ibiz4j 发布系统代码

7d7ee0a4 · ibizdev · b22a9f57 · 7d7ee0a4 · 7d7ee0a4 · 7d7ee0a4
--- a/app_web/src/components/app-transfer/app-transfer.vue
+++ b/app_web/src/components/app-transfer/app-transfer.vue
@@ -3,7 +3,7 @@
    @on-open-change="transferRefresh"
    @on-change="dataChange"
    v-model="dataRight"
-    :style="{width:width===undefined?'586px':width}"
+    :style="{width:width?width:'586px'}"
    multiple
  >
    <Option class="hidden" :value="item" v-for="(item,i) in dataRight" :key="i">{{findLabel(item)}}</Option>
@@ -17,43 +17,23 @@ import { ElSelect } from "element-ui/types/select";
 @Component({})
 export default class AppTransfer extends Vue {
-  /**
-   * 左侧框数据
-   */
-  public dataLeft: any[] = [];
-  /**
-   * 右侧框数据
-   */
-  public dataRight: any[] = [];
  /**
   * 穿梭框宽度
-   */
-  @Prop() public width: any;
-  /**
-   * 代码表服务对象
   *
-   * @type {CodeListService}
-   * @memberof AppTransfer
-   */
-  public codeListService: CodeListService = new CodeListService({
-    $store: this.$store
-  });
-  /**
-   * 查询参数
   * @type {*}
   * @memberof AppTransfer
   */
-  public queryParam: any;
+  @Prop() public width: any;
  /**
   * 表单传入字符串值分隔符
+   *
+   * @type {string}
+   * @memberof AppTransfer
   */
  @Prop() public valueSeparator!: string;
  /**
   * 当前选中值
   * @type {any}
@@ -93,33 +73,6 @@ export default class AppTransfer extends Vue {
   */
  @Prop() public localParam!: any;
-  /**
-   * 组件change事件,右侧框数据变化时
-   * @memberof AppTransfer
-   */
-  dataChange(e: any) {
-    let _valueSeparator: any;
-    _valueSeparator = this.initValueSeparator(_valueSeparator);
-    let newVal: any;
-    newVal = e.join(`${_valueSeparator}`);
-    if (newVal) {
-      this.$emit("change", newVal);
-    } else {
-      this.$emit("change", null);
-    }
-  }
-  /**
-   * 初始化valueSeparator
-   */
-  public initValueSeparator(_valueSeparator: any) {
-    if (this.valueSeparator === undefined) {
-      return ",";
-    } else {
-      return this.valueSeparator;
-    }
-  }
  /**
   * 视图上下文
   *
@@ -138,6 +91,7 @@ export default class AppTransfer extends Vue {
  /**
   * 是否禁用
+   *
   * @type {any}
   * @memberof AppTransfer
   *
@@ -145,18 +99,38 @@ export default class AppTransfer extends Vue {
  @Prop() public disabled?: any;
  /**
-   * 是否支持过滤
+   * placeholder
-   * @type {boolean}
+   *
+   * @type {string}
+   * @memberof AppTransfer
+   *
+   */
+  @Prop() public placeholder?: string;
+  /**
+   * 左侧框数据
+   *
+   * @type {any[]}
   * @memberof AppTransfer
   */
-  @Prop() public filterable?: boolean;
+  public dataLeft: any[] = [];
  /**
-   * 下拉选提示内容
+   * 右侧框数据
-   * @type {string}
+   *
+   * @type {any[]}
   * @memberof AppTransfer
   */
-  @Prop() public placeholder?: string;
+  public dataRight: any[] = [];
+  /**
+   * 代码表服务对象
+   *
+   * @type {CodeListService}
+   * @memberof AppTransfer
+   */
+  public codeListService: CodeListService = new CodeListService({$store: this.$store});
  /**
   * vue  生命周期
@@ -167,8 +141,34 @@ export default class AppTransfer extends Vue {
    this.dataHandle();
  }
+  /**
+   * 组件change事件,右侧框数据变化时
+   * 
+   * @memberof AppTransfer
+   */
+  dataChange(e: any) {
+    let _valueSeparator: string = this.initValueSeparator();
+    let newVal: string = e.join(`${_valueSeparator}`);
+    if (newVal) {
+      this.$emit("change", newVal);
+    } else {
+      this.$emit("change", null);
+    }
+  }
+  /**
+   * 初始化valueSeparator
+   * 
+   * @memberof AppTransfer
+   */
+  public initValueSeparator() {
+    return this.valueSeparator?this.valueSeparator:",";
+  }
  /**
   * 数据处理
+   *
+   * @memberof AppTransfer
   */
  public dataHandle() {
    if (this.tag && Object.is(this.codelistType, "STATIC")) {
@@ -187,14 +187,11 @@ export default class AppTransfer extends Vue {
      // 参数处理
      let _context = data.context;
      let _param = data.param;
-      this.codeListService
+      this.codeListService.getItems(this.tag, _context, _param).then((res: any) => {
-        .getItems(this.tag, _context, _param)
-        .then((res: any) => {
          this.dataLeft = res;
          this.initLeft();
          this.initRight();
-        })
+        }).catch((error: any) => {
-        .catch((error: any) => {
          console.log(`----${this.tag}----代码表不存在`);
        });
    }
