ONLINE_TICKET

maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -251,6 +251,8 @@ public abstract class AbstractAuthenticationProvider {
             } else {
                 _logger.debug("User Login. ");
             }
+            //Online Tickit
+            userInfo.setOnlineTickit(WebConstants.ONLINE_TICKET_PREFIX + "-" +userInfo.generateId());
         }
 
         return userInfo;

maxkey-core/src/main/java/org/maxkey/authn/BasicAuthentication.java

@@ -34,6 +34,7 @@ public class BasicAuthentication implements Authentication {
     String remeberMe;
     String authType;
     String jwtToken;
+    String onlineTickit;
     ArrayList<GrantedAuthority> grantedAuthority;
     boolean authenticated;
 
@@ -166,6 +167,14 @@ public class BasicAuthentication implements Authentication {
         this.grantedAuthority = grantedAuthority;
     }
 
+    public String getOnlineTickit() {
+        return onlineTickit;
+    }
+
+    public void setOnlineTickit(String onlineTickit) {
+        this.onlineTickit = onlineTickit;
+    }
+
     @Override
     public String toString() {
         StringBuilder builder = new StringBuilder();

maxkey-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -93,7 +93,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
                 );
             }
         }
-
+        auth.setOnlineTickit(userInfo.getOnlineTickit());
         UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken =
                 new UsernamePasswordAuthenticationToken(
                 auth,
@@ -101,7 +101,9 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
                 authenticationRealm.grantAuthority(userInfo));
         usernamePasswordAuthenticationToken.setDetails(
                 new WebAuthenticationDetails(WebContext.getRequest()));
-
+        
+        setOnlineTickit(userInfo.getOnlineTickit());
+        
         return usernamePasswordAuthenticationToken;
     }
     
@@ -110,7 +112,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
         BasicAuthentication basicAuth = (BasicAuthentication) authentication;
         UserInfo loadeduserInfo = loadUserInfo(basicAuth.getUsername(), "");
         if (loadeduserInfo != null) {
-
+            
             authenticationRealm.passwordMatches(loadeduserInfo, basicAuth.getPassword());
 
             authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo);
@@ -118,14 +120,16 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
             WebContext.setUserInfo(loadeduserInfo);
 
             authentication.setAuthenticated(true);
-
+            basicAuth.setOnlineTickit(loadeduserInfo.getOnlineTickit());
             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
                     authentication, "PASSWORD", authenticationRealm.grantAuthority(loadeduserInfo));
 
             WebContext.setAuthentication(authenticationToken);
             WebContext.setUserInfo(loadeduserInfo);
             authenticationRealm.insertLoginHistory(loadeduserInfo, basicAuth.getAuthType(), "", "", "SUCCESS");
-
+            
+            setOnlineTickit(loadeduserInfo.getOnlineTickit());
+            
             return authenticationToken;
         }else {
             String message = WebContext.getI18nValue("login.error.username");
@@ -154,6 +158,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
             WebContext.setUserInfo(loadeduserInfo);
             BasicAuthentication authentication = new BasicAuthentication();
             authentication.setUsername(loadeduserInfo.getUsername());
+            authentication.setOnlineTickit(loadeduserInfo.getOnlineTickit());
             UsernamePasswordAuthenticationToken authenticationToken =
                     new UsernamePasswordAuthenticationToken(
                             authentication, 
@@ -167,6 +172,8 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
 
             authenticationRealm.insertLoginHistory(loadeduserInfo, type, provider, code, message);
             
+            setOnlineTickit(loadeduserInfo.getOnlineTickit());
+            
             return authenticationToken;
         }else {
             String i18nMessage = WebContext.getI18nValue("login.error.username");
@@ -174,5 +181,14 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
             throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
         }
     }
+    
+    public void setOnlineTickit(String tickit) {
+        _logger.debug("set online Tickit " + tickit + " on domain "+ this.applicationConfig.getBaseDomainName());
+        WebContext.setCookie(WebContext.getResponse(), 
+                this.applicationConfig.getBaseDomainName(), 
+                WebConstants.ONLINE_TICKET_NAME, 
+                tickit, 
+                0);
+    }
   
