From 1dd6682af228e1c60c172dc46a8057b470eb0983 Mon Sep 17 00:00:00 2001
From: tfhddd <2272751277@qq.com>
Date: Tue, 14 Jan 2025 11:04:44 +0800
Subject: [PATCH 1/5] =?UTF-8?q?[CHG]=E8=A7=A3=E5=86=B3etherpad=E7=99=BB?=
=?UTF-8?q?=E5=BD=95=E5=A4=B1=E8=B4=A5=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[CHG]解决openubmc隐私协议无法签署的问题
[ADD]增加创建资源方法
[FIX]绑定多个gitcode时,gitcode用户名是null
[FIX]解决代码规范检查问题
[CHG]解决etherpad登录失败问题
---
pom.xml | 6 --
.../java/com/om/dao/AuthingManagerDao.java | 95 ++++++++++++++++-
.../java/com/om/service/AuthingService.java | 4 +-
src/main/java/com/om/service/OidcService.java | 21 +++-
.../com/om/service/OneIdManageService.java | 100 ------------------
.../com/om/service/PrivacyHistoryService.java | 2 +-
.../com/om/service/SendMessageService.java | 11 +-
src/main/java/com/om/utils/AuthingUtil.java | 4 +-
src/main/java/com/om/utils/CommonUtil.java | 25 +++++
9 files changed, 148 insertions(+), 120 deletions(-)
diff --git a/pom.xml b/pom.xml
index f93db5fe..d3f83ca1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,6 @@
17
- 4.1.108.Final
6.1.14
@@ -115,11 +114,6 @@
unirest-java
3.13.8
-
- io.netty
- netty-all
- 4.1.108.Final
-
junit
junit
diff --git a/src/main/java/com/om/dao/AuthingManagerDao.java b/src/main/java/com/om/dao/AuthingManagerDao.java
index c932e558..00bb48f9 100644
--- a/src/main/java/com/om/dao/AuthingManagerDao.java
+++ b/src/main/java/com/om/dao/AuthingManagerDao.java
@@ -18,6 +18,9 @@
import cn.authing.core.types.AuthorizedTargetsParam;
import cn.authing.core.types.CommonMessage;
import cn.authing.core.types.FindUserParam;
+import cn.authing.core.types.IAction;
+import cn.authing.core.types.IResourceDto;
+import cn.authing.core.types.IResourceResponse;
import cn.authing.core.types.Identity;
import cn.authing.core.types.Operator;
import cn.authing.core.types.PaginatedAuthorizedResources;
@@ -31,6 +34,7 @@
import com.om.controller.bean.request.NamespaceInfoPage;
import com.om.dao.bean.AuthorizeInfo;
import com.om.dao.bean.UserInfo;
+import com.om.utils.CommonUtil;
import jakarta.annotation.PostConstruct;
import com.alibaba.fastjson2.JSON;
@@ -107,6 +111,11 @@ public class AuthingManagerDao {
*/
private static final String LIST_COMMON_RESOURCE = "/list-common-resource";
+ /**
+ * 创建账号.
+ */
+ private static final String CREATE_USER = "/create-user";
+
/**
* 允许的社区列表.
*/
@@ -621,7 +630,11 @@ public List listUserOfResource(String nameSpaceCode, String
}
List userIds = sourceList.stream()
.map(ResourcePermissionAssignment::getTargetIdentifier).collect(Collectors.toList());
- List users = managementClient.users().batch(userIds).execute();
+ List> splitUserIds = CommonUtil.splitList(userIds, 80);
+ List users = new ArrayList<>();
+ for (List userIdList : splitUserIds) {
+ users.addAll(managementClient.users().batch(userIdList).execute());
+ }
HashMap> identityBeanMap = new HashMap<>();
HashMap userMap = new HashMap<>();
for (User user : users) {
@@ -890,6 +903,46 @@ public String updateAccountInfo(String token, String account, String type) {
return "true";
}
+ /**
+ * 创建资源.
