ExtendApiAdapters

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiCndnsApiMailAdapter.java

@@ -0,0 +1,125 @@
+/*
+ * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.exapi.endpoint.adapter;
+
+import java.time.Instant;
+import java.util.HashMap;
+
+import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
+import org.maxkey.client.http.HttpVerb;
+import org.maxkey.client.oauth.OAuthClient;
+import org.maxkey.client.oauth.model.Token;
+import org.maxkey.crypto.DigestUtils;
+import org.maxkey.util.HttpsTrusts;
+import org.maxkey.util.JsonUtils;
+import org.maxkey.domain.ExtraAttrs;
+import org.maxkey.domain.UserInfo;
+import org.maxkey.domain.apps.Apps;
+import org.maxkey.web.WebContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.web.servlet.ModelAndView;
+/**
+ * https://exmail.qq.com/qy_mng_logic/doc
+ * exmail sso
+ * @author shimingxy
+ *
+ */
+public class ExtendApiCndnsApiMailAdapter extends AbstractAuthorizeAdapter {
+	final static Logger _logger = LoggerFactory.getLogger(ExtendApiCndnsApiMailAdapter.class);
+	//sign no  parameter
+	//sign=md5(action=getDomainInfo&appid=***&time=1579736456 + md5(token))
+	//sign with parameter
+	//sign=md5(action=getUserInfo&appid=***&email=admin@maxkey.org&time=1579736456 + md5(token))
+
+	static String SIGN_STRING 		="action=getDomainInfo&appid=%s%s";
+	
+	static String SIGN_EMAIL_STRING ="action=getUserInfo&appid=%s&email=%s&time=%s%s";
+	
+	static String ADMIN_AUTHKEY_URI	="https://www.cndnsapi.com/email/clientmanagement?action=getDomailUrl&appid=%s&sign=%s&time=%s";
+	
+	static String AUTHKEY_URI		="https://www.cndnsapi.com/email/clientmanagement?action=getWebMailUrl&appid=%s&sign=%s&time=%s";
+	
+	
+	@Override
+	public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
+		return null;
+	}
+
+	@Override
+	public String encrypt(String data, String algorithmKey, String algorithm) {
+		return null;
+	}
+
+	@Override
+	public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
+		HttpsTrusts.beforeConnection();
+		
+		Apps details=(Apps)app;
+		//extraAttrs from Applications
+		ExtraAttrs extraAttrs=null;
+		String action = "getWebMailUrl";
+		String domain = null;
+		if(details.getIsExtendAttr()==1){
+			extraAttrs=new ExtraAttrs(details.getExtendAttr());
+			if(extraAttrs.get("action")==null || extraAttrs.get("action").equalsIgnoreCase("getWebMailUrl")) {
+				action = "getWebMailUrl";
+			}else if(extraAttrs.get("action").equalsIgnoreCase("getDomailUrl")){
+				action = "getDomailUrl";
+				domain = extraAttrs.get("domain");
+			}
+		}
+		
+		String timestamp  = ""+Instant.now().getEpochSecond();
+		
+		String tokenMd5 =DigestUtils.md5Hex(details.getCredentials());
+		HashMap<String,String > requestParamenter =new HashMap<String,String >();
+		String redirec_uri = "";
+		if(action.equalsIgnoreCase("getDomailUrl")) {
+			String sign =DigestUtils.md5Hex
+					(String.format(
+							SIGN_STRING,
+							details.getPrincipal(),timestamp,tokenMd5));
+			requestParamenter.put("domain", domain);
+			OAuthClient authkeyRestClient=new OAuthClient(
+					String.format(ADMIN_AUTHKEY_URI,details.getPrincipal(),sign,timestamp),HttpVerb.POST);
+			authkeyRestClient.addRestObject(requestParamenter);
+			
+			HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
+			redirec_uri=authKey.get("adminUrl");
+			
+		}else {
+			String sign =DigestUtils.md5Hex
+					(String.format(
+							SIGN_EMAIL_STRING,
+							details.getPrincipal(),userInfo.getEmail(),timestamp,tokenMd5));
+			requestParamenter.put("email", userInfo.getWorkEmail());
+			OAuthClient authkeyRestClient=new OAuthClient(
+					String.format(AUTHKEY_URI,details.getPrincipal(),sign,timestamp),HttpVerb.POST);
+			authkeyRestClient.addRestObject(requestParamenter);
+			
+			HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
+			redirec_uri=authKey.get("webmailUrl");
+		}
+		
+		_logger.debug("redirec_uri : "+redirec_uri);
+		return WebContext.redirect(redirec_uri);
+	}
+
+}

