v 3.3.0

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -24,10 +24,11 @@ import org.maxkey.authn.online.OnlineTicketServices;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsLoginType;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsLoginType;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -59,7 +60,7 @@ public abstract class AbstractAuthenticationProvider {
 
     protected AbstractOtpAuthn tfaOtpAuthn;
     
-    protected AbstractOtpAuthn smsOtpAuthn;
+    protected OtpAuthnService otpAuthnService;
 
     protected AbstractRemeberMeService remeberMeService;
     
@@ -118,7 +119,7 @@ public abstract class AbstractAuthenticationProvider {
         changeSession(authentication);
         
         authenticationRealm.insertLoginHistory( WebContext.getUserInfo(), 
-						        				ConstantsLoginType.LOCAL, 
+						        				ConstsLoginType.LOCAL, 
 								                "", 
 								                "xe00000004", 
 								                WebConstants.LOGIN_RESULT.SUCCESS);
@@ -255,6 +256,7 @@ public abstract class AbstractAuthenticationProvider {
             UserInfo validUserInfo = new UserInfo();
             validUserInfo.setUsername(userInfo.getUsername());
             validUserInfo.setId(userInfo.getId());
+            AbstractOtpAuthn smsOtpAuthn = otpAuthnService.getByInstId(userInfo.getInstId());
             if (password == null || !smsOtpAuthn.validate(validUserInfo, password)) {
                 String message = WebContext.getI18nValue("login.error.captcha");
                 _logger.debug("login captcha valid error.");
@@ -336,13 +338,13 @@ public abstract class AbstractAuthenticationProvider {
             loginUser.setLoginCount(0);
             authenticationRealm.insertLoginHistory(
             			loginUser, 
-            			ConstantsLoginType.LOCAL, 
+            			ConstsLoginType.LOCAL, 
             			"",
             			i18nMessage,
             			WebConstants.LOGIN_RESULT.USER_NOT_EXIST);
             throw new BadCredentialsException(i18nMessage);
         }else {
-        	if(userInfo.getIsLocked()==ConstantsStatus.LOCK) {
+        	if(userInfo.getIsLocked()==ConstsStatus.LOCK) {
         		authenticationRealm.insertLoginHistory( 
         				userInfo, 
                         loginCredential.getAuthType(), 
@@ -350,7 +352,7 @@ public abstract class AbstractAuthenticationProvider {
                         loginCredential.getCode(), 
                         WebConstants.LOGIN_RESULT.USER_LOCKED
                     );
-        	}else if(userInfo.getStatus()!=ConstantsStatus.ACTIVE) {
+        	}else if(userInfo.getStatus()!=ConstsStatus.ACTIVE) {
         		authenticationRealm.insertLoginHistory( 
         				userInfo, 
                         loginCredential.getAuthType(), 
@@ -383,7 +385,8 @@ public abstract class AbstractAuthenticationProvider {
         this.onlineTicketServices = onlineTicketServices;
     }
 
-	public void setSmsOtpAuthn(AbstractOtpAuthn smsOtpAuthn) {
-		this.smsOtpAuthn = smsOtpAuthn;
+	public void setOtpAuthnService(OtpAuthnService otpAuthnService) {
+		this.otpAuthnService = otpAuthnService;
 	}
+
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -26,6 +26,7 @@ import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -62,13 +63,13 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
     		AbstractAuthenticationRealm authenticationRealm,
     		ApplicationConfig applicationConfig,
     	    AbstractOtpAuthn tfaOtpAuthn,
-    	    AbstractOtpAuthn smsOtpAuthn,
+    	    OtpAuthnService otpAuthnService,
     	    AbstractRemeberMeService remeberMeService,
     	    OnlineTicketServices onlineTicketServices) {
 		this.authenticationRealm = authenticationRealm;
 		this.applicationConfig = applicationConfig;
 		this.tfaOtpAuthn = tfaOtpAuthn;
-		this.smsOtpAuthn = smsOtpAuthn;
+		this.otpAuthnService = otpAuthnService;
 		this.remeberMeService =  remeberMeService;
 		this.onlineTicketServices = onlineTicketServices;
 	}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/online/OnlineTicketServicesFactory.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.authn.online;
 
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -33,12 +33,12 @@ public class OnlineTicketServicesFactory {
 	            RedisConnectionFactory redisConnFactory){
 		 
 		 OnlineTicketServices onlineTicketServices = null;
-		if (persistence == ConstantsPersistence.INMEMORY) {
+		if (persistence == ConstsPersistence.INMEMORY) {
 		    onlineTicketServices = new InMemoryOnlineTicketServices();
 		    _logger.debug("InMemoryOnlineTicketServices");
-		} else if (persistence == ConstantsPersistence.JDBC) {
+		} else if (persistence == ConstsPersistence.JDBC) {
 		    _logger.debug("OnlineTicketServices not support "); 
-		} else if (persistence == ConstantsPersistence.REDIS) {
+		} else if (persistence == ConstsPersistence.REDIS) {
 		    onlineTicketServices = new RedisOnlineTicketServices(redisConnFactory);
 		    _logger.debug("RedisOnlineTicketServices");
 		}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java

@@ -22,6 +22,7 @@ import java.util.Date;
 import java.util.List;
 import javax.servlet.http.HttpServletResponse;
 
+import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.entity.Groups;
 import org.maxkey.entity.HistoryLogin;
@@ -58,12 +59,9 @@ public abstract class AbstractAuthenticationRealm {
 
     protected AbstractRemeberMeService remeberMeService;
     
-    protected boolean ldapSupport;
-    
-    protected  AbstractAuthenticationRealm ldapAuthenticationRealm;
-    
     protected UserInfoService userInfoService;
     
+    protected LdapAuthenticationRealmService ldapAuthenticationRealmService;
    
 
     /**

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/activedirectory/ActiveDirectoryAuthenticationRealm.java

@@ -1,74 +0,0 @@
-/*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.authn.realm.activedirectory;
-
-import java.util.List;
-
-import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Size;
-
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.authn.realm.IAuthenticationServer;
-import org.maxkey.entity.UserInfo;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.jdbc.core.JdbcTemplate;
-
-
-public class ActiveDirectoryAuthenticationRealm extends AbstractAuthenticationRealm{
-	private final static Logger _logger = LoggerFactory.getLogger(ActiveDirectoryAuthenticationRealm.class);
-
-	@NotNull
-    @Size(min=1)
-    private List<IAuthenticationServer> activeDirectoryServers;
-
-	/**
-	 * 
-	 */
-	public ActiveDirectoryAuthenticationRealm() {
-		super();
-	}
-
-	/**
-	 * @param jdbcTemplate
-	 */
-	public ActiveDirectoryAuthenticationRealm(JdbcTemplate jdbcTemplate) {
-		super(jdbcTemplate);
-	}
-
-
-	@Override
-	public boolean passwordMatches(UserInfo userInfo, String password) {
-		boolean isAuthenticated=false;
-		for (final IAuthenticationServer activeDirectoryServer : this.activeDirectoryServers) {
-            _logger.debug("Attempting to authenticate {} at {}", userInfo.getUsername(), activeDirectoryServer);
-            isAuthenticated= activeDirectoryServer.authenticate(userInfo.getUsername(), password);
-            if (isAuthenticated ) {
-            	return true;
-            }
-		 }
-		return false;
-	}
-
-
-	public void setActiveDirectoryServers(
-			List<IAuthenticationServer> activeDirectoryServers) {
-		this.activeDirectoryServers = activeDirectoryServers;
-	}
-
-}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java

@@ -18,8 +18,10 @@
 package org.maxkey.authn.realm.jdbc;
 
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
+import org.maxkey.authn.realm.ldap.LdapAuthenticationRealm;
+import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
@@ -66,11 +68,10 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
     	this.loginRepository = loginRepository;
     	this.loginHistoryRepository = loginHistoryRepository;
     	this.remeberMeService = remeberMeService;
-    	 this.userInfoService = userInfoService;
+    	this.userInfoService = userInfoService;
         this.jdbcTemplate = jdbcTemplate;
     }
-    
-    
+  
     public JdbcAuthenticationRealm(
     		PasswordEncoder passwordEncoder,
     		PasswordPolicyValidator passwordPolicyValidator,
@@ -79,19 +80,15 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
     		AbstractRemeberMeService remeberMeService,
     		UserInfoService userInfoService,
     	    JdbcTemplate jdbcTemplate,
-    	    AbstractAuthenticationRealm ldapAuthenticationRealm,
-    	    boolean ldapSupport
-    	    ) {
-    	
-    	this.passwordEncoder =passwordEncoder;
-    	this.passwordPolicyValidator=passwordPolicyValidator;
-    	this.loginRepository = loginRepository;
-    	this.loginHistoryRepository = loginHistoryRepository;
-    	this.remeberMeService = remeberMeService;
-        this.jdbcTemplate = jdbcTemplate;
-        this.ldapAuthenticationRealm = ldapAuthenticationRealm;
-        this.userInfoService = userInfoService;
-        this.ldapSupport = ldapSupport;
+    	    LdapAuthenticationRealmService ldapAuthenticationRealmService) {
+		this.passwordEncoder = passwordEncoder;
+		this.passwordPolicyValidator = passwordPolicyValidator;
+		this.loginRepository = loginRepository;
+		this.loginHistoryRepository = loginHistoryRepository;
+		this.remeberMeService = remeberMeService;
+		this.userInfoService = userInfoService;
+		this.jdbcTemplate = jdbcTemplate;
+		this.ldapAuthenticationRealmService = ldapAuthenticationRealmService;
     }
     
     /**
@@ -104,24 +101,26 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
         //        + PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), password));
         passwordMatches = passwordEncoder.matches(password,userInfo.getPassword());
         
-        //passwordMatches == false and ldapSupport ==true
-        //validate password with LDAP
-        if(!passwordMatches && ldapSupport) {
-            passwordMatches =this.ldapAuthenticationRealm.passwordMatches(userInfo, password);
-            if(passwordMatches) {
-                //init password to local Realm
-                UserInfo changePasswordUser = new UserInfo();
-                changePasswordUser.setId(userInfo.getId());
-                changePasswordUser.setUsername(userInfo.getUsername());
-                changePasswordUser.setPassword(password);
-                userInfoService.changePassword(changePasswordUser, false);
-            }
+        if(ldapAuthenticationRealmService != null) {
+        	//passwordMatches == false and ldapSupport ==true
+        	//validate password with LDAP
+	        LdapAuthenticationRealm ldapRealm = ldapAuthenticationRealmService.getByInstId(userInfo.getInstId());
+	        if(!passwordMatches && ldapRealm != null && ldapRealm.isLdapSupport()) {
+	            passwordMatches = ldapRealm.passwordMatches(userInfo, password);
+	            if(passwordMatches) {
+	                //write password to database Realm
+	                UserInfo changePasswordUser = new UserInfo();
+	                changePasswordUser.setId(userInfo.getId());
+	                changePasswordUser.setUsername(userInfo.getUsername());
+	                changePasswordUser.setPassword(password);
+	                userInfoService.changePassword(changePasswordUser, false);
+	            }
+	        }
         }
-        
         _logger.debug("passwordvalid : {}" , passwordMatches);
         if (!passwordMatches) {
             passwordPolicyValidator.plusBadPasswordCount(userInfo);
-            insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", WebConstants.LOGIN_RESULT.PASSWORD_ERROE);
+            insertLoginHistory(userInfo, ConstsLoginType.LOCAL, "", "xe00000004", WebConstants.LOGIN_RESULT.PASSWORD_ERROE);
             PasswordPolicy passwordPolicy = passwordPolicyValidator.getPasswordPolicyRepository().getPasswordPolicy();
             if(userInfo.getBadPasswordCount()>=(passwordPolicy.getAttempts()/2)) {
                 throw new BadCredentialsException(

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/activedirectory/ActiveDirectoryServer.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/ActiveDirectoryServer.java

@@ -18,7 +18,7 @@
 /**
  * 
  */
-package org.maxkey.authn.realm.activedirectory;
+package org.maxkey.authn.realm.ldap;
 
 import org.maxkey.authn.realm.IAuthenticationServer;
 import org.maxkey.persistence.ldap.ActiveDirectoryUtils;

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealm.java

@@ -36,6 +36,8 @@ public class LdapAuthenticationRealm  extends AbstractAuthenticationRealm{
     @Size(min=1)
     private List<IAuthenticationServer> ldapServers;
 	
+	private boolean ldapSupport;
+	
 	/**
 	 * 
 	 */
@@ -43,6 +45,10 @@ public class LdapAuthenticationRealm  extends AbstractAuthenticationRealm{
 		
 	}
 
+	public LdapAuthenticationRealm(boolean ldapSupport) {
+		this.ldapSupport = ldapSupport;
+	}
+	
 	/**
 	 * @param jdbcTemplate
 	 */
@@ -68,5 +74,13 @@ public class LdapAuthenticationRealm  extends AbstractAuthenticationRealm{
 		this.ldapServers = ldapServers;
 	}
 
+	public boolean isLdapSupport() {
+		return ldapSupport;
+	}
+
+	public void setLdapSupport(boolean ldapSupport) {
+		this.ldapSupport = ldapSupport;
+	}
+
 
 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapAuthenticationRealmService.java

@@ -0,0 +1,84 @@
+/*
+ * Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.maxkey.authn.realm.ldap;
+
+import java.sql.Types;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.TimeUnit;
+
+import org.maxkey.authn.realm.IAuthenticationServer;
+import org.maxkey.entity.LdapContext;
+import org.maxkey.persistence.ldap.ActiveDirectoryUtils;
+import org.maxkey.persistence.ldap.LdapUtils;
+import org.maxkey.persistence.service.LdapContextService;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+
+public class LdapAuthenticationRealmService {
+    protected static final Cache<String, LdapAuthenticationRealm> ldapRealmStore = 
+            Caffeine.newBuilder()
+                .expireAfterWrite(60, TimeUnit.MINUTES)
+                .build();
+    
+    LdapContextService ldapContextService;
+    
+    
+    public LdapAuthenticationRealmService(LdapContextService ldapContextService) {
+		this.ldapContextService = ldapContextService;
+	}
+
+	public LdapAuthenticationRealm getByInstId(String instId) {
+		LdapAuthenticationRealm authenticationRealm = ldapRealmStore.getIfPresent(instId);
+		if(authenticationRealm == null) {
+			List<LdapContext> ldapContexts = 
+					ldapContextService.find("where instid = ? ", new Object[]{instId}, new int[]{Types.VARCHAR});
+			authenticationRealm = new LdapAuthenticationRealm(false);
+			if(ldapContexts != null && ldapContexts.size()>0) {
+				authenticationRealm.setLdapSupport(true);
+				List<IAuthenticationServer> ldapAuthenticationServers = new ArrayList<IAuthenticationServer>();
+				for(LdapContext ldapContext : ldapContexts) { 
+					if(ldapContext.getProduct().equalsIgnoreCase("ActiveDirectory")) {
+						ActiveDirectoryServer ldapServer = new ActiveDirectoryServer();
+			            ActiveDirectoryUtils  ldapUtils  = new ActiveDirectoryUtils(
+			            								ldapContext.getProviderUrl(),
+			            								ldapContext.getPrincipal(),
+			            								ldapContext.getCredentials(),
+			            								ldapContext.getMsadDomain());
+			            ldapServer.setActiveDirectoryUtils(ldapUtils);
+			            ldapAuthenticationServers.add(ldapServer);
+						
+					}else {
+						StandardLdapServer standardLdapServer=new StandardLdapServer();
+						LdapUtils ldapUtils = new LdapUtils(
+													ldapContext.getProviderUrl(),
+													ldapContext.getPrincipal(),
+													ldapContext.getCredentials(),
+													ldapContext.getBasedn());
+						standardLdapServer.setLdapUtils(ldapUtils);
+						standardLdapServer.setFilterAttribute(ldapContext.getFilters());
+						ldapAuthenticationServers.add(standardLdapServer);
+					}
+				}
+				authenticationRealm.setLdapServers(ldapAuthenticationServers);
+			}
+			ldapRealmStore.put(instId, authenticationRealm);
+		}
+    	return authenticationRealm;
+    	
+    }
+}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/LdapServer.java → maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/ldap/StandardLdapServer.java

