dendi-wang/thingsboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge PR #7453

Browse Source
This commit is contained in:
Andrii Shvaika 2022-11-07 18:37:45 +02:00
commit 660b9bdf85
6 changed files with 43 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
application/src/main/java/org/thingsboard/server/controller/AuthController.java
View File

@ -58,7 +58,6 @@ import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.model.UserPrincipal; import org.thingsboard.server.service.security.model.UserPrincipal;
import org.thingsboard.server.service.security.model.token.JwtTokenFactory; import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
import org.thingsboard.server.service.security.system.SystemSecurityService; import org.thingsboard.server.service.security.system.SystemSecurityService;
import ua_parser.Client;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.net.URI; import java.net.URI;
@ -317,49 +316,8 @@ public class AuthController extends BaseController {
private void logLogoutAction(HttpServletRequest request) throws ThingsboardException { private void logLogoutAction(HttpServletRequest request) throws ThingsboardException {
try { try {
SecurityUser user = getCurrentUser(); var user = getCurrentUser();
RestAuthenticationDetails details = new RestAuthenticationDetails(request); systemSecurityService.logLoginAction(user, new RestAuthenticationDetails(request), ActionType.LOGOUT, null);
String clientAddress = details.getClientAddress();
String browser = "Unknown";
String os = "Unknown";
String device = "Unknown";
if (details.getUserAgent() != null) {
Client userAgent = details.getUserAgent();
if (userAgent.userAgent != null) {
browser = userAgent.userAgent.family;
if (userAgent.userAgent.major != null) {
browser += " " + userAgent.userAgent.major;
if (userAgent.userAgent.minor != null) {
browser += "." + userAgent.userAgent.minor;
if (userAgent.userAgent.patch != null) {
browser += "." + userAgent.userAgent.patch;
}
}
}
}
if (userAgent.os != null) {
os = userAgent.os.family;
if (userAgent.os.major != null) {
os += " " + userAgent.os.major;
if (userAgent.os.minor != null) {
os += "." + userAgent.os.minor;
if (userAgent.os.patch != null) {
os += "." + userAgent.os.patch;
if (userAgent.os.patchMinor != null) {
os += "." + userAgent.os.patchMinor;
}
}
}
}
}
if (userAgent.device != null) {
device = userAgent.device.family;
}
}
auditLogService.logEntityAction(
user.getTenantId(), user.getCustomerId(), user.getId(),
user.getName(), user.getId(), null, ActionType.LOGOUT, null, clientAddress, browser, os, device);
eventPublisher.publishEvent(new UserSessionInvalidationEvent(user.getSessionId())); eventPublisher.publishEvent(new UserSessionInvalidationEvent(user.getSessionId()));
} catch (Exception e) { } catch (Exception e) {
throw handleException(e); throw handleException(e);

6
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/AbstractOAuth2ClientMapper.java
View File

@ -47,6 +47,7 @@ import org.thingsboard.server.dao.oauth2.OAuth2User;
import org.thingsboard.server.dao.tenant.TbTenantProfileCache; import org.thingsboard.server.dao.tenant.TbTenantProfileCache;
import org.thingsboard.server.dao.tenant.TenantService; import org.thingsboard.server.dao.tenant.TenantService;
import org.thingsboard.server.dao.user.UserService; import org.thingsboard.server.dao.user.UserService;
import org.thingsboard.server.service.entitiy.user.TbUserService;
import org.thingsboard.server.service.install.InstallScripts; import org.thingsboard.server.service.install.InstallScripts;
import org.thingsboard.server.service.security.model.SecurityUser; import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.model.UserPrincipal; import org.thingsboard.server.service.security.model.UserPrincipal;
@ -81,6 +82,9 @@ public abstract class AbstractOAuth2ClientMapper {
@Autowired @Autowired
private InstallScripts installScripts; private InstallScripts installScripts;
@Autowired
private TbUserService tbUserService;
@Autowired @Autowired
protected TbTenantProfileCache tenantProfileCache; protected TbTenantProfileCache tenantProfileCache;
@ -146,7 +150,7 @@ public abstract class AbstractOAuth2ClientMapper {
user.setAdditionalInfo(additionalInfo); user.setAdditionalInfo(additionalInfo);
user = userService.saveUser(user); user = tbUserService.save(tenantId, customerId, user, false, null, null);
if (config.isActivateUser()) { if (config.isActivateUser()) {
UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getTenantId(), user.getId()); UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getTenantId(), user.getId());
userService.activateUserCredentials(user.getTenantId(), userCredentials.getActivateToken(), passwordEncoder.encode("")); userService.activateUserCredentials(user.getTenantId(), userCredentials.getActivateToken(), passwordEncoder.encode(""));

