mirror of
https://github.com/tencentmusic/supersonic.git
synced 2026-04-18 20:34:19 +08:00
(improvement)(build) Add spotless during the build process. (#1639)
This commit is contained in:
lexluo09
@@ -1,16 +1,15 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.adaptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.Organization;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.request.UserReq;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* UserAdaptor defines some interfaces for obtaining user and organization information
|
||||
*/
|
||||
/** UserAdaptor defines some interfaces for obtaining user and organization information */
|
||||
public interface UserAdaptor {
|
||||
|
||||
List<String> getUserNames();
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.annotation;
|
||||
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
@@ -8,6 +7,4 @@ import java.lang.annotation.Target;
|
||||
|
||||
@Target({ElementType.METHOD})
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
public @interface AuthenticationIgnore {
|
||||
|
||||
}
|
||||
public @interface AuthenticationIgnore {}
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.config;
|
||||
|
||||
|
||||
import lombok.Data;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@@ -25,8 +24,9 @@ public class AuthenticationConfig {
|
||||
@Value("${s2.authentication.token.default.appKey:supersonic}")
|
||||
private String tokenDefaultAppKey;
|
||||
|
||||
@Value("${s2.authentication.token.appSecret:supersonic:WIaO9YRRVt+7QtpPvyWsARFngnEcbaKBk"
|
||||
+ "783uGFwMrbJBaochsqCH62L4Kijcb0sZCYoSsiKGV/zPml5MnZ3uQ==}")
|
||||
@Value(
|
||||
"${s2.authentication.token.appSecret:supersonic:WIaO9YRRVt+7QtpPvyWsARFngnEcbaKBk"
|
||||
+ "783uGFwMrbJBaochsqCH62L4Kijcb0sZCYoSsiKGV/zPml5MnZ3uQ==}")
|
||||
private String tokenAppSecret;
|
||||
|
||||
@Value("${s2.authentication.token.http.header.key:Authorization}")
|
||||
|
||||
@@ -17,5 +17,4 @@ public class UserConstants {
|
||||
|
||||
public static final String TOKEN_PREFIX = "Bearer";
|
||||
public static final String INTERNAL = "internal";
|
||||
|
||||
}
|
||||
|
||||
@@ -23,5 +23,4 @@ public class Organization {
|
||||
private List<Organization> subOrganizations = Lists.newArrayList();
|
||||
|
||||
private boolean isRoot;
|
||||
|
||||
}
|
||||
|
||||
@@ -20,7 +20,8 @@ public class User {
|
||||
|
||||
private Integer isAdmin;
|
||||
|
||||
public static User get(Long id, String name, String displayName, String email, Integer isAdmin) {
|
||||
public static User get(
|
||||
Long id, String name, String displayName, String email, Integer isAdmin) {
|
||||
return new User(id, name, displayName, email, isAdmin);
|
||||
}
|
||||
|
||||
@@ -44,5 +45,4 @@ public class User {
|
||||
public boolean isSuperAdmin() {
|
||||
return isAdmin != null && isAdmin == 1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -9,14 +9,24 @@ public class UserWithPassword extends User {
|
||||
|
||||
private String password;
|
||||
|
||||
public UserWithPassword(Long id, String name, String displayName, String email, String password, Integer isAdmin) {
|
||||
public UserWithPassword(
|
||||
Long id,
|
||||
String name,
|
||||
String displayName,
|
||||
String email,
|
||||
String password,
|
||||
Integer isAdmin) {
|
||||
super(id, name, displayName, email, isAdmin);
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
public static UserWithPassword get(Long id, String name, String displayName,
|
||||
String email, String password, Integer isAdmin) {
|
||||
public static UserWithPassword get(
|
||||
Long id,
|
||||
String name,
|
||||
String displayName,
|
||||
String email,
|
||||
String password,
|
||||
Integer isAdmin) {
|
||||
return new UserWithPassword(id, name, displayName, email, password, isAdmin);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.request;
|
||||
|
||||
|
||||
import javax.validation.constraints.NotBlank;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
@Data
|
||||
@@ -12,6 +12,4 @@ public class UserReq {
|
||||
|
||||
@NotBlank(message = "password can not be null")
|
||||
private String password;
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -1,17 +1,19 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.Organization;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.request.UserReq;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
public interface UserService {
|
||||
|
||||
User getCurrentUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse);
|
||||
User getCurrentUser(
|
||||
HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse);
|
||||
|
||||
List<String> getUserNames();
|
||||
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.service;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
|
||||
public interface UserStrategy {
|
||||
|
||||
boolean accept(boolean isEnableAuthentication);
|
||||
@@ -12,5 +12,4 @@ public interface UserStrategy {
|
||||
User findUser(HttpServletRequest request, HttpServletResponse response);
|
||||
|
||||
User findUser(String token, String appKey);
|
||||
|
||||
}
|
||||
|
||||
@@ -1,12 +1,13 @@
|
||||
