提交 f6993985 编写于 作者: ibizdev's avatar ibizdev

ibiz4j 发布系统代码

上级 c46e8db4
......@@ -3,6 +3,7 @@ package cn.ibizlab.config;
import cn.ibizlab.util.security.AuthenticationEntryPoint;
import cn.ibizlab.util.security.AuthorizationTokenFilter;
import cn.ibizlab.util.service.AuthenticationUserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
......@@ -52,6 +53,9 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${ibiz.file.previewpath:ibizutil/preview}")
private String previewpath;
@Value("${ibiz.auth.excludesPattern:}")
private String excludesPattern;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
......@@ -113,8 +117,16 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
// 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll()
.anyRequest().authenticated()
.antMatchers("/"+previewpath+"/**").permitAll();
if (StringUtils.isNotBlank(excludesPattern)) {
for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {
authenticationTokenFilter.addExcludePattern(excludePattern);
httpSecurity.authorizeRequests().antMatchers(excludePattern).permitAll();
}
}
httpSecurity.authorizeRequests().anyRequest().authenticated()
// 防止iframe 造成跨域
.and().headers().frameOptions().disable();
httpSecurity
......
......@@ -3,6 +3,7 @@ package cn.ibizlab.api.config;
import cn.ibizlab.util.security.AuthenticationEntryPoint;
import cn.ibizlab.util.security.AuthorizationTokenFilter;
import cn.ibizlab.util.service.AuthenticationUserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
......@@ -54,6 +55,9 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${ibiz.file.previewpath:ibizutil/preview}")
private String previewpath;
@Value("${ibiz.auth.excludesPattern:}")
private String excludesPattern;
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
......@@ -118,9 +122,17 @@ public class apiSecurityConfig extends WebSecurityConfigurerAdapter {
// 文件操作
.antMatchers("/"+downloadpath+"/**").permitAll()
.antMatchers("/"+uploadpath).permitAll()
.antMatchers("/"+previewpath+"/**").permitAll()
// 所有请求都需要认证
.anyRequest().authenticated()
.antMatchers("/"+previewpath+"/**").permitAll();
if (StringUtils.isNotBlank(excludesPattern)) {
for (String excludePattern : excludesPattern.split("\\s*,\\s*")) {
authenticationTokenFilter.addExcludePattern(excludePattern);
httpSecurity.authorizeRequests().antMatchers(excludePattern).permitAll();
}
}
// 所有请求都需要认证
httpSecurity.authorizeRequests().anyRequest().authenticated()
// 防止iframe 造成跨域
.and().headers().frameOptions().disable();
......
package cn.ibizlab.util.client;
import com.alibaba.fastjson.JSONArray;
import cn.ibizlab.util.domain.MsgBody;
import com.alibaba.fastjson.JSONObject;
import org.springframework.stereotype.Component;
......@@ -8,7 +8,7 @@ import org.springframework.stereotype.Component;
public class IBZNotifyFallback implements IBZNotifyFeignClient {
@Override
public Boolean SendMsg(JSONObject msg) {
public Boolean sendMsg(MsgBody msg) {
return null;
}
......@@ -16,4 +16,19 @@ public class IBZNotifyFallback implements IBZNotifyFeignClient {
public Boolean createMsgTemplate(JSONObject template) {
return null;
}
@Override
public Boolean sendDingTalkLinkMsg(MsgBody msg) {
return null;
}
@Override
public String createDingTalkWorkRecord(MsgBody msg) {
return null;
}
@Override
public Boolean finishDingTalkWorkRecord(String msgId) {
return null;
}
}
package cn.ibizlab.util.client;
import cn.ibizlab.util.domain.MsgBody;
import com.alibaba.fastjson.JSONObject;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.*;
@FeignClient(value = "${ibiz.ref.service.notify:ibznotify-api}",fallback = IBZNotifyFallback.class)
