#I844NY 消除Session与Authentication来回嵌套

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/SignPrincipal.java

@@ -32,7 +32,7 @@ public class SignPrincipal implements  UserDetails {
     
     UserDetails userDetails;
     
-    Session session;
+    String sessionId;
     ArrayList<GrantedAuthority> grantedAuthority;
     ArrayList<GrantedAuthority> grantedAuthorityApps;
     boolean authenticated;
@@ -71,7 +71,7 @@ public class SignPrincipal implements  UserDetails {
         this.accountNonLocked  = true;
         this.credentialsNonExpired =true;
         this.enabled = true;
-        this.session = session;
+        this.sessionId = session.getId();
         this.userInfo.setSessionId(session.getId());
     }
     
@@ -120,13 +120,6 @@ public class SignPrincipal implements  UserDetails {
         this.grantedAuthority = grantedAuthority;
     }
 
-    public Session getSession() {
-        return session;
-    }
-
-    public void setSession(Session session) {
-        this.session = session;
-    }
 
     public boolean isRoleAdministrators() {
         return roleAdministrators;
@@ -152,7 +145,16 @@ public class SignPrincipal implements  UserDetails {
         return this.credentialsNonExpired;
     }
 
-    @Override
+    
+    public String getSessionId() {
+		return sessionId;
+	}
+
+	public void setSessionId(String sessionId) {
+		this.sessionId = sessionId;
+	}
+
+	@Override
     public boolean isEnabled() {
         return this.enabled;
     }
@@ -192,8 +194,6 @@ public class SignPrincipal implements  UserDetails {
 		builder.append(userInfo);
 		builder.append(", userDetails=");
 		builder.append(userDetails);
-		builder.append(", session=");
-		builder.append(session);
 		builder.append(", grantedAuthority=");
 		builder.append(grantedAuthority);
 		builder.append(", grantedAuthorityApps=");

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java

@@ -89,7 +89,7 @@ public class AuthJwt implements Serializable {
 		this.expiresIn = expiresIn;
 		this.refreshToken = refreshToken;
 		
-		this.ticket = principal.getSession().getId();
+		this.ticket = principal.getSessionId();
 		this.id = principal.getUserInfo().getId();
 		this.username = principal.getUserInfo().getUsername();
 		this.name = this.username;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwtService.java

@@ -56,7 +56,7 @@ public class AuthJwtService {
 		 JWTClaimsSet jwtClaims =new  JWTClaimsSet.Builder()
 				.issuer(issuer)
 				.subject(subject)
-				.jwtID(principal.getSession().getId())
+				.jwtID(principal.getSessionId())
 				.issueTime(currentDateTime.toDate())
 				.expirationTime(expirationTime)
 				.claim("locale", userInfo.getLocale())

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/HttpSessionListenerAdapter.java

@@ -65,7 +65,7 @@ public class HttpSessionListenerAdapter implements HttpSessionListener {
         			session.getId(), 
         			signPrincipal.getUserInfo().getId(),
         			signPrincipal.getUserInfo().getUsername(),
-        			signPrincipal.getSession().getId());
+        			signPrincipal.getSessionId());
         	}else if(principal instanceof User) {
         		User user = (User)principal;
         		_logger.trace("{} HttpSession Id  {} for username {} password {} Destroyed" ,

maxkey-core/src/main/java/org/dromara/maxkey/web/ProductEnvironment.java

@@ -35,7 +35,7 @@ public class ProductEnvironment {
             String key = it.next();
             logger.trace("{}   =   {}" , key , map.get(key));
         }
-        logger.debug("APP_HOME" + "   =   {}" , PathUtils.getInstance().getAppPath());
+        logger.info("APP_HOME" + "   =   {}" , PathUtils.getInstance().getAppPath());
 
         Processor processor = ArchUtils.getProcessor();
         if (Objects.isNull(processor)){

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/singlelogout/DefaultSingleLogout.java

@@ -34,7 +34,7 @@ public class DefaultSingleLogout extends SingleLogout{
         logoutParameters.put("principal", authentication.getName());
         logoutParameters.put("request",  "logoutRequest");
         logoutParameters.put("issueInstant", DateUtils.getCurrentDateAsString(DateUtils.FORMAT_DATE_ISO_TIMESTAMP));
-        logoutParameters.put("ticket",  ((SignPrincipal)authentication.getPrincipal()).getSession().getFormattedId());
+        logoutParameters.put("ticket",  ((SignPrincipal)authentication.getPrincipal()).getSessionId());
         postMessage(logoutApp.getLogoutUrl(),logoutParameters);
         
