smallchill
6 years ago
66 changed files with 1688 additions and 181 deletions
@ -0,0 +1,32 @@
|
||||
## 目前主要支持的oauth协议 |
||||
一、 授权码模式 |
||||
授权码模式(authorization_code)主要针对第三方应用,是最为复杂也最为安全的一种模式,操作步骤如下 |
||||
1. 访问地址:http://localhost:8100/oauth/authorize?client_id=blade&redirect_uri=http://example.com&code=233333&response_type=code |
||||
2. 获取跳转后的code值(http://example.com/?code=VhYNLR)之后,调用 http://localhost/blade-auth/oauth/token 传入对应的参数 |
||||
|
||||
请求头: |
||||
Authorization : Basic YmxhZGU6YmxhZGU= ("YmxhZGU6YmxhZGU="为clientId:clientSecret串转换为的base64编码) |
||||
|
||||
表单: |
||||
grant_type:authorization_code |
||||
scope:all |
||||
code:VhYNLR |
||||
redirect_uri: http://example.com |
||||
|
||||
二、 密码模式 |
||||
密码模式(password)主要针对自家应用,可信度较高,所以可以使用简便安全共存的模式,操作步骤如下 |
||||
1. 直接调用 http://localhost/blade-auth/oauth/token 传入对应的参数 |
||||
|
||||
请求头: |
||||
Authorization : Basic YmxhZGU6YmxhZGU= ("YmxhZGU6YmxhZGU="为clientId:clientSecret串转换为的base64编码) |
||||
|
||||
表单: |
||||
grant_type:password |
||||
scope:all |
||||
username:admin |
||||
password:123456 |
||||
|
||||
## 获取到token后如何获取用户信息 |
||||
1. 拼接请求头 |
||||
Authorization :bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXN0IjoidGVzdCIsInVzZXJfbmFtZSI6ImFkbWluIiwic2NvcGUiOlsiYWxsIl0sImV4cCI6MTU1MzE2MTA5NSwiYXV0aG9yaXRpZXMiOlsiUk9MRV9VU0VSIl0sImp0aSI6IjE0YmMyYjAyLTgxY2UtNDFiNC04ZTI3LTA5YWE0ZmU4ZWMwYyIsImNsaWVudF9pZCI6ImJsYWRlIn0.jTmioQDq-fSNNn7YCwl3wP0JE-etSWtzLDe545mDbP4 |
||||
2. 调用 http://localhost/blade-auth/oauth/user-info 既可获得对应用户信息 |
||||
@ -0,0 +1,126 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.config; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.SneakyThrows; |
||||
import org.springblade.auth.constant.AuthConstant; |
||||
import org.springblade.auth.props.AuthProperties; |
||||
import org.springblade.auth.service.BladeClientDetailsServiceImpl; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.core.annotation.Order; |
||||
import org.springframework.security.authentication.AuthenticationManager; |
||||
import org.springframework.security.core.userdetails.UserDetailsService; |
||||
import org.springframework.security.crypto.password.PasswordEncoder; |
||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; |
||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer; |
||||
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain; |
||||
import org.springframework.security.oauth2.provider.token.TokenStore; |
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; |
||||
|
||||
import javax.sql.DataSource; |
||||
import java.util.ArrayList; |
||||
import java.util.List; |
||||
|
||||
/** |
||||
* 认证服务器配置 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Order |
||||
@Configuration |
||||
@AllArgsConstructor |
||||
@EnableAuthorizationServer |
||||
public class BladeAuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter { |
||||
|
||||
private final DataSource dataSource; |
||||
|
||||
private AuthProperties authProperties; |
||||
|
||||
private AuthenticationManager authenticationManager; |
||||
|
||||
private UserDetailsService userDetailsService; |
||||
|
||||
private TokenStore tokenStore; |
||||
|
||||
private JwtAccessTokenConverter jwtAccessTokenConverter; |
||||
|
||||
private TokenEnhancer jwtTokenEnhancer; |
||||
|
||||
private PasswordEncoder passwordEncoder; |
||||
|
||||
@Override |
||||
public void configure(AuthorizationServerEndpointsConfigurer endpoints) { |
||||
endpoints.tokenStore(tokenStore) |
||||
.authenticationManager(authenticationManager) |
||||
.userDetailsService(userDetailsService); |
||||
//扩展token返回结果
|
||||
if (jwtAccessTokenConverter != null && jwtTokenEnhancer != null) { |
||||
TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain(); |
||||
List<TokenEnhancer> enhancerList = new ArrayList<>(); |
||||
enhancerList.add(jwtTokenEnhancer); |
||||
enhancerList.add(jwtAccessTokenConverter); |
||||
tokenEnhancerChain.setTokenEnhancers(enhancerList); |
||||
//jwt
|
||||
endpoints.tokenEnhancer(tokenEnhancerChain) |
||||
.accessTokenConverter(jwtAccessTokenConverter); |
||||
} |
||||
} |
||||
|
||||
|
||||
/*@Override |
||||
@SneakyThrows |
||||
public void configure(ClientDetailsServiceConfigurer clients) { |
||||
InMemoryClientDetailsServiceBuilder build = clients.inMemory(); |
||||
if (ArrayUtils.isNotEmpty(authProperties.getClients())) { |
||||
for (AuthClientProperties config : authProperties.getClients()) { |
||||
build.withClient(config.getClientId()) |
||||
.secret("{noop}" + config.getClientSecret()) |
||||
.accessTokenValiditySeconds(TokenUtil.getTokenValiditySecond()) |
||||
.refreshTokenValiditySeconds(TokenUtil.getRefreshTokenValiditySeconds()) |
||||
//OAuth2支持的验证模式
|
||||
.authorizedGrantTypes("refresh_token", "password", "authorization_code") |
||||
.redirectUris("http://example.com") |
||||
.scopes("all"); |
||||
} |
||||
} |
||||
}*/ |
||||
|
||||
/** |
||||
* 配置客户端信息 |
||||
*/ |
||||
@Override |
||||
@SneakyThrows |
||||
public void configure(ClientDetailsServiceConfigurer clients) { |
||||
BladeClientDetailsServiceImpl clientDetailsService = new BladeClientDetailsServiceImpl(dataSource); |
||||
clientDetailsService.setSelectClientDetailsSql(AuthConstant.DEFAULT_SELECT_STATEMENT); |
||||
clientDetailsService.setFindClientDetailsSql(AuthConstant.DEFAULT_FIND_STATEMENT); |
||||
clients.withClientDetails(clientDetailsService); |
||||
} |
||||
|
||||
@Override |
||||
public void configure(AuthorizationServerSecurityConfigurer oauthServer) { |
||||
oauthServer |
||||
.allowFormAuthenticationForClients() |
||||
.tokenKeyAccess("permitAll()") |
||||
.checkTokenAccess("isAuthenticated()"); |
||||
} |
||||
} |
||||
@ -0,0 +1,54 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.config; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.SneakyThrows; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; |
