diff --git a/README.md b/README.md
index 03c4399d0e47c8bece0d56949dce9d8ea101e914..b6656486063ae1633cc9eb290b3bba54eb8ea178 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# acp-admin-cloud
-###### v6.9.0 [版本更新日志](doc/version_history.md)
+###### v7.0.0 [版本更新日志](doc/version_history.md)
- 使用Application Construction Platform 应用构建平台作为脚手架
- 基于 Spring Cloud 的微服务版本,基于 Spring Boot
@@ -9,54 +9,55 @@
## 相关组件版本
-- [Spring Boot 3.5.3](https://projects.spring.io/spring-boot)
+- [Spring Boot 3.5.4](https://projects.spring.io/spring-boot)
- [Spring Boot Admin 3.5.1](https://github.com/codecentric/spring-boot-admin)
-- [Acp 2025.5.0](https://gitee.com/zhangbinhub/acp)
+- [Acp 2025.7.1](https://gitee.com/zhangbinhub/acp)
- [sensitive](https://github.com/houbb/sensitive)
## 技术栈
-- camunda
-- joda-time
-- netty
-- hibernate
-- jackson
-- sensitive
-- knife4j
-- junit5
-- spring-boot
- - spring-boot-starter-webflux
- - spring-boot-starter-undertow
- - spring-boot-starter-actuator
- - spring-boot-starter-validation
- - spring-boot-starter-aop
- - spring-boot-starter-websocket
- - spring-boot-starter-security
- - spring-boot-starter-data-jpa
- - spring-boot-starter-data-redis
- - spring-boot-starter-data-redis-reactive
- - spring-boot-starter-oauth2-resource-server
- - spring-boot-starter-oauth2-authorization-server
-- spring-boot-admin-server
-- spring-cloud-alibaba
- - spring-cloud-starter-alibaba-nacos-discovery
- - spring-cloud-starter-alibaba-nacos-config
- - spring-cloud-starter-alibaba-sentinel
- - sentinel-datasource-nacos
-- spring-cloud
- - spring-cloud-starter-loadbalancer
- - spring-cloud-starter-gateway
- - spring-cloud-starter-stream-kafka
- - spring-cloud-stream-binder-kafka-streams
- - spring-cloud-starter-bus-kafka
- - spring-cloud-starter-openfeign
-- feign-hc5
-- micrometer-tracing-bridge-otel
-- opentelemetry-exporter-zipkin
+| 分类 | 组件 | Spring技术栈 |
+|-------|-----------|-----------------------------------------------------------------------------------------------------------------------------|
+| 构建工具 | - | Gradle 8.6+ |
+| 开发语言 | JVM | 17+ |
+| | Java | 17+ |
+| | Kotlin | 2.1+ |
+| Core | 日期时间处理 | Joda Time |
+| | UUID | [uuid-creator](https://github.com/f4b6a3/uuid-creator) |
+| | 加解密库 | bouncycastle |
+| | PDF处理 | itextpdf
html2pdf |
+| | 文件压缩 | Zip4j |
+| Boot | WEB服务 | Undertow |
+| | http工具类 | RestClient
WebClient |
+| | 日志框架 | slf4j
logback |
+| | Json处理 | Jackson |
+| | Xml处理 | Jackson |
+| | ORM框架 | Hibernate (JPA) |
+| | Api文档 | [Knife4j(国产)](https://doc.xiaominfo.com/)
Openapi3 |
+| | 安全框架 | [Sa-Token(国产)](https://sa-token.cc/index.html) |
+| | 资源服务 | [Sa-Token(国产)](https://sa-token.cc/index.html)
sa-token-oauth2 |
+| | 认证服务 | [Sa-Token(国产)](https://sa-token.cc/index.html)
sa-token-oauth2 |
+| | 认证协议 | Oauth 2.0 |
+| | WebSocket | spring-boot-starter-websocket |
+| | TCP/UDP | Netty |
+| | 校验 | spring-boot-starter-validation |
+| | Redis | spring-boot-starter-data-redis
spring-boot-starter-data-redis-reactive |
+| | 工作流引擎 | [warm-flow(国产)](https://warm-flow.dromara.org/) |
+| Cloud | 监控 | spring-boot-admin-server |
+| | 注册中心 | [Nacos(国产)](https://nacos.io/)
spring-cloud-starter-alibaba-nacos-discovery |
+| | 配置中心 | [Nacos(国产)](https://nacos.io/)
spring-cloud-starter-alibaba-nacos-config |
+| | 熔断/限流 | [Sentinel(国产)](http://sentinelguard.io/zh-cn/)
spring-cloud-starter-alibaba-sentinel
sentinel-datasource-nacos |
+| | 服务间调用 | spring-cloud-starter-openfeign
feign-hc5 |
+| | 负载均衡 | spring-cloud-starter-loadbalancer |
+| | 消息总线 | Kafka
spring-cloud-starter-stream-kafka
spring-cloud-stream-binder-kafka-streams
spring-cloud-starter-bus-kafka |
+| | 日志收集 | Kafka
spring-cloud-starter-stream-kafka
spring-cloud-stream-binder-kafka-streams |
+| | 网关 | spring-cloud-starter-gateway |
+| | 分布式锁 | 默认集成Redisson,需要自定义时实现`io.gitee.zhangbinhub.acp.cloud.lock.DistributedLock`接口即可 |
+| | 链路追踪 | `opentelemetry` |
## 总体架构
-
+
#### 说明
@@ -72,8 +73,6 @@
- **【依赖中间件 kafka】** 各深度定制开发的服务通过 **kafka** 发送日志消息,**log server** 从 **Kafka** 中消费消息并进行日志的统一记录
- **【依赖中间件 kafka、logstash、elasticsearch】** 日志收集
**logstash** 从 **Kafka** 中消费日志消息并存储到 **elasticsearch** 中
-- **【依赖中间件 zookeeper】** 分布式锁,实现 **io.gitee.zhangbinhub.acp.cloud.lock.DistributedLock** 接口,并注册为**Spring
- Bean** ,包路径中包含 **curator-recipes** 时,默认配置一个基于 **zookeeper** 的分布式锁实现
- 需要进行防重请求的 controller 方法上增加注解 **io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudDuplicateSubmission**
,默认30秒过期
- 前后端交互 **HttpStatus Code** 说明
@@ -106,7 +105,7 @@
公共自定义任务配置,适用于所有项目模块
-##### 3.[gradle/dependencies.gradle](gradle/dependencies.gradle)
+##### 3.[gradle/libs.versions.toml](gradle/libs.versions.toml)
定义外部依赖版本号
@@ -118,7 +117,7 @@
各子模块版本号
-##### 6.[gradle/publish.gradle](gradle/publish.gradle)
+##### 6.[gradle/publishJar.gradle](gradle/publishJar.gradle)
发布任务配置,适用于所有项目模块
diff --git a/build.gradle b/build.gradle
index d8659bc36aab5f1958a0dcae845a0f87ee62cfd2..8a2c32b13ba5e543aa395536cb194885e881306e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -23,7 +23,9 @@ buildscript {
mavenCentral()
}
}
-
+plugins {
+ alias(libs.plugins.jreleaser) apply false
+}
ext {
println("Environment : JAVA_HOME=$System.env.JAVA_HOME")
println("Gradle Version : ${projectProperties.getProperty('gradleVersion')}")
diff --git a/common/acp-admin-cloud-constant/build.gradle b/common/acp-admin-cloud-constant/build.gradle
index c573311e4aa6644c7d69076016fb56cf3ca69e12..f1d317c1ecdd8b7a5bbc4bd34935e2356654962e 100644
--- a/common/acp-admin-cloud-constant/build.gradle
+++ b/common/acp-admin-cloud-constant/build.gradle
@@ -1 +1 @@
-apply from: "$rootDir/gradle/publish.gradle"
\ No newline at end of file
+apply from: "$rootDir${File.separator}gradle${File.separator}publishJar.gradle"
\ No newline at end of file
diff --git a/common/acp-admin-cloud-constant/src/main/kotlin/io/gitee/zhangbinhub/admin/common/permission/BaseExpression.kt b/common/acp-admin-cloud-constant/src/main/kotlin/io/gitee/zhangbinhub/admin/common/permission/BaseExpression.kt
deleted file mode 100644
index 0ce28253921391a9d579ea725d9676aa36d18661..0000000000000000000000000000000000000000
--- a/common/acp-admin-cloud-constant/src/main/kotlin/io/gitee/zhangbinhub/admin/common/permission/BaseExpression.kt
+++ /dev/null
@@ -1,29 +0,0 @@
-package io.gitee.zhangbinhub.admin.common.permission
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义权限表达式
- *
- * @author zhang by 11/01/2019
- * @since JDK 11
- */
-object BaseExpression {
- /**
- * 仅超级管理员可执行
- */
- const val superOnly = "hasRole('" + RoleCode.SUPER + "')"
-
- /**
- * 拥有系统监控权限
- */
- const val sysMonitor =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.sysMonitor + "')"
-
- /**
- * 拥有系统配置权限
- */
- const val sysConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.sysConfig + "')"
-}
diff --git a/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/Test.kt b/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/Test.kt
deleted file mode 100644
index b50fe6ac96abfc77335fe1ee9dff71352206fc97..0000000000000000000000000000000000000000
--- a/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/Test.kt
+++ /dev/null
@@ -1,48 +0,0 @@
-package io.gitee.zhangbinhub.admin.common.test
-
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-import kotlinx.coroutines.*
-import java.util.*
-
-/**
- * @author zhang by 12/08/2019
- * @since JDK 11
- */
-fun main() = runBlocking {
- try {
- val fields = RoleCode::class.java.declaredFields
- for (field in fields) {
- val value = field.get(RoleCode::class.java)
- if (value is String) {
- if (RoleCode.prefix != value) {
- println(value)
- }
- }
- }
- val ss = "[fsdadf2341243]"
- println(ss.replace(Regex("[\\[|\\]]"), ""))
-
- var totle = 0
- val start = System.currentTimeMillis()
- val set = mutableSetOf()
- withContext(Dispatchers.IO) {
- var totlet = 0
- for (index in 0..50) {
- launch(Dispatchers.IO) {
- delay(2000)
- UUID.randomUUID().toString().uppercase().let {
- println(Thread.currentThread())
- println("$index >>>>>>>> finished $it")
- set.add(it)
- }
- totlet++
- }
- }
- totle = totlet
- }
- println(set.size)
- println("totle = $totle, time = ${System.currentTimeMillis() - start} ms")
- } catch (e: Exception) {
- e.printStackTrace()
- }
-}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/TestSimple.kt b/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/TestSimple.kt
deleted file mode 100644
index dbf4351d48439fcebef74d6091d13c9b5bffd095..0000000000000000000000000000000000000000
--- a/common/acp-admin-cloud-constant/src/test/kotlin/io/gitee/zhangbinhub/admin/common/test/TestSimple.kt
+++ /dev/null
@@ -1,10 +0,0 @@
-package io.gitee.zhangbinhub.admin.common.test
-
-import org.junit.jupiter.api.Test
-
-class TestSimple {
- @Test
- fun testDemo(){
- println("test successful!")
- }
-}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/build.gradle b/common/acp-admin-cloud-dependencies-resource-server-reactive/build.gradle
new file mode 100644
index 0000000000000000000000000000000000000000..b0410bc0ad82221541d721b91ba69f1f17c2b1b4
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/build.gradle
@@ -0,0 +1,20 @@
+apply plugin: "io.spring.dependency-management"
+dependencyManagement {
+ imports {
+ mavenBom("io.gitee.zhangbinhub.acp:acp-spring-dependency:${libs.versions.acp.get()}")
+ }
+ dependencies {
+ dependency "$group:$name:$version"
+ }
+}
+dependencies {
+ api project(":acp-admin-cloud-dependencies")
+ api "io.gitee.zhangbinhub.acp:acp-spring-cloud-starter-resource-server-reactive"
+ annotationProcessor "org.springframework.boot:spring-boot-configuration-processor"
+
+ testImplementation platform("org.junit:junit-bom")
+ testImplementation("org.junit.jupiter:junit-jupiter")
+ testImplementation("org.junit.platform:junit-platform-launcher")
+ testImplementation "org.springframework.boot:spring-boot-starter-test"
+}
+apply from: "$rootDir${File.separator}gradle${File.separator}publishJar.gradle"
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt
new file mode 100644
index 0000000000000000000000000000000000000000..f27fc7e9443c8d2015aa164d18c6ae520346ff05
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt
@@ -0,0 +1,13 @@
+package io.gitee.zhangbinhub.admin.resource.server
+
+import com.fasterxml.jackson.databind.ObjectMapper
+import io.gitee.zhangbinhub.admin.resource.server.tools.TokenUserTools
+import org.springframework.boot.autoconfigure.AutoConfiguration
+import org.springframework.context.annotation.Bean
+
+@AutoConfiguration
+class AcpAdminResourceServerComponentAutoConfiguration {
+ @Bean
+ fun tokenUserTools(objectMapper: ObjectMapper): TokenUserTools =
+ TokenUserTools(objectMapper)
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerInfoAutoConfiguration.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerInfoAutoConfiguration.kt
new file mode 100644
index 0000000000000000000000000000000000000000..78627434eafecfa35d17fdbb18ca6932673bf387
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerInfoAutoConfiguration.kt
@@ -0,0 +1,17 @@
+package io.gitee.zhangbinhub.admin.resource.server
+
+import io.gitee.zhangbinhub.admin.resource.server.actuate.info.AcpAdminResourceServerDependenciesInfoContributor
+import org.springframework.boot.actuate.autoconfigure.endpoint.EndpointAutoConfiguration
+import org.springframework.boot.actuate.autoconfigure.info.ConditionalOnEnabledInfoContributor
+import org.springframework.boot.actuate.info.InfoContributor
+import org.springframework.boot.autoconfigure.AutoConfiguration
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass
+import org.springframework.context.annotation.Bean
+
+@AutoConfiguration(before = [EndpointAutoConfiguration::class])
+@ConditionalOnClass(InfoContributor::class, ConditionalOnEnabledInfoContributor::class)
+class AcpAdminResourceServerInfoAutoConfiguration {
+ @Bean
+ @ConditionalOnEnabledInfoContributor("acp-admin-cloud-dependencies-resource-server")
+ fun acpAdminDependenciesResourceServerInfoContributor() = AcpAdminResourceServerDependenciesInfoContributor()
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/actuate/info/AcpAdminResourceServerDependenciesInfoContributor.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/actuate/info/AcpAdminResourceServerDependenciesInfoContributor.kt
new file mode 100644
index 0000000000000000000000000000000000000000..c521822c8060a450e1738e915aee344f2eb447f2
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/actuate/info/AcpAdminResourceServerDependenciesInfoContributor.kt
@@ -0,0 +1,20 @@
+package io.gitee.zhangbinhub.admin.resource.server.actuate.info
+
+import org.springframework.boot.actuate.info.Info
+import org.springframework.boot.actuate.info.InfoContributor
+
+class AcpAdminResourceServerDependenciesInfoContributor : InfoContributor {
+ override fun contribute(builder: Info.Builder) {
+ builder.withDetail("acp-admin-cloud-dependencies-resource-server-reactive", version())
+ }
+
+ private fun version(): Map {
+ val info: MutableMap = HashMap()
+ info["version"] = getVersion()
+ return info
+ }
+
+ private fun getVersion(): String? {
+ return AcpAdminResourceServerDependenciesInfoContributor::class.java.getPackage()?.implementationVersion
+ }
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt
new file mode 100644
index 0000000000000000000000000000000000000000..31bee9ae7f131735e77022c776378c1bf83eb6ea
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt
@@ -0,0 +1,31 @@
+package io.gitee.zhangbinhub.admin.resource.server.base
+
+import cn.dev33.satoken.stp.StpUtil
+import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
+import io.gitee.zhangbinhub.admin.common.base.BaseController
+
+/**
+ * @author zhang by 15/01/2019
+ * @since JDK 11
+ */
+abstract class BaseResourceServerController(private val logAdapter: LogAdapter) : BaseController() {
+ /**
+ * 校验当前token是否具有指定的所有权限
+ * @param authenticationList 待校验权限列表,权限列表为空则返回false
+ */
+ protected fun hasAuthentication(authenticationList: MutableList): Boolean = authenticationList.let {
+ if (it.isNotEmpty()) {
+ it.forEach { authentication ->
+ if (!StpUtil.hasPermission(authentication)) {
+ logAdapter.warn("当前用户【${StpUtil.getLoginId()}】没有权限【$authentication】")
+ return@let false
+ }
+ }
+ true
+ } else {
+ logAdapter.warn("当前用户【${StpUtil.getLoginId()}】权限列表为空")
+ false
+ }
+ }
+
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/MyProcessQueryPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/MyProcessQueryPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..3b6a19c55122e45a3a3c416eab4f62330badf5c6
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/MyProcessQueryPo.kt
@@ -0,0 +1,19 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.gitee.zhangbinhub.admin.common.base.BaseQueryPo
+import io.swagger.v3.oas.annotations.media.Schema
+
+data class MyProcessQueryPo(
+ @Schema(description = "流程定义键")
+ var processDefinitionKeys: MutableList? = null,
+ @Schema(description = "流程实例ID")
+ var processInstanceIds: MutableList? = null,
+ @Schema(description = "业务键")
+ var processBusinessKey: String? = null,
+ @Schema(description = "发起人")
+ var startUserId: String? = null,
+ @Schema(description = "匹配创建时间(开始)")
+ var startTime: Long? = null,
+ @Schema(description = "匹配创建时间(结束)")
+ var endTime: Long? = null
+) : BaseQueryPo()
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessHandlingPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessHandlingPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..805d21a039249749e5f5788ff4a5b4c28f3551fa
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessHandlingPo.kt
@@ -0,0 +1,18 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.swagger.v3.oas.annotations.media.Schema
+import jakarta.validation.constraints.NotNull
+
+@Schema(description = "流程任务处理参数")
+data class ProcessHandlingPo(
+ @Schema(description = "任务id", required = true)
+ @field:NotNull(message = "任务id不能为空")
+ var taskId: Long? = null,
+ @Schema(description = "处理结果", required = true)
+ @field:NotNull(message = "处理结果不能为空")
+ var pass: Boolean? = null,
+ @Schema(description = "处理意见", required = true)
+ var message: String? = null,
+ @Schema(description = "自定义流程参数")
+ var params: MutableMap = mutableMapOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessQueryPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessQueryPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..cc703a6248ac36ea8b9b5f08e3154757fab4824f
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessQueryPo.kt
@@ -0,0 +1,15 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.gitee.zhangbinhub.admin.common.base.BaseQueryPo
+import io.swagger.v3.oas.annotations.media.Schema
+
+data class ProcessQueryPo(
+ @Schema(description = "流程实例ID")
+ var processInstanceId: Long? = null,
+ @Schema(description = "业务键")
+ var processBusinessKey: String? = null,
+ @Schema(description = "流程状态")
+ var flowStatus: String? = null,
+ @Schema(description = "发起人")
+ var startUserId: String? = null
+) : BaseQueryPo()
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessStartPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessStartPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..c516f078de6ea930fc149df1c63f5d6608f2d932
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessStartPo.kt
@@ -0,0 +1,22 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.swagger.v3.oas.annotations.media.Schema
+import jakarta.validation.constraints.NotBlank
+
+@Schema(description = "启动流程参数")
+data class ProcessStartPo(
+ @Schema(description = "流程定义键", required = true)
+ @field:NotBlank(message = "流程定义键不能为空")
+ var processDefinitionKey: String? = null,
+ @Schema(description = "业务键", required = true)
+ @field:NotBlank(message = "业务键不能为空")
+ var businessKey: String? = null,
+ @Schema(description = "标题", required = true)
+ @field:NotBlank(message = "标题不能为空")
+ var title: String? = null,
+ @Schema(description = "流程描述", required = true)
+ @field:NotBlank(message = "流程描述不能为空")
+ var description: String? = null,
+ @Schema(description = "自定义参数")
+ var params: MutableMap = mutableMapOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTaskQueryPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTaskQueryPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..1dd350e95743e46c7260941c1fd64a96b6546c70
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTaskQueryPo.kt
