From a666b5f9741ef9b21f547d3b2141752a0383c70c Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期二, 20 九月 2022 17:07:38 +0800
Subject: [PATCH] 1、修改登录页面 2、修改阿里代码规范问题
---
src/java/org/apereo/cas/adaptors/jdbc/QueryDatabaseAuthenticationHandler.java | 43 +++++++++++++++++++++++++++++--------------
1 files changed, 29 insertions(+), 14 deletions(-)
diff --git a/src/java/org/apereo/cas/adaptors/jdbc/QueryDatabaseAuthenticationHandler.java b/src/java/org/apereo/cas/adaptors/jdbc/QueryDatabaseAuthenticationHandler.java
index b39808e..7176c22 100644
--- a/src/java/org/apereo/cas/adaptors/jdbc/QueryDatabaseAuthenticationHandler.java
+++ b/src/java/org/apereo/cas/adaptors/jdbc/QueryDatabaseAuthenticationHandler.java
@@ -2,6 +2,7 @@
import java.security.GeneralSecurityException;
+import java.util.Base64;
import java.util.List;
import java.util.Map;
@@ -16,17 +17,16 @@
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.web.landtool.terra.OjdbcProperties;
import org.apereo.cas.web.landtool.utils.Md5Util;
-import org.pac4j.oauth.profile.JsonObject;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
import org.springframework.dao.DataAccessException;
import org.springframework.dao.IncorrectResultSizeDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.stereotype.Component;
-import org.springframework.webflow.execution.Event;
-import com.zaxxer.hikari.HikariDataSource;
-
+/**
+ * @author Tanbin
+ * @date 2018-12-12
+ */
@Component
public class QueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
private String sql;
@@ -34,27 +34,41 @@
@Autowired
private OjdbcProperties properties;
+ private static String m0 = "0";
+
+ private static String mIsFirst = "ISFIRSTLOGIN";
+
+ @Override
protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential, String originalPassword) throws GeneralSecurityException, PreventedException {
- if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null)
+ if (StringUtils.isBlank(this.sql) || getJdbcTemplate() == null) {
throw new GeneralSecurityException("Authentication handler is not configured correctly. No SQL statement or JDBC template is found.");
+ }
String username = credential.getUsername();
String password = credential.getPassword();
try {
+ username = new String(Base64.getDecoder().decode(username));
+ credential.setUsername(username);
+ originalPassword = new String(Base64.getDecoder().decode(originalPassword));
+
String dbPassword = (String) getJdbcTemplate().queryForObject(this.sql, String.class, new Object[]{username});
//绗竴娆$櫥褰�,浠嶄娇鐢ㄦ簮鏂瑰紡璁よ瘉
- if (IsFirstLogin(username)) {
- if ((StringUtils.isNotBlank(originalPassword) && !matches(originalPassword, dbPassword)) || (
- StringUtils.isBlank(originalPassword) && !StringUtils.equals(password, dbPassword)))
+ if (isFirstLogin(username)) {
+ boolean b1 = StringUtils.isNotBlank(originalPassword) && !matches(originalPassword, dbPassword);
+ boolean b2 = StringUtils.isBlank(originalPassword) && !StringUtils.equals(password, dbPassword);
+ if (b1 || b2) {
throw new FailedLoginException("Password does not match value on record.");
+ }
} else {
- if ((StringUtils.isNotBlank(originalPassword) && !validatePass(originalPassword, dbPassword)))
+ if ((StringUtils.isNotBlank(originalPassword) && !validatePass(originalPassword, dbPassword))) {
throw new FailedLoginException("Password does not match value on record.");
+ }
}
} catch (IncorrectResultSizeDataAccessException e) {
- if (e.getActualSize() == 0)
+ if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
+ }
throw new FailedLoginException("Multiple records found for " + username);
} catch (DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
@@ -63,6 +77,7 @@
return createHandlerResult(credential, this.principalFactory.createPrincipal(username), null);
}
+ @Override
protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException {
return authenticateUsernamePasswordInternal(credential, null);
}
@@ -77,19 +92,19 @@
List<Map<String, Object>> list = getJdbcTemplate().queryForList(querysql);
if (list != null && !list.isEmpty()) {
- if ("0".equals(list.get(0).get("ISFIRSTLOGIN").toString())) {
+ if (m0.equals(list.get(0).get(mIsFirst).toString())) {
throw new AccountPasswordMustChangeException();
}
}
}
- public boolean IsFirstLogin(String username) throws AccountPasswordMustChangeException {
+ public boolean isFirstLogin(String username) throws AccountPasswordMustChangeException {
String tempsql = "SELECT * FROM MAGBG.ORG_USER WHERE LOGINNAME='%s'";
String querysql = String.format(tempsql, username);
List<Map<String, Object>> list = getJdbcTemplate().queryForList(querysql);
if (list != null && !list.isEmpty()) {
- if ("0".equals(list.get(0).get("ISFIRSTLOGIN").toString())) {
+ if (m0.equals(list.get(0).get(mIsFirst).toString())) {
return true;
}
}
--
Gitblit v1.9.3