package com.tencent.supersonic.auth.api.authentication.utils;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.service.UserStrategy;
|
||||
import com.tencent.supersonic.common.config.SystemConfig;
|
||||
import com.tencent.supersonic.common.service.SystemConfigService;
|
||||
import com.tencent.supersonic.common.util.ContextUtils;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
|
||||
public final class UserHolder {
|
||||
@@ -36,5 +37,4 @@ public final class UserHolder {
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.pojo;
|
||||
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
public class AuthGroup {
|
||||
|
||||
@@ -10,18 +11,12 @@ public class AuthGroup {
|
||||
private String name;
|
||||
private Integer groupId;
|
||||
private List<AuthRule> authRules;
|
||||
/**
|
||||
* row permission expression
|
||||
*/
|
||||
/** row permission expression */
|
||||
private List<String> dimensionFilters;
|
||||
/**
|
||||
* row permission expression description information
|
||||
*/
|
||||
/** row permission expression description information */
|
||||
private String dimensionFilterDescription;
|
||||
|
||||
private List<String> authorizedUsers;
|
||||
/**
|
||||
* authorization Department Id
|
||||
*/
|
||||
/** authorization Department Id */
|
||||
private List<String> authorizedDepartmentIds;
|
||||
}
|
||||
|
||||
@@ -10,8 +10,7 @@ public class AuthRes {
|
||||
private Long modelId;
|
||||
private String name;
|
||||
|
||||
public AuthRes() {
|
||||
}
|
||||
public AuthRes() {}
|
||||
|
||||
public AuthRes(Long modelId, String name) {
|
||||
this.modelId = modelId;
|
||||
|
||||
@@ -1,9 +1,10 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.pojo;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import java.beans.Transient;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
@Data
|
||||
public class AuthRule {
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.pojo;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
@Data
|
||||
public class DimensionFilter {
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.request;
|
||||
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
public class AddUsersToGroupReq {
|
||||
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.request;
|
||||
|
||||
|
||||
import com.tencent.supersonic.common.pojo.PageBaseReq;
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
public class QueryGroupReq extends PageBaseReq {
|
||||
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.request;
|
||||
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
public class RemoveGroupReq {
|
||||
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
package com.tencent.supersonic.auth.api.authorization.request;
|
||||
|
||||
import java.util.List;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Data
|
||||
public class RemoveUsersFromGroupReq {
|
||||
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authorization.pojo.AuthGroup;
|
||||
import com.tencent.supersonic.auth.api.authorization.request.QueryAuthResReq;
|
||||
import com.tencent.supersonic.auth.api.authorization.response.AuthorizedResourceResp;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface AuthService {
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
package com.tencent.supersonic.auth.authentication.adaptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import com.google.common.collect.Lists;
|
||||
import com.google.common.collect.Sets;
|
||||
import com.tencent.supersonic.auth.api.authentication.adaptor.UserAdaptor;
|
||||
@@ -9,20 +11,17 @@ import com.tencent.supersonic.auth.api.authentication.pojo.UserWithPassword;
|
||||
import com.tencent.supersonic.auth.api.authentication.request.UserReq;
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDO;
|
||||
import com.tencent.supersonic.auth.authentication.persistence.repository.UserRepository;
|
||||
import com.tencent.supersonic.common.util.AESEncryptionUtil;
|
||||
import com.tencent.supersonic.auth.authentication.utils.UserTokenUtils;
|
||||
import com.tencent.supersonic.common.util.AESEncryptionUtil;
|
||||
import com.tencent.supersonic.common.util.ContextUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* DefaultUserAdaptor provides a default method to obtain user and organization information
|
||||
*/
|
||||
/** DefaultUserAdaptor provides a default method to obtain user and organization information */
|
||||
@Slf4j
|
||||
public class DefaultUserAdaptor implements UserAdaptor {
|
||||
|
||||
@@ -49,14 +48,16 @@ public class DefaultUserAdaptor implements UserAdaptor {
|
||||
|
||||
@Override
|
||||
public List<Organization> getOrganizationTree() {
|
||||
Organization superSonic = new Organization("1", "0",
|
||||
"SuperSonic", "SuperSonic", Lists.newArrayList(), true);
|
||||
Organization hr = new Organization("2", "1",
|
||||
"Hr", "SuperSonic/Hr", Lists.newArrayList(), false);
|
||||
Organization sales = new Organization("3", "1",
|
||||
"Sales", "SuperSonic/Sales", Lists.newArrayList(), false);
|
||||
Organization marketing = new Organization("4", "1",
|
||||
"Marketing", "SuperSonic/Marketing", Lists.newArrayList(), false);
|
||||
Organization superSonic =
|
||||
