        return sessionListenerAdapter;
+    public SessionListenerAdapter sessionListenerAdapter() {
+        return new SessionListenerAdapter();
     }
     
     @Override

maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/config/AuthMxkDefaultSource.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package me.zhyd.oauth.config;
 
 import me.zhyd.oauth.request.AuthDefaultRequest;

maxkey-authentications/maxkey-authentication-social/src/main/java/me/zhyd/oauth/request/AuthFeishu2Request.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package me.zhyd.oauth.request;
 
 import com.alibaba.fastjson.JSON;
@@ -152,4 +169,4 @@ public class AuthFeishu2Request extends AuthDefaultRequest {
         }
     }
 
-}
+}

maxkey-common/src/main/java/org/maxkey/crypto/jwt/HMAC512Service.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.crypto.jwt;
 
 import java.text.ParseException;

maxkey-common/src/main/java/org/maxkey/entity/Message.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.entity;
 
 import org.springframework.http.ResponseEntity;

maxkey-common/src/test/java/org/maxkey/crypto/signature/HMAC512ServiceTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.crypto.signature;
 
 import org.maxkey.crypto.jwt.HMAC512Service;

maxkey-common/src/test/java/org/maxkey/crypto/signature/HS512SignerTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.crypto.signature;
 
 import java.text.ParseException;

maxkey-core/src/main/java/org/maxkey/configuration/AuthJwkConfig.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.configuration;
 
 import org.springframework.beans.factory.annotation.Value;

maxkey-core/src/main/java/org/maxkey/entity/FileUpload.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.entity;
 
 import javax.persistence.Column;

maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginHistoryRepository.java

@@ -18,7 +18,6 @@
 package org.maxkey.persistence.repository;
 
 import java.sql.Types;
-
 import org.maxkey.entity.HistoryLogin;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -30,8 +29,6 @@ public class LoginHistoryRepository {
     
     private static final String HISTORY_LOGIN_INSERT_STATEMENT = "insert into mxk_history_login (id , sessionid , userid , username , displayname , logintype , message , code , provider , sourceip , ipregion , iplocation, browser , platform , application , loginurl , sessionstatus ,instid)values( ? , ? , ? , ? , ? , ? , ? , ? , ?, ? , ? , ?, ? , ? , ?, ? , ? , ?)";
 
-    private static final String HISTORY_LOGOUT_UPDATE_STATEMENT = "update mxk_history_login set logouttime = ? ,sessionstatus = 7 where  sessionid = ?";
-
     protected JdbcTemplate jdbcTemplate;
     
     public LoginHistoryRepository(JdbcTemplate jdbcTemplate) {
@@ -58,21 +55,4 @@ public class LoginHistoryRepository {
                         });
     }
     
-    
-    
-    public void logoff(String lastLogoffTime,String sessionId) {
-        _logger.debug(" sessionId {} , lastlogofftime {}" ,sessionId, lastLogoffTime);
-        jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
-                new Object[] { lastLogoffTime, sessionId },                           
-                new int[] { Types.VARCHAR, Types.VARCHAR });
-    }
-    
-    public void logoff(HistoryLogin historyLogin) {
-        _logger.debug(" sessionId {} , LogoutTime {}" ,
-                    historyLogin.getSessionId(), historyLogin.getLogoutTime()
-                );
-        jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
-                new Object[] { historyLogin.getLogoutTime(), historyLogin.getSessionId() },                           
-                new int[] { Types.VARCHAR, Types.VARCHAR });
-    }
 }

maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java

@@ -49,8 +49,7 @@ public class LoginRepository {
     private static final String LOGIN_USERINFO_UPDATE_STATEMENT = "update mxk_userinfo set lastlogintime = ?  , lastloginip = ? , logincount = ?, online = "
             + UserInfo.ONLINE.ONLINE + "  where id = ?";
 
-    private static final String LOGOUT_USERINFO_UPDATE_STATEMENT = "update mxk_userinfo set lastlogofftime = ? , online = "
-            + UserInfo.ONLINE.OFFLINE + "  where id = ?";
+
 
     private static final String GROUPS_SELECT_STATEMENT = "select distinct g.id,g.name from mxk_userinfo u,mxk_groups g,mxk_group_member gm where u.id = ?  and u.id=gm.memberid and gm.groupid=g.id ";
 
@@ -260,12 +259,6 @@ public class LoginRepository {
                 new int[] { Types.TIMESTAMP, Types.VARCHAR, Types.INTEGER, Types.VARCHAR });
     }
     
-    public void updateLastLogoff(UserInfo userInfo) {
-        jdbcTemplate.update(	LOGOUT_USERINFO_UPDATE_STATEMENT, 
-        		new Object[] { 	userInfo.getLastLogoffTime(), userInfo.getId() },
-                new int[] { 	Types.TIMESTAMP, Types.VARCHAR });
-    }
-    
     public class UserInfoRowMapper implements RowMapper<UserInfo> {
         @Override
         public UserInfo mapRow(ResultSet rs, int rowNum) throws SQLException {

maxkey-core/src/main/java/org/maxkey/web/MetadataEndpoint.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web;
 
 import javax.servlet.http.HttpServletRequest;

maxkey-core/src/main/java/org/maxkey/web/WebConstants.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-core/src/main/java/org/maxkey/web/ipregion/AbstractIpRegion.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 public abstract class AbstractIpRegion implements IpRegion{