@@ -0,0 +1,11 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.gitee.zhangbinhub.admin.common.base.BaseQueryPo
+import io.swagger.v3.oas.annotations.media.Schema
+
+data class ProcessTaskQueryPo(
+ @Schema(description = "流程实例ID")
+ var processInstanceId: Long? = null,
+ @Schema(description = "业务键")
+ var processBusinessKey: String? = null
+) : BaseQueryPo()
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTerminationPo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTerminationPo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..5267f712502e286fcc05f79a887a932cd2534eb3
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/po/ProcessTerminationPo.kt
@@ -0,0 +1,15 @@
+package io.gitee.zhangbinhub.admin.resource.server.po
+
+import io.swagger.v3.oas.annotations.media.Schema
+import jakarta.validation.constraints.NotBlank
+import jakarta.validation.constraints.NotNull
+
+@Schema(description = "强制终止流程实例参数")
+data class ProcessTerminationPo(
+ @Schema(description = "流程实例ID", required = true)
+ @field:NotNull(message = "流程实例ID不能为空")
+ var processInstanceId: Long? = null,
+ @Schema(description = "原因", required = true)
+ @field:NotBlank(message = "原因不能为空")
+ var reason: String? = null
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt
new file mode 100644
index 0000000000000000000000000000000000000000..f264ff16776e9c5eba373542da4f546562e875f4
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt
@@ -0,0 +1,30 @@
+package io.gitee.zhangbinhub.admin.resource.server.tools
+
+import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception
+import com.fasterxml.jackson.databind.ObjectMapper
+import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
+import io.gitee.zhangbinhub.acp.cloud.resource.server.tools.TokenTools
+import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
+import org.bouncycastle.util.encoders.Base64
+
+class TokenUserTools(private val objectMapper: ObjectMapper) {
+ @Throws(SaOAuth2Exception::class)
+ fun encryptUserInfo(userInfoVo: TokenUserInfoVo): String = try {
+ Base64.toBase64String(objectMapper.writeValueAsBytes(userInfoVo))
+ } catch (e: Exception) {
+ throw SaOAuth2Exception(e.message)
+ }
+
+ @Throws(SaOAuth2Exception::class)
+ fun decryptUserInfo(ciphertext: String): TokenUserInfoVo = try {
+ objectMapper.readValue(Base64.decode(ciphertext), TokenUserInfoVo::class.java)
+ } catch (e: Exception) {
+ throw SaOAuth2Exception(e.message)
+ }
+
+ @Throws(SaOAuth2Exception::class)
+ fun getUserInfoFromToken(accessToken: String? = null): TokenUserInfoVo =
+ TokenTools.getAccessTokenModel(accessToken)?.let { atm ->
+ decryptUserInfo(atm.extraData[AcpCloudResourceServerConstant.TOKEN_CLAIMS_USER_INFO].toString())
+ } ?: TokenUserInfoVo()
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..67c3f58530048bb8685625462f9d32e0255d701c
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt
@@ -0,0 +1,15 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+/**
+ * @since JDK 11
+ */
+data class ApplicationVo(
+ var id: String = "",
+ var appName: String = "",
+ var secret: String = "",
+ var scope: String? = null,
+ var identify: String? = null,
+ var accessTokenValiditySeconds: Int = 0,
+ var refreshTokenValiditySeconds: Int = 0,
+ var covert: Boolean = true
+)
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..2987fc58c67907735d222d979c995cad7389c296
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt
@@ -0,0 +1,19 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+/**
+ * @author zhang by 19/01/2019
+ * @since JDK 11
+ */
+@Schema(description = "模块功能配置详细信息")
+data class ModuleFuncVo(
+ @Schema(description = "ID")
+ var id: String? = null,
+ @Schema(description = "应用ID")
+ var appId: String? = null,
+ @Schema(description = "模块名称")
+ var name: String? = null,
+ @Schema(description = "模块编码")
+ var code: String? = null
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..496274b779a1c2374d38e8890aa543b783e04bc2
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt
@@ -0,0 +1,25 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+/**
+ * @author zhang by 17/01/2019
+ * @since JDK 11
+ */
+@Schema(description = "机构详细信息")
+data class OrganizationVo(
+ @Schema(description = "机构ID")
+ var id: String? = null,
+ @Schema(description = "机构名称")
+ var name: String? = null,
+ @Schema(description = "机构区域")
+ var area: String? = null,
+ @Schema(description = "机构编码")
+ var code: String? = null,
+ @Schema(description = "上级机构ID")
+ var parentId: String? = null,
+ @Schema(description = "序号")
+ var sort: Int = 0,
+ @Schema(description = "关联用户ID")
+ var userIds: MutableList = mutableListOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessDefinitionVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessDefinitionVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..13333c15447647482f0c078c8a2cd3694fd8eb88
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessDefinitionVo.kt
@@ -0,0 +1,27 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+@Schema(description = "流程定义")
+data class ProcessDefinitionVo(
+ @Schema(description = "流程定义id")
+ var id: String? = null,
+ @Schema(description = "流程编码")
+ var flowCode: String? = null,
+ @Schema(description = "流程名称")
+ var flowName: String? = null,
+ @Schema(description = "流程版本")
+ var version: String? = null,
+ @Schema(description = "流程类别")
+ var category: String? = null,
+ @Schema(description = "定义内容")
+ var content: String? = null,
+ @Schema(description = "创建时间")
+ var createTime: Long = System.currentTimeMillis(),
+ @Schema(description = "最后更新时间")
+ var updateTime: Long = System.currentTimeMillis(),
+ @Schema(description = "发布状态")
+ var publishStatus: Int? = null,
+ @Schema(description = "激活状态")
+ var activityStatus: Int? = null
+)
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessHisTaskVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessHisTaskVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..41ed9869cfee7d7ab24911f7d6170b71d5664e44
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessHisTaskVo.kt
@@ -0,0 +1,33 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+@Schema(description = "流程历史记录")
+data class ProcessHisTaskVo(
+ @Schema(description = "流程实例id")
+ var processInstanceId: String? = null,
+ @Schema(description = "流程定义键")
+ var processDefinitionKey: String? = null,
+ @Schema(description = "流程名称")
+ var flowName: String? = null,
+ @Schema(description = "任务id")
+ var taskId: String? = null,
+ @Schema(description = "节点编码")
+ var nodeCode: String? = null,
+ @Schema(description = "节点名称")
+ var nodeName: String? = null,
+ @Schema(description = "业务键")
+ var businessKey: String? = null,
+ @Schema(description = "流程自定义参数")
+ var params: MutableMap = mutableMapOf(),
+ @Schema(description = "任务创建时间")
+ var createTime: Long = 0,
+ @Schema(description = "审批完成时间")
+ var updateTime: Long? = null,
+ @Schema(description = "审批人")
+ var user: UserVo? = null,
+ @Schema(description = "审批意见")
+ var message: String? = null,
+ @Schema(description = "流转类型")
+ var skipType: String? = null
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessInstanceVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessInstanceVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..974e3060b6e92646f2d1201c308c238589c3294d
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessInstanceVo.kt
@@ -0,0 +1,39 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+@Schema(description = "流程实例")
+data class ProcessInstanceVo(
+ @Schema(description = "流程实例id")
+ var processInstanceId: String? = null,
+ @Schema(description = "流程定义键")
+ var processDefinitionKey: String? = null,
+ @Schema(description = "业务键")
+ var businessKey: String? = null,
+ @Schema(description = "流程名称")
+ var flowName: String? = null,
+ @Schema(description = "标题")
+ var title: String? = null,
+ @Schema(description = "流程描述")
+ var description: String? = null,
+ @Schema(description = "发起人")
+ var startUser: UserVo? = null,
+ @Schema(description = "当前处理人")
+ var activityUser: MutableList = mutableListOf(),
+ @Schema(description = "自定义参数")
+ var params: MutableMap = mutableMapOf(),
+ @Schema(description = "流程节点编码")
+ var nodeCode: String? = null,
+ @Schema(description = "流程节点名称")
+ var nodeName: String? = null,
+ @Schema(description = "开始时间")
+ var startTime: Long = 0,
+ @Schema(description = "更新时间")
+ var updateTime: Long = 0,
+ @Schema(description = "激活状态(0挂起 1激活)")
+ var activityStatus: Int? = null,
+ @Schema(description = "流程状态(0待提交 1审批中 2 审批通过 3自动通过 4终止 5作废 6撤销 7取回 8已完成 9已退回 10失效)")
+ var status: String? = null,
+ @Schema(description = "流程是否结束")
+ var finished: Boolean = false
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessTaskVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessTaskVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..d0b1644504a0a2fed1f255dae7395168c8389086
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ProcessTaskVo.kt
@@ -0,0 +1,33 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+@Schema(description = "流程任务")
+data class ProcessTaskVo(
+ @Schema(description = "流程实例id")
+ var processInstanceId: String? = null,
+ @Schema(description = "流程定义键")
+ var processDefinitionKey: String? = null,
+ @Schema(description = "流程名称")
+ var flowName: String? = null,
+ @Schema(description = "任务id")
+ var taskId: String? = null,
+ @Schema(description = "节点编码")
+ var nodeCode: String? = null,
+ @Schema(description = "节点名称")
+ var nodeName: String? = null,
+ @Schema(description = "业务键")
+ var businessKey: String? = null,
+ @Schema(description = "流程自定义参数")
+ var params: MutableMap = mutableMapOf(),
+ @Schema(description = "任务创建时间")
+ var createTime: Long = 0,
+ @Schema(description = "标题")
+ var title: String? = null,
+ @Schema(description = "流程描述")
+ var description: String? = null,
+ @Schema(description = "流程发起人")
+ var startUser: UserVo? = null,
+ @Schema(description = "待办人列表")
+ var pendingUserList: List = mutableListOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..0177d7555b01ffb2ace932a72182044f117c4aaa
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt
@@ -0,0 +1,30 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+/**
+ * @since JDK 11
+ */
+@Schema(description = "角色详细信息")
+data class RoleVo(
+ @Schema(description = "角色ID")
+ var id: String? = null,
+ @Schema(description = "应用ID")
+ var appId: String? = null,
+ @Schema(description = "角色名称")
+ var name: String? = null,
+ @Schema(description = "角色编码")
+ var code: String? = null,
+ @Schema(description = "角色级别")
+ var levels: Int = 1,
+ @Schema(description = "序号")
+ var sort: Int = 0,
+ @Schema(description = "类型")
+ var type: Int? = null,
+ @Schema(description = "关联用户ID")
+ var userIds: MutableList = mutableListOf(),
+ @Schema(description = "关联菜单ID")
+ var menuIds: MutableList = mutableListOf(),
+ @Schema(description = "关联模块功能ID")
+ var moduleFuncIds: MutableList = mutableListOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..1ec4a46ea9e17f3ce1613fdeeeee05f9782c2e42
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt
@@ -0,0 +1,19 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+/**
+ * @author zhang by 15/01/2019
+ * @since JDK 11
+ */
+@Schema(description = "运行配置信息")
+data class RuntimeConfigVo(
+ @Schema(description = "名称")
+ var name: String = "",
+ @Schema(description = "值")
+ var value: String? = null,
+ @Schema(description = "描述")
+ var configDes: String? = null,
+ @Schema(description = "是否启用")
+ var enabled: Boolean? = null
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/TokenUserInfoVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/TokenUserInfoVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..b52707d05ff43f3378828846ee3c96c0e0d49b44
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/TokenUserInfoVo.kt
@@ -0,0 +1,19 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+@Schema(description = "Token中存储的用户信息详情")
+data class TokenUserInfoVo(
+ @Schema(description = "应用ID")
+ var appId: String? = null,
+ @Schema(description = "用户ID")
+ var id: String? = null,
+ @Schema(description = "名称")
+ var name: String? = null,
+ @Schema(description = "登录号")
+ var loginNo: String? = null,
+ @Schema(description = "手机号")
+ var mobile: String? = null,
+ @Schema(description = "手机号")
+ var loginTime: Long? = null
+)
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt
new file mode 100644
index 0000000000000000000000000000000000000000..ec9bcf54bf619ca472c116897b0d4b5bf3be3452
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt
@@ -0,0 +1,32 @@
+package io.gitee.zhangbinhub.admin.resource.server.vo
+
+import io.swagger.v3.oas.annotations.media.Schema
+
+/**
+ * @since JDK 11
+ */
+@Schema(description = "用户信息详情")
+data class UserVo(
+ @Schema(description = "用户ID")
+ var id: String? = null,
+ @Schema(description = "用户名称")
+ var name: String? = null,
+ @Schema(description = "登录号")
+ var loginNo: String? = null,
+ @Schema(description = "手机号")
+ var mobile: String? = null,
+ @Schema(description = "用户级别")
+ var levels: Int = 0,
+ @Schema(description = "是否启用")
+ var enabled: Boolean = false,
+ @Schema(description = "序号")
+ var sort: Int = 0,
+ @Schema(description = "备注")
+ var remark: String? = null,
+ @Schema(description = "所属机构")
+ var organizationSet: MutableSet = mutableSetOf(),
+ @Schema(description = "可管理的机构")
+ var organizationMngSet: MutableSet = mutableSetOf(),
+ @Schema(description = "所属角色")
+ var roleSet: MutableSet = mutableSetOf()
+)
diff --git a/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
new file mode 100644
index 0000000000000000000000000000000000000000..781b3135979ad8e6639a242111189ef69440d7e2
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server-reactive/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
@@ -0,0 +1,2 @@
+io.gitee.zhangbinhub.admin.resource.server.AcpAdminResourceServerComponentAutoConfiguration
+io.gitee.zhangbinhub.admin.resource.server.AcpAdminResourceServerInfoAutoConfiguration
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server/build.gradle b/common/acp-admin-cloud-dependencies-resource-server/build.gradle
index f668e04251b54c21cff9d0cb1164cd5895fe563c..a68856123cad495cae8e9a5d25f820be8ca34557 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/build.gradle
+++ b/common/acp-admin-cloud-dependencies-resource-server/build.gradle
@@ -1,4 +1,3 @@
-apply from: "$rootDir/gradle/publish.gradle"
apply plugin: "io.spring.dependency-management"
dependencyManagement {
imports {
@@ -17,4 +16,5 @@ dependencies {
testImplementation("org.junit.jupiter:junit-jupiter")
testImplementation("org.junit.platform:junit-platform-launcher")
testImplementation "org.springframework.boot:spring-boot-starter-test"
-}
\ No newline at end of file
+}
+apply from: "$rootDir${File.separator}gradle${File.separator}publishJar.gradle"
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt
index 5a3ed18f7b744f9eff03f51e9eb9f276282d1c9e..f27fc7e9443c8d2015aa164d18c6ae520346ff05 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/AcpAdminResourceServerComponentAutoConfiguration.kt
@@ -1,14 +1,13 @@
package io.gitee.zhangbinhub.admin.resource.server
import com.fasterxml.jackson.databind.ObjectMapper
-import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
-import io.gitee.zhangbinhub.admin.resource.server.tools.TokenTools
+import io.gitee.zhangbinhub.admin.resource.server.tools.TokenUserTools
import org.springframework.boot.autoconfigure.AutoConfiguration
import org.springframework.context.annotation.Bean
@AutoConfiguration
class AcpAdminResourceServerComponentAutoConfiguration {
@Bean
- fun tokenTools(objectMapper: ObjectMapper): TokenTools =
- TokenTools(objectMapper)
+ fun tokenUserTools(objectMapper: ObjectMapper): TokenUserTools =
+ TokenUserTools(objectMapper)
}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt
index 2e9846cf19e33f5073f101a3842e77c4968c86b4..31bee9ae7f131735e77022c776378c1bf83eb6ea 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/base/BaseResourceServerController.kt
@@ -1,8 +1,8 @@
package io.gitee.zhangbinhub.admin.resource.server.base
+import cn.dev33.satoken.stp.StpUtil
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.admin.common.base.BaseController
-import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication
/**
* @author zhang by 15/01/2019
@@ -11,23 +11,19 @@ import org.springframework.security.oauth2.server.resource.authentication.Bearer
abstract class BaseResourceServerController(private val logAdapter: LogAdapter) : BaseController() {
/**
* 校验当前token是否具有指定的所有权限
- * @param bearerTokenAuthentication 用户token授权信息
* @param authenticationList 待校验权限列表,权限列表为空则返回false
*/
- protected fun hasAuthentication(
- bearerTokenAuthentication: BearerTokenAuthentication,
- authenticationList: MutableList
- ): Boolean = authenticationList.let {
+ protected fun hasAuthentication(authenticationList: MutableList): Boolean = authenticationList.let {
if (it.isNotEmpty()) {
it.forEach { authentication ->
- if (bearerTokenAuthentication.authorities.none { item -> item.authority == authentication }) {
- logAdapter.warn("当前用户【${bearerTokenAuthentication.name}】没有权限【$authentication】")
+ if (!StpUtil.hasPermission(authentication)) {
+ logAdapter.warn("当前用户【${StpUtil.getLoginId()}】没有权限【$authentication】")
return@let false
}
}
true
} else {
- logAdapter.warn("当前用户【${bearerTokenAuthentication.name}】权限列表为空")
+ logAdapter.warn("当前用户【${StpUtil.getLoginId()}】权限列表为空")
false
}
}
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/feign/CommonOauthServer.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/feign/CommonOauthServer.kt
index 1621a4d4c7ad430a5ea05b67022c87121b212b3a..483a45f541574b6954528b35cd6f1e5fbaef9f23 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/feign/CommonOauthServer.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/feign/CommonOauthServer.kt
@@ -26,27 +26,6 @@ interface CommonOauthServer {
@GetMapping(value = [CommonPath.innerBasePath + OauthApi.appInfo], produces = [MediaType.APPLICATION_JSON_VALUE])
fun appInfo(@RequestParam(name = "access_token") token: String): ApplicationVo
- /**
- * 获取token详细信息
- */
- @GetMapping(value = [CommonPath.innerBasePath + OauthApi.currToken], produces = [MediaType.APPLICATION_JSON_VALUE])
- fun tokenInfo(@RequestParam(name = "access_token") token: String): TokenUserInfoVo
-
- /**
- * 获取token详细信息
- */
- @GetMapping(value = [CommonPath.innerBasePath + OauthApi.currToken], produces = [MediaType.APPLICATION_JSON_VALUE])