new Organization("1", "0", "SuperSonic", "SuperSonic", Lists.newArrayList(), true);
|
||||
Organization hr =
|
||||
new Organization("2", "1", "Hr", "SuperSonic/Hr", Lists.newArrayList(), false);
|
||||
Organization sales =
|
||||
new Organization(
|
||||
"3", "1", "Sales", "SuperSonic/Sales", Lists.newArrayList(), false);
|
||||
Organization marketing =
|
||||
new Organization(
|
||||
"4", "1", "Marketing", "SuperSonic/Marketing", Lists.newArrayList(), false);
|
||||
List<Organization> subOrganization = Lists.newArrayList(hr, sales, marketing);
|
||||
superSonic.setSubOrganizations(subOrganization);
|
||||
return Lists.newArrayList(superSonic);
|
||||
@@ -112,11 +113,19 @@ public class DefaultUserAdaptor implements UserAdaptor {
|
||||
throw new RuntimeException("user not exist,please register");
|
||||
}
|
||||
try {
|
||||
String password = AESEncryptionUtil.encrypt(userReq.getPassword(),
|
||||
AESEncryptionUtil.getBytesFromString(userDO.getSalt()));
|
||||
String password =
|
||||
AESEncryptionUtil.encrypt(
|
||||
userReq.getPassword(),
|
||||
AESEncryptionUtil.getBytesFromString(userDO.getSalt()));
|
||||
if (userDO.getPassword().equals(password)) {
|
||||
UserWithPassword user = UserWithPassword.get(userDO.getId(), userDO.getName(), userDO.getDisplayName(),
|
||||
userDO.getEmail(), userDO.getPassword(), userDO.getIsAdmin());
|
||||
UserWithPassword user =
|
||||
UserWithPassword.get(
|
||||
userDO.getId(),
|
||||
userDO.getName(),
|
||||
userDO.getDisplayName(),
|
||||
userDO.getEmail(),
|
||||
userDO.getPassword(),
|
||||
userDO.getIsAdmin());
|
||||
return user;
|
||||
} else {
|
||||
throw new RuntimeException("password not correct, please try again");
|
||||
@@ -135,5 +144,4 @@ public class DefaultUserAdaptor implements UserAdaptor {
|
||||
public Set<String> getUserAllOrgId(String userName) {
|
||||
return Sets.newHashSet();
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
package com.tencent.supersonic.auth.authentication.interceptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.config.AuthenticationConfig;
|
||||
import com.tencent.supersonic.auth.api.authentication.constant.UserConstants;
|
||||
import com.tencent.supersonic.auth.authentication.service.UserServiceImpl;
|
||||
@@ -13,7 +15,6 @@ import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.web.multipart.support.StandardMultipartHttpServletRequest;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
@@ -21,14 +22,12 @@ import java.util.List;
|
||||
@Slf4j
|
||||
public abstract class AuthenticationInterceptor implements HandlerInterceptor {
|
||||
|
||||
|
||||
protected AuthenticationConfig authenticationConfig;
|
||||
|
||||
protected UserServiceImpl userServiceImpl;
|
||||
|
||||
protected UserTokenUtils userTokenUtils;
|
||||
|
||||
|
||||
protected S2ThreadContext s2ThreadContext;
|
||||
|
||||
protected boolean isExcludedUri(String uri) {
|
||||
@@ -69,7 +68,8 @@ public abstract class AuthenticationInterceptor implements HandlerInterceptor {
|
||||
try {
|
||||
if (request instanceof StandardMultipartHttpServletRequest) {
|
||||
RequestFacade servletRequest =
|
||||
(RequestFacade) ((StandardMultipartHttpServletRequest) request).getRequest();
|
||||
(RequestFacade)
|
||||
((StandardMultipartHttpServletRequest) request).getRequest();
|
||||
Class<? extends HttpServletRequest> servletRequestClazz = servletRequest.getClass();
|
||||
Field request1 = servletRequestClazz.getDeclaredField("request");
|
||||
request1.setAccessible(true);
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
package com.tencent.supersonic.auth.authentication.interceptor;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.annotation.AuthenticationIgnore;
|
||||
import com.tencent.supersonic.auth.api.authentication.config.AuthenticationConfig;
|
||||
@@ -14,15 +16,15 @@ import com.tencent.supersonic.common.util.ThreadContext;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.web.method.HandlerMethod;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
|
||||
@Slf4j
|
||||
public class DefaultAuthenticationInterceptor extends AuthenticationInterceptor {
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
|
||||
public boolean preHandle(
|
||||
HttpServletRequest request, HttpServletResponse response, Object handler)
|
||||
throws AccessException {
|
||||
authenticationConfig = ContextUtils.getBean(AuthenticationConfig.class);
|
||||
userServiceImpl = ContextUtils.getBean(UserServiceImpl.class);
|
||||
@@ -73,11 +75,11 @@ public class DefaultAuthenticationInterceptor extends AuthenticationInterceptor
|
||||
}
|
||||
|
||||
private void setContext(String userName, HttpServletRequest request) {
|
||||
ThreadContext threadContext = ThreadContext.builder()
|
||||
.token(request.getHeader(authenticationConfig.getTokenHttpHeaderKey()))
|
||||
.userName(userName)
|
||||
.build();
|
||||
ThreadContext threadContext =
|
||||
ThreadContext.builder()
|
||||
.token(request.getHeader(authenticationConfig.getTokenHttpHeaderKey()))
|
||||
.userName(userName)
|
||||
.build();
|
||||
s2ThreadContext.set(threadContext);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -10,20 +10,21 @@ import java.util.List;
|
||||
