Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzou
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzou
提交
7d7ee0a4
提交
7d7ee0a4
编写于
6月 12, 2020
作者:
ibizdev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ibiz4j 发布系统代码
上级
b22a9f57
变更
17
展开全部
显示空白字符变更
内嵌
并排
正在显示
17 个修改的文件
包含
679 行增加
和
257 行删除
+679
-257
app-transfer.vue
app_web/src/components/app-transfer/app-transfer.vue
+77
-81
dropdown-list.vue
app_web/src/components/dropdown-list/dropdown-list.vue
+1
-1
edit-grid-grid-base.vue
...idgets/ibzemployee/edit-grid-grid/edit-grid-grid-base.vue
+1
-0
IBZEmployeeServiceEx.java
...ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
+35
-0
IBZDepartment.java
...rc/main/java/cn/ibizlab/core/ou/domain/IBZDepartment.java
+0
-1
IBZDeptMember.java
...rc/main/java/cn/ibizlab/core/ou/domain/IBZDeptMember.java
+0
-1
IBZEmployee.java
.../src/main/java/cn/ibizlab/core/ou/domain/IBZEmployee.java
+0
-1
IBZOrganization.java
.../main/java/cn/ibizlab/core/ou/domain/IBZOrganization.java
+0
-1
IBZPost.java
...core/src/main/java/cn/ibizlab/core/ou/domain/IBZPost.java
+0
-1
IBZTeam.java
...core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeam.java
+0
-1
IBZTeamMember.java
...rc/main/java/cn/ibizlab/core/ou/domain/IBZTeamMember.java
+0
-1
h2_table.xml
ibzou-core/src/main/resources/liquibase/h2_table.xml
+267
-8
IBZUAAFallback.java
.../src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
+5
-0
IBZUAAFeignClient.java
...c/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+5
-0
AuthTokenUtil.java
...src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
+4
-160
SimpleTokenUtil.java
...c/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
+171
-0
UAATokenUtil.java
.../src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
+113
-0
未找到文件。
app_web/src/components/app-transfer/app-transfer.vue
浏览文件 @
7d7ee0a4
...
...
@@ -3,7 +3,7 @@
@
on-open-change=
"transferRefresh"
@
on-change=
"dataChange"
v-model=
"dataRight"
:style=
"
{width:width
===undefined?'586px':width
}"
:style=
"
{width:width
?width:'586px'
}"
multiple
>
<Option
class=
"hidden"
:value=
"item"
v-for=
"(item,i) in dataRight"
:key=
"i"
>
{{
findLabel
(
item
)
}}
</Option>
...
...
@@ -17,43 +17,23 @@ import { ElSelect } from "element-ui/types/select";
@
Component
({})
export
default
class
AppTransfer
extends
Vue
{
/**
* 左侧框数据
*/
public
dataLeft
:
any
[]
=
[];
/**
* 右侧框数据
*/
public
dataRight
:
any
[]
=
[];
/**
* 穿梭框宽度
*/
@
Prop
()
public
width
:
any
;
/**
* 代码表服务对象
*
* @type {CodeListService}
* @memberof AppTransfer
*/
public
codeListService
:
CodeListService
=
new
CodeListService
({
$store
:
this
.
$store
});
/**
* 查询参数
* @type {*}
* @memberof AppTransfer
*/
public
queryParam
:
any
;
@
Prop
()
public
width
:
any
;
/**
* 表单传入字符串值分隔符
*
* @type {string}
* @memberof AppTransfer
*/
@
Prop
()
public
valueSeparator
!
:
string
;
/**
* 当前选中值
* @type {any}
...
...
@@ -93,33 +73,6 @@ export default class AppTransfer extends Vue {
*/
@
Prop
()
public
localParam
!
:
any
;
/**
* 组件change事件,右侧框数据变化时
* @memberof AppTransfer
*/
dataChange
(
e
:
any
)
{
let
_valueSeparator
:
any
;
_valueSeparator
=
this
.
initValueSeparator
(
_valueSeparator
);
let
newVal
:
any
;
newVal
=
e
.
join
(
`
${
_valueSeparator
}
`
);
if
(
newVal
)
{
this
.
$emit
(
"change"
,
newVal
);
}
else
{
this
.
