From 3b47bd6625e69874fe5fc7df47c78e9ccbf42634 Mon Sep 17 00:00:00 2001
From: orangebabu <2409692770@qq.com>
Date: Tue, 20 Aug 2024 10:12:19 +0800
Subject: [PATCH] app provider

---
 .../impl/AppAuthenticationProvider.java       | 19 ++++++++++++++++++-
 .../AuthnProviderAutoConfiguration.java       |  8 ++++++--
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java
index 3e1302d4..840687c8 100644
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java
@@ -1,15 +1,18 @@
 package org.dromara.maxkey.authn.provider.impl;
 
 import org.dromara.maxkey.authn.LoginCredential;
+import org.dromara.maxkey.authn.jwt.AuthTokenService;
 import org.dromara.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.dromara.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.dromara.maxkey.authn.session.SessionManager;
+import org.dromara.maxkey.configuration.ApplicationConfig;
 import org.dromara.maxkey.constants.ConstsLoginType;
 import org.dromara.maxkey.entity.idm.UserInfo;
 import org.dromara.maxkey.web.WebConstants;
 import org.dromara.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -28,9 +31,13 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
     public AppAuthenticationProvider(
             AbstractAuthenticationRealm authenticationRealm,
-            SessionManager sessionManager) {
+            ApplicationConfig applicationConfig,
+            SessionManager sessionManager,
+            AuthTokenService authTokenService) {
         this.authenticationRealm = authenticationRealm;
+        this.applicationConfig = applicationConfig;
         this.sessionManager = sessionManager;
+        this.authTokenService = authTokenService;
     }
 
 
@@ -48,6 +55,9 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
             _logger.debug("authentication {}", loginCredential);
 
+            if(this.applicationConfig.getLoginConfig().isCaptcha()) {
+                captchaValid(loginCredential.getState(),loginCredential.getCaptcha());
+            }
 
             emptyPasswordValid(loginCredential.getPassword());
 
@@ -93,4 +103,11 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
         return authenticationToken;
     }
+
+    protected void captchaValid(String state ,String captcha) {
+        // for basic
+        if(!authTokenService.validateCaptcha(state,captcha)) {
+            throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha"));
+        }
+    }
 }
diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java
index a76316ce..8b1d24d7 100644
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java
@@ -91,11 +91,15 @@ public class AuthnProviderAutoConfiguration {
 	@Bean
 	public AppAuthenticationProvider appAuthenticationProvider(
 			AbstractAuthenticationRealm authenticationRealm,
-			SessionManager sessionManager
+			ApplicationConfig applicationConfig,
+			SessionManager sessionManager,
+			AuthTokenService authTokenService
 	) {
 		return new AppAuthenticationProvider(
 				authenticationRealm,
-				sessionManager
+				applicationConfig,
+				sessionManager,
+				authTokenService
 		);
 	}