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegion.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 public interface IpRegion {

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionFactory.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import java.util.ArrayList;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import java.io.IOException;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp138Response.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import java.io.IOException;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIp360Response.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 public class IpRegionIp360Response {

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpchaxun.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import java.io.IOException;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionIpcn.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import java.io.IOException;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionLocal.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 public class IpRegionLocal extends AbstractIpRegion implements IpRegion{

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconline.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.maxkey.util.JsonUtils;

maxkey-core/src/main/java/org/maxkey/web/ipregion/IpRegionPconlineResponse.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;

maxkey-core/src/main/java/org/maxkey/web/ipregion/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.web.ipregion;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.ipregion;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionFactoryTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp138Test.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIp360Test.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpchaxunTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionIpcnTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-core/src/test/java/org/maxkey/web/ipregion/IpRegionPconlineTest.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.maxkey.web.ipregion;
 
 import org.junit.Test;

maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MqPersistService.java → maxkey-persistence/src/main/java/org/maxkey/persistence/mq/MessageQueueService.java

@@ -32,8 +32,8 @@ import org.springframework.kafka.core.KafkaTemplate;
 import org.springframework.stereotype.Component;
 
 @Component
-public class MqPersistService {
-    private static final Logger _logger = LoggerFactory.getLogger(MqPersistService.class);
+public class MessageQueueService {
+    private static final Logger _logger = LoggerFactory.getLogger(MessageQueueService.class);
     
     @Autowired
     protected ApplicationConfig applicationConfig;

maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java

@@ -29,7 +29,7 @@ import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.mapper.AccountsMapper;
 import org.maxkey.persistence.mq.MqIdentityAction;
 import org.maxkey.persistence.mq.MqIdentityTopic;
-import org.maxkey.persistence.mq.MqPersistService;
+import org.maxkey.persistence.mq.MessageQueueService;
 import org.maxkey.util.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Repository;
@@ -45,7 +45,7 @@ import net.sourceforge.pinyin4j.format.exception.BadHanyuPinyinOutputFormatCombi
 public class AccountsService  extends JpaBaseService<Accounts>{
 
     @Autowired
-    MqPersistService mqPersistService;
+    MessageQueueService mqPersistService;
     
     @Autowired
     UserInfoService  userInfoService;

maxkey-persistence/src/main/java/org/maxkey/persistence/service/HistoryLoginService.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-persistence/src/main/java/org/maxkey/persistence/service/OrganizationsService.java

@@ -26,7 +26,7 @@ import org.maxkey.entity.Organizations;
 import org.maxkey.persistence.mapper.OrganizationsMapper;
 import org.maxkey.persistence.mq.MqIdentityAction;
 import org.maxkey.persistence.mq.MqIdentityTopic;
-import org.maxkey.persistence.mq.MqPersistService;
+import org.maxkey.persistence.mq.MessageQueueService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Repository;
 
@@ -35,7 +35,7 @@ import org.springframework.stereotype.Repository;
 public class OrganizationsService  extends JpaBaseService<Organizations>{
 
     @Autowired
-    MqPersistService mqPersistService;
+    MessageQueueService messageQueueService;
     
 	public OrganizationsService() {
 		super(OrganizationsMapper.class);
@@ -51,7 +51,7 @@ public class OrganizationsService  extends JpaBaseService<Organizations>{
 	
 	 public boolean insert(Organizations organization) {
 	     if(super.insert(organization)){
-	    	 mqPersistService.send(
+	    	 messageQueueService.send(
                      MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.CREATE_ACTION);
              return true;
          }
@@ -60,7 +60,7 @@ public class OrganizationsService  extends JpaBaseService<Organizations>{
 	 
 	 public boolean update(Organizations organization) {
 	     if(super.update(organization)){
-	    	 mqPersistService.send(
+	    	 messageQueueService.send(
                      MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.UPDATE_ACTION);
              return true;
          }
@@ -84,7 +84,7 @@ public class OrganizationsService  extends JpaBaseService<Organizations>{
 	 
 	 public boolean delete(Organizations organization) {
 	     if(super.delete(organization)){
-	    	 mqPersistService.send(
+	    	 messageQueueService.send(
                      MqIdentityTopic.ORG_TOPIC, organization, MqIdentityAction.DELETE_ACTION);
              return true;
          }

maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java

@@ -29,7 +29,7 @@ import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.mapper.UserInfoMapper;
 import org.maxkey.persistence.mq.MqIdentityAction;
 import org.maxkey.persistence.mq.MqIdentityTopic;
-import org.maxkey.persistence.mq.MqPersistService;
+import org.maxkey.persistence.mq.MessageQueueService;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
 import org.maxkey.util.DateUtils;
 import org.maxkey.util.StringUtils;
@@ -37,7 +37,6 @@ import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Repository;
 