@@ -207,35 +204,25 @@ export default class AppTransfer extends Vue {
   * @returns
   * @memberof AppTransfer
   */
  public handlePublicParams(arg: any) {
    // 合并表单参数
-    arg.param = this.viewparams
+    arg.param = this.viewparams? JSON.parse(JSON.stringify(this.viewparams)): {};
-      ? JSON.parse(JSON.stringify(this.viewparams))
-      : {};
    arg.context = this.context ? JSON.parse(JSON.stringify(this.context)) : {};
    // 附加参数处理
    if (this.localContext && Object.keys(this.localContext).length > 0) {
-      let _context = this.$util.computedNavData(
+      let _context = this.$util.computedNavData(this.itemValue,arg.context,arg.param,this.localContext);
-        this.itemValue,
-        arg.context,
-        arg.param,
-        this.localContext
-      );
      Object.assign(arg.context, _context);
    }
    if (this.localParam && Object.keys(this.localParam).length > 0) {
-      let _param = this.$util.computedNavData(
+      let _param = this.$util.computedNavData(this.itemValue,arg.context,arg.param,this.localParam);
-        this.itemValue,
-        arg.context,
-        arg.param,
-        this.localParam
-      );
      Object.assign(arg.param, _param);
    }
  }
  /**
   * 初始化左侧框数据
+   * 
+   * @memberof AppTransfer
   */
  public initLeft() {
    let left: any[] = [];
@@ -250,12 +237,15 @@ export default class AppTransfer extends Vue {
      });
    });
  }
  /**
   * 初始化右侧框数据
+   * 
+   * @memberof AppTransfer
   */
  public initRight() {
    let _valueSeparator: any;
-    _valueSeparator = this.initValueSeparator(_valueSeparator);
+    _valueSeparator = this.initValueSeparator();
    let _data: any = this.itemValue;
    if (_data) {
      let _dataRight: any = [];
@@ -270,8 +260,11 @@ export default class AppTransfer extends Vue {
      this.dataRight = _dataRight;
    }
  }
  /**
   * 穿梭框打开时刷新数据
+   *
+   * @memberof AppTransfer
   */
  public transferRefresh(e: any) {
    if (e && this.codelistType === "DYNAMIC") {
@@ -282,12 +275,15 @@ export default class AppTransfer extends Vue {
  /**
   * 找到dataLeft中key与dataRight中item相等的元素，返回label
+   * 
+   * @memberof AppTransfer
   */
  public findLabel(item: any) {
    for (const elem of this.dataLeft) {
      if (elem.key === item) return elem.label;
    }
  }
 }
 </script>

--- a/app_web/src/components/dropdown-list/dropdown-list.vue
+++ b/app_web/src/components/dropdown-list/dropdown-list.vue
@@ -116,7 +116,7 @@ export default class DropDownList extends Vue {
     * @memberof AppFormDRUIPart
     */
    @Prop() public viewparams!: any;
    /**
     * 是否禁用
     * @type {any}

--- a/app_web/src/widgets/ibzemployee/edit-grid-grid/edit-grid-grid-base.vue
+++ b/app_web/src/widgets/ibzemployee/edit-grid-grid/edit-grid-grid-base.vue
@@ -230,6 +230,7 @@
              style="" 
              @change="($event)=>{gridEditItemChange(row, column.property, $event, $index)}">
             </dropdown-list>
                            </app-form-item>
                        </template>
                        <template v-if="!actualIsOpenEdit">

--- a/ibzou-core/src/main/java/cn/ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
+package cn.ibizlab.core.extensions.service;
+import cn.ibizlab.core.ou.service.impl.IBZEmployeeServiceImpl;
+import lombok.extern.slf4j.Slf4j;
+import cn.ibizlab.core.ou.domain.IBZEmployee;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.context.annotation.Primary;
+/**
+ * 实体[人员] 自定义服务对象
+ */
+@Slf4j
+@Primary
+@Service("IBZEmployeeServiceEx")
+public class IBZEmployeeServiceEx extends IBZEmployeeServiceImpl {
+    @Override
+    protected Class currentModelClass() {
+        return com.baomidou.mybatisplus.core.toolkit.ReflectionKit.getSuperClassGenericType(this.getClass().getSuperclass(), 1);
+    }
+    /**
+     * 自定义行为[InitPwd]用户扩展
+     * @param et
+     * @return
+     */
+    @Override
+    @Transactional
+    public IBZEmployee initPwd(IBZEmployee et) {
+        return et;
+    }
+}
--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDepartment.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDepartment.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZDEPT",resultMap = "IBZDepartmentResultMap")
