diff --git a/config/nacos/application-common.yml b/config/nacos/application-common.yml index 6d2110f4e..d66321c41 100644 --- a/config/nacos/application-common.yml +++ b/config/nacos/application-common.yml @@ -192,6 +192,16 @@ mybatis-encryptor: publicKey: privateKey: +# api接口加密 +api-decrypt: + # 是否开启全局接口加密 + enabled: true + # AES 加密头标识 + headerFlag: encrypt-key + # 公私钥 非对称算法的公私钥 如:SM2,RSA 使用者请自行更换 + publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKoR8mX0rGKLqzcWmOzbfj64K8ZIgOdHnzkXSOVOZbFu/TJhZ7rFAN+eaGkl3C4buccQd/EjEsj9ir7ijT7h96MCAwEAAQ== + privateKey: MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAqhHyZfSsYourNxaY7Nt+PrgrxkiA50efORdI5U5lsW79MmFnusUA355oaSXcLhu5xxB38SMSyP2KvuKNPuH3owIDAQABAkAfoiLyL+Z4lf4Myxk6xUDgLaWGximj20CUf+5BKKnlrK+Ed8gAkM0HqoTt2UZwA5E2MzS4EI2gjfQhz5X28uqxAiEA3wNFxfrCZlSZHb0gn2zDpWowcSxQAgiCstxGUoOqlW8CIQDDOerGKH5OmCJ4Z21v+F25WaHYPxCFMvwxpcw99EcvDQIgIdhDTIqD2jfYjPTY8Jj3EDGPbH2HHuffvflECt3Ek60CIQCFRlCkHpi7hthhYhovyloRYsM+IS9h/0BzlEAuO0ktMQIgSPT3aFAgJYwKpqRYKlLDVcflZFCKY7u3UP8iWi1Qw0Y= + # 接口文档配置 springdoc: api-docs: diff --git a/config/nacos/ruoyi-auth.yml b/config/nacos/ruoyi-auth.yml index 9285a23a3..f614ce72b 100644 --- a/config/nacos/ruoyi-auth.yml +++ b/config/nacos/ruoyi-auth.yml @@ -1,3 +1,18 @@ +# 安全配置 +security: + # 验证码 + captcha: + # 是否开启验证码 + enabled: true + # 验证码类型 math 数组计算 char 字符验证 + type: MATH + # line 线段干扰 circle 圆圈干扰 shear 扭曲干扰 + category: CIRCLE + # 数字验证码位数 + numberLength: 1 + # 字符验证码长度 + charLength: 4 + # 用户配置 user: password: @@ -5,3 +20,73 @@ user: maxRetryCount: 5 # 密码锁定时间(默认10分钟) lockTime: 10 + +--- # 三方授权 +justauth: + enabled: true + # 前端外网访问地址 + address: http://localhost:80 + type: + maxkey: + # maxkey 服务器地址 + # 注意 如下均配置均不需要修改 maxkey 已经内置好了数据 + server-url: http://sso.maxkey.top + client-id: 876892492581044224 + client-secret: x1Y5MTMwNzIwMjMxNTM4NDc3Mzche8 + redirect-uri: ${justauth.address}/social-callback?source=maxkey + qq: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=qq + union-id: false + weibo: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=weibo + gitee: + client-id: 91436b7940090d09c72c7daf85b959cfd5f215d67eea73acbf61b6b590751a98 + client-secret: 02c6fcfd70342980cd8dd2f2c06c1a350645d76c754d7a264c4e125f9ba915ac + redirect-uri: ${justauth.address}/social-callback?source=gitee + dingtalk: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=dingtalk + baidu: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=baidu + csdn: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=csdn + coding: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=coding + coding-group-name: xx + oschina: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=oschina + alipay: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=alipay + alipay-public-key: MIIB**************DAQAB + wechat_open: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=wechat_open + wechat_mp: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=wechat_mp + wechat_enterprise: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=wechat_enterprise + agent-id: 1000002 + gitlab: + client-id: 10**********6 + client-secret: 1f7d08**********5b7**********29e + redirect-uri: ${justauth.address}/social-callback?source=gitlab diff --git a/config/nacos/ruoyi-gateway.yml b/config/nacos/ruoyi-gateway.yml index f87da2b59..70489885e 100644 --- a/config/nacos/ruoyi-gateway.yml +++ b/config/nacos/ruoyi-gateway.yml @@ -1,17 +1,5 @@ # 安全配置 security: - # 验证码 - captcha: - # 是否开启验证码 - enabled: true - # 验证码类型 math 数组计算 char 字符验证 - type: MATH - # line 线段干扰 circle 圆圈干扰 shear 扭曲干扰 - category: CIRCLE - # 数字验证码位数 - numberLength: 1 - # 字符验证码长度 - charLength: 4 # 防止XSS攻击 xss: enabled: true @@ -49,8 +37,6 @@ spring: predicates: - Path=/auth/** filters: - # 验证码处理 - - ValidateCodeFilter - StripPrefix=1 # 代码生成 - id: ruoyi-gen diff --git a/pom.xml b/pom.xml index f94ae48bf..cb2739c3e 100644 --- a/pom.xml +++ b/pom.xml @@ -46,6 +46,7 @@ 2.14.2 1.3.1 0.2.0 + 1.16.5 2.7.0 @@ -135,6 +136,13 @@ import + + + me.zhyd.oauth + JustAuth + ${justauth.version} + + org.dromara diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteClientService.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteClientService.java new file mode 100644 index 000000000..89c30687a --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteClientService.java @@ -0,0 +1,20 @@ +package org.dromara.system.api; + +import org.dromara.system.api.domain.vo.RemoteClientVo; + +/** + * 客户端服务 + * + * @author Michelle.Chung + */ +public interface RemoteClientService { + + /** + * 根据客户端id获取客户端详情 + * + * @param clientId 客户端id + * @return 客户端对象 + */ + RemoteClientVo queryByClientId(String clientId); + +} diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteSocialService.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteSocialService.java new file mode 100644 index 000000000..632d92f11 --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteSocialService.java @@ -0,0 +1,28 @@ +package org.dromara.system.api; + +import org.dromara.system.api.domain.bo.RemoteSocialBo; +import org.dromara.system.api.domain.vo.RemoteSocialVo; + +/** + * 社会化关系服务 + * + * @author Michelle.Chung + */ +public interface RemoteSocialService { + + /** + * 根据 authId 查询用户信息 + */ + RemoteSocialVo selectByAuthId(String authId); + + /** + * 保存社会化关系 + */ + void insertByBo(RemoteSocialBo bo); + + /** + * 删除社会化关系 + */ + Boolean deleteWithValidById(Long socialId); + +} diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java index ec401d54c..a3025f576 100644 --- a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java @@ -62,4 +62,6 @@ public interface RemoteUserService { * @return 结果 */ String selectUserNameById(Long userId); + + void recordLoginInfo(Long userId); } diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/bo/RemoteSocialBo.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/bo/RemoteSocialBo.java new file mode 100644 index 000000000..f2b6549dc --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/bo/RemoteSocialBo.java @@ -0,0 +1,123 @@ +package org.dromara.system.api.domain.bo; + +import lombok.Data; + +/** + * 社会化关系业务对象 sys_social + * + * @author Michelle.Chung + */ +@Data +public class RemoteSocialBo { + + /** + * 主键 + */ + private Long id; + + /** + * 的唯一ID + */ + private String authId; + + /** + * 用户来源 + */ + private String source; + + /** + * 用户的授权令牌 + */ + private String accessToken; + + /** + * 用户的授权令牌的有效期,部分平台可能没有 + */ + private int expireIn; + + /** + * 刷新令牌,部分平台可能没有 + */ + private String refreshToken; + + /** + * 平台唯一id + */ + private String openId; + + /** + * 用户的 ID + */ + private Long userId; + + /** + * 平台的授权信息,部分平台可能没有 + */ + private String accessCode; + + /** + * 用户的 unionid + */ + private String unionId; + + /** + * 授予的权限,部分平台可能没有 + */ + private String scope; + + /** + * 授权的第三方账号 + */ + private String userName; + + /** + * 授权的第三方昵称 + */ + private String nickName; + + /** + * 授权的第三方邮箱 + */ + private String email; + + /** + * 授权的第三方头像地址 + */ + private String avatar; + + /** + * 个别平台的授权信息,部分平台可能没有 + */ + private String tokenType; + + /** + * id token,部分平台可能没有 + */ + private String idToken; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macAlgorithm; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macKey; + + /** + * 用户的授权code,部分平台可能没有 + */ + private String code; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthToken; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthTokenSecret; + +} diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteClientVo.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteClientVo.java new file mode 100644 index 000000000..400f56b74 --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteClientVo.java @@ -0,0 +1,71 @@ +package org.dromara.system.api.domain.vo; + +import lombok.Data; +import java.io.Serial; +import java.io.Serializable; +import java.util.List; + + +/** + * 授权管理视图对象 sys_client + * + * @author Michelle.Chung + */ +@Data +public class RemoteClientVo implements Serializable { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * id + */ + private Long id; + + /** + * 客户端id + */ + private String clientId; + + /** + * 客户端key + */ + private String clientKey; + + /** + * 客户端秘钥 + */ + private String clientSecret; + + /** + * 授权类型 + */ + private List grantTypeList; + + /** + * 授权类型 + */ + private String grantType; + + /** + * 设备类型 + */ + private String deviceType; + + /** + * token活跃超时时间 + */ + private Long activeTimeout; + + /** + * token固定超时时间 + */ + private Long timeout; + + /** + * 状态(0正常 1停用) + */ + private String status; + + +} diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteSocialVo.java b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteSocialVo.java new file mode 100644 index 000000000..71e8d58a4 --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/domain/vo/RemoteSocialVo.java @@ -0,0 +1,135 @@ +package org.dromara.system.api.domain.vo; + +import lombok.Data; +import java.io.Serial; +import java.io.Serializable; + + +/** + * 社会化关系视图对象 sys_social + * + * @author thiszhc + */ +@Data +public class RemoteSocialVo implements Serializable { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * 主键 + */ + private Long id; + + /** + * 用户ID + */ + private Long userId; + + /** + * 租户ID + */ + private String tenantId; + + /** + * 的唯一ID + */ + private String authId; + + /** + * 用户来源 + */ + private String source; + + /** + * 用户的授权令牌 + */ + private String accessToken; + + /** + * 用户的授权令牌的有效期,部分平台可能没有 + */ + private int expireIn; + + /** + * 刷新令牌,部分平台可能没有 + */ + private String refreshToken; + + /** + * 用户的 open id + */ + private String openId; + + /** + * 授权的第三方账号 + */ + private String userName; + + /** + * 授权的第三方昵称 + */ + private String nickName; + + /** + * 授权的第三方邮箱 + */ + private String email; + + /** + * 授权的第三方头像地址 + */ + private String avatar; + + + /** + * 平台的授权信息,部分平台可能没有 + */ + private String accessCode; + + /** + * 用户的 unionid + */ + private String unionId; + + /** + * 授予的权限,部分平台可能没有 + */ + private String scope; + + /** + * 个别平台的授权信息,部分平台可能没有 + */ + private String tokenType; + + /** + * id token,部分平台可能没有 + */ + private String idToken; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macAlgorithm; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macKey; + + /** + * 用户的授权code,部分平台可能没有 + */ + private String code; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthToken; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthTokenSecret; + +} diff --git a/ruoyi-auth/pom.xml b/ruoyi-auth/pom.xml index fc312a10a..6694c4b07 100644 --- a/ruoyi-auth/pom.xml +++ b/ruoyi-auth/pom.xml @@ -28,6 +28,11 @@ spring-cloud-starter-alibaba-nacos-config + + cn.hutool + hutool-captcha + + org.dromara ruoyi-common-sentinel @@ -39,6 +44,11 @@ ruoyi-common-security + + org.dromara + ruoyi-common-social + + org.dromara diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/captcha/UnsignedMathGenerator.java b/ruoyi-auth/src/main/java/org/dromara/auth/captcha/UnsignedMathGenerator.java similarity index 98% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/captcha/UnsignedMathGenerator.java rename to ruoyi-auth/src/main/java/org/dromara/auth/captcha/UnsignedMathGenerator.java index 92c5ee205..feb4cdf43 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/captcha/UnsignedMathGenerator.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/captcha/UnsignedMathGenerator.java @@ -1,4 +1,4 @@ -package org.dromara.gateway.captcha; +package org.dromara.auth.captcha; import cn.hutool.captcha.generator.CodeGenerator; import cn.hutool.core.math.Calculator; diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/CaptchaConfig.java b/ruoyi-auth/src/main/java/org/dromara/auth/config/CaptchaConfig.java similarity index 97% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/config/CaptchaConfig.java rename to ruoyi-auth/src/main/java/org/dromara/auth/config/CaptchaConfig.java index 94d87db45..588001675 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/CaptchaConfig.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/config/CaptchaConfig.java @@ -1,4 +1,4 @@ -package org.dromara.gateway.config; +package org.dromara.auth.config; import cn.hutool.captcha.CaptchaUtil; import cn.hutool.captcha.CircleCaptcha; diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/service/impl/ValidateCodeServiceImpl.java b/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java similarity index 52% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/service/impl/ValidateCodeServiceImpl.java rename to ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java index 7dca913fc..9a3815530 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/service/impl/ValidateCodeServiceImpl.