社交账号登录 &图片上传

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/SavedRequestAwareAuthenticationSuccessHandler.java

@@ -102,7 +102,7 @@ public class SavedRequestAwareAuthenticationSuccessHandler
         logger.trace("CAS " + request.getParameter(WebConstants.CAS_SERVICE_PARAMETER));
         if (request.getParameter(WebConstants.CAS_SERVICE_PARAMETER) != null
                 && request.getParameter(WebConstants.CAS_SERVICE_PARAMETER).startsWith("http")) {
-            targetUrl = WebContext.getHttpContextPath() + "/authz/cas/login?service="
+            targetUrl = WebContext.getHttpContextPath(true) + "/authz/cas/login?service="
                     + request.getParameter(WebConstants.CAS_SERVICE_PARAMETER);
         }
         targetUrl = targetUrl == null ? "/forwardindex" : targetUrl;

maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/FileUploadEndpoint.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/FileUploadEndpoint.java

@@ -15,7 +15,7 @@
  */
  
 
-package org.maxkey.web.contorller;
+package org.maxkey.authn.web;
 
 import java.io.IOException;
 

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java

@@ -37,7 +37,6 @@ import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -55,11 +54,11 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	@RequestMapping(value={"/authorize/{provider}"}, method = RequestMethod.GET)
 	@ResponseBody
 	public ResponseEntity<?> authorize( HttpServletRequest request,
-										@PathVariable String provider,
-										@RequestHeader("Origin") String originURL
+										@PathVariable String provider
 									) {
 		_logger.trace("SocialSignOn provider : " + provider);
 		String instId = WebContext.getInst().getId();
+		String originURL =WebContext.getHttpContextPath(request,false);
     	String authorizationUrl = 
 				buildAuthRequest(
 						instId,
@@ -74,9 +73,9 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	@RequestMapping(value={"/scanqrcode/{provider}"}, method = RequestMethod.GET)
 	@ResponseBody
 	public ResponseEntity<?> scanQRCode(HttpServletRequest request,
-										@PathVariable("provider") String provider,
-										@RequestHeader("Origin") String originURL) {
+										@PathVariable("provider") String provider) {
 		String instId = WebContext.getInst().getId();
+		String originURL =WebContext.getHttpContextPath(request,false);
 	    AuthRequest authRequest = 
 	    		buildAuthRequest(
 						instId,
@@ -102,10 +101,11 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 	
 	@RequestMapping(value={"/bind/{provider}"}, method = RequestMethod.GET)
 	public ResponseEntity<?> bind(@PathVariable String provider,
-								  @RequestHeader("Origin") String originURL,
-								  @CurrentUser UserInfo userInfo) {
+								  @CurrentUser UserInfo userInfo,
+								  HttpServletRequest request) {
 		 //auth call back may exception 
 	    try {
+	    	String originURL =WebContext.getHttpContextPath(request,false);
 	    	SocialsAssociate socialsAssociate = 
 	    			this.authCallback(userInfo.getInstId(),provider,originURL + applicationConfig.getFrontendUri());
 		    socialsAssociate.setSocialUserInfo(accountJsonString);
@@ -127,9 +127,10 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 
 	@RequestMapping(value={"/callback/{provider}"}, method = RequestMethod.GET)
 	public ResponseEntity<?> callback(@PathVariable String provider,
-									  @RequestHeader("Origin") String originURL) {
+									  HttpServletRequest request) {
 		 //auth call back may exception 
 	    try {
+	    	String originURL =WebContext.getHttpContextPath(request,false);
 	    	String instId = WebContext.getInst().getId();
 	    	SocialsAssociate socialsAssociate = 
 	    			this.authCallback(instId,provider,originURL + applicationConfig.getFrontendUri());

maxkey-core/src/main/java/org/maxkey/web/InitializeContext.java

@@ -231,8 +231,8 @@ public class InitializeContext extends HttpServlet {
      */
     public void showLicense() {
         _logger.info("-----------------------------------------------------------");
-        _logger.info("+                                MaxKey ");
-        _logger.info("+                      Single   Sign   On ( SSO ) ");
+        _logger.info("+                      MaxKey Community  Edition ");
+        _logger.info("+                      Single   Sign  On ( SSO ) ");
         _logger.info("+                           Version {}", 
                         WebContext.properties.getProperty("application.formatted-version"));
         _logger.info("+");