@@ -34,8 +34,8 @@ import org.slf4j.LoggerFactory;
  * @author Crystal.Sea
  *
  */
-public final class LdapServer implements IAuthenticationServer {
-	private final static Logger _logger = LoggerFactory.getLogger(LdapServer.class);
+public final class StandardLdapServer implements IAuthenticationServer {
+	private final static Logger _logger = LoggerFactory.getLogger(StandardLdapServer.class);
 	
 	LdapUtils ldapUtils;
 	

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java

@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.util.AuthorizationHeaderCredential;
 import org.maxkey.util.AuthorizationHeaderUtils;
 import org.slf4j.Logger;
@@ -130,7 +130,7 @@ public class BasicEntryPoint implements   AsyncHandlerInterceptor {
 		 }
 		 
 		 if(!isAuthenticated){
-		     LoginCredential loginCredential =new LoginCredential(headerCredential.getUsername(),"",ConstantsLoginType.BASIC);
+		     LoginCredential loginCredential =new LoginCredential(headerCredential.getUsername(),"",ConstsLoginType.BASIC);
 			 authenticationProvider.authentication(loginCredential,true);
 			 _logger.info("Authentication  "+headerCredential.getUsername()+" successful .");
 		 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java

@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -109,7 +109,7 @@ public class HttpHeaderEntryPoint implements AsyncHandlerInterceptor {
 		 }
 		 
 		 if(!isAuthenticated){
-			LoginCredential loginCredential =new LoginCredential(httpHeaderUsername,"",ConstantsLoginType.HTTPHEADER);
+			LoginCredential loginCredential =new LoginCredential(httpHeaderUsername,"",ConstsLoginType.HTTPHEADER);
             authenticationProvider.authentication(loginCredential,true);
 			_logger.info("Authentication  "+httpHeaderUsername+" successful .");
 		 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/jwt/HttpJwtEntryPoint.java

@@ -23,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -78,7 +78,7 @@ public class HttpJwtEntryPoint implements AsyncHandlerInterceptor {
 		 SignedJWT signedJWT = jwtLoginService.jwtTokenValidation(jwt);
 		 if(signedJWT != null) {
 			 String username =signedJWT.getJWTClaimsSet().getSubject();
-			 LoginCredential loginCredential =new LoginCredential(username,"",ConstantsLoginType.JWT);
+			 LoginCredential loginCredential =new LoginCredential(username,"",ConstsLoginType.JWT);
 			 authenticationProvider.authentication(loginCredential,true);
 			 _logger.debug("JWT Logined in , username " + username);
 		 }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/kerberos/HttpKerberosEntryPoint.java

@@ -23,7 +23,7 @@ import org.joda.time.DateTime;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.crypto.ReciprocalUtils;
 import org.maxkey.util.DateUtils;
 import org.maxkey.util.JsonUtils;
@@ -95,7 +95,7 @@ public class HttpKerberosEntryPoint implements AsyncHandlerInterceptor {
 		_logger.debug("Kerberos Token is After Now  "+notOnOrAfter.isAfterNow());
 		
 		if(notOnOrAfter.isAfterNow()){
-		    LoginCredential loginCredential =new LoginCredential(kerberosToken.getPrincipal(),"",ConstantsLoginType.KERBEROS);
+		    LoginCredential loginCredential =new LoginCredential(kerberosToken.getPrincipal(),"",ConstsLoginType.KERBEROS);
 		    loginCredential.setProvider(kerberosUserDomain);
             authenticationProvider.authentication(loginCredential,true);
 	    	_logger.debug("Kerberos Logined in , username " + kerberosToken.getPrincipal());

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/AbstractRemeberMeService.java

@@ -23,7 +23,7 @@ import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.crypto.Base64Utils;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.util.JsonUtils;
@@ -37,7 +37,7 @@ import org.springframework.beans.factory.annotation.Qualifier;
 public abstract class AbstractRemeberMeService {
     private static final Logger _logger = LoggerFactory.getLogger(AbstractRemeberMeService.class);
 
-    protected Integer remeberMeValidity = ConstantsTimeInterval.TWO_WEEK;
+    protected Integer remeberMeValidity = ConstsTimeInterval.TWO_WEEK;
 
     protected String validity;
 
@@ -152,13 +152,13 @@ public abstract class AbstractRemeberMeService {
         if (Pattern.matches("[0-9]+", validity)) {
             remeberMeValidity = Integer.parseInt(validity);
         } else if (validity.equalsIgnoreCase("ONE_DAY")) {
-            remeberMeValidity = ConstantsTimeInterval.ONE_DAY;
+            remeberMeValidity = ConstsTimeInterval.ONE_DAY;
         } else if (validity.equalsIgnoreCase("ONE_WEEK")) {
-            remeberMeValidity = ConstantsTimeInterval.ONE_WEEK;
+            remeberMeValidity = ConstsTimeInterval.ONE_WEEK;
         } else if (validity.equalsIgnoreCase("TWO_WEEK")) {
-            remeberMeValidity = ConstantsTimeInterval.TWO_WEEK;
+            remeberMeValidity = ConstsTimeInterval.TWO_WEEK;
         } else if (validity.equalsIgnoreCase("ONE_YEAR")) {
-            remeberMeValidity = ConstantsTimeInterval.ONE_YEAR;
+            remeberMeValidity = ConstsTimeInterval.ONE_YEAR;
         }
 
         _logger.debug("Remeber Me Validity : " + remeberMeValidity);

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/HttpRemeberMeEntryPoint.java

@@ -25,7 +25,7 @@ import org.joda.time.DateTime;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.crypto.Base64Utils;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.util.JsonUtils;
@@ -96,7 +96,7 @@ public class HttpRemeberMeEntryPoint implements AsyncHandlerInterceptor {
 	        DateTime now = new DateTime();
 	        if (now.isBefore(expiryDate)) {
 	            LoginCredential loginCredential =
-	            		new LoginCredential(storeRemeberMe.getUsername(),"",ConstantsLoginType.REMEBER_ME);
+	            		new LoginCredential(storeRemeberMe.getUsername(),"",ConstsLoginType.REMEBER_ME);
 	            authenticationProvider.authentication(loginCredential,true);
 	            remeberMeService.updateRemeberMe(remeberMeCookie, response);
 	            _logger.debug("RemeberMe Logined in , username " + storeRemeberMe.getUsername());

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/InMemoryRemeberMeService.java

@@ -19,7 +19,7 @@ package org.maxkey.authn.support.rememberme;
 
 import java.util.concurrent.TimeUnit;
 
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 
 import com.github.benmanes.caffeine.cache.Cache;
 import com.github.benmanes.caffeine.cache.Caffeine;
@@ -28,7 +28,7 @@ public class InMemoryRemeberMeService   extends AbstractRemeberMeService {
 
     protected static final Cache<String, RemeberMe> remeberMeStore = 
             Caffeine.newBuilder()
-                .expireAfterWrite(ConstantsTimeInterval.TWO_WEEK, TimeUnit.MINUTES)
+                .expireAfterWrite(ConstsTimeInterval.TWO_WEEK, TimeUnit.MINUTES)
                 .build();
     
     @Override

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/RedisRemeberMeService.java

@@ -17,13 +17,13 @@
 
 package org.maxkey.authn.support.rememberme;
 
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.persistence.redis.RedisConnection;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 
 public class RedisRemeberMeService extends AbstractRemeberMeService {
 
-    protected int serviceTicketValiditySeconds = ConstantsTimeInterval.TWO_WEEK;
+    protected int serviceTicketValiditySeconds = ConstsTimeInterval.TWO_WEEK;
     
     RedisConnectionFactory connectionFactory;
     

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/rememberme/RemeberMeServiceFactory.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.authn.support.rememberme;
 
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -33,13 +33,13 @@ public class RemeberMeServiceFactory {
 	            RedisConnectionFactory redisConnFactory){
 		 
 		 AbstractRemeberMeService remeberMeService = null;
-	        if (persistence == ConstantsPersistence.INMEMORY) {
+	        if (persistence == ConstsPersistence.INMEMORY) {
 	            remeberMeService = new InMemoryRemeberMeService();
 	            _logger.debug("InMemoryRemeberMeService");
-	        } else if (persistence == ConstantsPersistence.JDBC) {
+	        } else if (persistence == ConstsPersistence.JDBC) {
 	            //remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
 	            _logger.debug("JdbcRemeberMeService not support "); 
-	        } else if (persistence == ConstantsPersistence.REDIS) {
+	        } else if (persistence == ConstsPersistence.REDIS) {
 	            remeberMeService = new RedisRemeberMeService(redisConnFactory);
 	            _logger.debug("RedisRemeberMeService");
 	        }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/support/wsfederation/HttpWsFederationEntryPoint.java

@@ -22,7 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.util.StringUtils;
 import org.maxkey.web.WebContext;
 import org.opensaml.saml1.core.impl.AssertionImpl;
@@ -99,7 +99,7 @@ public class HttpWsFederationEntryPoint implements AsyncHandlerInterceptor {
                     			wsFederationService.getWsFederationConfiguration().getUpnSuffix());
                     }
                     LoginCredential loginCredential =new LoginCredential(
-                            wsFederationCredential.getAttributes().get("").toString(),"",ConstantsLoginType.WSFEDERATION);
+                            wsFederationCredential.getAttributes().get("").toString(),"",ConstsLoginType.WSFEDERATION);
                     authenticationProvider.authentication(loginCredential,true);
                     return true;
                 } else {

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/autoconfigure/AuthenticationAutoConfiguration.java

@@ -26,11 +26,16 @@ import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.authn.support.rememberme.RemeberMeServiceFactory;
 import org.maxkey.configuration.ApplicationConfig;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
+import org.maxkey.password.onetimepwd.token.RedisOtpTokenStore;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
 import org.maxkey.persistence.repository.LoginRepository;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
+import org.maxkey.persistence.service.EmailSendersService;
+import org.maxkey.persistence.service.SmsProviderService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
@@ -58,7 +63,7 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
     		AbstractAuthenticationRealm authenticationRealm,
     		ApplicationConfig applicationConfig,
     	    AbstractOtpAuthn tfaOtpAuthn,
-    	    AbstractOtpAuthn smsOtpAuthn,
+    	    OtpAuthnService otpAuthnService,
     	    AbstractRemeberMeService remeberMeService,
     	    OnlineTicketServices onlineTicketServices
     		) {
@@ -68,13 +73,33 @@ public class AuthenticationAutoConfiguration  implements InitializingBean {
         		authenticationRealm,
         		applicationConfig,
         		tfaOtpAuthn,
-        		smsOtpAuthn,
+        		otpAuthnService,
         		remeberMeService,
         		onlineTicketServices
         		);
         
     }
     
+    @Bean(name = "otpAuthnService")
+    public OtpAuthnService otpAuthnService(
+            @Value("${maxkey.server.persistence}") int persistence,
+            SmsProviderService smsProviderService,
+            EmailSendersService emailSendersService,
+            RedisConnectionFactory redisConnFactory) {
+        OtpAuthnService otpAuthnService = 
+        							new OtpAuthnService(smsProviderService,emailSendersService);
+        
+        if (persistence == ConstsPersistence.REDIS) {
+            RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
+            otpAuthnService.setRedisOptTokenStore(redisOptTokenStore);
+        }
+        
+        
+        _logger.debug("OneTimePasswordService {} inited." , 
+        				persistence == ConstsPersistence.REDIS ? "Redis" : "InMemory");
+        return otpAuthnService;
+    }
+    
     @Bean(name = "passwordPolicyValidator")
     public PasswordPolicyValidator passwordPolicyValidator(JdbcTemplate jdbcTemplate,MessageSource messageSource) {
         return new PasswordPolicyValidator(jdbcTemplate,messageSource);

maxkey-authentications/maxkey-authentication-otp/build.gradle

@@ -8,5 +8,6 @@ dependencies {
 	
 	implementation project(":maxkey-common")
 	implementation project(":maxkey-core")
+	implementation project(":maxkey-persistence")
    