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
||||
|
||||
/** |
||||
* 自定义登录成功配置 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Configuration |
||||
@AllArgsConstructor |
||||
@EnableResourceServer |
||||
public class BladeResourceServerConfiguration extends ResourceServerConfigurerAdapter { |
||||
|
||||
/** |
||||
* 自定义登录成功处理器 |
||||
*/ |
||||
private AuthenticationSuccessHandler appLoginInSuccessHandler; |
||||
|
||||
@Override |
||||
@SneakyThrows |
||||
public void configure(HttpSecurity http) { |
||||
http.headers().frameOptions().disable(); |
||||
http.formLogin() |
||||
.successHandler(appLoginInSuccessHandler) |
||||
.and() |
||||
.authorizeRequests() |
||||
.anyRequest().authenticated().and() |
||||
.csrf().disable(); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,70 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.config; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import org.springblade.auth.props.AuthProperties; |
||||
import org.springblade.auth.support.BladeJwtTokenEnhancer; |
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; |
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
||||
import org.springframework.context.annotation.Bean; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer; |
||||
import org.springframework.security.oauth2.provider.token.TokenStore; |
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; |
||||
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; |
||||
|
||||
/** |
||||
* JwtTokenStore |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Configuration |
||||
@AllArgsConstructor |
||||
@ConditionalOnProperty(prefix = "blade.security.oauth2", name = "storeType", havingValue = "jwt", matchIfMissing = true) |
||||
public class JwtTokenStoreConfiguration { |
||||
|
||||
private AuthProperties authProperties; |
||||
|
||||
/** |
||||
* 使用jwtTokenStore存储token |
||||
*/ |
||||
@Bean |
||||
public TokenStore jwtTokenStore() { |
||||
return new JwtTokenStore(jwtAccessTokenConverter()); |
||||
} |
||||
|
||||
/** |
||||
* 用于生成jwt |
||||
*/ |
||||
@Bean |
||||
public JwtAccessTokenConverter jwtAccessTokenConverter() { |
||||
JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter(); |
||||
accessTokenConverter.setSigningKey(authProperties.getJwtSigningKey()); |
||||
return accessTokenConverter; |
||||
} |
||||
|
||||
/** |
||||
* 用于扩展jwt |
||||
*/ |
||||
@Bean |
||||
@ConditionalOnMissingBean(name = "jwtTokenEnhancer") |
||||
public TokenEnhancer jwtTokenEnhancer() { |
||||
return new BladeJwtTokenEnhancer(); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,48 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.config; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; |
||||
import org.springframework.context.annotation.Bean; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.data.redis.connection.RedisConnectionFactory; |
||||
import org.springframework.security.oauth2.provider.token.TokenStore; |
||||
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; |
||||
|
||||
/** |
||||
* Redis TokenStore |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Configuration |
||||
@AllArgsConstructor |
||||
public class RedisTokenStoreConfiguration { |
||||
/** |
||||
* redis连接工厂 |
||||
*/ |
||||
private RedisConnectionFactory redisConnectionFactory; |
||||
|
||||
/** |
||||
* 用于存放token |
||||
*/ |
||||
@Bean |
||||
@ConditionalOnProperty(prefix = "blade.security.oauth2", name = "storeType", havingValue = "redis") |
||||
public TokenStore redisTokenStore() { |
||||
return new RedisTokenStore(redisConnectionFactory); |
||||
} |
||||
} |
||||
@ -0,0 +1,56 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.config; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.SneakyThrows; |
||||
import org.springblade.auth.support.BladePasswordEncoderFactories; |
||||
import org.springframework.context.annotation.Bean; |
||||
import org.springframework.context.annotation.Configuration; |
||||
import org.springframework.security.authentication.AuthenticationManager; |
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; |
||||
import org.springframework.security.crypto.password.PasswordEncoder; |
||||
|
||||
/** |
||||
* Security配置 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Configuration |
||||
@AllArgsConstructor |
||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter { |
||||
|
||||
@Bean |
||||
@Override |
||||
@SneakyThrows |
||||
public AuthenticationManager authenticationManagerBean() { |
||||
return super.authenticationManagerBean(); |
||||
} |
||||
|
||||
@Bean |
||||
public PasswordEncoder passwordEncoder() { |
||||
return BladePasswordEncoderFactories.createDelegatingPasswordEncoder(); |
||||
} |
||||
|
||||
@Override |
||||
@SneakyThrows |
||||
protected void configure(HttpSecurity http) { |
||||
http.httpBasic().and().csrf().disable(); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,52 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.constant; |
||||
|
||||
/** |
||||
* 授权校验常量 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public interface AuthConstant { |
||||
|
||||
String ENCRYPT = "{blade}"; |
||||
|
||||
String CLIENT_DETAILS = "blade_oauth:client:details"; |
||||
|
||||
/** |
||||
* blade_client表字段 |
||||
*/ |
||||
String CLIENT_FIELDS = "client_id, CONCAT('{noop}',client_secret) as client_secret, resource_ids, scope, authorized_grant_types, " + |
||||
"web_server_redirect_uri, authorities, access_token_validity, " + |
||||
"refresh_token_validity, additional_information, autoapprove"; |
||||
|
||||
/** |
||||
* 查询语句 |
||||
*/ |
||||
String BASE_STATEMENT = "select " + CLIENT_FIELDS + " from blade_client"; |
||||
|
||||
/** |
||||
* 查询排序 |
||||
*/ |
||||
String DEFAULT_FIND_STATEMENT = BASE_STATEMENT + " order by client_id"; |
||||
|
||||
/** |
||||
* 查询client_id |
||||
*/ |
||||