@@ -57,12 +56,9 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	PasswordPolicyValidator passwordPolicyValidator;
 	
 	@Autowired
-	MqPersistService mqPersistService;
-	
-	 @Autowired
-	 protected JdbcTemplate jdbcTemplate;
-	 
-	 AccountsService accountsService;
+	MessageQueueService messageQueueService;
+
+	AccountsService accountsService;
 	
 	public UserInfoService() {
 		super(UserInfoMapper.class);
@@ -79,9 +75,9 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
     public boolean insert(UserInfo userInfo) {
     	this.passwordEncoder(userInfo);
         if (super.insert(userInfo)) {
-        	if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) {
+        	if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) {
                 UserInfo loadUserInfo = findUserRelated(userInfo.getId());
-                mqPersistService.send(
+                messageQueueService.send(
                         MqIdentityTopic.USERINFO_TOPIC, 
                         loadUserInfo,
                         MqIdentityAction.CREATE_ACTION);
@@ -96,10 +92,10 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
     public boolean update(UserInfo userInfo) {
     	ChangePassword changePassword = this.passwordEncoder(userInfo);
         if (super.update(userInfo)) {
-        	if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) {
+        	if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) {
                 UserInfo loadUserInfo = findUserRelated(userInfo.getId());
                 accountUpdate(loadUserInfo);
-                mqPersistService.send(
+                messageQueueService.send(
                         MqIdentityTopic.USERINFO_TOPIC, 
                         loadUserInfo,
                         MqIdentityAction.UPDATE_ACTION);
@@ -113,12 +109,12 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	
 	public boolean delete(UserInfo userInfo) {
 	    UserInfo loadUserInfo = null;
-	    if(mqPersistService.getApplicationConfig().isMessageQueueSupport()) {
+	    if(messageQueueService.getApplicationConfig().isMessageQueueSupport()) {
 	        loadUserInfo = findUserRelated(userInfo.getId());
 	    }
 	    
 		if( super.delete(userInfo)){
-			mqPersistService.send(
+			messageQueueService.send(
 		            MqIdentityTopic.USERINFO_TOPIC, 
 		            loadUserInfo, 
 		            MqIdentityAction.DELETE_ACTION);
@@ -313,7 +309,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	    if(changePassworded !=null && StringUtils.isNotBlank(changePassworded.getPassword())) {
 	    	UserInfo loadUserInfo = findByUsername(changePassworded.getUsername());
     	    ChangePassword changePassword = new ChangePassword(loadUserInfo);
-            mqPersistService.send(
+    	    messageQueueService.send(
                     MqIdentityTopic.PASSWORD_TOPIC, 
                     changePassword, 
                     MqIdentityAction.PASSWORD_ACTION);

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java

@@ -42,6 +42,6 @@ public class OnlineTicketEndpoint {
     public String ticketValidate(
             @RequestParam(value ="ticket",required = true) String ticket) {
         OnlineTicket onlineTicket = onlineTicketService.get(ticket);
-        return onlineTicket == null ? "" : onlineTicket.getTicketId();
+        return onlineTicket == null ? "" : onlineTicket.getFormattedTicketId();
     }
 }

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -44,7 +44,7 @@ public abstract class AbstractAuthorizeAdapter {
 	
 	protected Accounts account;
 	
-	protected SigninPrincipal authentication;
+	protected SigninPrincipal principal;
 	
 	public abstract Object generateInfo();
 	
@@ -127,12 +127,9 @@ public abstract class AbstractAuthorizeAdapter {
 		return "";
 	};
 
-	public void setAuthentication(SigninPrincipal authentication) {
-		this.authentication = authentication;
-	}
-
-	public void setUserInfo(UserInfo userInfo) {
-		this.userInfo = userInfo;
+	public void setPrincipal(SigninPrincipal principal) {
+		this.principal = principal;
+		this.userInfo = principal.getUserInfo();
 	}
 
 	public void setApp(Apps app) {

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/singlelogout/DefaultSingleLogout.java

@@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
         logoutParameters.put("principal", authentication.getName());
         logoutParameters.put("request",  "logoutRequest");
         logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
-        logoutParameters.put("ticket",  ((SigninPrincipal)authentication.getPrincipal()).getOnlineTicket().getTicketId());
+        logoutParameters.put("ticket",  ((SigninPrincipal)authentication.getPrincipal()).getOnlineTicket().getFormattedTicketId());
         postMessage(logoutApp.getLogoutUrl(),logoutParameters);
         
     }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java

@@ -36,7 +36,6 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.constants.ConstsBoolean;
-import org.maxkey.entity.UserInfo;
 import org.maxkey.util.Instance;
 import org.maxkey.util.StringUtils;
 import org.maxkey.web.HttpResponseConstants;
@@ -228,11 +227,8 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 					_logger.error("setProperty error . ", e);
 				}
 				