 public class IBZDepartment extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDeptMember.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDeptMember.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZDEPTMEMBER",resultMap = "IBZDeptMemberResultMap")
 public class IBZDeptMember extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZEmployee.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZEmployee.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZEMP",resultMap = "IBZEmployeeResultMap")
 public class IBZEmployee extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZOrganization.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZOrganization.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZORG",resultMap = "IBZOrganizationResultMap")
 public class IBZOrganization extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZPost.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZPost.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZPOST",resultMap = "IBZPostResultMap")
 public class IBZPost extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeam.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeam.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZTEAM",resultMap = "IBZTeamResultMap")
 public class IBZTeam extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeamMember.java
+++ b/ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeamMember.java
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
 @Getter
 @Setter
 @NoArgsConstructor
-@AllArgsConstructor
 @JsonIgnoreProperties(value = "handler")
 @TableName(value = "IBZTEAMMEMBER",resultMap = "IBZTeamMemberResultMap")
 public class IBZTeamMember extends EntityMP implements Serializable {

--- a/ibzou-core/src/main/resources/liquibase/h2_table.xml
+++ b/ibzou-core/src/main/resources/liquibase/h2_table.xml
--- a/ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
+++ b/ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
@@ -22,4 +22,9 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
    public AuthenticationUser loginByUsername(String username) {
        return null;
    }
+    @Override
+    public String getPublicKey() {
+        return null;
+    }
 }
--- a/ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+++ b/ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
@@ -2,6 +2,7 @@ package cn.ibizlab.util.client;
 import cn.ibizlab.util.security.AuthenticationUser;
 import cn.ibizlab.util.security.AuthorizationLogin;
+import org.springframework.cache.annotation.Cacheable;
 import org.springframework.cloud.openfeign.FeignClient;
 import org.springframework.web.bind.annotation.*;
 import com.alibaba.fastjson.JSONObject;
@@ -28,4 +29,8 @@ public interface IBZUAAFeignClient
 	@PostMapping(value = "/uaa/loginbyusername")
 	AuthenticationUser loginByUsername(@RequestBody String username);
+    @Cacheable(value="ibzuaa_publickey")
+	@GetMapping(value = "/uaa/publickey")
+	String getPublicKey();
 }
--- a/ibzou-util/src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
+++ b/ibzou-util/src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
 package cn.ibizlab.util.security;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.Clock;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import io.jsonwebtoken.impl.DefaultClock;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.stereotype.Component;
-import java.io.Serializable;
+public interface AuthTokenUtil {
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Optional;
-import java.util.function.Function;
-@Component
+    String generateToken(UserDetails userDetails);
-public class AuthTokenUtil implements Serializable {
-    private static final long serialVersionUID = -3301605591108950415L;
+    Boolean validateToken(String token, UserDetails userDetails);
-    private Clock clock = DefaultClock.INSTANCE;
-    @Value("${ibiz.jwt.secret:ibzsecret}")
+    String getUsernameFromToken(String token);
-    private String secret;
-    @Value("${ibiz.jwt.expiration:7200000}")
-    private Long expiration;
-    @Value("${ibiz.jwt.header:Authorization}")
-    private String tokenHeader;
-    public String getUsernameFromToken(String token) {
-        return getClaimFromToken(token, Claims::getSubject);
-    }
-    public Date getIssuedAtDateFromToken(String token) {
-        return getClaimFromToken(token, Claims::getIssuedAt);
-    }
-    public Date getExpirationDateFromToken(String token) {
