Skip to content
项目
群组
代码片段
帮助
正在加载...
帮助
提交反馈
为 GitLab 提交贡献
登录
切换导航
I
ibzrt
项目
项目
详情
动态
版本
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
计划
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
统计图
创建新议题
作业
提交
议题看板
打开侧边栏
ibiz4jteam
ibzrt
提交
5897622c
提交
5897622c
编写于
6月 12, 2020
作者:
ibizdev
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ibiz4j 发布系统代码
上级
487e0689
变更
8
隐藏空白字符变更
内嵌
并排
正在显示
8 个修改的文件
包含
407 行增加
和
242 行删除
+407
-242
app-transfer.vue
app_Web/src/components/app-transfer/app-transfer.vue
+77
-81
dropdown-list.vue
app_Web/src/components/dropdown-list/dropdown-list.vue
+1
-1
IBZEmployeeServiceEx.java
...ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
+31
-0
IBZUAAFallback.java
.../src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
+5
-0
IBZUAAFeignClient.java
...c/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
+5
-0
AuthTokenUtil.java
...src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
+4
-160
SimpleTokenUtil.java
...c/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
+171
-0
UAATokenUtil.java
.../src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
+113
-0
未找到文件。
app_Web/src/components/app-transfer/app-transfer.vue
浏览文件 @
5897622c
...
...
@@ -3,7 +3,7 @@
@
on-open-change=
"transferRefresh"
@
on-change=
"dataChange"
v-model=
"dataRight"
:style=
"
{width:width
===undefined?'586px':width
}"
:style=
"
{width:width
?width:'586px'
}"
multiple
>
<Option
class=
"hidden"
:value=
"item"
v-for=
"(item,i) in dataRight"
:key=
"i"
>
{{
findLabel
(
item
)
}}
</Option>
...
...
@@ -17,43 +17,23 @@ import { ElSelect } from "element-ui/types/select";
@
Component
({})
export
default
class
AppTransfer
extends
Vue
{
/**
* 左侧框数据
*/
public
dataLeft
:
any
[]
=
[];
/**
* 右侧框数据
*/
public
dataRight
:
any
[]
=
[];
/**
* 穿梭框宽度
*/
@
Prop
()
public
width
:
any
;
/**
* 代码表服务对象
*
* @type {CodeListService}
* @memberof AppTransfer
*/
public
codeListService
:
CodeListService
=
new
CodeListService
({
$store
:
this
.
$store
});
/**
* 查询参数
* @type {*}
* @memberof AppTransfer
*/
public
queryParam
:
any
;
@
Prop
()
public
width
:
any
;
/**
* 表单传入字符串值分隔符
*
* @type {string}
* @memberof AppTransfer
*/
@
Prop
()
public
valueSeparator
!
:
string
;
/**
* 当前选中值
* @type {any}
...
...
@@ -93,33 +73,6 @@ export default class AppTransfer extends Vue {
*/
@
Prop
()
public
localParam
!
:
any
;
/**
* 组件change事件,右侧框数据变化时
* @memberof AppTransfer
*/
dataChange
(
e
:
any
)
{
let
_valueSeparator
:
any
;
_valueSeparator
=
this
.
initValueSeparator
(
_valueSeparator
);
let
newVal
:
any
;
newVal
=
e
.
join
(
`
${
_valueSeparator
}
`
);
if
(
newVal
)
{
this
.
$emit
(
"change"
,
newVal
);
}
else
{
this
.
$emit
(
"change"
,
null
);
}
}
/**
* 初始化valueSeparator
*/
public
initValueSeparator
(
_valueSeparator
:
any
)
{
if
(
this
.
valueSeparator
===
undefined
)
{
return
","
;
}
else
{
return
this
.
valueSeparator
;
}
}
/**
* 视图上下文
*
...
...
@@ -138,6 +91,7 @@ export default class AppTransfer extends Vue {
/**
* 是否禁用
*
* @type {any}
* @memberof AppTransfer
*
...