-				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername());
-				
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter;
-				adapter.setAuthentication(authentication);
-				adapter.setUserInfo(userInfo);
+				adapter.setPrincipal(authentication);
 				adapter.setApp(storedTicket.getCasDetails());
 				adapter.generateInfo();
 			}
@@ -345,11 +341,8 @@ Response on ticket validation failure:
 					_logger.error("setProperty error . ", e);
 				}
 				
-				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername());
-				
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter;
-				adapter.setAuthentication(authentication);
-				adapter.setUserInfo(userInfo);
+				adapter.setPrincipal(authentication);
 				adapter.setApp(storedTicket.getCasDetails());
 				adapter.generateInfo();
 			}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java

@@ -36,7 +36,6 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.constants.ConstsBoolean;
-import org.maxkey.entity.UserInfo;
 import org.maxkey.util.Instance;
 import org.maxkey.util.StringUtils;
 import org.maxkey.web.HttpResponseConstants;
@@ -109,11 +108,8 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 					_logger.error("setProperty error . ", e);
 				}
 				
-				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername());
-				
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter;
-				adapter.setAuthentication(authentication);
-				adapter.setUserInfo(userInfo);
+				adapter.setPrincipal(authentication);
 				adapter.setApp(storedTicket.getCasDetails());
 				adapter.generateInfo();
 			}
@@ -190,11 +186,8 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 					_logger.error("setProperty error . ", e);
 				}
 				
-				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(authentication.getUsername());
-				
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)samlAdapter;
-				adapter.setAuthentication(authentication);
-				adapter.setUserInfo(userInfo);
+				adapter.setPrincipal(authentication);
 				adapter.setApp(storedTicket.getCasDetails());
 				adapter.generateInfo();
 			}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java

@@ -149,7 +149,7 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		}
 		
 		if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
-		    String onlineTicketId = AuthorizationUtils.getPrincipal().getOnlineTicket().getTicketId();
+		    String onlineTicketId = AuthorizationUtils.getPrincipal().getOnlineTicket().getFormattedTicketId();
 		    OnlineTicket onlineTicket  = onlineTicketService.get(onlineTicketId);
 		    //set cas ticket as OnlineTicketId
 		    casDetails.setOnlineTicket(ticket);

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -75,7 +75,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
 		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
-		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,authentication.getOnlineTicket().getTicketId());
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getOnlineTicket().getFormattedTicketId());
 	
 		return serviceResponseBuilder;
 	}

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java

@@ -67,8 +67,7 @@ public class ExtendApiAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 				return generateInitCredentialModelAndView(id,"/authorize/api/"+id);
 			}
 			
-			adapter.setAuthentication(AuthorizationUtils.getPrincipal());
-			adapter.setUserInfo(currentUser);
+			adapter.setPrincipal(AuthorizationUtils.getPrincipal());
 			adapter.setApp(apps);
 			adapter.setAccount(account);
 			

maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java

@@ -90,8 +90,7 @@ public class FormBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 				FormBasedDefaultAdapter formBasedDefaultAdapter =new FormBasedDefaultAdapter();
 				adapter =(AbstractAuthorizeAdapter)formBasedDefaultAdapter;
 			}
-			adapter.setAuthentication(AuthorizationUtils.getPrincipal());
-			adapter.setUserInfo(currentUser);
+			adapter.setPrincipal(AuthorizationUtils.getPrincipal());
 			adapter.setApp(formBasedDetails);
 			adapter.setAccount(account);
 			

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java

@@ -82,7 +82,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter {
 				.claim("user_id", userInfo.getId())
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
-				.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId())
+				.claim(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId())
 				.claim("kid", jwtDetails.getId()+ "_sig")
 				.claim("institution", userInfo.getInstId())
 				.build();

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java

@@ -101,8 +101,7 @@ public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 			adapter = (AbstractAuthorizeAdapter)jwtAdapter;
 		}
 		
-		adapter.setAuthentication(AuthorizationUtils.getPrincipal());
-		adapter.setUserInfo(currentUser);
+		adapter.setPrincipal(AuthorizationUtils.getPrincipal());
 		
 		adapter.generateInfo();
 		//sign

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java

@@ -47,25 +47,25 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 		
 		String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + java.util.UUID.randomUUID().toString().toLowerCase();
 		
-		SigninPrincipal signinPrincipal = new SigninPrincipal(userInfo);
+		SigninPrincipal principal = new SigninPrincipal(userInfo);
 		OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
 		//set OnlineTicket
-        signinPrincipal.setOnlineTicket(onlineTicket);
+		principal.setOnlineTicket(onlineTicket);
         
         ArrayList<GrantedAuthority> grantedAuthoritys = loginRepository.grantAuthority(userInfo);
-        signinPrincipal.setAuthenticated(true);
+        principal.setAuthenticated(true);
         
         for(GrantedAuthority administratorsAuthority : AbstractAuthenticationProvider.grantedAdministratorsAuthoritys) {
             if(grantedAuthoritys.contains(administratorsAuthority)) {
-                signinPrincipal.setRoleAdministrators(true);
+            	principal.setRoleAdministrators(true);
                 _logger.trace("ROLE ADMINISTRATORS Authentication .");
             }
         }
         _logger.debug("Granted Authority " + grantedAuthoritys);
         