@Configuration
|
||||
public class InterceptorFactory implements WebMvcConfigurer {
|
||||
|
||||
|
||||
private List<AuthenticationInterceptor> authenticationInterceptors;
|
||||
|
||||
public InterceptorFactory() {
|
||||
authenticationInterceptors = SpringFactoriesLoader.loadFactories(AuthenticationInterceptor.class,
|
||||
Thread.currentThread().getContextClassLoader());
|
||||
authenticationInterceptors =
|
||||
SpringFactoriesLoader.loadFactories(
|
||||
AuthenticationInterceptor.class,
|
||||
Thread.currentThread().getContextClassLoader());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addInterceptors(InterceptorRegistry registry) {
|
||||
for (AuthenticationInterceptor authenticationInterceptor : authenticationInterceptors) {
|
||||
registry.addInterceptor(authenticationInterceptor).addPathPatterns("/**")
|
||||
registry.addInterceptor(authenticationInterceptor)
|
||||
.addPathPatterns("/**")
|
||||
.excludePathPatterns("/", "/webapp/**", "/error");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,82 +1,52 @@
|
||||
package com.tencent.supersonic.auth.authentication.persistence.dataobject;
|
||||
|
||||
public class UserDO {
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private Long id;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private String name;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private String password;
|
||||
|
||||
private String salt;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private String displayName;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private String email;
|
||||
|
||||
/**
|
||||
*
|
||||
*/
|
||||
/** */
|
||||
private Integer isAdmin;
|
||||
|
||||
/**
|
||||
*
|
||||
* @return id
|
||||
*/
|
||||
/** @return id */
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param id
|
||||
*/
|
||||
/** @param id */
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return name
|
||||
*/
|
||||
/** @return name */
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param name
|
||||
*/
|
||||
/** @param name */
|
||||
public void setName(String name) {
|
||||
this.name = name == null ? null : name.trim();
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return password
|
||||
*/
|
||||
/** @return password */
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param password
|
||||
*/
|
||||
/** @param password */
|
||||
public void setPassword(String password) {
|
||||
this.password = password == null ? null : password.trim();
|
||||
}
|
||||
@@ -89,51 +59,33 @@ public class UserDO {
|
||||
this.salt = salt == null ? null : salt.trim();
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return display_name
|
||||
*/
|
||||
/** @return display_name */
|
||||
public String getDisplayName() {
|
||||
return displayName;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param displayName
|
||||
*/
|
||||
/** @param displayName */
|
||||
public void setDisplayName(String displayName) {
|
||||
this.displayName = displayName == null ? null : displayName.trim();
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return email
|
||||
*/
|
||||
/** @return email */
|
||||
public String getEmail() {
|
||||
return email;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param email
|
||||
*/
|
||||
/** @param email */
|
||||
public void setEmail(String email) {
|
||||
this.email = email == null ? null : email.trim();
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @return is_admin
|
||||
*/
|
||||
/** @return is_admin */
|
||||
public Integer getIsAdmin() {
|
||||
return isAdmin;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @param isAdmin
|
||||
*/
|
||||
/** @param isAdmin */
|
||||
public void setIsAdmin(Integer isAdmin) {
|
||||
this.isAdmin = isAdmin;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,101 +4,64 @@ import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
public class UserDOExample {
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
protected String orderByClause;
|
||||
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
protected boolean distinct;
|
||||
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
protected List<Criteria> oredCriteria;
|
||||
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
protected Integer limitStart;
|
||||
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
protected Integer limitEnd;
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public UserDOExample() {
|
||||
oredCriteria = new ArrayList<Criteria>();
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void setOrderByClause(String orderByClause) {
|
||||
this.orderByClause = orderByClause;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public String getOrderByClause() {
|
||||
return orderByClause;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void setDistinct(boolean distinct) {
|
||||
this.distinct = distinct;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public boolean isDistinct() {
|
||||
return distinct;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public List<Criteria> getOredCriteria() {
|
||||
return oredCriteria;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void or(Criteria criteria) {