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/controller/CaptchaController.java @@ -1,53 +1,55 @@ -package org.dromara.gateway.service.impl; +package org.dromara.auth.controller; +import cn.dev33.satoken.annotation.SaIgnore; import cn.hutool.captcha.AbstractCaptcha; import cn.hutool.captcha.generator.CodeGenerator; import cn.hutool.core.util.IdUtil; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.dromara.auth.domain.vo.CaptchaVo; +import org.dromara.auth.enums.CaptchaType; +import org.dromara.auth.properties.CaptchaProperties; import org.dromara.common.core.constant.Constants; import org.dromara.common.core.constant.GlobalConstants; import org.dromara.common.core.domain.R; -import org.dromara.common.core.exception.CaptchaException; -import org.dromara.common.core.exception.user.CaptchaExpireException; import org.dromara.common.core.utils.SpringUtils; import org.dromara.common.core.utils.StringUtils; import org.dromara.common.core.utils.reflect.ReflectUtils; import org.dromara.common.redis.utils.RedisUtils; -import org.dromara.gateway.config.properties.CaptchaProperties; -import org.dromara.gateway.enums.CaptchaType; -import org.dromara.gateway.service.ValidateCodeService; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.expression.Expression; import org.springframework.expression.ExpressionParser; import org.springframework.expression.spel.standard.SpelExpressionParser; -import org.springframework.stereotype.Service; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RestController; -import java.io.IOException; import java.time.Duration; -import java.util.HashMap; -import java.util.Map; /** - * 验证码实现处理 + * 验证码操作处理 * - * @author ruoyi + * @author Lion Li */ -@Service -public class ValidateCodeServiceImpl implements ValidateCodeService { - @Autowired - private CaptchaProperties captchaProperties; +@SaIgnore +@Slf4j +@Validated +@RequiredArgsConstructor +@RestController +public class CaptchaController { + + private final CaptchaProperties captchaProperties; /** * 生成验证码 */ - @Override - public R> createCaptcha() throws IOException, CaptchaException { - Map ajax = new HashMap<>(); + @GetMapping("/code") + public R getCode() { + CaptchaVo captchaVo = new CaptchaVo(); boolean captchaEnabled = captchaProperties.getEnabled(); - ajax.put("captchaEnabled", captchaEnabled); if (!captchaEnabled) { - return R.ok(ajax); + captchaVo.setCaptchaEnabled(false); + return R.ok(captchaVo); } - // 保存验证码信息 String uuid = IdUtil.simpleUUID(); String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + uuid; @@ -66,28 +68,9 @@ public class ValidateCodeServiceImpl implements ValidateCodeService { code = exp.getValue(String.class); } RedisUtils.setCacheObject(verifyKey, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION)); - ajax.put("uuid", uuid); - ajax.put("img", captcha.getImageBase64()); - return R.ok(ajax); + captchaVo.setUuid(uuid); + captchaVo.setImg(captcha.getImageBase64()); + return R.ok(captchaVo); } - /** - * 校验验证码 - */ - @Override - public void checkCaptcha(String code, String uuid) throws CaptchaException { - if (StringUtils.isEmpty(code)) { - throw new CaptchaException("user.jcaptcha.not.blank"); - } - if (StringUtils.isEmpty(uuid)) { - throw new CaptchaExpireException(); - } - String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + uuid; - String captcha = RedisUtils.getCacheObject(verifyKey); - RedisUtils.deleteObject(verifyKey); - - if (!code.equalsIgnoreCase(captcha)) { - throw new CaptchaException(); - } - } } diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java b/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java index 227af5113..3c128c56d 100644 --- a/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java @@ -1,31 +1,40 @@ package org.dromara.auth.controller; import cn.hutool.core.collection.CollUtil; +import cn.hutool.core.util.ObjectUtil; import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.request.AuthRequest; +import me.zhyd.oauth.utils.AuthStateUtils; import org.apache.dubbo.config.annotation.DubboReference; import org.dromara.auth.domain.vo.LoginTenantVo; import org.dromara.auth.domain.vo.LoginVo; import org.dromara.auth.domain.vo.TenantListVo; -import org.dromara.auth.form.EmailLoginBody; -import org.dromara.auth.form.LoginBody; +import org.dromara.common.core.domain.model.LoginBody; import org.dromara.auth.form.RegisterBody; -import org.dromara.auth.form.SmsLoginBody; +import org.dromara.auth.service.IAuthStrategy; import org.dromara.auth.service.SysLoginService; import org.dromara.common.core.domain.R; import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.common.core.utils.MessageUtils; import org.dromara.common.core.utils.StreamUtils; import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.social.config.properties.SocialLoginConfigProperties; +import org.dromara.common.social.config.properties.SocialProperties; +import org.dromara.common.social.utils.SocialUtils; import org.dromara.common.tenant.helper.TenantHelper; +import org.dromara.system.api.RemoteClientService; +import org.dromara.system.api.RemoteSocialService; import org.dromara.system.api.RemoteTenantService; +import org.dromara.system.api.domain.vo.RemoteClientVo; import org.dromara.system.api.domain.vo.RemoteTenantVo; import org.springframework.validation.annotation.Validated; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import jakarta.servlet.http.HttpServletRequest; -import jakarta.validation.constraints.NotBlank; + import java.net.URL; import java.util.List; @@ -34,80 +43,89 @@ import java.util.List; * * @author Lion Li */ +@Slf4j @Validated @RequiredArgsConstructor @RestController public class TokenController { + private final SocialProperties socialProperties; private final SysLoginService sysLoginService; @DubboReference private final RemoteTenantService remoteTenantService; + @DubboReference + private final RemoteClientService remoteClientService; + @DubboReference + private final RemoteSocialService remoteSocialService; /** * 登录方法 */ @PostMapping("login") - public R login(@Validated @RequestBody LoginBody body) { - LoginVo loginVo = new LoginVo(); - // 生成令牌 - String token = sysLoginService.login( - body.getTenantId(), - body.getUsername(), - body.getPassword()); - loginVo.setToken(token); - return R.ok(loginVo); + public R login(@Validated @RequestBody LoginBody loginBody) { + // 授权类型和客户端id + String clientId = loginBody.getClientId(); + String grantType = loginBody.getGrantType(); + RemoteClientVo clientVo = remoteClientService.queryByClientId(clientId); + + // 查询不到 client 或 client 内不包含 grantType + if (ObjectUtil.isNull(clientVo) || !StringUtils.contains(clientVo.getGrantType(), grantType)) { + log.info("客户端id: {} 认证类型:{} 异常!.", clientId, grantType); + return R.fail(MessageUtils.message("auth.grant.type.error")); + } + // 校验租户 + sysLoginService.checkTenant(loginBody.getTenantId()); + // 登录 + return R.ok(IAuthStrategy.login(loginBody, clientVo)); } /** - * 短信登录 + * 第三方登录请求 * - * @param smsLoginBody 登录信息 + * @param source 登录来源 * @return 结果 */ - @PostMapping("/smsLogin") - public R smsLogin(@Validated @RequestBody SmsLoginBody smsLoginBody) { - LoginVo loginVo = new LoginVo(); - // 生成令牌 - String token = sysLoginService.smsLogin( - smsLoginBody.getTenantId(), - smsLoginBody.getPhonenumber(), - smsLoginBody.getSmsCode()); - loginVo.setToken(token); - return R.ok(loginVo); + @GetMapping("/binding/{source}") + public R authBinding(@PathVariable("source") String source) { + SocialLoginConfigProperties obj = socialProperties.getType().get(source); + if (ObjectUtil.isNull(obj)) { + return R.fail(source + "平台账号暂不支持"); + } + AuthRequest authRequest = SocialUtils.getAuthRequest(source, socialProperties); + String authorizeUrl = authRequest.authorize(AuthStateUtils.createState()); + return R.ok("操作成功", authorizeUrl); } /** - * 邮件登录 + * 第三方登录回调业务处理 绑定授权 * - * @param body 登录信息 + * @param loginBody 请求体 * @return 结果 */ - @PostMapping("/emailLogin") - public R emailLogin(@Validated @RequestBody EmailLoginBody body) { - LoginVo loginVo = new LoginVo(); - // 生成令牌 - String token = sysLoginService.emailLogin( - body.getTenantId(), - body.getEmail(), - body.getEmailCode()); - loginVo.setToken(token); - return R.ok(loginVo); + @PostMapping("/social/callback") + public R socialCallback(@RequestBody LoginBody loginBody) { + // 获取第三方登录信息 + AuthResponse response = SocialUtils.loginAuth(loginBody, socialProperties); + AuthUser authUserData = response.getData(); + // 判断授权响应是否成功 + if (!response.ok()) { + return R.fail(response.getMsg()); + } + sysLoginService.socialRegister(authUserData); + return R.ok(); } + /** - * 小程序登录(示例) + * 取消授权 * - * @param xcxCode 小程序code - * @return 结果 + * @param socialId socialId */ - @PostMapping("/xcxLogin") - public R xcxLogin(@NotBlank(message = "{xcx.code.not.blank}") String xcxCode) { - LoginVo loginVo = new LoginVo(); - // 生成令牌 - String token = sysLoginService.xcxLogin(xcxCode); - loginVo.setToken(token); - return R.ok(loginVo); + @DeleteMapping(value = "/unlock/{socialId}") + public R unlockSocial(@PathVariable Long socialId) { + Boolean rows = remoteSocialService.deleteWithValidById(socialId); + return rows ? R.ok() : R.fail("取消授权失败"); } /** diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/CaptchaVo.java b/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/CaptchaVo.java new file mode 100644 index 000000000..2a4c0bd42 --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/CaptchaVo.java @@ -0,0 +1,25 @@ +package org.dromara.auth.domain.vo; + +import lombok.Data; + +/** + * 验证码信息 + * + * @author Michelle.Chung + */ +@Data +public class CaptchaVo { + + /** + * 是否开启验证码 + */ + private Boolean captchaEnabled = true; + + private String uuid; + + /** + * 验证码图片 + */ + private String img; + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/LoginVo.java b/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/LoginVo.java index 42b40522e..e4bea143d 100644 --- a/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/LoginVo.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/domain/vo/LoginVo.java @@ -1,5 +1,6 @@ package org.dromara.auth.domain.vo; +import com.fasterxml.jackson.annotation.JsonProperty; import lombok.Data; /** @@ -10,6 +11,44 @@ import lombok.Data; @Data public class LoginVo { - private String token; + /** + * 授权令牌 + */ + @JsonProperty("access_token") + private String accessToken; + + /** + * 刷新令牌 + */ + @JsonProperty("refresh_token") + private String refreshToken; + + /** + * 授权令牌 access_token 的有效期 + */ + @JsonProperty("expire_in") + private Long expireIn; + + /** + * 刷新令牌 refresh_token 的有效期 + */ + @JsonProperty("refresh_expire_in") + private Long refreshExpireIn; + + /** + * 应用id + */ + @JsonProperty("client_id") + private String clientId; + + /** + * 令牌权限 + */ + private String scope; + + /** + * 用户 openid + */ + private String openid; } diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaCategory.java b/ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaCategory.java similarity index 94% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaCategory.java rename to ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaCategory.java index fb3e6cb0b..b387aed2c 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaCategory.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaCategory.java @@ -1,4 +1,4 @@ -package org.dromara.gateway.enums; +package org.dromara.auth.enums; import cn.hutool.captcha.AbstractCaptcha; import cn.hutool.captcha.CircleCaptcha; diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaType.java b/ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaType.java similarity index 83% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaType.java rename to ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaType.java index d56c9ec8b..b66334599 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/enums/CaptchaType.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/enums/CaptchaType.java @@ -1,8 +1,8 @@ -package org.dromara.gateway.enums; +package org.dromara.auth.enums; import cn.hutool.captcha.generator.CodeGenerator; import cn.hutool.captcha.generator.RandomGenerator; -import org.dromara.gateway.captcha.UnsignedMathGenerator; +import org.dromara.auth.captcha.UnsignedMathGenerator; import lombok.AllArgsConstructor; import lombok.Getter; diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/form/LoginBody.java b/ruoyi-auth/src/main/java/org/dromara/auth/form/LoginBody.java deleted file mode 100644 index c34bb8460..000000000 --- a/ruoyi-auth/src/main/java/org/dromara/auth/form/LoginBody.java +++ /dev/null @@ -1,39 +0,0 @@ -package org.dromara.auth.form; - -import org.dromara.common.core.constant.UserConstants; -import lombok.Data; -import lombok.NoArgsConstructor; -import org.hibernate.validator.constraints.Length; - -import jakarta.validation.constraints.NotBlank; - -/** - * 用户登录对象 - * - * @author Lion Li - */ -@Data -@NoArgsConstructor -public class LoginBody { - - /** - * 租户ID - */ - @NotBlank(message = "{tenant.number.not.blank}") - private String tenantId; - - /** - * 用户名 - */ - @NotBlank(message = "{user.username.not.blank}") - @Length(min = UserConstants.USERNAME_MIN_LENGTH, max = UserConstants.USERNAME_MAX_LENGTH, message = "{user.username.length.valid}") - private String username; - - /** - * 用户密码 - */ - @NotBlank(message = "{user.password.not.blank}") - @Length(min = UserConstants.PASSWORD_MIN_LENGTH, max = UserConstants.PASSWORD_MAX_LENGTH, message = "{user.password.length.valid}") - private String password; - -} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java b/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java index a22ce865f..0971dc1d2 100644 --- a/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/form/RegisterBody.java @@ -2,6 +2,7 @@ package org.dromara.auth.form; import lombok.Data; import lombok.EqualsAndHashCode; +import org.dromara.common.core.domain.model.LoginBody; /** * 用户注册对象 diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/properties/CaptchaProperties.java b/ruoyi-auth/src/main/java/org/dromara/auth/properties/CaptchaProperties.java similarity index 84% rename from ruoyi-gateway/src/main/java/org/dromara/gateway/config/properties/CaptchaProperties.java rename to ruoyi-auth/src/main/java/org/dromara/auth/properties/CaptchaProperties.java index d3187772e..1cd70982a 100644 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/properties/CaptchaProperties.