- fun tokenInfo(): TokenUserInfoVo
-
- /**
- * 当前用户是否具有指定的功能权限
- */
- @GetMapping(
- value = [CommonPath.innerBasePath + OauthApi.moduleFunc + "/{moduleFuncCode}"],
- produces = [MediaType.APPLICATION_JSON_VALUE]
- )
- fun hasModuleFunc(@PathVariable(name = "moduleFuncCode") moduleFuncCode: String): BooleanInfoVo
-
/**
* 指定用户是否具有指定的功能权限
*/
@@ -104,12 +83,6 @@ interface CommonOauthServer {
)
fun disableUser(@PathVariable(name = "loginNo") loginNo: String): InnerInfoVo
- @GetMapping(
- value = [CommonPath.innerBasePath + OauthApi.currModuleFunc],
- produces = [MediaType.APPLICATION_JSON_VALUE]
- )
- fun findModuleFuncByCurrUser(): List
-
/**
* 获取用户列表
*/
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/hystrix/CommonOauthServerHystrix.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/hystrix/CommonOauthServerHystrix.kt
index cabbeaf7642c38123f034707463285f7fa9a656e..5c5af100d49f52d5018fe80843804cdec55247cf 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/hystrix/CommonOauthServerHystrix.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/hystrix/CommonOauthServerHystrix.kt
@@ -46,24 +46,6 @@ class CommonOauthServerHystrix(logAdapter: LogAdapter, objectMapper: ObjectMappe
return ApplicationVo()
}
- override fun tokenInfo(token: String): TokenUserInfoVo {
- val errMsg = "该token找不到对应的用户信息【$token】"
- logAdapter.error(errMsg)
- return TokenUserInfoVo()
- }
-
- override fun tokenInfo(): TokenUserInfoVo {
- val errMsg = "找不到对应的用户信息"
- logAdapter.error(errMsg)
- return TokenUserInfoVo()
- }
-
- override fun hasModuleFunc(moduleFuncCode: String): BooleanInfoVo {
- val errMsg = "找不到对应的功能权限信息"
- logAdapter.error(errMsg)
- return BooleanInfoVo(result = false)
- }
-
override fun hasModuleFunc(userId: String, moduleFuncCode: String): BooleanInfoVo {
val errMsg = "找不到对应的功能权限信息"
logAdapter.error(errMsg)
@@ -118,12 +100,6 @@ class CommonOauthServerHystrix(logAdapter: LogAdapter, objectMapper: ObjectMappe
return UserVo(loginNo = loginNo)
}
- override fun findModuleFuncByCurrUser(): List {
- val errMsg = "找不到当前用户信息功能权限信息"
- logAdapter.error(errMsg)
- return listOf()
- }
-
override fun findUserListInCurrOrg(roleCode: String): List {
val errMsg = "找不到当前部门下对应的用户信息【role=$roleCode】"
logAdapter.error(errMsg)
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenTools.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenTools.kt
deleted file mode 100644
index 025cc0a4427615efdd4615a02604656f26727817..0000000000000000000000000000000000000000
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenTools.kt
+++ /dev/null
@@ -1,42 +0,0 @@
-package io.gitee.zhangbinhub.admin.resource.server.tools
-
-import com.fasterxml.jackson.databind.ObjectMapper
-import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
-import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
-import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
-import org.bouncycastle.util.encoders.Base64
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException
-import org.springframework.security.oauth2.core.OAuth2AuthorizationException
-import org.springframework.security.oauth2.core.OAuth2Error
-import org.springframework.security.oauth2.core.OAuth2ErrorCodes
-import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication
-import org.springframework.security.oauth2.server.resource.introspection.OAuth2IntrospectionAuthenticatedPrincipal
-
-class TokenTools(private val objectMapper: ObjectMapper) {
- @Throws(OAuth2AuthenticationException::class)
- fun encryptUserInfo(userInfoVo: TokenUserInfoVo): String = try {
- Base64.toBase64String(objectMapper.writeValueAsBytes(userInfoVo))
- } catch (e: Exception) {
- throw OAuth2AuthenticationException(OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR, e.message, null), e)
- }
-
- @Throws(OAuth2AuthorizationException::class)
- fun decryptUserInfo(ciphertext: String): TokenUserInfoVo = try {
- objectMapper.readValue(Base64.decode(ciphertext), TokenUserInfoVo::class.java)
- } catch (e: Exception) {
- throw OAuth2AuthorizationException(OAuth2Error(OAuth2ErrorCodes.INVALID_TOKEN, e.message, null), e)
- }
-
- @Throws(OAuth2AuthorizationException::class)
- fun getAuthenticatedPrincipal(bearerTokenAuthentication: BearerTokenAuthentication): OAuth2IntrospectionAuthenticatedPrincipal =
- bearerTokenAuthentication.principal as? OAuth2IntrospectionAuthenticatedPrincipal
- ?: throw OAuth2AuthorizationException(OAuth2Error(OAuth2ErrorCodes.INVALID_TOKEN, "invalid token", null))
-
- @Throws(OAuth2AuthorizationException::class)
- fun getUserInfoFromToken(bearerTokenAuthentication: BearerTokenAuthentication): TokenUserInfoVo =
- (getAuthenticatedPrincipal(bearerTokenAuthentication).getClaim(
- AcpCloudResourceServerConstant.TOKEN_CLAIMS_USER_INFO
- ) as? String)?.let { claimValue ->
- decryptUserInfo(claimValue)
- } ?: TokenUserInfoVo()
-}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt
new file mode 100644
index 0000000000000000000000000000000000000000..f264ff16776e9c5eba373542da4f546562e875f4
--- /dev/null
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/tools/TokenUserTools.kt
@@ -0,0 +1,30 @@
+package io.gitee.zhangbinhub.admin.resource.server.tools
+
+import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception
+import com.fasterxml.jackson.databind.ObjectMapper
+import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
+import io.gitee.zhangbinhub.acp.cloud.resource.server.tools.TokenTools
+import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
+import org.bouncycastle.util.encoders.Base64
+
+class TokenUserTools(private val objectMapper: ObjectMapper) {
+ @Throws(SaOAuth2Exception::class)
+ fun encryptUserInfo(userInfoVo: TokenUserInfoVo): String = try {
+ Base64.toBase64String(objectMapper.writeValueAsBytes(userInfoVo))
+ } catch (e: Exception) {
+ throw SaOAuth2Exception(e.message)
+ }
+
+ @Throws(SaOAuth2Exception::class)
+ fun decryptUserInfo(ciphertext: String): TokenUserInfoVo = try {
+ objectMapper.readValue(Base64.decode(ciphertext), TokenUserInfoVo::class.java)
+ } catch (e: Exception) {
+ throw SaOAuth2Exception(e.message)
+ }
+
+ @Throws(SaOAuth2Exception::class)
+ fun getUserInfoFromToken(accessToken: String? = null): TokenUserInfoVo =
+ TokenTools.getAccessTokenModel(accessToken)?.let { atm ->
+ decryptUserInfo(atm.extraData[AcpCloudResourceServerConstant.TOKEN_CLAIMS_USER_INFO].toString())
+ } ?: TokenUserInfoVo()
+}
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt
index e107073852c6707d279d26a80f65a1d748893a35..67c3f58530048bb8685625462f9d32e0255d701c 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ApplicationVo.kt
@@ -1,7 +1,6 @@
package io.gitee.zhangbinhub.admin.resource.server.vo
/**
- * @author zhangbin by 2018-1-17 14:56
* @since JDK 11
*/
data class ApplicationVo(
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt
index 188e742c7b40c423516ed9ceea383d359f595c2a..2987fc58c67907735d222d979c995cad7389c296 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/ModuleFuncVo.kt
@@ -1,7 +1,6 @@
package io.gitee.zhangbinhub.admin.resource.server.vo
import io.swagger.v3.oas.annotations.media.Schema
-import jakarta.validation.constraints.NotBlank
/**
* @author zhang by 19/01/2019
@@ -9,19 +8,12 @@ import jakarta.validation.constraints.NotBlank
*/
@Schema(description = "模块功能配置详细信息")
data class ModuleFuncVo(
-
@Schema(description = "ID")
var id: String? = null,
-
@Schema(description = "应用ID")
var appId: String? = null,
-
@Schema(description = "模块名称")
- @NotBlank(message = "模块名称不能为空")
var name: String? = null,
-
@Schema(description = "模块编码")
- @NotBlank(message = "模块编码不能为空")
var code: String? = null
-
)
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt
index 6c1690dd06d949804affb333146f52f7c97cb21e..496274b779a1c2374d38e8890aa543b783e04bc2 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/OrganizationVo.kt
@@ -8,26 +8,18 @@ import io.swagger.v3.oas.annotations.media.Schema
*/
@Schema(description = "机构详细信息")
data class OrganizationVo(
-
@Schema(description = "机构ID")
var id: String? = null,
-
@Schema(description = "机构名称")
var name: String? = null,
-
@Schema(description = "机构区域")
var area: String? = null,
-
@Schema(description = "机构编码")
var code: String? = null,
-
@Schema(description = "上级机构ID")
var parentId: String? = null,
-
@Schema(description = "序号")
var sort: Int = 0,
-
@Schema(description = "关联用户ID")
var userIds: MutableList = mutableListOf()
-
)
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt
index edae651d3c41a92301877edfbd2bc62a3f28bba3..0177d7555b01ffb2ace932a72182044f117c4aaa 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RoleVo.kt
@@ -3,39 +3,28 @@ package io.gitee.zhangbinhub.admin.resource.server.vo
import io.swagger.v3.oas.annotations.media.Schema
/**
- * @author zhangbin by 2018-1-17 16:53
* @since JDK 11
*/
@Schema(description = "角色详细信息")
data class RoleVo(
-
@Schema(description = "角色ID")
var id: String? = null,
-
@Schema(description = "应用ID")
var appId: String? = null,
-
@Schema(description = "角色名称")
var name: String? = null,
-
@Schema(description = "角色编码")
var code: String? = null,
-
@Schema(description = "角色级别")
var levels: Int = 1,
-
@Schema(description = "序号")
var sort: Int = 0,
-
@Schema(description = "类型")
var type: Int? = null,
-
@Schema(description = "关联用户ID")
var userIds: MutableList = mutableListOf(),
-
@Schema(description = "关联菜单ID")
var menuIds: MutableList = mutableListOf(),
-
@Schema(description = "关联模块功能ID")
var moduleFuncIds: MutableList = mutableListOf()
)
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt
index c38c4219636099a1a72fc3c0256badaca61ac7d1..1ec4a46ea9e17f3ce1613fdeeeee05f9782c2e42 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/RuntimeConfigVo.kt
@@ -10,13 +10,10 @@ import io.swagger.v3.oas.annotations.media.Schema
data class RuntimeConfigVo(
@Schema(description = "名称")
var name: String = "",
-
@Schema(description = "值")
var value: String? = null,
-
@Schema(description = "描述")
var configDes: String? = null,
-
@Schema(description = "是否启用")
var enabled: Boolean? = null
)
diff --git a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt
index 74ce187217b13d9847d99c52fc7b445f05cf05f8..ec9bcf54bf619ca472c116897b0d4b5bf3be3452 100644
--- a/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt
+++ b/common/acp-admin-cloud-dependencies-resource-server/src/main/kotlin/io/gitee/zhangbinhub/admin/resource/server/vo/UserVo.kt
@@ -3,43 +3,30 @@ package io.gitee.zhangbinhub.admin.resource.server.vo
import io.swagger.v3.oas.annotations.media.Schema
/**
- * @author zhangbin by 2018-1-17 15:50
* @since JDK 11
*/
@Schema(description = "用户信息详情")
data class UserVo(
-
@Schema(description = "用户ID")
var id: String? = null,
-
@Schema(description = "用户名称")
var name: String? = null,
-
@Schema(description = "登录号")
var loginNo: String? = null,
-
@Schema(description = "手机号")
var mobile: String? = null,
-
@Schema(description = "用户级别")
var levels: Int = 0,
-
@Schema(description = "是否启用")
var enabled: Boolean = false,
-
@Schema(description = "序号")
var sort: Int = 0,
-
@Schema(description = "备注")
var remark: String? = null,
-
@Schema(description = "所属机构")
var organizationSet: MutableSet = mutableSetOf(),
-
@Schema(description = "可管理的机构")
var organizationMngSet: MutableSet = mutableSetOf(),
-
@Schema(description = "所属角色")
var roleSet: MutableSet = mutableSetOf()
-
)
diff --git a/common/acp-admin-cloud-dependencies/build.gradle b/common/acp-admin-cloud-dependencies/build.gradle
index c907a578ffbea26ff6bbc849d325016fb3cb71fe..d2a3a51b32c1526c7d3c389a54419f40b1d2b38d 100644
--- a/common/acp-admin-cloud-dependencies/build.gradle
+++ b/common/acp-admin-cloud-dependencies/build.gradle
@@ -1,4 +1,3 @@
-apply from: "$rootDir/gradle/publish.gradle"
apply plugin: "io.spring.dependency-management"
dependencyManagement {
imports {
@@ -28,4 +27,5 @@ dependencies {
testImplementation("org.junit.jupiter:junit-jupiter")
testImplementation("org.junit.platform:junit-platform-launcher")
testImplementation "org.springframework.boot:spring-boot-starter-test"
-}
\ No newline at end of file
+}
+apply from: "$rootDir${File.separator}gradle${File.separator}publishJar.gradle"
\ No newline at end of file
diff --git a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ExecuteBusEvent.kt b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ExecuteBusEvent.kt
index 944547dfd8268055944680e93a103be757a6dae4..c277e99cfbfbc0d8b1e627a28d57cf8105917c4b 100644
--- a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ExecuteBusEvent.kt
+++ b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ExecuteBusEvent.kt
@@ -3,7 +3,6 @@ package io.gitee.zhangbinhub.admin.common.event
import org.springframework.cloud.bus.event.RemoteApplicationEvent
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
class ExecuteBusEvent(
diff --git a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/NoticeBusEvent.kt b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/NoticeBusEvent.kt
index d5494ac05304cfa61563adbe3f513604ebbb9e8c..5ccdcf80c9629abfe6e3d7e77cc585661b1bdd26 100644
--- a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/NoticeBusEvent.kt
+++ b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/NoticeBusEvent.kt
@@ -3,7 +3,6 @@ package io.gitee.zhangbinhub.admin.common.event
import org.springframework.cloud.bus.event.RemoteApplicationEvent
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
class NoticeBusEvent(
diff --git a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ReloadDataBusEvent.kt b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ReloadDataBusEvent.kt
index 2cb2cdf07583abc2b97b0fa435ed631c0b1e35ff..69f35120d05518337994af646e9e41f97b1815fb 100644
--- a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ReloadDataBusEvent.kt
+++ b/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/event/ReloadDataBusEvent.kt
@@ -3,7 +3,6 @@ package io.gitee.zhangbinhub.admin.common.event
import org.springframework.cloud.bus.event.RemoteApplicationEvent
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
class ReloadDataBusEvent(
diff --git a/deploy/docker/README.md b/deploy/docker/README.md
index d56103d686ec2331743519e208d474d45688ffa1..b6fd807c856c672122b651f2b1939e55e069ff96 100644
--- a/deploy/docker/README.md
+++ b/deploy/docker/README.md
@@ -7,7 +7,6 @@
- [中间件-mysql](middleware/docker-compose-mysql.yaml) **如果已有mysql,则不是必要的**
- [中间件](middleware/docker-compose.yaml) **必要**
- 修改宿主机ip和mysql的host```middleware/.env```
- - 修改nacos配置```middleware/nacos/nacos-standalone-mysql.env```
- 以下目录设置 777 权限
- ```kafka/data/kafka-1```
- ```kafka/data/kafka-2```
diff --git a/deploy/docker/middleware/.env b/deploy/docker/middleware/.env
index f2f6c280958e793b5524ccd7358118b85e675e35..9b5af9f1893155117d99fc91fd4bdc818ab7aaa4 100644
--- a/deploy/docker/middleware/.env
+++ b/deploy/docker/middleware/.env
@@ -1,2 +1,2 @@
-HOST_MACHINE_IP=10.100.137.68
+HOST_MACHINE_IP=10.100.207.37
KAFKA_CLUSTER_ID=acp_admin_cloud_test
\ No newline at end of file
diff --git a/deploy/docker/middleware/docker-compose.yaml b/deploy/docker/middleware/docker-compose.yaml
index aadd61119037b8f6b6626710f27722dc00891e1c..1009b7525299fad4a85509c63a3a4666e2236313 100644
--- a/deploy/docker/middleware/docker-compose.yaml
+++ b/deploy/docker/middleware/docker-compose.yaml
@@ -173,7 +173,7 @@ services:
KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: 1@kafka-1:9291,2@kafka-2:9292,3@kafka-3:9293
KAFKA_CFG_LISTENERS: OUTSIDE://0.0.0.0:9093,INTERNAL://:9193,CONTROLLER://0.0.0.0:9293
KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: "OUTSIDE:PLAINTEXT,INTERNAL:PLAINTEXT,CONTROLLER:PLAINTEXT"
- KAFKA_CFG_ADVERTISED_LISTENERS: OUTSIDE://${HOST_MACHINE_IP}:9093,INTERNAL://kafka-2:9193
+ KAFKA_CFG_ADVERTISED_LISTENERS: OUTSIDE://${HOST_MACHINE_IP}:9093,INTERNAL://kafka-3:9193
KAFKA_CFG_CONTROLLER_LISTENER_NAMES: CONTROLLER
KAFKA_CFG_INTER_BROKER_LISTENER_NAME: INTERNAL
# 非必须,设置保存7天数据,为默认值
@@ -186,6 +186,25 @@ services:
networks:
- mysql_net
+ zipkin-server:
+ image: openzipkin/zipkin:3.5.1
+ container_name: zipkin-server
+ restart: always
+ ports:
+ - "9411:9411"
+ environment:
+ - KAFKA_BOOTSTRAP_SERVERS=kafka-1:9191,kafka-2:9192,kafka-3:9193
+ # - STORAGE_TYPE=mysql
+ # - MYSQL_HOST=mysql-zipkin
+ # - MYSQL_TCP_PORT=3306
+ # - MYSQL_DB=zipkin
+ # - MYSQL_USER=zipkin
+ # - MYSQL_PASS=zipkin
+ - kMEM_MAX_SPANS=100000
+ # - "JAVA_OPTS=-Xms512m -Xmx2g -XX:+ExitOnOutOfMemoryError"
+ networks:
+ - mysql_net
+
networks:
mysql_net:
external: true
\ No newline at end of file
diff --git "a/doc/images/Acp Admin Cloud\346\200\273\344\275\223\346\236\266\346\236\204\345\233\276.png" "b/doc/images/Acp Admin Cloud\346\200\273\344\275\223\346\236\266\346\236\204\345\233\276.png"
new file mode 100644
index 0000000000000000000000000000000000000000..63f174bb8d4ac40d41e205c1e51229aaa2b7312e
Binary files /dev/null and "b/doc/images/Acp Admin Cloud\346\200\273\344\275\223\346\236\266\346\236\204\345\233\276.png" differ
diff --git "a/doc/images/\346\200\273\344\275\223\346\236\266\346\236\204.jpg" "b/doc/images/\346\200\273\344\275\223\346\236\266\346\236\204.jpg"
deleted file mode 100644
index 9d7a581c03f37832bcc5ee83dcd28d755a27d109..0000000000000000000000000000000000000000
Binary files "a/doc/images/\346\200\273\344\275\223\346\236\266\346\236\204.jpg" and /dev/null differ
diff --git a/doc/version_history.md b/doc/version_history.md
index 39362330c7334fd3ce49b3f4026017723f7f2f84..9fb72c59b98fcc7f41280ee16bcce94991e1146e 100644
--- a/doc/version_history.md
+++ b/doc/version_history.md
@@ -1,5 +1,20 @@
## 版本更新记录
+##### v7.0.0
+
+- Global
+ - [Upgrade] 调整`BaseService`代码
+ - [Upgrade] 升级依赖
+ - Acp 2025.7.1
+ - Spring Boot 3.5.4
+ - [Upgrade] 除`admin-server`以外,所有服务安全框架由`Spring Security`切换为`Sa-Token`
+- acp-admin-cloud-dependencies-resource-server-reactive
+ - [Upgrade] 新增该模块
+- admin-server
+ - [Upgrade] 优化鉴权配置
+- oauth-server
+ - [Upgrade] 认证服务框架由`Oauth2 Authorization Server`切换为`Sa-Token`
+
##### v6.9.0
- Global
diff --git a/gradle/commonTask.gradle b/gradle/commonTask.gradle
index f695394417bb54ddc1f93b708173664483a6d8f4..61673747b0cb95b72af76d16922a99dc6cccd364 100644
--- a/gradle/commonTask.gradle
+++ b/gradle/commonTask.gradle
@@ -88,6 +88,9 @@ jar {
tasks.register('clearPj', Delete) {
delete 'release', 'build', 'target', 'out'
+ doLast {
+ println("$project.group:$project.name output cleared!")