+ *
+ * @param namespace 命名空间
+ * @param resource 资源
+ * @param actions 操作
+ * @return 创建结果
+ */
+ public boolean createResource(String namespace, String resource, List actions) {
+ try {
+ String resourceName = convertResource(resource);
+ IResourceResponse execute = managementClient.acl().findResourceByCode(resourceName, namespace).execute();
+ if (execute != null && StringUtils.isNotBlank(execute.getCode())) {
+ return true;
+ }
+ ArrayList list = new ArrayList<>();
+ for (String action : actions) {
+ list.add(new IAction(action, null));
+ }
+ IResourceDto iResourceDto = new IResourceDto(
+ resourceName,
+ ResourceType.DATA,
+ null,
+ list,
+ namespace
+ );
+ IResourceResponse res = managementClient.acl().createResource(iResourceDto).execute();
+ if (res != null && StringUtils.equals(res.getCode(), resourceName)) {
+ LOGGER.info("create resource({}:{}) success", namespace, resource);
+ return true;
+ } else {
+ LOGGER.info("create resource({}:{}) failed", namespace, resource);
+ return false;
+ }
+ } catch (Exception e) {
+ LOGGER.error("create resource {} failed {}", resource, e.getMessage());
+ return false;
+ }
+ }
+
/**
* 授权.
*
@@ -973,7 +1026,7 @@ public boolean revokeResource(String namespaceCode, String resource, List getUsersByIds(String type, String extIdpId, List u
}
}
+ /**
+ * 创建用户.
+ *
+ * @param usersObj 用户消息体
+ * @return 创建用户结果
+ */
+ public UserInfo createUser(JSONObject usersObj) {
+ try {
+ String mToken = (String) redisDao.get(Constant.REDIS_KEY_AUTH_MANAGER_TOKEN);
+ if (StringUtils.isBlank(mToken) || "null".equals(mToken)) {
+ mToken = getManagementToken();
+ }
+ System.out.println(usersObj.toString());
+ HttpResponse response = Unirest.post(authingApiHostV3 + CREATE_USER)
+ .header("Content-Type", "application/json")
+ .header("x-authing-userpool-id", userPoolId)
+ .header("authorization", mToken)
+ .body(usersObj.toString())
+ .asJson();
+ JSONObject resObj = response.getBody().getObject();
+ if (resObj.getInt("statusCode") != 200) {
+ LOGGER.error("create users failed {}", resObj.getString("message"));
+ return null;
+ }
+ JSONObject data = resObj.getJSONObject("data");
+ if (data == null) {
+ return null;
+ }
+ UserInfo userInfo = new UserInfo();
+ userInfo.setUserId(data.getString("userId"));
+ userInfo.setUsername(data.getString("username"));
+ return userInfo;
+ } catch (Exception e) {
+ LOGGER.error("delete resource failed {}", e.getMessage());
+ return null;
+ }
+ }
+
/**
* 转换resource(部分resource在authing无法使用,需要转化使用).
*
diff --git a/src/main/java/com/om/service/AuthingService.java b/src/main/java/com/om/service/AuthingService.java
index ce42ccca..9904edb0 100644
--- a/src/main/java/com/om/service/AuthingService.java
+++ b/src/main/java/com/om/service/AuthingService.java
@@ -1598,11 +1598,11 @@ public ResponseEntity message(String res) {
if (!res.contains(":")) {
return result(HttpStatus.BAD_REQUEST, null, res, null);
}
- ObjectMapper objectMapper = new ObjectMapper();
+ ObjectMapper jsonReader = new ObjectMapper();
String message = "faild";
try {
res = res.substring(Constant.AUTHING_RES_PREFIX_LENGTH);
- Iterator buckets = objectMapper.readTree(res).iterator();
+ Iterator buckets = jsonReader.readTree(res).iterator();
if (buckets.hasNext()) {
message = buckets.next().get("message").get("message").asText();
}
diff --git a/src/main/java/com/om/service/OidcService.java b/src/main/java/com/om/service/OidcService.java
index d762da73..8fe9b3e9 100644
--- a/src/main/java/com/om/service/OidcService.java
+++ b/src/main/java/com/om/service/OidcService.java
@@ -14,6 +14,7 @@
import cn.authing.core.types.Application;
import com.alibaba.fastjson2.JSON;
import com.auth0.jwt.JWT;
+import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
@@ -55,7 +56,9 @@
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
+import java.security.NoSuchAlgorithmException;