 }

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/OtpAuthnService.java

@@ -0,0 +1,113 @@
+package org.maxkey.password.onetimepwd;
+
+import java.sql.Types;
+import java.util.concurrent.TimeUnit;
+
+import org.maxkey.configuration.EmailConfig;
+import org.maxkey.constants.ConstsBoolean;
+import org.maxkey.entity.EmailSenders;
+import org.maxkey.entity.SmsProvider;
+import org.maxkey.password.onetimepwd.impl.MailOtpAuthn;
+import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnAliyun;
+import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnTencentCloud;
+import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnYunxin;
+import org.maxkey.password.onetimepwd.token.RedisOtpTokenStore;
+import org.maxkey.persistence.service.EmailSendersService;
+import org.maxkey.persistence.service.SmsProviderService;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+
+public class OtpAuthnService {
+
+    protected static final Cache<String, AbstractOtpAuthn> otpAuthnStore = 
+            Caffeine.newBuilder()
+                .expireAfterWrite(60, TimeUnit.MINUTES)
+                .build();
+    
+    SmsProviderService smsProviderService;
+    
+    EmailSendersService emailSendersService;
+    
+    RedisOtpTokenStore redisOptTokenStore;
+    
+    public OtpAuthnService(SmsProviderService smsProviderService, EmailSendersService emailSendersService) {
+		this.smsProviderService = smsProviderService;
+		this.emailSendersService = emailSendersService;
+	}
+
+	public OtpAuthnService(SmsProviderService smsProviderService,RedisOtpTokenStore redisOptTokenStore) {
+		this.smsProviderService = smsProviderService;
+		this.redisOptTokenStore = redisOptTokenStore;
+	}
+
+	public AbstractOtpAuthn getByInstId(String instId) {
+    	AbstractOtpAuthn otpAuthn = otpAuthnStore.getIfPresent(instId);
+    	if(otpAuthn == null) {
+    		SmsProvider smsProvider = 
+    				smsProviderService.findOne("where instid = ? ", new Object[]{instId}, new int[]{Types.VARCHAR});
+    		if(smsProvider != null ) {
+    			
+    			if(smsProvider.getProvider().equalsIgnoreCase("aliyun")) {
+    				SmsOtpAuthnAliyun aliyun = new SmsOtpAuthnAliyun(
+													smsProvider.getAppKey(),
+													smsProvider.getAppSecret(),
+													smsProvider.getTemplateId(),
+													smsProvider.getSignName()
+												);
+    				if(redisOptTokenStore != null) {
+    					aliyun.setOptTokenStore(redisOptTokenStore);
+    				}
+    				otpAuthn = aliyun;
+    			}else if(smsProvider.getProvider().equalsIgnoreCase("tencentcloud")) {
+    				SmsOtpAuthnTencentCloud tencentCloud = new SmsOtpAuthnTencentCloud(
+    												smsProvider.getAppKey(),
+    												smsProvider.getAppSecret(),
+    												smsProvider.getSmsSdkAppId(),
+    												smsProvider.getTemplateId(),
+    												smsProvider.getSignName()
+    											);
+    				if(redisOptTokenStore != null) {
+    					tencentCloud.setOptTokenStore(redisOptTokenStore);
+    				}
+    				otpAuthn = tencentCloud;
+    			}else if(smsProvider.getProvider().equalsIgnoreCase("neteasesms")) {
+    				SmsOtpAuthnYunxin yunxin = new SmsOtpAuthnYunxin(
+    												smsProvider.getAppKey(),
+    												smsProvider.getAppSecret(),
+    												smsProvider.getTemplateId()
+    											);
+    				if(redisOptTokenStore != null) {
+    					yunxin.setOptTokenStore(redisOptTokenStore);
+    				}
+    				otpAuthn = yunxin;
+    			}else if(smsProvider.getProvider().equalsIgnoreCase("email")) {
+    				EmailSenders emailSender = 
+    						emailSendersService.findOne("where instid = ? ", new Object[]{instId}, new int[]{Types.VARCHAR});
+    				EmailConfig emailConfig = 
+    								new EmailConfig(
+    										emailSender.getAccount(),
+    										emailSender.getCredentials(),
+    										emailSender.getSmtpHost(),
+    										emailSender.getPort(),
+    										ConstsBoolean.isTrue(emailSender.getSslSwitch()),
+    										emailSender.getSender());
+    				MailOtpAuthn mailOtpAuthn = new MailOtpAuthn(emailConfig);
+    				if(redisOptTokenStore != null) {
+    					mailOtpAuthn.setOptTokenStore(redisOptTokenStore);
+    				}
+    				otpAuthn = mailOtpAuthn;
+    			}
+    			
+    			otpAuthnStore.put(instId, otpAuthn);	
+    		}
+    	}
+    	return otpAuthn;
+    }
+
+	public void setRedisOptTokenStore(RedisOtpTokenStore redisOptTokenStore) {
+		this.redisOptTokenStore = redisOptTokenStore;
+	}
+	
+	
+}

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/MailOtpAuthn.java

@@ -26,12 +26,10 @@ import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
 
 public class MailOtpAuthn extends AbstractOtpAuthn {
     private static final Logger _logger = LoggerFactory.getLogger(MailOtpAuthn.class);
     
-    @Autowired
     EmailConfig emailConfig;
     String subject = "One Time PassWord";
     
@@ -40,8 +38,22 @@ public class MailOtpAuthn extends AbstractOtpAuthn {
     public MailOtpAuthn() {
         otpType = OtpTypes.EMAIL;
     }
+    
+    public MailOtpAuthn(EmailConfig emailConfig) {
+    	otpType = OtpTypes.EMAIL;
+		this.emailConfig = emailConfig;
+	}
 
-    @Override
+	public MailOtpAuthn(EmailConfig emailConfig, String subject, String messageTemplate) {
+		otpType = OtpTypes.EMAIL;
+		this.emailConfig = emailConfig;
+		this.subject = subject;
+		this.messageTemplate = messageTemplate;
+	}
+
+
+
+	@Override
     public boolean produce(UserInfo userInfo) {
         try {
             String token = this.genToken(userInfo);

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/sms/SmsOtpAuthnAliyun.java

@@ -24,15 +24,11 @@ import com.aliyuncs.IAcsClient;
 import com.aliyuncs.http.MethodType;
 import com.aliyuncs.profile.DefaultProfile;
 
-import java.io.IOException;
-
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.impl.SmsOtpAuthn;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-
-
 /**
  * 阿里云短信验证.
  * @author shimingxy
@@ -45,6 +41,14 @@ public class SmsOtpAuthnAliyun extends SmsOtpAuthn {
         otpType = OtpTypes.SMS;
     }
 
+    public SmsOtpAuthnAliyun(String accessKeyId, String accessSecret, String templateCode, String signName) {
+    	otpType = OtpTypes.SMS;
+		this.accessKeyId = accessKeyId;
+		this.accessSecret = accessSecret;
+		this.templateCode = templateCode;
+		this.signName = signName;
+	}
+    
     //请替换你在管理后台应用下申请的accessKeyId
     private   String accessKeyId = "94395d754eb55693043f5d6a2b772ef3";
     //请替换你在管理后台应用下申请的accessSecret
@@ -54,7 +58,9 @@ public class SmsOtpAuthnAliyun extends SmsOtpAuthn {
     
     private String signName = "MaxKey";
     
-    @Override
+
+
+	@Override
     public boolean produce(UserInfo userInfo) {
         // 手机号
         String mobile = userInfo.getMobile();
@@ -130,18 +136,4 @@ public class SmsOtpAuthnAliyun extends SmsOtpAuthn {
         this.signName = signName;
     }
     
-    @Override
-    public void initPropertys() {
-        try {
-            this.loadProperties();
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-        
-        this.accessKeyId    = properties.getProperty("maxkey.otp.sms.aliyun.accesskeyid");
-        this.accessSecret   = properties.getProperty("maxkey.otp.sms.aliyun.accesssecret");
-        this.templateCode   = properties.getProperty("maxkey.otp.sms.aliyun.templatecode");
-        this.signName       = properties.getProperty("maxkey.otp.sms.aliyun.signname");
-    }
-    
 }

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/sms/SmsOtpAuthnTencentCloud.java

@@ -24,8 +24,6 @@ import com.tencentcloudapi.sms.v20190711.SmsClient;
 import com.tencentcloudapi.sms.v20190711.models.SendSmsRequest;
 import com.tencentcloudapi.sms.v20190711.models.SendSmsResponse;
 
-import java.io.IOException;
-
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.impl.SmsOtpAuthn;
 import org.slf4j.Logger;
@@ -39,7 +37,7 @@ import org.slf4j.LoggerFactory;
  */
 public class SmsOtpAuthnTencentCloud extends SmsOtpAuthn {
     private static final  Logger logger = LoggerFactory.getLogger(SmsOtpAuthnTencentCloud.class);
- 
+
     //
     String secretId;
     //
@@ -55,9 +53,17 @@ public class SmsOtpAuthnTencentCloud extends SmsOtpAuthn {
         otpType = OtpTypes.SMS;
     }
     
-    
-    
-    @Override
+    public SmsOtpAuthnTencentCloud(String secretId, String secretKey, String smsSdkAppid, String templateId,
+			String sign) {
+    	otpType = OtpTypes.SMS;
+		this.secretId = secretId;
+		this.secretKey = secretKey;
+		this.smsSdkAppid = smsSdkAppid;
+		this.templateId = templateId;
+		this.sign = sign;
+	}
+
+	@Override
     public boolean produce(UserInfo userInfo) {
         // 手机号
         String mobile = userInfo.getMobile();
@@ -104,87 +110,46 @@ public class SmsOtpAuthnTencentCloud extends SmsOtpAuthn {
         return this.optTokenStore.validate(userInfo, token, OtpTypes.SMS, interval);
     }
 
-
     public String getSecretId() {
         return secretId;
     }
 
-
-
-
     public void setSecretId(String secretId) {
         this.secretId = secretId;
     }
 
-
-
-
     public String getSecretKey() {
         return secretKey;
     }
 
-
-
-
     public void setSecretKey(String secretKey) {
         this.secretKey = secretKey;
     }
 
-
-
-
     public String getSmsSdkAppid() {
         return smsSdkAppid;
     }
 
-
-
-
     public void setSmsSdkAppid(String smsSdkAppid) {
         this.smsSdkAppid = smsSdkAppid;
     }
 
-
-
-
     public String getTemplateId() {
         return templateId;
     }
 
-
-
-
     public void setTemplateId(String templateId) {
         this.templateId = templateId;
     }
 
-
-
-
     public String getSign() {
         return sign;
     }
 
 
-
-
     public void setSign(String sign) {
         this.sign = sign;
     }
-    
-    @Override
-    public void initPropertys() {
-        try {
-            this.loadProperties();
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-        
-        this.secretId       = properties.getProperty("maxkey.otp.sms.tencentcloud.secretid");
-        this.secretKey      = properties.getProperty("maxkey.otp.sms.tencentcloud.secretkey");
-        this.smsSdkAppid    = properties.getProperty("maxkey.otp.sms.tencentcloud.smssdkappid");
-        this.templateId     = properties.getProperty("maxkey.otp.sms.tencentcloud.templateid");
-        this.sign           = properties.getProperty("maxkey.otp.sms.tencentcloud.sign");
-    }
+
     
 }

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/sms/SmsOtpAuthnYunxin.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.password.onetimepwd.impl.sms;
 
-import java.io.IOException;
+import java.security.MessageDigest;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
@@ -48,7 +48,14 @@ public class SmsOtpAuthnYunxin extends SmsOtpAuthn {
         otpType = OtpTypes.SMS;
     }
 
-    //发送验证码的请求路径URL
+    public SmsOtpAuthnYunxin(String appKey, String appSecret, String templateId) {
+    	otpType = OtpTypes.SMS;
+		this.appKey = appKey;
+		this.appSecret = appSecret;
+		this.templateId = templateId;
+	}
+
+	//发送验证码的请求路径URL
     private static final String
             SERVER_URL = "https://api.netease.im/sms/sendcode.action";
     //网易云信分配的账号，请替换你在管理后台应用下申请的Appkey
@@ -59,6 +66,7 @@ public class SmsOtpAuthnYunxin extends SmsOtpAuthn {
     // 短信模板ID
     private  String templateId = "14860099";
     
+    
     @Override
     public boolean produce(UserInfo userInfo) {
         HttpPost httpPost = null;
@@ -201,22 +209,11 @@ public class SmsOtpAuthnYunxin extends SmsOtpAuthn {
         public void setObj(String obj) {
             this.obj = obj;
         }
+
         
     }
-    
-    @Override
-    public void initPropertys() {
-        try {
-            this.loadProperties();
-        } catch (IOException e) {
-            e.printStackTrace();
-        }
-        
-        this.appKey         = properties.getProperty("maxkey.otp.sms.yunxin.appkey");
-        this.appSecret      = properties.getProperty("maxkey.otp.sms.yunxin.appsecret");
-        this.templateId     = properties.getProperty("maxkey.otp.sms.yunxin.templateid");
-    }
-    
+
+
     /**
      * main.
      * @param args String
@@ -234,3 +231,40 @@ public class SmsOtpAuthnYunxin extends SmsOtpAuthn {
     }
     
 }
+
+class SmsOtpAuthnYunxinCheckSumBuilder {
+    // 计算并获取CheckSum
+    public static String getCheckSum(String appSecret, String nonce, String curTime) {
+        return encode("sha1", appSecret + nonce + curTime);
+    }
+
+    // 计算并获取md5值
+    public static String getMD5(String requestBody) {
+        return encode("md5", requestBody);
+    }
+
+    private static String encode(String algorithm, String value) {
+        if (value == null) {
+            return null;
+        }
+        try {
+            MessageDigest messageDigest
+                    = MessageDigest.getInstance(algorithm);
+            messageDigest.update(value.getBytes());
+            return getFormattedText(messageDigest.digest());
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+    private static String getFormattedText(byte[] bytes) {
+        int len = bytes.length;
+        StringBuilder buf = new StringBuilder(len * 2);
+        for (int j = 0; j < len; j++) {
+            buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]);
+            buf.append(HEX_DIGITS[bytes[j] & 0x0f]);
+        }
+        return buf.toString();
+    }
+    private static final char[] HEX_DIGITS = { '0', '1', '2', '3', '4', '5',
+            '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
+}

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/impl/sms/SmsOtpAuthnYunxinCheckSumBuilder.java

@@ -1,57 +0,0 @@
-/*
- * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
- * 
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *     http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-
-package org.maxkey.password.onetimepwd.impl.sms;
-
-import java.security.MessageDigest;
-
-public class SmsOtpAuthnYunxinCheckSumBuilder {
-    // 计算并获取CheckSum
-    public static String getCheckSum(String appSecret, String nonce, String curTime) {
-        return encode("sha1", appSecret + nonce + curTime);
-    }
-
-    // 计算并获取md5值
-    public static String getMD5(String requestBody) {
-        return encode("md5", requestBody);
-    }
-
-    private static String encode(String algorithm, String value) {
-        if (value == null) {
-            return null;
-        }
-        try {
-            MessageDigest messageDigest
-                    = MessageDigest.getInstance(algorithm);
-            messageDigest.update(value.getBytes());
-            return getFormattedText(messageDigest.digest());
-        } catch (Exception e) {
-            throw new RuntimeException(e);
-        }
-    }
-    private static String getFormattedText(byte[] bytes) {
-        int len = bytes.length;
-        StringBuilder buf = new StringBuilder(len * 2);
-        for (int j = 0; j < len; j++) {
-            buf.append(HEX_DIGITS[(bytes[j] >> 4) & 0x0f]);
-            buf.append(HEX_DIGITS[bytes[j] & 0x0f]);
-        }
-        return buf.toString();
-    }
-    private static final char[] HEX_DIGITS = { '0', '1', '2', '3', '4', '5',
-            '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
-}

maxkey-authentications/maxkey-authentication-otp/src/main/java/org/maxkey/password/onetimepwd/token/RedisOtpTokenStore.java

@@ -18,7 +18,7 @@
 package org.maxkey.password.onetimepwd.token;
 
 import org.joda.time.DateTime;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.OneTimePassword;
 import org.maxkey.persistence.redis.RedisConnection;
@@ -26,7 +26,7 @@ import org.maxkey.persistence.redis.RedisConnectionFactory;
 
 public class RedisOtpTokenStore  extends AbstractOtpTokenStore {
     
-    protected int validitySeconds = ConstantsTimeInterval.ONE_MINUTE * 5;
+    protected int validitySeconds = ConstsTimeInterval.ONE_MINUTE * 5;
     
     RedisConnectionFactory connectionFactory;
     

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/SocialSignOnEndpoint.java

@@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletRequest;
 