String DEFAULT_SELECT_STATEMENT = BASE_STATEMENT + " where client_id = ?"; |
||||
|
||||
} |
||||
@ -1,96 +0,0 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.controller; |
||||
|
||||
import io.swagger.annotations.Api; |
||||
import io.swagger.annotations.ApiOperation; |
||||
import io.swagger.annotations.ApiParam; |
||||
import lombok.AllArgsConstructor; |
||||
import org.springblade.core.log.annotation.ApiLog; |
||||
import org.springblade.core.secure.AuthInfo; |
||||
import org.springblade.core.secure.utils.SecureUtil; |
||||
import org.springblade.core.tool.api.R; |
||||
import org.springblade.core.tool.utils.DigestUtil; |
||||
import org.springblade.core.tool.utils.Func; |
||||
import org.springblade.system.user.entity.User; |
||||
import org.springblade.system.user.entity.UserInfo; |
||||
import org.springblade.system.user.feign.IUserClient; |
||||
import org.springframework.web.bind.annotation.PostMapping; |
||||
import org.springframework.web.bind.annotation.RequestParam; |
||||
import org.springframework.web.bind.annotation.RestController; |
||||
|
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
/** |
||||
* 认证模块 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@RestController |
||||
@AllArgsConstructor |
||||
@Api(value = "用户授权认证", tags = "授权接口") |
||||
public class AuthController { |
||||
|
||||
IUserClient client; |
||||
|
||||
@ApiLog("登录用户验证") |
||||
@PostMapping("token") |
||||
@ApiOperation(value = "获取认证token", notes = "传入租户编号:tenantCode,账号:account,密码:password") |
||||
public R<AuthInfo> token(@ApiParam(value = "租户编号", required = true) @RequestParam String tenantCode, |
||||
@ApiParam(value = "账号", required = true) @RequestParam String account, |
||||
@ApiParam(value = "密码", required = true) @RequestParam String password) { |
||||
|
||||
if (Func.hasEmpty(account, password)) { |
||||
return R.fail("接口调用不合法"); |
||||
} |
||||
|
||||
R<UserInfo> res = client.userInfo(tenantCode, account, DigestUtil.encrypt(password)); |
||||
|
||||
User user = res.getData().getUser(); |
||||
|
||||
//验证用户
|
||||
if (Func.isEmpty(user.getId())) { |
||||
return R.fail("用户名或密码不正确"); |
||||
} |
||||
|
||||
//设置jwt参数
|
||||
Map<String, String> param = new HashMap<>(16); |
||||
param.put(SecureUtil.USER_ID, Func.toStr(user.getId())); |
||||
param.put(SecureUtil.ROLE_ID, user.getRoleId()); |
||||
param.put(SecureUtil.TENANT_CODE, user.getTenantCode()); |
||||
param.put(SecureUtil.ACCOUNT, user.getAccount()); |
||||
param.put(SecureUtil.USER_NAME, user.getRealName()); |
||||
param.put(SecureUtil.ROLE_NAME, Func.join(res.getData().getRoles())); |
||||
|
||||
//拼装accessToken
|
||||
String accessToken = SecureUtil.createJWT(param, "audience", "issuser", true); |
||||
|
||||
//返回accessToken
|
||||
AuthInfo authInfo = new AuthInfo(); |
||||
authInfo.setAccount(user.getAccount()); |
||||
authInfo.setUserName(user.getRealName()); |
||||
authInfo.setAuthority(Func.join(res.getData().getRoles())); |
||||
authInfo.setAccessToken(accessToken); |
||||
authInfo.setTokenType(SecureUtil.BEARER); |
||||
//设置token过期时间
|
||||
authInfo.setExpiresIn(SecureUtil.getExpire()); |
||||
return R.data(authInfo); |
||||
|
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,41 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.endpoint; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.extern.slf4j.Slf4j; |
||||
import org.springblade.core.tool.api.R; |
||||
import org.springframework.security.core.Authentication; |
||||
import org.springframework.web.bind.annotation.GetMapping; |
||||
import org.springframework.web.bind.annotation.RestController; |
||||
|
||||
/** |
||||
* BladeEndPoint |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Slf4j |
||||
@RestController |
||||
@AllArgsConstructor |
||||
public class BladeTokenEndPoint { |
||||
|
||||
@GetMapping("/oauth/user-info") |
||||
public R<Authentication> currentUser(Authentication authentication) { |
||||
return R.data(authentication); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,84 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.handler; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.extern.slf4j.Slf4j; |
||||
import org.springblade.auth.utils.TokenUtil; |
||||
import org.springblade.core.tool.jackson.JsonUtil; |
||||
import org.springframework.http.MediaType; |
||||
import org.springframework.security.core.Authentication; |
||||
import org.springframework.security.crypto.password.PasswordEncoder; |
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken; |
||||
import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException; |
||||
import org.springframework.security.oauth2.provider.*; |
||||
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; |
||||
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; |
||||
import org.springframework.stereotype.Component; |
||||
|
||||
import javax.servlet.ServletException; |
||||
import javax.servlet.http.HttpServletRequest; |
||||
import javax.servlet.http.HttpServletResponse; |
||||
import java.io.IOException; |
||||
import java.util.HashMap; |
||||
|
||||
/** |
||||
* APP登录成功处理器 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Slf4j |
||||
@AllArgsConstructor |
||||
@Component("appLoginInSuccessHandler") |
||||
public class AppLoginInSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler { |
||||
|
||||
private PasswordEncoder passwordEncoder; |
||||
|
||||
private ClientDetailsService clientDetailsService; |
||||
|
||||
private AuthorizationServerTokenServices authorizationServerTokenServices; |
||||
|
||||
@Override |
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { |
||||
log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication); |
||||
String header = request.getHeader(TokenUtil.HEADER_KEY); |
||||
if (header == null || !header.startsWith(TokenUtil.HEADER_PREFIX)) { |
||||