import java.time.LocalDateTime;
+import java.time.ZoneId;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
@@ -737,7 +740,7 @@ private ResponseEntity getOidcTokenByCode(String appId, String appSecret, String
}
String idToken = jsonNode.get("idToken").asText();
if (scopes.contains("id_token")) {
- tokens.put("id_token", idToken);
+ tokens.put("id_token", createOidcIdToken(appId, appSecret, userId));
}
redisDao.remove(code);
addOidcLogoutUrl(userId, idToken, redirectUri, logoutUrl);
@@ -750,6 +753,22 @@ private ResponseEntity getOidcTokenByCode(String appId, String appSecret, String
}
}
+ private String createOidcIdToken(String appId, String appSecret, String userId) throws NoSuchAlgorithmException {
+ LocalDateTime nowDate = LocalDateTime.now();
+ Date issuedAt = Date.from(nowDate.atZone(ZoneId.systemDefault()).toInstant());
+ LocalDateTime expireDate = nowDate.plusSeconds(72000);
+ Date expireAt = Date.from(expireDate.atZone(ZoneId.systemDefault()).toInstant());
+ String token = JWT.create()
+ .withAudience(appId) //谁接受签名
+ .withIssuedAt(issuedAt) //生成签名的时间
+ .withExpiresAt(expireAt) //过期时间
+ .withJWTId(codeUtil.randomStrBuilder(Constant.RANDOM_DEFAULT_LENGTH))
+ .withClaim("sub", userId)
+ .withClaim("iss", env.getProperty("oidc.login.page"))
+ .sign(Algorithm.HMAC256(appSecret));
+ return token;
+ }
+
/**
* oidc扩展协议,增加退出接入应用的机制.
*
diff --git a/src/main/java/com/om/service/OneIdManageService.java b/src/main/java/com/om/service/OneIdManageService.java
index e752d640..d3ce6e0c 100644
--- a/src/main/java/com/om/service/OneIdManageService.java
+++ b/src/main/java/com/om/service/OneIdManageService.java
@@ -13,13 +13,7 @@
import cn.authing.core.auth.AuthenticationClient;
import cn.authing.core.types.Application;
-import cn.authing.core.types.ResourcePermissionAssignment;
import cn.authing.core.types.User;
-import com.om.controller.bean.request.BatchAuthInfo;
-import com.om.controller.bean.request.IdentityUser;
-import com.om.dao.bean.AuthorizeInfo;
-import com.om.dao.bean.UserInfo;
-import jakarta.annotation.PostConstruct;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
@@ -55,7 +49,6 @@
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
-import org.springframework.util.CollectionUtils;
import org.springframework.util.DigestUtils;
import org.springframework.web.util.HtmlUtils;
@@ -65,7 +58,6 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import java.util.stream.Collectors;
@Service
public class OneIdManageService {
@@ -154,11 +146,6 @@ public class OneIdManageService {
@Value("${enterprise.extIdpId.gitcode: }")
private String enterExtIdpIdGitcode;
- /**
- * 能用于三方用户查询authing用户的三方平台.
- */
- private HashMap extIdpIdMap;
-
/**
* 静态日志记录器,用于记录 OneIdManageService 类的日志信息.
*/
@@ -174,15 +161,6 @@ public class OneIdManageService {
*/
private static final String TOKEN_REGEX = "token_info:";
- /**
- * 初始化方法.
- */
- @PostConstruct
- public void init() {
- extIdpIdMap = new HashMap<>();
- extIdpIdMap.put("gitcode", enterExtIdpIdGitcode);
- }
-
/**
* 处理令牌申请请求.
*
@@ -571,84 +549,6 @@ public ResponseEntity revokePrivacy(String userId) {
}
}
- /**
- * 批量根据三方用户ID获取活用户.
- *
- * @param identityUser 三方用户信息
- * @return authing用户
- */
- public ResponseEntity getUserByIdentities(IdentityUser identityUser) {
- if (!extIdpIdMap.containsValue(identityUser.getThirdPlatform())) {
- return authingService.result(HttpStatus.BAD_REQUEST, MessageCodeConfig.E00012, null, null);
- }
- String extIdpId = extIdpIdMap.get(identityUser.getThirdPlatform());
- List userInfos = authingManagerDao.getUsersByIds("identity",
- extIdpId, identityUser.getUserIds());
- if (userInfos == null) {
- return authingService.result(HttpStatus.BAD_REQUEST, MessageCodeConfig.E00012, null, null);
- }
- return authingService.result(HttpStatus.OK, MessageCodeConfig.S0001, null, userInfos);
- }
-
- /**
- * 批量授权.