+ }
}
tasks.register('release') {
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index bd13cd5193f4d4e41c426f95bf5385a65a0c8719..b03f12dcce0279780e4d2f3d9be3deb5c0d1666f 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -1,10 +1,14 @@
[versions]
######################## gradle plugins #####################
kotlin = "2.1.21"
+jreleaser = "1.19.0"
######################## dependencies #####################
-acp = "2025.5.0"
-springBoot = "3.5.3"
+acp = "2025.7.1"
+springBoot = "3.5.4"
springBootAdmin = "3.5.1"
sensitive = "1.7.0"
sensitiveDeepCopy = "0.0.1"
-mysql = "9.2.0"
\ No newline at end of file
+mysql = "9.3.0"
+
+[plugins]
+jreleaser = { id = "org.jreleaser", version.ref = "jreleaser" }
\ No newline at end of file
diff --git a/gradle/moduleVersion.gradle b/gradle/moduleVersion.gradle
index 8c3ba0d8f51986f0123b183c4f2561c0e72f4762..9557a128235d95b67cea7393483bb6de48321429 100644
--- a/gradle/moduleVersion.gradle
+++ b/gradle/moduleVersion.gradle
@@ -1,30 +1,30 @@
project(':acp-admin-cloud-constant') {
- version '6.9.0'
+ version '7.0.0'
}
project(':acp-admin-cloud-dependencies') {
- version '6.9.0'
+ version '7.0.0'
}
project(':acp-admin-cloud-dependencies-resource-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':admin-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':deploy-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':gateway-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':log-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':oauth-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':route-server') {
- version '6.9.0'
+ version '7.0.0'
}
project(':workflow-server') {
- version '6.9.0'
+ version '7.0.0'
}
\ No newline at end of file
diff --git a/gradle/publish.gradle b/gradle/publishJar.gradle
similarity index 42%
rename from gradle/publish.gradle
rename to gradle/publishJar.gradle
index f6ed7e138f94dcc9df0540890569e944f96966d2..3cb1de31c6e760a49205e14aafd4afed3f6c0852 100644
--- a/gradle/publish.gradle
+++ b/gradle/publishJar.gradle
@@ -1,18 +1,20 @@
apply plugin: 'maven-publish'
apply plugin: 'signing'
+apply plugin: 'org.jreleaser'
publishing {
publications {
maven(MavenPublication) {
- //指定group/artifact/version信息
- groupId project.group
- artifactId project.name
- version project.version
//打包类型 war: components.web jar: components.java
from components.java
+ //指定group/artifact/version信息
+ groupId = project.group
+ artifactId = project.name
+ version = project.version
pom {
+ packaging = "jar"
name = "acp-admin-cloud"
description = "基于acp构建的cloud应用"
- url = "https://github.com/zhangbinhub/acp-admin-cloud"
+ url = "https://gitee.com/zhangbinhub/acp-admin-cloud"
licenses {
license {
name = "Apache License Version 2.0"
@@ -27,40 +29,21 @@ publishing {
}
}
scm {
- connection = "scm:git:https://github.com/zhangbinhub/acp-admin-cloud.git"
- developerConnection = "scm:git:https://github.com/zhangbinhub/acp-admin-cloud.git"
- url = "https://github.com/zhangbinhub/acp-admin-cloud"
+ connection = "scm:git:https://gitee.com/zhangbinhub/acp-admin-cloud.git"
+ developerConnection = "scm:git:https://gitee.com/zhangbinhub/acp-admin-cloud.git"
+ url = "https://gitee.com/zhangbinhub/acp-admin-cloud"
}
}
}
}
repositories {
maven {
- def file = new File("$rootDir${File.separator}gradle.properties")
- def releaseUrl = 'http://maven/repository'
- def snapshotUrl = 'http://maven/repository'
- def name = ''
- def pwd = ''
- if (file.exists()) {
- def gradleProperties = new Properties()
- gradleProperties.load(new FileInputStream(file))
- releaseUrl = gradleProperties.containsKey('mavenUploadUrlRelease') ? "${mavenUploadUrlRelease}" : releaseUrl
- snapshotUrl = gradleProperties.containsKey('mavenUploadUrlSnapshot') ? "${mavenUploadUrlSnapshot}" : snapshotUrl
- name = gradleProperties.containsKey('mavenUserName') ? "${mavenUserName}" : name
- pwd = gradleProperties.containsKey('mavenUserName') ? "${mavenPassword}" : pwd
- }
- url = version.endsWith('-SNAPSHOT') ? new URI(snapshotUrl) : new URI(releaseUrl)
- allowInsecureProtocol = true
- //认证用户和密码
- credentials {
- username name
- password pwd
- }
+ url = layout.buildDirectory.dir('staging-deploy')
}
}
}
signing {
- required {
+ required = {
def file = new File("$rootDir${File.separator}gradle.properties")
if (file.exists()) {
def gradleProperties = new Properties()
@@ -72,4 +55,40 @@ signing {
return false
}
sign publishing.publications.maven
+}
+jreleaserDeploy {
+ dependsOn(publish)
+}
+jreleaser {
+ deploy {
+ maven {
+ mavenCentral {
+ def file = new File("$rootDir${File.separator}gradle.properties")
+ def deployUrl = 'https://central.sonatype.com/api/v1/publisher'
+ def name = ''
+ def pwd = ''
+ if (file.exists()) {
+ def gradleProperties = new Properties()
+ gradleProperties.load(new FileInputStream(file))
+ deployUrl = gradleProperties.containsKey('mavenCentralUrl') ? "${mavenCentralUrl}" : deployUrl
+ name = gradleProperties.containsKey('mavenUserName') ? "${mavenUserName}" : name
+ pwd = gradleProperties.containsKey('mavenUserName') ? "${mavenPassword}" : pwd
+ }
+ sonatype {
+ sign = false
+ verifyPom = false
+ active = 'ALWAYS'
+ url = deployUrl
+ username = name
+ password = pwd
+ authorization = 'Basic'
+ stagingRepository('build/staging-deploy')
+ connectTimeout = 20
+ readTimeout = 600
+ retryDelay = 10
+ maxRetries = 100
+ }
+ }
+ }
+ }
}
\ No newline at end of file
diff --git a/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/AdminServerApplication.kt b/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/AdminServerApplication.kt
index 3b883d8545825d399b09ca17761ba788db4a4edb..9f27820b1bb7cb404650b272b76ef2dfb4640245 100644
--- a/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/AdminServerApplication.kt
+++ b/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/AdminServerApplication.kt
@@ -5,7 +5,6 @@ import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudAtomApplication
import org.springframework.boot.runApplication
/**
- * @author zhangbin by 2018-3-11 10:50
* @since JDK 11
*/
@AcpCloudAtomApplication
diff --git a/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/conf/AdminServerAutoConfiguration.kt b/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/conf/AdminServerAutoConfiguration.kt
index 60bc2b27fb0002f51cf8f7cdae4c82764c449ef1..b11d6d0ad043fdfbd0296a83e2cb4dfb53a661f5 100644
--- a/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/conf/AdminServerAutoConfiguration.kt
+++ b/modules/admin-server/src/main/kotlin/io/gitee/zhangbinhub/admin/adminserver/conf/AdminServerAutoConfiguration.kt
@@ -4,11 +4,15 @@ import de.codecentric.boot.admin.server.config.AdminServerProperties
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpMethod
import org.springframework.security.config.Customizer
import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.web.SecurityFilterChain
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
+import org.springframework.security.web.csrf.CookieCsrfTokenRepository
+import org.springframework.security.web.csrf.CsrfTokenRequestAttributeHandler
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher
+import java.util.*
@Configuration
class AdminServerAutoConfiguration @Autowired
@@ -27,7 +31,7 @@ constructor(adminServerProperties: AdminServerProperties) {
val successHandler = SavedRequestAwareAuthenticationSuccessHandler()
successHandler.setTargetUrlParameter("redirectTo")
successHandler.setDefaultTargetUrl("$adminContextPath/")
- return http.csrf { it.disable() }.authorizeHttpRequests { authorize ->
+ http.authorizeHttpRequests { authorize ->
authorize.requestMatchers(
PathPatternRequestMatcher.withDefaults().matcher("$adminContextPath/assets/**"),
PathPatternRequestMatcher.withDefaults().matcher("$adminContextPath/instances"),
@@ -40,6 +44,24 @@ constructor(adminServerProperties: AdminServerProperties) {
).permitAll().anyRequest().authenticated()
}.httpBasic(Customizer.withDefaults())
.formLogin { it.loginPage("$adminContextPath/login").successHandler(successHandler) }
- .logout { it.logoutUrl("$adminContextPath/logout") }.build()
+ .logout { it.logoutUrl("$adminContextPath/logout") }
+
+ http.csrf { csrf ->
+ csrf.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+ .csrfTokenRequestHandler(CsrfTokenRequestAttributeHandler())
+ .ignoringRequestMatchers(
+ PathPatternRequestMatcher.withDefaults()
+ .matcher(HttpMethod.POST, "$adminContextPath/instances"),
+ PathPatternRequestMatcher.withDefaults()
+ .matcher(HttpMethod.DELETE, "$adminContextPath/instances/*"),
+ PathPatternRequestMatcher.withDefaults().matcher("$adminContextPath/actuator/**")
+ )
+ }
+
+ http.rememberMe { rememberMe ->
+ rememberMe.key(UUID.randomUUID().toString()).tokenValiditySeconds(1209600)
+ }
+
+ return http.build()
}
}
\ No newline at end of file
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/DeployServerApplication.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/DeployServerApplication.kt
index 3e53ba6c182235dfc16a080ff1b806b0dc30e19a..835d39b496a26df0b16a3b98f09f92543a990cb2 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/DeployServerApplication.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/DeployServerApplication.kt
@@ -1,13 +1,12 @@
package io.gitee.zhangbinhub.admin.deploy
-import io.gitee.zhangbinhub.acp.cloud.resource.server.annotation.AcpCloudResourceServerApplication
+import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudAtomApplication
import org.springframework.boot.runApplication
/**
- * @author zhangbin by 09/04/2018 16:11
* @since JDK 11
*/
-@AcpCloudResourceServerApplication
+@AcpCloudAtomApplication
class DeployServerApplication
fun main(args: Array) {
diff --git a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/base/BaseService.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/base/BaseService.kt
similarity index 95%
rename from common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/base/BaseService.kt
rename to modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/base/BaseService.kt
index 5f9422c98eb1a5916a85ce42de76a039973ffbcf..a1b06ce783c1b5f383e57d7f1a09237a0b39e3fa 100644
--- a/common/acp-admin-cloud-dependencies/src/main/kotlin/io/gitee/zhangbinhub/admin/common/base/BaseService.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/base/BaseService.kt
@@ -1,4 +1,4 @@
-package io.gitee.zhangbinhub.admin.common.base
+package io.gitee.zhangbinhub.admin.deploy.base
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.po.QueryParam
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/bus/publish/DeployEventPublish.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/bus/publish/DeployEventPublish.kt
index e7854f6cd71e9b7de94ac894ef03b5ea6d288694..70b30175c4389d79b1efcb3f10cfd300b241d5ee 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/bus/publish/DeployEventPublish.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/bus/publish/DeployEventPublish.kt
@@ -8,7 +8,6 @@ import org.springframework.context.ApplicationContext
import org.springframework.stereotype.Component
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
@Component
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployFileController.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployFileController.kt
index df01bcc2d5f371c83880e0da7feda9d25350b717..8f6c48350da92fc78caeb181fd0da0fddfebef53 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployFileController.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployFileController.kt
@@ -1,18 +1,20 @@
package io.gitee.zhangbinhub.admin.deploy.controller
+import cn.dev33.satoken.annotation.SaCheckRole
import com.fasterxml.jackson.databind.ObjectMapper
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.constant.CommonConstant
-import io.gitee.zhangbinhub.admin.common.permission.BaseExpression
+import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.common.vo.InfoVo
import io.gitee.zhangbinhub.admin.deploy.constant.DeployApi
-import io.gitee.zhangbinhub.admin.deploy.service.DeployFileService
import io.gitee.zhangbinhub.admin.deploy.po.FilePo
+import io.gitee.zhangbinhub.admin.deploy.service.DeployFileService
import io.gitee.zhangbinhub.admin.deploy.vo.FileVo
import io.gitee.zhangbinhub.admin.resource.server.base.BaseResourceServerController
-import io.swagger.v3.oas.annotations.*
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.security.SecurityRequirement
@@ -26,7 +28,6 @@ import org.springframework.beans.factory.annotation.Autowired
import org.springframework.http.HttpHeaders
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
-import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.validation.annotation.Validated
import org.springframework.web.bind.annotation.*
import org.springframework.web.multipart.MultipartFile
@@ -47,7 +48,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PutMapping(value = [DeployApi.file], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun createFold(@RequestBody @Valid filePo: FilePo): ResponseEntity {
@@ -61,7 +62,7 @@ constructor(
SecurityRequirement(name = HttpHeaders.AUTHORIZATION),
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@GetMapping(value = [DeployApi.file], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun queryFile(
@@ -85,7 +86,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PostMapping(value = [DeployApi.file], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun uploadFile(
@@ -108,7 +109,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@DeleteMapping(value = [DeployApi.file], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun deleteFile(@RequestBody @Valid filePo: FilePo): ResponseEntity {
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployTaskController.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployTaskController.kt
index 43fb909e5a83451d1d15832376fc40baf765073b..55cab601cf64952807b876b3d96ef64a36b75e35 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployTaskController.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/controller/DeployTaskController.kt
@@ -1,21 +1,23 @@
package io.gitee.zhangbinhub.admin.deploy.controller
+import cn.dev33.satoken.annotation.SaCheckRole
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudDuplicateSubmission
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.constant.CommonConstant
-import io.gitee.zhangbinhub.admin.common.permission.BaseExpression
+import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.common.vo.CustomerQueryPageVo
import io.gitee.zhangbinhub.admin.common.vo.InfoVo
import io.gitee.zhangbinhub.admin.deploy.bus.publish.DeployEventPublish
import io.gitee.zhangbinhub.admin.deploy.constant.DeployApi
-import io.gitee.zhangbinhub.admin.deploy.service.DeployTaskService
import io.gitee.zhangbinhub.admin.deploy.entity.DeployTask
import io.gitee.zhangbinhub.admin.deploy.po.DeployTaskPo
import io.gitee.zhangbinhub.admin.deploy.po.DeployTaskQueryPo
+import io.gitee.zhangbinhub.admin.deploy.service.DeployTaskService
import io.gitee.zhangbinhub.admin.resource.server.base.BaseResourceServerController
-import io.swagger.v3.oas.annotations.*
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.security.SecurityRequirement
@@ -24,12 +26,10 @@ import jakarta.validation.Valid
import jakarta.validation.constraints.NotEmpty
import jakarta.validation.constraints.NotNull
import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.data.domain.Page
import org.springframework.http.HttpHeaders
import org.springframework.http.HttpStatus
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
-import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.validation.annotation.Validated
import org.springframework.web.bind.annotation.*
@@ -49,7 +49,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "201", description = "创建成功"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PutMapping(value = [DeployApi.task], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
@Throws(WebException::class)
@@ -64,7 +64,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@DeleteMapping(value = [DeployApi.task], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun delete(
@@ -84,7 +84,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;ID不能为空;找不到信息;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PatchMapping(value = [DeployApi.task], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
@Throws(WebException::class)
@@ -103,7 +103,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PostMapping(value = [DeployApi.task], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun query(@RequestBody @Valid deployTaskQueryPo: DeployTaskQueryPo): ResponseEntity> =
@@ -123,7 +123,7 @@ constructor(
SecurityRequirement(name = CommonConstant.ACCESS_TOKEN)]
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PostMapping(value = [DeployApi.taskExecute + "/{id}"], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun execute(@PathVariable(name = "id") id: String): ResponseEntity =
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployFileService.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployFileService.kt
index 9d231491a5e911a826fb922745c5c97e44c965d5..3698461fafa5414fd1fbf1d914dbe430c419378b 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployFileService.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployFileService.kt
@@ -4,7 +4,7 @@ import io.gitee.zhangbinhub.acp.boot.component.FileDownLoadHandle
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.common.base.BaseService
+import io.gitee.zhangbinhub.admin.deploy.base.BaseService
import io.gitee.zhangbinhub.admin.deploy.conf.DeployServerCustomerConfiguration
import io.gitee.zhangbinhub.admin.deploy.vo.FileVo
import jakarta.servlet.http.HttpServletRequest
diff --git a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployTaskService.kt b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployTaskService.kt
index bcf1324f7cbfe2cc55c8692c476a19d80078de0e..3af44530a6515f95ee021c8ed43461c4c89169e5 100644
--- a/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployTaskService.kt
+++ b/modules/deploy-server/src/main/kotlin/io/gitee/zhangbinhub/admin/deploy/service/DeployTaskService.kt
@@ -4,18 +4,17 @@ import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.cloud.tools.CloudTools
import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.common.base.BaseService
import io.gitee.zhangbinhub.admin.common.vo.CustomerQueryPageVo
+import io.gitee.zhangbinhub.admin.deploy.base.BaseService
import io.gitee.zhangbinhub.admin.deploy.conf.DeployServerCustomerConfiguration
import io.gitee.zhangbinhub.admin.deploy.entity.DeployTask
import io.gitee.zhangbinhub.admin.deploy.po.DeployTaskPo
import io.gitee.zhangbinhub.admin.deploy.po.DeployTaskQueryPo
import io.gitee.zhangbinhub.admin.deploy.repo.DeployTaskRepository
-import io.gitee.zhangbinhub.admin.resource.server.feign.CommonOauthServer
+import io.gitee.zhangbinhub.admin.resource.server.tools.TokenUserTools
import jakarta.persistence.criteria.Predicate
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.core.io.FileSystemResource
-import org.springframework.data.domain.Page
import org.springframework.data.repository.findByIdOrNull
import org.springframework.jdbc.datasource.init.ResourceDatabasePopulator
import org.springframework.stereotype.Service
@@ -31,7 +30,7 @@ constructor(
private val logAdapter: LogAdapter,
private val cloudTools: CloudTools,
private val dataSource: DataSource,
- private val commonOauthServer: CommonOauthServer,
+ private val tokenUserTools: TokenUserTools,
private val deployTaskRepository: DeployTaskRepository,
private val deployServerCustomerConfiguration: DeployServerCustomerConfiguration
) : BaseService() {
@@ -96,7 +95,7 @@ constructor(
} else {
this.paramFile = deployTaskPo.paramFile
}
- commonOauthServer.tokenInfo().also { tokenUserInfoVo ->
+ tokenUserTools.getUserInfoFromToken().also { tokenUserInfoVo ->
val nowTime = System.currentTimeMillis()
if (this.createTime == 0L) {
this.createLoginNo = tokenUserInfoVo.loginNo.toString()
@@ -124,7 +123,7 @@ constructor(
@Transactional
@Throws(WebException::class)
fun executeTask(id: String) = deployTaskRepository.findByIdOrNull(id)?.let { deployTask ->
- commonOauthServer.tokenInfo().let { tokenUserInfoVo ->
+ tokenUserTools.getUserInfoFromToken().let { tokenUserInfoVo ->
val nowTime = System.currentTimeMillis()
if (deployTask.execTime == null) {
deployTask.execLoginNo = tokenUserInfoVo.loginNo.toString()
@@ -195,7 +194,7 @@ constructor(
}
}
}.apply {
- CommonTools.getFileContentForText(scriptFile.canonicalPath)?.also { scriptContent ->
+ CommonTools.getFileContentForText(scriptFile.canonicalPath).also { scriptContent ->
var targetScriptContent = scriptContent
paramList.forEachIndexed { index, param ->
targetScriptContent = targetScriptContent.replace(
@@ -204,7 +203,7 @@ constructor(
)
}
CommonTools.contentWriteToFile(this, targetScriptContent)
- } ?: throw WebException("脚本文件【${scriptFile.canonicalPath}】内容为空!")
+ }
}
/**
diff --git a/modules/gateway-server/README.md b/modules/gateway-server/README.md
index 79d0bd07bb53cbfa02f8383fc3158998da7a79c3..fa1b63ca86fbb9f9aa3b2d566c51317e035d77e2 100644
--- a/modules/gateway-server/README.md
+++ b/modules/gateway-server/README.md
@@ -8,10 +8,6 @@
中如下配置
```yaml
spring:
- security:
- user:
- name: ${acp_gateway_username:gateway}
- password: ${acp_gateway_password:888888}
cloud:
nacos:
discovery:
@@ -21,11 +17,4 @@
```
- 2、固定路由配置定义于[application.yaml](src/main/resources/application.yaml)中
- 3、动态路由配置由[路由服务](../route-server/README.md)进行管理
-- 4、接收路由服务发送的“更新路由”消息,从redis中获取路由信息并进行动态更新
-
-#### 二、附加环境变量及启动参数
-
-| 变量名 | 描述 | 默认值 | 说明 |
-|----------------------|-----|---------|------------------------------------------------------------------------------------|
-| acp_gateway_username | 用户名 | gateway | 服务器部署时建议java启动命令加入参数 -Dacp_gateway_username 或 --acp_gateway_username;容器部署时指定环境变量即可 |
-| acp_gateway_username | 密码 | 888888 | 服务器部署时建议java启动命令加入参数 -Dacp_gateway_password 或 --acp_gateway_password;容器部署时指定环境变量即可 |
\ No newline at end of file
+- 4、接收路由服务发送的“更新路由”消息,从redis中获取路由信息并进行动态更新
\ No newline at end of file
diff --git a/modules/gateway-server/build.gradle b/modules/gateway-server/build.gradle
index 128355d0a83a7f9d7608a4721dfa7fd12d21af7d..db1af5230ce4b9308819fe6811e03cd9abd99789 100644
--- a/modules/gateway-server/build.gradle
+++ b/modules/gateway-server/build.gradle
@@ -1,6 +1,5 @@
apply from: "$rootDir/gradle/application.gradle"
dependencies {
- implementation project(":acp-admin-cloud-dependencies")
- implementation "org.springframework.boot:spring-boot-starter-security"
+ implementation project(":acp-admin-cloud-dependencies-resource-server-reactive")
implementation "org.springframework.cloud:spring-cloud-starter-gateway-server-webflux"
}
\ No newline at end of file
diff --git a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/GateWayServerApplication.kt b/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/GateWayServerApplication.kt
index 284eeac29c34fcc314b9b85205328bd4d650ba39..4772072891d912a77074c779925e3797a0233f38 100644
--- a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/GateWayServerApplication.kt
+++ b/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/GateWayServerApplication.kt
@@ -5,7 +5,6 @@ import org.springframework.boot.SpringApplication
import org.springframework.boot.WebApplicationType
/**
- * @author zhangbin by 2018-3-10 20:45
* @since JDK 11
*/
@AcpCloudAtomApplication
diff --git a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/conf/GatewayServerAutoConfiguration.kt b/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/conf/GatewayServerAutoConfiguration.kt
deleted file mode 100644
index 16017c05b7457c9f3896d102533ceae4b39357a9..0000000000000000000000000000000000000000
--- a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/conf/GatewayServerAutoConfiguration.kt
+++ /dev/null
@@ -1,46 +0,0 @@
-package io.gitee.zhangbinhub.admin.gateway.conf
-
-import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties
-import org.springframework.boot.autoconfigure.web.ServerProperties
-import org.springframework.context.annotation.Bean
-import org.springframework.context.annotation.Configuration
-import org.springframework.security.config.Customizer
-import org.springframework.security.config.web.server.ServerHttpSecurity
-import org.springframework.security.web.server.SecurityWebFilterChain
-import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers
-
-@Configuration
-class GatewayServerAutoConfiguration(
- serverProperties: ServerProperties,
- private val webEndpointProperties: WebEndpointProperties
-) {
- private var contextPath: String? = null
-
- init {
- contextPath = if (CommonTools.isNullStr(serverProperties.servlet.contextPath)) {
- ""
- } else {
- serverProperties.servlet.contextPath
- }
- }
-
- /**
- * http 验证策略配置
- *
- * @param http http 安全验证对象
- */
- @Bean
- fun actuatorSecurityFilter(http: ServerHttpSecurity): SecurityWebFilterChain {
- http.csrf { it.disable() }
- .securityMatcher(
- ServerWebExchangeMatchers.pathMatchers(
- "$contextPath${webEndpointProperties.basePath}",
- "$contextPath${webEndpointProperties.basePath}/**"
- )
- )
- .authorizeExchange { it.anyExchange().authenticated() }
- .httpBasic(Customizer.withDefaults())
- return http.build()
- }
-}
diff --git a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/ratelimiter/UserKeyResolverConfiguration.kt b/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/ratelimiter/UserKeyResolverConfiguration.kt
index b38c1023d036752b1209a8f89c28ef20f17e3393..6b8c7d7c557968a4b70a8d2182f19c89a90120e9 100644
--- a/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/ratelimiter/UserKeyResolverConfiguration.kt
+++ b/modules/gateway-server/src/main/kotlin/io/gitee/zhangbinhub/admin/gateway/ratelimiter/UserKeyResolverConfiguration.kt
@@ -8,7 +8,6 @@ import reactor.core.publisher.Mono
import java.util.*
/**
- * @author zhangbin by 21/06/2018 11:24
* @since JDK 11
*/
@Configuration(proxyBeanMethods = false)
diff --git a/modules/gateway-server/src/main/resources/application.yaml b/modules/gateway-server/src/main/resources/application.yaml
index b9b44b6c25c60295c7e9f6cf0688f366ff66d749..4cc12819ce127a044a87dec75d4a1efbc7ca8b67 100644
--- a/modules/gateway-server/src/main/resources/application.yaml
+++ b/modules/gateway-server/src/main/resources/application.yaml
@@ -8,10 +8,6 @@ spring:
name: gateway-server
thymeleaf:
cache: false
- security:
- user:
- name: ${acp_gateway_username:gateway}
- password: ${acp_gateway_password:888888}
cloud:
loadbalancer:
cache:
@@ -25,8 +21,8 @@ spring:
cluster-name: ${spring.profiles.active}
group: ${spring.profiles.active}
metadata:
- user.name: ${spring.security.user.name}
- user.password: ${spring.security.user.password}
+ user.name: ${acp.cloud.resource-server.client-id}
+ user.password: ${acp.cloud.resource-server.client-secret}
config:
namespace: ${spring.cloud.nacos.discovery.namespace}
cluster-name: ${spring.cloud.nacos.discovery.cluster-name}
@@ -97,4 +93,7 @@ acp:
log-server:
client:
enabled: true
- log-type: GATEWAY
\ No newline at end of file
+ log-type: GATEWAY
+ resource-server:
+ permit-all-path:
+ - /**
\ No newline at end of file
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/LogServerApplication.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/LogServerApplication.kt
index cecc5210f7dca219294db958913b74bdf36b546f..4457c945c12463119815d947c7919b5a3f32edac 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/LogServerApplication.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/LogServerApplication.kt
@@ -1,13 +1,12 @@
package io.gitee.zhangbinhub.admin.log
-import io.gitee.zhangbinhub.acp.cloud.resource.server.annotation.AcpCloudResourceServerApplication
+import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudAtomApplication
import org.springframework.boot.runApplication
/**
- * @author zhangbin by 09/04/2018 16:11
* @since JDK 11
*/
-@AcpCloudResourceServerApplication
+@AcpCloudAtomApplication
class LogServerApplication
fun main(args: Array) {
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/base/BaseService.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/base/BaseService.kt
new file mode 100644
index 0000000000000000000000000000000000000000..9a1947775d497d6346ef0bf9efa9b65b0a675453
--- /dev/null
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/base/BaseService.kt
@@ -0,0 +1,30 @@
+package io.gitee.zhangbinhub.admin.log.base
+
+import io.gitee.zhangbinhub.acp.core.common.CommonTools
+import io.gitee.zhangbinhub.admin.common.po.QueryParam
+import org.springframework.data.domain.PageRequest
+import org.springframework.data.domain.Sort
+
+/**
+ * @author zhang by 15/01/2019
+ * @since JDK 11
+ */
+abstract class BaseService {
+
+ protected fun buildPageRequest(queryParam: QueryParam): PageRequest =
+ if (CommonTools.isNullStr(queryParam.orderName) || CommonTools.isNullStr(queryParam.orderCommand)) {
+ PageRequest.of(queryParam.currPage!! - 1, queryParam.pageSize!!)