-        signinPrincipal.setGrantedAuthorityApps(grantedAuthoritys);
+        principal.setGrantedAuthorityApps(grantedAuthoritys);
         
-		return signinPrincipal;
+		return principal;
 	}
 
 	public void setLoginRepository(LoginRepository loginRepository) {

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/approval/endpoint/OAuth20AccessConfirmationEndpoint.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -66,7 +66,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		beanMap.put("state", userInfo.getWorkRegion());
 		beanMap.put("gender", userInfo.getGender());
 		beanMap.put("institution", userInfo.getInstId());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId());
 		
 		String info= JsonUtils.object2Json(beanMap);
 		

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java

@@ -93,18 +93,14 @@ public class UserInfoEndpoint {
 				httpResponseAdapter.write(response,JsonUtils.gson2Json(accessTokenFormatError(access_token)),"json"); 
 			}
 			
-			String principal="";
 			OAuth2Authentication oAuth2Authentication =null;
 			try{
 				 oAuth2Authentication = oauth20tokenServices.loadAuthentication(access_token);
 				 
-				 principal=((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal()).getUsername();
-				 
 				 String client_id= oAuth2Authentication.getOAuth2Request().getClientId();
 				 ClientDetails clientDetails = 
 						 clientDetailsService.loadClientByClientId(client_id,true);
 				 
-				 UserInfo userInfo=queryUserInfo(principal);
 				 Apps app = appsService.get(client_id);
 				 
 				 AbstractAuthorizeAdapter adapter;
@@ -118,8 +114,7 @@ public class UserInfoEndpoint {
 				 }else{
 					adapter =(AbstractAuthorizeAdapter)new OAuthDefaultUserInfoAdapter(clientDetails);
 				 }
-				 adapter.setAuthentication((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal());
-				 adapter.setUserInfo(userInfo);
+				 adapter.setPrincipal((SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal());
 				 adapter.setApp(app);
 				 
 				Object jsonData = adapter.generateInfo();

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java

@@ -134,7 +134,7 @@ public class UserInfoOIDCEndpoint {
 			 
 			 jwtClaimsSetBuilder.claim("sub", subject);
 			 jwtClaimsSetBuilder.claim("institution", userInfo.getInstId());
-			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
+			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getFormattedTicketId());
 			 
 		 	if(scopes.contains("profile")){
 		 		jwtClaimsSetBuilder.claim("userId", userInfo.getId());

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -78,7 +78,7 @@ public class AssertionEndpoint {
 		logger.debug("AuthnRequestInfo: {}", authnRequestInfo);
 		HashMap <String,String>attributeMap=new HashMap<String,String>();
 		attributeMap.put(WebConstants.ONLINE_TICKET_NAME, 
-		        AuthorizationUtils.getPrincipal().getOnlineTicket().getTicketId());
+		        AuthorizationUtils.getPrincipal().getOnlineTicket().getFormattedTicketId());
 		
 		//saml20Details
 		Response authResponse = authnResponseGenerator.generateAuthnResponse(

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java

@@ -87,8 +87,7 @@ public class TokenBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 		}else{
 			adapter =(AbstractAuthorizeAdapter)new TokenBasedDefaultAdapter();
 		}
-		adapter.setAuthentication(AuthorizationUtils.getPrincipal());
-		adapter.setUserInfo(currentUser);
+		adapter.setPrincipal(AuthorizationUtils.getPrincipal());
 		adapter.setApp(tokenBasedDetails);
 		
 		adapter.generateInfo();

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java

@@ -73,7 +73,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
 		}
 		
 		beanMap.put("displayName", userInfo.getDisplayName());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getOnlineTicket().getFormattedTicketId());
 		
 		/*
 		 * use UTC date time format

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java

@@ -33,7 +33,6 @@ import org.maxkey.web.interceptor.SingleSignOnInterceptor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -49,15 +48,12 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
     private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyMvcConfig.class);
     
     @Autowired
-  	@Qualifier("applicationConfig")
   	ApplicationConfig applicationConfig;
     
     @Autowired
-    @Qualifier("authenticationProvider")
     AbstractAuthenticationProvider authenticationProvider ;
     
     @Autowired
-	@Qualifier("kerberosService")
     KerberosService kerberosService;
     
     @Autowired

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -25,8 +25,6 @@ import org.maxkey.authn.online.OnlineTicketService;
 import org.maxkey.entity.HistoryLogin;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.UserInfo;
-import org.maxkey.persistence.repository.LoginHistoryRepository;
-import org.maxkey.persistence.repository.LoginRepository;
 import org.maxkey.persistence.service.HistoryLoginService;
 import org.maxkey.util.DateUtils;
 import org.maxkey.util.StringUtils;
@@ -57,11 +55,6 @@ public class LoginSessionController {
 
     @Autowired
     HistoryLoginService historyLoginService;
-    @Autowired
-    LoginRepository loginRepository;
-    
-    @Autowired
-    LoginHistoryRepository loginHistoryRepository;
     