- *
- * @param batchAuthInfo 权限信息
- * @return 授权结果
- */
- public ResponseEntity batchAuthrize(BatchAuthInfo batchAuthInfo) {
- try {
- List authorizedUsers = authingManagerDao.getAuthorizedUser(
- batchAuthInfo.getNamespaceCode(),
- batchAuthInfo.getResource(), batchAuthInfo.getActions());
- List authUserIds = authorizedUsers.stream()
- .map(ResourcePermissionAssignment::getTargetIdentifier).collect(Collectors.toList());
- if (batchAuthInfo.getIsDeleteOthers()) {
- List deleteUserIds = new ArrayList<>();
- for (String userId : authUserIds) {
- if (!batchAuthInfo.getUserIds().contains(userId)) {
- deleteUserIds.add(userId);
- }
- }
- authingManagerDao.revokeResource(batchAuthInfo.getNamespaceCode(), batchAuthInfo.getResource(),
- deleteUserIds);
- }
- List addUserIds = new ArrayList<>();
- for (String userId : batchAuthInfo.getUserIds()) {
- if (!authUserIds.contains(userId)) {
- addUserIds.add(userId);
- }
- }
- if (!CollectionUtils.isEmpty(addUserIds)) {
- String authActionPre = batchAuthInfo.getResource() + ":";
- List authActions = batchAuthInfo.getActions().stream().map(x -> authActionPre + x)
- .collect(Collectors.toList());
- AuthorizeInfo authorizeInfo = new AuthorizeInfo();
- authorizeInfo.setNamespace(batchAuthInfo.getNamespaceCode());
- AuthorizeInfo.AuthorizeData authorizeData = authorizeInfo.new AuthorizeData();
- authorizeData.setTargetType("USER");
- authorizeData.setTargetIdentifiers(addUserIds);
- AuthorizeInfo.AuthorizeResource authorizeResource = authorizeInfo.new AuthorizeResource();
- authorizeResource.setResourceType("DATA");
- authorizeResource.setCode(batchAuthInfo.getResource());
- authorizeResource.setActions(authActions);
- List resources = new ArrayList<>();
- resources.add(authorizeResource);
- authorizeData.setResources(resources);
- List list = new ArrayList<>();
- list.add(authorizeData);
- authorizeInfo.setList(list);
- if (!authingManagerDao.authrizeResource(authorizeInfo)) {
- return authingService.result(HttpStatus.BAD_REQUEST, MessageCodeConfig.E00012, null, null);
- }
- }
- return authingService.result(HttpStatus.OK, MessageCodeConfig.S0001, null, null);
- } catch (Exception e) {
- LOGGER.error(e.getMessage());
- return authingService.result(HttpStatus.BAD_REQUEST, MessageCodeConfig.E00012, null, null);
- }
- }
-
/**
* APP是否存在,且密码是否正确.
*
diff --git a/src/main/java/com/om/service/PrivacyHistoryService.java b/src/main/java/com/om/service/PrivacyHistoryService.java
index a71c7341..2782204d 100644
--- a/src/main/java/com/om/service/PrivacyHistoryService.java
+++ b/src/main/java/com/om/service/PrivacyHistoryService.java
@@ -69,7 +69,7 @@ public class PrivacyHistoryService {
/**
* 允许的社区列表.