+ } else {
+ var direction: Sort.Direction = Sort.Direction.ASC
+ if (queryParam.orderCommand!!.startsWith("desc", ignoreCase = true)) {
+ direction = Sort.Direction.DESC
+ }
+ PageRequest.of(
+ queryParam.currPage!! - 1,
+ queryParam.pageSize!!,
+ direction,
+ *queryParam.orderName!!.split(",".toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray()
+ )
+ }
+
+}
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogApi.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogApi.kt
index 04106f79661ad37bdb9c50dd18b87e00cf00cc1e..4aae9dfd0d78c7717c141788e2d3066f1ced70c0 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogApi.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogApi.kt
@@ -1,7 +1,6 @@
package io.gitee.zhangbinhub.admin.log.constant
/**
- * @author zhang by 01/02/2019
* @since JDK 11
*/
object LogApi {
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogBackUp.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogBackUp.kt
index 398e991a4727ef399ae9d6de100d95a88c8230db..3b77d1de1a3897da9110234acb91999246c62525 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogBackUp.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/constant/LogBackUp.kt
@@ -3,7 +3,6 @@ package io.gitee.zhangbinhub.admin.log.constant
import java.io.File
/**
- * @author zhang by 01/02/2019
* @since JDK 11
*/
object LogBackUp {
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/controller/LogController.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/controller/LogController.kt
index 53a15d35cb99a512e154671b37cbf92fcfe7be0b..5c0bd128707ed45485acb9feb1b28e572d597814 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/controller/LogController.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/controller/LogController.kt
@@ -1,22 +1,26 @@
package io.gitee.zhangbinhub.admin.log.controller
+import cn.dev33.satoken.annotation.SaCheckPermission
+import cn.dev33.satoken.annotation.SaCheckRole
import com.fasterxml.jackson.databind.ObjectMapper
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.CalendarTools
import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.common.permission.BaseExpression
+import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
+import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.common.vo.CustomerQueryPageVo
import io.gitee.zhangbinhub.admin.log.base.BaseLogEntity
import io.gitee.zhangbinhub.admin.log.constant.LogApi
import io.gitee.zhangbinhub.admin.log.constant.LogConstant
-import io.gitee.zhangbinhub.admin.log.service.LogService
-import io.gitee.zhangbinhub.admin.log.service.LogFileService
import io.gitee.zhangbinhub.admin.log.po.FileDownLoadPo
import io.gitee.zhangbinhub.admin.log.po.LogQueryPo
+import io.gitee.zhangbinhub.admin.log.service.LogFileService
+import io.gitee.zhangbinhub.admin.log.service.LogService
import io.gitee.zhangbinhub.admin.log.vo.LoginLogVo
import io.gitee.zhangbinhub.admin.resource.server.base.BaseResourceServerController
-import io.swagger.v3.oas.annotations.*
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.tags.Tag
@@ -27,10 +31,8 @@ import jakarta.validation.constraints.NotBlank
import jakarta.validation.constraints.NotNull
import org.bouncycastle.util.encoders.Base64
import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.data.domain.Page
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
-import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.validation.annotation.Validated
import org.springframework.web.bind.annotation.*
import java.io.File
@@ -53,7 +55,7 @@ constructor(
@Operation(summary = "获取各应用过去3个月的登录次数统计")
@ApiResponses(ApiResponse(responseCode = "400", description = "没有权限做此操作;"))
- @PreAuthorize(BaseExpression.sysMonitor)
+ @SaCheckPermission(ModuleFuncCode.sysMonitor, orRole = [RoleCode.SUPER])
@GetMapping(value = [LogApi.loginInfo], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun findLoginLog(): ResponseEntity> =
@@ -67,7 +69,7 @@ constructor(
description = "查询条件:客户端ip、网关ip、请求路径、路由服务id、应用名称、用户名称、开始时间、结束时间、响应状态"
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.sysMonitor)
+ @SaCheckPermission(ModuleFuncCode.sysMonitor, orRole = [RoleCode.SUPER])
@PostMapping(value = [LogApi.gateWayRouteLog], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun queryRouteLog(@RequestBody @Valid logQueryPo: LogQueryPo): ResponseEntity> =
@@ -78,7 +80,7 @@ constructor(
description = "查询条件:客户端ip、网关ip、请求路径、路由服务id、应用名称、用户名称、开始时间、结束时间"
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.sysMonitor)
+ @SaCheckPermission(ModuleFuncCode.sysMonitor, orRole = [RoleCode.SUPER])
@PostMapping(value = [LogApi.operateLog], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun queryOperateLog(@RequestBody @Valid logQueryPo: LogQueryPo): ResponseEntity> =
@@ -89,7 +91,7 @@ constructor(
description = "查询条件:客户端ip、网关ip、请求路径、路由服务id、应用名称、用户名称、开始时间、结束时间"
)
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.sysMonitor)
+ @SaCheckPermission(ModuleFuncCode.sysMonitor, orRole = [RoleCode.SUPER])
@PostMapping(value = [LogApi.loginLog], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun queryLoginLog(@RequestBody @Valid logQueryPo: LogQueryPo): ResponseEntity> =
@@ -97,7 +99,7 @@ constructor(
@Operation(summary = "查询指定日期范围的日志备份文件", description = "查询条件:开始日期、结束日期")
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(BaseExpression.superOnly)
+ @SaCheckRole(RoleCode.SUPER)
@PostMapping(value = [LogApi.logFile], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun queryFile(
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogFileService.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogFileService.kt
index 5d4ced7e37541f336df75600da3561e8bbb54b7f..9d487b41cd0ab0b24759103e8ae52abe9ced6875 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogFileService.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogFileService.kt
@@ -13,7 +13,6 @@ import org.springframework.transaction.annotation.Transactional
import java.io.File
/**
- * @author zhang by 01/02/2019
* @since JDK 11
*/
@Service
diff --git a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogService.kt b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogService.kt
index 61aaaf0e0e0c6acc732f339dfca551ddc9738c4c..1f55f588221624f7ad4f71e7a538b7e274a859bc 100644
--- a/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogService.kt
+++ b/modules/log-server/src/main/kotlin/io/gitee/zhangbinhub/admin/log/service/LogService.kt
@@ -5,10 +5,10 @@ import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.CalendarTools
import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.common.base.BaseService
import io.gitee.zhangbinhub.admin.common.vo.CustomerQueryPageVo
import io.gitee.zhangbinhub.admin.log.base.BaseLogEntity
import io.gitee.zhangbinhub.admin.log.base.BaseRepository
+import io.gitee.zhangbinhub.admin.log.base.BaseService
import io.gitee.zhangbinhub.admin.log.constant.LogConstant
import io.gitee.zhangbinhub.admin.log.entity.LoginLog
import io.gitee.zhangbinhub.admin.log.entity.OperateLog
@@ -18,16 +18,15 @@ import io.gitee.zhangbinhub.admin.log.po.LogQueryPo
import io.gitee.zhangbinhub.admin.log.repo.*
import io.gitee.zhangbinhub.admin.log.vo.LoginLogVo
import io.gitee.zhangbinhub.admin.resource.server.feign.CommonOauthServer
+import io.gitee.zhangbinhub.admin.resource.server.tools.TokenUserTools
import io.gitee.zhangbinhub.admin.resource.server.vo.ApplicationVo
import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
import jakarta.persistence.criteria.Predicate
import kotlinx.coroutines.delay
import kotlinx.coroutines.runBlocking
import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.data.domain.Page
import org.springframework.stereotype.Service
import org.springframework.transaction.annotation.Transactional
-import kotlin.math.log
/**
* @author zhang by 15/05/2019
@@ -39,6 +38,7 @@ class LogService @Autowired
constructor(
private val logAdapter: LogAdapter,
private val objectMapper: ObjectMapper,
+ private val tokenUserTools: TokenUserTools,
private val routeLogRepository: RouteLogRepository,
private val routeLogHistoryRepository: RouteLogHistoryRepository,
private val operateLogRepository: OperateLogRepository,
@@ -55,7 +55,7 @@ constructor(
return objectMapper.readValue(message, cls) ?: throw WebException("日志消息转换失败")
}
- private fun getTokenInfo(token: String): TokenUserInfoVo = commonOauthServer.tokenInfo(token)
+ private fun getTokenInfo(token: String): TokenUserInfoVo = tokenUserTools.getUserInfoFromToken()
private fun getAppInfo(token: String): ApplicationVo = commonOauthServer.appInfo(token)
diff --git a/modules/oauth-server/README.md b/modules/oauth-server/README.md
index 5a343b309b4d6be5b6ed50790838b2d73303e49e..999f2822ee5300983970978d0b5690e3f0ee4ddd 100644
--- a/modules/oauth-server/README.md
+++ b/modules/oauth-server/README.md
@@ -45,9 +45,5 @@
##### 六、自定义认证方式
- 1、新建
- AuthenticationToken,参考参考[OauthUserPasswordAuthenticationRequest](src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationRequest.kt)
-- 2、新建转换器
- AuthenticationConverter,参考[OauthUserPasswordAuthenticationConverter](src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationConverter.kt)
-- 3、新建提供者
- AuthenticationProvider,参考[OauthUserPasswordAuthenticationProvider](src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationProvider.kt)
-- 4、AuthorizationServerConfiguration 中加入对应配置
\ No newline at end of file
+ SaOAuth2GrantTypeHandlerInterface,参考参考[UserPasswordGrantTypeHandler.kt](src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/UserPasswordGrantTypeHandler.kt)
+- 2、AcpOauthServerAutoConfiguration 中加入对应配置
\ No newline at end of file
diff --git a/modules/oauth-server/build.gradle b/modules/oauth-server/build.gradle
index 2607a311076eeb9af8db7e212bc8578f6aa9d27f..1dcee965bcb3e20d745fe21363212c55d35f267c 100644
--- a/modules/oauth-server/build.gradle
+++ b/modules/oauth-server/build.gradle
@@ -1,9 +1,6 @@
apply from: "$rootDir/gradle/application.gradle"
dependencies {
implementation project(":acp-admin-cloud-dependencies-resource-server")
- implementation("org.springframework.boot:spring-boot-starter-oauth2-authorization-server") {
- exclude group: "org.springframework.boot", module: "spring-boot-starter-web"
- }
// 数据库及驱动
implementation "org.springframework.boot:spring-boot-starter-data-jpa"
implementation "com.mysql:mysql-connector-j:${libs.versions.mysql.get()}"
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/OauthServerApplication.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/OauthServerApplication.kt
index 22cd02cd90739f0762cec8cf480c1943e64b2899..f796073352f45d89b5ff2266c8e18bf1237f0dde 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/OauthServerApplication.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/OauthServerApplication.kt
@@ -4,7 +4,6 @@ import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudAtomApplication
import org.springframework.boot.runApplication
/**
- * @author zhangbin by 09/04/2018 16:11
* @since JDK 11
*/
@AcpCloudAtomApplication
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationConverter.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationConverter.kt
deleted file mode 100644
index 1cdbf0f6377e9ed99a3d7dacbffee79f974e470b..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationConverter.kt
+++ /dev/null
@@ -1,37 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.authentication
-
-import io.gitee.zhangbinhub.admin.oauth.base.BaseAuthenticationConverter
-import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
-import jakarta.servlet.http.HttpServletRequest
-import org.springframework.security.core.Authentication
-import org.springframework.security.core.context.SecurityContextHolder
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
-
-class OauthUserPasswordAuthenticationConverter : BaseAuthenticationConverter {
- override fun convert(request: HttpServletRequest): Authentication? {
- val grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE)
- if (OauthConstant.granterUserPassword != grantType) {
- return null
- }
- val clientPrincipal = SecurityContextHolder.getContext().authentication
- val parameters = getParameters(request)
- val username = parameters.getFirst(OAuth2ParameterNames.USERNAME)
- val password = parameters.getFirst(OAuth2ParameterNames.PASSWORD)
- val additionalParameters: MutableMap = HashMap()
- parameters.forEach { (key, value) ->
- if (key != OAuth2ParameterNames.GRANT_TYPE &&
- key != OAuth2ParameterNames.USERNAME &&
- key != OAuth2ParameterNames.PASSWORD
- ) {
- additionalParameters[key] = value[0]
- }
- }
- return OauthUserPasswordAuthenticationRequest(
- username,
- password,
- clientPrincipal,
- emptyList(),
- additionalParameters
- )
- }
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationProvider.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationProvider.kt
deleted file mode 100644
index 33641b4f90bdbf2230b2bf240e9c24fb776456f6..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationProvider.kt
+++ /dev/null
@@ -1,105 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.authentication
-
-import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
-import io.gitee.zhangbinhub.admin.oauth.base.BaseAuthenticationProvider
-import io.gitee.zhangbinhub.admin.oauth.component.AuthPasswordEncrypt
-import io.gitee.zhangbinhub.admin.oauth.component.AuthTokenService
-import io.gitee.zhangbinhub.admin.oauth.component.AuthUserService
-import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
-import io.gitee.zhangbinhub.admin.oauth.entity.User
-import io.gitee.zhangbinhub.admin.resource.server.tools.TokenTools
-import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
-import org.springframework.security.core.Authentication
-import org.springframework.security.core.AuthenticationException
-import org.springframework.security.oauth2.core.*
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator
-
-class OauthUserPasswordAuthenticationProvider(
- private val logAdapter: LogAdapter,
- private val tokenTools: TokenTools,
- private val authUserService: AuthUserService,
- private val authPasswordEncrypt: AuthPasswordEncrypt,
- private val tokenGenerator: OAuth2TokenGenerator,
- private val authTokenService: AuthTokenService
-) : BaseAuthenticationProvider {
- @Throws(AuthenticationException::class)
- override fun authenticate(authentication: Authentication): Authentication {
- val oauthUserPasswordAuthenticationRequest = authentication as OauthUserPasswordAuthenticationRequest
- val user = validateUser(oauthUserPasswordAuthenticationRequest)
- val clientPrincipal: OAuth2ClientAuthenticationToken =
- oauthUserPasswordAuthenticationRequest.clientPrincipal as OAuth2ClientAuthenticationToken
- val registeredClient = getRegisteredClient(clientPrincipal)
- // 强制删除之前的token
- authTokenService.removeTokensByClientIdAndUserName(registeredClient.id, user.loginNo)
- // 获取 builder
- val authorizationBuilder = getAuthorizationBuilder(
- registeredClient,
- AuthorizationGrantType(OauthConstant.granterUserPassword),
- clientPrincipal,
- user.loginNo
- )
- return generateToken(
- registeredClient,
- clientPrincipal,
- oauthUserPasswordAuthenticationRequest,
- AuthorizationGrantType(OauthConstant.granterUserPassword),
- authorizationBuilder,
- tokenGenerator,
- authUserService.loadUserAuthorities(user),
- tokenTools.encryptUserInfo(
- TokenUserInfoVo(
- appId = registeredClient.clientId,
- id = user.id,
- loginNo = user.loginNo,
- name = user.name,
- mobile = user.mobile,
- loginTime = System.currentTimeMillis()
- )
- ),
- oauthUserPasswordAuthenticationRequest.additionalParameters
- ).apply {
- authTokenService.save(authorizationBuilder.build())
- }
- }
-
- override fun supports(authentication: Class<*>): Boolean {
- return OauthUserPasswordAuthenticationRequest::class.java.isAssignableFrom(authentication)
- }
-
- @Throws(OAuth2AuthenticationException::class)
- fun validateUser(oauthUserPasswordAuthenticationRequest: OauthUserPasswordAuthenticationRequest): User =
- (oauthUserPasswordAuthenticationRequest.principal as? String)?.let { username ->
- authUserService.loadUserByUsername(username).apply {
- if (!this.enabled) {
- logAdapter.error("用户【${this.loginNo}】已被锁定或禁用!")
- throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST, "用户【${this.loginNo}】已被锁定或禁用!", null
- )
- )
- }
- (oauthUserPasswordAuthenticationRequest.credentials as? String)?.let { password ->
- if (!authPasswordEncrypt.matches(password, this.password)) {
- authUserService.storePasswordErrorTime(username)
- logAdapter.error("【${username}】用户名或密码不正确!")
- throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST, "【${username}】用户名或密码不正确!", null
- )
- )
- } else {
- authUserService.clearPasswordErrorTime(username)
- }
- } ?: throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST, "密码不能为空!", null
- )
- )
- }
- } ?: throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST, "用户名不能为空!", null
- )
- )
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationRequest.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationRequest.kt
deleted file mode 100644
index 3afaf237cc188b5f71f64fa20924c073f4140907..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/OauthUserPasswordAuthenticationRequest.kt
+++ /dev/null
@@ -1,25 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.authentication
-
-import org.springframework.security.authentication.AbstractAuthenticationToken
-import org.springframework.security.core.Authentication
-import org.springframework.security.core.GrantedAuthority
-
-class OauthUserPasswordAuthenticationRequest(
- private val principal: Any?,
- private val credentials: Any?,
- val clientPrincipal: Authentication,
- authorities: Collection?,
- val additionalParameters: Map
-) : AbstractAuthenticationToken(authorities) {
- override fun getPrincipal(): Any? {
- return principal
- }
-
- override fun getCredentials(): Any? {
- return credentials
- }
-
- companion object {
- private const val serialVersionUID = 8370701114478265244L
- }
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/UserPasswordGrantTypeHandler.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/UserPasswordGrantTypeHandler.kt
new file mode 100644
index 0000000000000000000000000000000000000000..dfc990767464d571f2309f01cfc3f0dc7b0d69b4
--- /dev/null
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/authentication/UserPasswordGrantTypeHandler.kt
@@ -0,0 +1,91 @@
+package io.gitee.zhangbinhub.admin.oauth.authentication
+
+import cn.dev33.satoken.context.model.SaRequest
+import cn.dev33.satoken.oauth2.SaOAuth2Manager
+import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts
+import cn.dev33.satoken.oauth2.data.model.AccessTokenModel
+import cn.dev33.satoken.oauth2.data.model.request.RequestAuthModel
+import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception
+import cn.dev33.satoken.oauth2.granttype.handler.SaOAuth2GrantTypeHandlerInterface
+import cn.dev33.satoken.stp.StpUtil
+import cn.dev33.satoken.stp.parameter.SaLoginParameter
+import cn.dev33.satoken.util.SaResult
+import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
+import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
+import io.gitee.zhangbinhub.admin.oauth.component.AuthPasswordEncrypt
+import io.gitee.zhangbinhub.admin.oauth.component.AuthUserService
+import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
+import io.gitee.zhangbinhub.admin.oauth.entity.User
+import io.gitee.zhangbinhub.admin.oauth.service.ApplicationService
+import io.gitee.zhangbinhub.admin.resource.server.tools.TokenUserTools
+import io.gitee.zhangbinhub.admin.resource.server.vo.TokenUserInfoVo
+import org.springframework.http.HttpStatus
+import org.springframework.stereotype.Component
+
+@Component
+class UserPasswordGrantTypeHandler(
+ private val applicationService: ApplicationService,
+ private val authUserService: AuthUserService,
+ private val authPasswordEncrypt: AuthPasswordEncrypt,
+ private val tokenUserTools: TokenUserTools
+) : SaOAuth2GrantTypeHandlerInterface {
+ override fun getHandlerGrantType(): String = OauthConstant.granterUserPassword
+
+ @Throws(WebException::class, SaOAuth2Exception::class)
+ override fun getAccessToken(req: SaRequest, clientId: String, scopes: MutableList): AccessTokenModel {
+ val username: String = req.getParamNotNull(SaOAuth2Consts.Param.username)
+ val password: String = req.getParamNotNull(SaOAuth2Consts.Param.password)
+ val user = this.loginByUsernamePassword(clientId, username, password)
+ val loginId = StpUtil.getLoginIdDefaultNull()
+ if (loginId == null) {
+ throw SaOAuth2Exception("登录失败")
+ } else {
+ val ra = RequestAuthModel()
+ ra.clientId = clientId
+ ra.loginId = loginId
+ ra.scopes = scopes
+ return SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true) { atm ->
+ atm.grantType = OauthConstant.granterUserPassword
+ atm.extraData[AcpCloudResourceServerConstant.TOKEN_CLAIMS_USER_INFO] = tokenUserTools.encryptUserInfo(
+ TokenUserInfoVo(
+ appId = clientId,
+ id = user.id,
+ loginNo = user.loginNo,
+ name = user.name,
+ mobile = user.mobile,
+ loginTime = System.currentTimeMillis()
+ )
+ )
+ atm.extraData[AcpCloudResourceServerConstant.TOKEN_CLAIMS_PERMISSION] =
+ authUserService.getPermissionList(
+ loginId
+ )
+ atm.extraData[AcpCloudResourceServerConstant.TOKEN_CLAIMS_ROLE] = authUserService.getRoleList(loginId)
+ }
+ }
+ }
+
+ @Throws(WebException::class)
+ private fun loginByUsernamePassword(clientId: String, username: String, password: String): User {
+ try {
+ val user = authUserService.loadUserByUsername(username)
+ if (authPasswordEncrypt.matches(password, user.password)) {
+ StpUtil.logout(username, clientId)
+ StpUtil.login(
+ username, SaLoginParameter().setDeviceType(clientId).setTimeout(
+ applicationService.getApp(clientId)?.refreshTokenValiditySeconds?.toLong()
+ ?: throw SaOAuth2Exception("client_id 无效")
+ )
+ )
+ SaResult.ok()
+ authUserService.clearPasswordErrorTime(username)
+ return user
+ } else {
+ authUserService.storePasswordErrorTime(username)
+ throw SaOAuth2Exception("账号或密码错误")
+ }
+ } catch (e: Exception) {
+ throw WebException(HttpStatus.UNAUTHORIZED, e.message)
+ }
+ }
+}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationConverter.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationConverter.kt
deleted file mode 100644
index b654cddde103916583f3b28cb98ca7183a24ab94..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationConverter.kt
+++ /dev/null
@@ -1,21 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.base
-
-import jakarta.servlet.http.HttpServletRequest
-import org.springframework.security.web.authentication.AuthenticationConverter
-import org.springframework.util.LinkedMultiValueMap
-import org.springframework.util.MultiValueMap
-
-interface BaseAuthenticationConverter : AuthenticationConverter {
- fun getParameters(request: HttpServletRequest): MultiValueMap {
- val parameterMap = request.parameterMap
- val parameters: MultiValueMap = LinkedMultiValueMap(parameterMap.size)
- parameterMap.forEach { (key: String, values: Array) ->
- if (values.isNotEmpty()) {
- for (value in values) {
- parameters.add(key, value)
- }
- }
- }
- return parameters
- }
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationProvider.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationProvider.kt
deleted file mode 100644
index 3ce5df17bc1b82a32b40719b6c2b0730bbb46d78..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseAuthenticationProvider.kt
+++ /dev/null
@@ -1,150 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.base
-
-import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
-import org.springframework.security.authentication.AuthenticationProvider
-import org.springframework.security.core.Authentication
-import org.springframework.security.core.AuthenticationException
-import org.springframework.security.core.GrantedAuthority
-import org.springframework.security.oauth2.core.*
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient
-import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder
-import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator
-import java.security.Principal
-
-interface BaseAuthenticationProvider : AuthenticationProvider {
- fun getAuthorizationBuilder(
- registeredClient: RegisteredClient,
- authorizationGrantType: AuthorizationGrantType,
- clientPrincipal: OAuth2ClientAuthenticationToken,
- principalName: String
- ): OAuth2Authorization.Builder = OAuth2Authorization.withRegisteredClient(registeredClient)
- .authorizationGrantType(authorizationGrantType)
- .attributes { attrs -> attrs[Principal::class.java.name] = clientPrincipal }
- .authorizedScopes(registeredClient.scopes)
- .principalName(principalName)
-
- @Throws(AuthenticationException::class)
- fun getRegisteredClient(oAuth2ClientAuthenticationToken: OAuth2ClientAuthenticationToken) =
- oAuth2ClientAuthenticationToken.registeredClient ?: run {
- val error = OAuth2Error(
- OAuth2ErrorCodes.UNAUTHORIZED_CLIENT, "The client unauthorized.", null
- )
- throw OAuth2AuthenticationException(error)
- }
-
- @Throws(AuthenticationException::class)
- fun generateToken(
- registeredClient: RegisteredClient,
- clientPrincipal: OAuth2ClientAuthenticationToken,
- principal: Authentication,
- authorizationGrantType: AuthorizationGrantType,
- authorizationBuilder: OAuth2Authorization.Builder,
- tokenGenerator: OAuth2TokenGenerator,
- userAuthorities: Set,
- tokenClaimsUserinfo: String,
- additionalParameters: Map
- ): OAuth2AccessTokenAuthenticationToken {
- val tokenContextBuilder = DefaultOAuth2TokenContext.builder().registeredClient(registeredClient)
- .principal(principal)
- .authorizationServerContext(AuthorizationServerContextHolder.getContext())
- .authorizedScopes(registeredClient.scopes)
- .authorizationGrantType(authorizationGrantType)
- .authorizationGrant(principal)
- val accessToken = generateAccessToken(
- tokenContextBuilder,
- tokenGenerator,
- authorizationBuilder,
- userAuthorities,
- tokenClaimsUserinfo
- )
- val refreshToken = generateRefreshToken(
- registeredClient,
- clientPrincipal,
- tokenContextBuilder,
- tokenGenerator,
- authorizationBuilder
- )
- return OAuth2AccessTokenAuthenticationToken(
- registeredClient,
- clientPrincipal,
- accessToken,
- refreshToken,
- additionalParameters
- ).apply {
- this.isAuthenticated = userAuthorities.isNotEmpty() || accessToken.scopes.isNotEmpty()
- }
- }
-
- @Throws(AuthenticationException::class)
- fun generateAccessToken(
- tokenContextBuilder: DefaultOAuth2TokenContext.Builder,
- tokenGenerator: OAuth2TokenGenerator,
- authorizationBuilder: OAuth2Authorization.Builder,
- userAuthorities: Set,
- tokenClaimsUserinfo: String
- ): OAuth2AccessToken {
- val tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build()
- return tokenGenerator.generate(tokenContext).let { generatedAccessToken ->
- if (generatedAccessToken == null) {
- val error = OAuth2Error(
- OAuth2ErrorCodes.SERVER_ERROR, "The token generator failed to generate the access token.", null
- )
- throw OAuth2AuthenticationException(error)
- }
- OAuth2AccessToken(
- OAuth2AccessToken.TokenType.BEARER,
- generatedAccessToken.tokenValue,
- generatedAccessToken.issuedAt,
- generatedAccessToken.expiresAt,
- tokenContext.authorizedScopes
- ).apply {
- if (generatedAccessToken is ClaimAccessor) {
- val claims = (generatedAccessToken as ClaimAccessor).claims.toMutableMap()
- claims[AcpCloudResourceServerConstant.TOKEN_CLAIMS_AUTHORITIES] =
- userAuthorities.map { item -> item.authority }.toSet()
- // 添加附加的用户信息 start
- claims[AcpCloudResourceServerConstant.TOKEN_CLAIMS_USER_INFO] = tokenClaimsUserinfo
- // 添加附加的用户信息 end
- authorizationBuilder.token(this) { metadata ->
- metadata[OAuth2Authorization.Token.CLAIMS_METADATA_NAME] = claims
- }
- } else {
- authorizationBuilder.accessToken(this)
- }
- }
- }
- }
-
- @Throws(AuthenticationException::class)
- fun generateRefreshToken(
- registeredClient: RegisteredClient,
- clientPrincipal: OAuth2ClientAuthenticationToken,
- tokenContextBuilder: DefaultOAuth2TokenContext.Builder,
- tokenGenerator: OAuth2TokenGenerator,
- authorizationBuilder: OAuth2Authorization.Builder
- ): OAuth2RefreshToken? =
- if (registeredClient.authorizationGrantTypes.contains(AuthorizationGrantType.REFRESH_TOKEN) && clientPrincipal.clientAuthenticationMethod != ClientAuthenticationMethod.NONE) {
- tokenGenerator.generate(tokenContextBuilder.tokenType(OAuth2TokenType.REFRESH_TOKEN).build())
- ?.let { generatedRefreshToken ->
- if (generatedRefreshToken !is OAuth2RefreshToken) {
- throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.SERVER_ERROR,
- "The token generator failed to generate the refresh token.",
- null
- )
- )
- }
- generatedRefreshToken
- }?.apply {
- authorizationBuilder.refreshToken(this)
- }
- } else {
- null
- }
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseService.kt
new file mode 100644
index 0000000000000000000000000000000000000000..30cc5d6c8656f518a8b2ed3ca46bf3a852568ab9
--- /dev/null
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/BaseService.kt
@@ -0,0 +1,30 @@
+package io.gitee.zhangbinhub.admin.oauth.base
+
+import io.gitee.zhangbinhub.acp.core.common.CommonTools
+import io.gitee.zhangbinhub.admin.common.po.QueryParam
+import org.springframework.data.domain.PageRequest
+import org.springframework.data.domain.Sort
+
+/**
+ * @author zhang by 15/01/2019
+ * @since JDK 11
+ */
+abstract class BaseService {
+
+ protected fun buildPageRequest(queryParam: QueryParam): PageRequest =
+ if (CommonTools.isNullStr(queryParam.orderName) || CommonTools.isNullStr(queryParam.orderCommand)) {
+ PageRequest.of(queryParam.currPage!! - 1, queryParam.pageSize!!)
+ } else {
+ var direction: Sort.Direction = Sort.Direction.ASC
+ if (queryParam.orderCommand!!.startsWith("desc", ignoreCase = true)) {
+ direction = Sort.Direction.DESC
+ }
+ PageRequest.of(
+ queryParam.currPage!! - 1,
+ queryParam.pageSize!!,
+ direction,
+ *queryParam.orderName!!.split(",".toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray()
+ )
+ }
+
+}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/OauthBaseService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/OauthBaseService.kt
index 70c159ed41b8a67bb834b1f19a67520c570f7f57..c63adc75552f7b698c0ba65f1eec28b4b9caaf1b 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/OauthBaseService.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/base/OauthBaseService.kt
@@ -1,7 +1,6 @@
package io.gitee.zhangbinhub.admin.oauth.base
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
-import io.gitee.zhangbinhub.admin.common.base.BaseService
import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.oauth.entity.Organization
import io.gitee.zhangbinhub.admin.oauth.entity.Role
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshApplicationEventListener.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshApplicationEventListener.kt
index 2649e62b3df89c5fd3525bc341d349371d8472e5..db72abfe116d4c728ea1f9c30a51264fcc446ab7 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshApplicationEventListener.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshApplicationEventListener.kt
@@ -5,14 +5,13 @@ import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.task.BaseAsyncTask
import io.gitee.zhangbinhub.acp.core.common.task.threadpool.ThreadPoolService
import io.gitee.zhangbinhub.admin.common.event.ReloadDataBusEvent
-import io.gitee.zhangbinhub.admin.oauth.component.AuthClientService
+import io.gitee.zhangbinhub.admin.oauth.conf.AcpOauthServerAutoConfiguration
import io.gitee.zhangbinhub.admin.oauth.constant.BusEventMessage
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.context.ApplicationListener
import org.springframework.stereotype.Component
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
@Component
@@ -20,7 +19,7 @@ class RefreshApplicationEventListener @Autowired
constructor(
private val logAdapter: LogAdapter,
private val objectMapper: ObjectMapper,
- private val authClientService: AuthClientService
+ private val acpOauthServerAutoConfiguration: AcpOauthServerAutoConfiguration
) : ApplicationListener {
override fun onApplicationEvent(reloadDataBusEvent: ReloadDataBusEvent) {
@@ -33,7 +32,7 @@ constructor(
override fun beforeExecuteFun(): Boolean = true
override fun executeFun(): Any? {
logAdapter.info("开始刷新client数据...")
- authClientService.loadClientInfo()
+ acpOauthServerAutoConfiguration.loadClientInfo()
logAdapter.info("client数据刷新完成!")
return true
}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshRuntimeEventListener.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshRuntimeEventListener.kt
index 9ab9edf6a6c0c893fc2bab347d5ea9d7f3f4e8e7..df989c7dd8d68dfa2a897410e722ffdbc06f5ed6 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshRuntimeEventListener.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/listener/RefreshRuntimeEventListener.kt
@@ -12,7 +12,6 @@ import org.springframework.context.ApplicationListener
import org.springframework.stereotype.Component
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
@Component
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/publish/RefreshEventPublish.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/publish/RefreshEventPublish.kt
index 25ee200aacba49079b20fcb050ffe4753d0aa8c0..f820f4f26b3d7f6478a52b2a63170cd2d0a66002 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/publish/RefreshEventPublish.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/bus/publish/RefreshEventPublish.kt
@@ -8,7 +8,6 @@ import org.springframework.context.ApplicationContext
import org.springframework.stereotype.Component
/**
- * @author zhang by 19/03/2019
* @since JDK 11
*/
@Component
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthClientService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthClientService.kt
deleted file mode 100644
index c057bd56f93318a0ae71303793130c9a2fffaf1b..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthClientService.kt
+++ /dev/null
@@ -1,121 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.component
-
-import io.gitee.zhangbinhub.acp.cloud.resource.server.conf.AcpCloudResourceServerConfiguration
-import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
-import io.gitee.zhangbinhub.admin.oauth.service.ApplicationService
-import jakarta.annotation.PostConstruct
-import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.security.oauth2.core.AuthorizationGrantType
-import org.springframework.security.oauth2.core.ClientAuthenticationMethod
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClient
-import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
-import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat
-import org.springframework.security.oauth2.server.authorization.settings.TokenSettings
-import org.springframework.stereotype.Component
-import org.springframework.util.Assert
-import org.springframework.util.StringUtils
-import java.time.Duration
-import java.util.concurrent.ConcurrentHashMap
-
-/**
- * @author zhangbin by 11/04/2018 15:21
- * @since JDK 11
- */
-@Component
-class AuthClientService @Autowired
-constructor(
- private val applicationService: ApplicationService,
- private val acpCloudResourceServerConfiguration: AcpCloudResourceServerConfiguration
-) : RegisteredClientRepository {
- private val idRegistrationMap: ConcurrentHashMap = ConcurrentHashMap()
- private val clientIdRegistrationMap: ConcurrentHashMap = ConcurrentHashMap()
-
- /**
- * 初始化客户端信息
- */
- @PostConstruct
- fun loadClientInfo() = applicationService.getAppList().let { applicationList ->
- idRegistrationMap.clear()
- clientIdRegistrationMap.clear()
- applicationList.forEach { application ->
- RegisteredClient.withId(application.id)
- .clientId(application.id)
- .clientSecret(application.secret)
- .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
- .authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
- .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
- .authorizationGrantType(AuthorizationGrantType(OauthConstant.granterUserPassword))
- .scopes { scopes ->
- application.scope?.apply {
- if (!CommonTools.isNullStr(this)) {
- this.split(",").forEach { appScope -> scopes.add(appScope) }
- }
- }
- }
- .tokenSettings(
- TokenSettings.builder()
- .accessTokenFormat(OAuth2TokenFormat.REFERENCE)
- .reuseRefreshTokens(true)
- .accessTokenTimeToLive(Duration.ofSeconds(application.accessTokenValiditySeconds.toLong()))
- .refreshTokenTimeToLive(Duration.ofSeconds(application.refreshTokenValiditySeconds.toLong()))
- .build()
- )
- .build().apply {
- save(this)
- }
- }
- val registeredClientInner = RegisteredClient.withId("acpCloudInnerClient")
- .clientId(acpCloudResourceServerConfiguration.clientId)
- .clientSecret(acpCloudResourceServerConfiguration.clientSecret)
- .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
- .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
- .scopes { scopes -> scopes.add("INNER") }
- .tokenSettings(
- TokenSettings.builder()
- .accessTokenFormat(OAuth2TokenFormat.REFERENCE)
- .reuseRefreshTokens(true)
- .accessTokenTimeToLive(Duration.ofSeconds(600))
- .refreshTokenTimeToLive(Duration.ofSeconds(86400)).build()
- )
- .build()
- save(registeredClientInner)
- }
-
- override fun save(registeredClient: RegisteredClient) {
- Assert.notNull(registeredClient, "registeredClient cannot be null")
- assertUniqueIdentifiers(registeredClient, idRegistrationMap)
- idRegistrationMap[registeredClient.id] = registeredClient
- clientIdRegistrationMap[registeredClient.clientId] = registeredClient
- }
-
- override fun findById(id: String): RegisteredClient? {
- Assert.hasText(id, "id cannot be empty")
- return idRegistrationMap[id]
- }
-
- override fun findByClientId(clientId: String): RegisteredClient? {
- Assert.hasText(clientId, "clientId cannot be empty")
- return clientIdRegistrationMap[clientId]
- }
-
- private fun assertUniqueIdentifiers(
- registeredClient: RegisteredClient,
- registrations: Map
- ) {
- registrations.values.forEach { registration ->
- require(registeredClient.id != registration.id) {
- "Registered client must be unique. " +
- "Found duplicate identifier: " + registeredClient.id
- }
- require(registeredClient.clientId != registration.clientId) {
- "Registered client must be unique. " +
- "Found duplicate client identifier: " + registeredClient.clientId
- }