|
||||
oredCriteria.add(criteria);
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public Criteria or() {
|
||||
Criteria criteria = createCriteriaInternal();
|
||||
oredCriteria.add(criteria);
|
||||
return criteria;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public Criteria createCriteria() {
|
||||
Criteria criteria = createCriteriaInternal();
|
||||
if (oredCriteria.size() == 0) {
|
||||
@@ -107,60 +70,40 @@ public class UserDOExample {
|
||||
return criteria;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
protected Criteria createCriteriaInternal() {
|
||||
Criteria criteria = new Criteria();
|
||||
return criteria;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void clear() {
|
||||
oredCriteria.clear();
|
||||
orderByClause = null;
|
||||
distinct = false;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void setLimitStart(Integer limitStart) {
|
||||
this.limitStart=limitStart;
|
||||
this.limitStart = limitStart;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public Integer getLimitStart() {
|
||||
return limitStart;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public void setLimitEnd(Integer limitEnd) {
|
||||
this.limitEnd=limitEnd;
|
||||
this.limitEnd = limitEnd;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
public Integer getLimitEnd() {
|
||||
return limitEnd;
|
||||
}
|
||||
|
||||
/**
|
||||
* s2_user null
|
||||
*/
|
||||
/** s2_user null */
|
||||
protected abstract static class GeneratedCriteria {
|
||||
protected List<Criterion> criteria;
|
||||
|
||||
@@ -195,7 +138,8 @@ public class UserDOExample {
|
||||
criteria.add(new Criterion(condition, value));
|
||||
}
|
||||
|
||||
protected void addCriterion(String condition, Object value1, Object value2, String property) {
|
||||
protected void addCriterion(
|
||||
String condition, Object value1, Object value2, String property) {
|
||||
if (value1 == null || value2 == null) {
|
||||
throw new RuntimeException("Between values for " + property + " cannot be null");
|
||||
}
|
||||
@@ -603,9 +547,7 @@ public class UserDOExample {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* s2_user
|
||||
*/
|
||||
/** s2_user */
|
||||
public static class Criteria extends GeneratedCriteria {
|
||||
|
||||
protected Criteria() {
|
||||
@@ -613,9 +555,7 @@ public class UserDOExample {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* s2_user null
|
||||
*/
|
||||
/** s2_user null */
|
||||
public static class Criterion {
|
||||
private String condition;
|
||||
|
||||
@@ -688,7 +628,8 @@ public class UserDOExample {
|
||||
this(condition, value, null);
|
||||
}
|
||||
|
||||
protected Criterion(String condition, Object value, Object secondValue, String typeHandler) {
|
||||
protected Criterion(
|
||||
String condition, Object value, Object secondValue, String typeHandler) {
|
||||
super();
|
||||
this.condition = condition;
|
||||
this.value = value;
|
||||
@@ -701,4 +642,4 @@ public class UserDOExample {
|
||||
this(condition, value, secondValue, null);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,22 +1,17 @@
|
||||
package com.tencent.supersonic.auth.authentication.persistence.mapper;
|
||||
|
||||
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDO;
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDOExample;
|
||||
import java.util.List;
|
||||
import org.apache.ibatis.annotations.Mapper;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Mapper
|
||||
public interface UserDOMapper {
|
||||
|
||||
/**
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
int insert(UserDO record);
|
||||
|
||||
/**
|
||||
* @mbg.generated
|
||||
*/
|
||||
/** @mbg.generated */
|
||||
List<UserDO> selectByExample(UserDOExample example);
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.tencent.supersonic.auth.authentication.persistence.repository;
|
||||
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDO;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface UserRepository {
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.tencent.supersonic.auth.authentication.persistence.repository.impl;
|
||||
|
||||
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDO;
|
||||
import com.tencent.supersonic.auth.authentication.persistence.dataobject.UserDOExample;
|
||||
import com.tencent.supersonic.auth.authentication.persistence.mapper.UserDOMapper;
|
||||
@@ -13,10 +12,8 @@ import java.util.Optional;
|
||||
@Component
|
||||
public class UserRepositoryImpl implements UserRepository {
|
||||
|
||||
|
||||
private UserDOMapper userDOMapper;
|
||||
|
||||
|
||||
public UserRepositoryImpl(UserDOMapper userDOMapper) {
|
||||
this.userDOMapper = userDOMapper;
|
||||
}
|
||||
@@ -39,5 +36,4 @@ public class UserRepositoryImpl implements UserRepository {
|
||||
Optional<UserDO> userDOOptional = userDOS.stream().findFirst();
|
||||
return userDOOptional.orElse(null);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
package com.tencent.supersonic.auth.authentication.rest;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.Organization;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
@@ -13,8 +15,6 @@ import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