throw new UnapprovedClientAuthenticationException("请求头中无client信息"); |
||||
} |
||||
|
||||
String[] tokens = TokenUtil.extractAndDecodeHeader(header); |
||||
assert tokens.length == 2; |
||||
String clientId = tokens[0]; |
||||
String clientSecret = tokens[1]; |
||||
|
||||
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); |
||||
if (clientDetails == null) { |
||||
throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); |
||||
} else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { |
||||
throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); |
||||
} |
||||
|
||||
TokenRequest tokenRequest = new TokenRequest(new HashMap<>(16), clientId, clientDetails.getScope(), "app"); |
||||
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); |
||||
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); |
||||
OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); |
||||
|
||||
response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); |
||||
response.getWriter().write(JsonUtil.toJson(token)); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,34 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.props; |
||||
|
||||
import lombok.Data; |
||||
|
||||
/** |
||||
* AuthClientProperties |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Data |
||||
public class AuthClientProperties { |
||||
|
||||
private String clientId; |
||||
|
||||
private String clientSecret; |
||||
|
||||
private Integer accessTokenValiditySeconds = 7200; |
||||
} |
||||
@ -0,0 +1,34 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.props; |
||||
|
||||
import lombok.Data; |
||||
import org.springframework.boot.context.properties.ConfigurationProperties; |
||||
|
||||
/** |
||||
* AuthProperties |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Data |
||||
@ConfigurationProperties(prefix = "blade.security.oauth2") |
||||
public class AuthProperties { |
||||
|
||||
private String jwtSigningKey = "blade"; |
||||
|
||||
private AuthClientProperties[] clients = {}; |
||||
} |
||||
@ -0,0 +1,49 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.service; |
||||
|
||||
import lombok.SneakyThrows; |
||||
import org.springblade.auth.constant.AuthConstant; |
||||
import org.springframework.cache.annotation.Cacheable; |
||||
import org.springframework.security.oauth2.provider.ClientDetails; |
||||
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService; |
||||
|
||||
import javax.sql.DataSource; |
||||
|
||||
/** |
||||
* 客户端信息 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public class BladeClientDetailsServiceImpl extends JdbcClientDetailsService { |
||||
|
||||
public BladeClientDetailsServiceImpl(DataSource dataSource) { |
||||
super(dataSource); |
||||
} |
||||
|
||||
/** |
||||
* 缓存客户端信息 |
||||
* |
||||
* @param clientId 客户端id |
||||
*/ |
||||
@Override |
||||
@SneakyThrows |
||||
@Cacheable(value = AuthConstant.CLIENT_DETAILS, key = "#clientId", unless = "#result == null") |
||||
public ClientDetails loadClientByClientId(String clientId) { |
||||
return super.loadClientByClientId(clientId); |
||||
} |
||||
} |
||||
@ -0,0 +1,73 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.service; |
||||
|
||||
import lombok.Getter; |
||||
import org.springframework.security.core.GrantedAuthority; |
||||
import org.springframework.security.core.userdetails.User; |
||||
|
||||
import java.util.Collection; |
||||
|
||||
/** |
||||
* 用户信息拓展 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Getter |
||||
public class BladeUserDetails extends User { |
||||
|
||||
/** |
||||
* 用户id |
||||
*/ |
||||
private Integer userId; |
||||
/** |
||||
* 租户编号 |
||||
*/ |
||||
private String tenantCode; |
||||
/** |
||||
* 昵称 |
||||
*/ |
||||
private String name; |
||||
/** |
||||
* 账号 |
||||
*/ |
||||
private String account; |
||||
/** |
||||
* 角色id |
||||
*/ |
||||
private String roleId; |
||||
/** |
||||
* 角色名 |
||||
*/ |
||||
private String roleName; |
||||
/** |
||||
* 头像 |
||||
*/ |
||||
private String avatar; |
||||
|
||||
BladeUserDetails(Integer userId, String tenantCode, String name, String roleId, String roleName, String avatar, String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) { |
||||
super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities); |
||||
this.userId = userId; |
||||
this.tenantCode = tenantCode; |
||||
this.name = name; |
||||
this.account = username; |
||||
this.roleId = roleId; |
||||
this.roleName = roleName; |
||||
this.avatar = avatar; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,68 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.service; |
||||
|
||||
import lombok.AllArgsConstructor; |
||||
import lombok.SneakyThrows; |
||||
import org.springblade.auth.constant.AuthConstant; |
||||
import org.springblade.auth.utils.TokenUtil; |
||||
import org.springblade.core.tool.api.R; |
||||
import org.springblade.core.tool.utils.Func; |
||||
import org.springblade.core.tool.utils.WebUtil; |
||||
import org.springblade.system.user.entity.User; |
||||
import org.springblade.system.user.entity.UserInfo; |
||||
import org.springblade.system.user.feign.IUserClient; |
||||
import org.springframework.security.core.authority.AuthorityUtils; |
||||
import org.springframework.security.core.userdetails.UserDetails; |
||||
import org.springframework.security.core.userdetails.UserDetailsService; |
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException; |
||||
import org.springframework.stereotype.Service; |
||||
|
||||
import javax.servlet.http.HttpServletRequest; |
||||
|
||||
/** |
||||
* 用户信息 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Service |
||||
@AllArgsConstructor |
||||
public class BladeUserDetailsServiceImpl implements UserDetailsService { |
||||
|
||||
private IUserClient userClient; |
||||
|
||||
@Override |
||||
@SneakyThrows |
||||
public UserDetails loadUserByUsername(String username) { |