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiQQExmailDefaultAdapter.java → maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiQQExmailAdapter.java

@@ -23,6 +23,7 @@ import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.client.oauth.OAuthClient;
 import org.maxkey.client.oauth.model.Token;
+import org.maxkey.util.HttpsTrusts;
 import org.maxkey.util.JsonUtils;
 import org.maxkey.domain.ExtraAttrs;
 import org.maxkey.domain.UserInfo;
@@ -31,12 +32,18 @@ import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.web.servlet.ModelAndView;
-
-public class ExtendApiQQExmailDefaultAdapter extends AbstractAuthorizeAdapter {
-	final static Logger _logger = LoggerFactory.getLogger(ExtendApiQQExmailDefaultAdapter.class);
-	static String login_url_template="https://exmail.qq.com/cgi-bin/login?fun=bizopenssologin&method=bizauth&agent=%s&user=%s&ticket=%s";
-	static String token_uri="https://exmail.qq.com/cgi-bin/token";
-	static String authkey_uri="http://openapi.exmail.qq.com:12211/openapi/mail/authkey";
+/**
+ * https://exmail.qq.com/qy_mng_logic/doc
+ * exmail sso
+ * @author shimingxy
+ *
+ */
+public class ExtendApiQQExmailAdapter extends AbstractAuthorizeAdapter {
+	final static Logger _logger = LoggerFactory.getLogger(ExtendApiQQExmailAdapter.class);
+	//https://exmail.qq.com/qy_mng_logic/doc#10003
+	static String TOKEN_URI="https://api.exmail.qq.com/cgi-bin/gettoken?corpid=%s&corpsecret=%s";
+	//https://exmail.qq.com/qy_mng_logic/doc#10036
+	static String AUTHKEY_URI="https://api.exmail.qq.com/cgi-bin/service/get_login_url?access_token=%s&userid=%s";
 	
 	@Override
 	public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
@@ -50,26 +57,26 @@ public class ExtendApiQQExmailDefaultAdapter extends AbstractAuthorizeAdapter {
 
 	@Override
 	public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
+		HttpsTrusts.beforeConnection();
+		
 		Apps details=(Apps)app;
 		//extraAttrs from Applications
 		ExtraAttrs extraAttrs=null;
 		if(details.getIsExtendAttr()==1){
 			extraAttrs=new ExtraAttrs(details.getExtendAttr());
 		}
-		OAuthClient tokenRestClient=new OAuthClient(token_uri);
-		tokenRestClient.addParameter("grant_type", "client_credentials");
-		tokenRestClient.addBasicAuthorization(details.getPrincipal(), details.getCredentials());
+		OAuthClient tokenRestClient=new OAuthClient(
+				String.format(TOKEN_URI,details.getPrincipal(),details.getCredentials()));
 		Token token =tokenRestClient.requestAccessToken();
 		_logger.debug(""+token);
 		
-		OAuthClient authkeyRestClient=new OAuthClient(authkey_uri);
-		authkeyRestClient.addBearerAuthorization(token.getAccess_token());
-		authkeyRestClient.addParameter("Alias", details.getAppUser().getRelatedUsername());
+		OAuthClient authkeyRestClient=new OAuthClient(
+				String.format(AUTHKEY_URI,token.getAccess_token(),details.getAppUser().getRelatedUsername()));
 		
 		HashMap<String, String> authKey=JsonUtils.gson2Object(authkeyRestClient.execute().getBody(), HashMap.class);
 		_logger.debug("authKey : "+authKey);
 		
-		String redirec_uri=String.format(login_url_template,details.getPrincipal(),details.getAppUser().getRelatedUsername(),authKey.get("auth_key"));
+		String redirec_uri=authKey.get("login_url");
 		_logger.debug("redirec_uri : "+redirec_uri);
 		return WebContext.redirect(redirec_uri);
 	}