maxkey-core/src/main/java/org/maxkey/web/WebContext.java

@@ -179,9 +179,9 @@ public final class WebContext {
      * 
      * @return String HttpContextPath
      */
-    public static String getHttpContextPath() {
+    public static String getHttpContextPath(boolean isContextPath) {
         HttpServletRequest httpServletRequest = WebContext.getRequest();
-        return getHttpContextPath(httpServletRequest);
+        return getHttpContextPath(httpServletRequest,isContextPath);
     }
     
     /**
@@ -190,32 +190,44 @@ public final class WebContext {
      * @return String eg:http://192.168.1.20:9080/webcontext or
      *         http://www.website.com/webcontext
      */
-    public static String getHttpContextPath(HttpServletRequest httpServletRequest) {
+    public static String getHttpContextPath(HttpServletRequest request,boolean isContextPath) {
         ApplicationConfig applicationConfig = 
         		WebContext.getBean("applicationConfig",ApplicationConfig.class);
         
         _logger.trace("Config ServerPrefix " + applicationConfig.getServerPrefix());
         _logger.trace("Config DomainName " + applicationConfig.getDomainName());
-        _logger.trace("ServerName " + httpServletRequest.getServerName());
+        _logger.trace("ServerName " + request.getServerName());
         
-        String httpContextPath ="";
-        if (httpServletRequest.getServerName().matches(ipAddressRegex)
-        		||httpServletRequest.getServerName().equalsIgnoreCase("localhost")) {
-            httpContextPath = httpServletRequest.getScheme().toLowerCase() 
-            					+ "://"+httpServletRequest.getServerName();
+        StringBuilder url = new StringBuilder();
+        if (request.getServerName().matches(ipAddressRegex)
+        		||request.getServerName().equalsIgnoreCase("localhost")) {
+        	url.append(request.getScheme().toLowerCase())
+        	   .append("://").append(request.getServerName())
+        	   .append(request.getServerPort());
         }else {
-        	 httpContextPath = applicationConfig.getServerName() ;
+        	String scheme = request.getScheme().toLowerCase();
+        	String serverName = request.getServerName();
+        	int serverPort = request.getServerPort();
+    		
+    		url.append(scheme).append("://").append(serverName);
+    		// Only add port if not default
+    		if ("http".equals(scheme)) {
+    			if (serverPort != 80) {
+    				url.append(":").append(serverPort);
+    			}
+    		}
+    		else if ("https".equals(scheme)) {
+    			if (serverPort != 443) {
+    				url.append(":").append(serverPort);
+    			}
+    		}
         }
         
-        int port = httpServletRequest.getServerPort();
-        if(!(port==80 || port==443)){
-            httpContextPath    +=  ":"+port;
+        if(isContextPath) {
+        	url.append(request.getContextPath());
         }
-        
-        httpContextPath += httpServletRequest.getContextPath() + "";
-        
-        _logger.trace("httpContextPath " + httpContextPath);
-        return httpContextPath;
+        _logger.trace("httpContextPath {}" , url);
+        return url.toString();
 
     }
     

maxkey-core/src/main/java/org/maxkey/web/tag/BasePathTagDirective.java

@@ -49,7 +49,7 @@ public class BasePathTagDirective implements TemplateDirectiveModel {
 	public void execute(Environment env, Map params, TemplateModel[] loopVars, TemplateDirectiveBody body)
 			throws TemplateException, IOException {
 	    
-		env.getOut().append(WebContext.getHttpContextPath(request));
+		env.getOut().append(WebContext.getHttpContextPath(request,true));
 		
 	}
 

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/endpoint/SamlMetadataEndpoint.java

@@ -111,15 +111,15 @@ public class SamlMetadataEndpoint {
 			
 	        IDPSSODescriptor descriptor = metadataGenerator.buildIDPSSODescriptor();
 	