*/
- private List allowedCommunity = Arrays.asList("openeuler", "mindspore", "modelfoundry");;
+ private List allowedCommunity = Arrays.asList("openeuler", "mindspore", "modelfoundry", "openubmc");
/**
* 用户池id.
diff --git a/src/main/java/com/om/service/SendMessageService.java b/src/main/java/com/om/service/SendMessageService.java
index b0a742c6..bf17ff6c 100644
--- a/src/main/java/com/om/service/SendMessageService.java
+++ b/src/main/java/com/om/service/SendMessageService.java
@@ -100,11 +100,11 @@ public Object getMessage(String map, HttpServletRequest servletRequest) throws E
}
}
String wsse = servletRequest.getHeader("x-wsse");
- String accessKey = "";
+ String msgAccessKey = "";
String[] wsses = wsse.split(",");
for (String wss : wsses) {
if (wss.startsWith("UsernameToken Username=")) {
- accessKey = wss.replace("UsernameToken Username=", "")
+ msgAccessKey = wss.replace("UsernameToken Username=", "")
.replace("\"", "");
break;
}
@@ -112,19 +112,20 @@ public Object getMessage(String map, HttpServletRequest servletRequest) throws E
String phone = infoMap.get("to");
String templateCode = infoMap.get("templateId");
String signName = infoMap.get("signature");
- String securityKey = infoMap.get("from");
+ String msgSecurityKey = infoMap.get("from");
String content = infoMap.get("templateParas");
content = URLDecoder.decode(URLDecoder.decode(content, StandardCharsets.UTF_8), StandardCharsets.UTF_8)
.replace("[", "")
.replace("]", "");
// 参数判空
- if (StringUtils.isEmpty(accessKey) || StringUtils.isEmpty(securityKey) || StringUtils.isEmpty(templateCode)
+ if (StringUtils.isEmpty(msgAccessKey) || StringUtils.isEmpty(msgSecurityKey)
+ || StringUtils.isEmpty(templateCode)
|| StringUtils.isEmpty(signName) || StringUtils.isEmpty(phone) || StringUtils.isEmpty(content)) {
LOGGER.error("sendMessage Error, input is empty");
return "";
}
// 重要参数校验
- if (!accessKey.equals(this.accessKey) || !securityKey.equals(this.securityKey)
+ if (!msgAccessKey.equals(this.accessKey) || !msgSecurityKey.equals(this.securityKey)
|| !templateCode.equals(templateId)) {
LOGGER.error("sendMessage Error, input is invalid");
return "";
diff --git a/src/main/java/com/om/utils/AuthingUtil.java b/src/main/java/com/om/utils/AuthingUtil.java
index 71b08257..57bbdc68 100644
--- a/src/main/java/com/om/utils/AuthingUtil.java
+++ b/src/main/java/com/om/utils/AuthingUtil.java
@@ -210,15 +210,13 @@ public void authingUserIdentityIdp(JSONObject identityObj, HashMap> splitList(List originList, int chunkSize) {
+ List> splits = new ArrayList<>();
+ if (CollectionUtils.isEmpty(originList)) {
+ return splits;
+ }
+ for (int i = 0; i < originList.size(); i += chunkSize) {
+ List chunk = new ArrayList<>();
+ for (int j = i; j < Math.min(i + chunkSize, originList.size()); j++) {
+ chunk.add(originList.get(j));
+ }
+ splits.add(chunk);
+ }
+ return splits;
+ }
+
private static byte[] check(byte[] bs) {
if (bs != null) {
return bs;
From 31dec4fe39f6f0c688323cd5f8c89ff3bbd1bec3 Mon Sep 17 00:00:00 2001
From: tfhddd <2272751277@qq.com>
Date: Thu, 23 Jan 2025 12:38:31 +0800
Subject: [PATCH 2/5] =?UTF-8?q?[FIX]xihe=E5=B9=B3=E5=8F=B0=E4=B8=89?=
=?UTF-8?q?=E6=96=B9=E4=B8=8D=E5=90=88=E8=A7=84=E7=94=A8=E6=88=B7=E5=90=8D?=
=?UTF-8?q?=E6=97=A0=E6=B3=95=E7=99=BB=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
src/main/java/com/om/dao/AuthingUserDao.java | 25 +++++++++++--------
.../java/com/om/service/AuthingService.java | 19 ++++++++++++--
2 files changed, 31 insertions(+), 13 deletions(-)
diff --git a/src/main/java/com/om/dao/AuthingUserDao.java b/src/main/java/com/om/dao/AuthingUserDao.java
index 315fd53e..a987c299 100644
--- a/src/main/java/com/om/dao/AuthingUserDao.java
+++ b/src/main/java/com/om/dao/AuthingUserDao.java
@@ -1462,7 +1462,7 @@ public String updateUserBaseInfo(String token, Map map, String u
updateUserInput.withCompany(inputValue);
break;