-        return getClaimFromToken(token, Claims::getExpiration);
-    }
-    public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
-        final Claims claims = getAllClaimsFromToken(token);
-        return claimsResolver.apply(claims);
-    }
-    private Claims getAllClaimsFromToken(String token) {
-        return Jwts.parser()
-                .setSigningKey(secret)
-                .parseClaimsJws(token)
-                .getBody();
-    }
-    private Boolean isTokenExpired(String token) {
-        final Date expiration = getExpirationDateFromToken(token);
-        return expiration.before(clock.now());
-    }
-    private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) {
-        return (lastPasswordReset != null && created.before(lastPasswordReset));
-    }
-    private Boolean ignoreTokenExpiration(String token) {
-        // here you specify tokens, for that the expiration is ignored
-        return false;
-    }
-    public String generateToken(UserDetails userDetails) {
-        Map<String, Object> claims = new HashMap<>();
-        return doGenerateToken(claims, userDetails.getUsername());
-    }
-    private String doGenerateToken(Map<String, Object> claims, String subject) {
-        final Date createdDate = clock.now();
-        final Date expirationDate = calculateExpirationDate(createdDate);
-        return Jwts.builder()
-                .setClaims(claims)
-                .setSubject(subject)
-                .setIssuedAt(createdDate)
-                .setExpiration(expirationDate)
-                .signWith(SignatureAlgorithm.HS512, secret)
-                .compact();
-    }
-    public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) {
-        final Date created = getIssuedAtDateFromToken(token);
-        return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset)
-                && (!isTokenExpired(token) || ignoreTokenExpiration(token));
-    }
-    public String refreshToken(String token) {
-        final Date createdDate = clock.now();
-        final Date expirationDate = calculateExpirationDate(createdDate);
-        final Claims claims = getAllClaimsFromToken(token);
-        claims.setIssuedAt(createdDate);
-        claims.setExpiration(expirationDate);
-        return Jwts.builder()
-                .setClaims(claims)
-                .signWith(SignatureAlgorithm.HS512, secret)
-                .compact();
-    }
-    public Boolean validateToken(String token, UserDetails userDetails) {
-        AuthenticationUser user = (AuthenticationUser) userDetails;
-        final Date created = getIssuedAtDateFromToken(token);
-        return (!isTokenExpired(token) );
-    }
-    private Date calculateExpirationDate(Date createdDate) {
-        return new Date(createdDate.getTime() + expiration);
-    }
-    /**
-     * Get the login of the current user.
-     *
-     * @return the login of the current user
-     */
-    public static Optional<String> getCurrentUserLogin() {
-        SecurityContext securityContext = SecurityContextHolder.getContext();
-        return Optional.ofNullable(securityContext.getAuthentication())
-                .map(authentication -> {
-                    if (authentication.getPrincipal() instanceof UserDetails) {
-                        UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal();
-                        return springSecurityUser.getUsername();
-                    } else if (authentication.getPrincipal() instanceof String) {
-                        return (String) authentication.getPrincipal();
-                    }
-                    return null;
-                });
-    }
-    /**
-     * Check if a user is authenticated.
-     *
-     * @return true if the user is authenticated, false otherwise
-     */
-    public static boolean isAuthenticated() {
-        SecurityContext securityContext = SecurityContextHolder.getContext();
-        return Optional.ofNullable(securityContext.getAuthentication())
-                .map(authentication -> authentication.getAuthorities().stream()
-                        .noneMatch(grantedAuthority -> grantedAuthority.getAuthority().equals("ANONYMOUS")))
-                .orElse(false);
-    }
-    /**
-     * If the current user has a specific authority (security role).
