Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
有来开源组织
youlai-mall
提交
f3b5ec77
Y
youlai-mall
项目概览
有来开源组织
/
youlai-mall
通知
8
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
Y
youlai-mall
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
f3b5ec77
编写于
11月 08, 2022
作者:
H
haoxr
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix: 资源服务配置统一处理和发布问题调整
上级
01d0f175
变更
26
隐藏空白更改
内联
并排
Showing
26 changed file
with
76 addition
and
301 deletion
+76
-301
docs/nacos/nacos_config.zip
docs/nacos/nacos_config.zip
+0
-0
mall-oms/oms-boot/src/main/resources/bootstrap-k8s.yml
mall-oms/oms-boot/src/main/resources/bootstrap-k8s.yml
+2
-2
mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/config/ResourceServerConfig.java
...java/com/youlai/mall/pms/config/ResourceServerConfig.java
+0
-54
mall-pms/pms-boot/src/main/resources/bootstrap-k8s.yml
mall-pms/pms-boot/src/main/resources/bootstrap-k8s.yml
+2
-2
mall-sms/sms-boot/src/main/java/com/youlai/mall/sms/config/ResourceServerConfig.java
...java/com/youlai/mall/sms/config/ResourceServerConfig.java
+0
-55
mall-sms/sms-boot/src/main/resources/bootstrap-k8s.yml
mall-sms/sms-boot/src/main/resources/bootstrap-k8s.yml
+2
-2
mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/config/ResourceServerConfig.java
...java/com/youlai/mall/ums/config/ResourceServerConfig.java
+0
-55
mall-ums/ums-boot/src/main/resources/bootstrap-k8s.yml
mall-ums/ums-boot/src/main/resources/bootstrap-k8s.yml
+2
-2
pom.xml
pom.xml
+2
-2
youlai-auth/pom.xml
youlai-auth/pom.xml
+8
-13
youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java
...c/main/java/com/youlai/auth/config/WebSecurityConfig.java
+20
-3
youlai-auth/src/main/resources/bootstrap-k8s.yml
youlai-auth/src/main/resources/bootstrap-k8s.yml
+1
-1
youlai-auth/src/main/resources/bootstrap-prod.yml
youlai-auth/src/main/resources/bootstrap-prod.yml
+1
-0
youlai-common/common-log/src/main/resources/logback-spring.xml
...i-common/common-log/src/main/resources/logback-spring.xml
+1
-1
youlai-common/common-security/pom.xml
youlai-common/common-security/pom.xml
+1
-0
youlai-common/common-security/src/main/java/com/youlai/common/security/config/ResourceServerConfig.java
...m/youlai/common/security/config/ResourceServerConfig.java
+24
-4
youlai-common/common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
...ingframework.boot.autoconfigure.AutoConfiguration.imports
+2
-1
youlai-common/pom.xml
youlai-common/pom.xml
+1
-0
youlai-gateway/src/main/java/com/youlai/gateway/config/OAuth2ClientSecurityConfig.java
...com/youlai/gateway/config/OAuth2ClientSecurityConfig.java
+0
-6
youlai-gateway/src/main/resources/bootstrap-k8s.yml
youlai-gateway/src/main/resources/bootstrap-k8s.yml
+2
-2
youlai-gateway/src/main/resources/bootstrap-prod.yml
youlai-gateway/src/main/resources/bootstrap-prod.yml
+1
-0
youlai-system/system-boot/Dockerfile
youlai-system/system-boot/Dockerfile
+1
-1
youlai-system/system-boot/src/main/java/com/youlai/system/config/ResourceServerConfig.java
...n/java/com/youlai/system/config/ResourceServerConfig.java
+0
-57
youlai-system/system-boot/src/main/resources/bootstrap-k8s.yml
...i-system/system-boot/src/main/resources/bootstrap-k8s.yml
+2
-2
youlai-system/system-boot/src/main/resources/bootstrap-prod.yml
...-system/system-boot/src/main/resources/bootstrap-prod.yml
+1
-0
youlai-system/system-boot/src/test/java/com/youlai/system/service/impl/SysPermissionServiceImplTest.java
...lai/system/service/impl/SysPermissionServiceImplTest.java
+0
-36
未找到文件。
docs/nacos/nacos_config.zip
0 → 100644
浏览文件 @
f3b5ec77
文件已添加
mall-oms/oms-boot/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -11,11 +11,11 @@ spring:
nacos
:
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
refresh
:
true
...
...
mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/config/ResourceServerConfig.java
已删除
100644 → 0
浏览文件 @
01d0f175
package
com.youlai.mall.pms.config
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.convert.converter.Converter
;
import
org.springframework.security.authentication.AbstractAuthenticationToken
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.oauth2.jwt.Jwt
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
;
import
org.springframework.security.web.SecurityFilterChain
;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
public
class
ResourceServerConfig
{
@Bean
public
SecurityFilterChain
securityFilterChain
(
HttpSecurity
http
)
throws
Exception
{
http
.
csrf
().
disable
()
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
)
.
and
()
.
authorizeRequests
()
.
antMatchers
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
anyRequest
().
authenticated
();
http
.
oauth2ResourceServer
()
.
jwt
()
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
());
return
http
.
build
();
}
/**
* 自定义JWT Converter
*
* @return
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
*/
public
Converter
<
Jwt
,
?
extends
AbstractAuthenticationToken
>
jwtAuthenticationConverter
()
{
JwtGrantedAuthoritiesConverter
jwtGrantedAuthoritiesConverter
=
new
JwtGrantedAuthoritiesConverter
();
jwtGrantedAuthoritiesConverter
.
setAuthorityPrefix
(
"ROLE_"
);
jwtGrantedAuthoritiesConverter
.
setAuthoritiesClaimName
(
"authorities"
);
JwtAuthenticationConverter
jwtAuthenticationConverter
=
new
JwtAuthenticationConverter
();
jwtAuthenticationConverter
.
setJwtGrantedAuthoritiesConverter
(
jwtGrantedAuthoritiesConverter
);
return
jwtAuthenticationConverter
;
}
}
mall-pms/pms-boot/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -11,11 +11,11 @@ spring:
nacos
:
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
# 公共配置
shared-configs[0]
:
data-id
:
youlai-common.yaml
...
...
mall-sms/sms-boot/src/main/java/com/youlai/mall/sms/config/ResourceServerConfig.java
已删除
100644 → 0
浏览文件 @
01d0f175
package
com.youlai.mall.sms.config
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.convert.converter.Converter
;
import
org.springframework.security.authentication.AbstractAuthenticationToken
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.oauth2.jwt.Jwt
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
;
import
org.springframework.security.web.SecurityFilterChain
;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
public
class
ResourceServerConfig
{
@Bean
public
SecurityFilterChain
securityFilterChain
(
HttpSecurity
http
)
throws
Exception
{
http
.
csrf
().
disable
()
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
)
.
and
()
.
authorizeRequests
()
.
antMatchers
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
anyRequest
().
authenticated
();
http
.
oauth2ResourceServer
()
.
jwt
()
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
())
;
return
http
.
build
();
}
/**
* 自定义JWT Converter
*
* @return
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
*/
public
Converter
<
Jwt
,
?
extends
AbstractAuthenticationToken
>
jwtAuthenticationConverter
()
{
JwtGrantedAuthoritiesConverter
jwtGrantedAuthoritiesConverter
=
new
JwtGrantedAuthoritiesConverter
();
jwtGrantedAuthoritiesConverter
.
setAuthorityPrefix
(
"ROLE_"
);
jwtGrantedAuthoritiesConverter
.
setAuthoritiesClaimName
(
"authorities"
);
JwtAuthenticationConverter
jwtAuthenticationConverter
=
new
JwtAuthenticationConverter
();
jwtAuthenticationConverter
.
setJwtGrantedAuthoritiesConverter
(
jwtGrantedAuthoritiesConverter
);
return
jwtAuthenticationConverter
;
}
}
mall-sms/sms-boot/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -12,12 +12,12 @@ spring:
# 注册中心
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
# 配置中心
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
refresh
:
true
\ No newline at end of file
mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/config/ResourceServerConfig.java
已删除
100644 → 0
浏览文件 @
01d0f175
package
com.youlai.mall.ums.config
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.convert.converter.Converter
;
import
org.springframework.security.authentication.AbstractAuthenticationToken
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.oauth2.jwt.Jwt
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
;
import
org.springframework.security.web.SecurityFilterChain
;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
public
class
ResourceServerConfig
{
@Bean
public
SecurityFilterChain
securityFilterChain
(
HttpSecurity
http
)
throws
Exception
{
http
.
csrf
().
disable
()
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
)
.
and
()
.
authorizeRequests
()
.
antMatchers
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
anyRequest
().
authenticated
();
http
.
oauth2ResourceServer
()
.
jwt
()
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
())
;
return
http
.
build
();
}
/**
* 自定义JWT Converter
*
* @return
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
*/
public
Converter
<
Jwt
,
?
extends
AbstractAuthenticationToken
>
jwtAuthenticationConverter
()
{
JwtGrantedAuthoritiesConverter
jwtGrantedAuthoritiesConverter
=
new
JwtGrantedAuthoritiesConverter
();
jwtGrantedAuthoritiesConverter
.
setAuthorityPrefix
(
"ROLE_"
);
jwtGrantedAuthoritiesConverter
.
setAuthoritiesClaimName
(
"authorities"
);
JwtAuthenticationConverter
jwtAuthenticationConverter
=
new
JwtAuthenticationConverter
();
jwtAuthenticationConverter
.
setJwtGrantedAuthoritiesConverter
(
jwtGrantedAuthoritiesConverter
);
return
jwtAuthenticationConverter
;
}
}
mall-ums/ums-boot/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -11,11 +11,11 @@ spring:
nacos
:
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
refresh
:
true
pom.xml
浏览文件 @
f3b5ec77
...
...
@@ -387,11 +387,11 @@
</pluginManagement>
</build>
<repositories>
<!--
<repositories>
<repository>
<id>aliyunmaven</id>
<name>aliyun</name>
<url>https://maven.aliyun.com/repository/public</url>
</repository>
</repositories>
</repositories>
-->
</project>
youlai-auth/pom.xml
浏览文件 @
f3b5ec77
...
...
@@ -53,17 +53,6 @@
<artifactId>
spring-security-oauth2-jose
</artifactId>
</dependency>
<!-- Sentinel流量控制、熔断降级 -->
<dependency>
<groupId>
com.alibaba.cloud
</groupId>
<artifactId>
spring-cloud-starter-alibaba-sentinel
</artifactId>
</dependency>
<!-- Sentinel规则持久化至Nacos配置 -->
<dependency>
<groupId>
com.alibaba.csp
</groupId>
<artifactId>
sentinel-datasource-nacos
</artifactId>
</dependency>
<dependency>
<groupId>
com.youlai
</groupId>
<artifactId>
ums-api
</artifactId>
...
...
@@ -109,8 +98,6 @@
<groupId>
com.youlai
</groupId>
<artifactId>
common-mybatis
</artifactId>
</dependency>
</dependencies>
<build>
...
...
@@ -119,6 +106,14 @@
<plugin>
<groupId>
org.springframework.boot
</groupId>
<artifactId>
spring-boot-maven-plugin
</artifactId>
<version>
${spring-boot.version}
</version>
<executions>
<execution>
<goals>
<goal>
repackage
</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
...
...
youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java
浏览文件 @
f3b5ec77
package
com.youlai.auth.config
;
import
cn.binarywang.wx.miniapp.api.WxMaService
;
import
cn.hutool.core.collection.CollectionUtil
;
import
cn.hutool.core.convert.Convert
;
import
cn.hutool.json.JSONUtil
;
import
com.youlai.auth.extension.mobile.SmsCodeAuthenticationProvider
;
import
com.youlai.auth.extension.wechat.WechatAuthenticationProvider
;
import
com.youlai.mall.ums.api.MemberFeignClient
;
import
lombok.RequiredArgsConstructor
;
import
lombok.Setter
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.boot.context.properties.ConfigurationProperties
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.data.redis.core.StringRedisTemplate
;
...
...
@@ -19,6 +24,10 @@ import org.springframework.security.core.userdetails.UserDetailsService;
import
org.springframework.security.crypto.factory.PasswordEncoderFactories
;
import
org.springframework.security.crypto.password.PasswordEncoder
;
import
java.util.Arrays
;
import
java.util.List
;
@ConfigurationProperties
(
prefix
=
"security"
)
@Configuration
@EnableWebSecurity
@Slf4j
...
...
@@ -31,13 +40,21 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
private
final
MemberFeignClient
memberFeignClient
;
private
final
StringRedisTemplate
redisTemplate
;
@Setter
private
List
<
String
>
ignoreUrls
;
@Override
protected
void
configure
(
HttpSecurity
http
)
throws
Exception
{
if
(
CollectionUtil
.
isEmpty
(
ignoreUrls
))
{
ignoreUrls
=
Arrays
.
asList
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
);
}
log
.
info
(
"whitelist path:{}"
,
JSONUtil
.
toJsonStr
(
ignoreUrls
));
http
.
authorizeRequests
().
antMatchers
(
"/oauth/**"
,
"/rsa/publicKey"
,
"/sms-code"
).
permitAll
()
// @link https://gitee.com/xiaoym/knife4j/issues/I1Q5X6 (接口文档knife4j需要放行的规则)
.
antMatchers
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
authorizeRequests
()
.
antMatchers
(
Convert
.
toStrArray
(
ignoreUrls
)).
permitAll
()
.
anyRequest
().
authenticated
()
.
and
()
.
csrf
().
disable
();
...
...
youlai-auth/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -13,7 +13,7 @@ spring:
# 注册中心
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
# 配置中心
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
...
...
youlai-auth/src/main/resources/bootstrap-prod.yml
浏览文件 @
f3b5ec77
...
...
@@ -18,4 +18,5 @@ spring:
namespace
:
prod-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
namespace
:
prod-namespace-id
refresh
:
true
\ No newline at end of file
youlai-common/common-log/src/main/resources/logback-spring.xml
浏览文件 @
f3b5ec77
...
...
@@ -6,7 +6,7 @@
<include
resource=
"org/springframework/boot/logging/logback/defaults.xml"
/>
<springProperty
scope=
"context"
name=
"APP_NAME"
source=
"spring.application.name"
/>
<property
name=
"LOG_HOME"
value=
"/
var/log
/${APP_NAME}"
/>
<property
name=
"LOG_HOME"
value=
"/
logs
/${APP_NAME}"
/>
<!--1. 输出到控制台-->
<appender
name=
"CONSOLE"
class=
"ch.qos.logback.core.ConsoleAppender"
>
...
...
youlai-common/common-security/pom.xml
浏览文件 @
f3b5ec77
...
...
@@ -17,6 +17,7 @@
</properties>
<dependencies>
<dependency>
<groupId>
com.youlai
</groupId>
<artifactId>
common-core
</artifactId>
...
...
mall-oms/oms-boot/src/main/java/com/youlai/mall/oms
/config/ResourceServerConfig.java
→
youlai-common/common-security/src/main/java/com/youlai/common/security
/config/ResourceServerConfig.java
浏览文件 @
f3b5ec77
package
com.youlai.
mall.oms
.config
;
package
com.youlai.
common.security
.config
;
import
cn.hutool.core.collection.CollectionUtil
;
import
cn.hutool.core.convert.Convert
;
import
cn.hutool.json.JSONUtil
;
import
lombok.Setter
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.boot.context.properties.ConfigurationProperties
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.convert.converter.Converter
;
...
...
@@ -14,19 +20,34 @@ import org.springframework.security.oauth2.server.resource.authentication.JwtAut
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
;
import
org.springframework.security.web.SecurityFilterChain
;
import
java.util.Arrays
;
import
java.util.List
;
@ConfigurationProperties
(
prefix
=
"security"
)
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
@Slf4j
public
class
ResourceServerConfig
{
@Setter
private
List
<
String
>
ignoreUrls
;
@Bean
public
SecurityFilterChain
securityFilterChain
(
HttpSecurity
http
)
throws
Exception
{
if
(
CollectionUtil
.
isEmpty
(
ignoreUrls
))
{
ignoreUrls
=
Arrays
.
asList
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
);
}
log
.
info
(
"whitelist path:{}"
,
JSONUtil
.
toJsonStr
(
ignoreUrls
));
http
.
csrf
().
disable
()
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
)
.
and
()
.
authorizeRequests
()
.
antMatchers
(
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
antMatchers
(
Convert
.
toStrArray
(
ignoreUrls
)
).
permitAll
()
.
anyRequest
().
authenticated
();
http
.
oauth2ResourceServer
()
.
jwt
()
...
...
@@ -39,7 +60,7 @@ public class ResourceServerConfig {
* 自定义JWT Converter
*
* @return
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
*/
public
Converter
<
Jwt
,
?
extends
AbstractAuthenticationToken
>
jwtAuthenticationConverter
()
{
JwtGrantedAuthoritiesConverter
jwtGrantedAuthoritiesConverter
=
new
JwtGrantedAuthoritiesConverter
();
...
...
@@ -51,5 +72,4 @@ public class ResourceServerConfig {
return
jwtAuthenticationConverter
;
}
}
youlai-common/common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports
浏览文件 @
f3b5ec77
com.youlai.common.security.service.PermissionService
\ No newline at end of file
com.youlai.common.security.service.PermissionService
com.youlai.common.security.config.ResourceServerConfig
\ No newline at end of file
youlai-common/pom.xml
浏览文件 @
f3b5ec77
...
...
@@ -23,5 +23,6 @@
<module>
common-log
</module>
<module>
common-sms
</module>
<module>
common-file
</module>
<module>
common-security
</module>
</modules>
</project>
youlai-gateway/src/main/java/com/youlai/gateway/config/OAuth2ClientSecurityConfig.java
浏览文件 @
f3b5ec77
...
...
@@ -19,20 +19,14 @@ import java.util.List;
* @author haoxr
* @date 2022/8/28
*/
@ConfigurationProperties
(
prefix
=
"security"
)
@EnableWebFluxSecurity
@Slf4j
public
class
OAuth2ClientSecurityConfig
{
@Setter
private
List
<
String
>
ignoreUrls
;
@Bean
public
SecurityWebFilterChain
springSecurityFilterChain
(
ServerHttpSecurity
http
)
{
if
(
ignoreUrls
==
null
)
{
log
.
error
(
"failed to read ignoreUrls configuration,please check your nacos connection or configuration!"
);
}
http
.
authorizeExchange
()
.
pathMatchers
(
"/**"
).
permitAll
()
.
anyExchange
().
authenticated
()
...
...
youlai-gateway/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -10,11 +10,11 @@ spring:
nacos
:
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
refresh
:
true
youlai-gateway/src/main/resources/bootstrap-prod.yml
浏览文件 @
f3b5ec77
...
...
@@ -17,4 +17,5 @@ spring:
namespace
:
prod-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
namespace
:
prod-namespace-id
refresh
:
true
youlai-system/system-boot/Dockerfile
浏览文件 @
f3b5ec77
...
...
@@ -12,7 +12,7 @@ RUN /bin/cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \&& echo 'Asia/Shan
VOLUME
/tmp
# 复制主机文件至镜像内,复制的目录需放置在 Dockerfile 文件同级目录下
ADD
target/
admin
-boot.jar app.jar
ADD
target/
system
-boot.jar app.jar
# 容器启动执行命令
ENTRYPOINT
["java", "-Xmx128m", "-Djava.security.egd=file:/dev/./urandom", "-jar", "/app.jar"]
...