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.support.socialsignon.service.SocialsAssociate;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.entity.SocialsProvider;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -205,7 +205,7 @@ public class SocialSignOnEndpoint  extends AbstractSocialSignOnEndpoint{
 		                socialsAssociate.getProvider(),socialsAssociate.getUsername());
 		
 		LoginCredential loginCredential =new LoginCredential(
-		        socialsAssociate.getUsername(),"",ConstantsLoginType.SOCIALSIGNON);
+		        socialsAssociate.getUsername(),"",ConstsLoginType.SOCIALSIGNON);
 		loginCredential.setProvider(this.socialSignOnProvider.getProviderName());
         authenticationProvider.authentication(loginCredential,true);
         //socialsAssociate.setAccessToken(JsonUtils.object2Json(this.accessToken));

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/JdbcSocialsAssociateService.java

@@ -23,7 +23,7 @@ import java.sql.Types;
 import java.util.Date;
 import java.util.List;
 
-import org.maxkey.constants.ConstantsDatabase;
+import org.maxkey.constants.ConstsDatabase;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
@@ -54,7 +54,7 @@ public class JdbcSocialsAssociateService   implements SocialsAssociateService{
 	public boolean insert(SocialsAssociate socialsAssociate) {
 		socialsAssociate.setId(socialsAssociate.generateId());
 		jdbcTemplate.update(
-		        ConstantsDatabase.compare(ConstantsDatabase.ORACLE)?
+		        ConstsDatabase.compare(ConstsDatabase.ORACLE)?
 		                DEFAULT_DEFAULT_INSERT_STATEMENT_ORACLE:DEFAULT_DEFAULT_INSERT_STATEMENT, 
 				new Object[] { 
 					socialsAssociate.getId(),

maxkey-authentications/maxkey-authentication-social/src/main/java/org/maxkey/authn/support/socialsignon/service/SocialSignOnProviderService.java

@@ -25,7 +25,7 @@ import java.util.List;
 import java.util.concurrent.TimeUnit;
 
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.SocialsProvider;
 import org.maxkey.entity.SocialsProviderLogin;
@@ -49,7 +49,7 @@ public class SocialSignOnProviderService{
 	
 	protected static final Cache<String, SocialsProviderLogin> socialSignOnProvidersStore = 
             Caffeine.newBuilder()
-                .expireAfterWrite(ConstantsTimeInterval.ONE_HOUR, TimeUnit.MINUTES)
+                .expireAfterWrite(ConstsTimeInterval.ONE_HOUR, TimeUnit.MINUTES)
                 .build();
 	
 	HashMap<String ,SocialsProvider>socialSignOnProviderMaps=new HashMap<String ,SocialsProvider>();

maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java

@@ -23,7 +23,7 @@ import java.util.List;
 import javax.servlet.Filter;
 
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.persistence.repository.InstitutionsRepository;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
 import org.maxkey.persistence.repository.LoginRepository;
@@ -187,7 +187,7 @@ public class MvcAutoConfiguration implements InitializingBean , WebMvcConfigurer
         CookieLocaleResolver cookieLocaleResolver = new CookieLocaleResolver();
         cookieLocaleResolver.setCookieName("mxk_locale");
         cookieLocaleResolver.setCookieDomain(domainName);
-        cookieLocaleResolver.setCookieMaxAge(ConstantsTimeInterval.TWO_WEEK);
+        cookieLocaleResolver.setCookieMaxAge(ConstsTimeInterval.TWO_WEEK);
         return cookieLocaleResolver;
     }
      

maxkey-core/src/main/java/org/maxkey/configuration/EmailConfig.java

@@ -44,7 +44,17 @@ public class EmailConfig {
     public EmailConfig() {
     }
 
-    /*
+    public EmailConfig(String username, String password, String smtpHost, Integer port, boolean ssl, String sender) {
+		super();
+		this.username = username;
+		this.password = password;
+		this.smtpHost = smtpHost;
+		this.port = port;
+		this.ssl = ssl;
+		this.sender = sender;
+	}
+
+	/*
      * @return the username
      */
     public String getUsername() {

maxkey-core/src/main/java/org/maxkey/constants/Boolean.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsBoolean.java

@@ -23,7 +23,7 @@ package org.maxkey.constants;
  * @author Crystal.Sea
  *
  */
-public class Boolean {
+public class ConstsBoolean {
 
     public static final int FALSE 	= 0;
 
@@ -31,7 +31,7 @@ public class Boolean {
 
     private int value 				= FALSE;
 
-    public Boolean() {
+    public ConstsBoolean() {
 
     }
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsDatabase.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsDatabase.java

@@ -19,7 +19,7 @@ package org.maxkey.constants;
 
 import org.maxkey.configuration.ApplicationConfig;
 
-public class ConstantsDatabase {
+public class ConstsDatabase {
 
     public static String  MYSQL         	= "MySQL";
     

maxkey-core/src/main/java/org/maxkey/constants/ConstantsEntryType.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsEntryType.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public class ConstantsEntryType {
+public class ConstsEntryType {
 
     public static int USERINFO_TYPE 	= 1;
     

maxkey-core/src/main/java/org/maxkey/constants/ConstantsLoginType.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsLoginType.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public class ConstantsLoginType {
+public class ConstsLoginType {
 
     public static final String LOCAL 			= "Local Login";
     

maxkey-core/src/main/java/org/maxkey/constants/ConstantsOperateAction.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsOperateAction.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsOperateAction {
+public final class ConstsOperateAction {
 
     public static final int CREATE_ACTION 			= 1;
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsOperateMessage.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsOperateMessage.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsOperateMessage {
+public final class ConstsOperateMessage {
 
     public static final String INSERT_SUCCESS 	= "message.action.insert.success";
     public static final String INSERT_ERROR 	= "message.action.insert.error";

maxkey-core/src/main/java/org/maxkey/constants/ConstantsPasswordSetType.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsPasswordSetType.java

@@ -22,7 +22,7 @@ package org.maxkey.constants;
  * @author Crystal.Sea
  *
  */
-public final class ConstantsPasswordSetType {
+public final class ConstsPasswordSetType {
 
     public static final int PASSWORD_NORMAL 			= 0;
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsPersistence.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsPersistence.java

@@ -22,7 +22,7 @@ package org.maxkey.constants;
  * @author Crystal.Sea
  *
  */
-public final class ConstantsPersistence {
+public final class ConstsPersistence {
 
     public static final int INMEMORY 	= 0;
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsPlatformRole.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsPlatformRole.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsPlatformRole {
+public final class ConstsPlatformRole {
 
     public static final String PLATFORM_ADMIN 	= "PLATFORM_ADMIN";
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsProperties.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsProperties.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public class ConstantsProperties {
+public class ConstsProperties {
     
     public static String classPathResource(String propertySource) {
         return propertySource.replaceAll("classpath:","");

maxkey-core/src/main/java/org/maxkey/constants/ConstantsProtocols.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsProtocols.java

@@ -22,7 +22,7 @@ package org.maxkey.constants;
  * @author Crystal.Sea
  *
  */
-public final class ConstantsProtocols {
+public final class ConstsProtocols {
 
     public static final String BASIC 				= "Basic";
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsServiceMessage.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsServiceMessage.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsServiceMessage {
+public final class ConstsServiceMessage {
 
     public static final class EMPLOYEES {
         public static final String SERVICE_NAME = "employees";

maxkey-core/src/main/java/org/maxkey/constants/ConstantsStatus.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsStatus.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsStatus {
+public final class ConstsStatus {
 	
     public static final int ACTIVE 		= 1;
 

maxkey-core/src/main/java/org/maxkey/constants/ConstantsTimeInterval.java → maxkey-core/src/main/java/org/maxkey/constants/ConstsTimeInterval.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.constants;
 
-public final class ConstantsTimeInterval {
+public final class ConstsTimeInterval {
     
     public static final Integer ONE_MINUTE 		= 60; // 1 minutes 
     

maxkey-core/src/main/java/org/maxkey/entity/PasswordPolicy.java

@@ -25,7 +25,7 @@ import javax.persistence.Id;
 import javax.persistence.Table;
 import javax.validation.constraints.NotNull;
 import org.apache.mybatis.jpa.persistence.JpaBaseEntity;
-import org.maxkey.constants.ConstantsServiceMessage;
+import org.maxkey.constants.ConstsServiceMessage;
 import org.maxkey.exception.PasswordPolicyException;
 
 /**
@@ -342,16 +342,16 @@ public class PasswordPolicy extends JpaBaseEntity implements java.io.Serializabl
 
     public void check(String username, String newPassword, String oldPassword) throws PasswordPolicyException {
         if ((1 == this.getUsername()) && newPassword.toLowerCase().contains(username.toLowerCase())) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000001);
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000001);
         }
         if (oldPassword != null && newPassword.equalsIgnoreCase(oldPassword)) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000002);
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000002);
         }
         if (newPassword.length() < this.getMinLength()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000003, this.getMinLength());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000003, this.getMinLength());
         }
         if (newPassword.length() > this.getMaxLength()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000004, this.getMaxLength());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000004, this.getMaxLength());
         }
         int numCount = 0, upperCount = 0, lowerCount = 0, spacil = 0;
         char[] chPwd = newPassword.toCharArray();
@@ -372,16 +372,16 @@ public class PasswordPolicy extends JpaBaseEntity implements java.io.Serializabl
             spacil++;
         }
         if (numCount < this.getDigits()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000005, this.getDigits());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000005, this.getDigits());
         }
         if (lowerCount < this.getLowerCase()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000006, this.getLowerCase());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000006, this.getLowerCase());
         }
         if (upperCount < this.getUpperCase()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000007, this.getUpperCase());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000007, this.getUpperCase());
         }
         if (spacil < this.getSpecialChar()) {
-            throw new PasswordPolicyException(ConstantsServiceMessage.PASSWORDPOLICY.XW00000008, this.getSpecialChar());
+            throw new PasswordPolicyException(ConstsServiceMessage.PASSWORDPOLICY.XW00000008, this.getSpecialChar());
         }
     }
 

maxkey-core/src/main/java/org/maxkey/entity/RolePermissions.java

@@ -25,7 +25,7 @@ import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.Table;
 import org.apache.mybatis.jpa.persistence.JpaBaseEntity;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.web.WebContext;
 
 @Entity
@@ -44,7 +44,7 @@ public class RolePermissions  extends JpaBaseEntity implements Serializable {
     @Column
     String resourceId;
     
-    int status = ConstantsStatus.ACTIVE;
+    int status = ConstsStatus.ACTIVE;
 	@Column
 	private String instId;
 

maxkey-core/src/main/java/org/maxkey/entity/apps/Apps.java

@@ -27,7 +27,7 @@ import javax.persistence.Id;
 import javax.persistence.Table;
 
 import org.apache.mybatis.jpa.persistence.JpaBaseEntity;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.Accounts;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -168,7 +168,7 @@ public class Apps extends JpaBaseEntity implements Serializable {
     
     public Apps() {
         super();
-        isSignature = Boolean.FALSE;
+        isSignature = ConstsBoolean.FALSE;
         credential = CREDENTIALS.NONE;
     }
 

maxkey-core/src/main/java/org/maxkey/persistence/repository/InstitutionsRepository.java

@@ -23,8 +23,7 @@ import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.TimeUnit;
 
-import org.maxkey.constants.ConstantsStatus;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Institutions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -38,15 +37,15 @@ public class InstitutionsRepository {
     private static Logger _logger = LoggerFactory.getLogger(InstitutionsRepository.class);
     
     private static final String SELECT_STATEMENT = 
-    						"select * from  mxk_institutions where domain = ? and status = " + ConstantsStatus.ACTIVE;
+    						"select * from  mxk_institutions where domain = ? and status = " + ConstsStatus.ACTIVE;
 
     private static final String SELECT_STATEMENT_BY_ID = 
-    						"select * from  mxk_institutions where id = ? and status = " + ConstantsStatus.ACTIVE;
+    						"select * from  mxk_institutions where id = ? and status = " + ConstsStatus.ACTIVE;
 
     protected static final Cache<String, Institutions> institutionsStore = 
             Caffeine.newBuilder()
-                .expireAfterWrite(ConstantsTimeInterval.ONE_HOUR, TimeUnit.SECONDS)
-                .build();
+                	.expireAfterWrite(60, TimeUnit.MINUTES)
+                	.build();
     
     //id domain mapping
     protected static final  ConcurrentHashMap<String,String> mapper = new ConcurrentHashMap<String,String>();
@@ -66,10 +65,12 @@ public class InstitutionsRepository {
 	        
 	        if (institutions != null && institutions.size() > 0) {
 	        	inst = institutions.get(0);
+	        	institutionsStore.put(domain, inst);
+		        mapper.put(inst.getId(), domain);
+	        }else {
+	        	//default institution
+	        	inst = get("1"); 
 	        }
-	        
-	        institutionsStore.put(domain, inst);
-	        mapper.put(inst.getId(), domain);
         }
         
         return inst;
@@ -77,7 +78,7 @@ public class InstitutionsRepository {
     
     public Institutions get(String instId) {
         _logger.trace(" instId {}" , instId);
-        Institutions inst = institutionsStore.getIfPresent(mapper.get(instId));
+        Institutions inst = institutionsStore.getIfPresent(mapper.get(instId)==null ? "1" : mapper.get(instId) );
         if(inst == null) {
 	        List<Institutions> institutions = 
 	        		jdbcTemplate.query(SELECT_STATEMENT_BY_ID,new InstitutionsRowMapper(),instId);

maxkey-core/src/main/java/org/maxkey/persistence/repository/LocalizationRepository.java

@@ -23,7 +23,7 @@ import java.util.Locale;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Pattern;
 
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.entity.Localization;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -48,7 +48,7 @@ public class LocalizationRepository {
 	
     protected static final Cache<String, String> localizationStore = 
             Caffeine.newBuilder()
-                .expireAfterWrite(ConstantsTimeInterval.ONE_HOUR, TimeUnit.SECONDS)
+                .expireAfterWrite(ConstsTimeInterval.ONE_HOUR, TimeUnit.SECONDS)
                 .build();
 
 	public LocalizationRepository() {

maxkey-core/src/main/java/org/maxkey/persistence/repository/LoginRepository.java

@@ -24,7 +24,7 @@ import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
 
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Groups;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.util.StringUtils;
@@ -129,9 +129,9 @@ public class LoginRepository {
         try {
             if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                 jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
-                        new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
+                        new Object[] { ConstsStatus.LOCK, new Date(), userInfo.getId() },
                         new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
-                userInfo.setIsLocked(ConstantsStatus.LOCK);
+                userInfo.setIsLocked(ConstsStatus.LOCK);
             }
         } catch (Exception e) {
             _logger.error("lockUser Exception",e);
@@ -147,9 +147,9 @@ public class LoginRepository {
         try {
             if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                 jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
-                        new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
+                        new Object[] { ConstsStatus.ACTIVE, new Date(), userInfo.getId() },
                         new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
-                userInfo.setIsLocked(ConstantsStatus.ACTIVE);
+                userInfo.setIsLocked(ConstsStatus.ACTIVE);
             }
         } catch (Exception e) {
             _logger.error("unlockUser Exception",e);
@@ -165,9 +165,9 @@ public class LoginRepository {
         try {
             if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                 jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
-                        new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
+                        new Object[] { 0, ConstsStatus.ACTIVE, new Date(), userInfo.getId() },
                         new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
-                userInfo.setIsLocked(ConstantsStatus.ACTIVE);
+                userInfo.setIsLocked(ConstsStatus.ACTIVE);
             }
         } catch (Exception e) {
             _logger.error("resetBadPasswordCountAndLockout Exception",e);

maxkey-core/src/main/java/org/maxkey/persistence/repository/PasswordPolicyRepository.java