- require(StringUtils.hasText(registeredClient.clientSecret) && registeredClient.clientSecret != registration.clientSecret) {
- "Registered client must be unique. " +
- "Found duplicate client secret for identifier: " + registeredClient.id
- }
- }
- }
-}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthPasswordEncoder.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthPasswordEncoder.kt
deleted file mode 100644
index 625c01a470eba02c6062e39c24edd0ab43bdd167..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthPasswordEncoder.kt
+++ /dev/null
@@ -1,31 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.component
-
-import org.springframework.security.crypto.password.PasswordEncoder
-import org.springframework.stereotype.Component
-
-/**
- * 密码编码器
- *
- * @author zhangbin by 11/04/2018 17:14
- * @since JDK 11
- */
-@Component
-class AuthPasswordEncoder : PasswordEncoder {
- /**
- * 编码
- *
- * @param rawPassword 原始密码
- * @return 编码结果
- */
- override fun encode(rawPassword: CharSequence) = rawPassword.toString()
-
- /**
- * 匹配
- *
- * @param rawPassword 原始密码,客户端上送的值
- * @param encodedPassword 编码后的密码,存储在服务器上的值,SecurityUserDetailsService 指定
- * @return 匹配结果
- */
- override fun matches(rawPassword: CharSequence, encodedPassword: String): Boolean =
- rawPassword.toString().equals(encodedPassword, ignoreCase = true)
-}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthTokenService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthTokenService.kt
deleted file mode 100644
index e2f1e4d14d52a0d7ee0d4f4330567dd0b807f2ae..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthTokenService.kt
+++ /dev/null
@@ -1,136 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.component
-
-import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.data.redis.connection.RedisConnectionFactory
-import org.springframework.security.oauth2.core.*
-import org.springframework.security.oauth2.server.authorization.OAuth2Authorization
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService
-import org.springframework.security.oauth2.server.authorization.OAuth2TokenType
-import org.springframework.stereotype.Component
-import org.springframework.util.SerializationUtils
-import java.io.*
-import java.nio.charset.Charset
-
-@Component
-class AuthTokenService @Autowired constructor(private val redisConnectionFactory: RedisConnectionFactory) :
- OAuth2AuthorizationService {
- private val tokenPrefixId = "acp_cloud_oauth_token_id_"
- private val tokenPrefixValue = "acp_cloud_oauth_token_value_"
- private val tokenPrefixClientId = "acp_cloud_oauth_token_client_id_"
- private val charSet = CommonTools.getDefaultCharset()
-
- override fun save(authorization: OAuth2Authorization) {
- val serializeTokenId = serializeKey("$tokenPrefixId${authorization.id}")
- val serializeTokenValue = serializeKey("$tokenPrefixValue${authorization.accessToken.token.tokenValue}")
- val serializeClientId = serializeKey("$tokenPrefixClientId${authorization.registeredClientId}")
- val authInfo = serialize(authorization)
- val expiresMillis = authorization.accessToken.token.expiresAt.let { expiration ->
- if (expiration != null) {
- expiration.toEpochMilli() - System.currentTimeMillis()
- } else {
- 0
- }
- }
- redisConnectionFactory.connection.use { connection ->
- connection.openPipeline()
- connection.stringCommands().set(serializeTokenId, authInfo)
- connection.stringCommands().set(serializeTokenValue, authInfo)
- connection.setCommands().sAdd(serializeClientId, authInfo)
- connection.keyCommands().pExpire(serializeTokenId, expiresMillis)
- connection.keyCommands().pExpire(serializeTokenValue, expiresMillis)
- connection.closePipeline()
- }
- }
-
- override fun remove(authorization: OAuth2Authorization) {
- val serializeTokenId = serializeKey("$tokenPrefixId${authorization.id}")
- val serializeTokenValue = serializeKey("$tokenPrefixValue${authorization.accessToken.token.tokenValue}")
- val serializeClientId = serializeKey("$tokenPrefixClientId${authorization.registeredClientId}")
- redisConnectionFactory.connection.use { connection ->
- connection.openPipeline()
- connection.stringCommands().get(serializeTokenId)
- connection.keyCommands().del(serializeTokenId, serializeTokenValue)
- connection.closePipeline().let { result ->
- result[0] as? ByteArray
- }?.let { access ->
- connection.setCommands().sRem(serializeClientId, access)
- }
- }
- }
-
- fun removeByToken(token: String) {
- findByToken(token)?.apply { remove(this) }
- }
-
- fun removeTokensByClientIdAndUserName(clientId: String, userName: String) {
- findTokensByClientIdAndUserName(clientId, userName).forEach { remove(it) }
- }
-
- override fun findById(id: String?): OAuth2Authorization? =
- redisConnectionFactory.connection.use { connection ->
- connection.stringCommands().get(serializeKey("$tokenPrefixId$id"))?.let {
- deserialize(it)
- }
- }
-
- fun findByToken(token: String?): OAuth2Authorization? = findByToken(token, null)
-
- override fun findByToken(token: String?, tokenType: OAuth2TokenType?): OAuth2Authorization? =
- redisConnectionFactory.connection.use { connection ->
- connection.stringCommands().get(serializeKey("$tokenPrefixValue$token"))?.let {
- deserialize(it)
- }
- }
-
- fun findTokensByClientIdAndUserName(clientId: String, userName: String): Collection =
- findTokensByClientId(clientId).filter { it.principalName == userName }
-
- fun findTokensByClientId(clientId: String): Collection =
- serializeKey("$tokenPrefixClientId$clientId").let { serializeClientId ->
- redisConnectionFactory.connection.use { connection ->
- connection.setCommands().sMembers(serializeClientId)?.let { byteArrayList ->
- connection.openPipeline()
- val authorizationList = byteArrayList.map { byteArray ->
- deserialize(byteArray).let { authorization ->
- if (authorization.accessToken.isExpired) {
- connection.setCommands().sRem(serializeClientId, byteArray)
- null
- } else {
- authorization
- }
- }
- }
- connection.closePipeline()
- authorizationList.filterNotNull()
- } ?: emptySet()
- }
- }
-
- /**
- * 序列化key
- */
- fun serializeKey(key: String): ByteArray = key.toByteArray(charSet)
-
- /**
- * 序列化
- */
- @Throws(OAuth2AuthenticationException::class)
- fun serialize(oAuth2Authorization: OAuth2Authorization): ByteArray =
- SerializationUtils.serialize(oAuth2Authorization) ?: throw OAuth2AuthenticationException("序列化失败")
-
- /**
- * 反序列化
- */
- @Throws(IOException::class, ClassNotFoundException::class, OAuth2AuthorizationException::class)
- fun deserialize(serializeData: ByteArray): OAuth2Authorization =
- (try {
- ObjectInputStream(ByteArrayInputStream(serializeData)).use { ois -> ois.readObject() }
- } catch (ex: IOException) {
- throw IllegalArgumentException("Failed to deserialize object", ex)
- } catch (ex: ClassNotFoundException) {
- throw IllegalStateException("Failed to deserialize object type", ex)
- } as? OAuth2Authorization) ?: throw OAuth2AuthorizationException(
- OAuth2Error(OAuth2ErrorCodes.INVALID_TOKEN), "反序列化失败"
- )
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthUserService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthUserService.kt
index 6e6f8b390bb2b8ba76aa60cc5f1e6c26360061cc..19a75e4090022724dd2bd8e6ed51b7ea212e4bb4 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthUserService.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/AuthUserService.kt
@@ -1,23 +1,18 @@
package io.gitee.zhangbinhub.admin.oauth.component
+import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
+import io.gitee.zhangbinhub.admin.oauth.entity.User
import io.gitee.zhangbinhub.admin.oauth.service.ModuleFuncService
import io.gitee.zhangbinhub.admin.oauth.service.RuntimeConfigService
import io.gitee.zhangbinhub.admin.oauth.service.UserService
-import io.gitee.zhangbinhub.admin.oauth.entity.User
import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.security.core.GrantedAuthority
-import org.springframework.security.core.authority.SimpleGrantedAuthority
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException
-import org.springframework.security.oauth2.core.OAuth2Error
-import org.springframework.security.oauth2.core.OAuth2ErrorCodes
import org.springframework.stereotype.Component
/**
- * @author zhangbin by 11/04/2018 15:19
* @since JDK 11
*/
@Component
@@ -33,31 +28,16 @@ constructor(
*
* @param username 用户名
* @return 用户对象
- * @throws OAuth2AuthenticationException 找不到用户信息异常
+ * @throws SaOAuth2Exception 找不到用户信息异常
*/
- @Throws(OAuth2AuthenticationException::class)
- fun loadUserByUsername(username: String): User = userService.getUserInfoByLoginNo(username, true)
- ?: throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST,
- "无此用户:$username",
- null
- )
- )
-
- fun loadUserAuthorities(user: User): Set = mutableSetOf().apply {
- user.roleSet.forEach { role ->
- this.add(SimpleGrantedAuthority(RoleCode.prefix + role.code)) //角色编码
- }
- moduleFuncService.getModuleFuncList(user.id).forEach { module ->
- this.add(SimpleGrantedAuthority(module.code)) //模块功能编码
- }
- }
+ @Throws(SaOAuth2Exception::class)
+ fun loadUserByUsername(username: String): User =
+ userService.getUserInfoByLoginNo(username, true) ?: throw SaOAuth2Exception("无此用户:$username")
/**
* 记录用户密码错误次数
*/
- @Throws(OAuth2AuthenticationException::class)
+ @Throws(SaOAuth2Exception::class)
fun storePasswordErrorTime(username: String) = userService.storePasswordErrorTime(username).let {
runtimeConfigService.findByName(OauthConstant.passwordErrorTime)?.let { runtimeConfig ->
if (runtimeConfig.enabled && !CommonTools.isNullStr(runtimeConfig.value)) {
@@ -68,13 +48,7 @@ constructor(
userService.doSaveUser(this)
}
logAdapter.error("错误次数达${maxPasswordErrorTime}次,账号已禁用,请联系系统管理员!")
- throw OAuth2AuthenticationException(
- OAuth2Error(
- OAuth2ErrorCodes.INVALID_REQUEST,
- "错误次数达${maxPasswordErrorTime}次,账号已禁用,请联系系统管理员!",
- null
- )
- )
+ throw SaOAuth2Exception("错误次数达${maxPasswordErrorTime}次,账号已禁用,请联系系统管理员!")
}
}
}
@@ -85,4 +59,25 @@ constructor(
* 清除用户密码错误次数
*/
fun clearPasswordErrorTime(username: String) = userService.clearPasswordErrorTime(username)
+
+ fun getPermissionList(loginId: Any): MutableList =
+ userService.getUserInfoByLoginNo(loginId.toString())?.let { user ->
+ mutableListOf().apply {
+ moduleFuncService.getModuleFuncList(user.id).forEach { module ->
+ this.add(module.code) //模块功能编码
+ }
+ user.roleSet.forEach { role ->
+ this.add("${RoleCode.prefix}${role.code}") //角色编码
+ }
+ }
+ } ?: mutableListOf()
+
+ fun getRoleList(loginId: Any): MutableList =
+ userService.getUserInfoByLoginNo(loginId.toString())?.let { user ->
+ mutableListOf().apply {
+ user.roleSet.forEach { role ->
+ this.add(role.code) //角色编码
+ }
+ }
+ } ?: mutableListOf()
}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/BasicUserDetailsService.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/BasicUserDetailsService.kt
deleted file mode 100644
index b619cb8e2704aa0aebbd1bfe115db43905218406..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/component/BasicUserDetailsService.kt
+++ /dev/null
@@ -1,43 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.component
-
-import io.gitee.zhangbinhub.acp.cloud.resource.server.conf.AcpCloudResourceServerConfiguration
-import org.springframework.security.core.GrantedAuthority
-import org.springframework.security.core.authority.SimpleGrantedAuthority
-import org.springframework.security.core.userdetails.User
-import org.springframework.security.core.userdetails.UserDetails
-import org.springframework.security.core.userdetails.UserDetailsService
-import org.springframework.security.core.userdetails.UsernameNotFoundException
-import org.springframework.stereotype.Component
-
-/**
- * @author zhangbin by 11/04/2018 15:19
- * @since JDK 11
- */
-@Component
-class BasicUserDetailsService(acpCloudResourceServerConfiguration: AcpCloudResourceServerConfiguration) :
- UserDetailsService {
- private val users: MutableMap = HashMap()
-
- init {
- users[acpCloudResourceServerConfiguration.clientId] = acpCloudResourceServerConfiguration.clientSecret
- }
-
- /**
- * 根据 username 获取用户信息
- *
- * @param username 用户名
- * @return 用户对象
- * @throws UsernameNotFoundException 找不到用户信息异常
- */
- @Throws(UsernameNotFoundException::class)
- override fun loadUserByUsername(username: String): UserDetails {
- val grantedAuthorities: MutableSet = HashSet()
- grantedAuthorities.add(SimpleGrantedAuthority("ROLE_ACTUATOR")) //角色编码
- val password = if (users.containsKey(username)) {
- users[username]
- } else {
- throw UsernameNotFoundException("Basic用户名【$username】无效!")
- }
- return User(username, password, true, true, true, true, grantedAuthorities)
- }
-}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AcpOauthServerAutoConfiguration.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AcpOauthServerAutoConfiguration.kt
new file mode 100644
index 0000000000000000000000000000000000000000..b7b061ccf62c54020442e2f686054dadb0d1f4da
--- /dev/null
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AcpOauthServerAutoConfiguration.kt
@@ -0,0 +1,60 @@
+package io.gitee.zhangbinhub.admin.oauth.conf
+
+import cn.dev33.satoken.oauth2.config.SaOAuth2ServerConfig
+import cn.dev33.satoken.oauth2.consts.GrantType
+import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts
+import cn.dev33.satoken.oauth2.data.model.loader.SaClientModel
+import cn.dev33.satoken.oauth2.strategy.SaOAuth2Strategy
+import com.fasterxml.jackson.databind.ObjectMapper
+import io.gitee.zhangbinhub.admin.oauth.authentication.UserPasswordGrantTypeHandler
+import io.gitee.zhangbinhub.admin.oauth.constant.OauthConstant
+import io.gitee.zhangbinhub.admin.oauth.service.ApplicationService
+import org.springframework.cloud.client.loadbalancer.LoadBalanced
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter
+import org.springframework.web.client.RestClient
+
+@Configuration
+class AcpOauthServerAutoConfiguration(
+ private val objectMapper: ObjectMapper,
+ private val applicationService: ApplicationService,
+ private val saOAuth2ServerConfig: SaOAuth2ServerConfig, userPasswordGrantTypeHandler: UserPasswordGrantTypeHandler,
+) {
+ init {
+ SaOAuth2Consts.Api.authorize = "/inner/oauth/authorize"
+ SaOAuth2Consts.Api.token = "/inner/oauth/token"
+ SaOAuth2Consts.Api.refresh = "/inner/oauth/refresh"
+ SaOAuth2Consts.Api.revoke = "/inner/oauth/revoke"
+ SaOAuth2Consts.Api.client_token = "/inner/oauth/client_token"
+ SaOAuth2Consts.Api.doLogin = "/inner/oauth/doLogin"
+ SaOAuth2Consts.Api.doConfirm = "/inner/oauth/doConfirm"
+ SaOAuth2Strategy.instance.registerGrantTypeHandler(userPasswordGrantTypeHandler)
+ }
+
+ fun loadClientInfo() {
+ applicationService.getAppList().map { application ->
+ SaClientModel()
+ .setClientId(application.id)
+ .setClientSecret(application.secret)
+ .setClientTokenTimeout(application.accessTokenValiditySeconds.toLong()) // 单位秒
+ .setAccessTokenTimeout(application.accessTokenValiditySeconds.toLong()) // 单位秒
+ .setRefreshTokenTimeout(application.refreshTokenValiditySeconds.toLong()) // 单位秒
+ .addContractScopes(*(application.scope ?: "").split(",").toTypedArray())
+ .addAllowGrantTypes(
+ GrantType.client_credentials,
+ GrantType.refresh_token,
+ OauthConstant.granterUserPassword
+ )
+ }.associateBy { it.clientId }.apply {
+ saOAuth2ServerConfig.setClients(this)
+ }
+ }
+
+ @Bean("acpSpringCloudResourceServerRestClientBuilder")
+ @LoadBalanced
+ fun oauthRestClientBuilder(): RestClient.Builder = RestClient.builder()
+ .messageConverters { messageConverters ->
+ messageConverters.add(MappingJackson2HttpMessageConverter(objectMapper))
+ }
+}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AuthorizationServerConfiguration.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AuthorizationServerConfiguration.kt
deleted file mode 100644
index 62a1277f582311c85aaf58f099ec668a37bea59a..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/conf/AuthorizationServerConfiguration.kt
+++ /dev/null
@@ -1,170 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.conf
-
-import io.gitee.zhangbinhub.acp.boot.exceptions.ServletExceptionHandler
-import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
-import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
-import io.gitee.zhangbinhub.acp.cloud.resource.server.AcpCloudResourceServerComponentAutoConfiguration
-import io.gitee.zhangbinhub.acp.cloud.resource.server.component.AcpOpaqueTokenServletIntrospect
-import io.gitee.zhangbinhub.acp.cloud.resource.server.conf.AcpCloudResourceServerConfiguration
-import io.gitee.zhangbinhub.acp.cloud.resource.server.constant.AcpCloudResourceServerConstant
-import io.gitee.zhangbinhub.acp.cloud.tools.CloudTools
-import io.gitee.zhangbinhub.acp.core.common.CommonTools
-import io.gitee.zhangbinhub.admin.common.api.OauthApi
-import io.gitee.zhangbinhub.admin.oauth.authentication.OauthUserPasswordAuthenticationConverter
-import io.gitee.zhangbinhub.admin.oauth.authentication.OauthUserPasswordAuthenticationProvider
-import io.gitee.zhangbinhub.admin.oauth.component.AuthPasswordEncrypt
-import io.gitee.zhangbinhub.admin.oauth.component.AuthTokenService
-import io.gitee.zhangbinhub.admin.oauth.component.AuthUserService
-import io.gitee.zhangbinhub.admin.oauth.component.BasicUserDetailsService
-import io.gitee.zhangbinhub.admin.resource.server.tools.TokenTools
-import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.beans.factory.annotation.Qualifier
-import org.springframework.boot.actuate.autoconfigure.endpoint.web.WebEndpointProperties
-import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties
-import org.springframework.boot.autoconfigure.web.ServerProperties
-import org.springframework.context.annotation.Bean
-import org.springframework.context.annotation.Configuration
-import org.springframework.core.annotation.Order
-import org.springframework.http.HttpMethod
-import org.springframework.http.HttpStatus
-import org.springframework.security.config.Customizer
-import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
-import org.springframework.security.config.annotation.web.builders.HttpSecurity
-import org.springframework.security.oauth2.core.OAuth2Token
-import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientCredentialsAuthenticationProvider
-import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer
-import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings
-import org.springframework.security.oauth2.server.authorization.token.DelegatingOAuth2TokenGenerator
-import org.springframework.security.oauth2.server.authorization.token.OAuth2AccessTokenGenerator
-import org.springframework.security.oauth2.server.authorization.token.OAuth2RefreshTokenGenerator
-import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator
-import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter
-import org.springframework.security.web.SecurityFilterChain
-import org.springframework.security.web.authentication.DelegatingAuthenticationConverter
-import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher
-import org.springframework.web.client.RestClient
-
-/**
- * @author zhangbin by 11/04/2018 14:34
- * @since JDK 11
- */
-@Configuration
-@EnableMethodSecurity(prePostEnabled = true)
-class AuthorizationServerConfiguration @Autowired constructor(
- serverProperties: ServerProperties,
- private val logAdapter: LogAdapter,
- private val cloudTools: CloudTools,
- private val tokenTools: TokenTools,
- private val servletExceptionHandler: ServletExceptionHandler,
- private val authTokenService: AuthTokenService,
- private val authPasswordEncrypt: AuthPasswordEncrypt,
- private val basicUserDetailsService: BasicUserDetailsService,
- private val oAuth2ResourceServerProperties: OAuth2ResourceServerProperties,
- private val acpCloudResourceServerConfiguration: AcpCloudResourceServerConfiguration,
- private val acpCloudResourceServerComponentAutoConfiguration: AcpCloudResourceServerComponentAutoConfiguration,
- @Qualifier("acpSpringCloudResourceServerRestClientBuilder") private val restClientBuilder: RestClient.Builder,
- private val authUserService: AuthUserService,
- private val webEndpointProperties: WebEndpointProperties
-) {
- private val contextPath: String =
- if (CommonTools.isNullStr(serverProperties.servlet.contextPath)) "" else serverProperties.servlet.contextPath
-
- @Bean
- @Order(AcpCloudResourceServerConstant.RESOURCE_SERVER_SECURITY_FILTER_CHAIN_ORDER - 1)
- @Throws(Exception::class)
- fun acpBasicSecurityFilterChain(httpSecurity: HttpSecurity): SecurityFilterChain? {
- // 配置 endpoint 策略
- httpSecurity.csrf { it.ignoringRequestMatchers("/**") }.securityMatcher(
- "$contextPath${webEndpointProperties.basePath}", "$contextPath${webEndpointProperties.basePath}/**"
- ).authorizeHttpRequests { authorizeRequests ->
- authorizeRequests.anyRequest().permitAll()
- }.userDetailsService(basicUserDetailsService).httpBasic(Customizer.withDefaults())
- return httpSecurity.build()
- }
-
- @Bean
- @Order(AcpCloudResourceServerConstant.RESOURCE_SERVER_SECURITY_FILTER_CHAIN_ORDER)
- @Throws(Exception::class)
- fun acpAuthorizationServerSecurityFilterChain(httpSecurity: HttpSecurity): SecurityFilterChain? {
- val permitAll = acpCloudResourceServerComponentAutoConfiguration.permitAllPath()
- val security = ArrayList()
- permitAll.add(contextPath + OauthApi.basePath + OauthApi.token)
- acpCloudResourceServerConfiguration.permitAllPath.forEach { path -> permitAll.add(contextPath + path) }
- acpCloudResourceServerConfiguration.securityPath.forEach { path -> security.add(contextPath + path) }
- permitAll.forEach { uri -> logAdapter.info("Auth server permitAll uri: $uri") }
- security.forEach { uri -> logAdapter.info("Auth server security uri: $uri") }
- logAdapter.info("Auth server security uri: other any")
- val authorizationServerConfigurer = OAuth2AuthorizationServerConfigurer()
