diff --git a/pom.xml b/pom.xml
index 89d11f8336f3eeaee3cfb92a1f332513a9fddb31..232fb557a5f3651c31435cb190f801344e646385 100644
--- a/pom.xml
+++ b/pom.xml
@@ -125,6 +125,12 @@
 			<artifactId>expiringmap</artifactId>
 			<version>0.5.11</version>
 		</dependency>
+
+		<dependency>
+			<groupId>com.jayway.jsonpath</groupId>
+			<artifactId>json-path</artifactId>
+			<version>2.6.0</version>
+		</dependency>
 	</dependencies>
 
 	<build>
diff --git a/src/main/java/com/cym/config/AppFilter.java b/src/main/java/com/cym/config/AppFilter.java
index 1e3f1af228d5c65af6f48a61419153423bd4e96c..9553deca92215731d7277bb8b4c06d59fa6b8b95 100644
--- a/src/main/java/com/cym/config/AppFilter.java
+++ b/src/main/java/com/cym/config/AppFilter.java
@@ -171,6 +171,9 @@ public class AppFilter implements Filter {
 		if (ctx.path().toLowerCase().contains("adminPage/login".toLowerCase())) {
 			return true;
 		}
+		if (ctx.path().toLowerCase().contains("adminPage/sso".toLowerCase())) {
+			return true;
+		}
 
 		String creditKey = ctx.param("creditKey");
 		boolean isCredit = creditService.check(creditKey);
diff --git a/src/main/java/com/cym/controller/adminPage/SSOController.java b/src/main/java/com/cym/controller/adminPage/SSOController.java
new file mode 100644
index 0000000000000000000000000000000000000000..d71593053ad9dbe139d3bb75607fa5b83edd9d2a
--- /dev/null
+++ b/src/main/java/com/cym/controller/adminPage/SSOController.java
@@ -0,0 +1,136 @@
+package com.cym.controller.adminPage;
+
+import cn.hutool.core.lang.UUID;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.http.HttpUtil;
+import cn.hutool.json.JSONObject;
+import cn.hutool.json.JSONUtil;
+import com.cym.ext.AdminExt;
+import com.cym.ext.Tree;
+import com.cym.model.Admin;
+import com.cym.model.Group;
+import com.cym.service.AdminService;
+import com.cym.service.GroupService;
+import com.cym.service.SettingService;
+import com.cym.sqlhelper.bean.Page;
+import com.cym.sqlhelper.utils.ConditionAndWrapper;
+import com.cym.utils.*;
+import com.google.zxing.BarcodeFormat;
+import com.google.zxing.EncodeHintType;
+import com.google.zxing.MultiFormatWriter;
+import com.google.zxing.WriterException;
+import com.google.zxing.client.j2se.MatrixToImageWriter;
+import com.google.zxing.common.BitMatrix;
+import com.jayway.jsonpath.JsonPath;
+import org.noear.solon.annotation.Controller;
+import org.noear.solon.annotation.Inject;
+import org.noear.solon.annotation.Mapping;
+import org.noear.solon.core.handle.Context;
+import org.noear.solon.core.handle.ModelAndView;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.*;
+
+@Controller
+@Mapping("/adminPage/sso")
+public class SSOController extends BaseController {
+	Logger logger = LoggerFactory.getLogger(this.getClass());
+	@Inject
+	AdminService adminService;
+	@Inject
+	SettingService settingService;
+	@Inject
+	SendMailUtils sendCloudUtils;
+	@Inject
+	AuthUtils authUtils;
+	@Inject
+	GroupService groupService;
+	@Inject
+	RemoteController remoteController;
+
+	@Mapping("")
+	public ModelAndView index(ModelAndView modelAndView) {
+
+		modelAndView.put("codeUrl", settingService.get("sso_codeUrl"));
+		modelAndView.put("tokenUrl", settingService.get("sso_tokenUrl"));
+		modelAndView.put("userinfoUrl", settingService.get("sso_userinfoUrl"));
+		modelAndView.put("jsonpath", settingService.get("sso_jsonpath"));
+		modelAndView.put("clientID", settingService.get("sso_clientID"));
+		modelAndView.put("clientSecret", settingService.get("sso_clientSecret"));