$emit
(
"change"
,
null
);
}
}
/**
* 初始化valueSeparator
*/
public
initValueSeparator
(
_valueSeparator
:
any
)
{
if
(
this
.
valueSeparator
===
undefined
)
{
return
","
;
}
else
{
return
this
.
valueSeparator
;
}
}
/**
* 视图上下文
*
...
...
@@ -138,6 +91,7 @@ export default class AppTransfer extends Vue {
/**
* 是否禁用
*
* @type {any}
* @memberof AppTransfer
*
...
...
@@ -145,18 +99,38 @@ export default class AppTransfer extends Vue {
@
Prop
()
public
disabled
?:
any
;
/**
* 是否支持过滤
* @type {boolean}
* placeholder
*
* @type {string}
* @memberof AppTransfer
*
*/
@
Prop
()
public
filterable
?:
boolean
;
@
Prop
()
public
placeholder
?:
string
;
/**
* 下拉选提示内容
* @type {string}
* 左侧框数据
*
* @type {any[]}
* @memberof AppTransfer
*/
@
Prop
()
public
placeholder
?:
string
;
public
dataLeft
:
any
[]
=
[];
/**
* 右侧框数据
*
* @type {any[]}
* @memberof AppTransfer
*/
public
dataRight
:
any
[]
=
[];
/**
* 代码表服务对象
*
* @type {CodeListService}
* @memberof AppTransfer
*/
public
codeListService
:
CodeListService
=
new
CodeListService
({
$store
:
this
.
$store
});
/**
* vue 生命周期
...
...
@@ -167,8 +141,34 @@ export default class AppTransfer extends Vue {
this
.
dataHandle
();
}
/**
* 组件change事件,右侧框数据变化时
*
* @memberof AppTransfer
*/
dataChange
(
e
:
any
)
{
let
_valueSeparator
:
string
=
this
.
initValueSeparator
();
let
newVal
:
string
=
e
.
join
(
`
${
_valueSeparator
}
`
);
if
(
newVal
)
{
this
.
$emit
(
"change"
,
newVal
);
}
else
{
this
.
$emit
(
"change"
,
null
);
}
}
/**
* 初始化valueSeparator
*
* @memberof AppTransfer
*/
public
initValueSeparator
()
{
return
this
.
valueSeparator
?
this
.
valueSeparator
:
","
;
}
/**
* 数据处理
*
* @memberof AppTransfer
*/
public
dataHandle
()
{
if
(
this
.
tag
&&
Object
.
is
(
this
.
codelistType
,
"STATIC"
))
{
...
...
@@ -187,14 +187,11 @@ export default class AppTransfer extends Vue {
// 参数处理
let
_context
=
data
.
context
;
let
_param
=
data
.
param
;
this
.
codeListService
.
getItems
(
this
.
tag
,
_context
,
_param
)
.
then
((
res
:
any
)
=>
{
this
.
codeListService
.
getItems
(
this
.
tag
,
_context
,
_param
).
then
((
res
:
any
)
=>
{
this
.
dataLeft
=
res
;
this
.
initLeft
();
this
.
initRight
();
})
.
catch
((
error
:
any
)
=>
{
}).
catch
((
error
:
any
)
=>
{
console
.
log
(
`----
${
this
.
tag
}
----代码表不存在`
);
});
}
...
...
@@ -207,35 +204,25 @@ export default class AppTransfer extends Vue {
* @returns
* @memberof AppTransfer
*/
public
handlePublicParams
(
arg
:
any
)
{
// 合并表单参数
arg
.
param
=
this
.
viewparams
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
viewparams
))
:
{};
arg
.
param
=
this
.
viewparams
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
viewparams
)):
{};
arg
.
context
=
this
.
context
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
context
))
:
{};
// 附加参数处理
if
(
this
.
localContext
&&
Object
.
keys
(
this
.
localContext
).
length
>
0
)
{
let
_context
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localContext
);
let
_context
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localContext
);
Object
.
assign
(
arg
.
context
,
_context
);
}
if
(
this
.
localParam
&&
Object
.
keys
(
this
.
localParam
).
length
>
0
)
{
let
_param
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localParam
);
let
_param
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localParam
);
Object
.
assign
(
arg
.
param
,
_param
);
}
}
/**
* 初始化左侧框数据
*
* @memberof AppTransfer
*/
public
initLeft
()
{
let
left
:
any
[]
=
[];
...
...