@@ -30,7 +30,8 @@ public class UserController {
|
||||
}
|
||||
|
||||
@GetMapping("/getCurrentUser")
|
||||
public User getCurrentUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
|
||||
public User getCurrentUser(
|
||||
HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
|
||||
return userService.getCurrentUser(httpServletRequest, httpServletResponse);
|
||||
}
|
||||
|
||||
@@ -68,5 +69,4 @@ public class UserController {
|
||||
public String login(@RequestBody UserReq userCmd, HttpServletRequest request) {
|
||||
return userService.login(userCmd, request);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
package com.tencent.supersonic.auth.authentication.service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.Organization;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.request.UserReq;
|
||||
@@ -10,8 +13,7 @@ import com.tencent.supersonic.common.config.SystemConfig;
|
||||
import com.tencent.supersonic.common.service.SystemConfigService;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
@@ -25,7 +27,8 @@ public class UserServiceImpl implements UserService {
|
||||
}
|
||||
|
||||
@Override
|
||||
public User getCurrentUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
|
||||
public User getCurrentUser(
|
||||
HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
|
||||
User user = UserHolder.findUser(httpServletRequest, httpServletResponse);
|
||||
if (user != null) {
|
||||
SystemConfig systemConfig = sysParameterService.getSystemConfig();
|
||||
@@ -76,5 +79,4 @@ public class UserServiceImpl implements UserService {
|
||||
public String login(UserReq userReq, String appKey) {
|
||||
return ComponentFactory.getUserAdaptor().login(userReq, appKey);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
package com.tencent.supersonic.auth.authentication.strategy;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.service.UserStrategy;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
@@ -24,5 +24,4 @@ public class FakeUserStrategy implements UserStrategy {
|
||||
public User findUser(String token, String appKey) {
|
||||
return User.getFakeUser();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,20 +1,18 @@
|
||||
package com.tencent.supersonic.auth.authentication.strategy;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.service.UserStrategy;
|
||||
import com.tencent.supersonic.auth.authentication.utils.UserTokenUtils;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
|
||||
@Service
|
||||
public class HttpHeaderUserStrategy implements UserStrategy {
|
||||
|
||||
|
||||
private final UserTokenUtils userTokenUtils;
|
||||
|
||||
|
||||
public HttpHeaderUserStrategy(UserTokenUtils userTokenUtils) {
|
||||
this.userTokenUtils = userTokenUtils;
|
||||
}
|
||||
|
||||
@@ -1,26 +1,25 @@
|
||||
package com.tencent.supersonic.auth.authentication.strategy;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.config.AuthenticationConfig;
|
||||
import com.tencent.supersonic.auth.api.authentication.service.UserStrategy;
|
||||
import com.tencent.supersonic.auth.api.authentication.utils.UserHolder;
|
||||
import java.util.List;
|
||||
import javax.annotation.PostConstruct;
|
||||
import lombok.Data;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Configuration
|
||||
@Data
|
||||
public class UserStrategyFactory {
|
||||
|
||||
|
||||
private List<UserStrategy> userStrategyList;
|
||||
|
||||
|
||||
private AuthenticationConfig authenticationConfig;
|
||||
|
||||
public UserStrategyFactory(AuthenticationConfig authenticationConfig, List<UserStrategy> userStrategyList) {
|
||||
public UserStrategyFactory(
|
||||
AuthenticationConfig authenticationConfig, List<UserStrategy> userStrategyList) {
|
||||
this.authenticationConfig = authenticationConfig;
|
||||
this.userStrategyList = userStrategyList;
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@ package com.tencent.supersonic.auth.authentication.utils;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.adaptor.UserAdaptor;
|
||||
import org.springframework.core.io.support.SpringFactoriesLoader;
|
||||
|
||||
import java.util.Objects;
|
||||
|
||||
public class ComponentFactory {
|
||||
@@ -16,8 +17,8 @@ public class ComponentFactory {
|
||||
}
|
||||
|
||||
private static <T> T init(Class<T> factoryType) {
|
||||
return SpringFactoriesLoader.loadFactories(factoryType,
|
||||
Thread.currentThread().getContextClassLoader()).get(0);
|
||||
return SpringFactoriesLoader.loadFactories(
|
||||
factoryType, Thread.currentThread().getContextClassLoader())
|
||||
.get(0);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,8 @@
|
||||
package com.tencent.supersonic.auth.authentication.utils;
|
||||
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.config.AuthenticationConfig;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.UserWithPassword;
|
||||
@@ -11,8 +14,6 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
@@ -46,7 +47,9 @@ public class UserTokenUtils {
|
||||
Map<String, Object> claims = new HashMap<>(5);
|
||||
claims.put(TOKEN_USER_ID, user.getId());
|
||||
claims.put(TOKEN_USER_NAME, StringUtils.isEmpty(user.getName()) ? "" : user.getName());
