提交loginService修改代码。

0f5bff1d · zhangkb · e4b4a2b6 · 0f5bff1d · 0f5bff1d · 0f5bff1d
Commit 0f5bff1d authored Sep 02, 2019 by zhangkb
7 changed files
--- a/src/main/java/com/keymobile/proxy/LoginApplication.java
+++ b/src/main/java/com/keymobile/proxy/LoginApplication.java
 package com.keymobile.proxy;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.openfeign.EnableFeignClients;
-@SpringBootApplication
-public class LoginApplication {
+@SpringBootApplication
+@EnableFeignClients
-    public static void main(String[] args) {
+public class LoginApplication {
-        SpringApplication.run(LoginApplication.class, args);
-    }
+    public static void main(String[] args) {
+        SpringApplication.run(LoginApplication.class, args);
-}
+    }
+}
--- a/src/main/java/com/keymobile/proxy/api/LoginManagement.java
+++ b/src/main/java/com/keymobile/proxy/api/LoginManagement.java
 package com.keymobile.proxy.api;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.web.bind.annotation.*;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 @RestController
 @RequestMapping(value = "/")
 public class LoginManagement {
-    @RequestMapping(value = "/sessionInfo", method = RequestMethod.POST)
+    @RequestMapping(value = "/sessionInfo")
    public @ResponseBody Map<String,Object> verifyLogin(HttpServletRequest request, HttpServletResponse response) {
        UserDetails userDetails = (UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        Map<String,Object> rs = new HashMap<>();
        String userNameWithIdAttached = userDetails.getUsername();
        rs.put(Constants.Session_UserName, userNameWithIdAttached.split(":")[0]);
        rs.put(Constants.Session_UserId, userNameWithIdAttached.split(":")[1]);
        rs.put(Constants.Session_UserDName, userNameWithIdAttached.split(":")[2]);
        List<String> roles = new ArrayList<>();
        userDetails.getAuthorities().forEach(auth -> roles.add(auth.getAuthority()));
        rs.put(Constants.Session_Roles, roles);
        HttpSession session = request.getSession();
        Object lang = session.getAttribute(Constants.Session_Lang);
        rs.put(Constants.Session_Lang, lang != null ? lang.toString() : "cn");
        return rs;
    }
    @RequestMapping(value = "/lang", method = RequestMethod.POST)
    public String setLANG(HttpServletRequest request, @RequestParam(value = "LANG", required = true) String LANG) {
        HttpSession session = request.getSession();
        if (!LANG.equals("en") && !LANG.equals("cn"))
            session.setAttribute(Constants.Session_Lang, "cn");
        else
            session.setAttribute(Constants.Session_Lang, LANG);
        return session.getAttribute(Constants.Session_Lang).toString();
    }
 }
--- a/src/main/java/com/keymobile/proxy/conf/SecurityConfig.java
+++ b/src/main/java/com/keymobile/proxy/conf/SecurityConfig.java
 package com.keymobile.proxy.conf;
 import com.keymobile.proxy.model.CasProperties;
 import com.keymobile.proxy.service.CustomUserDetailsService;
 import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.cas.ServiceProperties;
 import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
 import org.springframework.security.cas.authentication.CasAuthenticationProvider;
 import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
 import org.springframework.security.cas.web.CasAuthenticationFilter;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
 @Configuration
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    private CasProperties casProperties;
-    @Autowired
+    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        super.configure(auth);
        auth.authenticationProvider(casAuthenticationProvider());
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests().antMatchers("/api/info/**/*").authenticated()
+        http.authorizeRequests()
-                .antMatchers("/api/**/*").permitAll()
+                .anyRequest().authenticated();
-                .anyRequest().authenticated();