||||
HttpServletRequest request = WebUtil.getRequest(); |
||||
String tenantCode = Func.toStr(request.getHeader(TokenUtil.TENANT_HEADER_KEY), TokenUtil.DEFAULT_TENANT_CODE); |
||||
R<UserInfo> result = userClient.userInfo(tenantCode, username); |
||||
if (result.isSuccess()) { |
||||
User user = result.getData().getUser(); |
||||
if (user == null) { |
||||
throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND); |
||||
} |
||||
return new BladeUserDetails(user.getId(), |
||||
user.getTenantCode(), user.getName(), user.getRoleId(), Func.join(result.getData().getRoles()), TokenUtil.DEFAULT_AVATAR, |
||||
username, AuthConstant.ENCRYPT + user.getPassword(), true, true, true, true, |
||||
AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles()))); |
||||
} else { |
||||
throw new UsernameNotFoundException(result.getMsg()); |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,50 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.support; |
||||
|
||||
import org.springblade.auth.service.BladeUserDetails; |
||||
import org.springblade.auth.utils.TokenUtil; |
||||
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; |
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken; |
||||
import org.springframework.security.oauth2.provider.OAuth2Authentication; |
||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer; |
||||
|
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
/** |
||||
* jwt返回参数增强 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public class BladeJwtTokenEnhancer implements TokenEnhancer { |
||||
@Override |
||||
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { |
||||
BladeUserDetails principal = (BladeUserDetails) authentication.getUserAuthentication().getPrincipal(); |
||||
Map<String, Object> info = new HashMap<>(16); |
||||
info.put(TokenUtil.USER_ID, principal.getUserId()); |
||||
info.put(TokenUtil.ROLE_ID, principal.getRoleId()); |
||||
info.put(TokenUtil.TENANT_CODE, principal.getTenantCode()); |
||||
info.put(TokenUtil.ACCOUNT, principal.getAccount()); |
||||
info.put(TokenUtil.USER_NAME, principal.getName()); |
||||
info.put(TokenUtil.ROLE_NAME, principal.getRoleName()); |
||||
info.put(TokenUtil.AVATAR, principal.getAvatar()); |
||||
info.put(TokenUtil.LICENSE, TokenUtil.LICENSE_NAME); |
||||
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(info); |
||||
return accessToken; |
||||
} |
||||
} |
||||
@ -0,0 +1,39 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.support; |
||||
|
||||
import org.springblade.core.tool.utils.DigestUtil; |
||||
import org.springframework.security.crypto.password.PasswordEncoder; |
||||
|
||||
/** |
||||
* 自定义密码加密 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public class BladePasswordEncoder implements PasswordEncoder { |
||||
|
||||
@Override |
||||
public String encode(CharSequence rawPassword) { |
||||
return DigestUtil.encrypt((String) rawPassword); |
||||
} |
||||
|
||||
@Override |
||||
public boolean matches(CharSequence rawPassword, String encodedPassword) { |
||||
return encodedPassword.equals(encode(rawPassword)); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,77 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.support; |
||||
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
||||
import org.springframework.security.crypto.password.DelegatingPasswordEncoder; |
||||
import org.springframework.security.crypto.password.PasswordEncoder; |
||||
import org.springframework.security.crypto.password.Pbkdf2PasswordEncoder; |
||||
import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder; |
||||
|
||||
import java.util.HashMap; |
||||
import java.util.Map; |
||||
|
||||
/** |
||||
* 自定义密码工厂 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public class BladePasswordEncoderFactories { |
||||
|
||||
/** |
||||
* Creates a {@link DelegatingPasswordEncoder} with default mappings. Additional |
||||
* mappings may be added and the encoding will be updated to conform with best |
||||
* practices. However, due to the nature of {@link DelegatingPasswordEncoder} the |
||||
* updates should not impact users. The mappings current are: |
||||
* |
||||
* <ul> |
||||
* <li>bcrypt - {@link BCryptPasswordEncoder} (Also used for encoding)</li> |
||||
* <li>ldap - {@link org.springframework.security.crypto.password.LdapShaPasswordEncoder}</li> |
||||
* <li>MD4 - {@link org.springframework.security.crypto.password.Md4PasswordEncoder}</li> |
||||
* <li>MD5 - {@code new MessageDigestPasswordEncoder("MD5")}</li> |
||||
* <li>noop - {@link org.springframework.security.crypto.password.NoOpPasswordEncoder}</li> |
||||
* <li>pbkdf2 - {@link Pbkdf2PasswordEncoder}</li> |
||||
* <li>scrypt - {@link SCryptPasswordEncoder}</li> |
||||
* <li>SHA-1 - {@code new MessageDigestPasswordEncoder("SHA-1")}</li> |
||||
* <li>SHA-256 - {@code new MessageDigestPasswordEncoder("SHA-256")}</li> |
||||
* <li>sha256 - {@link org.springframework.security.crypto.password.StandardPasswordEncoder}</li> |
||||
* </ul> |
||||
* |
||||
* @return the {@link PasswordEncoder} to use |
||||
*/ |
||||
@SuppressWarnings("deprecation") |
||||
public static PasswordEncoder createDelegatingPasswordEncoder() { |
||||
String encodingId = "blade"; |
||||
Map<String, PasswordEncoder> encoders = new HashMap<>(16); |
||||
encoders.put(encodingId, new BladePasswordEncoder()); |
||||
encoders.put("bcrypt", new BCryptPasswordEncoder()); |
||||
encoders.put("ldap", new org.springframework.security.crypto.password.LdapShaPasswordEncoder()); |
||||
encoders.put("MD4", new org.springframework.security.crypto.password.Md4PasswordEncoder()); |
||||
encoders.put("MD5", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("MD5")); |
||||
encoders.put("noop", org.springframework.security.crypto.password.NoOpPasswordEncoder.getInstance()); |
||||
encoders.put("pbkdf2", new Pbkdf2PasswordEncoder()); |