|
||||
claims.put(TOKEN_USER_PASSWORD, StringUtils.isEmpty(user.getPassword()) ? "" : user.getPassword());
|
||||
claims.put(
|
||||
TOKEN_USER_PASSWORD,
|
||||
StringUtils.isEmpty(user.getPassword()) ? "" : user.getPassword());
|
||||
claims.put(TOKEN_USER_DISPLAY_NAME, user.getDisplayName());
|
||||
claims.put(TOKEN_CREATE_TIME, System.currentTimeMillis());
|
||||
claims.put(TOKEN_IS_ADMIN, user.getIsAdmin());
|
||||
@@ -79,8 +82,10 @@ public class UserTokenUtils {
|
||||
String userName = String.valueOf(claims.get(TOKEN_USER_NAME));
|
||||
String email = String.valueOf(claims.get(TOKEN_USER_EMAIL));
|
||||
String displayName = String.valueOf(claims.get(TOKEN_USER_DISPLAY_NAME));
|
||||
Integer isAdmin = claims.get(TOKEN_IS_ADMIN) == null
|
||||
? 0 : Integer.parseInt(claims.get(TOKEN_IS_ADMIN).toString());
|
||||
Integer isAdmin =
|
||||
claims.get(TOKEN_IS_ADMIN) == null
|
||||
? 0
|
||||
: Integer.parseInt(claims.get(TOKEN_IS_ADMIN).toString());
|
||||
return User.get(userId, userName, displayName, email, isAdmin);
|
||||
}
|
||||
|
||||
@@ -97,8 +102,10 @@ public class UserTokenUtils {
|
||||
String email = String.valueOf(claims.get(TOKEN_USER_EMAIL));
|
||||
String displayName = String.valueOf(claims.get(TOKEN_USER_DISPLAY_NAME));
|
||||
String password = String.valueOf(claims.get(TOKEN_USER_PASSWORD));
|
||||
Integer isAdmin = claims.get(TOKEN_IS_ADMIN) == null
|
||||
? 0 : Integer.parseInt(claims.get(TOKEN_IS_ADMIN).toString());
|
||||
Integer isAdmin =
|
||||
claims.get(TOKEN_IS_ADMIN) == null
|
||||
? 0
|
||||
: Integer.parseInt(claims.get(TOKEN_IS_ADMIN).toString());
|
||||
return UserWithPassword.get(userId, userName, displayName, email, password, isAdmin);
|
||||
}
|
||||
|
||||
@@ -117,9 +124,12 @@ public class UserTokenUtils {
|
||||
Claims claims;
|
||||
try {
|
||||
String tokenSecret = getTokenSecret(appKey);
|
||||
claims = Jwts.parser()
|
||||
.setSigningKey(tokenSecret.getBytes(StandardCharsets.UTF_8))
|
||||
.build().parseClaimsJws(getTokenString(token)).getBody();
|
||||
claims =
|
||||
Jwts.parser()
|
||||
.setSigningKey(tokenSecret.getBytes(StandardCharsets.UTF_8))
|
||||
.build()
|
||||
.parseClaimsJws(getTokenString(token))
|
||||
.getBody();
|
||||
} catch (Exception e) {
|
||||
log.error("getClaims", e);
|
||||
throw new AccessException("parse user info from token failed :" + token);
|
||||
@@ -128,8 +138,9 @@ public class UserTokenUtils {
|
||||
}
|
||||
|
||||
private static String getTokenString(String token) {
|
||||
return token.startsWith(TOKEN_PREFIX) ? token.substring(token.indexOf(TOKEN_PREFIX)
|
||||
+ TOKEN_PREFIX.length()).trim() : token.trim();
|
||||
return token.startsWith(TOKEN_PREFIX)
|
||||
? token.substring(token.indexOf(TOKEN_PREFIX) + TOKEN_PREFIX.length()).trim()
|
||||
: token.trim();
|
||||
}
|
||||
|
||||
private String generate(Map<String, Object> claims, String appKey) {
|
||||
@@ -146,8 +157,11 @@ public class UserTokenUtils {
|
||||
.setClaims(claims)
|
||||
.setSubject(claims.get(TOKEN_USER_NAME).toString())
|
||||
.setExpiration(expirationDate)
|
||||
.signWith(new SecretKeySpec(tokenSecret.getBytes(StandardCharsets.UTF_8),
|
||||
SignatureAlgorithm.HS512.getJcaName()), SignatureAlgorithm.HS512)
|
||||
.signWith(
|
||||
new SecretKeySpec(
|
||||
tokenSecret.getBytes(StandardCharsets.UTF_8),
|
||||
SignatureAlgorithm.HS512.getJcaName()),
|
||||
SignatureAlgorithm.HS512)
|
||||
.compact();
|
||||
}
|
||||
|
||||
|
||||
@@ -1,14 +1,14 @@
|
||||
package com.tencent.supersonic.auth.authorization.rest;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.tencent.supersonic.auth.api.authentication.pojo.User;
|
||||
import com.tencent.supersonic.auth.api.authentication.utils.UserHolder;
|
||||
import com.tencent.supersonic.auth.api.authorization.pojo.AuthGroup;
|
||||
import com.tencent.supersonic.auth.api.authorization.request.QueryAuthResReq;
|
||||
import com.tencent.supersonic.auth.api.authorization.response.AuthorizedResourceResp;
|
||||
import com.tencent.supersonic.auth.api.authorization.service.AuthService;
|
||||
import com.tencent.supersonic.auth.api.authorization.pojo.AuthGroup;
|
||||
import java.util.List;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
@@ -17,6 +17,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/api/auth")
|
||||
@Slf4j
|
||||
@@ -29,14 +31,13 @@ public class AuthController {
|
||||
}
|
||||
|
||||
@GetMapping("/queryGroup")
|
||||
public List<AuthGroup> queryAuthGroup(@RequestParam("modelId") String modelId,
|
||||
public List<AuthGroup> queryAuthGroup(
|
||||
@RequestParam("modelId") String modelId,
|
||||
@RequestParam(value = "groupId", required = false) Integer groupId) {
|
||||
return authService.queryAuthGroups(modelId, groupId);
|
||||
}
|
||||
|
||||
/**
|
||||
* 新建权限组
|
||||
*/
|
||||
/** 新建权限组 */
|
||||
@PostMapping("/createGroup")
|
||||
public void newAuthGroup(@RequestBody AuthGroup group) {
|
||||
group.setGroupId(null);
|
||||
@@ -68,9 +69,10 @@ public class AuthController {
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/queryAuthorizedRes")
|
||||
public AuthorizedResourceResp queryAuthorizedResources(@RequestBody QueryAuthResReq req,