     @Autowired
     OnlineTicketService onlineTicketService;
@@ -85,8 +78,6 @@ public class LoginSessionController {
         		).buildResponse();
     }
 
-
-    
     @ResponseBody
     @RequestMapping(value="/terminate")  
     public ResponseEntity<?> terminate(@RequestParam("ids") String ids,@CurrentUser UserInfo currentUser) {
@@ -98,10 +89,11 @@ public class LoginSessionController {
                 if(currentUser.getOnlineTicket().contains(sessionId)) {
                     continue;//skip current session
                 }
-                String lastLogoffTime = DateUtils.formatDateTime(new Date());
-                loginRepository.updateLastLogoff(currentUser);
-                loginHistoryRepository.logoff(lastLogoffTime, sessionId);
-                onlineTicketService.remove("OT-" + sessionId);
+                
+                onlineTicketService.terminate(
+                		sessionId,
+                		currentUser.getId(),
+                		currentUser.getUsername());
             }
             isTerminated = true;
         }catch(Exception e) {

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/access/contorller/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.web.access.contorller;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.access.contorller;

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEntryPoint.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,141 +19,66 @@ package org.maxkey.web.endpoint;
 
 import java.util.Iterator;
 import java.util.Set;
-import java.util.UUID;
 import java.util.Map.Entry;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import org.maxkey.authn.annotation.CurrentUser;
 import org.maxkey.authn.online.OnlineTicket;
 import org.maxkey.authn.online.OnlineTicketService;
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.authn.web.AuthorizationUtils;
 import org.maxkey.authz.singlelogout.SamlSingleLogout;
 import org.maxkey.authz.singlelogout.DefaultSingleLogout;
 import org.maxkey.authz.singlelogout.LogoutType;
 import org.maxkey.authz.singlelogout.SingleLogout;
-import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstsProtocols;
+import org.maxkey.entity.Message;
+import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.Apps;
-import org.maxkey.web.WebConstants;
-import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.servlet.ModelAndView;
-
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
 @Tag(name = "1-3-单点注销接口文档模块")
 @Controller
 public class LogoutEndpoint {
-	
 	private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class);
-	
-	public static final String RE_LOGIN_URL	=	"reLoginUrl";
-	
-	@Autowired
-	@Qualifier("authenticationRealm")
-	AbstractAuthenticationRealm authenticationRealm;
-	
-	@Autowired
-	ApplicationConfig applicationConfig;
-	
+
 	@Autowired
     protected OnlineTicketService onlineTicketService;
 	
 	@Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET")
- 	@RequestMapping(value={"/logout"})
- 	public ModelAndView logout(
- 					HttpServletRequest request, 
- 					HttpServletResponse response,
- 					@RequestParam(value=RE_LOGIN_URL,required=false) String reLoginUrl){
- 		
- 		return logoutModelAndView(request,response,"loggedout",reLoginUrl);
- 	}
- 	
-	@Operation(summary = "登录超时接口", description = "",method="GET")
- 	@RequestMapping(value={"/timeout"})
- 	public ModelAndView timeout(HttpServletRequest request, HttpServletResponse response){
- 		return logoutModelAndView(request,response,"timeout",null);
- 	}
- 	
- 	
- 	private ModelAndView logoutModelAndView(
- 			HttpServletRequest request,
- 			HttpServletResponse response,
- 			String viewName,
- 			String reLoginUrl){
- 		ModelAndView modelAndView = new ModelAndView();
- 		authenticationRealm.logout(response);
- 		
- 		if(reLoginUrl==null ||reLoginUrl.equals("")){
-	 		SavedRequest  firstSavedRequest = (SavedRequest)WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
-	 		reLoginUrl="/login";
-	 		if(firstSavedRequest!=null){
-	 			reLoginUrl= firstSavedRequest.getRedirectUrl();
-	 			WebContext.removeAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
-	 		}
- 		}
- 		
- 		//not start with http or https
- 		if(reLoginUrl!=null && !reLoginUrl.toLowerCase().startsWith("http")) {
- 		    if(reLoginUrl.startsWith("/")) {
- 		        reLoginUrl=request.getContextPath()+reLoginUrl;
- 		    }else {
- 		       reLoginUrl=request.getContextPath()+"/"+reLoginUrl;
- 		    }
- 		}
- 		
- 		_logger.debug("re Login URL : "+ reLoginUrl);
- 		
- 		modelAndView.addObject("reloginUrl",reLoginUrl);
- 		
- 		//if logined in have onlineTicket ,need remove or logout back
- 		if(AuthorizationUtils.getAuthentication() != null) {
- 			String onlineTicketId = (AuthorizationUtils.getPrincipal()).getOnlineTicket().getTicketId();
- 	 		OnlineTicket onlineTicket = onlineTicketService.get(onlineTicketId);
- 	 		if(onlineTicket != null) {
-		 		Set<Entry<String, Apps>> entrySet = onlineTicket.getAuthorizedApps().entrySet();
-		 
-		        Iterator<Entry<String, Apps>> iterator = entrySet.iterator();
-		        while (iterator.hasNext()) {
-		            Entry<String, Apps> mapEntry = iterator.next();
-		            _logger.debug("App Id : "+ mapEntry.getKey()+ " , " +mapEntry.getValue());
-		            if( mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL){
-		                SingleLogout singleLogout;
-		                if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) {
-		                    singleLogout =new SamlSingleLogout();
-		                }else {
-		                    singleLogout = new DefaultSingleLogout();
-		                }
-		                singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue());
-		            }
-		        }
-		        onlineTicketService.remove(onlineTicketId);
- 	 		}
+	@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
+ 	public  ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
+		//if logined in have onlineTicket ,need remove or logout back
+		String onlineTicketId = currentUser.getOnlineTicket();
+ 		OnlineTicket onlineTicket = onlineTicketService.get(onlineTicketId);
+ 		if(onlineTicket != null) {
+	 		Set<Entry<String, Apps>> entrySet = onlineTicket.getAuthorizedApps().entrySet();
+	 
+	        Iterator<Entry<String, Apps>> iterator = entrySet.iterator();
+	        while (iterator.hasNext()) {
+	            Entry<String, Apps> mapEntry = iterator.next();
+	            _logger.debug("App Id : "+ mapEntry.getKey()+ " , " +mapEntry.getValue());
+	            if( mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL){
+	                SingleLogout singleLogout;
+	                if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) {
+	                    singleLogout =new SamlSingleLogout();
+	                }else {
+	                    singleLogout = new DefaultSingleLogout();
+	                }
+	                singleLogout.sendRequest(onlineTicket.getAuthentication(), mapEntry.getValue());
+	            }
+	        }
+	        
+	        onlineTicketService.terminate(
+	        		onlineTicketId, 
+	        		currentUser.getId(),
+	        		currentUser.getUsername());
  		}
- 		//remove ONLINE_TICKET cookie
- 		WebContext.expiryCookie(
- 					WebContext.getResponse(), 
- 					this.applicationConfig.getBaseDomainName(), 
- 					WebConstants.ONLINE_TICKET_NAME, 
- 					UUID.randomUUID().toString()
- 		);
- 		request.getSession().invalidate();
- 		//for(String removeAttribute : WebContext.logoutAttributeNameList) {
- 		//	request.getSession().removeAttribute(removeAttribute);
- 		//}
- 		SecurityContextHolder.clearContext();
- 		
- 		modelAndView.setViewName(viewName);
- 		return modelAndView;
+ 		return new Message<String>().buildResponse();
  	}
 }