||||
encoders.put("scrypt", new SCryptPasswordEncoder()); |
||||
encoders.put("SHA-1", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-1")); |
||||
encoders.put("SHA-256", new org.springframework.security.crypto.password.MessageDigestPasswordEncoder("SHA-256")); |
||||
encoders.put("sha256", new org.springframework.security.crypto.password.StandardPasswordEncoder()); |
||||
|
||||
return new DelegatingPasswordEncoder(encodingId, encoders); |
||||
} |
||||
|
||||
private BladePasswordEncoderFactories() {} |
||||
|
||||
} |
||||
@ -0,0 +1,99 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.auth.utils; |
||||
|
||||
import lombok.SneakyThrows; |
||||
import org.springblade.core.launch.constant.TokenConstant; |
||||
import org.springblade.core.tool.utils.Charsets; |
||||
import org.springframework.security.authentication.BadCredentialsException; |
||||
|
||||
import java.util.Base64; |
||||
import java.util.Calendar; |
||||
|
||||
/** |
||||
* 认证工具类 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public class TokenUtil { |
||||
|
||||
public final static String AVATAR = TokenConstant.AVATAR; |
||||
public final static String ACCOUNT = TokenConstant.ACCOUNT; |
||||
public final static String USER_ID = TokenConstant.USER_ID; |
||||
public final static String ROLE_ID = TokenConstant.ROLE_ID; |
||||
public final static String USER_NAME = TokenConstant.USER_NAME; |
||||
public final static String ROLE_NAME = TokenConstant.ROLE_NAME; |
||||
public final static String TENANT_CODE = TokenConstant.TENANT_CODE; |
||||
public final static String LICENSE = "license"; |
||||
|
||||
public final static String TENANT_HEADER_KEY = "Tenant-Code"; |
||||
public final static String DEFAULT_TENANT_CODE = "000000"; |
||||
public final static String USER_NOT_FOUND = "用户名或密码错误"; |
||||
public final static String HEADER_KEY = "Authorization"; |
||||
public final static String HEADER_PREFIX = "Basic "; |
||||
public final static String DEFAULT_AVATAR = "https://gw.alipayobjects.com/zos/rmsportal/BiazfanxmamNRoxxVxka.png"; |
||||
public final static String LICENSE_NAME = "powered by bladex"; |
||||
|
||||
/** |
||||
* 解码 |
||||
* |
||||
* @param header |
||||
*/ |
||||
@SneakyThrows |
||||
public static String[] extractAndDecodeHeader(String header) { |
||||
byte[] base64Token = header.substring(6).getBytes(Charsets.UTF_8_NAME); |
||||
|
||||
byte[] decoded; |
||||
try { |
||||
decoded = Base64.getDecoder().decode(base64Token); |
||||
} catch (IllegalArgumentException var7) { |
||||
throw new BadCredentialsException("Failed to decode basic authentication token"); |
||||
} |
||||
|
||||
String token = new String(decoded, Charsets.UTF_8_NAME); |
||||
int index = token.indexOf(":"); |
||||
if (index == -1) { |
||||
throw new BadCredentialsException("Invalid basic authentication token"); |
||||
} else { |
||||
return new String[]{token.substring(0, index), token.substring(index + 1)}; |
||||
} |
||||
} |
||||
|
||||
/** |
||||
* 获取token过期时间(次日凌晨3点) |
||||
* |
||||
* @return expire |
||||
*/ |
||||
public static int getTokenValiditySecond() { |
||||
Calendar cal = Calendar.getInstance(); |
||||
cal.add(Calendar.DAY_OF_YEAR, 1); |
||||
cal.set(Calendar.HOUR_OF_DAY, 3); |
||||
cal.set(Calendar.SECOND, 0); |
||||
cal.set(Calendar.MINUTE, 0); |
||||
cal.set(Calendar.MILLISECOND, 0); |
||||
return (int) (cal.getTimeInMillis() - System.currentTimeMillis()) / 1000; |
||||
} |
||||
|
||||
/** |
||||
* 获取refreshToken过期时间 |
||||
* @return expire |
||||
*/ |
||||
public static int getRefreshTokenValiditySeconds() { |
||||
return 60 * 60 * 24 * 15; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,7 @@
|
||||
#数据源配置 |
||||
spring: |
||||
datasource: |
||||
driver-class-name: com.mysql.cj.jdbc.Driver |
||||
url: ${blade.datasource.dev.url} |
||||
username: ${blade.datasource.dev.username} |
||||
password: ${blade.datasource.dev.password} |
||||
@ -0,0 +1,7 @@
|
||||
#数据源配置 |
||||
spring: |
||||
datasource: |
||||
driver-class-name: com.mysql.cj.jdbc.Driver |
||||
url: ${blade.datasource.prod.url} |
||||
username: ${blade.datasource.prod.username} |
||||
password: ${blade.datasource.prod.password} |
||||
@ -0,0 +1,7 @@
|
||||
#数据源配置 |
||||
spring: |
||||
datasource: |
||||
driver-class-name: com.mysql.cj.jdbc.Driver |
||||
url: ${blade.datasource.test.url} |
||||
username: ${blade.datasource.test.username} |
||||
password: ${blade.datasource.test.password} |
||||
@ -1,2 +1,11 @@
|
||||
server: |
||||
port: 8100 |
||||
|
||||
blade: |
||||
security: |
||||
oauth2: |
||||
storeType: jwt |
||||
jwtSigningKey: BladeX |
||||
clients[0]: |
||||
clientId: sword |
||||
clientSecret: sword_secret |
||||
|
||||
@ -0,0 +1,97 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.system.entity; |
||||
|
||||
import com.baomidou.mybatisplus.annotation.TableName; |
||||
import io.swagger.annotations.ApiModel; |
||||
import io.swagger.annotations.ApiModelProperty; |
||||
import lombok.Data; |
||||
import lombok.EqualsAndHashCode; |
||||
import org.springblade.core.mp.base.BaseEntity; |
||||
|
||||
/** |
||||
* 实体类 |
||||
* |
||||
* @author BladeX |
||||
* @since 2019-03-24 |
||||
*/ |
||||
@Data |
||||
@TableName("blade_client") |
||||
@EqualsAndHashCode(callSuper = true) |
||||
@ApiModel(value = "Client对象", description = "Client对象") |
||||
public class Client extends BaseEntity { |
||||
|
||||
private static final long serialVersionUID = 1L; |
||||
|
||||
/** |
||||
* 客户端id |
||||
*/ |
||||
@ApiModelProperty(value = "客户端id") |
||||
private String clientId; |
||||
/** |
||||
* 客户端密钥 |
||||
*/ |
||||
@ApiModelProperty(value = "客户端密钥") |
||||
private String clientSecret; |
||||
/** |
||||
* 资源集合 |
||||
*/ |
||||
@ApiModelProperty(value = "资源集合") |
||||
private String resourceIds; |
||||
/** |
||||
* 授权范围 |
||||
*/ |
||||
@ApiModelProperty(value = "授权范围") |