case "username":
- msg = checkUsername(appId, inputValue, community);
+ msg = checkUsername(appId, inputValue, community, false);
if (!msg.equals("success")) {
return msg;
}
@@ -1671,10 +1671,12 @@ public void deleteObsObjectByUrl(String objectUrl) {
* @param appId 应用程序 ID
* @param userName 用户名
* @param community 社区名
+ * @param isJustContent 只检测内容
* @return 如果用户名可用则返回消息提示,否则返回错误信息
* @throws ServerErrorException 如果在检查过程中出现服务器错误
*/
- public String checkUsername(String appId, String userName, String community) throws ServerErrorException {
+ public String checkUsername(String appId, String userName, String community, boolean isJustContent)
+ throws ServerErrorException {
String msg = "success";
if (StringUtils.isBlank(userName)) {
msg = "用户名不能为空";
@@ -1693,16 +1695,17 @@ public String checkUsername(String appId, String userName, String community) thr
return msg;
}
}
- if (reservedUsernames.contains(userName) || isUserExists(appId, userName, "username")) {
- msg = "用户名已存在";
- return msg;
- }
- if (!moderatorService.checkText(userName)) {
- msg = "Username is illegal";
- LOGGER.error("username is illegal: {}", userName);
- return msg;
+ if (!isJustContent) {
+ if (reservedUsernames.contains(userName) || isUserExists(appId, userName, "username")) {
+ msg = "用户名已存在";
+ return msg;
+ }
+ if (!moderatorService.checkText(userName)) {
+ msg = "Username is illegal";
+ LOGGER.error("username is illegal: {}", userName);
+ return msg;
+ }
}
-
return msg;
}
diff --git a/src/main/java/com/om/service/AuthingService.java b/src/main/java/com/om/service/AuthingService.java
index 9904edb0..26a6134d 100644
--- a/src/main/java/com/om/service/AuthingService.java
+++ b/src/main/java/com/om/service/AuthingService.java
@@ -13,6 +13,7 @@
import cn.authing.core.types.Application;
import cn.authing.core.types.Identity;
+import cn.authing.core.types.UpdateUserInput;
import cn.authing.core.types.User;
import com.alibaba.fastjson2.JSON;
import com.auth0.jwt.JWT;
@@ -64,6 +65,7 @@
import org.springframework.web.multipart.MultipartFile;
import org.springframework.web.util.HtmlUtils;
+import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.spec.InvalidKeySpecException;
@@ -452,7 +454,7 @@ public ResponseEntity register(HttpServletRequest servletRequest, HttpServletRes
String accountType;
try {
// 用户名校验
- msg = authingUserDao.checkUsername(appId, username, instanceCommunity);
+ msg = authingUserDao.checkUsername(appId, username, instanceCommunity, false);
if (!msg.equals(Constant.SUCCESS)) {
return result(HttpStatus.BAD_REQUEST, null, msg, null);
}
@@ -850,6 +852,7 @@ public ResponseEntity tokenApply(HttpServletRequest httpServletRequest,
String idToken = user.get("id_token").toString();
String picture = user.get("picture").toString();
String userName = (String) user.get("username");
+ userName = resetUserName(appId, userName, userId);
String phone = (String) user.get("phone_number");
String email = (String) user.get("email");
if ("openeuler".equals(instanceCommunity) && StringUtils.isBlank(email)) {
@@ -877,7 +880,6 @@ public ResponseEntity tokenApply(HttpServletRequest httpServletRequest,
if (listSize > maxLoginNum) {
redisDao.removeListTail(loginKey, maxLoginNum);
}
-
String token = tokens[0];
String verifyToken = tokens[1];
// 写cookie
@@ -909,6 +911,19 @@ public ResponseEntity tokenApply(HttpServletRequest httpServletRequest,
}
}
+ private String resetUserName(String appId, String userName, String userId)
+ throws ServerErrorException, IOException {
+ if (Constant.SUCCESS.equals(authingUserDao.checkUsername(appId, userName, instanceCommunity, true))) {
+ return userName;
+ } else {
+ LOGGER.warn("username: {} is invalid, auto clean", userName);
+ UpdateUserInput updateUserInput = new UpdateUserInput();
+ updateUserInput.withUsername("");
+ authingManagerDao.updateUserInfo(userId, updateUserInput);
+ return "";
+ }
+ }
+
/**
* 发送验证码方法.