+        http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint()).and()
-        http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint()).and()
+                .addFilter(casAuthenticationFilter());
-                .addFilter(casAuthenticationFilter());
+        http.csrf().disable();
-        http.csrf().disable();
+    }
-    }
+    /**认证的入口*/
-    /**认证的入口*/
+    @Bean
-    @Bean
+    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
-    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
+        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
-        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
+        casAuthenticationEntryPoint.setLoginUrl(casProperties.getCasServerLoginUrl());
-        casAuthenticationEntryPoint.setLoginUrl(casProperties.getCasServerLoginUrl());
+        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
-        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
+        return casAuthenticationEntryPoint;
-        return casAuthenticationEntryPoint;
+    }
-    }
+    /**CAS认证过滤器*/
-    /**CAS认证过滤器*/
+    @Bean
-    @Bean
+    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
-    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
+        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
-        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
+        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
-        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
+        casAuthenticationFilter.setFilterProcessesUrl(casProperties.getAppLoginUrl());
-        casAuthenticationFilter.setFilterProcessesUrl(casProperties.getAppLoginUrl());
+        return casAuthenticationFilter;
-        return casAuthenticationFilter;
+    }
-    }
+    @Bean
-    @Bean
+    public CasAuthenticationProvider casAuthenticationProvider() {
-    public CasAuthenticationProvider casAuthenticationProvider() {
+        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
-        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
+        casAuthenticationProvider.setAuthenticationUserDetailsService(customUserDetailsService());
-        casAuthenticationProvider.setAuthenticationUserDetailsService(customUserDetailsService());
+        //casAuthenticationProvider.setUserDetailsService(customUserDetailsService()); //这里只是接口类型，实现的接口不一样，都可以的。
-        //casAuthenticationProvider.setUserDetailsService(customUserDetailsService()); //这里只是接口类型，实现的接口不一样，都可以的。
+        casAuthenticationProvider.setServiceProperties(serviceProperties());
-        casAuthenticationProvider.setServiceProperties(serviceProperties());
+        casAuthenticationProvider.setTicketValidator(cas20ServiceTicketValidator());
-        casAuthenticationProvider.setTicketValidator(cas20ServiceTicketValidator());
+        casAuthenticationProvider.setKey("casAuthenticationProviderKey");
-        casAuthenticationProvider.setKey("casAuthenticationProviderKey");
+        return casAuthenticationProvider;
-        return casAuthenticationProvider;
+    }
-    }
+    /**指定service相关信息*/
-    /**指定service相关信息*/
+    @Bean
-    @Bean
+    public ServiceProperties serviceProperties() {
-    public ServiceProperties serviceProperties() {
+        ServiceProperties serviceProperties = new ServiceProperties();
-        ServiceProperties serviceProperties = new ServiceProperties();
+        serviceProperties.setService(casProperties.getAppServerUrl() + casProperties.getAppLoginUrl());
-        serviceProperties.setService(casProperties.getAppServerUrl() + casProperties.getAppLoginUrl());
+        serviceProperties.setAuthenticateAllArtifacts(true);
-        serviceProperties.setAuthenticateAllArtifacts(true);
+        return serviceProperties;
-        return serviceProperties;
+    }
-    }
+    @Bean
-    @Bean
+    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
-    public Cas20ServiceTicketValidator cas20ServiceTicketValidator() {
+        return new Cas20ServiceTicketValidator(casProperties.getCasServerUrl());