+		modelAndView.view("/adminPage/sso/index.html");
+		return modelAndView;
+	}
+
+	@Mapping("save")
+	public JsonResult save(String codeUrl, String tokenUrl, String userinfoUrl, String jsonpath, String clientID, String clientSecret,String callbackUrl) {
+
+		settingService.set("sso_codeUrl",codeUrl);
+		settingService.set("sso_tokenUrl",tokenUrl);
+		settingService.set("sso_userinfoUrl",userinfoUrl);
+		settingService.set("sso_jsonpath",jsonpath);
+		settingService.set("sso_clientID",clientID);
+		settingService.set("sso_clientSecret",clientSecret);
+		settingService.set("sso_callbackUrl",callbackUrl);
+
+		return renderSuccess();
+	}
+
+	@Mapping("redirect")
+	public void redirect(Context ctx) {
+
+
+		String codeUrl= settingService.get("sso_codeUrl");
+		String clientID=settingService.get("sso_clientID");
+		String callbackUrl=settingService.get("sso_callbackUrl");
+
+	  	String url = codeUrl+ "?client_id="+clientID+"&response_type=code&redirect_uri="+callbackUrl+"&oauth_timestamp="+System.currentTimeMillis()+"&state=";
+
+		ctx.redirect(url);
+	}
+
+	@Mapping("code")
+	public void code(String code,Context ctx) {
+
+		String tokenUrl=settingService.get("sso_tokenUrl");
+		String userinfoUrl=settingService.get("sso_userinfoUrl");
+		String jsonpath=settingService.get("sso_jsonpath");
+		String clientID=settingService.get("sso_clientID");
+		String clientSecret=settingService.get("sso_clientSecret");
+		String callbackUrl=settingService.get("sso_callbackUrl");
+
+
+		String getTokenUrl = tokenUrl + "?grant_type=authorization_code&oauth_timestamp="+System.currentTimeMillis()+"&client_id="+clientID+"&client_secret="+clientSecret
+				+"&code="+code+"&redirect_uri="+callbackUrl;
+
+		String post = HttpUtil.post(getTokenUrl, "");
+
+		JSONObject entries = JSONUtil.parseObj(post);
+		String accessToken = entries.getStr("access_token");
+
+		String userInfoUrl = userinfoUrl+"?access_token="+accessToken;
+
+		String userinfoStr = HttpUtil.get(userInfoUrl);
+
+//
+//
+//		JSONObject jsonObject = JSONUtil.parseObj(userinfoStr);
+
+		String read = JsonPath.read(userinfoStr, jsonpath);
+
+		Admin admin = sqlHelper.findOneByQuery(new ConditionAndWrapper().eq(Admin::getName, read), Admin.class);
+
+		admin.setAutoKey(UUID.randomUUID().toString()); // 生成自动登录code
+		sqlHelper.updateById(admin);
+
+		Context.current().sessionSet("localType", "local");
+		Context.current().sessionSet("isLogin", true);
+		Context.current().sessionSet("admin", admin);
+		Context.current().sessionRemove("imgCode"); // 立刻销毁验证码
+
+
+
+		ctx.redirect("/adminPage/monitor");
+	}
+}
diff --git a/src/main/resources/WEB-INF/view/adminPage/login/index.html b/src/main/resources/WEB-INF/view/adminPage/login/index.html
index 6b91ca9d4e72f30a6c01f5c928244b69bdbdb943..d56ff15881348436fd12e2c46dabf029d4d32965 100644
--- a/src/main/resources/WEB-INF/view/adminPage/login/index.html
+++ b/src/main/resources/WEB-INF/view/adminPage/login/index.html
@@ -46,6 +46,7 @@
 				<div class="layui-form-item" style="text-align: center;">
 					<input type="hidden" name="authCode" id="authCode">
 					<button type="button" class="layui-btn layui-btn-normal" onclick="getAuth()">${loginStr.login}</button>
+					<a type="button" class="layui-btn layui-btn-normal" href="/adminPage/sso/redirect" >${menuStr.sso}</a>
 				</div>
 			</form>
 		</div>
diff --git a/src/main/resources/WEB-INF/view/adminPage/menu.html b/src/main/resources/WEB-INF/view/adminPage/menu.html
index 59c7c52f59addcce4757c1126c727e7d33b913c6..751508c82c3568f33234c72ee7cb77eb9813ba2b 100644