-     * <p>
-     * The name of this method comes from the isUserInRole() method in the Servlet API
-     *
-     * @param authority the authority to check
-     * @return true if the current user has the authority, false otherwise
-     */
-    public static boolean isCurrentUserInRole(String authority) {
-        SecurityContext securityContext = SecurityContextHolder.getContext();
-        return Optional.ofNullable(securityContext.getAuthentication())
-                .map(authentication -> authentication.getAuthorities().stream()
-                        .anyMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(authority)))
-                .orElse(false);
-    }
 }
--- a/ibzou-util/src/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
+++ b/ibzou-util/src/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
+package cn.ibizlab.util.security;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Clock;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.impl.DefaultClock;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import java.io.Serializable;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Optional;
+import java.util.function.Function;
+@Component
+@ConditionalOnExpression("(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:UAATokenUtil}'.equals('SimpleTokenUtil')")
+public class SimpleTokenUtil implements AuthTokenUtil,Serializable {
+    private static final long serialVersionUID = -3301605591108950415L;
+    private Clock clock = DefaultClock.INSTANCE;
+    @Value("${ibiz.jwt.secret:ibzsecret}")
+    private String secret;
+    @Value("${ibiz.jwt.expiration:7200000}")
+    private Long expiration;
+    @Value("${ibiz.jwt.header:Authorization}")
+    private String tokenHeader;
+    public String getUsernameFromToken(String token) {
+        return getClaimFromToken(token, Claims::getSubject);
+    }
+    public Date getIssuedAtDateFromToken(String token) {
+        return getClaimFromToken(token, Claims::getIssuedAt);
+    }
+    public Date getExpirationDateFromToken(String token) {
+        return getClaimFromToken(token, Claims::getExpiration);
+    }
+    public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
+        final Claims claims = getAllClaimsFromToken(token);
+        return claimsResolver.apply(claims);
+    }
+    private Claims getAllClaimsFromToken(String token) {
+        return Jwts.parser()
+                .setSigningKey(secret)
+                .parseClaimsJws(token)
+                .getBody();
+    }
+    private Boolean isTokenExpired(String token) {
+        final Date expiration = getExpirationDateFromToken(token);
+        return expiration.before(clock.now());
+    }
+    private Boolean isCreatedBeforeLastPasswordReset(Date created, Date lastPasswordReset) {
+        return (lastPasswordReset != null && created.before(lastPasswordReset));
+    }
+    private Boolean ignoreTokenExpiration(String token) {
+        // here you specify tokens, for that the expiration is ignored
+        return false;
+    }
+    public String generateToken(UserDetails userDetails) {
+        Map<String, Object> claims = new HashMap<>();
+        return doGenerateToken(claims, userDetails.getUsername());
+    }
+    private String doGenerateToken(Map<String, Object> claims, String subject) {
+        final Date createdDate = clock.now();
+        final Date expirationDate = calculateExpirationDate(createdDate);
+        return Jwts.builder()
+                .setClaims(claims)
+                .setSubject(subject)
+                .setIssuedAt(createdDate)
+                .setExpiration(expirationDate)
+                .signWith(SignatureAlgorithm.HS512, secret)
+                .compact();
+    }
+    public Boolean canTokenBeRefreshed(String token, Date lastPasswordReset) {
+        final Date created = getIssuedAtDateFromToken(token);
+        return !isCreatedBeforeLastPasswordReset(created, lastPasswordReset)
+                && (!isTokenExpired(token) || ignoreTokenExpiration(token));
+    }
+    public String refreshToken(String token) {
+        final Date createdDate = clock.now();
+        final Date expirationDate = calculateExpirationDate(createdDate);
+        final Claims claims = getAllClaimsFromToken(token);
+        claims.setIssuedAt(createdDate);
+        claims.setExpiration(expirationDate);
+        return Jwts.builder()
+                .setClaims(claims)
+                .signWith(SignatureAlgorithm.HS512, secret)
+                .compact();
+    }
+    public Boolean validateToken(String token, UserDetails userDetails) {
+        AuthenticationUser user = (AuthenticationUser) userDetails;
+        final Date created = getIssuedAtDateFromToken(token);
+        return (!isTokenExpired(token) );
+    }
+    private Date calculateExpirationDate(Date createdDate) {
+        return new Date(createdDate.getTime() + expiration);
+    }
+    /**
+     * Get the login of the current user.