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/properties/CaptchaProperties.java @@ -1,7 +1,7 @@ -package org.dromara.gateway.config.properties; +package org.dromara.auth.properties; -import org.dromara.gateway.enums.CaptchaCategory; -import org.dromara.gateway.enums.CaptchaType; +import org.dromara.auth.enums.CaptchaCategory; +import org.dromara.auth.enums.CaptchaType; import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.cloud.context.config.annotation.RefreshScope; diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/IAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/IAuthStrategy.java new file mode 100644 index 000000000..470acf1b0 --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/IAuthStrategy.java @@ -0,0 +1,44 @@ +package org.dromara.auth.service; + +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.common.core.exception.ServiceException; +import org.dromara.common.core.utils.SpringUtils; +import org.dromara.system.api.domain.vo.RemoteClientVo; + +/** + * 授权策略 + * + * @author Michelle.Chung + */ +public interface IAuthStrategy { + + String BASE_NAME = "AuthStrategy"; + + /** + * 登录 + */ + static LoginVo login(LoginBody loginBody, RemoteClientVo client) { + // 授权类型和客户端id + String clientId = loginBody.getClientId(); + String grantType = loginBody.getGrantType(); + String beanName = grantType + BASE_NAME; + if (!SpringUtils.containsBean(beanName)) { + throw new ServiceException("授权类型不正确!"); + } + IAuthStrategy instance = SpringUtils.getBean(beanName); + instance.validate(loginBody); + return instance.login(clientId, loginBody, client); + } + + /** + * 参数校验 + */ + void validate(LoginBody loginBody); + + /** + * 登录 + */ + LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client); + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/SysLoginService.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/SysLoginService.java index 3480e50a8..f3e8f3041 100644 --- a/ruoyi-auth/src/main/java/org/dromara/auth/service/SysLoginService.java +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/SysLoginService.java @@ -6,33 +6,31 @@ import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.util.ObjectUtil; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; +import me.zhyd.oauth.model.AuthUser; import org.apache.dubbo.config.annotation.DubboReference; import org.dromara.auth.form.RegisterBody; import org.dromara.auth.properties.UserPasswordProperties; import org.dromara.common.core.constant.Constants; import org.dromara.common.core.constant.GlobalConstants; import org.dromara.common.core.constant.TenantConstants; -import org.dromara.common.core.enums.DeviceType; import org.dromara.common.core.enums.LoginType; import org.dromara.common.core.enums.TenantStatus; import org.dromara.common.core.enums.UserType; -import org.dromara.common.core.exception.user.CaptchaExpireException; import org.dromara.common.core.exception.user.UserException; -import org.dromara.common.core.utils.MessageUtils; -import org.dromara.common.core.utils.ServletUtils; -import org.dromara.common.core.utils.SpringUtils; -import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.core.utils.*; import org.dromara.common.log.event.LogininforEvent; import org.dromara.common.redis.utils.RedisUtils; import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.tenant.exception.TenantException; import org.dromara.common.tenant.helper.TenantHelper; +import org.dromara.system.api.RemoteSocialService; import org.dromara.system.api.RemoteTenantService; import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.bo.RemoteSocialBo; import org.dromara.system.api.domain.bo.RemoteUserBo; import org.dromara.system.api.domain.vo.RemoteTenantVo; import org.dromara.system.api.model.LoginUser; -import org.dromara.system.api.model.XcxLoginUser; +import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; @@ -54,65 +52,26 @@ public class SysLoginService { private RemoteUserService remoteUserService; @DubboReference private RemoteTenantService remoteTenantService; + @DubboReference + private RemoteSocialService remoteSocialService; @Autowired private UserPasswordProperties userPasswordProperties; /** - * 登录 + * 绑定第三方用户 + * + * @param authUserData 授权响应实体 */ - public String login(String tenantId, String username, String password) { - // 校验租户 - checkTenant(tenantId); - LoginUser userInfo = remoteUserService.getUserInfo(username, tenantId); - checkLogin(LoginType.PASSWORD, tenantId, username, () -> !BCrypt.checkpw(password, userInfo.getPassword())); - // 获取登录token - LoginHelper.loginByDevice(userInfo, DeviceType.PC); - - recordLogininfor(tenantId, username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); - return StpUtil.getTokenValue(); - } - - public String smsLogin(String tenantId, String phonenumber, String smsCode) { - // 校验租户 - checkTenant(tenantId); - // 通过手机号查找用户 - LoginUser userInfo = remoteUserService.getUserInfoByPhonenumber(phonenumber, tenantId); - - checkLogin(LoginType.SMS, tenantId, userInfo.getUsername(), () -> !validateSmsCode(tenantId, phonenumber, smsCode)); - // 生成token - LoginHelper.loginByDevice(userInfo, DeviceType.APP); - - recordLogininfor(tenantId, userInfo.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); - return StpUtil.getTokenValue(); - } - - public String emailLogin(String tenantId, String email, String emailCode) { - // 校验租户 - checkTenant(tenantId); - // 通过邮箱查找用户 - LoginUser userInfo = remoteUserService.getUserInfoByEmail(email, tenantId); - - checkLogin(LoginType.EMAIL,tenantId, userInfo.getUsername(), () -> !validateEmailCode(tenantId, email, emailCode)); - // 生成token - LoginHelper.loginByDevice(userInfo, DeviceType.APP); - - recordLogininfor(tenantId, userInfo.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); - return StpUtil.getTokenValue(); - } - - public String xcxLogin(String xcxCode) { - // xcxCode 为 小程序调用 wx.login 授权后获取 - // todo 自行实现 校验 appid + appsrcret + xcxCode 调用登录凭证校验接口 获取 session_key 与 openid - String openid = ""; - XcxLoginUser userInfo = remoteUserService.getUserInfoByOpenid(openid); - // 校验租户 - checkTenant(userInfo.getTenantId()); - // 生成token - LoginHelper.loginByDevice(userInfo, DeviceType.XCX); - - recordLogininfor(userInfo.getTenantId(), userInfo.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); - return StpUtil.getTokenValue(); + public void socialRegister(AuthUser authUserData) { + RemoteSocialBo bo = new RemoteSocialBo(); + bo.setUserId(LoginHelper.getUserId()); + bo.setAuthId(authUserData.getSource() + authUserData.getUuid()); + bo.setOpenId(authUserData.getUuid()); + bo.setUserName(authUserData.getUsername()); + BeanUtils.copyProperties(authUserData, bo); + BeanUtils.copyProperties(authUserData.getToken(), bo); + remoteSocialService.insertByBo(bo); } /** @@ -177,34 +136,10 @@ public class SysLoginService { SpringUtils.context().publishEvent(logininforEvent); } - /** - * 校验短信验证码 - */ - private boolean validateSmsCode(String tenantId, String phonenumber, String smsCode) { - String code = RedisUtils.getCacheObject(GlobalConstants.CAPTCHA_CODE_KEY + phonenumber); - if (StringUtils.isBlank(code)) { - recordLogininfor(tenantId, phonenumber, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")); - throw new CaptchaExpireException(); - } - return code.equals(smsCode); - } - - /** - * 校验邮箱验证码 - */ - private boolean validateEmailCode(String tenantId, String email, String emailCode) { - String code = RedisUtils.getCacheObject(GlobalConstants.CAPTCHA_CODE_KEY + email); - if (StringUtils.isBlank(code)) { - recordLogininfor(tenantId, email, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")); - throw new CaptchaExpireException(); - } - return code.equals(emailCode); - } - /** * 登录校验 */ - private void checkLogin(LoginType loginType, String tenantId, String username, Supplier supplier) { + public void checkLogin(LoginType loginType, String tenantId, String username, Supplier supplier) { String errorKey = GlobalConstants.PWD_ERR_CNT_KEY + username; String loginFail = Constants.LOGIN_FAIL; Integer maxRetryCount = userPasswordProperties.getMaxRetryCount(); @@ -237,7 +172,12 @@ public class SysLoginService { RedisUtils.deleteObject(errorKey); } - private void checkTenant(String tenantId) { + /** + * 校验租户 + * + * @param tenantId 租户ID + */ + public void checkTenant(String tenantId) { if (!TenantHelper.isEnable()) { return; } diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/EmailAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/EmailAuthStrategy.java new file mode 100644 index 000000000..382060b4c --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/EmailAuthStrategy.java @@ -0,0 +1,87 @@ +package org.dromara.auth.service.impl; + +import cn.dev33.satoken.stp.SaLoginModel; +import cn.dev33.satoken.stp.StpUtil; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.apache.dubbo.config.annotation.DubboReference; +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.auth.service.IAuthStrategy; +import org.dromara.auth.service.SysLoginService; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.core.constant.GlobalConstants; +import org.dromara.common.core.enums.LoginType; +import org.dromara.common.core.exception.user.CaptchaExpireException; +import org.dromara.common.core.utils.MessageUtils; +import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.core.utils.ValidatorUtils; +import org.dromara.common.core.validate.auth.EmailGroup; +import org.dromara.common.redis.utils.RedisUtils; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.api.model.LoginUser; +import org.springframework.stereotype.Service; + +/** + * 邮件认证策略 + * + * @author Michelle.Chung + */ +@Slf4j +@Service("email" + IAuthStrategy.BASE_NAME) +@RequiredArgsConstructor +public class EmailAuthStrategy implements IAuthStrategy { + + private final SysLoginService loginService; + + @DubboReference + private RemoteUserService remoteUserService; + + @Override + public void validate(LoginBody loginBody) { + ValidatorUtils.validate(loginBody, EmailGroup.class); + } + + @Override + public LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client) { + String tenantId = loginBody.getTenantId(); + String email = loginBody.getEmail(); + String emailCode = loginBody.getEmailCode(); + + // 通过邮箱查找用户 + LoginUser loginUser = remoteUserService.getUserInfoByEmail(email, tenantId); + loginService.checkLogin(LoginType.EMAIL, tenantId, loginUser.getUsername(), () -> !validateEmailCode(tenantId, email, emailCode)); + SaLoginModel model = new SaLoginModel(); + model.setDevice(client.getDeviceType()); + // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 + // 例如: 后台用户30分钟过期 app用户1天过期 + model.setTimeout(client.getTimeout()); + model.setActiveTimeout(client.getActiveTimeout()); + // 生成token + LoginHelper.login(loginUser, model); + + loginService.recordLogininfor(loginUser.getTenantId(), loginUser.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); + remoteUserService.recordLoginInfo(loginUser.getUserId()); + + LoginVo loginVo = new LoginVo(); + loginVo.setAccessToken(StpUtil.getTokenValue()); + loginVo.setExpireIn(StpUtil.getTokenTimeout()); + loginVo.setClientId(clientId); + return loginVo; + } + + /** + * 校验邮箱验证码 + */ + private boolean validateEmailCode(String tenantId, String email, String emailCode) { + String code = RedisUtils.getCacheObject(GlobalConstants.CAPTCHA_CODE_KEY + email); + if (StringUtils.isBlank(code)) { + loginService.recordLogininfor(tenantId, email, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")); + throw new CaptchaExpireException(); + } + return code.equals(emailCode); + } + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/PasswordAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/PasswordAuthStrategy.java new file mode 100644 index 000000000..5d32359ea --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/PasswordAuthStrategy.java @@ -0,0 +1,109 @@ +package org.dromara.auth.service.impl; + +import cn.dev33.satoken.secure.BCrypt; +import cn.dev33.satoken.stp.SaLoginModel; +import cn.dev33.satoken.stp.StpUtil; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.apache.dubbo.config.annotation.DubboReference; +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.common.core.exception.CaptchaException; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.auth.properties.CaptchaProperties; +import org.dromara.auth.service.IAuthStrategy; +import org.dromara.auth.service.SysLoginService; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.core.constant.GlobalConstants; +import org.dromara.common.core.enums.LoginType; +import org.dromara.common.core.exception.user.CaptchaExpireException; +import org.dromara.common.core.utils.MessageUtils; +import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.core.utils.ValidatorUtils; +import org.dromara.common.core.validate.auth.PasswordGroup; +import org.dromara.common.redis.utils.RedisUtils; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.api.model.LoginUser; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; + +/** + * 密码认证策略 + * + * @author Michelle.Chung + */ +@Slf4j +@Service("password" + IAuthStrategy.BASE_NAME) +@RequiredArgsConstructor +public class PasswordAuthStrategy implements IAuthStrategy { + + @Value("{security.captcha.enabled}") + private Boolean captchaEnabled; + + private final SysLoginService loginService; + + @DubboReference + private RemoteUserService remoteUserService; + + @Override + public void validate(LoginBody loginBody) { + ValidatorUtils.validate(loginBody, PasswordGroup.class); + } + + @Override + public LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client) { + String tenantId = loginBody.getTenantId(); + String username = loginBody.getUsername(); + String password = loginBody.getPassword(); + String code = loginBody.getCode(); + String uuid = loginBody.getUuid(); + + // 验证码开关 + if (captchaEnabled) { + validateCaptcha(tenantId, username, code, uuid); + } + + LoginUser loginUser = remoteUserService.getUserInfo(username, tenantId); + loginService.checkLogin(LoginType.PASSWORD, tenantId, username, () -> !BCrypt.checkpw(password, loginUser.getPassword())); + SaLoginModel model = new SaLoginModel(); + model.setDevice(client.getDeviceType()); + // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 + // 例如: 后台用户30分钟过期 app用户1天过期 + model.setTimeout(client.getTimeout()); + model.setActiveTimeout(client.getActiveTimeout()); + // 生成token + LoginHelper.login(loginUser, model); + + loginService.recordLogininfor(loginUser.getTenantId(), username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); + remoteUserService.recordLoginInfo(loginUser.getUserId()); + + LoginVo loginVo = new