--- a/src/main/resources/WEB-INF/view/adminPage/menu.html
+++ b/src/main/resources/WEB-INF/view/adminPage/menu.html
@@ -77,6 +77,9 @@
 						<dd>
 							<a href="${ctx}/adminPage/admin">${menuStr.admin}</a>
 						</dd>
+						<dd>
+							<a href="${ctx}/adminPage/sso">SSO</a>
+						</dd>
 					</#if>
 					<dd>
 						<a href="${ctx}/doc/api.html" target="_blank">${menuStr.doc}</a>
diff --git a/src/main/resources/WEB-INF/view/adminPage/sso/index.html b/src/main/resources/WEB-INF/view/adminPage/sso/index.html
new file mode 100644
index 0000000000000000000000000000000000000000..195f965adc0a2d73bf663039ec2c4bf3ddf33508
--- /dev/null
+++ b/src/main/resources/WEB-INF/view/adminPage/sso/index.html
@@ -0,0 +1,146 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<#include "/adminPage/common.html"/>
+	<link rel="stylesheet" type="text/css" href="${ctx}/lib/jsdifflib/diffview.css" />
+	<style type="text/css">
+		.name {
+			padding: 10px;
+			padding-left: 0px;
+			font-size: 16px;
+		}
+
+		.title {
+			margin-top: 5px;
+			margin-bottom: 5px;
+			height:30px;
+			line-height:30px;
+			cursor: pointer;
+		}
+
+		table.diff {
+			width: 100%;
+		}
+
+
+		.long{
+			width: 150px!important;
+		}
+
+
+		.layui-form-radio{
+			width: 700px;
+		}
+
+		input[type='radio']{
+			width: 1000px;
+		}
+
+	</style>
+</head>
+<body class="layui-layout-body">
+<div class="layui-layout layui-layout-admin">
+
+	<#include "/adminPage/header.html"/>
+	<#include "/adminPage/menu.html"/>
+
+	<div class="layui-body">
+		<!-- 内容主体区域 -->
+		<fieldset class="layui-elem-field layui-field-title">
+			<legend>SSO-OAuth2.0配置</legend>
+		</fieldset>
+		<form id="addForm" style="margin-top: 48px">
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">code请求地址</label>
+				<div class="layui-input-block">
+					<input type="text" name="codeUrl" id="codeUrl" class="layui-input"  value="${codeUrl}">
+				</div>
+			</div>
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">token获取地址</label>
+				<div class="layui-input-block">
+					<input type="text" name="tokenUrl" id="tokenUrl" class="layui-input"  value="${tokenUrl}">
+				</div>
+			</div>
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">userinfo获取地址</label>
+				<div class="layui-input-block">
+					<input type="text" name="userinfoUrl" id="userinfoUrl" class="layui-input" value="${userinfoUrl}">
+				</div>
+			</div>
+
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">用户属性键</label>
+				<p style="font-size: 10px;">jsonpath表达式获取用户唯一信息，例如：$.a.b; 所得值需等于《用户名》</p>
+				<div class="layui-input-block">
+					<input type="text" name="jsonpath" id="jsonpath" class="layui-input" value="${jsonpath}">
+				</div>
+			</div>
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">clientID</label>
+				<div class="layui-input-block">
+					<input type="text" name="clientID" id="clientID" class="layui-input" value="${clientID}">
+				</div>
+			</div>
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">clientSecret</label>
+				<div class="layui-input-block">
+					<input type="text" name="clientSecret" id="clientSecret" class="layui-input" value="${clientSecret}">
+				</div>
+			</div>
+
+			<div class="layui-form-item">
+				<label class="layui-form-label">callback地址</label>
+				<div class="layui-input-block">
+					<input id="callbackUrl" name="callbackUrl" class="layui-input">
+				</div>
+			</div>
+
+
+			<div class="layui-form-item center">