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiTimestampSignAdapter.java

@@ -0,0 +1,94 @@
+/*
+ * Copyright [2021] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+package org.maxkey.authz.exapi.endpoint.adapter;
+
+import java.time.Instant;
+import org.maxkey.authn.SigninPrincipal;
+import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
+import org.maxkey.crypto.DigestUtils;
+import org.maxkey.domain.ExtraAttrs;
+import org.maxkey.domain.UserInfo;
+import org.maxkey.domain.apps.Apps;
+import org.maxkey.web.WebContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.web.servlet.ModelAndView;
+/**
+ * 
+ * http://target.maxkey.org/demo/login?code=maxkey&time=timestamp&token=token
+ * login url http://target.maxkey.org/demo/login?code=%s&timestamp=%s&token=%s
+ * 
+ * $code  		= 'maxkey';
+ * $key   		= 'a5246932b0f371263c252384076cd3f0';
+ * $timestamp  	= '1557034496';
+ * $token 		= md5($code . $key . $time);
+ * 
+ * @author shimingxy
+ *
+ */
+public class ExtendApiTimestampSignAdapter extends AbstractAuthorizeAdapter {
+	final static Logger _logger = LoggerFactory.getLogger(ExtendApiTimestampSignAdapter.class);
+	
+	@Override
+	public String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app) {
+		return null;
+	}
+
+	@Override
+	public String encrypt(String data, String algorithmKey, String algorithm) {
+		return null;
+	}
+
+	@Override
+	public ModelAndView authorize(UserInfo userInfo, Object app, String data,ModelAndView modelAndView) {
+		Apps details=(Apps)app;
+		
+		String code = details.getPrincipal();
+		String key   = details.getCredentials();
+		String timestamp  = ""+Instant.now().getEpochSecond();
+		String token =DigestUtils.md5Hex(code+key+timestamp);
+		
+		//extraAttrs from Applications
+		ExtraAttrs extraAttrs=null;
+		if(details.getIsExtendAttr()==1){
+			extraAttrs=new ExtraAttrs(details.getExtendAttr());
+			if(extraAttrs.get("sign") == null || extraAttrs.get("sign").equalsIgnoreCase("md5")) {
+				
+			}else if(extraAttrs.get("sign").equalsIgnoreCase("sha") || extraAttrs.get("sign").equalsIgnoreCase("sha1")) {
+				token =DigestUtils.shaHex(code+key+timestamp);
+			}else if(extraAttrs.get("sign").equalsIgnoreCase("sha256")) {
+				token =DigestUtils.sha256Hex(code+key+timestamp);
+			}else if(extraAttrs.get("sign").equalsIgnoreCase("sha384")) {
+				token =DigestUtils.sha384Hex(code+key+timestamp);
+			}else if(extraAttrs.get("sign").equalsIgnoreCase("sha512")) {
+				token =DigestUtils.sha512Hex(code+key+timestamp);
+			}
+		}
+		
+		_logger.debug(""+token);
+		String account = userInfo.getUsername();
+		
+		String redirec_uri = String.format(details.getLoginUrl(),account,code,timestamp,token);
+
+		
+		_logger.debug("redirec_uri : "+redirec_uri);
+		
+		return WebContext.redirect(redirec_uri);
+	}
+
+}

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiZentaoDefaultAdapter.java → maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/adapter/ExtendApiZentaoAdapter.java

@@ -40,8 +40,8 @@ import org.springframework.web.servlet.ModelAndView;
  * @author shimi
  *
  */
-public class ExtendApiZentaoDefaultAdapter extends AbstractAuthorizeAdapter {
-	final static Logger _logger = LoggerFactory.getLogger(ExtendApiZentaoDefaultAdapter.class);
+public class ExtendApiZentaoAdapter extends AbstractAuthorizeAdapter {
+	final static Logger _logger = LoggerFactory.getLogger(ExtendApiZentaoAdapter.class);
 	static String login_url_template="api.php?m=user&f=apilogin&account=%s&code=%s&time=%s&token=%s";
 	static String login_url_m_template="account=%s&code=%s&time=%s&token=%s";
 	
@@ -91,3 +91,4 @@ public class ExtendApiZentaoDefaultAdapter extends AbstractAuthorizeAdapter {
 	}
 
 }
+