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/HistorySignOnAppInterceptor.java

@@ -32,8 +32,6 @@ import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.AsyncHandlerInterceptor;
@@ -47,7 +45,6 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
     HistoryLoginAppsService historyLoginAppsService;
 
     @Autowired
-    @Qualifier("appsService")
     protected AppsService appsService;
     
     /**
@@ -59,10 +56,9 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
             throws Exception {
         _logger.debug("preHandle");
         final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
-        Authentication authentication = AuthorizationUtils.getAuthentication();
-        if(authentication.getPrincipal() instanceof SigninPrincipal) {
-            SigninPrincipal signinPrincipal = (SigninPrincipal)authentication.getPrincipal() ;
-            if(signinPrincipal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) {
+        SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+        if(principal != null) {
+            if(principal.getGrantedAuthorityApps().contains(new SimpleGrantedAuthority(app.getId()))) {
                 _logger.trace("preHandle have authority access " + app);
                 return true;
             }
@@ -85,12 +81,10 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
        
         final Apps app = (Apps)WebContext.getAttribute(WebConstants.AUTHORIZE_SIGN_ON_APP);
         
-        Authentication  authentication  = AuthorizationUtils.getAuthentication();
-        if((authentication != null)
-        		&& (authentication.getPrincipal() instanceof SigninPrincipal)) {
-        	SigninPrincipal signinPrincipal = AuthorizationUtils.getPrincipal();
-        	final UserInfo userInfo = signinPrincipal.getUserInfo();
-        	String sessionId = signinPrincipal.getOnlineTicket().getTicketId().substring(3);
+        SigninPrincipal principal = AuthorizationUtils.getPrincipal();
+        if(principal != null) {
+        	final UserInfo userInfo = principal.getUserInfo();
+        	String sessionId = principal.getOnlineTicket().getFormattedTicketId().substring(3);
         	 _logger.debug("sessionId : " + sessionId + " ,appId : " + app.getId());
              HistoryLoginApps historyLoginApps = new HistoryLoginApps();
              historyLoginApps.setAppId(app.getId());

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtJobs.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,6 +19,8 @@ package org.maxkey;
 
 import org.maxkey.jobs.AccountsStrategyJob;
 import org.maxkey.jobs.DynamicGroupsJob;
+import org.maxkey.persistence.repository.LoginHistoryRepository;
+import org.maxkey.persistence.repository.LoginRepository;
 import org.maxkey.persistence.service.AccountsService;
 import org.maxkey.persistence.service.GroupsService;
 import org.opensaml.xml.ConfigurationException;
@@ -134,6 +136,14 @@ public class MaxKeyMgtJobs  implements InitializingBean {
 		scheduler.scheduleJob(jobDetail,cronTrigger);    
 	}
     