 }

maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java

@@ -59,11 +59,11 @@ public class MvcAutoConfiguration implements InitializingBean {
      */
     @Bean (name = "localeResolver")
     public CookieLocaleResolver cookieLocaleResolver(
-            @Value("${config.server.domain.sub:maxkey.top}")String subDomainName) {
-        _logger.debug("subDomainName " + subDomainName);
+            @Value("${config.server.domain:maxkey.top}")String domainName) {
+        _logger.debug("DomainName " + domainName);
         CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
         cookieLocaleResolver.setCookieName("maxkey_lang");
-        cookieLocaleResolver.setCookieDomain(subDomainName);
+        cookieLocaleResolver.setCookieDomain(domainName);
         cookieLocaleResolver.setCookieMaxAge(604800);
         return cookieLocaleResolver;
     }

maxkey-core/src/main/java/org/maxkey/web/WebConstants.java

@@ -71,8 +71,12 @@ public class WebConstants {
 
     public static final String AUTHENTICATION = "current_authentication";
     
-    public static final String THEME_COOKIE_NAME = "maxkey_theme";
+    public static final String THEME_COOKIE_NAME = "theme_value";
     
     public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";
+    
+    public static final String ONLINE_TICKET_NAME = "online_ticket";
+    
+    public static final String ONLINE_TICKET_PREFIX = "OT";
 
 }

maxkey-core/src/main/java/org/maxkey/web/WebContext.java

@@ -154,6 +154,11 @@ public final class WebContext {
         return ((ServletRequestAttributes) 
                     RequestContextHolder.getRequestAttributes()).getRequest();
     }
+    
+    public static HttpServletResponse getResponse() {
+        return ((ServletRequestAttributes) 
+                    RequestContextHolder.getRequestAttributes()).getResponse();
+    }
 
     /**
      * get Http Context full Path.
@@ -336,11 +341,14 @@ public final class WebContext {
      * @param time cookie的存在时间
      */
     public static HttpServletResponse setCookie(
-            HttpServletResponse response, String name, String value, int time) {
+            HttpServletResponse response, String domain ,String name, String value, int time) {
         // new一个Cookie对象,键值对为参数
         Cookie cookie = new Cookie(name, value);
         // tomcat下多应用共享
         cookie.setPath("/");
+        if(domain != null) {
+            cookie.setDomain(domain);
+        }
         // 如果cookie的值中含有中文时，需要对cookie进行编码，不然会产生乱码
         try {
             URLEncoder.encode(value, "utf-8");
@@ -348,7 +356,9 @@ public final class WebContext {
             e.printStackTrace();
         }
         // 单位：秒
-        cookie.setMaxAge(time);
+        if(time > 0) {
+            cookie.setMaxAge(time);
+        }
         // 将Cookie添加到Response中,使之生效
         response.addCookie(cookie); // addCookie后，如果已经存在相同名字的cookie，则最新的覆盖旧的cookie
         return response;

maxkey-core/src/main/java/org/maxkey/web/tag/ThemeTagDirective.java

@@ -76,7 +76,7 @@ public class ThemeTagDirective implements TemplateDirectiveModel {
         if (request.getAttribute(WebConstants.THEME_COOKIE_NAME) == null 
                 && null != WebContext.getUserInfo()) {
             request.setAttribute(WebConstants.THEME_COOKIE_NAME, "theme");
-            WebContext.setCookie(response, 
+            WebContext.setCookie(response, null,
                     WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
         }
         

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java

@@ -86,12 +86,19 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
 			@RequestParam(value = CasConstants.PARAMETER.SERVICE) String service,
 			@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew
 			 ){
+	    _logger.debug("serviceValidate " 
+                + " ticket " + ticket 
+                +" , service " + service
+                +" , renew " + renew
+        );
+	    
 		Ticket storedTicket=null;
 		try {
 			storedTicket = ticketServices.consumeTicket(ticket);
 		} catch (Exception e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
+			_logger.error("consume Ticket error " , e);
 		}
 		
 		if(storedTicket!=null){
@@ -101,6 +108,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
 					.setUser(principal)
 					.serviceResponseBuilder();
 		}else{
+		    _logger.debug("Ticket not found .");
 			return new Service10ResponseBuilder().failure()
 					.serviceResponseBuilder();
 		}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java