     }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java

@@ -155,7 +155,7 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		
 		if(casDetails.getLogoutType()==LogoutType.BACK_CHANNEL) {
 			_logger.debug("CAS LogoutType BACK_CHANNEL ... ");
-			String sessionId = AuthorizationUtils.getPrincipal().getSession().getId();
+			String sessionId = AuthorizationUtils.getPrincipal().getSessionId();
 			_logger.trace("get session by id {} . ",sessionId);
 		    Session session  = sessionManager.get(sessionId);
 		    _logger.trace("current session {}  ",session);

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java

@@ -76,7 +76,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
 		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
-		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId());
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId());
 	
 		return serviceResponseBuilder;
 	}

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/dromara/maxkey/authz/cas/endpoint/adapter/CasPlainAdapter.java

@@ -61,7 +61,7 @@ public class CasPlainAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",userInfo.getWorkRegion());
 		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
-		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSession().getFormattedId());
+		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,principal.getSessionId());
 	
 		return serviceResponseBuilder;
 	}

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/dromara/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java

@@ -82,7 +82,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter {
 				.claim("user_id", userInfo.getId())
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
-				.claim(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId())
+				.claim(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId())
 				.claim("kid", jwtDetails.getId()+ "_sig")
 				.claim("institution", userInfo.getInstId())
 				.build();

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/OAuth2UserDetailsService.java

@@ -50,7 +50,7 @@ public class OAuth2UserDetailsService implements UserDetailsService {
 		SignPrincipal principal = new SignPrincipal(userInfo);
 		Session onlineTicket = new Session(onlineTickitId);
 		//set OnlineTicket
-		principal.setSession(onlineTicket);
+		principal.setSessionId(onlineTicket.getId());
         
         ArrayList<GrantedAuthority> grantedAuthoritys = loginRepository.grantAuthority(userInfo);
         principal.setAuthenticated(true);

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java

@@ -66,7 +66,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		beanMap.put("state", userInfo.getWorkRegion());
 		beanMap.put("gender", userInfo.getGender());
 		beanMap.put("institution", userInfo.getInstId());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId());
 		
 		String info= JsonUtils.toString(beanMap);
 		

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/dromara/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoOIDCEndpoint.java

@@ -123,7 +123,7 @@ public class UserInfoOIDCEndpoint {
 			 String userJson = "";
 			 Builder jwtClaimsSetBuilder= new JWTClaimsSet.Builder();
 			 
-			 SignPrincipal authentication = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
+			 SignPrincipal oauthPrincipal = (SignPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
 			 
 			 String subject = AbstractAuthorizeAdapter.getValueByUserAttr(userInfo, clientDetails.getSubject());
 			 _logger.debug("userId : {} , username : {} , displayName : {} , subject : {}" , 
@@ -134,7 +134,7 @@ public class UserInfoOIDCEndpoint {
 			 
 			 jwtClaimsSetBuilder.claim("sub", subject);
 			 jwtClaimsSetBuilder.claim("institution", userInfo.getInstId());
-			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getSession().getFormattedId());
+			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, oauthPrincipal.getSessionId());
 			 
 		 	if(scopes.contains("profile")){
 		 		jwtClaimsSetBuilder.claim("userId", userInfo.getId());

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/dromara/maxkey/authz/saml20/provider/endpoint/AssertionEndpoint.java

@@ -79,7 +79,7 @@ public class AssertionEndpoint {
 		logger.debug("AuthnRequestInfo: {}", authnRequestInfo);
 		HashMap <String,String>attributeMap=new HashMap<String,String>();
 		attributeMap.put(WebConstants.ONLINE_TICKET_NAME, 
-		        AuthorizationUtils.getPrincipal().getSession().getFormattedId());
+		        AuthorizationUtils.getPrincipal().getSessionId());
 		
 		//saml20Details
 		Response authResponse = authnResponseGenerator.generateAuthnResponse(

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/dromara/maxkey/authz/token/endpoint/adapter/TokenBasedDefaultAdapter.java

@@ -73,7 +73,7 @@ public class TokenBasedDefaultAdapter extends AbstractAuthorizeAdapter {
 		}
 		
 		beanMap.put("displayName", userInfo.getDisplayName());
-		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSession().getFormattedId());
+		beanMap.put(WebConstants.ONLINE_TICKET_NAME, principal.getSessionId());
 		
 		/*
 		 * use UTC date time format

maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/interceptor/HistorySignOnAppInterceptor.java

@@ -63,7 +63,7 @@ public class HistorySignOnAppInterceptor  implements AsyncHandlerInterceptor  {
         SignPrincipal principal = AuthorizationUtils.getPrincipal();
         if(principal != null && app !=null) {
         	final UserInfo userInfo = principal.getUserInfo();
-        	String sessionId = principal.getSession().getId();
+        	String sessionId = principal.getSessionId();
         	 logger.debug("sessionId : {} , appId {}" , sessionId , app.getId());
              HistoryLoginApps historyLoginApps = new HistoryLoginApps();
              historyLoginApps.setAppId(app.getId());