- httpSecurity.with(authorizationServerConfigurer, Customizer.withDefaults())
- // 配置 endpoint 策略
- httpSecurity.csrf { it.ignoringRequestMatchers("/**") }.authorizeHttpRequests { authorizeRequests ->
- authorizeRequests.requestMatchers(authorizationServerConfigurer.endpointsMatcher).permitAll()
- .requestMatchers(PathPatternRequestMatcher.withDefaults().matcher(HttpMethod.OPTIONS, "/**"))
- .permitAll()
- .requestMatchers(*security.map { PathPatternRequestMatcher.withDefaults().matcher(it) }.toTypedArray())
- .authenticated()
- .requestMatchers(*permitAll.map { PathPatternRequestMatcher.withDefaults().matcher(it) }.toTypedArray())
- .permitAll().anyRequest().authenticated()
- }
- // 自定义token端点配置
- val tokenGenerator: OAuth2TokenGenerator =
- DelegatingOAuth2TokenGenerator(OAuth2AccessTokenGenerator(), OAuth2RefreshTokenGenerator())
- authorizationServerConfigurer.tokenEndpoint { tokenEndpoint ->
- tokenEndpoint.accessTokenRequestConverter(
- DelegatingAuthenticationConverter(
- listOf(
- OAuth2ClientCredentialsAuthenticationConverter(), OauthUserPasswordAuthenticationConverter()
- )
- )
- )
- tokenEndpoint.authenticationProvider(
- OAuth2ClientCredentialsAuthenticationProvider(
- authTokenService, tokenGenerator
- )
- )
- tokenEndpoint.authenticationProvider(
- OauthUserPasswordAuthenticationProvider(
- logAdapter, tokenTools, authUserService, authPasswordEncrypt, tokenGenerator, authTokenService
- )
- )
- tokenEndpoint.errorResponseHandler { _, response, exception ->
- servletExceptionHandler.responseGlobalException(
- response, WebException(HttpStatus.UNAUTHORIZED, exception.message)
- )
- }
- }.tokenGenerator(tokenGenerator)
- // 关闭session
- httpSecurity.sessionManagement { it.disable() }
- // 自定义 token 校验
- httpSecurity.oauth2ResourceServer { configurer ->
- configurer.opaqueToken { it.introspector(opaqueTokenIntrospect()) }
- configurer.authenticationEntryPoint { _, response, authException ->
- servletExceptionHandler.responseGlobalException(
- response, authException
- )
- }
- configurer.accessDeniedHandler { _, response, accessDeniedException ->
- servletExceptionHandler.responseGlobalException(
- response, accessDeniedException
- )
- }
- }
- return httpSecurity.build()
- }
-
- /**
- * 设置endpoint的url
- *
- * @return ProviderSettings
- */
- @Bean
- fun authorizationServerSettings(): AuthorizationServerSettings =
- AuthorizationServerSettings.builder().authorizationEndpoint("/oauth/authorize")
- .tokenEndpoint("/inner/oauth/token").jwkSetEndpoint("/oauth/jwks").tokenRevocationEndpoint("/oauth/revoke")
- .tokenIntrospectionEndpoint("/inner/oauth/introspect").build()
-
- @Bean
- fun opaqueTokenIntrospect() = AcpOpaqueTokenServletIntrospect(
- cloudTools, oAuth2ResourceServerProperties.opaquetoken.introspectionUri, restClientBuilder
- )
-}
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AppConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AppConfigExpression.kt
deleted file mode 100644
index b35795f7ba54b4b29b5e71029e7d465d848b7d10..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AppConfigExpression.kt
+++ /dev/null
@@ -1,44 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * @author zhang by 13/01/2019
- * @since JDK 11
- */
-object AppConfigExpression {
- /**
- * 应用配置
- */
- const val appConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appConfig + "')"
-
- /**
- * 应用新增
- */
- const val appAdd = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appAdd + "')"
-
- /**
- * 应用删除
- */
- const val appDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appDelete + "')"
-
- /**
- * 应用更新
- */
- const val appUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appUpdate + "')"
-
- /**
- * 应用查询
- */
- const val appQuery = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appQuery + "')"
-
- /**
- * 应用更新密钥
- */
- const val appUpdateSecret =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.appUpdateSecret + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AuthConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AuthConfigExpression.kt
deleted file mode 100644
index f4d4ed96d0874dab66b3b92261b1b28bcfa5bcfc..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/AuthConfigExpression.kt
+++ /dev/null
@@ -1,41 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义权限配置权限表达式
- *
- * @author zhang by 28/12/2018
- * @since JDK 11
- */
-object AuthConfigExpression {
- /**
- * 权限配置
- */
- const val authConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.authConfig + "')"
-
- /**
- * 权限新增
- */
- const val authAdd = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.authAdd + "')"
-
- /**
- * 权限删除
- */
- const val authDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.authDelete + "')"
-
- /**
- * 权限更新
- */
- const val authUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.authUpdate + "')"
-
- /**
- * 权限查询
- */
- const val authQuery =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.authQuery + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/OrgConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/OrgConfigExpression.kt
deleted file mode 100644
index bfbff7033e63f5fb8e341a6ad16bd64fbd986ed1..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/OrgConfigExpression.kt
+++ /dev/null
@@ -1,40 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义机构配置权限表达式
- *
- * @author zhang by 28/12/2018
- * @since JDK 11
- */
-object OrgConfigExpression {
- /**
- * 机构配置
- */
- const val orgConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.orgConfig + "')"
-
- /**
- * 机构新增
- */
- const val orgAdd = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.orgAdd + "')"
-
- /**
- * 机构删除
- */
- const val orgDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.orgDelete + "')"
-
- /**
- * 机构更新
- */
- const val orgUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.orgUpdate + "')"
-
- /**
- * 机构查询
- */
- const val orgQuery = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.orgQuery + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RoleConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RoleConfigExpression.kt
deleted file mode 100644
index 9a946654f103b102771a36c96144224b3df04a7a..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RoleConfigExpression.kt
+++ /dev/null
@@ -1,41 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义角色配置权限表达式
- *
- * @author zhang by 28/12/2018
- * @since JDK 11
- */
-object RoleConfigExpression {
- /**
- * 角色配置
- */
- const val roleConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.roleConfig + "')"
-
- /**
- * 角色新增
- */
- const val roleAdd = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.roleAdd + "')"
-
- /**
- * 角色删除
- */
- const val roleDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.roleDelete + "')"
-
- /**
- * 角色更新
- */
- const val roleUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.roleUpdate + "')"
-
- /**
- * 角色查询
- */
- const val roleQuery =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.roleQuery + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RuntimeConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RuntimeConfigExpression.kt
deleted file mode 100644
index 8c2a4e63bc1f66eac1fbc208fa3a904467230652..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/RuntimeConfigExpression.kt
+++ /dev/null
@@ -1,42 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义运行参数配置权限表达式
- *
- * @author zhang by 28/12/2018
- * @since JDK 11
- */
-object RuntimeConfigExpression {
- /**
- * 运行参数配置
- */
- const val runtimeConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.runtimeConfig + "')"
-
- /**
- * 运行参数新增
- */
- const val runtimeAdd =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.runtimeAdd + "')"
-
- /**
- * 运行参数删除
- */
- const val runtimeDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.runtimeDelete + "')"
-
- /**
- * 运行参数更新
- */
- const val runtimeUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.runtimeUpdate + "')"
-
- /**
- * 运行参数查询
- */
- const val runtimeQuery =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.runtimeQuery + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/UserConfigExpression.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/UserConfigExpression.kt
deleted file mode 100644
index 1e3a3b773b2e552230433d31a1e3dbefeef3b5ae..0000000000000000000000000000000000000000
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/constant/UserConfigExpression.kt
+++ /dev/null
@@ -1,41 +0,0 @@
-package io.gitee.zhangbinhub.admin.oauth.constant
-
-import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
-import io.gitee.zhangbinhub.admin.common.constant.RoleCode
-
-/**
- * 定义用户配置权限表达式
- *
- * @author zhang by 28/12/2018
- * @since JDK 11
- */
-object UserConfigExpression {
- /**
- * 用户配置
- */
- const val userConfig =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.userConfig + "')"
-
- /**
- * 用户新增
- */
- const val userAdd = "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.userAdd + "')"
-
- /**
- * 用户删除
- */
- const val userDelete =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.userDelete + "')"
-
- /**
- * 用户更新
- */
- const val userUpdate =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.userUpdate + "')"
-
- /**
- * 用户查询
- */
- const val userQuery =
- "hasAnyAuthority('" + RoleCode.prefix + RoleCode.SUPER + "','" + ModuleFuncCode.userQuery + "')"
-}
\ No newline at end of file
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/ApplicationController.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/ApplicationController.kt
index 854e9373293c098264dbc62e11947033812feefc..46f8baa6fdbcfe34a8e2d283e64db420a7891718 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/ApplicationController.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/ApplicationController.kt
@@ -1,21 +1,23 @@
package io.gitee.zhangbinhub.admin.oauth.controller.api
+import cn.dev33.satoken.annotation.SaCheckPermission
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudDuplicateSubmission
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.api.OauthApi
-import io.gitee.zhangbinhub.admin.common.permission.BaseExpression
+import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
+import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.common.vo.CustomerQueryPageVo
import io.gitee.zhangbinhub.admin.common.vo.InfoVo
import io.gitee.zhangbinhub.admin.oauth.bus.publish.RefreshEventPublish
-import io.gitee.zhangbinhub.admin.oauth.constant.AppConfigExpression
-import io.gitee.zhangbinhub.admin.oauth.service.ApplicationService
import io.gitee.zhangbinhub.admin.oauth.entity.Application
import io.gitee.zhangbinhub.admin.oauth.po.ApplicationPo
import io.gitee.zhangbinhub.admin.oauth.po.ApplicationQueryPo
+import io.gitee.zhangbinhub.admin.oauth.service.ApplicationService
import io.gitee.zhangbinhub.admin.resource.server.base.BaseResourceServerController
-import io.swagger.v3.oas.annotations.*
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.tags.Tag
@@ -24,16 +26,13 @@ import jakarta.validation.constraints.NotBlank
import jakarta.validation.constraints.NotEmpty
import jakarta.validation.constraints.NotNull
import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.data.domain.Page
import org.springframework.http.HttpStatus
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
-import org.springframework.security.access.prepost.PreAuthorize
import org.springframework.validation.annotation.Validated
import org.springframework.web.bind.annotation.*
/**
- * @author zhang by 13/01/2019
* @since JDK 11
*/
@Validated
@@ -48,7 +47,7 @@ class ApplicationController @Autowired constructor(
@Operation(summary = "新建应用信息", description = "应用名称、token 有效期、refresh token 有效期")
@ApiResponses(ApiResponse(responseCode = "201", description = "创建成功"))
- @PreAuthorize(AppConfigExpression.appAdd)
+ @SaCheckPermission(ModuleFuncCode.appAdd, orRole = [RoleCode.SUPER])
@PutMapping(value = [OauthApi.appConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
fun add(@RequestBody @Valid applicationPo: ApplicationPo): ResponseEntity =
@@ -60,7 +59,7 @@ class ApplicationController @Autowired constructor(
@Operation(summary = "删除指定的信息")
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(AppConfigExpression.appDelete)
+ @SaCheckPermission(ModuleFuncCode.appDelete, orRole = [RoleCode.SUPER])
@DeleteMapping(value = [OauthApi.appConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
fun delete(
@Parameter(
@@ -74,7 +73,7 @@ class ApplicationController @Autowired constructor(
@Operation(summary = "更新指定的信息", description = "可更新应用名称、token 有效期、refresh token 有效期")
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;ID不能为空;找不到信息;"))
- @PreAuthorize(AppConfigExpression.appUpdate)
+ @SaCheckPermission(ModuleFuncCode.appUpdate, orRole = [RoleCode.SUPER])
@PatchMapping(value = [OauthApi.appConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
@Throws(WebException::class)
@@ -91,20 +90,20 @@ class ApplicationController @Autowired constructor(
@Operation(summary = "查询信息列表", description = "查询条件:应用名称")
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;"))
- @PreAuthorize(AppConfigExpression.appQuery)
+ @SaCheckPermission(ModuleFuncCode.appQuery, orRole = [RoleCode.SUPER])
@PostMapping(value = [OauthApi.appConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun query(@RequestBody @Valid applicationQueryPo: ApplicationQueryPo): ResponseEntity> =
ResponseEntity.ok(applicationService.doQuery(applicationQueryPo))
@Operation(summary = "获取应用列表", description = "查询所有应用列表")
- @PreAuthorize(BaseExpression.sysConfig)
+ @SaCheckPermission(ModuleFuncCode.sysConfig, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.appConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
fun appList(): ResponseEntity> = ResponseEntity.ok(applicationService.getAppList())
@Operation(summary = "更新应用密钥")
@ApiResponses(ApiResponse(responseCode = "400", description = "参数校验不通过;ID不能为空;找不到信息;"))
- @PreAuthorize(AppConfigExpression.appUpdateSecret)
+ @SaCheckPermission(ModuleFuncCode.appUpdateSecret, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.updateSecret + "/{appId}"], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
@Throws(WebException::class)
diff --git a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/AuthController.kt b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/AuthController.kt
index 906c32fccd4d3a18ede19a890e8a95d42a9bccc5..656e0ba1e6e4446016998ad8d970482246e585b9 100644
--- a/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/AuthController.kt
+++ b/modules/oauth-server/src/main/kotlin/io/gitee/zhangbinhub/admin/oauth/controller/api/AuthController.kt
@@ -1,25 +1,28 @@
package io.gitee.zhangbinhub.admin.oauth.controller.api
+import cn.dev33.satoken.annotation.SaCheckPermission
+import cn.dev33.satoken.stp.StpUtil
import io.gitee.zhangbinhub.acp.boot.exceptions.WebException
import io.gitee.zhangbinhub.acp.boot.log.LogAdapter
import io.gitee.zhangbinhub.acp.cloud.annotation.AcpCloudDuplicateSubmission
+import io.gitee.zhangbinhub.acp.cloud.resource.server.tools.TokenTools
import io.gitee.zhangbinhub.acp.core.common.CommonTools
import io.gitee.zhangbinhub.admin.common.api.OauthApi
import io.gitee.zhangbinhub.admin.common.constant.ModuleFuncCode
+import io.gitee.zhangbinhub.admin.common.constant.RoleCode
import io.gitee.zhangbinhub.admin.common.vo.BooleanInfoVo
import io.gitee.zhangbinhub.admin.common.vo.InfoVo
-import io.gitee.zhangbinhub.admin.oauth.constant.AuthConfigExpression
-import io.gitee.zhangbinhub.admin.oauth.service.MenuService
-import io.gitee.zhangbinhub.admin.oauth.service.ModuleFuncService
import io.gitee.zhangbinhub.admin.oauth.entity.Menu
import io.gitee.zhangbinhub.admin.oauth.entity.ModuleFunc
import io.gitee.zhangbinhub.admin.oauth.po.MenuPo
import io.gitee.zhangbinhub.admin.oauth.po.ModuleFuncPo
+import io.gitee.zhangbinhub.admin.oauth.service.MenuService
+import io.gitee.zhangbinhub.admin.oauth.service.ModuleFuncService
import io.gitee.zhangbinhub.admin.oauth.vo.MenuVo
import io.gitee.zhangbinhub.admin.oauth.vo.ModuleFuncVo
import io.gitee.zhangbinhub.admin.resource.server.base.BaseResourceServerController
-import io.gitee.zhangbinhub.admin.resource.server.tools.TokenTools
-import io.swagger.v3.oas.annotations.*
+import io.swagger.v3.oas.annotations.Operation
+import io.swagger.v3.oas.annotations.Parameter
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.tags.Tag
@@ -32,13 +35,10 @@ import org.springframework.beans.factory.annotation.Autowired
import org.springframework.http.HttpStatus
import org.springframework.http.MediaType
import org.springframework.http.ResponseEntity
-import org.springframework.security.access.prepost.PreAuthorize
-import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication
import org.springframework.validation.annotation.Validated
import org.springframework.web.bind.annotation.*
/**
- * @author zhang by 16/01/2019
* @since JDK 11
*/
@Validated
@@ -48,7 +48,6 @@ import org.springframework.web.bind.annotation.*
class AuthController @Autowired
constructor(
private val logAdapter: LogAdapter,
- private val tokenTools: TokenTools,
private val menuService: MenuService,
private val moduleFuncService: ModuleFuncService
) : BaseResourceServerController(logAdapter) {
@@ -56,7 +55,7 @@ constructor(
private val moduleFuncCodeList: MutableList = mutableListOf()
@Operation(summary = "获取模块功能编码列表")
- @PreAuthorize(AuthConfigExpression.authConfig)
+ @SaCheckPermission(ModuleFuncCode.authConfig, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.moduleFuncCodes], produces = [MediaType.APPLICATION_JSON_VALUE])
fun findModuleFuncCode(): ResponseEntity> = ResponseEntity.ok(moduleFuncCodeList)
@@ -79,95 +78,77 @@ constructor(
@Operation(summary = "判断当前用户是否具有指定的权限")
@GetMapping(value = [OauthApi.authentication + "/{authentication}"], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
- fun currUserHasAuthentication(
- @Parameter(hidden = true) bearerTokenAuthentication: BearerTokenAuthentication,
- @PathVariable(name = "authentication") authentication: String
- ): ResponseEntity =
- ResponseEntity.ok(
- BooleanInfoVo(
- result = hasAuthentication(
- bearerTokenAuthentication,
- mutableListOf(authentication)
- )
- )
- )
+ fun currUserHasAuthentication(@PathVariable(name = "authentication") authentication: String): ResponseEntity =
+ ResponseEntity.ok(BooleanInfoVo(result = hasAuthentication(mutableListOf(authentication))))
@Operation(summary = "获取当前用户所属菜单", description = "根据当前登录的用户信息,查询有权访问的菜单列表")
@GetMapping(value = [OauthApi.currMenu], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
- fun currMenuList(@Parameter(hidden = true) bearerTokenAuthentication: BearerTokenAuthentication): ResponseEntity> =
+ fun currMenuList(): ResponseEntity> =
ResponseEntity.ok(
menuService.getMenuList(
- tokenTools.getAuthenticatedPrincipal(bearerTokenAuthentication).clientId ?: "",
- bearerTokenAuthentication.name
+ TokenTools.getAccessTokenModel()?.clientId ?: "", StpUtil.getLoginIdAsString()
)
)
@Operation(summary = "获取当前用户所有功能权限信息", description = "根据当前登录的用户信息,查询具备的功能权限")
@GetMapping(value = [OauthApi.currModuleFunc], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
- fun currModuleFuncList(@Parameter(hidden = true) bearerTokenAuthentication: BearerTokenAuthentication): ResponseEntity> =
+ fun currModuleFuncList(): ResponseEntity> =
ResponseEntity.ok(
moduleFuncService.getModuleFuncList(
- tokenTools.getAuthenticatedPrincipal(bearerTokenAuthentication).clientId ?: "",
- bearerTokenAuthentication.name
+ TokenTools.getAccessTokenModel()?.clientId ?: "", StpUtil.getLoginIdAsString()
)
)
@Operation(summary = "获取指定应用下的菜单列表", description = "查询指定应用的菜单列表,供选择配置")
- @PreAuthorize(AuthConfigExpression.authQuery)
+ @SaCheckPermission(ModuleFuncCode.authQuery, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.menuList + "/{appId}"], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun menuList(@PathVariable(name = "appId") appId: String): ResponseEntity> =
ResponseEntity.ok(menuService.getMenuListByAppId(appId))
@Operation(summary = "获取指定应用下的模块功能列表", description = "查询指定应用的模块功能列表,供选择配置")
- @PreAuthorize(AuthConfigExpression.authQuery)
+ @SaCheckPermission(ModuleFuncCode.authQuery, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.moduleFuncList + "/{appId}"], produces = [MediaType.APPLICATION_JSON_VALUE])
@Throws(WebException::class)
fun moduleFuncList(@PathVariable(name = "appId") appId: String): ResponseEntity> =
ResponseEntity.ok(moduleFuncService.getModuleFuncListByAppId(appId))
@Operation(summary = "获取菜单列表", description = "查询所有菜单列表")
- @PreAuthorize(AuthConfigExpression.authQuery)
+ @SaCheckPermission(ModuleFuncCode.authQuery, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.menuConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
fun allMenuList(): ResponseEntity> = ResponseEntity.ok(menuService.getAllMenuList())
@Operation(summary = "获取模块功能列表", description = "查询所有模块功能列表")
- @PreAuthorize(AuthConfigExpression.authQuery)
+ @SaCheckPermission(ModuleFuncCode.authQuery, orRole = [RoleCode.SUPER])
@GetMapping(value = [OauthApi.moduleFuncConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
fun allModuleFuncList(): ResponseEntity> =
ResponseEntity.ok(moduleFuncService.getAllModuleFuncList())
@Operation(summary = "新建菜单信息", description = "名称、应用ID、图标、链接、上级、序号、模式、状态、关联角色")
@ApiResponses(ApiResponse(responseCode = "201", description = "创建成功"))
- @PreAuthorize(AuthConfigExpression.authAdd)
+ @SaCheckPermission(ModuleFuncCode.authAdd, orRole = [RoleCode.SUPER])
@PutMapping(value = [OauthApi.menuConfig], produces = [MediaType.APPLICATION_JSON_VALUE])
@AcpCloudDuplicateSubmission
- fun addMenu(
- @Parameter(hidden = true) bearerTokenAuthentication: BearerTokenAuthentication,
- @RequestBody @Valid menuPo: MenuPo
- ): ResponseEntity