-        return new Cas20ServiceTicketValidator(casProperties.getCasServerUrl());
+    }
-    }
+    /**用户自定义的AuthenticationUserDetailsService*/
-    /**用户自定义的AuthenticationUserDetailsService*/
+    @Bean
-    @Bean
+    public AuthenticationUserDetailsService<CasAssertionAuthenticationToken> customUserDetailsService(){
-    public AuthenticationUserDetailsService<CasAssertionAuthenticationToken> customUserDetailsService(){
+        return new CustomUserDetailsService();
-        return new CustomUserDetailsService();
+    }
-    }
+}
-}
--- a/src/main/java/com/keymobile/proxy/service/AuthService.java
+++ b/src/main/java/com/keymobile/proxy/service/AuthService.java
 package com.keymobile.proxy.service;
 import com.keymobile.proxy.model.Author;
 import com.keymobile.proxy.model.Domain;
 import com.keymobile.proxy.model.Role;
 import com.keymobile.proxy.model.User;
 import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.stereotype.Component;
+import org.springframework.web.bind.annotation.*;
-import java.util.List;
+import java.util.List;
-@FeignClient(value = "authService")
-public interface AuthService {
+@Component
+@FeignClient(value = "authService")
-    @RequestMapping(value = "/user")
+public interface AuthService {
-    User getUserByName(@RequestParam(value = "name") String name);
+    @RequestMapping(value = "/user")
-    @PostMapping(value = "/users/{userId}")
+    User getUserByName(@RequestParam(value = "name") String name);
-    User updateUser(@PathVariable(value = "userId") Long userId, @RequestBody User user);
+    @PostMapping(value = "/users/{userId}")
-    @RequestMapping(value = "/users", method = RequestMethod.POST)
+    User updateUser(@PathVariable(value = "userId") Long userId, @RequestBody User user);
-    User addUser(@RequestParam(value = "roleIds", required = false) Long[] roleIds
-            , @RequestParam(value = "domainIds", required = false) Long[] domainIds, @RequestBody User user);
+    @RequestMapping(value = "/users", method = RequestMethod.POST)
+    User addUser(@RequestParam(value = "roleIds", required = false) Long[] roleIds
-    @RequestMapping(value = "/roles/{roleId}/authors", method = RequestMethod.GET)
+            , @RequestParam(value = "domainIds", required = false) Long[] domainIds, @RequestBody User user);
-    List<Author> getAuthorsOfRole(@PathVariable(value = "roleId") Long roleId);
+    @RequestMapping(value = "/roles/{roleId}/authors", method = RequestMethod.GET)
-    @RequestMapping(value = "/users/{userId}/roles", method = RequestMethod.GET)
+    List<Author> getAuthorsOfRole(@PathVariable(value = "roleId") Long roleId);
-    List<Role> getRolesOfUser(@PathVariable(value = "userId") Long userId);
+    @RequestMapping(value = "/users/{userId}/roles", method = RequestMethod.GET)
-    @RequestMapping(value = "/users/{userId}/domains", method = RequestMethod.GET)
+    List<Role> getRolesOfUser(@PathVariable(value = "userId") Long userId);
-    List<Domain> getDomainsOfUser(@PathVariable(value = "userId") Long userId);
+    @RequestMapping(value = "/users/{userId}/domains", method = RequestMethod.GET)
-}
+    List<Domain> getDomainsOfUser(@PathVariable(value = "userId") Long userId);
+}
--- a/src/main/java/com/keymobile/proxy/service/CustomUserDetailsService.java
+++ b/src/main/java/com/keymobile/proxy/service/CustomUserDetailsService.java
 package com.keymobile.proxy.service;
 import com.keymobile.proxy.api.Constants;
 import com.keymobile.proxy.model.Author;
 import com.keymobile.proxy.model.Domain;
 import com.keymobile.proxy.model.Role;
 import com.keymobile.proxy.util.HttpUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.util.StringUtils;
+import javax.servlet.http.HttpSession;
-import javax.servlet.http.HttpSession;
+import java.util.ArrayList;
-import java.util.ArrayList;
+import java.util.List;
-import java.util.List;
+/**
-/**
+ * 用于加载用户信息 实现UserDetailsService接口，或者实现AuthenticationUserDetailsService接口
- * 用于加载用户信息 实现UserDetailsService接口，或者实现AuthenticationUserDetailsService接口
+ *
- *
+ */
- */
+public class CustomUserDetailsService
-public class CustomUserDetailsService
+        //实现AuthenticationUserDetailsService，实现loadUserDetails方法
-        //实现AuthenticationUserDetailsService，实现loadUserDetails方法
+        implements AuthenticationUserDetailsService<CasAssertionAuthenticationToken> {
-        implements AuthenticationUserDetailsService<CasAssertionAuthenticationToken> {
+    @Autowired
-    @Autowired
+    private AuthService authService;
-    private AuthService authService;
+    private Logger logger = LoggerFactory.getLogger(CustomUserDetailsService.class);
-    private Logger logger = LoggerFactory.getLogger(CustomUserDetailsService.class);
+    @Override
-    @Override
+    public UserDetails loadUserDetails(CasAssertionAuthenticationToken token) throws UsernameNotFoundException {
-    public UserDetails loadUserDetails(CasAssertionAuthenticationToken token) throws UsernameNotFoundException {
+        System.out.println("当前的用户名是："+token.getName());
-        System.out.println("当前的用户名是："+token.getName());
+        com.keymobile.proxy.model.User u = this.authService.getUserByName(token.getName());
-        com.keymobile.proxy.model.User u = this.authService.getUserByName(token.getName());
+        if (u == null) {
-        if (u == null) {
+            u = new com.keymobile.proxy.model.User();
-            u = new com.keymobile.proxy.model.User();
+            u.setName(token.getName());
-            u.setName(token.getName());
+            u.setPassword("37fa265330ad83eaa879efb1e2db6380896cf639");
-            u.setPassword("37fa265330ad83eaa879efb1e2db6380896cf639");
+            u.setDName(token.getName());
-            u.setDName(token.getName());
+            u = this.authService.addUser(new Long[] { (long) 4 }, new Long[] {}, u);
-            u = this.authService.addUser(new Long[] { (long) 4 }, new Long[] {}, u);
+            this.logger.info(u ==null ? "u is null":u.toString());
-            this.logger.info(u ==null ? "u is null":u.toString());
+        }
-        }
+        List<GrantedAuthority> authorities = new ArrayList<>();
-        List<GrantedAuthority> authorities = new ArrayList<>();
+        String userDomainFilterStr = "*";
-        String userDomainFilterStr = "*";
+        List<String> userDomainList = new ArrayList<>();
-        List<String> userDomainList = new ArrayList<>();
+        List<Domain> domainsOfUser = authService.getDomainsOfUser(u.getId());
-        List<Domain> domainsOfUser = authService.getDomainsOfUser(u.getId());
+        domainsOfUser.forEach(d -> userDomainList.add(d.getDomainId().toString()));
-        domainsOfUser.forEach(d -> userDomainList.add(d.getDomainId().toString()));
+        if (userDomainList.size() > 0) {
-        if (userDomainList.size() > 0) {
+            userDomainFilterStr = String.join(",", userDomainList);
-            userDomainFilterStr = String.join(",", userDomainList);
+        }
-        }
+        List<Role> rolesOfUser = authService.getRolesOfUser(u.getId());
-        List<Role> rolesOfUser = authService.getRolesOfUser(u.getId());
+        for (Role role : rolesOfUser) {
-        for (Role role : rolesOfUser) {
+            List<Author> authors = authService.getAuthorsOfRole(role.getRoleId());
-            List<Author> authors = authService.getAuthorsOfRole(role.getRoleId());
+            for (Author author: authors) {
-            for (Author author: authors) {
+                GrantedAuthority authorityInfo = new SimpleGrantedAuthority(Constants.ROLE_PREFIX + author.getAuthorName() + ":" + userDomainFilterStr);
-                GrantedAuthority authorityInfo = new SimpleGrantedAuthority(Constants.ROLE_PREFIX + author.getAuthorName() + ":" + userDomainFilterStr);
+                authorities.add(authorityInfo);
-                authorities.add(authorityInfo);
+            }
-            }
+        }
-        }
+        List<String> roles = new ArrayList<>();
-        List<String> roles = new ArrayList<>();
+        authorities.forEach(auth -> roles.add(auth.getAuthority()));
-        authorities.forEach(auth -> roles.add(auth.getAuthority()));
+        HttpSession session = HttpUtil.getSession();
-        HttpSession session = HttpUtil.getSession();
+        if (session != null) {
-        if (session != null) {
+            session.setAttribute(Constants.Session_UserId, u.getId());
-            session.setAttribute(Constants.Session_UserId, u.getId());
+            session.setAttribute(Constants.Session_UserName, u.getName());
-            session.setAttribute(Constants.Session_UserName, u.getName());
+            session.setAttribute(Constants.Session_UserDName, u.getDName());
-            session.setAttribute(Constants.Session_UserDName, u.getDName());
+            session.setAttribute(Constants.Session_Roles, roles);
-            session.setAttribute(Constants.Session_Roles, roles);
+        }
-        }
+        return new User(u.getName()+ ":" + u.getId() + ":" + u.getDName(),"37fa265330ad83eaa879efb1e2db6380896cf639" ,authorities);
-        return new User(u.getName()+ ":" + u.getId() + ":" + u.getDName(),"37fa265330ad83eaa879efb1e2db6380896cf639" ,authorities);
+    }
-    }
+}
-}
--- a/src/main/resources/application-test.yml
+++ b/src/main/resources/application-test.yml
 server:
-  port: 8764
+  port: 8777
 spring:
  application:
-    name: auth
+    name: loginService
  session:
    store-type: redis
    redis:
-      namespace: dataplatformdev
+      namespace: dataplatformtest
-  redis:
+  redis:   
-    host: localhost
+    cluster:
-    port: 6379
+      nodes: 192.168.0.192:6379
-  datasource:
+      max-redirects: 6
-    url: jdbc:mysql://localhost:3306/dataSharing?autoReconnect=true
+    timeout: 10000 #客户端超时时间单位是毫秒 默认是2000
-    username: root
+    maxIdle: 300 #最大空闲数
-    password: dataSharing
+    maxTotal: 1000 #控制一个pool可分配多少个jedis实例,用来替换上面的redis.maxActive,如果是jedis 2.4以后用该属性
-  servlet:
+    maxWaitMillis: 1000 #最大建立连接等待时间。如果超过此时间将接到异常。设为-1表示无限制。
-    multipart:
+    minEvictableIdleTimeMillis: 300000 #连接的最小空闲时间 默认1800000毫秒(30分钟)
-      max-file-size: 100Mb
+    numTestsPerEvictionRun: 1024 #每次释放连接的最大数目,默认3
-      max-request-size: 100Mb
+    timeBetweenEvictionRunsMillis: 30000 #逐出扫描的时间间隔(毫秒) 如果为负数,则不运行逐出线程, 默认-1
+    testOnBorrow: true #是否在从池中取出连接前进行检验,如果检验失败,则从池中去除连接并尝试取出另一个
-eureka:
+    testWhileIdle: true #在空闲时检查有效性, 默认false
-  client:
+    password:  #密码
-    registerWithEureka: false
+  jpa:
-    region: default
+    hibernate:
-    registryFetchIntervalSeconds: 5
+      ddl-auto: update
-    serviceUrl:
+  datasource:
-      defaultZone: http://localhost:8081/eureka/
+    url: jdbc:mysql://dev-vm-00:3306/dev0?autoReconnect=true&useUnicode=true&characterEncoding=UTF-8
+    username: test
-zuul:
+    password: test
-  prefix: /api
+    hikari:
-  sensitive-headers:
+      maximum-pool-size: 5
+  servlet:
-logging:
+    multipart:
-  level:
+      max-file-size: 100Mb
-    org.springframework.security: DEBUG
+      max-request-size: 100Mb
\ No newline at end of file
+eureka:
+  client:
+    registerWithEureka: true
+    region: default
+    registryFetchIntervalSeconds: 5
+    serviceUrl:
+      defaultZone: http://192.168.0.213:8081/eureka/
+    enabled: true
+  instance:
+    prefer-ip-address: false
+    hostname: 192.168.0.128
+zuul:
+  prefix: /api
+  sensitive-headers:
+logging:
+  level:
+    org.springframework.security: DEBUG
+ribbon:
+  ReadTimeout: 60000
+  ConnectTimeout: 60000
+redirect-url:
+  system-management: http://192.168.0.213:8089/views/login.html
+security:
+  authUser: root
+  authPwd: pwd
+  cas:
+    server:
+      base-url: http://192.168.253.128:8080/cas
+      paths:
+        login: http://192.168.253.128:8080/cas/login
+    service:
+      base-url: http://192.168.0.213:9090/center-home/view
+      paths:
+        login: http://192.168.0.213:9090/center-home/view/main
\ No newline at end of file
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
+spring:
+  profiles:
+    active: ${spring.profiles.active:test}
\ No newline at end of file