@@ -250,12 +237,15 @@ export default class AppTransfer extends Vue {
});
});
}
/**
* 初始化右侧框数据
*
* @memberof AppTransfer
*/
public
initRight
()
{
let
_valueSeparator
:
any
;
_valueSeparator
=
this
.
initValueSeparator
(
_valueSeparator
);
_valueSeparator
=
this
.
initValueSeparator
();
let
_data
:
any
=
this
.
itemValue
;
if
(
_data
)
{
let
_dataRight
:
any
=
[];
...
...
@@ -270,8 +260,11 @@ export default class AppTransfer extends Vue {
this
.
dataRight
=
_dataRight
;
}
}
/**
* 穿梭框打开时刷新数据
*
* @memberof AppTransfer
*/
public
transferRefresh
(
e
:
any
)
{
if
(
e
&&
this
.
codelistType
===
"DYNAMIC"
)
{
...
...
@@ -282,12 +275,15 @@ export default class AppTransfer extends Vue {
/**
* 找到dataLeft中key与dataRight中item相等的元素,返回label
*
* @memberof AppTransfer
*/
public
findLabel
(
item
:
any
)
{
for
(
const
elem
of
this
.
dataLeft
)
{
if
(
elem
.
key
===
item
)
return
elem
.
label
;
}
}
}
</
script
>
...
...
app_web/src/components/dropdown-list/dropdown-list.vue
浏览文件 @
7d7ee0a4
app_web/src/widgets/ibzemployee/edit-grid-grid/edit-grid-grid-base.vue
浏览文件 @
7d7ee0a4
...
...
@@ -230,6 +230,7 @@
style=""
@change="($event)=>{gridEditItemChange(row, column.property, $event, $index)}">
</dropdown-list>
</app-form-item>
</
template
>
<
template
v-if=
"!actualIsOpenEdit"
>
...
...
ibzou-core/src/main/java/cn/ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
0 → 100644
浏览文件 @
7d7ee0a4
package
cn
.
ibizlab
.
core
.
extensions
.
service
;
import
cn.ibizlab.core.ou.service.impl.IBZEmployeeServiceImpl
;
import
lombok.extern.slf4j.Slf4j
;
import
cn.ibizlab.core.ou.domain.IBZEmployee
;
import
org.springframework.stereotype.Service
;
import
org.springframework.transaction.annotation.Transactional
;
import
org.springframework.context.annotation.Primary
;
/**
* 实体[人员] 自定义服务对象
*/
@Slf4j
@Primary
@Service
(
"IBZEmployeeServiceEx"
)
public
class
IBZEmployeeServiceEx
extends
IBZEmployeeServiceImpl
{
@Override
protected
Class
currentModelClass
()
{
return
com
.
baomidou
.
mybatisplus
.
core
.
toolkit
.
ReflectionKit
.
getSuperClassGenericType
(
this
.
getClass
().
getSuperclass
(),
1
);
}
/**
* 自定义行为[InitPwd]用户扩展
* @param et
* @return
*/
@Override
@Transactional
public
IBZEmployee
initPwd
(
IBZEmployee
et
)
{
return
et
;
}
}
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDepartment.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZDEPT"
,
resultMap
=
"IBZDepartmentResultMap"
)
public
class
IBZDepartment
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZDeptMember.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZDEPTMEMBER"
,
resultMap
=
"IBZDeptMemberResultMap"
)
public
class
IBZDeptMember
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZEmployee.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZEMP"
,
resultMap
=
"IBZEmployeeResultMap"
)
public
class
IBZEmployee
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZOrganization.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZORG"
,
resultMap
=
"IBZOrganizationResultMap"
)
public
class
IBZOrganization
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZPost.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZPOST"
,
resultMap
=
"IBZPostResultMap"
)
public
class
IBZPost
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeam.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZTEAM"
,
resultMap
=
"IBZTeamResultMap"
)
public
class
IBZTeam
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/java/cn/ibizlab/core/ou/domain/IBZTeamMember.java
浏览文件 @
7d7ee0a4
...
...
@@ -32,7 +32,6 @@ import cn.ibizlab.util.domain.EntityMP;
@Getter
@Setter
@NoArgsConstructor
@AllArgsConstructor
@JsonIgnoreProperties
(
value
=
"handler"
)
@TableName
(
value
=
"IBZTEAMMEMBER"
,
resultMap
=
"IBZTeamMemberResultMap"
)
public
class
IBZTeamMember
extends
EntityMP
implements
Serializable
{
...