+     *
+     * @return the login of the current user
+     */
+    public static Optional<String> getCurrentUserLogin() {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        return Optional.ofNullable(securityContext.getAuthentication())
+                .map(authentication -> {
+                    if (authentication.getPrincipal() instanceof UserDetails) {
+                        UserDetails springSecurityUser = (UserDetails) authentication.getPrincipal();
+                        return springSecurityUser.getUsername();
+                    } else if (authentication.getPrincipal() instanceof String) {
+                        return (String) authentication.getPrincipal();
+                    }
+                    return null;
+                });
+    }
+    /**
+     * Check if a user is authenticated.
+     *
+     * @return true if the user is authenticated, false otherwise
+     */
+    public static boolean isAuthenticated() {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        return Optional.ofNullable(securityContext.getAuthentication())
+                .map(authentication -> authentication.getAuthorities().stream()
+                        .noneMatch(grantedAuthority -> grantedAuthority.getAuthority().equals("ANONYMOUS")))
+                .orElse(false);
+    }
+    /**
+     * If the current user has a specific authority (security role).
+     * <p>
+     * The name of this method comes from the isUserInRole() method in the Servlet API
+     *
+     * @param authority the authority to check
+     * @return true if the current user has the authority, false otherwise
+     */
+    public static boolean isCurrentUserInRole(String authority) {
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        return Optional.ofNullable(securityContext.getAuthentication())
+                .map(authentication -> authentication.getAuthorities().stream()
+                        .anyMatch(grantedAuthority -> grantedAuthority.getAuthority().equals(authority)))
+                .orElse(false);
+    }
+}
--- a/ibzou-util/src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
+++ b/ibzou-util/src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
+package cn.ibizlab.util.security;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Clock;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.impl.DefaultClock;
+import lombok.SneakyThrows;
+import cn.ibizlab.util.client.IBZUAAFeignClient;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.io.IOUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.Serializable;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.function.Function;
+@Component
+@ConditionalOnExpression("${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:UAATokenUtil}'.equals('UAATokenUtil')")
+public class UAATokenUtil implements AuthTokenUtil, Serializable {
+    private static final long serialVersionUID = -3301605591108950415L;
+    private Clock clock = DefaultClock.INSTANCE;
+    @Value("${ibiz.jwt.secret:ibzsecret}")
+    private String secret;
+    @Value("${ibiz.jwt.expiration:7200000}")
+    private Long expiration;
+    @Value("${ibiz.jwt.header:Authorization}")
+    private String tokenHeader;
+    @Autowired
+    private IBZUAAFeignClient uaaFeignClient;
+    public String getUsernameFromToken(String token) {
+        return getClaimFromToken(token, Claims::getSubject);
+    }
+    public Date getIssuedAtDateFromToken(String token) {
+        return getClaimFromToken(token, Claims::getIssuedAt);
+    }
+    public Date getExpirationDateFromToken(String token) {
+        return getClaimFromToken(token, Claims::getExpiration);
+    }
+    public <T> T getClaimFromToken(String token, Function<Claims, T> claimsResolver) {
+        final Claims claims = getAllClaimsFromToken(token);
+        return claimsResolver.apply(claims);
+    }
+    public Claims getAllClaimsFromToken(String token) {
+        PublicKey publicKey = getPublicKey(getPublicKeyString());
+        return Jwts.parser()
+                .setSigningKey(publicKey)
+                .parseClaimsJws(token)
+                .getBody();
+    }
+    private Boolean isTokenExpired(String token) {
+        final Date expiration = getExpirationDateFromToken(token);
+        return expiration.before(clock.now());
+    }
+    public String generateToken(UserDetails userDetails) {
+        return null;
+    }
+    public Boolean validateToken(String token, UserDetails userDetails) {
+        AuthenticationUser user = (AuthenticationUser) userDetails;
+        final Date created = getIssuedAtDateFromToken(token);
+        return (!isTokenExpired(token) );
+    }
+    private String getPublicKeyString(){
+        return uaaFeignClient.getPublicKey();
+    }
+    /**
+     * 获取PublicKey对象
+     * @param publicKeyBase64
+     * @return
+     * @throws NoSuchAlgorithmException
+     * @throws InvalidKeySpecException
+     */
+    @SneakyThrows
+    public PublicKey getPublicKey(String publicKeyBase64) {
+        byte[] byteKey = Base64.decodeBase64(publicKeyBase64);
+        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(byteKey);
+        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
+        return keyFactory.generatePublic(x509EncodedKeySpec);
+    }
+}