LoginVo(); + loginVo.setAccessToken(StpUtil.getTokenValue()); + loginVo.setExpireIn(StpUtil.getTokenTimeout()); + loginVo.setClientId(clientId); + return loginVo; + } + + /** + * 校验验证码 + * + * @param username 用户名 + * @param code 验证码 + * @param uuid 唯一标识 + */ + private void validateCaptcha(String tenantId, String username, String code, String uuid) { + String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + StringUtils.defaultString(uuid, ""); + String captcha = RedisUtils.getCacheObject(verifyKey); + RedisUtils.deleteObject(verifyKey); + if (captcha == null) { + loginService.recordLogininfor(tenantId, username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")); + throw new CaptchaExpireException(); + } + if (!code.equalsIgnoreCase(captcha)) { + loginService.recordLogininfor(tenantId, username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")); + throw new CaptchaException(); + } + } + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SmsAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SmsAuthStrategy.java new file mode 100644 index 000000000..b515c144a --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SmsAuthStrategy.java @@ -0,0 +1,87 @@ +package org.dromara.auth.service.impl; + +import cn.dev33.satoken.stp.SaLoginModel; +import cn.dev33.satoken.stp.StpUtil; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.apache.dubbo.config.annotation.DubboReference; +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.auth.service.IAuthStrategy; +import org.dromara.auth.service.SysLoginService; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.core.constant.GlobalConstants; +import org.dromara.common.core.enums.LoginType; +import org.dromara.common.core.exception.user.CaptchaExpireException; +import org.dromara.common.core.utils.MessageUtils; +import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.core.utils.ValidatorUtils; +import org.dromara.common.core.validate.auth.SmsGroup; +import org.dromara.common.redis.utils.RedisUtils; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.api.model.LoginUser; +import org.springframework.stereotype.Service; + +/** + * 短信认证策略 + * + * @author Michelle.Chung + */ +@Slf4j +@Service("sms" + IAuthStrategy.BASE_NAME) +@RequiredArgsConstructor +public class SmsAuthStrategy implements IAuthStrategy { + + private final SysLoginService loginService; + + @DubboReference + private RemoteUserService remoteUserService; + + @Override + public void validate(LoginBody loginBody) { + ValidatorUtils.validate(loginBody, SmsGroup.class); + } + + @Override + public LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client) { + String tenantId = loginBody.getTenantId(); + String phonenumber = loginBody.getPhonenumber(); + String smsCode = loginBody.getSmsCode(); + + // 通过手机号查找用户 + LoginUser loginUser = remoteUserService.getUserInfoByPhonenumber(phonenumber, tenantId); + loginService.checkLogin(LoginType.SMS, tenantId, loginUser.getUsername(), () -> !validateSmsCode(tenantId, phonenumber, smsCode)); + SaLoginModel model = new SaLoginModel(); + model.setDevice(client.getDeviceType()); + // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 + // 例如: 后台用户30分钟过期 app用户1天过期 + model.setTimeout(client.getTimeout()); + model.setActiveTimeout(client.getActiveTimeout()); + // 生成token + LoginHelper.login(loginUser, model); + + loginService.recordLogininfor(loginUser.getTenantId(), loginUser.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); + remoteUserService.recordLoginInfo(loginUser.getUserId()); + + LoginVo loginVo = new LoginVo(); + loginVo.setAccessToken(StpUtil.getTokenValue()); + loginVo.setExpireIn(StpUtil.getTokenTimeout()); + loginVo.setClientId(clientId); + return loginVo; + } + + /** + * 校验短信验证码 + */ + private boolean validateSmsCode(String tenantId, String phonenumber, String smsCode) { + String code = RedisUtils.getCacheObject(GlobalConstants.CAPTCHA_CODE_KEY + phonenumber); + if (StringUtils.isBlank(code)) { + loginService.recordLogininfor(tenantId, phonenumber, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")); + throw new CaptchaExpireException(); + } + return code.equals(smsCode); + } + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SocialAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SocialAuthStrategy.java new file mode 100644 index 000000000..fdbae8942 --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/SocialAuthStrategy.java @@ -0,0 +1,112 @@ +package org.dromara.auth.service.impl; + +import cn.dev33.satoken.stp.SaLoginModel; +import cn.dev33.satoken.stp.StpUtil; +import cn.hutool.core.map.MapUtil; +import cn.hutool.core.util.ObjectUtil; +import cn.hutool.core.util.StrUtil; +import cn.hutool.http.HttpUtil; +import cn.hutool.http.Method; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthUser; +import org.apache.dubbo.config.annotation.DubboReference; +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.auth.service.IAuthStrategy; +import org.dromara.auth.service.SysLoginService; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.common.core.exception.ServiceException; +import org.dromara.common.core.utils.MessageUtils; +import org.dromara.common.core.utils.ValidatorUtils; +import org.dromara.common.core.validate.auth.SocialGroup; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.common.social.config.properties.SocialProperties; +import org.dromara.common.social.utils.SocialUtils; +import org.dromara.system.api.RemoteSocialService; +import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.api.domain.vo.RemoteSocialVo; +import org.dromara.system.api.model.LoginUser; +import org.springframework.stereotype.Service; + +/** + * 第三方授权策略 + * + * @author thiszhc is 三三 + */ +@Slf4j +@Service("social" + IAuthStrategy.BASE_NAME) +@RequiredArgsConstructor +public class SocialAuthStrategy implements IAuthStrategy { + + private final SocialProperties socialProperties; + private final SysLoginService loginService; + + @DubboReference + private RemoteSocialService remoteSocialService; + @DubboReference + private RemoteUserService remoteUserService; + + @Override + public void validate(LoginBody loginBody) { + ValidatorUtils.validate(loginBody, SocialGroup.class); + } + + /** + * 登录-第三方授权登录 + * + * @param clientId 客户端id + * @param loginBody 登录信息 + * @param client 客户端信息 + */ + @Override + public LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client) { + AuthResponse response = SocialUtils.loginAuth(loginBody, socialProperties); + if (!response.ok()) { + throw new ServiceException(response.getMsg()); + } + AuthUser authUserData = response.getData(); + if ("GITEE".equals(authUserData.getSource())) { + // 如用户使用 gitee 登录顺手 star 给作者一点支持 拒绝白嫖 + HttpUtil.createRequest(Method.PUT, "https://gitee.com/api/v5/user/starred/dromara/RuoYi-Vue-Plus") + .formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken())) + .executeAsync(); + HttpUtil.createRequest(Method.PUT, "https://gitee.com/api/v5/user/starred/dromara/RuoYi-Cloud-Plus") + .formStr(MapUtil.of("access_token", authUserData.getToken().getAccessToken())) + .executeAsync(); + } + + RemoteSocialVo socialVo = remoteSocialService.selectByAuthId(authUserData.getSource() + authUserData.getUuid()); + if (!ObjectUtil.isNotNull(socialVo)) { + throw new ServiceException("你还没有绑定第三方账号,绑定后才可以登录!"); + } + // 验证授权表里面的租户id是否包含当前租户id + String tenantId = socialVo.getTenantId(); + if (ObjectUtil.isNotNull(socialVo) && StrUtil.isNotBlank(tenantId) + && !tenantId.contains(loginBody.getTenantId())) { + throw new ServiceException("对不起,你没有权限登录当前租户!"); + } + + LoginUser loginUser = remoteUserService.getUserInfo(socialVo.getUserName(), tenantId); + SaLoginModel model = new SaLoginModel(); + model.setDevice(client.getDeviceType()); + // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 + // 例如: 后台用户30分钟过期 app用户1天过期 + model.setTimeout(client.getTimeout()); + model.setActiveTimeout(client.getActiveTimeout()); + // 生成token + LoginHelper.login(loginUser, model); + + loginService.recordLogininfor(loginUser.getTenantId(), socialVo.getUserName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); + remoteUserService.recordLoginInfo(socialVo.getUserId()); + + LoginVo loginVo = new LoginVo(); + loginVo.setAccessToken(StpUtil.getTokenValue()); + loginVo.setExpireIn(StpUtil.getTokenTimeout()); + loginVo.setClientId(clientId); + return loginVo; + } + +} diff --git a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxAuthStrategy.java b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxAuthStrategy.java new file mode 100644 index 000000000..ab2f0ca75 --- /dev/null +++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxAuthStrategy.java @@ -0,0 +1,71 @@ +package org.dromara.auth.service.impl; + +import cn.dev33.satoken.stp.SaLoginModel; +import cn.dev33.satoken.stp.StpUtil; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.apache.dubbo.config.annotation.DubboReference; +import org.dromara.auth.domain.vo.LoginVo; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.auth.service.IAuthStrategy; +import org.dromara.auth.service.SysLoginService; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.core.utils.MessageUtils; +import org.dromara.common.core.utils.ValidatorUtils; +import org.dromara.common.core.validate.auth.WechatGroup; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.system.api.RemoteUserService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.api.model.XcxLoginUser; +import org.springframework.stereotype.Service; + +/** + * 邮件认证策略 + * + * @author Michelle.Chung + */ +@Slf4j +@Service("xcx" + IAuthStrategy.BASE_NAME) +@RequiredArgsConstructor +public class XcxAuthStrategy implements IAuthStrategy { + + private final SysLoginService loginService; + + @DubboReference + private RemoteUserService remoteUserService; + + @Override + public void validate(LoginBody loginBody) { + ValidatorUtils.validate(loginBody, WechatGroup.class); + } + + @Override + public LoginVo login(String clientId, LoginBody loginBody, RemoteClientVo client) { + // xcxCode 为 小程序调用 wx.login 授权后获取 + String xcxCode = loginBody.getXcxCode(); + // todo 以下自行实现 + // 校验 appid + appsrcret + xcxCode 调用登录凭证校验接口 获取 session_key 与 openid + String openid = ""; + XcxLoginUser loginUser = remoteUserService.getUserInfoByOpenid(openid); + + SaLoginModel model = new SaLoginModel(); + model.setDevice(client.getDeviceType()); + // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 + // 例如: 后台用户30分钟过期 app用户1天过期 + model.setTimeout(client.getTimeout()); + model.setActiveTimeout(client.getActiveTimeout()); + // 生成token + LoginHelper.login(loginUser, model); + + loginService.recordLogininfor(loginUser.getTenantId(), loginUser.getUsername(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")); + remoteUserService.recordLoginInfo(loginUser.getUserId()); + + LoginVo loginVo = new LoginVo(); + loginVo.setAccessToken(StpUtil.getTokenValue()); + loginVo.setExpireIn(StpUtil.getTokenTimeout()); + loginVo.setClientId(clientId); + loginVo.setOpenid(openid); + return loginVo; + } + +} diff --git a/ruoyi-common/pom.xml b/ruoyi-common/pom.xml index c0bb7442e..b2cefe102 100644 --- a/ruoyi-common/pom.xml +++ b/ruoyi-common/pom.xml @@ -40,6 +40,7 @@ ruoyi-common-encrypt ruoyi-common-tenant ruoyi-common-websocket + ruoyi-common-social ruoyi-common diff --git a/ruoyi-common/ruoyi-common-bom/pom.xml b/ruoyi-common/ruoyi-common-bom/pom.xml index 9b7c12efa..9f26f29a6 100644 --- a/ruoyi-common/ruoyi-common-bom/pom.xml +++ b/ruoyi-common/ruoyi-common-bom/pom.xml @@ -205,6 +205,12 @@ ${revision} + + org.dromara + ruoyi-common-social + ${revision} + + diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/constant/GlobalConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/constant/GlobalConstants.java index 38593a33d..8e5a6eb98 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/constant/GlobalConstants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/constant/GlobalConstants.java @@ -31,4 +31,10 @@ public interface GlobalConstants { * 登录账户密码错误次数 redis key */ String PWD_ERR_CNT_KEY = GLOBAL_REDIS_KEY + "pwd_err_cnt:"; + + /** + * 三方认证 redis key + */ + String SOCIAL_AUTH_CODE_KEY = GLOBAL_REDIS_KEY + "social_auth_codes:"; + } diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginBody.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginBody.java new file mode 100644 index 000000000..33d092dcb --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/domain/model/LoginBody.java @@ -0,0 +1,122 @@ +package org.dromara.common.core.domain.model; + +import jakarta.validation.constraints.Email; +import org.dromara.common.core.constant.UserConstants; +import lombok.Data; +import lombok.NoArgsConstructor; +import org.dromara.common.core.validate.auth.*; +import org.hibernate.validator.constraints.Length; + +import jakarta.validation.constraints.NotBlank; + +/** + * 用户登录对象 + * + * @author Lion Li + */ +@Data +@NoArgsConstructor +public class LoginBody { + + /** + * 客户端id + */ + @NotBlank(message = "{auth.clientid.not.blank}") + private String clientId; + + /** + * 客户端key + */ + private String clientKey; + + /** + * 客户端秘钥 + */ + private String clientSecret; + + /** + * 授权类型 + */ + @NotBlank(message = "{auth.grant.type.not.blank}") + private String grantType; + + /** + * 租户ID + */ + @NotBlank(message = "{tenant.number.not.blank}") + private String tenantId; + + /** + * 用户名 + */ + @NotBlank(message = "{user.username.not.blank}", groups = {PasswordGroup.class}) + @Length(min = UserConstants.USERNAME_MIN_LENGTH, max = UserConstants.USERNAME_MAX_LENGTH, message = "{user.username.length.valid}", groups = {PasswordGroup.class}) + private String username; + + /** + * 用户密码 + */ + @NotBlank(message = "{user.password.not.blank}", groups = {PasswordGroup.class}) + @Length(min = UserConstants.PASSWORD_MIN_LENGTH, max = UserConstants.PASSWORD_MAX_LENGTH, message = "{user.password.length.valid}", groups = {PasswordGroup.class}) + private String password; + + /** + * 验证码 + */ + private String code; + + /** + * 唯一标识 + */ + private String uuid; + + /** + * 手机号 + */ + @NotBlank(message = "{user.phonenumber.not.blank}", groups = {SmsGroup.class}) + private String phonenumber; + + /** + * 短信code + */ + @NotBlank(message = "{sms.code.not.blank}", groups = {SmsGroup.class}) + private String smsCode; + + /** + * 邮箱 + */ + @NotBlank(message = "{user.email.not.blank}", groups = {EmailGroup.class}) + @Email(message = "{user.email.not.valid}") + private String email; + + /** + * 邮箱code + */ + @NotBlank(message = "{email.code.not.blank}", groups = {EmailGroup.class}) + private String emailCode; + + /** + * 小程序code + */ + @NotBlank(message = "{xcx.code.not.blank}", groups = {WechatGroup.class}) + private String xcxCode; + + /** + * 第三方登录平台 + */ + @NotBlank(message = "{social.source.not.blank}" , groups = {SocialGroup.class}) + private String source; + + /** + * 第三方登录code + */ + @NotBlank(message = "{social.code.not.blank}" , groups = {SocialGroup.class}) + private String socialCode; + + /** + * 第三方登录socialState + */ + @NotBlank(message = "{social.state.not.blank}" , groups = {SocialGroup.class}) + private String socialState; + +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/EmailGroup.