...
ibzou-core/src/main/resources/liquibase/h2_table.xml
浏览文件 @
7d7ee0a4
此差异已折叠。
点击以展开。
ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
浏览文件 @
7d7ee0a4
...
...
@@ -22,4 +22,9 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
public
AuthenticationUser
loginByUsername
(
String
username
)
{
return
null
;
}
@Override
public
String
getPublicKey
()
{
return
null
;
}
}
ibzou-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
浏览文件 @
7d7ee0a4
...
...
@@ -2,6 +2,7 @@ package cn.ibizlab.util.client;
import
cn.ibizlab.util.security.AuthenticationUser
;
import
cn.ibizlab.util.security.AuthorizationLogin
;
import
org.springframework.cache.annotation.Cacheable
;
import
org.springframework.cloud.openfeign.FeignClient
;
import
org.springframework.web.bind.annotation.*
;
import
com.alibaba.fastjson.JSONObject
;
...
...
@@ -28,4 +29,8 @@ public interface IBZUAAFeignClient
@PostMapping
(
value
=
"/uaa/loginbyusername"
)
AuthenticationUser
loginByUsername
(
@RequestBody
String
username
);
@Cacheable
(
value
=
"ibzuaa_publickey"
)
@GetMapping
(
value
=
"/uaa/publickey"
)
String
getPublicKey
();
}
ibzou-util/src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
浏览文件 @
7d7ee0a4
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
java.io.Serializable
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Optional
;
import
java.util.function.Function
;
public
interface
AuthTokenUtil
{
@Component
public
class
AuthTokenUtil
implements
Serializable
{
String
generateToken
(
UserDetails
userDetails
);
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
);
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
String
getUsernameFromToken
(
String
token
);
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
private
Claims
getAllClaimsFromToken
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
secret
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
private
Boolean
isCreatedBeforeLastPasswordReset
(
Date
created
,
Date
lastPasswordReset
)
{
return
(
lastPasswordReset
!=
null
&&
created
.
before
(
lastPasswordReset
));
}
private
Boolean
ignoreTokenExpiration
(
String
token
)
{
// here you specify tokens, for that the expiration is ignored
return
false
;
}
public
String
generateToken
(
UserDetails
userDetails
)
{
Map
<
String
,
Object
>
claims
=
new
HashMap
<>();
return
doGenerateToken
(
claims
,
userDetails
.
getUsername
());
}
private
String
doGenerateToken
(
Map
<
String
,
Object
>
claims
,
String
subject
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
setSubject
(
subject
)
.
setIssuedAt
(
createdDate
)
.
setExpiration
(
expirationDate
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
canTokenBeRefreshed
(
String
token
,
Date
lastPasswordReset
)
{
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
!
isCreatedBeforeLastPasswordReset
(
created
,
lastPasswordReset
)
&&
(!
isTokenExpired
(
token
)
||
ignoreTokenExpiration
(
token
));
}
public
String
refreshToken
(
String
token
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
claims
.
setIssuedAt
(
createdDate
);
claims
.
setExpiration
(
expirationDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
Date
calculateExpirationDate
(
Date
createdDate
)
{
return
new
Date
(
createdDate
.
getTime
()
+
expiration
);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public
static
Optional
<
String
>
getCurrentUserLogin
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
{
if
(
authentication
.
getPrincipal
()
instanceof
UserDetails
)
{
UserDetails
springSecurityUser
=
(
UserDetails
)
authentication
.
getPrincipal
();
return
springSecurityUser
.
getUsername
();
}
else
if
(
authentication
.
getPrincipal
()
instanceof
String
)
{
return
(
String
)
authentication
.
getPrincipal
();
}
return
null
;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public
static
boolean
isAuthenticated
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
noneMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
"ANONYMOUS"
)))
.
orElse
(
false
);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public
static
boolean
isCurrentUserInRole
(
String
authority
)
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
anyMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
authority
)))
.