3
application/src/main/java/org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationSuccessHandler.java
View File

@ -25,6 +25,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.StringUtils; import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.common.data.audit.ActionType;
import org.thingsboard.server.common.data.id.CustomerId; import org.thingsboard.server.common.data.id.CustomerId;
import org.thingsboard.server.common.data.id.EntityId; import org.thingsboard.server.common.data.id.EntityId;
import org.thingsboard.server.common.data.id.TenantId; import org.thingsboard.server.common.data.id.TenantId;
@ -32,6 +33,7 @@ import org.thingsboard.server.common.data.oauth2.OAuth2Registration;
import org.thingsboard.server.dao.oauth2.OAuth2Service; import org.thingsboard.server.dao.oauth2.OAuth2Service;
import org.thingsboard.server.queue.util.TbCoreComponent; import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.security.model.JwtTokenPair; import org.thingsboard.server.service.security.model.JwtTokenPair;
import org.thingsboard.server.service.security.auth.rest.RestAuthenticationDetails;
import org.thingsboard.server.service.security.model.SecurityUser; import org.thingsboard.server.service.security.model.SecurityUser;
import org.thingsboard.server.service.security.model.token.JwtTokenFactory; import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
import org.thingsboard.server.service.security.system.SystemSecurityService; import org.thingsboard.server.service.security.system.SystemSecurityService;
@ -106,6 +108,7 @@ public class Oauth2AuthenticationSuccessHandler extends SimpleUrlAuthenticationS
clearAuthenticationAttributes(request, response); clearAuthenticationAttributes(request, response);
getRedirectStrategy().sendRedirect(request, response, baseUrl + "/?accessToken=" + tokenPair.getToken() + "&refreshToken=" + tokenPair.getRefreshToken()); getRedirectStrategy().sendRedirect(request, response, baseUrl + "/?accessToken=" + tokenPair.getToken() + "&refreshToken=" + tokenPair.getRefreshToken());
systemSecurityService.logLoginAction(securityUser, new RestAuthenticationDetails(request), ActionType.LOGIN, registration.getName(), null);
} catch (Exception e) { } catch (Exception e) {
log.debug("Error occurred during processing authentication success result. " + log.debug("Error occurred during processing authentication success result. " +
"request [{}], response [{}], authentication [{}]", request, response, authentication, e); "request [{}], response [{}], authentication [{}]", request, response, authentication, e);

49
application/src/main/java/org/thingsboard/server/service/security/system/DefaultSystemSecurityService.java
View File