-	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath()+"/authz/saml20/"+appId,null));
+	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath(true)+"/authz/saml20/"+appId,null));
 	        
-	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath()+"/authz/saml20/"+appId,SAMLConstants.SAML2_REDIRECT_BINDING_URI));
+	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath(true)+"/authz/saml20/"+appId,SAMLConstants.SAML2_REDIRECT_BINDING_URI));
 	        
-	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath()+"/authz/saml20/"+appId,SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI));
+	        descriptor.getSingleSignOnServices().add(metadataGenerator.getSingleSignOnService(WebContext.getHttpContextPath(true)+"/authz/saml20/"+appId,SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI));
 	        
-	        descriptor.getSingleLogoutServices().add(metadataGenerator.getSingleLogoutService(WebContext.getHttpContextPath()+"/logout",null));
+	        descriptor.getSingleLogoutServices().add(metadataGenerator.getSingleLogoutService(WebContext.getHttpContextPath(true)+"/logout",null));
 	        
-	        descriptor.getManageNameIDServices().add(metadataGenerator.getManageNameIDService(WebContext.getHttpContextPath()+"/saml/metadata/" + WebConstants.MXK_METADATA_PREFIX + appId + ".xml"));
+	        descriptor.getManageNameIDServices().add(metadataGenerator.getManageNameIDService(WebContext.getHttpContextPath(true)+"/saml/metadata/" + WebConstants.MXK_METADATA_PREFIX + appId + ".xml"));
 	             
 	        descriptor.getKeyDescriptors().add(metadataGenerator.generateEncryptionKeyDescriptor(signingCredential));  
 	         

maxkey-web-frontend/maxkey-web-app/src/app/routes/config/profile/profile.component.html

@@ -51,7 +51,7 @@
                   <nz-form-label [nzSm]="8" [nzXs]="24" nzFor="uploadFile">{{ 'mxk.users.picture' | i18n }}
                   </nz-form-label>
                   <div nz-col class="clearfix" nzSm="16" nzXs="24">
-                    <nz-upload nzAction="file/upload/" nzListType="picture-card" [(nzFileList)]="fileList"
+                    <nz-upload nzAction="/file/upload/" nzListType="picture-card" [(nzFileList)]="fileList"
                       nzName="uploadFile" [nzShowButton]="fileList.length < 1" [nzPreview]="handlePreview"
                       (nzChange)="uploadImageChange($event)">
                       <div>

maxkey-web-frontend/maxkey-web-app/src/assets/i18n/en-US.json

@@ -262,7 +262,7 @@
 			"filters": "Filters",
 			"basedn": "Base DN",
 			"msadDomain": "Active Directory Domain",
-			"accountMapping": "Account Mapping",
+			"accountMapping": "Domain Account",
 			"trustStore": "TrustStore",
 			"trustStorePassword": "TrustStore Password"
 		},

maxkey-web-frontend/maxkey-web-app/src/assets/i18n/zh-CN.json

@@ -249,7 +249,7 @@
 			"filters": "过滤器",
 			"basedn": "基本DN",
 			"msadDomain": "Active Directory域",
-			"accountMapping": "账号映射",
+			"accountMapping": "域账号认证",
 			"trustStore": "证书",
 			"trustStorePassword": "证书密钥"
 		},

maxkey-web-frontend/maxkey-web-app/src/assets/i18n/zh-TW.json

@@ -249,7 +249,7 @@
 			"filters": "過濾器",
 			"basedn": "基本DN",
 			"msadDomain": "Active Directory域",
-			"accountMapping": "賬號映射",
+			"accountMapping": "域賬號認證",
 			"trustStore": "證書",
 			"trustStorePassword": "證書密鑰"
 		},

maxkey-web-frontend/maxkey-web-app/src/environments/environment.prod.ts

@@ -20,7 +20,7 @@ export const environment = {
   production: true,
   useHash: true,
   api: {
-    baseUrl: '/sign',
+    baseUrl: '/sign/',
     refreshTokenEnabled: true,
     refreshTokenType: 're-request'
   }