orElse
(
false
);
}
}
ibzou-util/src/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
0 → 100644
浏览文件 @
7d7ee0a4
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
;
import
java.io.Serializable
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Optional
;
import
java.util.function.Function
;
@Component
@ConditionalOnExpression
(
"(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:UAATokenUtil}'.equals('SimpleTokenUtil')"
)
public
class
SimpleTokenUtil
implements
AuthTokenUtil
,
Serializable
{
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
private
Claims
getAllClaimsFromToken
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
secret
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
private
Boolean
isCreatedBeforeLastPasswordReset
(
Date
created
,
Date
lastPasswordReset
)
{
return
(
lastPasswordReset
!=
null
&&
created
.
before
(
lastPasswordReset
));
}
private
Boolean
ignoreTokenExpiration
(
String
token
)
{
// here you specify tokens, for that the expiration is ignored
return
false
;
}
public
String
generateToken
(
UserDetails
userDetails
)
{
Map
<
String
,
Object
>
claims
=
new
HashMap
<>();
return
doGenerateToken
(
claims
,
userDetails
.
getUsername
());
}
private
String
doGenerateToken
(
Map
<
String
,
Object
>
claims
,
String
subject
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
setSubject
(
subject
)
.
setIssuedAt
(
createdDate
)
.
setExpiration
(
expirationDate
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
canTokenBeRefreshed
(
String
token
,
Date
lastPasswordReset
)
{
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
!
isCreatedBeforeLastPasswordReset
(
created
,
lastPasswordReset
)
&&
(!
isTokenExpired
(
token
)
||
ignoreTokenExpiration
(
token
));
}
public
String
refreshToken
(
String
token
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
claims
.
setIssuedAt
(
createdDate
);
claims
.
setExpiration
(
expirationDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
Date
calculateExpirationDate
(
Date
createdDate
)
{
return
new
Date
(
createdDate
.
getTime
()
+
expiration
);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public
static
Optional
<
String
>
getCurrentUserLogin
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
{
if
(
authentication
.
getPrincipal
()
instanceof
UserDetails
)
{
UserDetails
springSecurityUser
=
(
UserDetails
)
authentication
.
getPrincipal
();
return
springSecurityUser
.
getUsername
();
}
else
if
(
authentication
.
getPrincipal
()
instanceof
String
)
{
return
(
String
)
authentication
.
getPrincipal
();
}
return
null
;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public
static
boolean
isAuthenticated
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
noneMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
"ANONYMOUS"
)))
.
orElse
(
false
);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public
static
boolean
isCurrentUserInRole
(
String
authority
)
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
anyMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
authority
)))
.
orElse
(
false
);
}
}
ibzou-util/src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
0 → 100644
浏览文件 @
7d7ee0a4
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
lombok.SneakyThrows
;
import
cn.ibizlab.util.client.IBZUAAFeignClient
;
import
org.apache.commons.codec.binary.Base64
;
import
org.apache.commons.io.IOUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
java.io.File
;
import
java.io.FileInputStream
;
import
java.io.Serializable
;
import
java.security.KeyFactory
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.PrivateKey
;
import
java.security.PublicKey
;
import
java.security.spec.InvalidKeySpecException
;
import
java.security.spec.PKCS8EncodedKeySpec
;
import
java.security.spec.X509EncodedKeySpec
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.function.Function
;
@Component
@ConditionalOnExpression
(
"${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:UAATokenUtil}'.equals('UAATokenUtil')"
)
public
class
UAATokenUtil
implements
AuthTokenUtil
,
Serializable
{
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
@Autowired
private
IBZUAAFeignClient
uaaFeignClient
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
public
Claims
getAllClaimsFromToken
(
String
token
)
{
PublicKey
publicKey
=
getPublicKey
(
getPublicKeyString
());
return
Jwts
.
parser
()
.
setSigningKey
(
publicKey
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
public
String
generateToken
(
UserDetails
userDetails
)
{
return
null
;
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
String
getPublicKeyString
(){
return
uaaFeignClient
.
getPublicKey
();
}
/**
* 获取PublicKey对象
* @param publicKeyBase64
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
@SneakyThrows
public
PublicKey
getPublicKey
(
String
publicKeyBase64
)
{
byte
[]
byteKey
=
Base64
.
decodeBase64
(
publicKeyBase64
);
X509EncodedKeySpec
x509EncodedKeySpec
=
new
X509EncodedKeySpec
(
byteKey
);
KeyFactory
keyFactory
=
KeyFactory
.
getInstance
(
"RSA"
);
return
keyFactory
.
generatePublic
(
x509EncodedKeySpec
);
}
}
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录