...
@@ -145,18 +99,38 @@ export default class AppTransfer extends Vue {
@
Prop
()
public
disabled
?:
any
;
/**
* 是否支持过滤
* @type {boolean}
* placeholder
*
* @type {string}
* @memberof AppTransfer
*
*/
@
Prop
()
public
placeholder
?:
string
;
/**
* 左侧框数据
*
* @type {any[]}
* @memberof AppTransfer
*/
@
Prop
()
public
filterable
?:
boolean
;
public
dataLeft
:
any
[]
=
[]
;
/**
* 下拉选提示内容
* @type {string}
* 右侧框数据
*
* @type {any[]}
* @memberof AppTransfer
*/
@
Prop
()
public
placeholder
?:
string
;
public
dataRight
:
any
[]
=
[];
/**
* 代码表服务对象
*
* @type {CodeListService}
* @memberof AppTransfer
*/
public
codeListService
:
CodeListService
=
new
CodeListService
({
$store
:
this
.
$store
});
/**
* vue 生命周期
...
...
@@ -167,8 +141,34 @@ export default class AppTransfer extends Vue {
this
.
dataHandle
();
}
/**
* 组件change事件,右侧框数据变化时
*
* @memberof AppTransfer
*/
dataChange
(
e
:
any
)
{
let
_valueSeparator
:
string
=
this
.
initValueSeparator
();
let
newVal
:
string
=
e
.
join
(
`
${
_valueSeparator
}
`
);
if
(
newVal
)
{
this
.
$emit
(
"change"
,
newVal
);
}
else
{
this
.
$emit
(
"change"
,
null
);
}
}
/**
* 初始化valueSeparator
*
* @memberof AppTransfer
*/
public
initValueSeparator
()
{
return
this
.
valueSeparator
?
this
.
valueSeparator
:
","
;
}
/**
* 数据处理
*
* @memberof AppTransfer
*/
public
dataHandle
()
{
if
(
this
.
tag
&&
Object
.
is
(
this
.
codelistType
,
"STATIC"
))
{
...
...
@@ -187,14 +187,11 @@ export default class AppTransfer extends Vue {
// 参数处理
let
_context
=
data
.
context
;
let
_param
=
data
.
param
;
this
.
codeListService
.
getItems
(
this
.
tag
,
_context
,
_param
)
.
then
((
res
:
any
)
=>
{
this
.
codeListService
.
getItems
(
this
.
tag
,
_context
,
_param
).
then
((
res
:
any
)
=>
{
this
.
dataLeft
=
res
;
this
.
initLeft
();
this
.
initRight
();
})
.
catch
((
error
:
any
)
=>
{
}).
catch
((
error
:
any
)
=>
{
console
.
log
(
`----
${
this
.
tag
}
----代码表不存在`
);
});
}
...
...
@@ -207,35 +204,25 @@ export default class AppTransfer extends Vue {
* @returns
* @memberof AppTransfer
*/
public
handlePublicParams
(
arg
:
any
)
{
// 合并表单参数
arg
.
param
=
this
.
viewparams
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
viewparams
))
:
{};
arg
.
param
=
this
.
viewparams
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
viewparams
)):
{};
arg
.
context
=
this
.
context
?
JSON
.
parse
(
JSON
.
stringify
(
this
.
context
))
:
{};
// 附加参数处理
if
(
this
.
localContext
&&
Object
.
keys
(
this
.
localContext
).
length
>
0
)
{
let
_context
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localContext
);
let
_context
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localContext
);
Object
.
assign
(
arg
.
context
,
_context
);
}
if
(
this
.
localParam
&&
Object
.
keys
(
this
.
localParam
).
length
>
0
)
{
let
_param
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localParam
);
let
_param
=
this
.