maxkey-web-frontend/maxkey-web-app/src/index.html

@@ -130,28 +130,28 @@
 <script src="http://wwcdn.weixin.qq.com/node/wework/wwopen/js/wwLogin-1.2.7.js"></script>
 -->
 <!--钉钉-->
-<!--
+<!---->
 <script src="http://g.alicdn.com/dingding/dinglogin/0.0.5/ddLogin.js"></script>
-<script > 
-  var ddredirect_uri="";
+<script>
+  var ddredirect_uri = "";
   var handleMessage = function (event) {
-  var origin = event.origin;
-  if( origin == "https://login.dingtalk.com" ) { //判断是否来自ddLogin扫码事件。
-      var loginTmpCode = event.data; 
-      ddredirect_uri = ddredirect_uri+'&loginTmpCode='+loginTmpCode;
+    var origin = event.origin;
+    if (origin == "https://login.dingtalk.com") { //判断是否来自ddLogin扫码事件。
+      var loginTmpCode = event.data;
+      ddredirect_uri = ddredirect_uri + '&loginTmpCode=' + loginTmpCode;
       //获取到loginTmpCode后就可以在这里构造跳转链接进行跳转了
       window.top.location.href = ddredirect_uri;
     }
   };
   if (typeof window.addEventListener != 'undefined') {
-      window.addEventListener('message', handleMessage, false);
+    window.addEventListener('message', handleMessage, false);
   } else if (typeof window.attachEvent != 'undefined') {
-      window.attachEvent('onmessage', handleMessage);
+    window.attachEvent('onmessage', handleMessage);
   }
 </script>
--->
+
 <!--飞书-->
-<!---->
+<!--
 <script src="http://sf3-cn.feishucdn.com/obj/static/lark/passport/qrcode/LarkSSOSDKWebQRCode-1.0.1.js"></script>
 <script type="text/javascript">
   var fsredirectUri = "";
@@ -173,5 +173,6 @@
     window.attachEvent('onmessage', handleMessage);
   }
 </script>
+-->
 
 </html>

maxkey-web-frontend/maxkey-web-mgt-app/src/app/routes/access/roles/roles.component.html

@@ -5,7 +5,7 @@
     <div nz-row [nzGutter]="{ xs: 8, sm: 8, md: 8, lg: 24, xl: 48, xxl: 48 }">
       <div nz-col nzMd="16" nzSm="24">
         <nz-form-item>
-          <nz-form-label nzFor="name">{{ 'mxk.groups.name' | i18n }}</nz-form-label>
+          <nz-form-label nzFor="name">{{ 'mxk.roles.name' | i18n }}</nz-form-label>
           <nz-form-control>
             <input nz-input [(ngModel)]="query.params.name" [ngModelOptions]="{ standalone: true }" name="name"
               placeholder="" id="name" />
@@ -40,8 +40,8 @@
         <th [nzChecked]="query.checked" [nzIndeterminate]="query.indeterminate"
           (nzCheckedChange)="onTableAllChecked($event)"></th>
         <th nzAlign="center" style="display: none">Id</th>
-        <th nzAlign="center">{{ 'mxk.groups.name' | i18n }}</th>
-        <th nzAlign="center">{{ 'mxk.groups.dynamic' | i18n }}</th>
+        <th nzAlign="center">{{ 'mxk.roles.name' | i18n }}</th>
+        <th nzAlign="center">{{ 'mxk.roles.dynamic' | i18n }}</th>
         <th nzAlign="center">{{ 'mxk.text.description' | i18n }}</th>
         <th nzAlign="center"><a>{{ 'mxk.text.action' | i18n }}</a></th>
       </tr>

maxkey-web-frontend/maxkey-web-mgt-app/src/app/routes/access/roles/select-roles/select-roles.component.html