@@ -23,7 +23,7 @@ import java.sql.SQLException;
 import java.util.ArrayList;
 import java.util.concurrent.TimeUnit;
 
-import org.maxkey.constants.ConstantsProperties;
+import org.maxkey.constants.ConstsProperties;
 import org.maxkey.entity.PasswordPolicy;
 import org.passay.CharacterOccurrencesRule;
 import org.passay.CharacterRule;
@@ -139,7 +139,7 @@ public class PasswordPolicyRepository {
                 try {
                     ClassPathResource dictFile= 
                             new ClassPathResource(
-                                    ConstantsProperties.classPathResource(topWeakPasswordPropertySource));
+                                    ConstsProperties.classPathResource(topWeakPasswordPropertySource));
                     Dictionary dictionary =new DictionaryBuilder().addReader(new InputStreamReader(dictFile.getInputStream())).build();
                     passwordPolicyRuleList.add(new DictionaryRule(dictionary));
                 }catch(Exception e) {

maxkey-core/src/main/java/org/maxkey/persistence/repository/PasswordPolicyValidator.java

@@ -22,8 +22,8 @@ import java.util.Date;
 import org.joda.time.DateTime;
 import org.joda.time.Duration;
 import org.joda.time.format.DateTimeFormat;
-import org.maxkey.constants.ConstantsPasswordSetType;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsPasswordSetType;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.crypto.password.PasswordGen;
 import org.maxkey.entity.PasswordPolicy;
 import org.maxkey.entity.UserInfo;
@@ -149,14 +149,14 @@ public class PasswordPolicyValidator {
         }
         
         //locked
-        if(userInfo.getIsLocked()==ConstantsStatus.LOCK) {
+        if(userInfo.getIsLocked()==ConstsStatus.LOCK) {
             throw new BadCredentialsException(
                                 userInfo.getUsername()+ " "+
                                 WebContext.getI18nValue("login.error.locked")
                                 );
         }
         // inactive
-        if(userInfo.getStatus()!=ConstantsStatus.ACTIVE) {
+        if(userInfo.getStatus()!=ConstsStatus.ACTIVE) {
             throw new BadCredentialsException(
                                 userInfo.getUsername()+ 
                                 WebContext.getI18nValue("login.error.inactive") 
@@ -173,16 +173,16 @@ public class PasswordPolicyValidator {
        //initial password need change
        if(userInfo.getLoginCount()<=0) {
            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
-                   ConstantsPasswordSetType.INITIAL_PASSWORD);
+                   ConstsPasswordSetType.INITIAL_PASSWORD);
        }
        
-       if (userInfo.getPasswordSetType() != ConstantsPasswordSetType.PASSWORD_NORMAL) {
+       if (userInfo.getPasswordSetType() != ConstsPasswordSetType.PASSWORD_NORMAL) {
            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
                        userInfo.getPasswordSetType());
            return;
        } else {
            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
-                   ConstantsPasswordSetType.PASSWORD_NORMAL);
+                   ConstsPasswordSetType.PASSWORD_NORMAL);
        }
 
        /*
@@ -206,7 +206,7 @@ public class PasswordPolicyValidator {
                 );
            if (intDuration > passwordPolicy.getExpiration()) {
                WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
-                       ConstantsPasswordSetType.PASSWORD_EXPIRED);
+                       ConstsPasswordSetType.PASSWORD_EXPIRED);
            }
        }
        
@@ -222,9 +222,9 @@ public class PasswordPolicyValidator {
        try {
            if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                jdbcTemplate.update(LOCK_USER_UPDATE_STATEMENT,
-                       new Object[] { ConstantsStatus.LOCK, new Date(), userInfo.getId() },
+                       new Object[] { ConstsStatus.LOCK, new Date(), userInfo.getId() },
                        new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
-               userInfo.setIsLocked(ConstantsStatus.LOCK);
+               userInfo.setIsLocked(ConstsStatus.LOCK);
            }
        } catch (Exception e) {
            _logger.error("lockUser Exception",e);
@@ -241,9 +241,9 @@ public class PasswordPolicyValidator {
        try {
            if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                jdbcTemplate.update(UNLOCK_USER_UPDATE_STATEMENT,
-                       new Object[] { ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
+                       new Object[] { ConstsStatus.ACTIVE, new Date(), userInfo.getId() },
                        new int[] { Types.VARCHAR, Types.TIMESTAMP, Types.VARCHAR });
-               userInfo.setIsLocked(ConstantsStatus.ACTIVE);
+               userInfo.setIsLocked(ConstsStatus.ACTIVE);
            }
        } catch (Exception e) {
            _logger.error("unlockUser Exception",e);
@@ -259,9 +259,9 @@ public class PasswordPolicyValidator {
        try {
            if (userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
                jdbcTemplate.update(BADPASSWORDCOUNT_RESET_UPDATE_STATEMENT,
-                       new Object[] { 0, ConstantsStatus.ACTIVE, new Date(), userInfo.getId() },
+                       new Object[] { 0, ConstsStatus.ACTIVE, new Date(), userInfo.getId() },
                        new int[] { Types.INTEGER, Types.INTEGER, Types.TIMESTAMP, Types.VARCHAR });
-               userInfo.setIsLocked(ConstantsStatus.ACTIVE);
+               userInfo.setIsLocked(ConstsStatus.ACTIVE);
            }
        } catch (Exception e) {
            _logger.error("resetAttempts Exception",e);

maxkey-core/src/main/java/org/maxkey/web/tag/ThemeTagDirective.java

@@ -27,7 +27,7 @@ import java.util.Map;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -77,7 +77,7 @@ public class ThemeTagDirective implements TemplateDirectiveModel {
                 && null != WebContext.getUserInfo()) {
             request.setAttribute(WebConstants.THEME_COOKIE_NAME, "theme");
             WebContext.setCookie(response, null,
-                    WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
+                    WebConstants.THEME_COOKIE_NAME, theme, ConstsTimeInterval.ONE_WEEK);
         }
         
         env.getOut().append(theme == null ? "default" : theme);

maxkey-identitys/maxkey-identity-scim/src/main/java/org/maxkey/identity/scim/controller/ScimUserController.java

@@ -21,7 +21,7 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
 import org.apache.mybatis.jpa.persistence.JpaPageResults;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Groups;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.identity.scim.resources.ScimEnterprise;
@@ -179,7 +179,7 @@ public class ScimUserController {
     	scimUser.setTimezone(userInfo.getTimeZone());
     	scimUser.setLocale(userInfo.getLocale());
     	scimUser.setPreferredLanguage(userInfo.getPreferredLanguage());
-    	scimUser.setActive(userInfo.getStatus() == ConstantsStatus.ACTIVE);
+    	scimUser.setActive(userInfo.getStatus() == ConstsStatus.ACTIVE);
     	
     	List<ScimUserEmail> emails = new ArrayList<ScimUserEmail>(); 
     	if(StringUtils.isNotBlank(userInfo.getEmail())){

maxkey-identitys/maxkey-synchronizers-reorgdept/src/main/java/org/maxkey/synchronizer/workweixin/service/ReorgDeptService.java

@@ -20,7 +20,7 @@ package org.maxkey.synchronizer.workweixin.service;
 import java.util.HashMap;
 import java.util.List;
 
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Organizations;
 import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.synchronizer.ISynchronizerService;
@@ -48,7 +48,7 @@ public class ReorgDeptService extends AbstractSynchronizerService implements ISy
 			
 			for(Organizations org :listOrg) {
 				_logger.info("Dept "+(++responseCount)+" : " + org);
-				org.setStatus(ConstantsStatus.ACTIVE);
+				org.setStatus(ConstsStatus.ACTIVE);
 				organizationsService.update(org);
 			}
 			

maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/InstitutionsMapper.java

@@ -18,11 +18,11 @@
 package org.maxkey.persistence.mapper;
 import org.apache.ibatis.annotations.Select;
 import org.apache.mybatis.jpa.persistence.IJpaBaseMapper;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Institutions;
 
 public interface InstitutionsMapper extends IJpaBaseMapper<Institutions> {
 
-	@Select("select * from  mxk_institutions where domain = #{value} and status = " + ConstantsStatus.ACTIVE)
+	@Select("select * from  mxk_institutions where domain = #{value} and status = " + ConstsStatus.ACTIVE)
 	public Institutions findByDomain(String domain);
 }

maxkey-persistence/src/main/java/org/maxkey/persistence/mapper/UserInfoMapper.java

@@ -22,7 +22,7 @@ import java.util.List;
 import org.apache.ibatis.annotations.Select;
 import org.apache.ibatis.annotations.Update;
 import org.apache.mybatis.jpa.persistence.IJpaBaseMapper;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Organizations;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.UserInfoAdjoint;
@@ -37,10 +37,10 @@ public interface UserInfoMapper  extends IJpaBaseMapper<UserInfo>{
 	//login query
 	public UserInfo findByAppIdAndUsername(UserInfo userInfo);
 	
-	@Select("select * from  mxk_userinfo where username = #{value} and status = " + ConstantsStatus.ACTIVE)
+	@Select("select * from  mxk_userinfo where username = #{value} and status = " + ConstsStatus.ACTIVE)
 	public UserInfo findByUsername(String username);
 	
-	@Select("select * from  mxk_userinfo where ( email = #{value} or mobile= #{value} ) and status = " + ConstantsStatus.ACTIVE)
+	@Select("select * from  mxk_userinfo where ( email = #{value} or mobile= #{value} ) and status = " + ConstsStatus.ACTIVE)
 	public UserInfo findByEmailMobile(String emailMobile);
 	 
 	public List<Organizations> findDeptsByUserId(String userId);

maxkey-persistence/src/main/java/org/maxkey/persistence/service/AccountsService.java

@@ -20,7 +20,7 @@ package org.maxkey.persistence.service;
 import java.util.List;
 
 import org.apache.mybatis.jpa.persistence.JpaBaseService;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.Accounts;
 import org.maxkey.entity.AccountsStrategy;
@@ -144,7 +144,7 @@ public class AccountsService  extends JpaBaseService<Accounts>{
            account.setRelatedPassword(PasswordReciprocal.getInstance().encode(userInfoService.randomPassword()));
            
            account.setCreateType("automatic");
-           account.setStatus(ConstantsStatus.ACTIVE);
+           account.setStatus(ConstsStatus.ACTIVE);
            account.setStrategyId(strategy.getId());
            
            insert(account);

maxkey-persistence/src/main/java/org/maxkey/persistence/service/GroupsService.java

@@ -23,7 +23,7 @@ import java.time.LocalTime;
 import java.util.List;
 
 import org.apache.mybatis.jpa.persistence.JpaBaseService;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.entity.Groups;
 import org.maxkey.persistence.mapper.GroupsMapper;
 import org.maxkey.util.StringUtils;
@@ -76,7 +76,7 @@ public class GroupsService  extends JpaBaseService<Groups> implements Serializab
 	}
 	
 	public void refreshDynamicGroups(Groups dynamicGroup){
-	    if(dynamicGroup.getDynamic().equals(ConstantsStatus.ACTIVE+"")) {
+	    if(dynamicGroup.getDynamic().equals(ConstsStatus.ACTIVE+"")) {
 	        boolean isDynamicTimeSupport = false;
 	        boolean isBetweenEffectiveTime = false;
 	        if(StringUtils.isNotBlank(dynamicGroup.getResumeTime())

maxkey-persistence/src/main/java/org/maxkey/persistence/service/UserInfoService.java

@@ -19,7 +19,7 @@ package org.maxkey.persistence.service;
 
 
 import org.apache.mybatis.jpa.persistence.JpaBaseService;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.Accounts;
 import org.maxkey.entity.ChangePassword;
@@ -128,7 +128,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	
     //更新账号状态
     public void accountUpdate(UserInfo userInfo) {
-        if(userInfo.getStatus() != ConstantsStatus.ACTIVE) {
+        if(userInfo.getStatus() != ConstsStatus.ACTIVE) {
             if(accountsService==null) {
                 accountsService = 
                        WebContext.getBean("accountsService",AccountsService.class); 
@@ -136,7 +136,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
             Accounts queryAcount =new Accounts();
             queryAcount.setUserId(userInfo.getId());
             for (Accounts acount : accountsService.query(queryAcount)) {
-                acount.setStatus(ConstantsStatus.INACTIVE);
+                acount.setStatus(ConstsStatus.INACTIVE);
                 accountsService.update(acount);
             }
         }
@@ -322,7 +322,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	public void updateLocked(UserInfo userInfo) {
 		try {
 			if(userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
-				userInfo.setIsLocked(ConstantsStatus.STOP);
+				userInfo.setIsLocked(ConstsStatus.STOP);
 				getMapper().updateLocked(userInfo);
 			}
 		} catch(Exception e) {
@@ -337,7 +337,7 @@ public class UserInfoService extends JpaBaseService<UserInfo> {
 	public void updateLockout(UserInfo userInfo) {
 		try {
 			if(userInfo != null && StringUtils.isNotEmpty(userInfo.getId())) {
-				userInfo.setIsLocked(ConstantsStatus.START);
+				userInfo.setIsLocked(ConstsStatus.START);
 				userInfo.setBadPasswordCount(0);
 				getMapper().updateLockout(userInfo);
 			}

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java

@@ -23,7 +23,7 @@ package org.maxkey.authz.endpoint;
 import javax.servlet.http.HttpServletRequest;
 
 
-import org.maxkey.constants.ConstantsProtocols;
+import org.maxkey.constants.ConstsProtocols;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.persistence.service.AppsCasDetailsService;
 import org.maxkey.web.WebConstants;
@@ -61,25 +61,25 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 		Apps  app=getApp(id);
 		WebContext.setAttribute(WebConstants.SINGLE_SIGN_ON_APP_ID, app.getId());
 		