$util
.
computedNavData
(
this
.
itemValue
,
arg
.
context
,
arg
.
param
,
this
.
localParam
);
Object
.
assign
(
arg
.
param
,
_param
);
}
}
/**
* 初始化左侧框数据
*
* @memberof AppTransfer
*/
public
initLeft
()
{
let
left
:
any
[]
=
[];
...
...
@@ -250,12 +237,15 @@ export default class AppTransfer extends Vue {
});
});
}
/**
* 初始化右侧框数据
*
* @memberof AppTransfer
*/
public
initRight
()
{
let
_valueSeparator
:
any
;
_valueSeparator
=
this
.
initValueSeparator
(
_valueSeparator
);
_valueSeparator
=
this
.
initValueSeparator
();
let
_data
:
any
=
this
.
itemValue
;
if
(
_data
)
{
let
_dataRight
:
any
=
[];
...
...
@@ -270,8 +260,11 @@ export default class AppTransfer extends Vue {
this
.
dataRight
=
_dataRight
;
}
}
/**
* 穿梭框打开时刷新数据
*
* @memberof AppTransfer
*/
public
transferRefresh
(
e
:
any
)
{
if
(
e
&&
this
.
codelistType
===
"DYNAMIC"
)
{
...
...
@@ -282,12 +275,15 @@ export default class AppTransfer extends Vue {
/**
* 找到dataLeft中key与dataRight中item相等的元素,返回label
*
* @memberof AppTransfer
*/
public
findLabel
(
item
:
any
)
{
for
(
const
elem
of
this
.
dataLeft
)
{
if
(
elem
.
key
===
item
)
return
elem
.
label
;
}
}
}
</
script
>
...
...
app_Web/src/components/dropdown-list/dropdown-list.vue
浏览文件 @
5897622c
...
...
@@ -116,7 +116,7 @@ export default class DropDownList extends Vue {
* @memberof AppFormDRUIPart
*/
@
Prop
()
public
viewparams
!
:
any
;
/**
* 是否禁用
* @type {any}
...
...
ibzrt-core/src/main/java/cn/ibizlab/core/extensions.service/IBZEmployeeServiceEx.java
0 → 100644
浏览文件 @
5897622c
package
cn
.
ibizlab
.
core
.
extensions
.
service
;
import
cn.ibizlab.core.ou.service.impl.IBZEmployeeServiceImpl
;
import
lombok.extern.slf4j.Slf4j
;
import
cn.ibizlab.core.ou.domain.IBZEmployee
;
import
org.springframework.stereotype.Service
;
import
org.springframework.transaction.annotation.Transactional
;
import
org.springframework.context.annotation.Primary
;
/**
* 实体[人员] 自定义服务对象
*/
@Slf4j
@Primary
@Service
(
"IBZEmployeeServiceEx"
)
public
class
IBZEmployeeServiceEx
extends
IBZEmployeeServiceImpl
{
/**
* 自定义行为[InitPwd]用户扩展
* @param et
* @return
*/
@Override
@Transactional
public
IBZEmployee
initPwd
(
IBZEmployee
et
)
{
return
et
;
}
}
ibzrt-util/src/main/java/cn/ibizlab/util/client/IBZUAAFallback.java
浏览文件 @
5897622c
...
...
@@ -22,4 +22,9 @@ public class IBZUAAFallback implements IBZUAAFeignClient {
public
AuthenticationUser
loginByUsername
(
String
username
)
{
return
null
;
}
@Override
public
String
getPublicKey
()
{
return
null
;
}
}
ibzrt-util/src/main/java/cn/ibizlab/util/client/IBZUAAFeignClient.java
浏览文件 @
5897622c
...
...
@@ -2,6 +2,7 @@ package cn.ibizlab.util.client;
import
cn.ibizlab.util.security.AuthenticationUser
;
import
cn.ibizlab.util.security.AuthorizationLogin
;
import
org.springframework.cache.annotation.Cacheable
;
import
org.springframework.cloud.openfeign.FeignClient
;
import
org.springframework.web.bind.annotation.*
;
import
com.alibaba.fastjson.JSONObject
;
...
...
@@ -28,4 +29,8 @@ public interface IBZUAAFeignClient
@PostMapping
(
value
=
"/uaa/loginbyusername"
)
AuthenticationUser
loginByUsername
(
@RequestBody
String
username
);
@Cacheable
(
value
=
"ibzuaa_publickey"
)
@GetMapping
(
value
=
"/uaa/publickey"
)
String
getPublicKey
();
}
ibzrt-util/src/main/java/cn/ibizlab/util/security/AuthTokenUtil.java
浏览文件 @
5897622c
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
java.io.Serializable
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Optional
;
import
java.util.function.Function
;
public
interface
AuthTokenUtil
{
@Component
public
class
AuthTokenUtil
implements
Serializable
{
String
generateToken
(
UserDetails
userDetails
);
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
);
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
String
getUsernameFromToken
(
String
token
);
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
private
Claims
getAllClaimsFromToken
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
secret
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
private
Boolean
isCreatedBeforeLastPasswordReset
(
Date
created
,
Date
lastPasswordReset
)
{
return
(
lastPasswordReset
!=
null
&&
created
.
before
(
lastPasswordReset
));
}
private
Boolean
ignoreTokenExpiration
(
String
token
)
{
// here you specify tokens, for that the expiration is ignored
return
false
;
}
public
String
generateToken
(
UserDetails
userDetails
)
{
Map
<
String
,
Object
>
claims
=
new
HashMap
<>();
return
doGenerateToken
(
claims
,
userDetails
.
getUsername
());
}
private
String
doGenerateToken
(
Map
<
String
,
Object
>
claims
,
String
subject
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
setSubject
(
subject
)
.
setIssuedAt
(
createdDate
)
.
setExpiration
(
expirationDate
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
canTokenBeRefreshed
(
String
token
,
Date
lastPasswordReset
)
{
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
!
isCreatedBeforeLastPasswordReset
(
created
,
lastPasswordReset
)
&&
(!
isTokenExpired
(
token
)
||
ignoreTokenExpiration
(
token
));
}
public
String
refreshToken
(
String
token
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
claims
.
setIssuedAt
(
createdDate
);
claims
.
setExpiration
(
expirationDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
Date
calculateExpirationDate
(
Date
createdDate
)
{
return
new
Date
(
createdDate
.
getTime
()
+
expiration
);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public
static
Optional
<
String
>
getCurrentUserLogin
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
{
if
(
authentication
.
getPrincipal
()
instanceof
UserDetails
)
{
UserDetails
springSecurityUser
=
(
UserDetails
)
authentication
.
getPrincipal
();
return
springSecurityUser
.
getUsername
();
}
else
if
(
authentication
.
getPrincipal
()
instanceof
String
)
{
return
(
String
)
authentication
.
getPrincipal
();
}
return
null
;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public
static
boolean
isAuthenticated
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
noneMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
"ANONYMOUS"
)))
.
orElse
(
false
);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public
static
boolean
isCurrentUserInRole
(
String
authority
)
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
anyMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
authority
)))
.
orElse
(
false
);
}
}
ibzrt-util/src/main/java/cn/ibizlab/util/security/SimpleTokenUtil.java
0 → 100644
浏览文件 @
5897622c
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.security.core.context.SecurityContext
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
;
import
java.io.Serializable
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.Optional
;
import
java.util.function.Function
;
@Component
@ConditionalOnExpression
(
"(!${ibiz.enablePermissionValid:false})&&'${ibiz.auth.service:UAATokenUtil}'.equals('SimpleTokenUtil')"
)
public
class
SimpleTokenUtil
implements
AuthTokenUtil
,
Serializable
{
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
private
Claims
getAllClaimsFromToken
(
String
token
)
{
return
Jwts
.
parser
()
.
setSigningKey
(
secret
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
private
Boolean
isCreatedBeforeLastPasswordReset
(
Date
created
,
Date
lastPasswordReset
)
{
return
(
lastPasswordReset
!=
null
&&
created
.
before
(
lastPasswordReset
));
}
private
Boolean
ignoreTokenExpiration
(
String
token
)
{
// here you specify tokens, for that the expiration is ignored
return
false
;
}
public
String
generateToken
(
UserDetails
userDetails
)
{
Map
<
String
,
Object
>
claims
=
new
HashMap
<>();
return
doGenerateToken
(
claims
,
userDetails
.
getUsername
());
}
private
String
doGenerateToken
(
Map
<
String
,
Object
>
claims
,
String
subject
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
setSubject
(
subject
)
.
setIssuedAt
(
createdDate
)
.
setExpiration
(
expirationDate
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
canTokenBeRefreshed
(
String
token
,
Date
lastPasswordReset
)
{
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
!
isCreatedBeforeLastPasswordReset
(
created
,
lastPasswordReset
)
&&
(!
isTokenExpired
(
token
)
||
ignoreTokenExpiration
(
token
));
}
public
String
refreshToken
(
String
token
)
{
final
Date
createdDate
=
clock
.
now
();
final
Date
expirationDate
=
calculateExpirationDate
(
createdDate
);
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
claims
.
setIssuedAt
(
createdDate
);
claims
.
setExpiration
(
expirationDate
);
return
Jwts
.
builder
()
.
setClaims
(
claims
)
.
signWith
(
SignatureAlgorithm
.
HS512
,
secret
)
.
compact
();
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
Date
calculateExpirationDate
(
Date
createdDate
)
{
return
new
Date
(
createdDate
.
getTime
()
+
expiration
);
}
/**
* Get the login of the current user.
*
* @return the login of the current user
*/
public
static
Optional
<
String
>
getCurrentUserLogin
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
{
if
(
authentication
.
getPrincipal
()
instanceof
UserDetails
)
{
UserDetails
springSecurityUser
=
(
UserDetails
)
authentication
.
getPrincipal
();
return
springSecurityUser
.
getUsername
();
}
else
if
(
authentication
.
getPrincipal
()
instanceof
String
)
{
return
(
String
)
authentication
.
getPrincipal
();
}
return
null
;
});
}
/**
* Check if a user is authenticated.
*
* @return true if the user is authenticated, false otherwise
*/
public
static
boolean
isAuthenticated
()
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
noneMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
"ANONYMOUS"
)))
.
orElse
(
false
);
}
/**
* If the current user has a specific authority (security role).
* <p>
* The name of this method comes from the isUserInRole() method in the Servlet API
*
* @param authority the authority to check
* @return true if the current user has the authority, false otherwise
*/
public
static
boolean
isCurrentUserInRole
(
String
authority
)
{
SecurityContext
securityContext
=
SecurityContextHolder
.
getContext
();
return
Optional
.
ofNullable
(
securityContext
.
getAuthentication
())
.
map
(
authentication
->
authentication
.
getAuthorities
().
stream
()
.
anyMatch
(
grantedAuthority
->
grantedAuthority
.
getAuthority
().
equals
(
authority
)))
.
orElse
(
false
);
}
}
ibzrt-util/src/main/java/cn/ibizlab/util/security/UAATokenUtil.java
0 → 100644
浏览文件 @
5897622c
package
cn
.
ibizlab
.
util
.
security
;
import
io.jsonwebtoken.Claims
;
import
io.jsonwebtoken.Clock
;
import
io.jsonwebtoken.Jwts
;
import
io.jsonwebtoken.SignatureAlgorithm
;
import
io.jsonwebtoken.impl.DefaultClock
;
import
lombok.SneakyThrows
;
import
cn.ibizlab.util.client.IBZUAAFeignClient
;
import
org.apache.commons.codec.binary.Base64
;
import
org.apache.commons.io.IOUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.stereotype.Component
;
import
java.io.File
;
import
java.io.FileInputStream
;
import
java.io.Serializable
;
import
java.security.KeyFactory
;
import
java.security.NoSuchAlgorithmException
;
import
java.security.PrivateKey
;
import
java.security.PublicKey
;
import
java.security.spec.InvalidKeySpecException
;
import
java.security.spec.PKCS8EncodedKeySpec
;
import
java.security.spec.X509EncodedKeySpec
;
import
java.util.Date
;
import
java.util.HashMap
;
import
java.util.Map
;
import
java.util.function.Function
;
@Component
@ConditionalOnExpression
(
"${ibiz.enablePermissionValid:false}||'${ibiz.auth.service:UAATokenUtil}'.equals('UAATokenUtil')"
)
public
class
UAATokenUtil
implements
AuthTokenUtil
,
Serializable
{
private
static
final
long
serialVersionUID
=
-
3301605591108950415L
;
private
Clock
clock
=
DefaultClock
.
INSTANCE
;
@Value
(
"${ibiz.jwt.secret:ibzsecret}"
)
private
String
secret
;
@Value
(
"${ibiz.jwt.expiration:7200000}"
)
private
Long
expiration
;
@Value
(
"${ibiz.jwt.header:Authorization}"
)
private
String
tokenHeader
;
@Autowired
private
IBZUAAFeignClient
uaaFeignClient
;
public
String
getUsernameFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getSubject
);
}
public
Date
getIssuedAtDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getIssuedAt
);
}
public
Date
getExpirationDateFromToken
(
String
token
)
{
return
getClaimFromToken
(
token
,
Claims:
:
getExpiration
);
}
public
<
T
>
T
getClaimFromToken
(
String
token
,
Function
<
Claims
,
T
>
claimsResolver
)
{
final
Claims
claims
=
getAllClaimsFromToken
(
token
);
return
claimsResolver
.
apply
(
claims
);
}
public
Claims
getAllClaimsFromToken
(
String
token
)
{
PublicKey
publicKey
=
getPublicKey
(
getPublicKeyString
());
return
Jwts
.
parser
()
.
setSigningKey
(
publicKey
)
.
parseClaimsJws
(
token
)
.
getBody
();
}
private
Boolean
isTokenExpired
(
String
token
)
{
final
Date
expiration
=
getExpirationDateFromToken
(
token
);
return
expiration
.
before
(
clock
.
now
());
}
public
String
generateToken
(
UserDetails
userDetails
)
{
return
null
;
}
public
Boolean
validateToken
(
String
token
,
UserDetails
userDetails
)
{
AuthenticationUser
user
=
(
AuthenticationUser
)
userDetails
;
final
Date
created
=
getIssuedAtDateFromToken
(
token
);
return
(!
isTokenExpired
(
token
)
);
}
private
String
getPublicKeyString
(){
return
uaaFeignClient
.
getPublicKey
();
}
/**
* 获取PublicKey对象
* @param publicKeyBase64
* @return
* @throws NoSuchAlgorithmException
* @throws InvalidKeySpecException
*/
@SneakyThrows
public
PublicKey
getPublicKey
(
String
publicKeyBase64
)
{
byte
[]
byteKey
=
Base64
.
decodeBase64
(
publicKeyBase64
);
X509EncodedKeySpec
x509EncodedKeySpec
=
new
X509EncodedKeySpec
(
byteKey
);
KeyFactory
keyFactory
=
KeyFactory
.
getInstance
(
"RSA"
);
return
keyFactory
.
generatePublic
(
x509EncodedKeySpec
);
}
}
编辑
预览
Markdown
格式
0%
请重试
or
添加新附件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
先完成此消息的编辑!
取消
想要评论请
注册
或
登录