@@ -4,7 +4,7 @@
     <div nz-row [nzGutter]="{ xs: 8, sm: 8, md: 8, lg: 24, xl: 48, xxl: 48 }">
       <div nz-col nzMd="14" nzSm="24">
         <nz-form-item>
-          <nz-form-label nzFor="name">{{ 'mxk.groups.name' | i18n }}</nz-form-label>
+          <nz-form-label nzFor="name">{{ 'mxk.roles.name' | i18n }}</nz-form-label>
           <nz-form-control>
             <input nz-input [(ngModel)]="query.params.name" [ngModelOptions]="{ standalone: true }" name="name"
               placeholder="" id="name" />
@@ -32,8 +32,8 @@
       <tr>
         <th></th>
         <th nzAlign="center" style="display: none">Id</th>
-        <th nzAlign="center">{{ 'mxk.groups.name' | i18n }}</th>
-        <th nzAlign="center">{{ 'mxk.groups.dynamic' | i18n }}</th>
+        <th nzAlign="center">{{ 'mxk.roles.name' | i18n }}</th>
+        <th nzAlign="center">{{ 'mxk.roles.dynamic' | i18n }}</th>
       </tr>
     </thead>
     <tbody>

maxkey-web-frontend/maxkey-web-mgt-app/src/app/routes/users/user-editer/user-editer.component.html

@@ -56,8 +56,9 @@
           <nz-form-item>
             <nz-form-label [nzSm]="8" [nzXs]="24" nzFor="uploadFile">{{ 'mxk.users.picture' | i18n }}</nz-form-label>
             <div nz-col class="clearfix" nzSm="16" nzXs="24">
-              <nz-upload nzAction="file/upload/" nzListType="picture-card" [(nzFileList)]="fileList" nzName="uploadFile"
-                [nzShowButton]="fileList.length < 1" [nzPreview]="handlePreview" (nzChange)="uploadImageChange($event)">
+              <nz-upload nzAction="/file/upload/" nzListType="picture-card" [(nzFileList)]="fileList"
+                nzName="uploadFile" [nzShowButton]="fileList.length < 1" [nzPreview]="handlePreview"
+                (nzChange)="uploadImageChange($event)">
                 <div>
                   <i nz-icon nzType="plus"></i>
                   <div style="margin-top: 8px">Upload</div>

maxkey-web-frontend/maxkey-web-mgt-app/src/assets/i18n/en-US.json

@@ -251,30 +251,10 @@
 			"filters": "Filters",
 			"basedn": "Base DN",
 			"msadDomain": "MSAD Domain",
-			"accountMapping": "Account Mapping",
+			"accountMapping": "Domain Account",
 			"trustStore": "TrustStore",
 			"trustStorePassword": "TrustStore Password"
 		},
-		"groups": {
-			"name": "Group Name",
-			"dynamic": "Dynamic",
-			"filters": "Attributes Filter",
-			"orgIdsList": "Dept List",
-			"resumeTime": "Join Time",
-			"suspendTime": "Suspend Time",
-			"isdefault": "Is Default"
-		},
-		"accountsstrategy": {
-			"name": "Strategy Name",
-			"appIcon": "App Icon",
-			"appId": "App Id",
-			"appName": "App Name",
-			"filters": "Attributes Filter",
-			"orgIdsList": "Dept List",
-			"createType": "createType",
-			"mapping": "Mapping",
-			"suffixes": "Suffixes"
-		},
 		"apps": {
 			"tab.basic": "Basic",
 			"tab.extra": "Extra",

maxkey-web-frontend/maxkey-web-mgt-app/src/assets/i18n/zh-CN.json

@@ -55,7 +55,7 @@
 			"audit": {
 				"": "日志审计",
 				"logins": "系统登录日志",
-				"loginapps": "应用登录日志",
+				"loginapps": "应用访问日志",
 				"synchronizer": "同步器日志",
 				"connector": "连接器日志",
 				"operate": "系统管理日志"
@@ -252,31 +252,10 @@
 			"filters": "过滤器",
 			"basedn": "基本DN",
 			"msadDomain": "AD域名",
-			"accountMapping": "账号映射",
+			"accountMapping": "域账号认证",
 			"trustStore": "证书",
 			"trustStorePassword": "证书密钥"
 		},
-		"groups": {
-			"name": "组名称",
-			"dynamic": "动态组",
-			"filters": "属性过滤器",
-			"orgIdsList": "部门列表",
-			"resumeTime": "加入时间",
-			"suspendTime": "挂起时间",
-			"isdefault": "是否默认组"
-		},
-		"accountsstrategy": {
-			"id": "策略编码",
-			"name": "策略名称",
-			"appIcon": "应用图标",
-			"appId": "应用编码",
-			"appName": "应用名称",
-			"filters": "属性过滤器",
-			"orgIdsList": "部门列表",
-			"createType": "创建方式",
-			"mapping": "账号映射",
-			"suffixes": "后缀"
-		},
 		"apps": {
 			"tab.basic": "基本信息",
 			"tab.extra": "扩展信息",
@@ -510,7 +489,7 @@
 			"email": "邮箱",
 			"address": "地址",
 			"logo": "LOGO",
-			"domain": "域名",
+			"domain": "认证域名",
 			"frontTitle": "系統名称",
 			"consoleDomain": "控制台域名",
 			"consoleTitle": "控制台名称",