@FeignClient(value = "${ibiz.ref.service.notify:ibznotify-api}",contextId = "notify",fallback = IBZNotifyFallback.class)
public interface IBZNotifyFeignClient
{
@RequestMapping(method = RequestMethod.POST,value = "/SendMsg")
Boolean SendMsg(@RequestBody JSONObject msg);
@RequestMapping(method = RequestMethod.POST,value = "/notify/sendmsg")
Boolean sendMsg(@RequestBody MsgBody msg);
@RequestMapping(method = RequestMethod.POST,value = "/createMsgTemplate")
@RequestMapping(method = RequestMethod.POST,value = "/notify/createmsgtempl")
Boolean createMsgTemplate(@RequestBody JSONObject template);
@RequestMapping(method = RequestMethod.POST,value = "/notify/dingtalk/sendlinkmsg")
Boolean sendDingTalkLinkMsg(@RequestBody MsgBody msg);
@RequestMapping(method = RequestMethod.POST,value = "/notify/dingtalk/createworkrecord")
String createDingTalkWorkRecord(@RequestBody MsgBody msg);
@RequestMapping(method = RequestMethod.POST,value = "/notify/dingtalk/finishworkrecord/{msgid}")
Boolean finishDingTalkWorkRecord(@PathVariable("msgid") String msgId);
}
......@@ -7,7 +7,7 @@ import org.springframework.web.bind.annotation.PathVariable;
import java.util.Map;
import java.util.Set;
@FeignClient(value = "${ibiz.ref.service.ou:ibzou-api}",fallback = IBZOUFallback.class)
@FeignClient(value = "${ibiz.ref.service.ou:ibzou-api}",contextId = "ou",fallback = IBZOUFallback.class)
public interface IBZOUFeignClient
{
/**
......
package cn.ibizlab.util.client;
import cn.ibizlab.util.domain.PayTrade;
import com.alibaba.fastjson.JSONObject;
import org.springframework.stereotype.Component;
@Component
public class IBZPayFallback implements IBZPayFeignClient {
@Override
public JSONObject preCreate(PayTrade trade) {
return null;
}
@Override
public JSONObject query(PayTrade trade) {
return null;
}
@Override
public JSONObject cancel(PayTrade trade) {
return null;
}
@Override
public String pagePay(PayTrade trade) {
return null;
}
}
package cn.ibizlab.util.client;
import cn.ibizlab.util.domain.PayTrade;
import com.alibaba.fastjson.JSONObject;
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@FeignClient(value = "${ibiz.ref.service.pay:ibzpay-api}",contextId = "pay",fallback = IBZPayFallback.class)
public interface IBZPayFeignClient
{
@RequestMapping(method = RequestMethod.POST,value = "/pay/trade/precreate")
JSONObject preCreate(@RequestBody PayTrade trade);
@RequestMapping(method = RequestMethod.POST,value = "/pay/trade/query")
JSONObject query(@RequestBody PayTrade trade);
@RequestMapping(method = RequestMethod.POST,value = "/pay/trade/cancel")
JSONObject cancel(@RequestBody PayTrade trade);
@RequestMapping(method = RequestMethod.POST,value = "/pay/trade/pagepay")
String pagePay(@RequestBody PayTrade trade);
}
......@@ -7,7 +7,7 @@ import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.web.bind.annotation.*;
import com.alibaba.fastjson.JSONObject;
@FeignClient(value = "${ibiz.ref.service.uaa:ibzuaa-api}",fallback = IBZUAAFallback.class)
@FeignClient(value = "${ibiz.ref.service.uaa:ibzuaa-api}",contextId = "uaa",fallback = IBZUAAFallback.class)
public interface IBZUAAFeignClient
{
/**
......
......@@ -5,7 +5,7 @@ import org.springframework.web.bind.annotation.*;
import com.alibaba.fastjson.JSONObject;
import java.util.*;
@FeignClient(value = "${ibiz.ref.service.wf:ibzwf-api}",fallback = IBZWFFallback.class)
@FeignClient(value = "${ibiz.ref.service.wf:ibzwf-api}",contextId = "wf",fallback = IBZWFFallback.class)
public interface IBZWFFeignClient
{
@RequestMapping(method = RequestMethod.GET, value = "/{system}-app-{appname}/{entity}/process-definitions/{processDefinitionKey}/usertasks/{taskDefinitionKey}/tasks")
......