...
youlai-system/system-boot/src/main/java/com/youlai/system/config/ResourceServerConfig.java
已删除
100644 → 0
浏览文件 @
01d0f175
package
com.youlai.system.config
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.core.convert.converter.Converter
;
import
org.springframework.security.authentication.AbstractAuthenticationToken
;
import
org.springframework.security.authentication.AuthenticationManager
;
import
org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
;
import
org.springframework.security.config.http.SessionCreationPolicy
;
import
org.springframework.security.oauth2.jwt.Jwt
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider
;
import
org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter
;
import
org.springframework.security.web.SecurityFilterChain
;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
public
class
ResourceServerConfig
{
@Bean
public
SecurityFilterChain
securityFilterChain
(
HttpSecurity
http
)
throws
Exception
{
http
.
csrf
().
disable
()
.
sessionManagement
().
sessionCreationPolicy
(
SessionCreationPolicy
.
STATELESS
)
.
and
()
.
authorizeRequests
()
.
antMatchers
(
"/api/v1/users/{username}/authinfo"
,
"/webjars/**"
,
"/doc.html"
,
"/swagger-resources/**"
,
"/v2/api-docs"
).
permitAll
()
.
anyRequest
().
authenticated
();
http
.
oauth2ResourceServer
()
.
jwt
()
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
())
;
return
http
.
build
();
}
/**
* 自定义JWT Converter
*
* @return
* @see JwtAuthenticationProvider#setJwtAuthenticationConverter(Converter)
*/
public
Converter
<
Jwt
,
?
extends
AbstractAuthenticationToken
>
jwtAuthenticationConverter
()
{
JwtGrantedAuthoritiesConverter
jwtGrantedAuthoritiesConverter
=
new
JwtGrantedAuthoritiesConverter
();
jwtGrantedAuthoritiesConverter
.
setAuthorityPrefix
(
"ROLE_"
);
jwtGrantedAuthoritiesConverter
.
setAuthoritiesClaimName
(
"authorities"
);
JwtAuthenticationConverter
jwtAuthenticationConverter
=
new
JwtAuthenticationConverter
();
jwtAuthenticationConverter
.
setJwtGrantedAuthoritiesConverter
(
jwtGrantedAuthoritiesConverter
);
return
jwtAuthenticationConverter
;
}
}
youlai-system/system-boot/src/main/resources/bootstrap-k8s.yml
浏览文件 @
f3b5ec77
...
...
@@ -11,11 +11,11 @@ spring:
nacos
:
discovery
:
server-addr
:
nacos-headless.infrastructure:8848
# 使用k8s无头服务
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
config
:
server-addr
:
${spring.cloud.nacos.discovery.server-addr}
file-extension
:
yaml
namespace
:
prod
-namespace-id
namespace
:
youlai
-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
refresh
:
true
...
...
youlai-system/system-boot/src/main/resources/bootstrap-prod.yml
浏览文件 @
f3b5ec77
...
...
@@ -18,5 +18,6 @@ spring:
namespace
:
prod-namespace-id
shared-configs[0]
:
data-id
:
youlai-common.yaml
namespace
:
prod-namespace-id
refresh
:
true
youlai-system/system-boot/src/test/java/com/youlai/system/service/impl/SysPermissionServiceImplTest.java
已删除
100644 → 0
浏览文件 @
01d0f175
package
com.youlai.system.service.impl
;
import
com.youlai.system.mapper.SysPermissionMapper
;
import
com.youlai.system.pojo.entity.SysPermission
;
import
lombok.extern.slf4j.Slf4j
;
import
org.junit.jupiter.api.Test
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.boot.test.context.SpringBootTest
;
import
java.util.List
;
/**
* @author haoxr
* @description TODO
* @createTime 2021/5/30 23:19
*/
@SpringBootTest
@Slf4j
class
SysPermissionServiceImplTest
{
@Autowired
SysPermissionMapper
sysPermissionMapper
;
SysPermissionService
sysPermissionService
;
@Test
void
listPermissionRoles
()
{
List
<
SysPermission
>
sysPermissions
=
sysPermissionMapper
.
listPermRoles
();
log
.
info
(
sysPermissions
.
toString
());
}
@Test
void
refreshPermRolesRules
(){
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录