maxkey-web-frontend/maxkey-web-mgt-app/src/assets/i18n/zh-TW.json

@@ -56,7 +56,7 @@
 			"audit": {
 				"": "日誌審計",
 				"logins": "系統登錄日誌",
-				"loginapps": "應用登錄日誌",
+				"loginapps": "應用訪問日誌",
 				"synchronizer": "同步器日誌",
 				"connector": "連接器日誌",
 				"operate": "系統管理日誌"
@@ -253,31 +253,10 @@
 			"filters": "過濾器",
 			"basedn": "基本DN",
 			"msadDomain": "AD域名",
-			"accountMapping": "賬號映射",
+			"accountMapping": "域賬號認證",
 			"trustStore": "證書",
 			"trustStorePassword": "證書密鑰"
 		},
-		"groups": {
-			"name": "組名稱",
-			"dynamic": "動態組",
-			"filters": "屬性過濾器",
-			"orgIdsList": "部門列表",
-			"resumeTime": "加入時間",
-			"suspendTime": "掛起時間",
-			"isdefault": "是否默認組"
-		},
-		"accountsstrategy": {
-			"id": "策略編碼",
-			"name": "策略名稱",
-			"appIcon": "應用圖標",
-			"appId": "應用編碼",
-			"appName": "應用名稱",
-			"filters": "屬性過濾器",
-			"orgIdsList": "部門列表",
-			"createType": "創建方式",
-			"mapping": "賬號映射",
-			"suffixes": "後綴"
-		},
 		"apps": {
 			"tab.basic": "基本信息",
 			"tab.extra": "擴展信息",
@@ -511,7 +490,7 @@
 			"email": "郵箱",
 			"address": "地址",
 			"logo": "LOGO",
-			"domain": "域名",
+			"domain": "認證域名",
 			"frontTitle": "系統名稱",
 			"consoleDomain": "控制台域名",
 			"consoleTitle": "控制台名稱",

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ProfileController.java

@@ -20,7 +20,9 @@ package org.maxkey.web.contorller;
 import org.maxkey.authn.annotation.CurrentUser;
 import org.maxkey.entity.Message;
 import org.maxkey.entity.UserInfo;
+import org.maxkey.persistence.service.FileUploadService;
 import org.maxkey.persistence.service.UserInfoService;
+import org.maxkey.util.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -39,6 +41,9 @@ public class ProfileController {
 
     @Autowired
     private UserInfoService userInfoService;
+    
+    @Autowired
+	FileUploadService fileUploadService;
 
     @RequestMapping(value = { "/get" }, produces = {MediaType.APPLICATION_JSON_VALUE})
 	public ResponseEntity<?> get(@CurrentUser UserInfo currentUser) {
@@ -72,7 +77,11 @@ public class ProfileController {
 //			String extraAttribute=JsonUtils.object2Json(extraAttributeMap);
 //			userInfo.setExtraAttribute(extraAttribute);
 //		}
-
+        if(StringUtils.isNotBlank(userInfo.getPictureId())) {
+			userInfo.setPicture(fileUploadService.get(userInfo.getPictureId()).getUploaded());
+			fileUploadService.remove(userInfo.getPictureId());
+		}
+        
         if (userInfoService.updateProfile(userInfo) > 0) {
         	return new Message<UserInfo>(Message.SUCCESS).buildResponse();
         }