*
From 37216a5a1398ca24a20d42ea56258df8544bc22c Mon Sep 17 00:00:00 2001
From: Hourunze1997 <1043170898@qq.com>
Date: Fri, 24 Jan 2025 09:35:14 +0800
Subject: [PATCH 3/5] Add .github folder structure
---
.github/script/scan_image.sh | 84 +++++++++++++++++++++++++
.github/workflows/check-label-owner.yml | 4 +-
.github/workflows/gate-check.yml | 9 ++-
.github/workflows/label-check.yml | 2 +-
.github/workflows/pr-branch-check.yml | 36 +++++++++++
5 files changed, 130 insertions(+), 5 deletions(-)
create mode 100644 .github/script/scan_image.sh
create mode 100644 .github/workflows/pr-branch-check.yml
diff --git a/.github/script/scan_image.sh b/.github/script/scan_image.sh
new file mode 100644
index 00000000..c9a3be44
--- /dev/null
+++ b/.github/script/scan_image.sh
@@ -0,0 +1,84 @@
+
+IAM_DATA=$(cat <
Date: Wed, 22 Jan 2025 11:43:14 +0800
Subject: [PATCH 4/5] =?UTF-8?q?[feature]=20=E6=B7=BB=E5=8A=A0=E7=A4=BE?=
=?UTF-8?q?=E4=BC=9A=E8=BA=AB=E4=BB=BD=E6=BA=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
src/main/java/com/om/dao/AuthingUserDao.java | 10 ++++++++-
src/main/java/com/om/utils/AuthingUtil.java | 23 ++++++++++++++++++++
2 files changed, 32 insertions(+), 1 deletion(-)
diff --git a/src/main/java/com/om/dao/AuthingUserDao.java b/src/main/java/com/om/dao/AuthingUserDao.java
index 315fd53e..110668d1 100644
--- a/src/main/java/com/om/dao/AuthingUserDao.java
+++ b/src/main/java/com/om/dao/AuthingUserDao.java
@@ -22,6 +22,7 @@
import com.om.modules.authing.AuthingAppSync;
import com.om.service.ModeratorService;
import com.om.service.PrivacyHistoryService;
+import com.om.utils.AuthingUtil;
import com.om.utils.LogUtil;
import com.om.authing.AuthingRespConvert;
import kong.unirest.HttpResponse;
@@ -363,6 +364,12 @@ public class AuthingUserDao {
@Autowired
private ModeratorService moderatorService;
+ /**
+ * authing 工具类.
+ */
+ @Autowired
+ private AuthingUtil authingUtil;
+
/**
* OBS客户端实例赋值.
*
@@ -1242,7 +1249,8 @@ public List> linkConnList(String token) {
mapGithub.put("authorizationUrl", authGithub);
HashMap mapGitee = new HashMap<>();
- String authGitee = String.format(enterAuthUrlGitee, appId, enterIdentifieGitee, userToken);
+ String authGitee = authingUtil.generateAuthorizationUrl(enterAuthUrlGitee, enterIdentifieGitee,
+ appId, userToken);
mapGitee.put("name", "enterprise_gitee");
mapGitee.put("authorizationUrl", authGitee);
diff --git a/src/main/java/com/om/utils/AuthingUtil.java b/src/main/java/com/om/utils/AuthingUtil.java
index 57bbdc68..de54d7a1 100644
--- a/src/main/java/com/om/utils/AuthingUtil.java
+++ b/src/main/java/com/om/utils/AuthingUtil.java
@@ -73,6 +73,29 @@ public String getUserIdFromToken(String token) throws InvalidKeySpecException, N
return decode.getAudience().get(0);
}
+ /**
+ * 根据企业身份源或者社会身份源判断授权URL.
+ * @param authUrl 授权URL模板.
+ * @param identifier 标识.
+ * @param appId 应用ID.
+ * @param userToken 用户token.
+ * @return 授权URL.