+    public String  SessionListenerJob(
+    		SchedulerFactoryBean schedulerFactoryBean,
+    		LoginRepository loginRepository,
+    		LoginHistoryRepository loginHistoryRepository) {
+    	
+    	return "sessionListenerJob";
+    }
+    
     @Override
     public void afterPropertiesSet() throws Exception {
         

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -98,6 +98,8 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
         		authenticationProvider,jwtLoginService,applicationConfig,true))
         	.addPathPatterns("/login");
         
+        permissionInterceptor.setMgmt(true);
+        
         registry.addInterceptor(permissionInterceptor)
                 .addPathPatterns("/dashboard/**")
                 .addPathPatterns("/orgs/**")

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/AccountsStrategyJob.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/DynamicRolesJob.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/jobs/OnlineTicketListenerJob.java

@@ -0,0 +1,38 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.maxkey.jobs;
+
+import java.io.Serializable;
+
+import org.quartz.Job;
+import org.quartz.JobExecutionContext;
+import org.quartz.JobExecutionException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class OnlineTicketListenerJob   implements Job , Serializable {
+	final static Logger _logger = LoggerFactory.getLogger(OnlineTicketListenerJob.class);
+	
+	private static final long serialVersionUID = 4782358765969474833L;
+
+	
+	@Override
+	public void execute(JobExecutionContext context) throws JobExecutionException {
+		// TODO Auto-generated method stub
+		
+	}
+
+}

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/LoginSessionController.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -97,10 +97,7 @@ public class LoginSessionController {
                 if(currentUser.getOnlineTicket().contains(sessionId)) {
                     continue;//skip current session
                 }
-                String lastLogoffTime = DateUtils.formatDateTime(new Date());
-                loginRepository.updateLastLogoff(currentUser);
-                loginHistoryRepository.logoff(lastLogoffTime, sessionId);
-                onlineTicketService.remove("OT-" + sessionId);
+                onlineTicketService.terminate(sessionId,currentUser.getId(),currentUser.getUsername());
             }
             isTerminated = true;
         }catch(Exception e) {

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.web.access.contorller;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.access.contorller;

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/config/contorller/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.web.config.contorller;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.config.contorller;

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/LogoutEndpoint.java

@@ -1,5 +1,5 @@
 /*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -17,62 +17,29 @@
 
 package org.maxkey.web.contorller;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.web.WebConstants;
-import org.maxkey.web.WebContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.maxkey.authn.annotation.CurrentUser;
+import org.maxkey.authn.online.OnlineTicketService;
+import org.maxkey.entity.Message;
+import org.maxkey.entity.UserInfo;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.servlet.ModelAndView;
 
 @Controller
 public class LogoutEndpoint {
 	
-	private static Logger _logger = LoggerFactory.getLogger(LogoutEndpoint.class);
-	
-	public static final String RE_LOGIN_URL    =   "reLoginUrl";
-	
 	@Autowired
-	@Qualifier("authenticationRealm")
-	AbstractAuthenticationRealm authenticationRealm;
+    protected OnlineTicketService onlineTicketService;
 	
- 	@RequestMapping(value={"/logout"})
- 	public ModelAndView logout( HttpServletRequest request, 
- 	                            HttpServletResponse response,
- 	                            @RequestParam(value=RE_LOGIN_URL,required=false) String reLoginUrl){
- 		ModelAndView modelAndView = new ModelAndView();
- 		authenticationRealm.logout(response);
- 		SavedRequest  firstSavedRequest = (SavedRequest)WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
- 		
- 		if(reLoginUrl==null ||reLoginUrl.equals("")) {
- 		    reLoginUrl="/login";
- 		}
- 		
- 		if(firstSavedRequest!=null){
- 			reLoginUrl= firstSavedRequest.getRedirectUrl();
- 		}
- 		
- 		if(reLoginUrl!=null && !reLoginUrl.toLowerCase().startsWith("http")) {
-            if(reLoginUrl.startsWith("/")) {
-                reLoginUrl=request.getContextPath()+reLoginUrl;
-            }else {
-               reLoginUrl=request.getContextPath()+"/"+reLoginUrl;
-            }
-        }
- 		_logger.debug("re Login URL : "+ reLoginUrl);
- 		modelAndView.addObject("reloginUrl",reLoginUrl);
- 		request.getSession().invalidate();
-	 		
- 		modelAndView.setViewName("loggedout");
-		return modelAndView;
+ 	@RequestMapping(value={"/logout"}, produces = {MediaType.APPLICATION_JSON_VALUE})
+ 	public  ResponseEntity<?> logout(@CurrentUser UserInfo currentUser){
+ 		onlineTicketService.terminate(
+ 				currentUser.getOnlineTicket(), 
+ 				currentUser.getId(),
+ 				currentUser.getUsername());
+ 		return new Message<String>().buildResponse();
  	}
  	
 }

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/permissions/contorller/package-info.java

@@ -1 +1,18 @@
-package org.maxkey.web.permissions.contorller;
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.web.permissions.contorller;