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/EmailGroup.java new file mode 100644 index 000000000..130932f4a --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/EmailGroup.java @@ -0,0 +1,7 @@ +package org.dromara.common.core.validate.auth; + +/** + * @Author Michelle.Chung + */ +public interface EmailGroup { +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/PasswordGroup.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/PasswordGroup.java new file mode 100644 index 000000000..1516172ad --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/PasswordGroup.java @@ -0,0 +1,7 @@ +package org.dromara.common.core.validate.auth; + +/** + * @Author Michelle.Chung + */ +public interface PasswordGroup { +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SmsGroup.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SmsGroup.java new file mode 100644 index 000000000..d56286027 --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SmsGroup.java @@ -0,0 +1,7 @@ +package org.dromara.common.core.validate.auth; + +/** + * @Author Michelle.Chung + */ +public interface SmsGroup { +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SocialGroup.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SocialGroup.java new file mode 100644 index 000000000..2b19ffe30 --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/SocialGroup.java @@ -0,0 +1,4 @@ +package org.dromara.common.core.validate.auth; + +public interface SocialGroup { +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/WechatGroup.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/WechatGroup.java new file mode 100644 index 000000000..b397f1870 --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/validate/auth/WechatGroup.java @@ -0,0 +1,7 @@ +package org.dromara.common.core.validate.auth; + +/** + * @Author Michelle.Chung + */ +public interface WechatGroup { +} diff --git a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties index 4f2da28b4..5c9f42271 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties +++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages.properties @@ -28,6 +28,9 @@ user.register.error=注册失败,请联系系统管理人员 user.notfound=请重新登录 user.forcelogout=管理员强制退出,请重新登录 user.unknown.error=未知错误,请重新登录 +auth.grant.type.error=认证权限类型错误 +auth.grant.type.not.blank=认证权限类型不能为空 +auth.clientid.not.blank=认证客户端id不能为空 ##文件上传消息 upload.exceed.maxSize=上传的文件大小超出限制的文件大小!
允许的文件最大大小是:{0}MB! upload.filename.exceed.length=上传的文件名最长{0}个字符 diff --git a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties index 0c738a37e..2ab82a667 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties +++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_en_US.properties @@ -28,6 +28,9 @@ user.register.error=Register failed, please contact system administrator user.notfound=Please login again user.forcelogout=The administrator is forced to exit,please login again user.unknown.error=Unknown error, please login again +auth.grant.type.error=Auth grant type error +auth.grant.type.not.blank=Auth grant type cannot be blank +auth.clientid.not.blank=Auth clientid cannot be blank ##文件上传消息 upload.exceed.maxSize=The uploaded file size exceeds the limit file size!
the maximum allowed file size is:{0}MB! upload.filename.exceed.length=The maximum length of uploaded file name is {0} characters diff --git a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties index 4f2da28b4..5c9f42271 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties +++ b/ruoyi-common/ruoyi-common-core/src/main/resources/i18n/messages_zh_CN.properties @@ -28,6 +28,9 @@ user.register.error=注册失败,请联系系统管理人员 user.notfound=请重新登录 user.forcelogout=管理员强制退出,请重新登录 user.unknown.error=未知错误,请重新登录 +auth.grant.type.error=认证权限类型错误 +auth.grant.type.not.blank=认证权限类型不能为空 +auth.clientid.not.blank=认证客户端id不能为空 ##文件上传消息 upload.exceed.maxSize=上传的文件大小超出限制的文件大小!
允许的文件最大大小是:{0}MB! upload.filename.exceed.length=上传的文件名最长{0}个字符 diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java new file mode 100644 index 000000000..098f6bc8d --- /dev/null +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/config/ApiDecryptAutoConfiguration.java @@ -0,0 +1,32 @@ +package org.dromara.common.encrypt.config; + +import jakarta.servlet.DispatcherType; +import org.dromara.common.encrypt.filter.CryptoFilter; +import org.dromara.common.encrypt.properties.ApiDecryptProperties; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; + +/** + * api 解密自动配置 + * + * @author wdhcr + */ +@AutoConfiguration +@EnableConfigurationProperties(ApiDecryptProperties.class) +@ConditionalOnProperty(value = "api-decrypt.enabled", havingValue = "true") +public class ApiDecryptAutoConfiguration { + + @Bean + public FilterRegistrationBean cryptoFilterRegistration(ApiDecryptProperties properties) { + FilterRegistrationBean registration = new FilterRegistrationBean<>(); + registration.setDispatcherTypes(DispatcherType.REQUEST); + registration.setFilter(new CryptoFilter(properties)); + registration.addUrlPatterns("/*"); + registration.setName("cryptoFilter"); + registration.setOrder(FilterRegistrationBean.HIGHEST_PRECEDENCE); + return registration; + } +} diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java new file mode 100644 index 000000000..c31e025ac --- /dev/null +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java @@ -0,0 +1,49 @@ +package org.dromara.common.encrypt.filter; + +import cn.hutool.core.util.ObjectUtil; +import jakarta.servlet.*; +import jakarta.servlet.http.HttpServletRequest; +import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.encrypt.properties.ApiDecryptProperties; +import org.springframework.http.HttpMethod; +import org.springframework.http.MediaType; + +import java.io.IOException; + + +/** + * Crypto 过滤器 + * + * @author wdhcr + */ +public class CryptoFilter implements Filter { + private final ApiDecryptProperties properties; + + public CryptoFilter(ApiDecryptProperties properties) { + this.properties = properties; + } + + @Override + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { + ServletRequest requestWrapper = null; + HttpServletRequest servletRequest = (HttpServletRequest) request; + // 是否为 json 请求 + if (StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE)) { + // 是否为 put 或者 post 请求 + if (HttpMethod.PUT.matches(servletRequest.getMethod()) || HttpMethod.POST.matches(servletRequest.getMethod())) { + // 是否存在加密标头 + String headerValue = servletRequest.getHeader(properties.getHeaderFlag()); + if (StringUtils.isNotBlank(headerValue)) { + requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPublicKey(), properties.getPrivateKey(), properties.getHeaderFlag()); + } + } + } + + chain.doFilter(ObjectUtil.defaultIfNull(requestWrapper, request), response); + } + + @Override + public void destroy() { + + } +} diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java new file mode 100644 index 000000000..fa9a31071 --- /dev/null +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/DecryptRequestBodyWrapper.java @@ -0,0 +1,94 @@ +package org.dromara.common.encrypt.filter; + +import cn.hutool.core.io.IoUtil; +import jakarta.servlet.ReadListener; +import jakarta.servlet.ServletInputStream; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletRequestWrapper; +import org.dromara.common.core.constant.Constants; +import org.dromara.common.encrypt.utils.EncryptUtils; +import org.springframework.http.MediaType; + +import java.io.BufferedReader; +import java.io.ByteArrayInputStream; +import java.io.IOException; +import java.io.InputStreamReader; +import java.nio.charset.StandardCharsets; + +/** + * 解密请求参数工具类 + * + * @author wdhcr + */ +public class DecryptRequestBodyWrapper extends HttpServletRequestWrapper { + + private final byte[] body; + + public DecryptRequestBodyWrapper(HttpServletRequest request, String publicKey, String privateKey, String headerFlag) throws IOException { + super(request); + // 获取 AES 密码 采用 RSA 加密 + String headerRsa = request.getHeader(headerFlag); + String decryptAes = EncryptUtils.decryptByRsa(headerRsa, privateKey); + // 解密 AES 密码 + String aesPassword = EncryptUtils.decryptByBase64(decryptAes); + request.setCharacterEncoding(Constants.UTF8); + byte[] readBytes = IoUtil.readBytes(request.getInputStream(), false); + String requestBody = new String(readBytes, StandardCharsets.UTF_8); + // 解密 body 采用 AES 加密 + String decryptBody = EncryptUtils.decryptByAes(requestBody, aesPassword); + body = decryptBody.getBytes(StandardCharsets.UTF_8); + } + + @Override + public BufferedReader getReader() { + return new BufferedReader(new InputStreamReader(getInputStream())); + } + + + @Override + public int getContentLength() { + return body.length; + } + + @Override + public long getContentLengthLong() { + return body.length; + } + + @Override + public String getContentType() { + return MediaType.APPLICATION_JSON_VALUE; + } + + + @Override + public ServletInputStream getInputStream() { + final ByteArrayInputStream bais = new ByteArrayInputStream(body); + return new ServletInputStream() { + @Override + public int read() { + return bais.read(); + } + + @Override + public int available() { + return body.length; + } + + @Override + public boolean isFinished() { + return false; + } + + @Override + public boolean isReady() { + return false; + } + + @Override + public void setReadListener(ReadListener readListener) { + + } + }; + } +} diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java new file mode 100644 index 000000000..9e25b7b9a --- /dev/null +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/properties/ApiDecryptProperties.java @@ -0,0 +1,34 @@ +package org.dromara.common.encrypt.properties; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; + +/** + * api解密属性配置类 + * @author wdhcr + */ +@Data +@ConfigurationProperties(prefix = "api-decrypt") +public class ApiDecryptProperties { + + /** + * 加密开关 + */ + private Boolean enabled; + + /** + * 头部标识 + */ + private String headerFlag; + + + /** + * 公钥 + */ + private String publicKey; + + /** + * 私钥 + */ + private String privateKey; +} diff --git a/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index fe37589da..b73a23480 100644 --- a/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/ruoyi-common/ruoyi-common-encrypt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1 +1,2 @@ org.dromara.common.encrypt.config.EncryptorAutoConfiguration +org.dromara.common.encrypt.config.ApiDecryptAutoConfiguration diff --git a/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java b/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java index 37c78c487..f6b997e1d 100644 --- a/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java +++ b/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java @@ -36,41 +36,22 @@ public class LoginHelper { public static final String TENANT_KEY = "tenantId"; public static final String USER_KEY = "userId"; - /** - * 登录系统 - * - * @param loginUser 登录用户信息 - */ - public static void login(LoginUser loginUser) { - loginByDevice(loginUser, null); - } - /** * 登录系统 基于 设备类型 * 针对相同用户体系不同设备 * * @param loginUser 登录用户信息 + * @param model 配置参数 */ - public static void loginByDevice(LoginUser loginUser, DeviceType deviceType) { + public static void login(LoginUser loginUser, SaLoginModel model) { SaStorage storage = SaHolder.getStorage(); storage.set(LOGIN_USER_KEY, loginUser); storage.set(TENANT_KEY, loginUser.getTenantId()); storage.set(USER_KEY, loginUser.getUserId()); - SaLoginModel model = new SaLoginModel(); - if (ObjectUtil.isNotNull(deviceType)) { - model.setDevice(deviceType.getDevice()); - } - // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置 - // 例如: 后台用户30分钟过期 app用户1天过期 -// UserType userType = UserType.getUserType(loginUser.getUserType()); -// if (userType == UserType.SYS_USER) { -// model.setTimeout(86400).setActiveTimeout(1800); -// } else if (userType == UserType.APP_USER) { -// model.setTimeout(86400).setActiveTimeout(1800); -// } + model = ObjectUtil.defaultIfNull(model, new SaLoginModel()); StpUtil.login(loginUser.getLoginId(), - model.setExtra(TENANT_KEY, loginUser.getTenantId()) - .setExtra(USER_KEY, loginUser.getUserId())); + model.setExtra(TENANT_KEY, loginUser.getTenantId()) + .setExtra(USER_KEY, loginUser.getUserId())); StpUtil.getTokenSession().set(LOGIN_USER_KEY, loginUser); } diff --git a/ruoyi-common/ruoyi-common-social/pom.xml b/ruoyi-common/ruoyi-common-social/pom.xml new file mode 100644 index 000000000..887a8e06f --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/pom.xml @@ -0,0 +1,35 @@ + + + + org.dromara + ruoyi-common + ${revision} + + 4.0.0 + + ruoyi-common-social + + + ruoyi-common-social 授权认证 + + + + + me.zhyd.oauth + JustAuth + + + + org.dromara + ruoyi-common-json + + + + org.dromara + ruoyi-common-redis + + + + diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/SocialAutoConfiguration.