-		if(app.getProtocol().equalsIgnoreCase(ConstantsProtocols.EXTEND_API)){
+		if(app.getProtocol().equalsIgnoreCase(ConstsProtocols.EXTEND_API)){
 			modelAndView=WebContext.forward("/authz/api/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.FORMBASED)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.FORMBASED)){
 			 modelAndView=WebContext.forward("/authz/formbased/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH20)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.OAUTH20)){
 			 modelAndView=WebContext.forward("/authz/oauth/v20/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH21)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.OAUTH21)){
 		    modelAndView=WebContext.redirect(app.getLoginUrl());
-        }else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.OPEN_ID_CONNECT10)){
+        }else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.OPEN_ID_CONNECT10)){
             modelAndView=WebContext.forward("/authz/oauth/v20/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.SAML20)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.SAML20)){
 			 modelAndView=WebContext.forward("/authz/saml20/idpinit/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.TOKENBASED)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.TOKENBASED)){
 			modelAndView=WebContext.forward("/authz/tokenbased/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.CAS)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)){
 			modelAndView=WebContext.forward("/authz/cas/"+app.getId());
-		}else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.JWT)){
+		}else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.JWT)){
             modelAndView=WebContext.forward("/authz/jwt/"+app.getId());
-        }else if (app.getProtocol().equalsIgnoreCase(ConstantsProtocols.BASIC)){
+        }else if (app.getProtocol().equalsIgnoreCase(ConstsProtocols.BASIC)){
 			modelAndView=WebContext.redirect(app.getLoginUrl());
 		}
 		

maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/adapter/AbstractAuthorizeAdapter.java

@@ -20,7 +20,7 @@ package org.maxkey.authz.endpoint.adapter;
 import java.io.UnsupportedEncodingException;
 import org.apache.commons.codec.binary.Hex;
 import org.maxkey.authn.SigninPrincipal;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.crypto.Base64Utils;
 import org.maxkey.crypto.ReciprocalUtils;
 import org.maxkey.crypto.cert.CertSigner;
@@ -43,7 +43,7 @@ public abstract class AbstractAuthorizeAdapter {
 	public abstract String generateInfo(SigninPrincipal authentication,UserInfo userInfo,Object app);
 	
 	public String  sign(String data,Apps app){
-		if(Boolean.isTrue(app.getIsSignature())){
+		if(ConstsBoolean.isTrue(app.getIsSignature())){
 			KeyStoreLoader keyStoreLoader=WebContext.getBean("keyStoreLoader",KeyStoreLoader.class);
 			try {	
 				byte[] signature= CertSigner.sign(data.getBytes(), keyStoreLoader.getKeyStore(), keyStoreLoader.getEntityName(), keyStoreLoader.getKeystorePassword());

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java

@@ -31,7 +31,7 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.util.Instance;
 import org.maxkey.util.StringUtils;
@@ -218,7 +218,7 @@ For all error codes, it is RECOMMENDED that CAS provide a more detailed message
 				httpRequestAdapter.post(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null);		
 			}
 			
-			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
+			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(principal);
 				adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
@@ -328,7 +328,7 @@ Response on ticket validation failure:
 			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
 			
-			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
+			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(principal);
 				adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java

@@ -32,7 +32,7 @@ import org.maxkey.authz.cas.endpoint.ticket.ProxyGrantingTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.ProxyTicketImpl;
 import org.maxkey.authz.cas.endpoint.ticket.Ticket;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.util.Instance;
 import org.maxkey.util.StringUtils;
@@ -101,7 +101,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 				httpRequestAdapter.post(pgtUrl+"?pgtId="+proxyGrantingTicket+"&pgtIou="+proxyGrantingTicketIOU,null);		
 			}
 			
-			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
+			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(principal);
 				adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);
@@ -175,7 +175,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 			_logger.debug("principal "+principal);
 			serviceResponseBuilder.success().setUser(principal);
 			
-			if(Boolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
+			if(ConstsBoolean.isTrue(storedTicket.getCasDetails().getIsAdapter())){
 				AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(storedTicket.getCasDetails().getAdapter());
 				UserInfo userInfo = (UserInfo) userInfoService.findByUsername(principal);
 				adapter.generateInfo(authentication,userInfo, serviceResponseBuilder);

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/adapter/CasDefaultAdapter.java

@@ -66,7 +66,7 @@ public class CasDefaultAdapter extends AbstractAuthorizeAdapter {
 		serviceResponseBuilder.setAttribute("department", base64Attr(userInfo.getDepartment()));
 		serviceResponseBuilder.setAttribute("departmentId", userInfo.getDepartmentId());
 		serviceResponseBuilder.setAttribute("workRegion",base64Attr(userInfo.getWorkRegion()));
-		
+		serviceResponseBuilder.setAttribute("institution", userInfo.getInstId());
 		serviceResponseBuilder.setAttribute(WebConstants.ONLINE_TICKET_NAME,authentication.getOnlineTicket().getTicketId());
 	
 		return null;

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/pgt/ProxyGrantingTicketServicesFactory.java

@@ -18,7 +18,7 @@
 package org.maxkey.authz.cas.endpoint.ticket.pgt;
 
 import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -32,13 +32,13 @@ public class ProxyGrantingTicketServicesFactory {
             JdbcTemplate jdbcTemplate,
             RedisConnectionFactory redisConnFactory) {
     	TicketServices casTicketServices = null;
-        if (persistence == ConstantsPersistence.INMEMORY) {
+        if (persistence == ConstsPersistence.INMEMORY) {
             casTicketServices = new InMemoryProxyGrantingTicketServices();
             _logger.debug("InMemoryTicketServices");
-        } else if (persistence == ConstantsPersistence.JDBC) {
+        } else if (persistence == ConstsPersistence.JDBC) {
             //casTicketServices = new JdbcTicketServices(jdbcTemplate);
             _logger.debug("JdbcTicketServices not support ");
-        } else if (persistence == ConstantsPersistence.REDIS) {
+        } else if (persistence == ConstsPersistence.REDIS) {
             casTicketServices = new RedisProxyGrantingTicketServices(redisConnFactory);
             _logger.debug("RedisTicketServices");
         }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/st/TicketServicesFactory.java

@@ -18,7 +18,7 @@
 package org.maxkey.authz.cas.endpoint.ticket.st;
 
 import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -32,13 +32,13 @@ public class TicketServicesFactory {
             JdbcTemplate jdbcTemplate,
             RedisConnectionFactory redisConnFactory) {
         TicketServices casTicketServices = null;
-        if (persistence == ConstantsPersistence.INMEMORY) {
+        if (persistence == ConstsPersistence.INMEMORY) {
             casTicketServices = new InMemoryTicketServices();
             _logger.debug("InMemoryTicketServices");
-        } else if (persistence == ConstantsPersistence.JDBC) {
+        } else if (persistence == ConstsPersistence.JDBC) {
             //casTicketServices = new JdbcTicketServices(jdbcTemplate);
             _logger.debug("JdbcTicketServices not support ");
-        } else if (persistence == ConstantsPersistence.REDIS) {
+        } else if (persistence == ConstsPersistence.REDIS) {
             casTicketServices = new RedisTicketServices(redisConnFactory);
             _logger.debug("RedisTicketServices");
         }

maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/ticket/tgt/TicketGrantingTicketServicesFactory.java

@@ -18,7 +18,7 @@
 package org.maxkey.authz.cas.endpoint.ticket.tgt;
 
 import org.maxkey.authz.cas.endpoint.ticket.TicketServices;
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -32,14 +32,14 @@ public class TicketGrantingTicketServicesFactory {
             JdbcTemplate jdbcTemplate,
             RedisConnectionFactory redisConnFactory) {
         TicketServices casTicketServices = null;
-        if (persistence == ConstantsPersistence.INMEMORY) {
+        if (persistence == ConstsPersistence.INMEMORY) {
             casTicketServices = new InMemoryTicketGrantingTicketServices();
             _logger.debug("InMemoryTicketGrantingTicketServices");
-        } else if (persistence == ConstantsPersistence.JDBC) {
+        } else if (persistence == ConstsPersistence.JDBC) {
             //
             //casTicketServices = new JdbcTicketGrantingTicketServices(jdbcTemplate);
             _logger.debug("JdbcTicketGrantingTicketServices not support ");
-        } else if (persistence == ConstantsPersistence.REDIS) {
+        } else if (persistence == ConstsPersistence.REDIS) {
             casTicketServices = new RedisTicketGrantingTicketServices(redisConnFactory);
             _logger.debug("RedisTicketServices");
         }

maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java

@@ -24,7 +24,7 @@ import javax.servlet.http.HttpServletRequest;
 
 import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.Accounts;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.Apps;
@@ -57,7 +57,7 @@ public class ExtendApiAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 		Apps apps=getApp(id);
 		_logger.debug(""+apps);
 		UserInfo userInfo = WebContext.getUserInfo();
-		if(Boolean.isTrue(apps.getIsAdapter())){
+		if(ConstsBoolean.isTrue(apps.getIsAdapter())){
 			
 			AbstractAuthorizeAdapter adapter =(AbstractAuthorizeAdapter)Instance.newInstance(apps.getAdapter());
 			String username ="";

maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java

@@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.formbased.endpoint.adapter.FormBasedDefaultAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.Accounts;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.entity.apps.AppsFormBasedDetails;
@@ -82,7 +82,7 @@ public class FormBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 			
 			AbstractAuthorizeAdapter adapter;
 			
-			if(Boolean.isTrue(formBasedDetails.getIsAdapter())){
+			if(ConstsBoolean.isTrue(formBasedDetails.getIsAdapter())){
 				adapter =(AbstractAuthorizeAdapter)Instance.newInstance(formBasedDetails.getAdapter());
 			}else{
 				adapter =(AbstractAuthorizeAdapter)defaultFormBasedAdapter;

maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedDefaultAdapter.java

@@ -21,7 +21,7 @@ import java.time.Instant;
 
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.crypto.DigestUtils;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.AppsFormBasedDetails;
@@ -62,7 +62,7 @@ public class FormBasedDefaultAdapter extends AbstractAuthorizeAdapter {
         modelAndView.addObject("password",  password);
         modelAndView.addObject("timestamp",  ""+Instant.now().getEpochSecond());
 		
-	    if(Boolean.isTrue(details.getIsExtendAttr())){
+	    if(ConstsBoolean.isTrue(details.getIsExtendAttr())){
 	        modelAndView.addObject("extendAttr", details.getExtendAttr());
 	        modelAndView.addObject("isExtendAttr", true);
         }else{

maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedNetease163EmailAdapter.java

@@ -19,7 +19,7 @@ package org.maxkey.authz.formbased.endpoint.adapter;
 
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.AppsFormBasedDetails;
 import org.springframework.web.servlet.ModelAndView;
@@ -44,7 +44,7 @@ public class FormBasedNetease163EmailAdapter extends AbstractAuthorizeAdapter {
 		modelAndView.addObject("email", details.getAppUser().getRelatedUsername());
 		modelAndView.addObject("password",  details.getAppUser().getRelatedPassword());
 		
-		if(Boolean.isTrue(details.getIsExtendAttr())){
+		if(ConstsBoolean.isTrue(details.getIsExtendAttr())){
 			modelAndView.addObject("extendAttr", details.getExtendAttr());
 			modelAndView.addObject("isExtendAttr", true);
 		}else{

maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/adapter/FormBasedRedirectAdapter.java

@@ -21,7 +21,7 @@ import java.time.Instant;
 
 import org.maxkey.authn.SigninPrincipal;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.crypto.DigestUtils;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.entity.apps.AppsFormBasedDetails;
@@ -75,7 +75,7 @@ public class FormBasedRedirectAdapter extends AbstractAuthorizeAdapter {
 		}
 		
 		
-		if(Boolean.isTrue(details.getIsExtendAttr())){
+		if(ConstsBoolean.isTrue(details.getIsExtendAttr())){
 			modelAndView.addObject("extendAttr", details.getExtendAttr());
 			modelAndView.addObject("isExtendAttr", true);
 		}else{

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtAdapter.java

@@ -71,6 +71,7 @@ public class JwtAdapter extends AbstractAuthorizeAdapter {
 				.claim("locale", userInfo.getLocale())
 				.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId())
 				.claim("kid", jwtSignerService.getDefaultSignerKeyId())
+				.claim("institution", userInfo.getInstId())
 				.build();
 		
 		_logger.debug("jwt Claims : "+jwtClaims);

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtDefaultAdapter.java

@@ -70,6 +70,7 @@ public class JwtDefaultAdapter extends AbstractAuthorizeAdapter {
                 .claim("locale", userInfo.getLocale())
                 .claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId())
                 .claim("kid", jwtSignerService.getDefaultSignerKeyId())
+                .claim("institution", userInfo.getInstId())
                 .build();
         
         _logger.debug("jwt Claims : "+jwtClaims);

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/jwt/endpoint/adapter/JwtHS256Adapter.java

@@ -73,6 +73,7 @@ public class JwtHS256Adapter extends AbstractAuthorizeAdapter {
 				.claim("external_id", userInfo.getId())
 				.claim("locale", userInfo.getLocale())
 				.claim("kid", "SYMMETRIC-KEY")
+				.claim("institution", userInfo.getInstId())
 				.build();
 		
 		_logger.debug("jwt Claims : "+jwtClaims);

maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java

@@ -29,7 +29,7 @@ import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.jwt.endpoint.adapter.JwtDefaultAdapter;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.entity.apps.AppsJwtDetails;
 import org.maxkey.persistence.service.AppsJwtDetailsService;
@@ -82,7 +82,7 @@ public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 		jwtDetails.setIsAdapter(application.getIsAdapter());
 		
 		AbstractAuthorizeAdapter adapter;
-		if(Boolean.isTrue(jwtDetails.getIsAdapter())){
+		if(ConstsBoolean.isTrue(jwtDetails.getIsAdapter())){
 			adapter =(AbstractAuthorizeAdapter)Instance.newInstance(jwtDetails.getAdapter());
 		}else{
 			adapter =(AbstractAuthorizeAdapter)jwtDefaultAdapter;

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/code/AuthorizationCodeServicesFactory.java

@@ -17,7 +17,7 @@
 
 package org.maxkey.authz.oauth2.provider.code;
 
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,13 +31,13 @@ public class AuthorizationCodeServicesFactory {
 	            JdbcTemplate jdbcTemplate,
 	            RedisConnectionFactory redisConnFactory) {
 	        AuthorizationCodeServices authorizationCodeServices = null;
-	        if (persistence == ConstantsPersistence.INMEMORY) {
+	        if (persistence == ConstsPersistence.INMEMORY) {
 	            authorizationCodeServices = new InMemoryAuthorizationCodeServices();
 	            _logger.debug("InMemoryAuthorizationCodeServices");
-	        } else if (persistence == ConstantsPersistence.JDBC) {
+	        } else if (persistence == ConstsPersistence.JDBC) {
 	            //authorizationCodeServices = new JdbcAuthorizationCodeServices(jdbcTemplate);
 	            _logger.debug("JdbcAuthorizationCodeServices not support "); 
-	        } else if (persistence == ConstantsPersistence.REDIS) {
+	        } else if (persistence == ConstsPersistence.REDIS) {
 	            authorizationCodeServices = new RedisAuthorizationCodeServices(redisConnFactory);
 	            _logger.debug("RedisAuthorizationCodeServices");
 	        }

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/code/AuthorizationCodeTokenGranter.java