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
public AuthorizedResourceResp queryAuthorizedResources(
|
||||
@RequestBody QueryAuthResReq req,
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response) {
|
||||
User user = UserHolder.findUser(request, response);
|
||||
return authService.queryAuthorizedResources(req, user);
|
||||
}
|
||||
|
||||
@@ -30,23 +30,27 @@ public class AuthServiceImpl implements AuthService {
|
||||
|
||||
private UserService userService;
|
||||
|
||||
public AuthServiceImpl(JdbcTemplate jdbcTemplate,
|
||||
UserService userService) {
|
||||
public AuthServiceImpl(JdbcTemplate jdbcTemplate, UserService userService) {
|
||||
this.jdbcTemplate = jdbcTemplate;
|
||||
this.userService = userService;
|
||||
}
|
||||
|
||||
private List<AuthGroup> load() {
|
||||
List<String> rows = jdbcTemplate.queryForList("select config from s2_auth_groups", String.class);
|
||||
List<String> rows =
|
||||
jdbcTemplate.queryForList("select config from s2_auth_groups", String.class);
|
||||
Gson g = new Gson();
|
||||
return rows.stream().map(row -> g.fromJson(row, AuthGroup.class)).collect(Collectors.toList());
|
||||
return rows.stream()
|
||||
.map(row -> g.fromJson(row, AuthGroup.class))
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<AuthGroup> queryAuthGroups(String modelId, Integer groupId) {
|
||||
return load().stream()
|
||||
.filter(group -> (Objects.isNull(groupId) || groupId.equals(group.getGroupId()))
|
||||
&& modelId.equals(group.getModelId().toString()))
|
||||
.filter(
|
||||
group ->
|
||||
(Objects.isNull(groupId) || groupId.equals(group.getGroupId()))
|
||||
&& modelId.equals(group.getModelId().toString()))
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@@ -61,10 +65,14 @@ public class AuthServiceImpl implements AuthService {
|
||||
nextGroupId = obj + 1;
|
||||
}
|
||||
group.setGroupId(nextGroupId);
|
||||
jdbcTemplate.update("insert into s2_auth_groups (group_id, config) values (?, ?);", nextGroupId,
|
||||
jdbcTemplate.update(
|
||||
"insert into s2_auth_groups (group_id, config) values (?, ?);",
|
||||
nextGroupId,
|
||||
g.toJson(group));
|
||||
} else {
|
||||
jdbcTemplate.update("update s2_auth_groups set config = ? where group_id = ?;", g.toJson(group),
|
||||
jdbcTemplate.update(
|
||||
"update s2_auth_groups set config = ? where group_id = ?;",
|
||||
g.toJson(group),
|
||||
group.getGroupId());
|
||||
}
|
||||
}
|
||||
@@ -80,10 +88,11 @@ public class AuthServiceImpl implements AuthService {
|
||||
return new AuthorizedResourceResp();
|
||||
}
|
||||
Set<String> userOrgIds = userService.getUserAllOrgId(user.getName());
|
||||
List<AuthGroup> groups = getAuthGroups(req.getModelIds(), user.getName(), new ArrayList<>(userOrgIds));
|
||||
List<AuthGroup> groups =
|
||||
getAuthGroups(req.getModelIds(), user.getName(), new ArrayList<>(userOrgIds));
|
||||
AuthorizedResourceResp resource = new AuthorizedResourceResp();
|
||||
Map<Long, List<AuthGroup>> authGroupsByModelId = groups.stream()
|
||||
.collect(Collectors.groupingBy(AuthGroup::getModelId));
|
||||
Map<Long, List<AuthGroup>> authGroupsByModelId =
|
||||
groups.stream().collect(Collectors.groupingBy(AuthGroup::getModelId));
|
||||
for (Long modelId : req.getModelIds()) {
|
||||
if (authGroupsByModelId.containsKey(modelId)) {
|
||||
List<AuthGroup> authGroups = authGroupsByModelId.get(modelId);
|
||||
@@ -110,26 +119,31 @@ public class AuthServiceImpl implements AuthService {
|
||||
return resource;
|
||||
}
|
||||
|
||||
private List<AuthGroup> getAuthGroups(List<Long> modelIds, String userName, List<String> departmentIds) {
|
||||
List<AuthGroup> groups = load().stream()
|
||||
.filter(group -> {
|
||||
if (!modelIds.contains(group.getModelId())) {
|
||||
return false;
|
||||
}
|
||||
if (!CollectionUtils.isEmpty(group.getAuthorizedUsers())
|
||||
&& group.getAuthorizedUsers().contains(userName)) {
|
||||
return true;
|
||||
}
|
||||
for (String departmentId : departmentIds) {
|
||||
if (!CollectionUtils.isEmpty(group.getAuthorizedDepartmentIds())
|
||||
&& group.getAuthorizedDepartmentIds().contains(departmentId)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}).collect(Collectors.toList());
|
||||
private List<AuthGroup> getAuthGroups(
|
||||
List<Long> modelIds, String userName, List<String> departmentIds) {
|
||||
List<AuthGroup> groups =
|
||||
load().stream()
|
||||
.filter(
|
||||
group -> {
|
||||
if (!modelIds.contains(group.getModelId())) {
|
||||
return false;
|
||||
}
|
||||
if (!CollectionUtils.isEmpty(group.getAuthorizedUsers())
|
||||
&& group.getAuthorizedUsers().contains(userName)) {
|
||||
return true;
|
||||
}
|
||||
for (String departmentId : departmentIds) {
|
||||
if (!CollectionUtils.isEmpty(
|
||||
group.getAuthorizedDepartmentIds())
|
||||
&& group.getAuthorizedDepartmentIds()
|
||||
.contains(departmentId)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
})
|
||||
.collect(Collectors.toList());
|
||||
log.info("user:{} department:{} authGroups:{}", userName, departmentIds, groups);
|
||||
return groups;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user