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/SocialAutoConfiguration.java new file mode 100644 index 000000000..19b39d8fb --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/SocialAutoConfiguration.java @@ -0,0 +1,23 @@ +package org.dromara.common.social.config; + +import me.zhyd.oauth.cache.AuthStateCache; +import org.dromara.common.social.config.properties.SocialProperties; +import org.dromara.common.social.utils.AuthRedisStateCache; +import org.springframework.boot.autoconfigure.AutoConfiguration; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.annotation.Bean; + +/** + * Social 配置属性 + * @author thiszhc + */ +@AutoConfiguration +@EnableConfigurationProperties(SocialProperties.class) +public class SocialAutoConfiguration { + + @Bean + public AuthStateCache authStateCache() { + return new AuthRedisStateCache(); + } + +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialLoginConfigProperties.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialLoginConfigProperties.java new file mode 100644 index 000000000..76be234c6 --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialLoginConfigProperties.java @@ -0,0 +1,68 @@ +package org.dromara.common.social.config.properties; + +import lombok.Data; + +/** + * 社交登录配置 + * + * @author thiszhc + */ +@Data +public class SocialLoginConfigProperties { + + /** + * 应用 ID + */ + private String clientId; + + /** + * 应用密钥 + */ + private String clientSecret; + + /** + * 回调地址 + */ + private String redirectUri; + + /** + * 是否获取unionId + */ + private boolean unionId; + + /** + * Coding 企业名称 + */ + private String codingGroupName; + + /** + * 支付宝公钥 + */ + private String alipayPublicKey; + + /** + * 企业微信应用ID + */ + private String agentId; + + /** + * stackoverflow api key + */ + private String stackOverflowKey; + + /** + * 设备ID + */ + private String deviceId; + + /** + * 客户端系统类型 + */ + private String clientOsType; + + /** + * maxkey 服务器地址 + */ + private String serverUrl; + +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java new file mode 100644 index 000000000..1beb7d042 --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/config/properties/SocialProperties.java @@ -0,0 +1,29 @@ +package org.dromara.common.social.config.properties; + +import lombok.Data; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; + +import java.util.Map; + +/** + * Social 配置属性 + * + * @author thiszhc + */ +@Data +@Component +@ConfigurationProperties(prefix = "justauth") +public class SocialProperties { + + /** + * 是否启用 + */ + private Boolean enabled; + + /** + * 授权类型 + */ + private Map type; + +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeyRequest.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeyRequest.java new file mode 100644 index 000000000..e8df79e5b --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeyRequest.java @@ -0,0 +1,80 @@ +package org.dromara.common.social.maxkey; + +import cn.hutool.core.lang.Dict; +import me.zhyd.oauth.cache.AuthStateCache; +import me.zhyd.oauth.config.AuthConfig; +import me.zhyd.oauth.exception.AuthException; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.request.AuthDefaultRequest; +import org.dromara.common.core.utils.SpringUtils; +import org.dromara.common.json.utils.JsonUtils; + +/** + * @author 长春叭哥 2023年03月26日 + */ +public class AuthMaxKeyRequest extends AuthDefaultRequest { + + public static final String SERVER_URL = SpringUtils.getProperty("justauth.type.maxkey.server-url"); + + /** + * 设定归属域 + */ + public AuthMaxKeyRequest(AuthConfig config) { + super(config, AuthMaxKeySource.MAXKEY); + } + + public AuthMaxKeyRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthMaxKeySource.MAXKEY, authStateCache); + } + + @Override + protected AuthToken getAccessToken(AuthCallback authCallback) { + String body = doPostAuthorizationCode(authCallback.getCode()); + Dict object = JsonUtils.parseMap(body); + // oauth/token 验证异常 + if (object.containsKey("error")) { + throw new AuthException(object.getStr("error_description")); + } + // user 验证异常 + if (object.containsKey("message")) { + throw new AuthException(object.getStr("message")); + } + return AuthToken.builder() + .accessToken(object.getStr("access_token")) + .refreshToken(object.getStr("refresh_token")) + .idToken(object.getStr("id_token")) + .tokenType(object.getStr("token_type")) + .scope(object.getStr("scope")) + .build(); + } + + @Override + protected AuthUser getUserInfo(AuthToken authToken) { + String body = doGetUserInfo(authToken); + Dict object = JsonUtils.parseMap(body); + // oauth/token 验证异常 + if (object.containsKey("error")) { + throw new AuthException(object.getStr("error_description")); + } + // user 验证异常 + if (object.containsKey("message")) { + throw new AuthException(object.getStr("message")); + } + return AuthUser.builder() + .uuid(object.getStr("id")) + .username(object.getStr("username")) + .nickname(object.getStr("name")) + .avatar(object.getStr("avatar_url")) + .blog(object.getStr("web_url")) + .company(object.getStr("organization")) + .location(object.getStr("location")) + .email(object.getStr("email")) + .remark(object.getStr("bio")) + .token(authToken) + .source(source.toString()) + .build(); + } + +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeySource.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeySource.java new file mode 100644 index 000000000..1ff57f7c5 --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/maxkey/AuthMaxKeySource.java @@ -0,0 +1,52 @@ +package org.dromara.common.social.maxkey; + +import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.request.AuthDefaultRequest; + +/** + * Oauth2 默认接口说明 + * + * @author 长春叭哥 2023年03月26日 + * + */ +public enum AuthMaxKeySource implements AuthSource { + + /** + * 自己搭建的 maxkey 私服 + */ + MAXKEY { + + /** + * 授权的api + */ + @Override + public String authorize() { + return AuthMaxKeyRequest.SERVER_URL + "/sign/authz/oauth/v20/authorize"; + } + + /** + * 获取accessToken的api + */ + @Override + public String accessToken() { + return AuthMaxKeyRequest.SERVER_URL + "/sign/authz/oauth/v20/token"; + } + + /** + * 获取用户信息的api + */ + @Override + public String userInfo() { + return AuthMaxKeyRequest.SERVER_URL + "/sign/api/oauth/v20/me"; + } + + /** + * 平台对应的 AuthRequest 实现类,必须继承自 {@link AuthDefaultRequest} + */ + @Override + public Class getTargetClass() { + return AuthMaxKeyRequest.class; + } + + } +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java new file mode 100644 index 000000000..0b6ec2023 --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/AuthRedisStateCache.java @@ -0,0 +1,61 @@ +package org.dromara.common.social.utils; + +import lombok.AllArgsConstructor; +import me.zhyd.oauth.cache.AuthStateCache; +import org.dromara.common.core.constant.GlobalConstants; +import org.dromara.common.redis.utils.RedisUtils; + +import java.time.Duration; + +/** + * 授权状态缓存 + */ +@AllArgsConstructor +public class AuthRedisStateCache implements AuthStateCache { + + /** + * 存入缓存 + * + * @param key 缓存key + * @param value 缓存内容 + */ + @Override + public void cache(String key, String value) { + // 授权超时时间 默认三分钟 + RedisUtils.setCacheObject(GlobalConstants.SOCIAL_AUTH_CODE_KEY + key, value, Duration.ofMinutes(3)); + } + + /** + * 存入缓存 + * + * @param key 缓存key + * @param value 缓存内容 + * @param timeout 指定缓存过期时间(毫秒) + */ + @Override + public void cache(String key, String value, long timeout) { + RedisUtils.setCacheObject(GlobalConstants.SOCIAL_AUTH_CODE_KEY + key, value, Duration.ofMillis(timeout)); + } + + /** + * 获取缓存内容 + * + * @param key 缓存key + * @return 缓存内容 + */ + @Override + public String get(String key) { + return RedisUtils.getCacheObject(GlobalConstants.SOCIAL_AUTH_CODE_KEY + key); + } + + /** + * 是否存在key,如果对应key的value值已过期,也返回false + * + * @param key 缓存key + * @return true:存在key,并且value没过期;false:key不存在或者已过期 + */ + @Override + public boolean containsKey(String key) { + return RedisUtils.hasKey(GlobalConstants.SOCIAL_AUTH_CODE_KEY + key); + } +} diff --git a/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java new file mode 100644 index 000000000..b3e801c1e --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/java/org/dromara/common/social/utils/SocialUtils.java @@ -0,0 +1,70 @@ +package org.dromara.common.social.utils; + +import cn.hutool.core.util.ObjectUtil; +import me.zhyd.oauth.config.AuthConfig; +import me.zhyd.oauth.exception.AuthException; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.request.*; +import org.dromara.common.core.domain.model.LoginBody; +import org.dromara.common.core.utils.SpringUtils; +import org.dromara.common.social.config.properties.SocialLoginConfigProperties; +import org.dromara.common.social.config.properties.SocialProperties; +import org.dromara.common.social.maxkey.AuthMaxKeyRequest; + +/** + * 认证授权工具类 + * + * @author thiszhc + */ +public class SocialUtils { + + private static final AuthRedisStateCache STATE_CACHE = SpringUtils.getBean(AuthRedisStateCache.class); + + @SuppressWarnings("unchecked") + public static AuthResponse loginAuth(LoginBody loginBody, SocialProperties socialProperties) throws AuthException { + AuthRequest authRequest = getAuthRequest(loginBody.getSource(), socialProperties); + AuthCallback callback = new AuthCallback(); + callback.setCode(loginBody.getSocialCode()); + callback.setState(loginBody.getSocialState()); + return authRequest.login(callback); + } + + public static AuthRequest getAuthRequest(String source, SocialProperties socialProperties) throws AuthException { + SocialLoginConfigProperties obj = socialProperties.getType().get(source); + if (ObjectUtil.isNull(obj)) { + throw new AuthException("不支持的第三方登录类型"); + } + String clientId = obj.getClientId(); + String clientSecret = obj.getClientSecret(); + String redirectUri = obj.getRedirectUri(); + return switch (source.toLowerCase()) { + case "dingtalk" -> new AuthDingTalkRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "baidu" -> new AuthBaiduRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "github" -> new AuthGithubRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "gitee" -> new AuthGiteeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "weibo" -> new AuthWeiboRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "coding" -> new AuthCodingRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "oschina" -> new AuthOschinaRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + // 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1,所以这儿的回调地址使用的局域网内的ip + case "alipay" -> new AuthAlipayRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), socialProperties.getType().get("alipay").getAlipayPublicKey(), STATE_CACHE); + case "qq" -> new AuthQqRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "wechat_open" -> new AuthWeChatOpenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "taobao" -> new AuthTaobaoRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "douyin" -> new AuthDouyinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "linkedin" -> new AuthLinkedinRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "microsoft" -> new AuthMicrosoftRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "renren" -> new AuthRenrenRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "stack_overflow" -> new AuthStackOverflowRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).stackOverflowKey("").build(), STATE_CACHE); + case "huawei" -> new AuthHuaweiRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "wechat_enterprise" -> new AuthWeChatEnterpriseQrcodeRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).agentId("").build(), STATE_CACHE); + case "gitlab" -> new AuthGitlabRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "wechat_mp" -> new AuthWeChatMpRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "aliyun" -> new AuthAliyunRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + case "maxkey" -> new AuthMaxKeyRequest(AuthConfig.builder().clientId(clientId).clientSecret(clientSecret).redirectUri(redirectUri).build(), STATE_CACHE); + default -> throw new AuthException("未获取到有效的Auth配置"); + }; + } +} + diff --git a/ruoyi-common/ruoyi-common-social/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/ruoyi-common/ruoyi-common-social/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports new file mode 100644 index 000000000..fc544a0fd --- /dev/null +++ b/ruoyi-common/ruoyi-common-social/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -0,0 +1 @@ +org.dromara.common.social.config.SocialAutoConfiguration diff --git a/ruoyi-gateway/pom.xml b/ruoyi-gateway/pom.xml index 6ebad7df8..71e544c0f 100644 --- a/ruoyi-gateway/pom.xml +++ b/ruoyi-gateway/pom.xml @@ -62,11 +62,6 @@ spring-cloud-loadbalancer - - cn.hutool - hutool-captcha - - cn.hutool hutool-http diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/RouterFunctionConfiguration.java b/ruoyi-gateway/src/main/java/org/dromara/gateway/config/RouterFunctionConfiguration.java deleted file mode 100644 index 00778f2eb..000000000 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/config/RouterFunctionConfiguration.java +++ /dev/null @@ -1,29 +0,0 @@ -package org.dromara.gateway.config; - -import org.dromara.gateway.handler.ValidateCodeHandler; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.MediaType; -import org.springframework.web.reactive.function.server.RequestPredicates; -import org.springframework.web.reactive.function.server.RouterFunction; -import org.springframework.web.reactive.function.server.RouterFunctions; - -/** - * 路由配置信息 - * - * @author ruoyi - */ -@Configuration -public class RouterFunctionConfiguration { - @Autowired - private ValidateCodeHandler validateCodeHandler; - - @SuppressWarnings("rawtypes") - @Bean - public RouterFunction routerFunction() { - return RouterFunctions.route( - RequestPredicates.GET("/code").and(RequestPredicates.accept(MediaType.TEXT_PLAIN)), - validateCodeHandler); - } -} diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/filter/ValidateCodeFilter.java