+				<button type="button" class="layui-btn layui-btn-normal" onclick="save()">提交</button>
+			</div>
+		</form>
+
+	</div>
+</div>
+
+
+
+<#include '/adminPage/script.html'/>
+<#include '/adminPage/select_root.html'/>
+<script src="${ctx}/lib/auto-line-number/auto-line-number.js" type="text/javascript"></script>
+<script src="${ctx}/lib/jsdifflib/difflib.js" type="text/javascript"></script>
+<script src="${ctx}/lib/jsdifflib/diffview.js" type="text/javascript"></script>
+<script src="${ctx}/lib/base64/base64.js" type="text/javascript"></script>
+<script type="application/javascript">
+
+	const href = location.href.split('/');
+	const host = href[0]+"//"+href[2];
+	document.getElementById("callbackUrl").value=host+"/adminPage/sso/code";//host+"/adminPage/sso/code?code=xxxxxxx";
+
+	async function save(){
+		const form = document.getElementById('addForm');
+		const formData = new FormData(form);
+		const response = await fetch('/adminPage/sso/save', {
+			method: 'POST',
+			body: formData
+		});
+		const data = await response.json();
+		if (data.success) {
+			alert("成功")
+		}else {
+			alert(data.msg)
+		}
+	}
+</script>
+</body>
+
+
+</html>
\ No newline at end of file
diff --git a/src/main/resources/app.yml b/src/main/resources/app.yml
index eff584e304e4d36527f2ae1d64f4ac4e8ddb48dd..d5969af64eaa0b971978876af9a354086e9e3c90 100644
--- a/src/main/resources/app.yml
+++ b/src/main/resources/app.yml
@@ -1,5 +1,5 @@
 server:
-  port: 8080
+  port: 8081
   request:
     maxBodySize: 20mb
     maxFileSize: 2048mb
@@ -8,7 +8,7 @@ server:
 project:
   sqlPrint: false
   beanPackage: com.cym.model
-  home: /home/nginxWebUI/
+  home: ./home/nginxWebUI/
   findPass: false
   
 solon:
diff --git a/src/main/resources/messages.properties b/src/main/resources/messages.properties
index 3737951da5e68049517136c6bcfc0d7a14c05fd5..9a244c6a3399ae5b408c1cee63747af11983df9e 100644
--- a/src/main/resources/messages.properties
+++ b/src/main/resources/messages.properties
@@ -310,6 +310,7 @@ mailStr.user         = \u7528\u6237\u540D
 
 menuStr.about       = \u5173\u4E8E
 menuStr.admin       = \u7BA1\u7406\u5458\u7BA1\u7406
+menuStr.sso         = SSO
 menuStr.bak         = \u5907\u4EFD\u6587\u4EF6\u7BA1\u7406
 menuStr.basic       = \u57FA\u672C\u53C2\u6570\u914D\u7F6E
 menuStr.cert        = \u8BC1\u4E66\u7BA1\u7406
diff --git a/src/main/resources/messages_en_US.properties b/src/main/resources/messages_en_US.properties
index a0af07c9bb7c90a7a0acb504a4aa24b6a5235474..968442ff2245e042fc3961b844be3b8db249fb8c 100644
--- a/src/main/resources/messages_en_US.properties
+++ b/src/main/resources/messages_en_US.properties
@@ -310,6 +310,7 @@ mailStr.user         = Username
 
 menuStr.about       = About
 menuStr.admin       = Administrator
+menuStr.sso         = SSO
 menuStr.bak         = Backup
 menuStr.basic       = Basic configuration
 menuStr.cert        = Certificate
diff --git a/src/main/resources/messages_zh_TW.properties b/src/main/resources/messages_zh_TW.properties
index 8e96c9fdb6fc68540eb605871dd404646e1c01b4..622d5eb4e168cbeb4f02b0d5a103670346496e44 100644
--- a/src/main/resources/messages_zh_TW.properties
+++ b/src/main/resources/messages_zh_TW.properties
@@ -310,6 +310,7 @@ mailStr.user         = \u7528\u6236\u540D
 
 menuStr.about       = \u95DC\u65BC
 menuStr.admin       = \u7BA1\u7406\u54E1\u7BA1\u7406
+menuStr.sso         = SSO
 menuStr.bak         = \u5099\u4EFD\u6587\u4EF6\u7BA1\u7406
 menuStr.basic       = \u57FA\u672C\u53C3\u6578\u914D\u7F6E
 menuStr.cert        = \u8B49\u66F8\u7BA1\u7406