@ -263,6 +263,11 @@ public class DefaultSystemSecurityService implements SystemSecurityService {
@Override @Override
public void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e) { public void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e) {
logLoginAction(user, authenticationDetails, actionType, null, e);
}
@Override
public void logLoginAction(User user, Object authenticationDetails, ActionType actionType, String provider, Exception e) {
String clientAddress = "Unknown"; String clientAddress = "Unknown";
String browser = "Unknown"; String browser = "Unknown";
String os = "Unknown"; String os = "Unknown";
@ -278,38 +283,38 @@ public class DefaultSystemSecurityService implements SystemSecurityService {
browser += " " + userAgent.userAgent.major; browser += " " + userAgent.userAgent.major;
if (userAgent.userAgent.minor != null) { if (userAgent.userAgent.minor != null) {
browser += "." + userAgent.userAgent.minor; browser += "." + userAgent.userAgent.minor;
if (userAgent.userAgent.patch != null) { if (userAgent.userAgent.patch != null) {
browser += "." + userAgent.userAgent.patch; browser += "." + userAgent.userAgent.patch;
}
} }
} }
} }
if (userAgent.os != null) { }
os = userAgent.os.family; if (userAgent.os != null) {
if (userAgent.os.major != null) { os = userAgent.os.family;
os += " " + userAgent.os.major; if (userAgent.os.major != null) {
if (userAgent.os.minor != null) { os += " " + userAgent.os.major;
os += "." + userAgent.os.minor; if (userAgent.os.minor != null) {
if (userAgent.os.patch != null) { os += "." + userAgent.os.minor;
os += "." + userAgent.os.patch; if (userAgent.os.patch != null) {
if (userAgent.os.patchMinor != null) { os += "." + userAgent.os.patch;
os += "." + userAgent.os.patchMinor; if (userAgent.os.patchMinor != null) {
} os += "." + userAgent.os.patchMinor;
} }
} }
} }
} }
if (userAgent.device != null) { }
device = userAgent.device.family; if (userAgent.device != null) {
} device = userAgent.device.family;
} }
} }
}
if (actionType == ActionType.LOGIN && e == null) { if (actionType == ActionType.LOGIN && e == null) {
userService.setLastLoginTs(user.getTenantId(), user.getId()); userService.setLastLoginTs(user.getTenantId(), user.getId());
} }
auditLogService.logEntityAction( auditLogService.logEntityAction(
user.getTenantId(), user.getCustomerId(), user.getId(), user.getTenantId(), user.getCustomerId(), user.getId(),
user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device); user.getName(), user.getId(), null, actionType, e, clientAddress, browser, os, device, provider);
} }
private static boolean isPositiveInteger(Integer val) { private static boolean isPositiveInteger(Integer val) {

1
application/src/main/java/org/thingsboard/server/service/security/system/SystemSecurityService.java
View File

@ -44,4 +44,5 @@ public interface SystemSecurityService {
void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e); void logLoginAction(User user, Object authenticationDetails, ActionType actionType, Exception e);
void logLoginAction(User user, Object authenticationDetails, ActionType actionType, String provider, Exception e);
} }

6
dao/src/main/java/org/thingsboard/server/dao/audit/AuditLogServiceImpl.java
View File

@ -23,13 +23,13 @@ import com.google.common.collect.Lists;
import com.google.common.util.concurrent.Futures; import com.google.common.util.concurrent.Futures;
import com.google.common.util.concurrent.ListenableFuture; import com.google.common.util.concurrent.ListenableFuture;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.thingsboard.common.util.JacksonUtil; import org.thingsboard.common.util.JacksonUtil;
import org.thingsboard.server.common.data.EntityType; import org.thingsboard.server.common.data.EntityType;
import org.thingsboard.server.common.data.HasName; import org.thingsboard.server.common.data.HasName;
import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.common.data.audit.ActionStatus; import org.thingsboard.server.common.data.audit.ActionStatus;
import org.thingsboard.server.common.data.audit.ActionType; import org.thingsboard.server.common.data.audit.ActionType;
import org.thingsboard.server.common.data.audit.AuditLog; import org.thingsboard.server.common.data.audit.AuditLog;
@ -257,10 +257,14 @@ public class AuditLogServiceImpl implements AuditLogService {
String browser = extractParameter(String.class, 1, additionalInfo); String browser = extractParameter(String.class, 1, additionalInfo);
String os = extractParameter(String.class, 2, additionalInfo); String os = extractParameter(String.class, 2, additionalInfo);
String device = extractParameter(String.class, 3, additionalInfo); String device = extractParameter(String.class, 3, additionalInfo);
String provider = extractParameter(String.class, 4, additionalInfo);
actionData.put("clientAddress", clientAddress); actionData.put("clientAddress", clientAddress);
actionData.put("browser", browser); actionData.put("browser", browser);
actionData.put("os", os); actionData.put("os", os);
actionData.put("device", device); actionData.put("device", device);
if (StringUtils.hasText(provider)) {
actionData.put("provider", provider);
}
break; break;
case PROVISION_SUCCESS: case PROVISION_SUCCESS:
case PROVISION_FAILURE: case PROVISION_FAILURE: