diff --git a/kicc-auth/pom.xml b/kicc-auth/pom.xml index e8b10803..96850092 100644 --- a/kicc-auth/pom.xml +++ b/kicc-auth/pom.xml @@ -24,21 +24,11 @@ com.alibaba.cloud spring-cloud-starter-alibaba-nacos-config - - - com.cloud - kicc-common-feign - com.cloud kicc-system-api - - - com.cloud - kicc-common-data - com.cloud diff --git a/kicc-auth/src/main/java/com/cloud/kicc/auth/provider/UserProviderImpl.java b/kicc-auth/src/main/java/com/cloud/kicc/auth/provider/UserProviderImpl.java new file mode 100644 index 00000000..86a902b9 --- /dev/null +++ b/kicc-auth/src/main/java/com/cloud/kicc/auth/provider/UserProviderImpl.java @@ -0,0 +1,50 @@ +package com.cloud.kicc.auth.provider; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.data.entity.SsoUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteAppService; +import com.cloud.kicc.system.api.feign.RemoteSsoUserService; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderImpl implements UserProviderTemplate { + + private final RemoteSsoUserService remoteSsoUserService; + private final RemoteUserService remoteUserService; + private final RemoteAppService remoteAppService; + + @Override + public SsoUser selectByUserName(String userName) { + R result = remoteSsoUserService.selectByUserName(userName); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public SsoUser selectByPhone(String phone) { + R result = remoteAppService.selectByPhone(phone); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/config/JacksonAutoConfiguration.java b/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/config/JacksonAutoConfiguration.java index 8b876414..3689bc3f 100644 --- a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/config/JacksonAutoConfiguration.java +++ b/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/config/JacksonAutoConfiguration.java @@ -5,7 +5,6 @@ import com.cloud.kicc.common.core.jackson.KiccJavaTimeModule; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ser.std.ToStringSerializer; import org.springframework.boot.autoconfigure.AutoConfigureBefore; -import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.jackson.Jackson2ObjectMapperBuilderCustomizer; @@ -24,7 +23,6 @@ import java.util.TimeZone; * @Author: wangxiang4 * @Date: 2022/2/18 */ -@EnableAutoConfiguration @Configuration(proxyBeanMethods = false) @ConditionalOnClass(ObjectMapper.class) @AutoConfigureBefore(org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration.class) diff --git a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/constant/SecurityConstants.java b/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/constant/SecurityConstants.java index 71f3cec0..4cf5acb9 100644 --- a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/constant/SecurityConstants.java +++ b/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/constant/SecurityConstants.java @@ -1,7 +1,5 @@ package com.cloud.kicc.common.core.constant; -import com.cloud.kicc.common.core.enums.CasSystemEnum; - /** *

* 安全常量 diff --git a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/enums/CasSystemEnum.java b/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/enums/CasSystemEnum.java deleted file mode 100644 index b03c486a..00000000 --- a/kicc-common/kicc-common-core/src/main/java/com/cloud/kicc/common/core/enums/CasSystemEnum.java +++ /dev/null @@ -1,43 +0,0 @@ -package com.cloud.kicc.common.core.enums; - -import lombok.Getter; -import lombok.RequiredArgsConstructor; - -/** - *

- * cas系统枚举 - *

- * - * @Author: wangxiang4 - * @Since: 2023/8/16 - */ -@Getter -@RequiredArgsConstructor -public enum CasSystemEnum { - - /** - * sso认证系统 - */ - KICC("KICC", "主kicc系统"), - - /** - * 子系统1 - */ - KICS("KICS", "子系统1"), - - /** - * 子系统2 - */ - KLAB("KLAB", "子系统2"); - - /** - * 名称 - */ - private final String name; - - /** - * 描述 - */ - private final String description; - -} diff --git a/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/CasUser.java b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/CasUser.java index 1ec8cc8d..27544ec8 100644 --- a/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/CasUser.java +++ b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/CasUser.java @@ -1,6 +1,5 @@ package com.cloud.kicc.common.data.entity; -import com.cloud.kicc.common.core.enums.CasSystemEnum; import lombok.EqualsAndHashCode; import lombok.Getter; import lombok.Setter; @@ -84,7 +83,7 @@ public class CasUser extends User { private String tenantId; /** sso扩展信息 */ - private Map exPrincipals = new ConcurrentHashMap<>(3); + private Map exPrincipals = new ConcurrentHashMap<>(3); public CasUser(String username, String password, Collection authorities) { diff --git a/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/KiccUser.java b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/KiccUser.java index 9a826c6d..064e6a16 100644 --- a/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/KiccUser.java +++ b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/KiccUser.java @@ -97,8 +97,8 @@ public class KiccUser extends CasUser { @JsonProperty("credentialsNonExpired") boolean credentialsNonExpired, @JsonProperty("accountNonLocked") boolean accountNonLocked, @JsonProperty("authorities") List authorities) { - super(ObjectUtil.defaultIfNull(username, SecurityConstants.MOCK_USERNAME), - ObjectUtil.defaultIfNull(password, SecurityConstants.MOCK_PASSWORD), + super(ObjectUtil.defaultIfBlank(username, SecurityConstants.MOCK_USERNAME), + ObjectUtil.defaultIfBlank(password, SecurityConstants.MOCK_PASSWORD), enabled, accountNonExpired, credentialsNonExpired, diff --git a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/entity/SsoUser.java b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/SsoUser.java similarity index 96% rename from kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/entity/SsoUser.java rename to kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/SsoUser.java index 2ec594a6..4ce7def4 100644 --- a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/entity/SsoUser.java +++ b/kicc-common/kicc-common-data/src/main/java/com/cloud/kicc/common/data/entity/SsoUser.java @@ -1,4 +1,4 @@ -package com.cloud.kicc.system.api.entity; +package com.cloud.kicc.common.data.entity; import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableName; diff --git a/kicc-common/kicc-common-feign/pom.xml b/kicc-common/kicc-common-feign/pom.xml index f7e300f2..1b999d1a 100644 --- a/kicc-common/kicc-common-feign/pom.xml +++ b/kicc-common/kicc-common-feign/pom.xml @@ -46,8 +46,8 @@ - org.springframework.security - spring-security-core + org.springframework.security.oauth.boot + spring-security-oauth2-autoconfigure diff --git a/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/annotation/EnableKiccFeignClients.java b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/annotation/EnableKiccFeignClients.java index 242d1dbf..b9eb0e2b 100644 --- a/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/annotation/EnableKiccFeignClients.java +++ b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/annotation/EnableKiccFeignClients.java @@ -1,6 +1,7 @@ package com.cloud.kicc.common.feign.annotation; import com.cloud.kicc.common.feign.config.FeignErrorDecoder; +import com.cloud.kicc.common.feign.config.KiccFeignClientConfiguration; import org.springframework.cloud.openfeign.EnableFeignClients; import org.springframework.cloud.openfeign.FeignClientsConfiguration; import org.springframework.cloud.openfeign.KiccFeignClientsRegistrar; @@ -20,7 +21,7 @@ import java.lang.annotation.*; @Retention(RetentionPolicy.RUNTIME) @Documented @EnableFeignClients -@Import(KiccFeignClientsRegistrar.class) +@Import({ KiccFeignClientsRegistrar.class, KiccFeignClientConfiguration.class }) public @interface EnableKiccFeignClients { /** diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientConfiguration.java b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientConfiguration.java similarity index 95% rename from kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientConfiguration.java rename to kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientConfiguration.java index 68c869c7..b4f01995 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientConfiguration.java +++ b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientConfiguration.java @@ -1,4 +1,4 @@ -package com.cloud.kicc.common.security.feign; +package com.cloud.kicc.common.feign.config; import feign.RequestInterceptor; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientInterceptor.java b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientInterceptor.java similarity index 97% rename from kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientInterceptor.java rename to kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientInterceptor.java index 7156fbd2..bdc37df5 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/feign/KiccFeignClientInterceptor.java +++ b/kicc-common/kicc-common-feign/src/main/java/com/cloud/kicc/common/feign/config/KiccFeignClientInterceptor.java @@ -1,4 +1,4 @@ -package com.cloud.kicc.common.security.feign; +package com.cloud.kicc.common.feign.config; import cn.hutool.core.collection.CollUtil; import com.cloud.kicc.common.core.constant.SecurityConstants; diff --git a/kicc-common/kicc-common-job/src/main/java/com/cloud/kicc/common/job/XxlJobAutoConfiguration.java b/kicc-common/kicc-common-job/src/main/java/com/cloud/kicc/common/job/XxlJobAutoConfiguration.java index 2a29300b..e585d5db 100644 --- a/kicc-common/kicc-common-job/src/main/java/com/cloud/kicc/common/job/XxlJobAutoConfiguration.java +++ b/kicc-common/kicc-common-job/src/main/java/com/cloud/kicc/common/job/XxlJobAutoConfiguration.java @@ -3,7 +3,6 @@ package com.cloud.kicc.common.job; import com.cloud.kicc.common.job.properties.XxlExecutorProperties; import com.cloud.kicc.common.job.properties.XxlJobProperties; import com.xxl.job.core.executor.impl.XxlJobSpringExecutor; -import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.cloud.client.discovery.DiscoveryClient; import org.springframework.context.annotation.Bean; @@ -22,7 +21,6 @@ import java.util.stream.Collectors; * @Date: 2022/2/19 */ @Configuration(proxyBeanMethods = false) -@EnableAutoConfiguration @EnableConfigurationProperties(XxlJobProperties.class) public class XxlJobAutoConfiguration { diff --git a/kicc-common/kicc-common-security/pom.xml b/kicc-common/kicc-common-security/pom.xml index 7a6df1a4..10eec6d0 100644 --- a/kicc-common/kicc-common-security/pom.xml +++ b/kicc-common/kicc-common-security/pom.xml @@ -15,20 +15,20 @@ - - - com.cloud - kicc-common-core - org.springframework.security.oauth.boot spring-security-oauth2-autoconfigure - + + + org.springframework.boot + spring-boot-starter-aop + + com.cloud - kicc-system-api + kicc-common-data diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/annotation/EnableKiccResourceServer.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/annotation/EnableKiccResourceServer.java index da94fdc7..056e392f 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/annotation/EnableKiccResourceServer.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/annotation/EnableKiccResourceServer.java @@ -3,7 +3,6 @@ package com.cloud.kicc.common.security.annotation; import com.cloud.kicc.common.security.config.ResourceServerAutoConfiguration; import com.cloud.kicc.common.security.config.ResourceServerTokenRelayAutoConfiguration; import com.cloud.kicc.common.security.exp.KiccSecurityBeanDefinitionRegistrar; -import com.cloud.kicc.common.security.feign.KiccFeignClientConfiguration; import org.springframework.context.annotation.Import; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; @@ -25,8 +24,9 @@ import java.lang.annotation.*; @Target({ ElementType.TYPE }) @Retention(RetentionPolicy.RUNTIME) @EnableGlobalMethodSecurity(prePostEnabled = true) -@Import({ ResourceServerAutoConfiguration.class, KiccSecurityBeanDefinitionRegistrar.class, - ResourceServerTokenRelayAutoConfiguration.class, KiccFeignClientConfiguration.class }) +@Import({ ResourceServerAutoConfiguration.class, + KiccSecurityBeanDefinitionRegistrar.class, + ResourceServerTokenRelayAutoConfiguration.class }) public @interface EnableKiccResourceServer { } diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/Oauth2SecurityAutoConfiguration.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/Oauth2SecurityAutoConfiguration.java new file mode 100644 index 00000000..48a7d127 --- /dev/null +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/Oauth2SecurityAutoConfiguration.java @@ -0,0 +1,21 @@ +package com.cloud.kicc.common.security.config; + +import com.cloud.kicc.common.security.properties.CasProperties; +import com.cloud.kicc.common.security.xss.XssFilterAutoConfiguration; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Import; + +/** + *

+ * OAUTH2 配置 + *

+ * + * @Author: wangxiang4 + * @Since: 2023/9/16 + */ +@Configuration(proxyBeanMethods = false) +@Import({ XssFilterAutoConfiguration.class, SecurityMessageSourceConfiguration.class}) +@EnableConfigurationProperties(CasProperties.class) +public class Oauth2SecurityAutoConfiguration { +} diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/ResourceServerAutoConfiguration.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/ResourceServerAutoConfiguration.java index c2d763c7..9a754782 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/ResourceServerAutoConfiguration.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/ResourceServerAutoConfiguration.java @@ -1,11 +1,12 @@ package com.cloud.kicc.common.security.config; +import com.cloud.kicc.common.security.exp.KiccLocalResourceServerTokenServices; +import com.cloud.kicc.common.security.exp.PermissionService; import com.cloud.kicc.common.security.exp.PermitAllUrlProperties; import com.cloud.kicc.common.security.exp.ResourceAuthExceptionEntryPoint; import com.cloud.kicc.common.security.override.KiccBearerTokenExtractor; -import com.cloud.kicc.common.security.exp.KiccLocalResourceServerTokenServices; -import com.cloud.kicc.common.security.exp.PermissionService; -import com.cloud.kicc.system.api.feign.RemoteUserService; +import com.cloud.kicc.common.security.properties.CasProperties; +import com.cloud.kicc.common.security.template.UserProviderTemplate; import com.fasterxml.jackson.databind.ObjectMapper; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; @@ -45,8 +46,8 @@ public class ResourceServerAutoConfiguration { /** 扩展资源服务器令牌服务 */ @Bean @Primary - public ResourceServerTokenServices resourceServerTokenServices(TokenStore tokenStore, RemoteUserService remoteUserService) { - return new KiccLocalResourceServerTokenServices(tokenStore, remoteUserService); + public ResourceServerTokenServices resourceServerTokenServices() { + return new KiccLocalResourceServerTokenServices(); } } diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/TokenStoreAutoConfiguration.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/TokenStoreAutoConfiguration.java index c29ea281..b9de4241 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/TokenStoreAutoConfiguration.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/config/TokenStoreAutoConfiguration.java @@ -3,6 +3,7 @@ package com.cloud.kicc.common.security.config; import com.cloud.kicc.common.core.constant.CacheConstants; import com.cloud.kicc.common.security.override.KiccRedisTokenStore; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.connection.RedisConnectionFactory; import org.springframework.security.oauth2.provider.token.TokenStore; diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/exp/KiccLocalResourceServerTokenServices.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/exp/KiccLocalResourceServerTokenServices.java index 01b6e590..772546f7 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/exp/KiccLocalResourceServerTokenServices.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/exp/KiccLocalResourceServerTokenServices.java @@ -1,23 +1,27 @@ package com.cloud.kicc.common.security.exp; +import cn.hutool.core.util.ClassUtil; +import cn.hutool.core.util.ObjectUtil; +import cn.hutool.core.util.ReflectUtil; import cn.hutool.json.JSONUtil; -import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.SecurityConstants; -import com.cloud.kicc.common.core.enums.CasSystemEnum; import com.cloud.kicc.common.core.jackson.KiccJavaTimeModule; import com.cloud.kicc.common.data.entity.CasUser; -import com.cloud.kicc.common.data.entity.KiccUser; import com.cloud.kicc.common.security.exception.UnConfiguredUserDataException; import com.cloud.kicc.common.security.override.jackson2.SimpleGrantedAuthorityMixin; -import com.cloud.kicc.system.api.feign.RemoteUserService; +import com.cloud.kicc.common.security.properties.CasProperties; +import com.cloud.kicc.common.security.template.UserProviderTemplate; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.databind.ObjectMapper; +import io.netty.util.internal.StringUtil; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import org.springframework.beans.BeanUtils; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; @@ -27,6 +31,7 @@ import org.springframework.security.oauth2.provider.token.ResourceServerTokenSer import org.springframework.security.oauth2.provider.token.TokenStore; import java.util.Arrays; +import java.util.Collection; import java.util.List; import java.util.stream.Collectors; @@ -41,9 +46,14 @@ import java.util.stream.Collectors; @RequiredArgsConstructor public class KiccLocalResourceServerTokenServices implements ResourceServerTokenServices { - private final TokenStore tokenStore; + @Autowired + private TokenStore tokenStore; - private final RemoteUserService remoteUserService; + @Autowired + private UserProviderTemplate userProviderTemplate; + + @Autowired + private CasProperties casProperties; @Override @SneakyThrows @@ -61,40 +71,41 @@ public class KiccLocalResourceServerTokenServices implements ResourceServerToken CasUser casUser = (CasUser) oAuth2Authentication.getPrincipal(); // 设置SSO子系统扩展用户信息 - if (casUser.getExPrincipals().get(CasSystemEnum.KICC) == null) { - R result = remoteUserService.selectByCasUserId(casUser.getId()); - if (result.getCode() != R.SUCCESS) { + if (casUser.getExPrincipals().get(casProperties.getIdentity()) == null) { + Object user = userProviderTemplate.selectByCasUserId(casUser.getId()); + if (ObjectUtil.isEmpty(user)) { throw new UnConfiguredUserDataException("System user not found Contact your system administrator for configuration!", null); } - KiccUser user = result.getData(); - List authorities = Arrays.stream(user.getPermissions()) + String[] permissions = (String[])ReflectUtil.getMethodByName(user.getClass(), "getPermissions").invoke(user); + List authorities = Arrays.stream(permissions) .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()); - KiccUser kiccUser = new KiccUser( - casUser.getUsername(), - casUser.getPassword(), - casUser.isEnabled(), - casUser.isAccountNonExpired(), - casUser.isCredentialsNonExpired(), - casUser.isAccountNonLocked(), - authorities + Object exUser = ReflectUtil.newInstance(ClassUtil.loadClass(casProperties.getUserClass()), + casUser.getUsername(), + StringUtil.EMPTY_STRING, + casUser.isEnabled(), + casUser.isAccountNonExpired(), + casUser.isCredentialsNonExpired(), + casUser.isAccountNonLocked(), + authorities ); - BeanUtils.copyProperties(user, kiccUser); - casUser.getExPrincipals().put(CasSystemEnum.KICC, new ObjectMapper() + BeanUtils.copyProperties(user, exUser); + casUser.getExPrincipals().put(casProperties.getIdentity(), new ObjectMapper() .registerModule(new KiccJavaTimeModule()) .setSerializationInclusion(JsonInclude.Include.NON_NULL) - .writeValueAsString(kiccUser)); + .writeValueAsString(exUser)); tokenStore.storeAccessToken(tokenStore.getAccessToken(oAuth2Authentication), oAuth2Authentication); } // 覆盖casUser核心authorities - String str = casUser.getExPrincipals().get(CasSystemEnum.KICC); + String str = casUser.getExPrincipals().get(casProperties.getIdentity()); if (!JSONUtil.isJson(str)) throw new UnConfiguredUserDataException("ExPrincipals not json strings!"); - KiccUser kiccUser = new ObjectMapper() + Object exUser = new ObjectMapper() .registerModule(new KiccJavaTimeModule()) .addMixIn(SimpleGrantedAuthority.class, SimpleGrantedAuthorityMixin.class) - .readValue(str, KiccUser.class); + .readValue(str, Class.forName(casProperties.getUserClass())); + Collection authorities = (Collection)ReflectUtil.getMethodByName(exUser.getClass(), "getAuthorities").invoke(exUser); CasUser exCasUser = new CasUser( casUser.getUsername(), SecurityConstants.MOCK_PASSWORD, @@ -102,7 +113,7 @@ public class KiccLocalResourceServerTokenServices implements ResourceServerToken casUser.isAccountNonExpired(), casUser.isCredentialsNonExpired(), casUser.isAccountNonLocked(), - kiccUser.getAuthorities()); + authorities); BeanUtils.copyProperties(casUser, exCasUser); // 每次请求前都预先加载用户名密码身份验证令牌 diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/properties/CasProperties.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/properties/CasProperties.java new file mode 100644 index 00000000..4519ff72 --- /dev/null +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/properties/CasProperties.java @@ -0,0 +1,23 @@ +package com.cloud.kicc.common.security.properties; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.EnableConfigurationProperties; + +/** + *

+ * Central Authentication Service configuration + *

+ * + * @Author: wangxiang4 + * @Since: 2023/9/16 + */ +@Data +@ConfigurationProperties(prefix = "security.cas") +public class CasProperties { + + private String userClass = "com.cloud.kicc.common.data.entity.KiccUser"; + + private String identity = "KICC"; + +} diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/KiccUserDetailsService.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/KiccUserDetailsService.java index ea73c775..98707f17 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/KiccUserDetailsService.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/KiccUserDetailsService.java @@ -1,12 +1,12 @@ package com.cloud.kicc.common.security.service; +import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; -import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.CommonConstants; import com.cloud.kicc.common.core.constant.SecurityConstants; import com.cloud.kicc.common.data.entity.CasUser; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.common.security.exception.SecurityCheckedException; -import com.cloud.kicc.system.api.entity.SsoUser; import lombok.SneakyThrows; import org.springframework.core.Ordered; import org.springframework.security.core.authority.AuthorityUtils; @@ -43,17 +43,15 @@ public interface KiccUserDetailsService extends UserDetailsService, Ordered { /** * 构建userDetails - * @param result 用户信息 + * @param user 用户信息 * @return UserDetails */ @SneakyThrows - default UserDetails getUserDetails(R result) { - // 验证请求是否成功 - if (result.getCode() != R.SUCCESS) { - throw new SecurityCheckedException(result.getMsg()); + default UserDetails getUserDetails(SsoUser user) { + if (ObjectUtil.isEmpty(user)) { + throw new SecurityCheckedException("SSO User not found, Try again after registration."); } - SsoUser user = result.getData(); // 构造security用户 return new CasUser( user.getUserName(), diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccAppUserDetailsServiceImpl.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccAppUserDetailsServiceImpl.java index ec34e9a9..5eecbfe8 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccAppUserDetailsServiceImpl.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccAppUserDetailsServiceImpl.java @@ -1,11 +1,10 @@ package com.cloud.kicc.common.security.service.impl; -import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.SecurityConstants; import com.cloud.kicc.common.data.entity.CasUser; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.common.security.service.KiccUserDetailsService; -import com.cloud.kicc.system.api.entity.SsoUser; -import com.cloud.kicc.system.api.feign.RemoteAppService; +import com.cloud.kicc.common.security.template.UserProviderTemplate; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; @@ -23,7 +22,7 @@ import org.springframework.security.core.userdetails.UserDetails; @RequiredArgsConstructor public class KiccAppUserDetailsServiceImpl implements KiccUserDetailsService { - private final RemoteAppService remoteAppService; + private final UserProviderTemplate userProviderTemplate; /** * 手机号登录 @@ -32,7 +31,7 @@ public class KiccAppUserDetailsServiceImpl implements KiccUserDetailsService { @Override @SneakyThrows public UserDetails loadUserByUsername(String phone) { - R result = remoteAppService.selectByPhone(phone); + SsoUser result = userProviderTemplate.selectByPhone(phone); return getUserDetails(result); } diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccUserDetailsServiceImpl.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccUserDetailsServiceImpl.java index f5f5c7c8..7d387bb9 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccUserDetailsServiceImpl.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/service/impl/KiccUserDetailsServiceImpl.java @@ -1,9 +1,8 @@ package com.cloud.kicc.common.security.service.impl; -import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.common.security.service.KiccUserDetailsService; -import com.cloud.kicc.system.api.entity.SsoUser; -import com.cloud.kicc.system.api.feign.RemoteSsoUserService; +import com.cloud.kicc.common.security.template.UserProviderTemplate; import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; @@ -16,14 +15,14 @@ import org.springframework.security.core.userdetails.UserDetails; *

* * @Author: wangxiang4 - * @Date: 2022/2/17 + * @Since: 2023/9/16 */ @Slf4j @Primary @RequiredArgsConstructor public class KiccUserDetailsServiceImpl implements KiccUserDetailsService { - private final RemoteSsoUserService remoteSsoUserService; + private final UserProviderTemplate userProviderTemplate; /** * 用户名密码登录 @@ -32,7 +31,7 @@ public class KiccUserDetailsServiceImpl implements KiccUserDetailsService { @Override @SneakyThrows public UserDetails loadUserByUsername(String username) { - R result = remoteSsoUserService.selectByUserName(username); + SsoUser result = userProviderTemplate.selectByUserName(username); return getUserDetails(result); } diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/template/UserProviderTemplate.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/template/UserProviderTemplate.java new file mode 100644 index 00000000..6455d22f --- /dev/null +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/template/UserProviderTemplate.java @@ -0,0 +1,33 @@ +package com.cloud.kicc.common.security.template; + +import com.cloud.kicc.common.data.entity.CasUser; +import com.cloud.kicc.common.data.entity.SsoUser; + +/** + *

+ * The user must implement the template + * Contains SSO handler related to login + *

+ * + * @Author: wangxiang4 + * @Since: 2023/9/16 + */ +public interface UserProviderTemplate { + + default SsoUser selectByUserName(String userName) { + return null; + } + + default SsoUser selectByPhone(String phone) { + return null; + }; + + default T selectByCasUserId(String casUserId) { + return null; + }; + + default T selectByUserId(String userid) { + return null; + }; + +} diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/util/SecurityUtils.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/util/SecurityUtils.java index 8da52b10..209446b9 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/util/SecurityUtils.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/util/SecurityUtils.java @@ -1,18 +1,19 @@ package com.cloud.kicc.common.security.util; +import cn.hutool.core.util.ClassUtil; +import cn.hutool.core.util.ObjectUtil; +import cn.hutool.core.util.ReflectUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.json.JSONUtil; -import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.CommonConstants; import com.cloud.kicc.common.core.constant.SecurityConstants; -import com.cloud.kicc.common.core.enums.CasSystemEnum; -import com.cloud.kicc.common.core.exception.CheckedException; import com.cloud.kicc.common.core.jackson.KiccJavaTimeModule; import com.cloud.kicc.common.core.util.SpringContextHolderUtil; import com.cloud.kicc.common.data.entity.CasUser; -import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.UnConfiguredUserDataException; import com.cloud.kicc.common.security.override.jackson2.SimpleGrantedAuthorityMixin; -import com.cloud.kicc.system.api.feign.RemoteUserService; +import com.cloud.kicc.common.security.properties.CasProperties; +import com.cloud.kicc.common.security.template.UserProviderTemplate; import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.SneakyThrows; @@ -42,6 +43,8 @@ import java.util.stream.Collectors; @UtilityClass public class SecurityUtils { + CasProperties casProperties = SpringContextHolderUtil.getBean(CasProperties.class); + /** * 获取Authentication */ @@ -73,15 +76,15 @@ public class SecurityUtils { /** * 获取完整用户 - * @param casSystemEnum SSO系统枚举 + * @param identity SSO系统身份 * @param valueType 自定义扩展用户 * @return T */ @SneakyThrows - public T getUser(CasSystemEnum casSystemEnum, Class valueType) { + public T getUser(String identity, Class valueType) { CasUser casUser = getCasUser(); if (casUser == null) return null; - String str = casUser.getExPrincipals().get(casSystemEnum); + String str = casUser.getExPrincipals().get(identity); if (JSONUtil.isJson(str)) return new ObjectMapper() .registerModule(new KiccJavaTimeModule()) @@ -93,8 +96,8 @@ public class SecurityUtils { /** * 获取SSO扩展用户 */ - public KiccUser getUser() { - return getUser(CasSystemEnum.KICC, KiccUser.class); + public T getUser() { + return getUser(casProperties.getIdentity(), ClassUtil.loadClass(casProperties.getUserClass())); } /** @@ -120,44 +123,37 @@ public class SecurityUtils { * @return User 用户对象 */ @SneakyThrows - public KiccUser openInterfaceTemporaryLoginSession(String userId) { - RemoteUserService remoteUserService = SpringContextHolderUtil.getBean(RemoteUserService.class); - R result = remoteUserService.selectByUserId(userId); - if (result == null || result.getData() == null) { - throw new CheckedException("用户不存在"); + public T openInterfaceTemporaryLoginSession(String userId) { + UserProviderTemplate userProviderTemplate = SpringContextHolderUtil.getBean(UserProviderTemplate.class); + Object user = userProviderTemplate.selectByUserId(userId); + if (ObjectUtil.isEmpty(user)) { + throw new UnConfiguredUserDataException("System user not found Contact your system administrator for configuration!", null); } - KiccUser user = result.getData(); - List authorities = Arrays.stream(user.getPermissions()) + + String[] permissions = (String[]) ReflectUtil.getMethodByName(user.getClass(), "getPermissions").invoke(user); + List authorities = Arrays.stream(permissions) .map(SimpleGrantedAuthority::new) .collect(Collectors.toList()); + + String username = (String) ReflectUtil.getMethodByName(user.getClass(), "getUsername").invoke(user); + String password = (String) ReflectUtil.getMethodByName(user.getClass(), "getPassword").invoke(user); + String status = (String) ReflectUtil.getMethodByName(user.getClass(), "getStatus").invoke(user); + String[] roleIds = (String[]) ReflectUtil.getMethodByName(user.getClass(), "getRoleIds").invoke(user); + String[] tenantIds = (String[]) ReflectUtil.getMethodByName(user.getClass(), "getTenantIds").invoke(user); + CasUser casUser = new CasUser( - user.getUsername(), - SecurityConstants.BCRYPT + user.getPassword(), + username, + SecurityConstants.BCRYPT + password, true, true, true, - StrUtil.equals(user.getStatus(), CommonConstants.STATUS_NORMAL), - authorities, - user.getCasUserId(), - user.getNickName(), - user.getEmail(), - user.getPhone(), - user.getSex(), - user.getAvatar(), - user.getLoginIp(), - user.getLoginTime(), - user.getSsoStatus(), - user.getSsoCreateById(), - user.getSsoCreateByName(), - user.getSsoCreateTime(), - user.getSsoUpdateById(), - user.getSsoUpdateByName(), - user.getSsoUpdateTime(), - user.getRemarks(), - String.join(",", user.getRoleIds()), - String.join(",", user.getTenantIds()) + StrUtil.equals(status, CommonConstants.STATUS_NORMAL), + authorities ); - KiccUser kiccUser = new KiccUser( + BeanUtils.copyProperties(user, casUser); + casUser.setRoleId(String.join(",", roleIds)); + casUser.setTenantId(String.join(",", tenantIds)); + Object exUser = ReflectUtil.newInstance(ClassUtil.loadClass(casProperties.getUserClass()), casUser.getUsername(), casUser.getPassword(), casUser.isEnabled(), @@ -166,15 +162,16 @@ public class SecurityUtils { casUser.isAccountNonLocked(), authorities ); - BeanUtils.copyProperties(user, kiccUser); + + BeanUtils.copyProperties(user, exUser); // 设置扩展用户数据 - casUser.getExPrincipals().put(CasSystemEnum.KICC, new ObjectMapper() + casUser.getExPrincipals().put(casProperties.getIdentity(), new ObjectMapper() .registerModule(new KiccJavaTimeModule()) .setSerializationInclusion(JsonInclude.Include.NON_NULL) - .writeValueAsString(kiccUser)); + .writeValueAsString(exUser)); Authentication authentication = new UsernamePasswordAuthenticationToken(casUser, "N/A", casUser.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); - return user; + return (T) user; } public static void main(String[] args) { diff --git a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/xss/XssFilterAutoConfiguration.java b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/xss/XssFilterAutoConfiguration.java index 7acdc008..931fd8e9 100644 --- a/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/xss/XssFilterAutoConfiguration.java +++ b/kicc-common/kicc-common-security/src/main/java/com/cloud/kicc/common/security/xss/XssFilterAutoConfiguration.java @@ -5,6 +5,7 @@ import cn.hutool.core.util.StrUtil; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; import javax.servlet.DispatcherType; import java.util.HashMap; @@ -18,6 +19,7 @@ import java.util.Map; * @Author: wangxiang4 * @Date: 2022/2/19 */ +@Configuration(proxyBeanMethods = false) @EnableConfigurationProperties(XssProperties.class) public class XssFilterAutoConfiguration { diff --git a/kicc-common/kicc-common-security/src/main/resources/META-INF/spring.factories b/kicc-common/kicc-common-security/src/main/resources/META-INF/spring.factories index c60a019d..0ba864dc 100644 --- a/kicc-common/kicc-common-security/src/main/resources/META-INF/spring.factories +++ b/kicc-common/kicc-common-security/src/main/resources/META-INF/spring.factories @@ -4,6 +4,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ com.cloud.kicc.common.security.service.impl.KiccAppUserDetailsServiceImpl,\ com.cloud.kicc.common.security.config.TokenStoreAutoConfiguration,\ com.cloud.kicc.common.security.config.TokenStoreAutoCleanScheduleConfiguration,\ - com.cloud.kicc.common.security.config.SecurityMessageSourceConfiguration,\ - com.cloud.kicc.common.security.xss.XssFilterAutoConfiguration - + com.cloud.kicc.common.security.config.Oauth2SecurityAutoConfiguration diff --git a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteAppService.java b/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteAppService.java index add88be8..166f4f33 100644 --- a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteAppService.java +++ b/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteAppService.java @@ -4,8 +4,7 @@ import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.core.constant.SecurityConstants; import com.cloud.kicc.common.core.constant.ServiceNameConstants; -import com.cloud.kicc.common.data.entity.KiccUser; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; diff --git a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteSsoUserService.java b/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteSsoUserService.java index f2837d4a..a5029472 100644 --- a/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteSsoUserService.java +++ b/kicc-platform/kicc-platform-api/kicc-system-api/src/main/java/com/cloud/kicc/system/api/feign/RemoteSsoUserService.java @@ -4,8 +4,7 @@ import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.core.constant.SecurityConstants; import com.cloud.kicc.common.core.constant.ServiceNameConstants; -import com.cloud.kicc.common.data.entity.KiccUser; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import org.springframework.cloud.openfeign.FeignClient; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; diff --git a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushApplicationController.java b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushApplicationController.java index 0051646e..f258e99d 100644 --- a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushApplicationController.java +++ b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushApplicationController.java @@ -10,6 +10,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.core.exception.CheckedException; +import com.cloud.kicc.common.data.entity.KiccUser; import com.cloud.kicc.common.security.annotation.Inner; import com.cloud.kicc.common.security.util.SecurityUtils; import com.cloud.kicc.commonbiz.api.entity.PushApplication; @@ -69,7 +70,7 @@ public class PushApplicationController { @PostMapping("/save") public R save(@Valid @RequestBody PushApplication pushApplication) { // 企业用户需要验证是否进行企业认证 - if (StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue()) && + if (StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue()) && iPushEnterpriseService.count(Wrappers.lambdaQuery() .eq(PushEnterprise::getStatus, PushAuditStatusEnum.APPROVED.getValue()) .eq(PushEnterprise::getUserId, SecurityUtils.getUser().getId())) == 0){ diff --git a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushEnterpriseController.java b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushEnterpriseController.java index 348ff350..05415633 100644 --- a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushEnterpriseController.java +++ b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/controller/PushEnterpriseController.java @@ -10,6 +10,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.core.exception.CheckedException; +import com.cloud.kicc.common.data.entity.KiccUser; import com.cloud.kicc.common.security.util.SecurityUtils; import com.cloud.kicc.commonbiz.api.entity.PushEnterprise; import com.cloud.kicc.commonbiz.api.enums.PushAuditStatusEnum; @@ -70,7 +71,7 @@ public class PushEnterpriseController { @PostMapping("/save") public R save(@Valid @RequestBody PushEnterprise pushEnterprise) { // 限制只能有企业用户进行认证 - if (!StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue())) { + if (!StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue())) { throw new CheckedException("当前用户不是企业用户请用企业用户登录后重试!"); } if(iPushEnterpriseService.count(Wrappers.lambdaQuery() @@ -110,7 +111,7 @@ public class PushEnterpriseController { public R updateAuditStatus(@PathVariable Integer status) { iPushEnterpriseService.update(Wrappers.lambdaUpdate() .set(PushEnterprise::getStatus, status) - .eq(PushEnterprise::getUserId, SecurityUtils.getUser().getId())); + .eq(PushEnterprise::getUserId, SecurityUtils.getUser().getId())); return R.ok(); } diff --git a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/PushApplicationServiceImpl.java b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/PushApplicationServiceImpl.java index 4c046890..a4ee9575 100644 --- a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/PushApplicationServiceImpl.java +++ b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/PushApplicationServiceImpl.java @@ -9,6 +9,7 @@ import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.cloud.kicc.common.core.exception.CheckedException; +import com.cloud.kicc.common.data.entity.KiccUser; import com.cloud.kicc.common.security.util.SecurityUtils; import com.cloud.kicc.commonbiz.api.entity.*; import com.cloud.kicc.commonbiz.api.enums.PushAuditStatusEnum; @@ -59,11 +60,11 @@ public class PushApplicationServiceImpl extends ServiceImplgetUser().getUserType())) { throw new CheckedException("该用户不是企业用户,禁止操作!"); } - if (StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue()) && + if (StrUtil.equals(SecurityUtils.getUser().getUserType(), UserTypeEnum.ENTERPRISE_USER.getValue()) && iPushEnterpriseService.count(Wrappers.lambdaQuery() .eq(PushEnterprise::getStatus, PushAuditStatusEnum.APPROVED.getValue()) .eq(PushEnterprise::getUserId, SecurityUtils.getUser().getId())) == 0){ diff --git a/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/UserProviderTemplateImpl.java new file mode 100644 index 00000000..49e13594 --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-common-biz/src/main/java/com/cloud/kicc/commonbiz/service/impl/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.commonbiz.service.impl; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-platform/kicc-platform-biz/kicc-monitor-biz/pom.xml b/kicc-platform/kicc-platform-biz/kicc-monitor-biz/pom.xml index af5057c5..48090e83 100644 --- a/kicc-platform/kicc-platform-biz/kicc-monitor-biz/pom.xml +++ b/kicc-platform/kicc-platform-biz/kicc-monitor-biz/pom.xml @@ -19,6 +19,11 @@ com.cloud kicc-common-log + + + com.cloud + kicc-system-api + com.cloud diff --git a/kicc-platform/kicc-platform-biz/kicc-monitor-biz/src/main/java/com/cloud/kicc/monitor/service/impl/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-monitor-biz/src/main/java/com/cloud/kicc/monitor/service/impl/UserProviderTemplateImpl.java new file mode 100644 index 00000000..4099f174 --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-monitor-biz/src/main/java/com/cloud/kicc/monitor/service/impl/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.monitor.service.impl; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-platform/kicc-platform-biz/kicc-report-biz/pom.xml b/kicc-platform/kicc-platform-biz/kicc-report-biz/pom.xml index b52a3186..f19df996 100644 --- a/kicc-platform/kicc-platform-biz/kicc-report-biz/pom.xml +++ b/kicc-platform/kicc-platform-biz/kicc-report-biz/pom.xml @@ -19,6 +19,11 @@ com.cloud kicc-report-api + + + com.cloud + kicc-system-api + com.cloud diff --git a/kicc-platform/kicc-platform-biz/kicc-report-biz/src/main/java/com/cloud/kicc/report/service/impl/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-report-biz/src/main/java/com/cloud/kicc/report/service/impl/UserProviderTemplateImpl.java new file mode 100644 index 00000000..0dc77f0e --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-report-biz/src/main/java/com/cloud/kicc/report/service/impl/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.report.service.impl; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/AppController.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/AppController.java index 05975334..5a003fa1 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/AppController.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/AppController.java @@ -4,7 +4,7 @@ import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.cloud.kicc.common.core.api.R; import com.cloud.kicc.common.core.constant.AppConstants; import com.cloud.kicc.common.security.annotation.Inner; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.system.service.AppService; import com.cloud.kicc.system.service.ISsoUserService; import io.swagger.annotations.Api; diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/SsoUserController.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/SsoUserController.java index bffcce2d..5c2fdec8 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/SsoUserController.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/SsoUserController.java @@ -11,7 +11,7 @@ import com.cloud.kicc.common.data.entity.KiccUser; import com.cloud.kicc.common.log.annotation.SysLog; import com.cloud.kicc.common.security.annotation.Inner; import com.cloud.kicc.common.security.util.SecurityUtils; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.system.api.entity.User; import com.cloud.kicc.system.service.ISsoUserService; import lombok.RequiredArgsConstructor; diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java index d6e975c7..b0092989 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/controller/UserController.java @@ -134,7 +134,7 @@ public class UserController { if (!ArrayUtil.contains(new String[]{ UserTypeEnum.ENTERPRISE_USER.getValue(), UserTypeEnum.INTERNAL_USER.getValue(), - }, SecurityUtils.getUser().getUserType())) { + }, SecurityUtils.getUser().getUserType())) { List enterpriseUserList = userService.list(Wrappers.lambdaQuery() .in(User::getUserType, UserTypeEnum.INTERNAL_USER.getValue())); remotePushConcernFanService.bindConcernEnterpriseUser(user.getId(), enterpriseUserList); diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/mapper/SsoUserMapper.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/mapper/SsoUserMapper.java index 4f32f65b..6b8d9c0d 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/mapper/SsoUserMapper.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/mapper/SsoUserMapper.java @@ -1,8 +1,7 @@ package com.cloud.kicc.system.mapper; import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.cloud.kicc.common.data.entity.KiccUser; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import java.util.List; diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/ISsoUserService.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/ISsoUserService.java index 0a912a62..47833ab2 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/ISsoUserService.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/ISsoUserService.java @@ -2,7 +2,7 @@ package com.cloud.kicc.system.service; import com.baomidou.mybatisplus.extension.service.IService; import com.cloud.kicc.common.data.entity.KiccUser; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import java.util.List; diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/SsoUserServiceImpl.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/SsoUserServiceImpl.java index 7f282d01..66640e8b 100644 --- a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/SsoUserServiceImpl.java +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/SsoUserServiceImpl.java @@ -5,7 +5,7 @@ import com.baomidou.dynamic.datasource.annotation.DSTransactional; import com.baomidou.dynamic.datasource.toolkit.DynamicDataSourceContextHolder; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.cloud.kicc.common.data.entity.KiccUser; -import com.cloud.kicc.system.api.entity.SsoUser; +import com.cloud.kicc.common.data.entity.SsoUser; import com.cloud.kicc.system.api.entity.User; import com.cloud.kicc.system.mapper.SsoUserMapper; import com.cloud.kicc.system.service.ISsoUserService; diff --git a/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserProviderTemplateImpl.java new file mode 100644 index 00000000..39ce3328 --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-system-biz/src/main/java/com/cloud/kicc/system/service/impl/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.system.service.impl; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-platform/kicc-platform-biz/kicc-template-biz/pom.xml b/kicc-platform/kicc-platform-biz/kicc-template-biz/pom.xml index 6ab3c833..28777f8d 100644 --- a/kicc-platform/kicc-platform-biz/kicc-template-biz/pom.xml +++ b/kicc-platform/kicc-platform-biz/kicc-template-biz/pom.xml @@ -19,6 +19,11 @@ com.cloud kicc-template-api + + + com.cloud + kicc-system-api + com.cloud diff --git a/kicc-platform/kicc-platform-biz/kicc-template-biz/src/main/java/com/cloud/kicc/template/provide/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-template-biz/src/main/java/com/cloud/kicc/template/provide/UserProviderTemplateImpl.java new file mode 100644 index 00000000..b1547af1 --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-template-biz/src/main/java/com/cloud/kicc/template/provide/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.template.provide; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +} diff --git a/kicc-platform/kicc-platform-biz/kicc-workflow-biz/pom.xml b/kicc-platform/kicc-platform-biz/kicc-workflow-biz/pom.xml index b96ba6ed..f037d6e4 100644 --- a/kicc-platform/kicc-platform-biz/kicc-workflow-biz/pom.xml +++ b/kicc-platform/kicc-platform-biz/kicc-workflow-biz/pom.xml @@ -19,6 +19,11 @@ com.cloud kicc-workflow-api + + + com.cloud + kicc-system-api + com.cloud diff --git a/kicc-platform/kicc-platform-biz/kicc-workflow-biz/src/main/java/com/cloud/kicc/workflow/service/impl/UserProviderTemplateImpl.java b/kicc-platform/kicc-platform-biz/kicc-workflow-biz/src/main/java/com/cloud/kicc/workflow/service/impl/UserProviderTemplateImpl.java new file mode 100644 index 00000000..bb4b4281 --- /dev/null +++ b/kicc-platform/kicc-platform-biz/kicc-workflow-biz/src/main/java/com/cloud/kicc/workflow/service/impl/UserProviderTemplateImpl.java @@ -0,0 +1,35 @@ +package com.cloud.kicc.workflow.service.impl; + +import com.cloud.kicc.common.core.api.R; +import com.cloud.kicc.common.data.entity.KiccUser; +import com.cloud.kicc.common.security.exception.SecurityCheckedException; +import com.cloud.kicc.common.security.template.UserProviderTemplate; +import com.cloud.kicc.system.api.feign.RemoteUserService; +import lombok.RequiredArgsConstructor; +import org.springframework.stereotype.Component; + +@Component +@RequiredArgsConstructor +public class UserProviderTemplateImpl implements UserProviderTemplate { + + private final RemoteUserService remoteUserService; + + @Override + public KiccUser selectByCasUserId(String casUserId) { + R result = remoteUserService.selectByCasUserId(casUserId); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + + @Override + public KiccUser selectByUserId(String userid) { + R result = remoteUserService.selectByUserId(userid); + if (result.getCode() != R.SUCCESS) { + throw new SecurityCheckedException("Controller invoke failed!"); + } + return result.getData(); + } + +}