+ */
+ public String generateAuthorizationUrl(String authUrl, String identifier, String appId, String userToken) {
+ if (StringUtils.isBlank(authUrl) || StringUtils.isBlank(identifier) || StringUtils.isBlank(userToken)
+ || StringUtils.isBlank(appId)) {
+ return null;
+ }
+ // 企业源
+ if (authUrl.contains("oauth2")) {
+ return String.format(authUrl, appId, identifier, userToken);
+ } else if (authUrl.contains("social")) { // 社会源
+ return String.format(authUrl, identifier, appId, userToken);
+ } else {
+ return null;
+ }
+ }
+
/**
* 解密RSA加密过的token.
*
From fbc940ac2e08657980fc8e28cd397e87f587ee88 Mon Sep 17 00:00:00 2001
From: tfhddd <2272751277@qq.com>
Date: Wed, 5 Feb 2025 09:23:13 +0800
Subject: [PATCH 5/5] =?UTF-8?q?Revert=20"[feature]=20=E6=B7=BB=E5=8A=A0?=
=?UTF-8?q?=E7=A4=BE=E4=BC=9A=E8=BA=AB=E4=BB=BD=E6=BA=90"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
src/main/java/com/om/dao/AuthingUserDao.java | 10 +--------
src/main/java/com/om/utils/AuthingUtil.java | 23 --------------------
2 files changed, 1 insertion(+), 32 deletions(-)
diff --git a/src/main/java/com/om/dao/AuthingUserDao.java b/src/main/java/com/om/dao/AuthingUserDao.java
index 9b9d35fa..a987c299 100644
--- a/src/main/java/com/om/dao/AuthingUserDao.java
+++ b/src/main/java/com/om/dao/AuthingUserDao.java
@@ -22,7 +22,6 @@
import com.om.modules.authing.AuthingAppSync;
import com.om.service.ModeratorService;
import com.om.service.PrivacyHistoryService;
-import com.om.utils.AuthingUtil;
import com.om.utils.LogUtil;
import com.om.authing.AuthingRespConvert;
import kong.unirest.HttpResponse;
@@ -364,12 +363,6 @@ public class AuthingUserDao {
@Autowired
private ModeratorService moderatorService;
- /**
- * authing 工具类.
- */
- @Autowired
- private AuthingUtil authingUtil;
-
/**
* OBS客户端实例赋值.
*
@@ -1249,8 +1242,7 @@ public List> linkConnList(String token) {
mapGithub.put("authorizationUrl", authGithub);
HashMap mapGitee = new HashMap<>();
- String authGitee = authingUtil.generateAuthorizationUrl(enterAuthUrlGitee, enterIdentifieGitee,
- appId, userToken);
+ String authGitee = String.format(enterAuthUrlGitee, appId, enterIdentifieGitee, userToken);
mapGitee.put("name", "enterprise_gitee");
mapGitee.put("authorizationUrl", authGitee);
diff --git a/src/main/java/com/om/utils/AuthingUtil.java b/src/main/java/com/om/utils/AuthingUtil.java
index de54d7a1..57bbdc68 100644
--- a/src/main/java/com/om/utils/AuthingUtil.java
+++ b/src/main/java/com/om/utils/AuthingUtil.java
@@ -73,29 +73,6 @@ public String getUserIdFromToken(String token) throws InvalidKeySpecException, N
return decode.getAudience().get(0);
}
- /**
- * 根据企业身份源或者社会身份源判断授权URL.
- * @param authUrl 授权URL模板.
- * @param identifier 标识.
- * @param appId 应用ID.
- * @param userToken 用户token.
- * @return 授权URL.
- */
- public String generateAuthorizationUrl(String authUrl, String identifier, String appId, String userToken) {
- if (StringUtils.isBlank(authUrl) || StringUtils.isBlank(identifier) || StringUtils.isBlank(userToken)
- || StringUtils.isBlank(appId)) {
- return null;
- }
- // 企业源
- if (authUrl.contains("oauth2")) {
- return String.format(authUrl, appId, identifier, userToken);
- } else if (authUrl.contains("social")) { // 社会源
- return String.format(authUrl, identifier, appId, userToken);
- } else {
- return null;
- }
- }
-
/**
* 解密RSA加密过的token.
*