package cn.ibizlab.util.domain;
import com.alibaba.fastjson.annotation.JSONField;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import java.io.Serializable;
/**
* 消息对象
*/
@Data
public class MsgBody{
/**
* 接收用户
*/
@JSONField(name = "to_users")
@JsonProperty("to_users")
private String toUsers;
/**
* 标题
*/
@JSONField(name = "subject")
@JsonProperty("subject")
private String subject;
/**
* 内容
*/
@JSONField(name = "content")
@JsonProperty("content")
private String content;
/**
* 类型
*/
@JSONField(name = "msg_type")
@JsonProperty("msg_type")
private Integer msgType;
/**
* 模板标识
*/
@JSONField(name = "template_id")
@JsonProperty("template_id")
private String templateId;
/**
* 模板参数
*/
@JSONField(name = "template_params")
@JsonProperty("template_params")
private String templateParams;
/**
* 消息链接
*/
@JSONField(name = "msg_link")
@JsonProperty("msg_link")
private String msgLink;
/**
* 消息链接(pc)
*/
@JSONField(name = "msg_link_pc")
@JsonProperty("msg_link_pc")
private String msgLinkPc;
}
package cn.ibizlab.util.domain;
import com.alibaba.fastjson.annotation.JSONField;
import com.baomidou.mybatisplus.annotation.TableField;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
/**
* 实体[支付交易]
*/
@Data
public class PayTrade{
/**
* 订单标题
*/
@TableField(value = "subject")
@JSONField(name = "subject")
@JsonProperty("subject")
private String subject;
/**
* 订单金额
*/
@JSONField(name = "total_amount")
@JsonProperty("total_amount")
private String totalAmount;
/**
* 支付类型
*/
@JSONField(name = "trade_type")
@JsonProperty("trade_type")
private String tradeType;
/**
* 订单号
*/
@JSONField(name = "out_trade_no")
@JsonProperty("out_trade_no")
private String outTradeNo;
/**
* 应用标识
*/
@JSONField(name = "app_id")
@JsonProperty("app_id")
private String appId;
/**
* 支付平台接入标识
*/
@JSONField(name = "access_id")
@JsonProperty("access_id")
private String accessId;
}
......@@ -10,6 +10,8 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.beans.factory.annotation.Qualifier;
......@@ -18,6 +20,10 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
@Slf4j
@Component
......@@ -26,6 +32,8 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
private final UserDetailsService userDetailsService;
private final AuthTokenUtil authTokenUtil;
private final String tokenHeader;
private Set<String> excludesPattern = new HashSet<String>();
private PathMatcher pathMatcher = new AntPathMatcher();
public AuthorizationTokenFilter(AuthenticationUserService userDetailsService, AuthTokenUtil authTokenUtil, @Value("${ibiz.jwt.header:Authorization}") String tokenHeader) {
this.userDetailsService = userDetailsService;
......@@ -35,7 +43,11 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
if (isExclusion(request.getRequestURI())) {
chain.doFilter(request, response);
return;
}
final String requestHeader = request.getHeader(this.tokenHeader);
String username = null;
......@@ -50,20 +62,38 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
}
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
// It is not compelling necessary to load the use details from the database. You could also store the information
// in the token and read it from it. It's up to you ;)
UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
// For simple validation it is completely sufficient to just check the token integrity. You don't have to call
// the database compellingly. Again it's up to you ;)
if (authTokenUtil.validateToken(authToken, userDetails)) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
// log.info("authorizated user '{}', setting security context", username);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
}
chain.doFilter(request, response);
}
public void setExcludesPattern(String excludesPattern) {
this.excludesPattern = new HashSet(Arrays.asList(excludesPattern.split("\\s*,\\s*")));
}
public void addExcludePattern(String excludePattern) {
excludesPattern.add(excludePattern);
}
private boolean isExclusion(String requestURI) {
if (this.excludesPattern == null) {
return false;
} else {
Iterator excludeIterator = this.excludesPattern.iterator();
String pattern;
do {
if (!excludeIterator.hasNext()) {
return false;
}
pattern = (String) excludeIterator.next();
} while (!pathMatcher.match(pattern, requestURI));
return true;
}
}
}
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册