@@ -173,7 +173,14 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 			@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
 			@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
 			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
-		
+	    _logger.debug("serviceValidate " 
+                + " ticket " + ticket 
+                +" , service " + service 
+                +" , pgtUrl " + pgtUrl
+                +" , renew " + renew
+                +" , format " + format
+        );
+	    
 	    setContentType(request,response,format);
 	    
 		Ticket storedTicket=null;
@@ -186,13 +193,15 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-			String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
+		    BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
+			String principal=authentication.getUsername();
 			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
 			
 			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
+				userInfo.setOnlineTickit(authentication.getOnlineTickit());
 				adapter.generateInfo(userInfo, serviceResponseBuilder);
 			}
 		}else{
@@ -274,7 +283,13 @@ Response on ticket validation failure:
 			@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
 			@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
 			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
-		
+	    _logger.debug("proxyValidate " 
+                + " ticket " + ticket 
+                +" , service " + service 
+                +" , pgtUrl " + pgtUrl
+                +" , renew " + renew
+                +" , format " + format
+        );
 	    setContentType(request,response,format);
 		
 		Ticket storedTicket=null;
@@ -358,7 +373,11 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 			@RequestParam(value = CasConstants.PARAMETER.PROXY_GRANTING_TICKET) String pgt,
 			@RequestParam(value = CasConstants.PARAMETER.TARGET_SERVICE) String targetService,
 			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
-	    
+	    _logger.debug("proxy " 
+                + " pgt " + pgt 
+                +" , targetService " + targetService 
+                +" , format " + format
+        );
 	    setContentType(request,response,format);
 	    
 	    ProxyServiceResponseBuilder proxyServiceResponseBuilder=new ProxyServiceResponseBuilder();

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java

@@ -57,7 +57,14 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 			@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
 			@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
 			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
-		
+	    _logger.debug("serviceValidate " 
+	                    + " ticket " + ticket 
+	                    +" , service " + service 
+	                    +" , pgtUrl " + pgtUrl
+	                    +" , renew " + renew
+	                    +" , format " + format
+	            );
+	    
 	    setContentType(request,response,format);
 	    
 		Ticket storedTicket=null;
@@ -69,12 +76,14 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		ServiceResponseBuilder serviceResponseBuilder=new ServiceResponseBuilder();
 		
 		if(storedTicket!=null){
-			String principal=((BasicAuthentication)storedTicket.getAuthentication().getPrincipal()).getUsername();
+		    BasicAuthentication authentication = ((BasicAuthentication)storedTicket.getAuthentication().getPrincipal());
+			String principal=authentication.getUsername();
 			serviceResponseBuilder.success().setUser(principal);
 			
 			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.loadByUsername(principal);
+				userInfo.setOnlineTickit(authentication.getOnlineTickit());
 				adapter.generateInfo(userInfo, serviceResponseBuilder);
 			}
 		}else{
@@ -96,7 +105,13 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 			@RequestParam(value = CasConstants.PARAMETER.PROXY_CALLBACK_URL,required=false) String pgtUrl,
 			@RequestParam(value = CasConstants.PARAMETER.RENEW,required=false) String renew,
 			@RequestParam(value = CasConstants.PARAMETER.FORMAT,required=false,defaultValue=CasConstants.FORMAT_TYPE.XML) String format){
-		
+	    _logger.debug("proxyValidate " 
+                + " ticket " + ticket 
+                +" , service " + service 
+                +" , pgtUrl " + pgtUrl
+                +" , renew " + renew
+                +" , format " + format
+        );
 	    setContentType(request,response,format);
 	    		
 		Ticket storedTicket=null;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java

@@ -103,6 +103,10 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		    callbackUrl.append("?");
 		}
 		