@@ -35,7 +35,7 @@ import org.maxkey.authz.oauth2.provider.OAuth2RequestFactory;
 import org.maxkey.authz.oauth2.provider.TokenRequest;
 import org.maxkey.authz.oauth2.provider.token.AbstractTokenGranter;
 import org.maxkey.authz.oauth2.provider.token.AuthorizationServerTokenServices;
-import org.maxkey.constants.ConstantsProtocols;
+import org.maxkey.constants.ConstsProtocols;
 import org.maxkey.crypto.DigestUtils;
 import org.maxkey.entity.apps.oauth2.provider.ClientDetails;
 import org.springframework.security.core.Authentication;
@@ -124,7 +124,7 @@ public class AuthorizationCodeTokenGranter extends AbstractTokenGranter {
 		//OAuth 2.1 and PKCE Support
 		logger.debug("client Protocol "+client.getProtocol()+", PKCE Support "+
 		        (client.getPkce().equalsIgnoreCase(OAuth2Constants.PKCE_TYPE.PKCE_TYPE_YES)));
-		if(client.getProtocol().equalsIgnoreCase(ConstantsProtocols.OAUTH21)
+		if(client.getProtocol().equalsIgnoreCase(ConstsProtocols.OAUTH21)
 		        || client.getPkce().equalsIgnoreCase(OAuth2Constants.PKCE_TYPE.PKCE_TYPE_YES)) {
     		logger.trace("stored CodeChallengeMethod "+ pendingOAuth2Request.getCodeChallengeMethod());
     		logger.trace("stored CodeChallenge "+ pendingOAuth2Request.getCodeChallenge());

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/token/store/TokenStoreFactory.java

@@ -18,7 +18,7 @@
 package org.maxkey.authz.oauth2.provider.token.store;
 
 import org.maxkey.authz.oauth2.provider.token.TokenStore;
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -32,13 +32,13 @@ public class TokenStoreFactory {
 	            JdbcTemplate jdbcTemplate,
 	            RedisConnectionFactory redisConnFactory) {
 	        TokenStore tokenStore = null;
-	        if (persistence == ConstantsPersistence.INMEMORY) {
+	        if (persistence == ConstsPersistence.INMEMORY) {
 	            tokenStore = new InMemoryTokenStore();
 	            _logger.debug("InMemoryTokenStore");
-	        } else if (persistence == ConstantsPersistence.JDBC) {
+	        } else if (persistence == ConstsPersistence.JDBC) {
 	            //tokenStore = new JdbcTokenStore(jdbcTemplate);
 	            _logger.debug("JdbcTokenStore not support "); 
-	        } else if (persistence == ConstantsPersistence.REDIS) {
+	        } else if (persistence == ConstsPersistence.REDIS) {
 	            tokenStore = new RedisTokenStore(redisConnFactory);
 	            _logger.debug("RedisTokenStore");
 	        }

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OAuthDefaultUserInfoAdapter.java

@@ -48,6 +48,7 @@ public class OAuthDefaultUserInfoAdapter extends AbstractAuthorizeAdapter {
 		beanMap.put("title", userInfo.getJobTitle());
 		beanMap.put("state", userInfo.getWorkRegion());
 		beanMap.put("gender", userInfo.getGender());
+		beanMap.put("institution", userInfo.getInstId());
 		beanMap.put(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
 		
 		String info= JsonUtils.object2Json(beanMap);

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java

@@ -137,6 +137,7 @@ public class OpenIdConnectUserInfoEndpoint {
 			 SigninPrincipal authentication = (SigninPrincipal)oAuth2Authentication.getUserAuthentication().getPrincipal();
 			 
 			 jwtClaimsSetBuilder.claim("sub", userInfo.getId());
+			 jwtClaimsSetBuilder.claim("institution", userInfo.getInstId());
 			 jwtClaimsSetBuilder.claim(WebConstants.ONLINE_TICKET_NAME, authentication.getOnlineTicket().getTicketId());
 			 
 		 	if(scopes.contains("profile")){

maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java

@@ -28,7 +28,7 @@ import org.maxkey.authz.oauth2.common.exceptions.OAuth2Exception;
 import org.maxkey.authz.oauth2.provider.ClientDetailsService;
 import org.maxkey.authz.oauth2.provider.OAuth2Authentication;
 import org.maxkey.authz.oauth2.provider.token.DefaultTokenServices;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.crypto.jwt.encryption.service.JwtEncryptionAndDecryptionService;
 import org.maxkey.crypto.jwt.encryption.service.impl.RecipientJwtEncryptionAndDecryptionServiceBuilder;
 import org.maxkey.crypto.jwt.signer.service.JwtSigningAndValidationService;
@@ -132,7 +132,7 @@ public class UserInfoEndpoint {
 				 Apps app=appsService.get(client_id);
 				 
 				 AbstractAuthorizeAdapter adapter;
-				 if(Boolean.isTrue(app.getIsAdapter())){
+				 if(ConstsBoolean.isTrue(app.getIsAdapter())){
 					adapter =(AbstractAuthorizeAdapter)Instance.newInstance(app.getAdapter());
 				 }else{
 					adapter =(AbstractAuthorizeAdapter)defaultOAuthUserInfoAdapter;

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/consumer/endpoint/ConsumerEndpoint.java

@@ -43,7 +43,7 @@ import org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationExc
 import org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException;
 import org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator;
 import org.maxkey.authz.saml20.xml.SAML2ValidatorSuite;
-import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstsLoginType;
 import org.maxkey.crypto.keystore.KeyStoreLoader;
 import org.maxkey.entity.apps.AppsSAML20Details;
 import org.maxkey.persistence.service.AppsSaml20DetailsService;
@@ -187,7 +187,7 @@ public class ConsumerEndpoint {
 	
 		logger.debug("assertion.getID() ", assertion.getAuthnStatements());
 		LoginCredential loginCredential =new LoginCredential(
-		        username,"",ConstantsLoginType.SAMLTRUST);
+		        username,"",ConstsLoginType.SAMLTRUST);
         authenticationProvider.authentication(loginCredential,true);
 
 		ModelAndView mav = new ModelAndView();

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AttributeStatementGenerator.java

@@ -24,7 +24,7 @@ import java.util.Iterator;
 import java.util.Map;
 import java.util.Map.Entry;
 
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.constants.ldap.ActiveDirectoryUser;
 import org.maxkey.entity.ExtraAttr;
 import org.maxkey.entity.ExtraAttrs;
@@ -79,7 +79,7 @@ public class AttributeStatementGenerator {
 		}
 		
 		logger.debug("ExtendAttr "+saml20Details.getExtendAttr());
-		if(Boolean.isTrue(saml20Details.getIsExtendAttr()) && saml20Details.getExtendAttr() != null) {
+		if(ConstsBoolean.isTrue(saml20Details.getIsExtendAttr()) && saml20Details.getExtendAttr() != null) {
 			ExtraAttrs extraAttrs=new ExtraAttrs(saml20Details.getExtendAttr());
 			for(ExtraAttr extraAttr : extraAttrs.getExtraAttrs()) {
 				logger.debug("Attribute : "+extraAttr.getAttr()+" , Vale : "+extraAttr.getValue()+" , Type : "+extraAttr.getType());
@@ -153,6 +153,8 @@ public class AttributeStatementGenerator {
         attributeMap.put(ActiveDirectoryUser.MAIL, userInfo.getEmail());
         attributeMap.put(ActiveDirectoryUser.EMAIL, userInfo.getEmail());
         
+        attributeMap.put("institution", userInfo.getInstId());
+        
         attributeMap.put(ActiveDirectoryUser.USERSTATUS, userInfo.getStatus() + "");
         
         return attributeMap;

maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/xml/AuthnResponseGenerator.java

@@ -25,7 +25,7 @@ import org.maxkey.authz.saml.service.IDService;
 import org.maxkey.authz.saml.service.TimeService;
 import org.maxkey.authz.saml20.binding.BindingAdapter;
 import org.maxkey.authz.saml20.xml.IssuerGenerator;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.apps.AppsSAML20Details;
 import org.opensaml.Configuration;
 import org.opensaml.saml2.core.Assertion;
@@ -78,7 +78,7 @@ public class AuthnResponseGenerator {
 											attributeMap);
 		
 		//Encrypt 
-		if(Boolean.isTrue(saml20Details.getEncrypted())) {
+		if(ConstsBoolean.isTrue(saml20Details.getEncrypted())) {
 			logger.info("begin to encrypt assertion");
 			try {
 				// Assume this contains a recipient's RSA public

maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java

@@ -29,7 +29,7 @@ import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
 import org.maxkey.authz.endpoint.adapter.AbstractAuthorizeAdapter;
 import org.maxkey.authz.token.endpoint.adapter.TokenBasedDefaultAdapter;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.Boolean;
+import org.maxkey.constants.ConstsBoolean;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.entity.apps.AppsTokenBasedDetails;
 import org.maxkey.persistence.service.AppsTokenBasedDetailsService;
@@ -81,7 +81,7 @@ public class TokenBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 		tokenBasedDetails.setIsAdapter(application.getIsAdapter());
 		
 		AbstractAuthorizeAdapter adapter;
-		if(Boolean.isTrue(tokenBasedDetails.getIsAdapter())){
+		if(ConstsBoolean.isTrue(tokenBasedDetails.getIsAdapter())){
 			adapter =(AbstractAuthorizeAdapter)Instance.newInstance(tokenBasedDetails.getAdapter());
 		}else{
 			adapter =(AbstractAuthorizeAdapter)defaultTokenBasedAdapter;

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java

@@ -25,32 +25,23 @@ import java.util.List;
 import java.util.stream.Collectors;
 
 import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm;
-import org.maxkey.authn.realm.ldap.LdapAuthenticationRealm;
-import org.maxkey.authn.realm.ldap.LdapServer;
-import org.maxkey.authn.realm.AbstractAuthenticationRealm;
-import org.maxkey.authn.realm.IAuthenticationServer;
-import org.maxkey.authn.realm.activedirectory.ActiveDirectoryAuthenticationRealm;
-import org.maxkey.authn.realm.activedirectory.ActiveDirectoryServer;
+import org.maxkey.authn.realm.ldap.LdapAuthenticationRealmService;
 import org.maxkey.authn.support.kerberos.KerberosProxy;
 import org.maxkey.authn.support.kerberos.RemoteKerberosService;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.configuration.EmailConfig;
-import org.maxkey.constants.ConstantsPersistence;
+import org.maxkey.constants.ConstsPersistence;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
 import org.maxkey.password.onetimepwd.algorithm.OtpKeyUriFormat;
 import org.maxkey.password.onetimepwd.impl.MailOtpAuthn;
-import org.maxkey.password.onetimepwd.impl.SmsOtpAuthn;
 import org.maxkey.password.onetimepwd.impl.TimeBasedOtpAuthn;
-import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnAliyun;
-import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnTencentCloud;
-import org.maxkey.password.onetimepwd.impl.sms.SmsOtpAuthnYunxin;
 import org.maxkey.password.onetimepwd.token.RedisOtpTokenStore;
-import org.maxkey.persistence.ldap.ActiveDirectoryUtils;
-import org.maxkey.persistence.ldap.LdapUtils;
 import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
 import org.maxkey.persistence.repository.LoginRepository;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
+import org.maxkey.persistence.service.LdapContextService;
 import org.maxkey.persistence.service.UserInfoService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -59,7 +50,6 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.StandardEnvironment;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.jdbc.core.JdbcTemplate;
@@ -105,48 +95,6 @@ public class MaxKeyConfig  implements InitializingBean {
         return otpKeyUriFormat;
     }
     
-    public AbstractAuthenticationRealm ldapAuthenticationRealm(
-    			boolean ldapSupport,
-    			boolean ldapJit,
-    			String providerUrl,
-    			String principal,
-    			String credentials,
-    			String filter,
-    			String baseDN,
-    			String domain,
-    			String product,
-                JdbcTemplate jdbcTemplate) {
-    	
-    	AbstractAuthenticationRealm authenticationRealm =null;
-    	if(ldapSupport) {
-	    	if(product.equalsIgnoreCase("activedirectory")) {
-	    		ActiveDirectoryAuthenticationRealm activeDirectoryAuthenticationRealm = new ActiveDirectoryAuthenticationRealm(jdbcTemplate);
-	            ActiveDirectoryServer ldapServer=new ActiveDirectoryServer();
-	            ActiveDirectoryUtils ldapUtils = new ActiveDirectoryUtils(providerUrl,principal,credentials,domain);
-	            ldapServer.setActiveDirectoryUtils(ldapUtils);
-	            
-	            List<IAuthenticationServer> ldapServers = new ArrayList<IAuthenticationServer>();
-	            ldapServers.add(ldapServer);
-	            activeDirectoryAuthenticationRealm.setActiveDirectoryServers(ldapServers);
-	            authenticationRealm = activeDirectoryAuthenticationRealm;
-	            _logger.debug("ActiveDirectoryAuthenticationRealm inited.");
-	    	}else {
-	    		LdapAuthenticationRealm ldapAuthenticationRealm = new LdapAuthenticationRealm(jdbcTemplate);
-		        LdapServer ldapServer=new LdapServer();
-		        LdapUtils ldapUtils = new LdapUtils(providerUrl,principal,credentials,baseDN);
-		        ldapServer.setLdapUtils(ldapUtils);
-		        ldapServer.setFilterAttribute(filter);
-		        List<IAuthenticationServer> ldapServers = new ArrayList<IAuthenticationServer>();
-		        ldapServers.add(ldapServer);
-		        ldapAuthenticationRealm.setLdapServers(ldapServers);
-		        authenticationRealm = ldapAuthenticationRealm;
-		        _logger.debug("LdapAuthenticationRealm inited.");
-	    	}
-    	}
-        return authenticationRealm;
-        
-    }
-    
     //可以在此实现其他的登陆认证方式，请实现AbstractAuthenticationRealm
     @Bean(name = "authenticationRealm")
     public JdbcAuthenticationRealm authenticationRealm(
@@ -157,22 +105,9 @@ public class MaxKeyConfig  implements InitializingBean {
 	    		AbstractRemeberMeService remeberMeService,
 	    		UserInfoService userInfoService,
                 JdbcTemplate jdbcTemplate,
-                @Value("${maxkey.login.ldap.enable:false}")boolean ldapSupport,
-    			@Value("${maxkey.login.ldap.jit:false}")boolean ldapJit,
-    			@Value("${maxkey.login.ldap.providerurl}")String providerUrl,
-    			@Value("${maxkey.login.ldap.principal}")String principal,
-    			@Value("${maxkey.login.ldap.credentials}")String credentials,
-    			@Value("${maxkey.login.ldap.filter}")String filter,
-    			@Value("${maxkey.login.ldap.basedn}")String baseDN,
-    			@Value("${maxkey.login.ldap.activedirectory.domain}")String domain,
-    			@Value("${maxkey.login.ldap.product:openldap}")String product) {
-    	AbstractAuthenticationRealm ldapAuthenticationRealm = 
-    			ldapAuthenticationRealm(
-					ldapSupport,ldapJit,
-					providerUrl,principal,credentials,
-					filter,baseDN,domain,product,
-					jdbcTemplate
-				);
+                OtpAuthnService otpAuthnService,
+                LdapContextService ldapContextService) {
+    	LdapAuthenticationRealmService ldapRealmService = new LdapAuthenticationRealmService(ldapContextService);
         JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(
         		passwordEncoder,
         		passwordPolicyValidator,
@@ -181,8 +116,7 @@ public class MaxKeyConfig  implements InitializingBean {
         		remeberMeService,
         		userInfoService,
         		jdbcTemplate,
-        		ldapAuthenticationRealm,
-        		ldapSupport
+        		ldapRealmService
         	);
         
         return authenticationRealm;
@@ -211,7 +145,7 @@ public class MaxKeyConfig  implements InitializingBean {
         AbstractOtpAuthn tfaOtpAuthn  = new TimeBasedOtpAuthn(digits , period);
         _logger.debug("TimeBasedOtpAuthn inited.");
 