b/ruoyi-gateway/src/main/java/org/dromara/gateway/filter/ValidateCodeFilter.java deleted file mode 100644 index 514eca901..000000000 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/filter/ValidateCodeFilter.java +++ /dev/null @@ -1,55 +0,0 @@ -package org.dromara.gateway.filter; - -import cn.hutool.core.lang.Dict; -import org.dromara.common.core.utils.StringUtils; -import org.dromara.common.json.utils.JsonUtils; -import org.dromara.gateway.config.properties.CaptchaProperties; -import org.dromara.gateway.service.ValidateCodeService; -import org.dromara.gateway.utils.WebFluxUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.cloud.gateway.filter.GatewayFilter; -import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; -import org.springframework.http.server.reactive.ServerHttpRequest; -import org.springframework.stereotype.Component; - -/** - * 验证码过滤器 - * - * @author ruoyi - */ -@Component -public class ValidateCodeFilter extends AbstractGatewayFilterFactory { - private final static String[] VALIDATE_URL = new String[]{"/auth/login", "/auth/register", "/auth/smsLogin"}; - - @Autowired - private ValidateCodeService validateCodeService; - - @Autowired - private CaptchaProperties captchaProperties; - - private static final String CODE = "code"; - - private static final String UUID = "uuid"; - - @Override - public GatewayFilter apply(Object config) { - return (exchange, chain) -> { - ServerHttpRequest request = exchange.getRequest(); - - // 非登录/注册请求或验证码关闭,不处理 - if (!StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled()) { - return chain.filter(exchange); - } - - try { - String rspStr = WebFluxUtils.resolveBodyFromCacheRequest(exchange); - Dict obj = JsonUtils.parseMap(rspStr); - validateCodeService.checkCaptcha(obj.getStr(CODE), obj.getStr(UUID)); - } catch (Exception e) { - return WebFluxUtils.webFluxResponseWriter(exchange.getResponse(), e.getMessage()); - } - return chain.filter(exchange); - }; - } - -} diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/handler/ValidateCodeHandler.java b/ruoyi-gateway/src/main/java/org/dromara/gateway/handler/ValidateCodeHandler.java deleted file mode 100644 index d95a3e8c2..000000000 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/handler/ValidateCodeHandler.java +++ /dev/null @@ -1,38 +0,0 @@ -package org.dromara.gateway.handler; - -import org.dromara.common.core.domain.R; -import org.dromara.common.core.exception.CaptchaException; -import org.dromara.gateway.service.ValidateCodeService; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.stereotype.Component; -import org.springframework.web.reactive.function.BodyInserters; -import org.springframework.web.reactive.function.server.HandlerFunction; -import org.springframework.web.reactive.function.server.ServerRequest; -import org.springframework.web.reactive.function.server.ServerResponse; -import reactor.core.publisher.Mono; - -import java.io.IOException; -import java.util.Map; - -/** - * 验证码获取 - * - * @author ruoyi - */ -@Component -public class ValidateCodeHandler implements HandlerFunction { - @Autowired - private ValidateCodeService validateCodeService; - - @Override - public Mono handle(ServerRequest serverRequest) { - R> ajax; - try { - ajax = validateCodeService.createCaptcha(); - } catch (CaptchaException | IOException e) { - return Mono.error(e); - } - return ServerResponse.status(HttpStatus.OK).body(BodyInserters.fromValue(ajax)); - } -} diff --git a/ruoyi-gateway/src/main/java/org/dromara/gateway/service/ValidateCodeService.java b/ruoyi-gateway/src/main/java/org/dromara/gateway/service/ValidateCodeService.java deleted file mode 100644 index d1bf3ca2a..000000000 --- a/ruoyi-gateway/src/main/java/org/dromara/gateway/service/ValidateCodeService.java +++ /dev/null @@ -1,24 +0,0 @@ -package org.dromara.gateway.service; - -import org.dromara.common.core.domain.R; -import org.dromara.common.core.exception.CaptchaException; - -import java.io.IOException; -import java.util.Map; - -/** - * 验证码处理 - * - * @author ruoyi - */ -public interface ValidateCodeService { - /** - * 生成验证码 - */ - R> createCaptcha() throws IOException, CaptchaException; - - /** - * 校验验证码 - */ - void checkCaptcha(String key, String value) throws CaptchaException; -} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysClientController.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysClientController.java new file mode 100644 index 000000000..b7a9d5244 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysClientController.java @@ -0,0 +1,115 @@ +package org.dromara.system.controller.system; + +import cn.dev33.satoken.annotation.SaCheckPermission; +import jakarta.servlet.http.HttpServletResponse; +import jakarta.validation.constraints.NotEmpty; +import jakarta.validation.constraints.NotNull; +import lombok.RequiredArgsConstructor; +import org.dromara.common.core.domain.R; +import org.dromara.common.core.validate.AddGroup; +import org.dromara.common.core.validate.EditGroup; +import org.dromara.common.excel.utils.ExcelUtil; +import org.dromara.common.idempotent.annotation.RepeatSubmit; +import org.dromara.common.log.annotation.Log; +import org.dromara.common.log.enums.BusinessType; +import org.dromara.common.mybatis.core.page.PageQuery; +import org.dromara.common.mybatis.core.page.TableDataInfo; +import org.dromara.common.web.core.BaseController; +import org.dromara.system.domain.bo.SysClientBo; +import org.dromara.system.domain.vo.SysClientVo; +import org.dromara.system.service.ISysClientService; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.*; + +import java.util.List; + +/** + * 客户端管理 + * + * @author Michelle.Chung + */ +@Validated +@RequiredArgsConstructor +@RestController +@RequestMapping("/system/client") +public class SysClientController extends BaseController { + + private final ISysClientService sysClientService; + + /** + * 查询客户端管理列表 + */ + @SaCheckPermission("system:client:list") + @GetMapping("/list") + public TableDataInfo list(SysClientBo bo, PageQuery pageQuery) { + return sysClientService.queryPageList(bo, pageQuery); + } + + /** + * 导出客户端管理列表 + */ + @SaCheckPermission("system:client:export") + @Log(title = "客户端管理", businessType = BusinessType.EXPORT) + @PostMapping("/export") + public void export(SysClientBo bo, HttpServletResponse response) { + List list = sysClientService.queryList(bo); + ExcelUtil.exportExcel(list, "客户端管理", SysClientVo.class, response); + } + + /** + * 获取客户端管理详细信息 + * + * @param id 主键 + */ + @SaCheckPermission("system:client:query") + @GetMapping("/{id}") + public R getInfo(@NotNull(message = "主键不能为空") + @PathVariable Long id) { + return R.ok(sysClientService.queryById(id)); + } + + /** + * 新增客户端管理 + */ + @SaCheckPermission("system:client:add") + @Log(title = "客户端管理", businessType = BusinessType.INSERT) + @RepeatSubmit() + @PostMapping() + public R add(@Validated(AddGroup.class) @RequestBody SysClientBo bo) { + return toAjax(sysClientService.insertByBo(bo)); + } + + /** + * 修改客户端管理 + */ + @SaCheckPermission("system:client:edit") + @Log(title = "客户端管理", businessType = BusinessType.UPDATE) + @RepeatSubmit() + @PutMapping() + public R edit(@Validated(EditGroup.class) @RequestBody SysClientBo bo) { + return toAjax(sysClientService.updateByBo(bo)); + } + + /** + * 状态修改 + */ + @SaCheckPermission("system:client:edit") + @Log(title = "客户端管理", businessType = BusinessType.UPDATE) + @PutMapping("/changeStatus") + public R changeStatus(@RequestBody SysClientBo bo) { + return toAjax(sysClientService.updateUserStatus(bo.getId(), bo.getStatus())); + } + + /** + * 删除客户端管理 + * + * @param ids 主键串 + */ + @SaCheckPermission("system:client:remove") + @Log(title = "客户端管理", businessType = BusinessType.DELETE) + @DeleteMapping("/{ids}") + public R remove(@NotEmpty(message = "主键不能为空") + @PathVariable Long[] ids) { + return toAjax(sysClientService.deleteWithValidByIds(List.of(ids), true)); + } +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysSocialController.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysSocialController.java new file mode 100644 index 000000000..8d0d12fb9 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/controller/system/SysSocialController.java @@ -0,0 +1,52 @@ +package org.dromara.system.controller.system; + +import jakarta.validation.constraints.NotNull; +import lombok.RequiredArgsConstructor; +import org.dromara.common.core.domain.R; +import org.dromara.common.satoken.utils.LoginHelper; +import org.dromara.common.web.core.BaseController; +import org.dromara.system.domain.vo.SysSocialVo; +import org.dromara.system.service.ISysSocialService; +import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.List; + +/** + * 社会化关系 + * + * @author thiszhc + * @date 2023-06-16 + */ +@Validated +@RequiredArgsConstructor +@RestController +@RequestMapping("/system/social") +public class SysSocialController extends BaseController { + + private final ISysSocialService socialUserService; + + /** + * 查询社会化关系列表 + */ + @GetMapping("/list") + public R> list() { + return R.ok(socialUserService.queryListByUserId(LoginHelper.getUserId())); + } + + + /** + * 获取社会化关系详细信息 + * + * @param id 主键 + */ + @GetMapping("/{id}") + public R getInfo(@NotNull(message = "主键不能为空") + @PathVariable String id) { + return R.ok(socialUserService.queryById(id)); + } + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysClient.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysClient.java new file mode 100644 index 000000000..c659470a8 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysClient.java @@ -0,0 +1,79 @@ +package org.dromara.system.domain; + +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableLogic; +import com.baomidou.mybatisplus.annotation.TableName; +import lombok.Data; +import lombok.EqualsAndHashCode; +import org.dromara.common.mybatis.core.domain.BaseEntity; + +import java.io.Serial; + +/** + * 授权管理对象 sys_client + * + * @author Michelle.Chung + * @date 2023-05-15 + */ +@Data +@EqualsAndHashCode(callSuper = true) +@TableName("sys_client") +public class SysClient extends BaseEntity { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * id + */ + @TableId(value = "id") + private Long id; + + /** + * 客户端id + */ + private String clientId; + + /** + * 客户端key + */ + private String clientKey; + + /** + * 客户端秘钥 + */ + private String clientSecret; + + /** + * 授权类型 + */ + private String grantType; + + /** + * 设备类型 + */ + private String deviceType; + + /** + * token活跃超时时间 + */ + private Long activeTimeout; + + /** + * token固定超时时间 + */ + private Long timeout; + + /** + * 状态(0正常 1停用) + */ + private String status; + + /** + * 删除标志(0代表存在 2代表删除) + */ + @TableLogic + private String delFlag; + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysSocial.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysSocial.java new file mode 100644 index 000000000..10f2936c1 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/SysSocial.java @@ -0,0 +1,136 @@ +package org.dromara.system.domain; + +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableName; +import lombok.Data; +import lombok.EqualsAndHashCode; +import org.dromara.common.tenant.core.TenantEntity; + +import java.io.Serial; + +/** + * 社会化关系对象 sys_social + * + * @author thiszhc + */ +@Data +@EqualsAndHashCode(callSuper = true) +@TableName("sys_social") +public class SysSocial extends TenantEntity { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * 主键 + */ + @TableId(value = "id") + private Long id; + + /** + * 用户ID + */ + private Long userId; + + /** + * 的唯一ID + */ + private String authId; + + /** + * 用户来源 + */ + private String source; + + /** + * 用户的授权令牌 + */ + private String accessToken; + + /** + * 用户的授权令牌的有效期,部分平台可能没有 + */ + private int expireIn; + + /** + * 刷新令牌,部分平台可能没有 + */ + private String refreshToken; + + /** + * 用户的 open id + */ + private String openId; + + /** + * 授权的第三方账号 + */ + private String userName; + + /** + * 授权的第三方昵称 + */ + private String nickName; + + /** + * 授权的第三方邮箱 + */ + private String email; + + /** + * 授权的第三方头像地址 + */ + private String avatar; + + /** + * 平台的授权信息,部分平台可能没有 + */ + private String accessCode; + + /** + * 用户的 unionid + */ + private String unionId; + + /** + * 授予的权限,部分平台可能没有 + */ + private String scope; + + /** + * 个别平台的授权信息,部分平台可能没有 + */ + private String tokenType; + + /** + * id token,部分平台可能没有 + */ + private String idToken; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macAlgorithm; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macKey; + + /** + * 用户的授权code,部分平台可能没有 + */ + private String code; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthToken; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthTokenSecret; + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysClientBo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysClientBo.java new file mode 100644 index 000000000..82a9180d8 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysClientBo.java @@ -0,0 +1,80 @@ +package org.dromara.system.domain.bo; + +import io.github.linpeilie.annotations.AutoMapper; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.NotNull; +import lombok.Data; +import lombok.EqualsAndHashCode; +import org.dromara.common.core.validate.AddGroup; +import org.dromara.common.core.validate.EditGroup; +import org.dromara.common.mybatis.core.domain.BaseEntity; +import org.dromara.system.domain.SysClient; + +import java.util.List; + +/** + * 授权管理业务对象 sys_client + * + * @author Michelle.Chung + */ +@Data +@EqualsAndHashCode(callSuper = true) +@AutoMapper(target = SysClient.class, reverseConvertGenerate = false) +public class SysClientBo extends BaseEntity { + + /** + * id + */ + @NotNull(message = "id不能为空", groups = { EditGroup.class }) + private Long id; + + /** + * 客户端id + */ + private String clientId; + + /** + * 客户端key + */ + @NotBlank(message = "客户端key不能为空", groups = { AddGroup.class, EditGroup.class }) + private String