+		if(callbackUrl.indexOf("&") != -1) {
+		    callbackUrl.append("&");
+		}
+		
 		//append ticket
 		callbackUrl.append(CasConstants.PARAMETER.TICKET).append("=").append(ticket);
 		

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java

@@ -23,6 +23,7 @@ import org.apache.commons.codec.binary.Base64;
 import org.maxkey.authz.cas.endpoint.response.ServiceResponseBuilder;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.domain.UserInfo;
+import org.maxkey.web.WebConstants;
 import org.springframework.web.servlet.ModelAndView;
 
 public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
@@ -65,6 +66,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
 		
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,userInfo.getOnlineTickit());
 	
 		return null;
 	}

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java

@@ -23,6 +23,7 @@ import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
+import org.maxkey.web.WebConstants;
 import org.springframework.web.servlet.ModelAndView;
 
 public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
@@ -43,6 +44,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		beanMap.put("title", userInfo.getJobTitle());
 		beanMap.put("state", userInfo.getWorkRegion());
 		beanMap.put("gender", userInfo.getGender());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
 		
 		String info= JsonUtils.object2Json(beanMap);
 		

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java

@@ -26,6 +26,7 @@ import java.util.UUID;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.BasicAuthentication;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
@@ -46,7 +47,7 @@ import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.util.Instance;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
-
+import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -134,7 +135,8 @@ public class UserInfoEndpoint {
 				 }else{
 					adapter =(AbstractAuthorizeAdapter)defaultOAuthUserInfoAdapter;
 				 }
-
+				 BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
+				 userInfo.setOnlineTickit(authentication.getOnlineTickit());
 				String jsonData=adapter.generateInfo(userInfo, app);
 				return jsonData;
 			}catch(OAuth2Exception e){
@@ -170,8 +172,11 @@ public class UserInfoEndpoint {
 			 String userJson="";
 			 Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
 			 
+			 BasicAuthentication authentication = (BasicAuthentication)oAuth2Authentication.getUserAuthentication();
+			 
 			 jwtClaimsSetBuilder.claim("sub", userInfo.getId());
-		 	
+			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTickit());
+			 
 		 	if(scopes.contains("profile")){
 		 		jwtClaimsSetBuilder.claim("name", userInfo.getUsername());
 		 		jwtClaimsSetBuilder.claim("preferred_username", userInfo.getDisplayName());

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java

@@ -27,6 +27,8 @@ import org.maxkey.authz.saml.common.EndpointGenerator;
 import org.maxkey.authz.saml20.binding.BindingAdapter;
 import org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator;
 import org.maxkey.domain.apps.AppsSAML20Details;
+import org.maxkey.web.WebConstants;
+import org.maxkey.web.WebContext;
 import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.metadata.Endpoint;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
@@ -70,6 +72,9 @@ public class AssertionEndpoint {
 		logger.debug("AuthnRequestInfo: {}", authnRequestInfo);
 
 		HashMap <String,String>attributeMap=new HashMap<String,String>();
+		
+		attributeMap.put(WebConstants.ONLINE_TICKET_NAME, WebContext.getUserInfo().getOnlineTickit());
+		
 		//saml20Details
 		Response authResponse = authnResponseGenerator.generateAuthnResponse(
 				saml20Details,

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java

@@ -26,6 +26,7 @@ import org.maxkey.domain.apps.AppsTokenBasedDetails;
 import org.maxkey.util.DateUtils;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.util.StringGenerator;
+import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.ModelAndView;
@@ -70,6 +71,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
 		}
 		
 		beanMap.put("displayName", userInfo.getDisplayName());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit());
 		
 		/*
 		 * use UTC date time format

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTAdapter.java

@@ -28,6 +28,7 @@ import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService;
 import org.maxkey.domain.UserInfo;
 import org.maxkey.domain.apps.Apps;
 import org.maxkey.domain.apps.AppsTokenBasedDetails;
+import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -67,6 +68,7 @@ public class TokenBasedJWTAdapter extends AbstractAuthorizeAdapter {
 				.claim("user_id", userInfo.getId())
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
+				.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
 				.claim("kid", jwtSignerService.getDefaultSignerKeyId())
 				.build();
 		