||||
private String scope; |
||||
/** |
||||
* 授权类型 |
||||
*/ |
||||
@ApiModelProperty(value = "授权类型") |
||||
private String authorizedGrantTypes; |
||||
/** |
||||
* 回调地址 |
||||
*/ |
||||
@ApiModelProperty(value = "回调地址") |
||||
private String webServerRedirectUri; |
||||
/** |
||||
* 权限 |
||||
*/ |
||||
@ApiModelProperty(value = "权限") |
||||
private String authorities; |
||||
/** |
||||
* 令牌过期秒数 |
||||
*/ |
||||
@ApiModelProperty(value = "令牌过期秒数") |
||||
private Integer accessTokenValidity; |
||||
/** |
||||
* 刷新令牌过期秒数 |
||||
*/ |
||||
@ApiModelProperty(value = "刷新令牌过期秒数") |
||||
private Integer refreshTokenValidity; |
||||
/** |
||||
* 附加说明 |
||||
*/ |
||||
@ApiModelProperty(value = "附加说明") |
||||
private String additionalInformation; |
||||
/** |
||||
* 自动授权 |
||||
*/ |
||||
@ApiModelProperty(value = "自动授权") |
||||
private String autoapprove; |
||||
|
||||
|
||||
} |
||||
@ -0,0 +1,108 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.system.controller; |
||||
|
||||
import com.baomidou.mybatisplus.core.metadata.IPage; |
||||
import io.swagger.annotations.Api; |
||||
import io.swagger.annotations.ApiOperation; |
||||
import io.swagger.annotations.ApiParam; |
||||
import lombok.AllArgsConstructor; |
||||
import org.springblade.core.boot.ctrl.BladeController; |
||||
import org.springblade.core.mp.support.Condition; |
||||
import org.springblade.core.mp.support.Query; |
||||
import org.springblade.core.tool.api.R; |
||||
import org.springblade.core.tool.utils.Func; |
||||
import org.springblade.system.entity.Client; |
||||
import org.springblade.system.service.IClientService; |
||||
import org.springframework.web.bind.annotation.*; |
||||
import springfox.documentation.annotations.ApiIgnore; |
||||
|
||||
import javax.validation.Valid; |
||||
|
||||
/** |
||||
* 应用管理控制器 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@RestController |
||||
@AllArgsConstructor |
||||
@RequestMapping("/client") |
||||
@ApiIgnore |
||||
@Api(value = "应用管理", tags = "接口") |
||||
public class ClientController extends BladeController { |
||||
|
||||
private IClientService clientService; |
||||
|
||||
/** |
||||
* 详情 |
||||
*/ |
||||
@GetMapping("/detail") |
||||
@ApiOperation(value = "详情", notes = "传入client", position = 1) |
||||
public R<Client> detail(Client client) { |
||||
Client detail = clientService.getOne(Condition.getQueryWrapper(client)); |
||||
return R.data(detail); |
||||
} |
||||
|
||||
/** |
||||
* 分页 |
||||
*/ |
||||
@GetMapping("/list") |
||||
@ApiOperation(value = "分页", notes = "传入client", position = 2) |
||||
public R<IPage<Client>> list(Client client, Query query) { |
||||
IPage<Client> pages = clientService.page(Condition.getPage(query), Condition.getQueryWrapper(client)); |
||||
return R.data(pages); |
||||
} |
||||
|
||||
/** |
||||
* 新增 |
||||
*/ |
||||
@PostMapping("/save") |
||||
@ApiOperation(value = "新增", notes = "传入client", position = 4) |
||||
public R save(@Valid @RequestBody Client client) { |
||||
return R.status(clientService.save(client)); |
||||
} |
||||
|
||||
/** |
||||
* 修改 |
||||
*/ |
||||
@PostMapping("/update") |
||||
@ApiOperation(value = "修改", notes = "传入client", position = 5) |
||||
public R update(@Valid @RequestBody Client client) { |
||||
return R.status(clientService.updateById(client)); |
||||
} |
||||
|
||||
/** |
||||
* 新增或修改 |
||||
*/ |
||||
@PostMapping("/submit") |
||||
@ApiOperation(value = "新增或修改", notes = "传入client", position = 6) |
||||
public R submit(@Valid @RequestBody Client client) { |
||||
return R.status(clientService.saveOrUpdate(client)); |
||||
} |
||||
|
||||
|
||||
/** |
||||
* 删除 |
||||
*/ |
||||
@PostMapping("/remove") |
||||
@ApiOperation(value = "逻辑删除", notes = "传入ids", position = 7) |
||||
public R remove(@ApiParam(value = "主键集合", required = true) @RequestParam String ids) { |
||||
return R.status(clientService.deleteLogic(Func.toIntList(ids))); |
||||
} |
||||
|
||||
|
||||
} |
||||
@ -0,0 +1,29 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.system.mapper; |
||||
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper; |
||||
import org.springblade.system.entity.Client; |
||||
|
||||
/** |
||||
* Mapper 接口 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public interface ClientMapper extends BaseMapper<Client> { |
||||
|
||||
} |
||||
@ -0,0 +1,26 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> |
||||
<mapper namespace="org.springblade.system.mapper.ClientMapper"> |
||||
|
||||
<!-- 通用查询映射结果 --> |
||||
<resultMap id="clientResultMap" type="org.springblade.system.entity.Client"> |
||||
<result column="id" property="id"/> |
||||
<result column="create_user" property="createUser"/> |
||||
<result column="create_time" property="createTime"/> |
||||
<result column="update_user" property="updateUser"/> |
||||
<result column="update_time" property="updateTime"/> |
||||
<result column="status" property="status"/> |
||||
<result column="is_deleted" property="isDeleted"/> |
||||
<result column="client_id" property="clientId"/> |
||||
<result column="client_secret" property="clientSecret"/> |
||||
<result column="client_name" property="clientName"/> |
||||
<result column="redirect_uri" property="redirectUri"/> |
||||
<result column="remark" property="remark"/> |
||||
</resultMap> |
||||
|
||||
|
||||
<select id="selectClientPage" resultMap="clientResultMap"> |
||||
select * from blade_client where is_deleted = 0 |
||||
</select> |
||||
|
||||
</mapper> |
||||
@ -0,0 +1,29 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.system.service; |
||||
|
||||
import org.springblade.core.mp.base.BaseService; |
||||
import org.springblade.system.entity.Client; |
||||
|
||||
/** |
||||
* 服务类 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
public interface IClientService extends BaseService<Client> { |
||||
|
||||
} |
||||
@ -0,0 +1,33 @@
|
||||
/* |
||||
* Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
||||
* |
||||
* Redistribution and use in source and binary forms, with or without |
||||
* modification, are permitted provided that the following conditions are met: |
||||
* |
||||
* Redistributions of source code must retain the above copyright notice, |
||||
* this list of conditions and the following disclaimer. |
||||
* Redistributions in binary form must reproduce the above copyright |
||||
* notice, this list of conditions and the following disclaimer in the |
||||
* documentation and/or other materials provided with the distribution. |
||||
* Neither the name of the dreamlu.net developer nor the names of its |
||||
* contributors may be used to endorse or promote products derived from |
||||
* this software without specific prior written permission. |
||||
* Author: Chill 庄骞 (smallchill@163.com) |
||||
*/ |
||||
package org.springblade.system.service.impl; |
||||
|
||||
import org.springblade.core.mp.base.BaseServiceImpl; |
||||
import org.springblade.system.entity.Client; |
||||
import org.springblade.system.mapper.ClientMapper; |
||||
import org.springblade.system.service.IClientService; |
||||
import org.springframework.stereotype.Service; |
||||
|
||||
/** |
||||
* 服务实现类 |
||||
* |
||||
* @author Chill |
||||
*/ |
||||
@Service |
||||
public class ClientServiceImpl extends BaseServiceImpl<ClientMapper, Client> implements IClientService { |
||||
|
||||
} |
||||
@ -0,0 +1,68 @@
|
||||
/* |
||||
Navicat Premium Data Transfer |
||||
|
||||
Source Server : mysql_localhost |
||||
Source Server Type : MySQL |
||||
Source Server Version : 50723 |
||||
Source Host : localhost:3306 |
||||
Source Schema : bladex |
||||
|
||||
Target Server Type : MySQL |
||||
Target Server Version : 50723 |
||||
File Encoding : 65001 |
||||
|
||||
Date: 24/03/2019 16:29:29 |
||||
*/ |
||||
|
||||
SET NAMES utf8mb4; |
||||
SET FOREIGN_KEY_CHECKS = 0; |
||||
|
||||
-- ---------------------------- |
||||
-- Table structure for blade_client |
||||
-- ---------------------------- |
||||
DROP TABLE IF EXISTS `blade_client`; |
||||
CREATE TABLE `blade_client` ( |
||||
`id` int(11) NOT NULL AUTO_INCREMENT COMMENT '主键', |
||||
`client_id` varchar(48) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '客户端id', |
||||
`client_secret` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '客户端密钥', |
||||
`resource_ids` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '资源集合', |
||||
`scope` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '授权范围', |
||||
`authorized_grant_types` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT '授权类型', |
||||
`web_server_redirect_uri` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '回调地址', |
||||
`authorities` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '权限', |
||||
`access_token_validity` int(11) NOT NULL COMMENT '令牌过期秒数', |
||||
`refresh_token_validity` int(11) NOT NULL COMMENT '刷新令牌过期秒数', |
||||
`additional_information` varchar(4096) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '附加说明', |
||||
`autoapprove` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT '自动授权', |
||||
`create_user` int(11) NULL DEFAULT NULL COMMENT '创建人', |
||||
`create_time` datetime(0) NULL DEFAULT NULL COMMENT '创建时间', |
||||
`update_user` int(11) NULL DEFAULT NULL COMMENT '修改人', |
||||
`update_time` datetime(0) NULL DEFAULT NULL COMMENT '修改时间', |
||||
`status` int(2) NOT NULL COMMENT '状态', |
||||
`is_deleted` int(2) NOT NULL COMMENT '是否已删除', |
||||
PRIMARY KEY (`id`) USING BTREE |
||||
) ENGINE = InnoDB AUTO_INCREMENT = 3 CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci; |
||||
|
||||
-- ---------------------------- |
||||
-- Records of blade_client |
||||
-- ---------------------------- |
||||
BEGIN; |
||||
INSERT INTO `blade_client` VALUES (1, 'sword', 'sword_secret', NULL, 'all', 'refresh_token,password,authorization_code', 'http://localhost:8888', NULL, 3600, 36000, NULL, NULL, 1, '2019-03-24 10:40:55', 1, '2019-03-24 10:40:59', 1, 0), (2, 'saber', 'saber_secret', NULL, 'all', 'refresh_token,password,authorization_code', 'http://localhost:8080', NULL, 3600, 36000, NULL, NULL, 1, '2019-03-24 10:42:29', 1, '2019-03-24 10:42:32', 1, 0); |
||||
COMMIT; |
||||
|
||||
SET FOREIGN_KEY_CHECKS = 1; |
||||
|
||||
|
||||
|
||||
INSERT INTO `blade_menu`(`parent_id`, `code`, `name`, `alias`, `path`, `source`, `sort`, `category`, `action`, `is_open`, `remark`, `is_deleted`) |
||||
VALUES (3, 'client', '应用管理', 'menu', '/system/client', NULL, 8, 1, 0, 1, NULL, 0); |
||||
set @parentid = (SELECT LAST_INSERT_ID()); |
||||
INSERT INTO `blade_menu`(`parent_id`, `code`, `name`, `alias`, `path`, `source`, `sort`, `category`, `action`, `is_open`, `remark`, `is_deleted`) |
||||
VALUES (@parentid, 'client_add', '新增', 'add', '/system/client/add', 'plus', 1, 2, 1, 1, NULL, 0); |
||||
INSERT INTO `blade_menu`(`parent_id`, `code`, `name`, `alias`, `path`, `source`, `sort`, `category`, `action`, `is_open`, `remark`, `is_deleted`) |
||||
VALUES (@parentid, 'client_edit', '修改', 'edit', '/system/client/edit', 'form', 2, 2, 2, 2, NULL, 0); |
||||
INSERT INTO `blade_menu`(`parent_id`, `code`, `name`, `alias`, `path`, `source`, `sort`, `category`, `action`, `is_open`, `remark`, `is_deleted`) |
||||
VALUES (@parentid, 'client_delete', '删除', 'delete', '/api/blade-system/client/remove', 'delete', 3, 2, 3, 3, NULL, 0); |
||||
INSERT INTO `blade_menu`(`parent_id`, `code`, `name`, `alias`, `path`, `source`, `sort`, `category`, `action`, `is_open`, `remark`, `is_deleted`) |
||||
VALUES (@parentid, 'client_view', '查看', 'view', '/system/client/view', 'file-text', 4, 2, 2, 2, NULL, 0); |
||||
|
||||
File diff suppressed because one or more lines are too long
@ -1,2 +1,2 @@
|
||||
REGISTER=192.168.0.157/blade |
||||
TAG=2.0.0.RC6 |
||||
TAG=2.0.0.RC7 |
||||
|
||||
Loading…
Reference in new issue