-        if (persistence == ConstantsPersistence.REDIS) {
+        if (persistence == ConstsPersistence.REDIS) {
             RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
             tfaOtpAuthn.setOptTokenStore(redisOptTokenStore);
         }
@@ -252,32 +186,6 @@ public class MaxKeyConfig  implements InitializingBean {
         return mailOtpAuthn;
     }
     
-    @Bean(name = "smsOtpAuthn")
-    public SmsOtpAuthn smsOtpAuthn(
-            @Value("${maxkey.otp.sms.provider}")String provider,
-            @Value("${maxkey.server.persistence}") int persistence,
-            StandardEnvironment environment,
-            RedisConnectionFactory redisConnFactory) {
-        SmsOtpAuthn smsOtpAuthn = null;
-        if(provider.equalsIgnoreCase("aliyun")) {
-            smsOtpAuthn = new SmsOtpAuthnAliyun();
-        }else if(provider.equalsIgnoreCase("tencentcloud")) {
-            smsOtpAuthn = new SmsOtpAuthnTencentCloud();
-        }else {
-            smsOtpAuthn = new SmsOtpAuthnYunxin();
-        }
-        if (persistence == ConstantsPersistence.REDIS) {
-            RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
-            smsOtpAuthn.setOptTokenStore(redisOptTokenStore);
-        }
-        
-        smsOtpAuthn.setProperties(environment);
-        smsOtpAuthn.initPropertys();
-        
-        _logger.debug("SmsOtpAuthn {} inited." ,smsOtpAuthn.getClass().getCanonicalName());
-        return smsOtpAuthn;
-    }
-    
     
     @Bean(name = "kerberosService")
     public RemoteKerberosService kerberosService(

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/AppListController.java

@@ -21,9 +21,9 @@ import java.security.Principal;
 import java.util.List;
 
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsOperateMessage;
-import org.maxkey.constants.ConstantsProtocols;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsOperateMessage;
+import org.maxkey.constants.ConstsProtocols;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.Accounts;
 import org.maxkey.entity.UserInfo;
@@ -183,10 +183,10 @@ public class AppListController {
 
             userInfoService.updateProtectedApps(userInfo);
         } else {
-            return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR), MessageType.error);
+            return new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_ERROR), MessageType.error);
         }
 
-        return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS), MessageType.success);
+        return new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS), MessageType.success);
     }
 
     @RequestMapping(value = { "/forward/appUserConfig/{protocol}/{credential}/{appId}" })
@@ -199,13 +199,13 @@ public class AppListController {
         UserInfo userInfo = WebContext.getUserInfo();
         if (credential == Apps.CREDENTIALS.USER_DEFINED) {
             appUsers = appUsersService.load(new Accounts(userInfo.getId(), appId));
-            if (protocol.equalsIgnoreCase(ConstantsProtocols.FORMBASED)
-                    || protocol.equalsIgnoreCase(ConstantsProtocols.BASIC) 
-                    || protocol.equalsIgnoreCase(ConstantsProtocols.EXTEND_API)) {
+            if (protocol.equalsIgnoreCase(ConstsProtocols.FORMBASED)
+                    || protocol.equalsIgnoreCase(ConstsProtocols.BASIC) 
+                    || protocol.equalsIgnoreCase(ConstsProtocols.EXTEND_API)) {
 
                 modelAndView.addObject("username", true);
                 modelAndView.addObject("password", true);
-            } else if (protocol.equalsIgnoreCase(ConstantsProtocols.SAML20)) {
+            } else if (protocol.equalsIgnoreCase(ConstsProtocols.SAML20)) {
                 modelAndView.addObject("username", true);
                 modelAndView.addObject("password", false);
             } else {
@@ -259,7 +259,7 @@ public class AppListController {
                 appUsers.setRelatedUsername(identity_username);
                 appUsers.setRelatedPassword(PasswordReciprocal.getInstance().encode(identity_password));
                 appUsers.setInstId(userInfo.getInstId());
-                appUsers.setStatus(ConstantsStatus.ACTIVE);
+                appUsers.setStatus(ConstsStatus.ACTIVE);
                 appUsersService.insert(appUsers);
             } else {
                 appUsers.setRelatedUsername(identity_username);
@@ -268,6 +268,6 @@ public class AppListController {
             }
         }
 
-        return new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS), MessageType.success);
+        return new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS), MessageType.success);
     }
 }

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ForgotPasswordContorller.java

@@ -22,6 +22,7 @@ import java.util.regex.Pattern;
 import org.maxkey.configuration.EmailConfig;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
+import org.maxkey.password.onetimepwd.OtpAuthnService;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebConstants;
@@ -70,8 +71,8 @@ public class ForgotPasswordContorller {
     protected AbstractOtpAuthn mailOtpAuthn;
     
     @Autowired
-    @Qualifier("smsOtpAuthn")
-    protected AbstractOtpAuthn smsOtpAuthn;
+    @Qualifier("otpAuthnService")
+    OtpAuthnService otpAuthnService;
     
 
     @RequestMapping(value = { "/forward" })
@@ -104,6 +105,7 @@ public class ForgotPasswordContorller {
 	            if (forgotType == ForgotType.EMAIL ) {
 	            	mailOtpAuthn.produce(userInfo);
 	            }else if (forgotType == ForgotType.MOBILE) {
+	            	AbstractOtpAuthn smsOtpAuthn = otpAuthnService.getByInstId(userInfo.getInstId());
 	            	smsOtpAuthn.produce(userInfo);
 	            }
             }
@@ -138,6 +140,8 @@ public class ForgotPasswordContorller {
             userInfo.setUsername(username);
             userInfo.setPassword(password);
             userInfo.setDecipherable(password);
+            UserInfo loadedUserInfo = userInfoService.findByUsername(username);
+            AbstractOtpAuthn smsOtpAuthn = otpAuthnService.getByInstId(loadedUserInfo.getInstId());
             if ((forgotType == ForgotType.EMAIL && mailOtpAuthn.validate(userInfo, captcha)) ||
                     (forgotType == ForgotType.MOBILE && smsOtpAuthn.validate(userInfo, captcha))
                 ) {

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/ProfileController.java

@@ -18,7 +18,7 @@
 package org.maxkey.web.contorller;
 
 import javax.validation.Valid;
-import org.maxkey.constants.ConstantsOperateMessage;
+import org.maxkey.constants.ConstsOperateMessage;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
@@ -84,12 +84,12 @@ public class ProfileController {
 
         if (userInfoService.updateProfile(userInfo) > 0) {
             new Message(
-                    WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS), 
+                    WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS), 
                     userInfo, MessageType.success,
                     OperateType.add, MessageScope.DB);
 
         } else {
-            new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR), MessageType.error);
+            new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_ERROR), MessageType.error);
         }
 
         return WebContext.redirect("/profile/myProfile");

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/RegisterController.java

@@ -26,7 +26,7 @@ import org.apache.commons.mail.HtmlEmail;
 import org.apache.ibatis.session.SqlSession;
 import org.apache.ibatis.session.SqlSessionFactory;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsStatus;
+import org.maxkey.constants.ConstsStatus;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.Register;
 import org.maxkey.entity.UserInfo;
@@ -168,7 +168,7 @@ public class RegisterController {
 				
 				userInfo.setWorkPhoneNumber(register.getWorkPhone());
 				userInfo.setEmail(register.getWorkEmail());
-				userInfo.setStatus(ConstantsStatus.ACTIVE);
+				userInfo.setStatus(ConstsStatus.ACTIVE);
 				userInfo.setDecipherable(PasswordReciprocal.getInstance().encode(password));
 				
 				password = passwordEncoder.encode(password );
@@ -223,7 +223,7 @@ public class RegisterController {
  			return new Message(WebContext.getI18nValue("register.user.error"),"1");
  		}
  		
- 		userInfo.setStatus(ConstantsStatus.ACTIVE);
+ 		userInfo.setStatus(ConstsStatus.ACTIVE);
  		
  		if(userInfoService.insert(userInfo)) {
  			return new Message(WebContext.getI18nValue("login.text.register.success"),"0");

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/contorller/SafeController.java

@@ -20,9 +20,9 @@ package org.maxkey.web.contorller;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.maxkey.constants.ConstantsOperateMessage;
-import org.maxkey.constants.ConstantsPasswordSetType;
-import org.maxkey.constants.ConstantsTimeInterval;
+import org.maxkey.constants.ConstsOperateMessage;
+import org.maxkey.constants.ConstsPasswordSetType;
+import org.maxkey.constants.ConstsTimeInterval;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.PasswordPolicyValidator;
@@ -64,11 +64,11 @@ public class SafeController {
 			@RequestParam("newPassword") String newPassword,
 			@RequestParam("confirmPassword") String confirmPassword) {
 		
-			if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstantsPasswordSetType.PASSWORD_NORMAL)) {
-				return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success);
+			if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstsPasswordSetType.PASSWORD_NORMAL)) {
+				return  new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS),MessageType.success);
 			}else {
 				return  new Message(
-				        WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR)+"<br>"
+				        WebContext.getI18nValue(ConstsOperateMessage.UPDATE_ERROR)+"<br>"
 				        +WebContext.getAttribute(PasswordPolicyValidator.PASSWORD_POLICY_VALIDATE_RESULT),
 				        MessageType.error);
 			}	
@@ -82,8 +82,8 @@ public class SafeController {
 			ModelAndView modelAndView=new ModelAndView("passwordExpired");
 	        if(newPassword ==null ||newPassword.equals("")) {
 	            
-	        }else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstantsPasswordSetType.PASSWORD_NORMAL)){
-	            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
+	        }else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstsPasswordSetType.PASSWORD_NORMAL)){
+	            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstsPasswordSetType.PASSWORD_NORMAL);
 				return WebContext.redirect("/index");
 			}
 	        
@@ -103,8 +103,8 @@ public class SafeController {
 		ModelAndView modelAndView=new ModelAndView("passwordInitial");
         if(newPassword ==null ||newPassword.equals("")) {
             
-        }else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstantsPasswordSetType.PASSWORD_NORMAL)){
-            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
+        }else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstsPasswordSetType.PASSWORD_NORMAL)){
+            WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstsPasswordSetType.PASSWORD_NORMAL);
 			return WebContext.redirect("/index");
 		}
 		
@@ -139,11 +139,11 @@ public class SafeController {
 				userInfo.setAppLoginPassword(PasswordReciprocal.getInstance().encode(newPassword));
 				boolean change= userInfoService.updateAppLoginPassword(userInfo);
 				_logger.debug(""+change);
-				return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.prompt);
+				return  new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS),MessageType.prompt);
 			}
 		}
 		
-		return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_ERROR),MessageType.error);
+		return  new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_ERROR),MessageType.error);
 		
 	}
 	
@@ -176,12 +176,12 @@ public class SafeController {
 		userInfo.setEmail(email);
 
         userInfo.setTheme(theme);
-        WebContext.setCookie(response,null, WebConstants.THEME_COOKIE_NAME, theme, ConstantsTimeInterval.ONE_WEEK);
+        WebContext.setCookie(response,null, WebConstants.THEME_COOKIE_NAME, theme, ConstsTimeInterval.ONE_WEEK);
         
 		userInfoService.updateEmail(userInfo);
 		
 		
-		return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.UPDATE_SUCCESS),MessageType.success);
+		return  new Message(WebContext.getI18nValue(ConstsOperateMessage.UPDATE_SUCCESS),MessageType.success);
 		
 	}
 	

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java

@@ -82,8 +82,8 @@ public class LoginEndpoint {
     @Qualifier("tfaOtpAuthn")
     protected AbstractOtpAuthn tfaOtpAuthn;
 	
-	@Autowired
-    @Qualifier("smsOtpAuthn")
+	//@Autowired
+    //@Qualifier("smsOtpAuthn")
     protected AbstractOtpAuthn smsOtpAuthn;
 	
 	Pattern mobileRegex = Pattern.compile(

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java

@@ -33,7 +33,7 @@ import org.maxkey.authz.singlelogout.DefaultSingleLogout;
 import org.maxkey.authz.singlelogout.LogoutType;
 import org.maxkey.authz.singlelogout.SingleLogout;
 import org.maxkey.configuration.ApplicationConfig;
-import org.maxkey.constants.ConstantsProtocols;
+import org.maxkey.constants.ConstsProtocols;
 import org.maxkey.entity.apps.Apps;
 import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
@@ -130,7 +130,7 @@ public class LogoutEndpoint {
 		            _logger.debug("App Id : "+ mapEntry.getKey()+ " , " +mapEntry.getValue());
 		            if( mapEntry.getValue().getLogoutType() == LogoutType.BACK_CHANNEL){
 		                SingleLogout singleLogout;
-		                if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstantsProtocols.CAS)) {
+		                if(mapEntry.getValue().getProtocol().equalsIgnoreCase(ConstsProtocols.CAS)) {
 		                    singleLogout =new SamlSingleLogout();
 		                }else {
 		                    singleLogout = new DefaultSingleLogout();

maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/historys/contorller/LoginSessionController.java

@@ -21,7 +21,7 @@ import java.text.SimpleDateFormat;
 import java.util.Date;
 import org.apache.mybatis.jpa.persistence.JpaPageResults;
 import org.maxkey.authn.online.OnlineTicketServices;
-import org.maxkey.constants.ConstantsOperateMessage;
+import org.maxkey.constants.ConstsOperateMessage;
 import org.maxkey.entity.HistoryLogin;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.repository.LoginHistoryRepository;
@@ -118,9 +118,9 @@ public class LoginSessionController {
         }
         
         if(isTerminated) {
-            return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.DELETE_SUCCESS),MessageType.success);
+            return  new Message(WebContext.getI18nValue(ConstsOperateMessage.DELETE_SUCCESS),MessageType.success);
         } else {
-            return  new Message(WebContext.getI18nValue(ConstantsOperateMessage.DELETE_ERROR),MessageType.error);
+            return  new Message(WebContext.getI18nValue(ConstsOperateMessage.DELETE_ERROR),MessageType.error);
         }
     }
     @InitBinder