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/adapter/TokenBasedJWTHS256Adapter.java

@@ -30,6 +30,7 @@ import org.maxkey.crypto.jwt.signer.service.impl.SymmetricSigningAndValidationSe
 import org.maxkey.domain.UserInfo;
 import org.maxkey.domain.apps.Apps;
 import org.maxkey.domain.apps.AppsTokenBasedDetails;
+import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -67,6 +68,7 @@ public class TokenBasedJWTHS256Adapter extends AbstractAuthorizeAdapter {
 				.claim("email", userInfo.getWorkEmail())
 				.claim("name", userInfo.getUsername())
 				.claim("user_id", userInfo.getId())
+				.claim(WebConstants.ONLINE_TICKET_NAME, userInfo.getOnlineTickit())
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
 				.claim("kid", "SYMMETRIC-KEY")

maxkey-web-manage/src/main/resources/application.properties

@@ -2,7 +2,7 @@
 #application
 application.title=MaxKey
 application.name=MaxKey-Mgt
-application.formatted-version=v2.2.1 GA
+application.formatted-version=v2.3.0 GA
 #server config
 #server port
 server.port=9521

maxkey-web-manage/src/main/resources/maxkey.properties

@@ -2,13 +2,13 @@
 #                        MaxKey Management
 ############################################################################
 #                domain name configuration
-config.server.domain=maxkey.top
-config.server.domain.sub=sso.${config.server.domain}
-config.server.name=http://${config.server.domain.sub}
-config.server.prefix.uri=${config.server.name}:9521/maxkey-mgt
+config.server.basedomain=maxkey.top
+config.server.domain=sso.${config.server.basedomain}
+config.server.name=http://${config.server.domain}
+config.server.uri=${config.server.name}:9521/maxkey-mgt
 #default.uri
-config.server.default.uri=${config.server.prefix.uri}/main
-config.maxkey.uri=https://${config.server.domain.sub}/maxkey
+config.server.default.uri=${config.server.uri}/main
+config.maxkey.uri=https://${config.server.domain}/maxkey
 #InMemory 0 , Redis 2 
 config.server.persistence=0
 #identity
@@ -62,7 +62,7 @@ config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
 config.saml.v20.sp.issuing.entity.id=client.maxkey.org
 
 ############################################################################ 
-config.oidc.metadata.issuer=https://${config.server.domain.sub}/maxkey
+config.oidc.metadata.issuer=https://${config.server.domain}/maxkey
 config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
 config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
 config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo

maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java

@@ -176,7 +176,7 @@ public class SafeController {
 		userInfo.setEmail(email);
 
         userInfo.setTheme(theme);
-        WebContext.setCookie(response, WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
+        WebContext.setCookie(response,null, WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
         
 		userInfoService.changeEmail(userInfo);
 		

maxkey-web-maxkey/src/main/resources/application.properties

@@ -2,7 +2,7 @@
 #application
 application.title=MaxKey
 application.name=MaxKey
-application.formatted-version=v2.2.1 GA
+application.formatted-version=v2.3.0 GA
 #server config
 #spring.profiles.active=dev
 #server port

maxkey-web-maxkey/src/main/resources/maxkey.properties

@@ -2,12 +2,12 @@
 #                        MaxKey
 ############################################################################
 #                domain name configuration
-config.server.domain=maxkey.top
-config.server.domain.sub=sso.${config.server.domain}
-config.server.name=https://${config.server.domain.sub}
-config.server.prefix.uri=${config.server.name}/maxkey
+config.server.basedomain=maxkey.top
+config.server.domain=sso.${config.server.basedomain}
+config.server.name=https://${config.server.domain}
+config.server.uri=${config.server.name}/maxkey
 #default.uri
-config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
+config.server.default.uri=${config.server.uri}/maxkey/appList
 config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
 #InMemory 0 , Redis 2 
 config.server.persistence=0