clientKey; + + /** + * 客户端秘钥 + */ + @NotBlank(message = "客户端秘钥不能为空", groups = { AddGroup.class, EditGroup.class }) + private String clientSecret; + + /** + * 授权类型 + */ + @NotNull(message = "授权类型不能为空", groups = { AddGroup.class, EditGroup.class }) + private List grantTypeList; + + /** + * 授权类型 + */ + private String grantType; + + /** + * 设备类型 + */ + private String deviceType; + + /** + * token活跃超时时间 + */ + private Long activeTimeout; + + /** + * token固定超时时间 + */ + private Long timeout; + + /** + * 状态(0正常 1停用) + */ + private String status; + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysSocialBo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysSocialBo.java new file mode 100644 index 000000000..7784271bc --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/bo/SysSocialBo.java @@ -0,0 +1,142 @@ +package org.dromara.system.domain.bo; + +import io.github.linpeilie.annotations.AutoMapper; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.NotNull; +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.NoArgsConstructor; +import org.dromara.common.core.validate.AddGroup; +import org.dromara.common.core.validate.EditGroup; +import org.dromara.common.tenant.core.TenantEntity; +import org.dromara.system.domain.SysSocial; + +/** + * 社会化关系业务对象 sys_social + * + * @author Lion Li + */ +@Data +@NoArgsConstructor +@EqualsAndHashCode(callSuper = true) +@AutoMapper(target = SysSocial.class, reverseConvertGenerate = false) +public class SysSocialBo extends TenantEntity { + + /** + * 主键 + */ + @NotNull(message = "主键不能为空", groups = { EditGroup.class }) + private Long id; + + /** + * 的唯一ID + */ + @NotBlank(message = "的唯一ID不能为空", groups = { AddGroup.class, EditGroup.class }) + private String authId; + + /** + * 用户来源 + */ + @NotBlank(message = "用户来源不能为空", groups = { AddGroup.class, EditGroup.class }) + private String source; + + /** + * 用户的授权令牌 + */ + @NotBlank(message = "用户的授权令牌不能为空", groups = { AddGroup.class, EditGroup.class }) + private String accessToken; + + /** + * 用户的授权令牌的有效期,部分平台可能没有 + */ + private int expireIn; + + /** + * 刷新令牌,部分平台可能没有 + */ + private String refreshToken; + + /** + * 平台唯一id + */ + private String openId; + + /** + * 用户的 ID + */ + @NotBlank(message = "用户的 ID不能为空", groups = { AddGroup.class, EditGroup.class }) + private Long userId; + + /** + * 平台的授权信息,部分平台可能没有 + */ + private String accessCode; + + /** + * 用户的 unionid + */ + private String unionId; + + /** + * 授予的权限,部分平台可能没有 + */ + private String scope; + + /** + * 授权的第三方账号 + */ + private String userName; + + /** + * 授权的第三方昵称 + */ + private String nickName; + + /** + * 授权的第三方邮箱 + */ + private String email; + + /** + * 授权的第三方头像地址 + */ + private String avatar; + + /** + * 个别平台的授权信息,部分平台可能没有 + */ + private String tokenType; + + /** + * id token,部分平台可能没有 + */ + private String idToken; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macAlgorithm; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + private String macKey; + + /** + * 用户的授权code,部分平台可能没有 + */ + private String code; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthToken; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + private String oauthTokenSecret; + + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysClientVo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysClientVo.java new file mode 100644 index 000000000..04d28422b --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysClientVo.java @@ -0,0 +1,89 @@ +package org.dromara.system.domain.vo; + +import com.alibaba.excel.annotation.ExcelIgnoreUnannotated; +import com.alibaba.excel.annotation.ExcelProperty; +import io.github.linpeilie.annotations.AutoMapper; +import lombok.Data; +import org.dromara.common.excel.annotation.ExcelDictFormat; +import org.dromara.common.excel.convert.ExcelDictConvert; +import org.dromara.system.domain.SysClient; + +import java.io.Serial; +import java.io.Serializable; +import java.util.List; + + +/** + * 授权管理视图对象 sys_client + * + * @author Michelle.Chung + */ +@Data +@ExcelIgnoreUnannotated +@AutoMapper(target = SysClient.class) +public class SysClientVo implements Serializable { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * id + */ + @ExcelProperty(value = "id") + private Long id; + + /** + * 客户端id + */ + @ExcelProperty(value = "客户端id") + private String clientId; + + /** + * 客户端key + */ + @ExcelProperty(value = "客户端key") + private String clientKey; + + /** + * 客户端秘钥 + */ + @ExcelProperty(value = "客户端秘钥") + private String clientSecret; + + /** + * 授权类型 + */ + @ExcelProperty(value = "授权类型") + private List grantTypeList; + + /** + * 授权类型 + */ + private String grantType; + + /** + * 设备类型 + */ + private String deviceType; + + /** + * token活跃超时时间 + */ + @ExcelProperty(value = "token活跃超时时间") + private Long activeTimeout; + + /** + * token固定超时时间 + */ + @ExcelProperty(value = "token固定超时时间") + private Long timeout; + + /** + * 状态(0正常 1停用) + */ + @ExcelProperty(value = "状态", converter = ExcelDictConvert.class) + @ExcelDictFormat(readConverterExp = "0=正常,1=停用") + private String status; + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysSocialVo.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysSocialVo.java new file mode 100644 index 000000000..8a00cc387 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/domain/vo/SysSocialVo.java @@ -0,0 +1,165 @@ +package org.dromara.system.domain.vo; + +import com.alibaba.excel.annotation.ExcelIgnoreUnannotated; +import com.alibaba.excel.annotation.ExcelProperty; +import io.github.linpeilie.annotations.AutoMapper; +import lombok.Data; +import org.dromara.system.domain.SysSocial; + +import java.io.Serial; +import java.io.Serializable; + + +/** + * 社会化关系视图对象 sys_social + * + * @author thiszhc + */ +@Data +@ExcelIgnoreUnannotated +@AutoMapper(target = SysSocial.class) +public class SysSocialVo implements Serializable { + + @Serial + private static final long serialVersionUID = 1L; + + /** + * 主键 + */ + @ExcelProperty(value = "主键") + private Long id; + + /** + * 用户ID + */ + @ExcelProperty(value = "用户ID") + private Long userId; + + /** + * 租户ID + */ + private String tenantId; + + /** + * 的唯一ID + */ + @ExcelProperty(value = "授权UUID") + private String authId; + + /** + * 用户来源 + */ + @ExcelProperty(value = "用户来源") + private String source; + + /** + * 用户的授权令牌 + */ + @ExcelProperty(value = "用户的授权令牌") + private String accessToken; + + /** + * 用户的授权令牌的有效期,部分平台可能没有 + */ + @ExcelProperty(value = "用户的授权令牌的有效期,部分平台可能没有") + private int expireIn; + + /** + * 刷新令牌,部分平台可能没有 + */ + @ExcelProperty(value = "刷新令牌,部分平台可能没有") + private String refreshToken; + + /** + * 用户的 open id + */ + @ExcelProperty(value = "平台的唯一id") + private String openId; + + /** + * 授权的第三方账号 + */ + @ExcelProperty(value = "授权的第三方账号") + private String userName; + + /** + * 授权的第三方昵称 + */ + @ExcelProperty(value = "授权的第三方昵称") + private String nickName; + + /** + * 授权的第三方邮箱 + */ + @ExcelProperty(value = "授权的第三方邮箱") + private String email; + + /** + * 授权的第三方头像地址 + */ + @ExcelProperty(value = "授权的第三方头像地址") + private String avatar; + + + /** + * 平台的授权信息,部分平台可能没有 + */ + @ExcelProperty(value = "平台的授权信息,部分平台可能没有") + private String accessCode; + + /** + * 用户的 unionid + */ + @ExcelProperty(value = "用户的 unionid") + private String unionId; + + /** + * 授予的权限,部分平台可能没有 + */ + @ExcelProperty(value = "授予的权限,部分平台可能没有") + private String scope; + + /** + * 个别平台的授权信息,部分平台可能没有 + */ + @ExcelProperty(value = "个别平台的授权信息,部分平台可能没有") + private String tokenType; + + /** + * id token,部分平台可能没有 + */ + @ExcelProperty(value = "id token,部分平台可能没有") + private String idToken; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + @ExcelProperty(value = "小米平台用户的附带属性,部分平台可能没有") + private String macAlgorithm; + + /** + * 小米平台用户的附带属性,部分平台可能没有 + */ + @ExcelProperty(value = "小米平台用户的附带属性,部分平台可能没有") + private String macKey; + + /** + * 用户的授权code,部分平台可能没有 + */ + @ExcelProperty(value = "用户的授权code,部分平台可能没有") + private String code; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + @ExcelProperty(value = "Twitter平台用户的附带属性,部分平台可能没有") + private String oauthToken; + + /** + * Twitter平台用户的附带属性,部分平台可能没有 + */ + @ExcelProperty(value = "Twitter平台用户的附带属性,部分平台可能没有") + private String oauthTokenSecret; + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteClientServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteClientServiceImpl.java new file mode 100644 index 000000000..b03dce25d --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteClientServiceImpl.java @@ -0,0 +1,33 @@ +package org.dromara.system.dubbo; + +import lombok.RequiredArgsConstructor; +import org.apache.dubbo.config.annotation.DubboService; +import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.system.api.RemoteClientService; +import org.dromara.system.api.domain.vo.RemoteClientVo; +import org.dromara.system.domain.vo.SysClientVo; +import org.dromara.system.service.ISysClientService; +import org.springframework.stereotype.Service; + +/** + * 客户端服务 + * + * @author Michelle.Chung + */ +@RequiredArgsConstructor +@Service +@DubboService +public class RemoteClientServiceImpl implements RemoteClientService { + + private final ISysClientService sysClientService; + + /** + * 根据客户端id获取客户端详情 + */ + @Override + public RemoteClientVo queryByClientId(String clientId) { + SysClientVo vo = sysClientService.queryByClientId(clientId); + return MapstructUtils.convert(vo, RemoteClientVo.class); + } + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteSocialServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteSocialServiceImpl.java new file mode 100644 index 000000000..155674925 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteSocialServiceImpl.java @@ -0,0 +1,51 @@ +package org.dromara.system.dubbo; + +import lombok.RequiredArgsConstructor; +import org.apache.dubbo.config.annotation.DubboService; +import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.system.api.RemoteSocialService; +import org.dromara.system.api.domain.bo.RemoteSocialBo; +import org.dromara.system.api.domain.vo.RemoteSocialVo; +import org.dromara.system.domain.bo.SysSocialBo; +import org.dromara.system.domain.vo.SysSocialVo; +import org.dromara.system.service.ISysSocialService; +import org.springframework.stereotype.Service; + +/** + * 社会化关系服务 + * + * @author Michelle.Chung + */ +@RequiredArgsConstructor +@Service +@DubboService +public class RemoteSocialServiceImpl implements RemoteSocialService { + + private final ISysSocialService sysSocialService; + + /** + * 根据 authId 查询用户信息 + */ + @Override + public RemoteSocialVo selectByAuthId(String authId) { + SysSocialVo socialVo = sysSocialService.selectByAuthId(authId); + return MapstructUtils.convert(socialVo, RemoteSocialVo.class); + } + + /** + * 保存社会化关系 + */ + @Override + public void insertByBo(RemoteSocialBo bo) { + sysSocialService.insertByBo(MapstructUtils.convert(bo, SysSocialBo.class)); + } + + /** + * 删除社会化关系 + */ + @Override + public Boolean deleteWithValidById(Long socialId) { + return sysSocialService.deleteWithValidById(socialId); + } + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java index e5a921e77..41286824b 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java @@ -8,7 +8,9 @@ import org.apache.dubbo.config.annotation.DubboService; import org.dromara.common.core.enums.UserStatus; import org.dromara.common.core.exception.ServiceException; import org.dromara.common.core.exception.user.UserException; +import org.dromara.common.core.utils.DateUtils; import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.common.core.utils.ServletUtils; import org.dromara.common.tenant.helper.TenantHelper; import org.dromara.system.api.RemoteUserService; import org.dromara.system.api.domain.bo.RemoteUserBo; @@ -55,7 +57,10 @@ public class RemoteUserServiceImpl implements RemoteUserService { } // 框架登录不限制从什么表查询 只要最终构建出 LoginUser 即可 // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了 - return buildLoginUser(userMapper.selectTenantUserByUserName(username, tenantId)); + if (TenantHelper.isEnable()) { + return buildLoginUser(userMapper.selectTenantUserByUserName(username, tenantId)); + } + return buildLoginUser(userMapper.selectUserByUserName(username)); } @Override @@ -72,7 +77,10 @@ public class RemoteUserServiceImpl implements RemoteUserService { } // 框架登录不限制从什么表查询 只要最终构建出 LoginUser 即可 // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了 - return buildLoginUser(userMapper.selectTenantUserByPhonenumber(phonenumber, tenantId)); + if (TenantHelper.isEnable()) { + return buildLoginUser(userMapper.selectTenantUserByPhonenumber(phonenumber, tenantId)); + } + return buildLoginUser(userMapper.selectUserByPhonenumber(phonenumber)); } @Override @@ -89,7 +97,10 @@ public class RemoteUserServiceImpl implements RemoteUserService { } // 框架登录不限制从什么表查询 只要最终构建出 LoginUser 即可 // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了 - return buildLoginUser(userMapper.selectTenantUserByEmail(email, tenantId)); + if (TenantHelper.isEnable()) { + return buildLoginUser(userMapper.selectTenantUserByEmail(email, tenantId)); + } + return buildLoginUser(userMapper.selectUserByEmail(email)); } @Override @@ -149,4 +160,19 @@ public class RemoteUserServiceImpl implements RemoteUserService { return loginUser; } + /** + * 记录登录信息 + * + * @param userId 用户ID + */ + @Override + public void recordLoginInfo(Long userId) { + SysUser sysUser = new SysUser(); + sysUser.setUserId(userId); + sysUser.setLoginIp(ServletUtils.getClientIP()); + sysUser.setLoginDate(DateUtils.getNowDate()); + sysUser.setUpdateBy(userId); + userMapper.updateById(sysUser); + } + } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysClientMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysClientMapper.java new file mode 100644 index 000000000..a8943decb --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysClientMapper.java @@ -0,0 +1,14 @@ +package org.dromara.system.mapper; + +import org.dromara.common.mybatis.core.mapper.BaseMapperPlus; +import org.dromara.system.domain.SysClient; +import org.dromara.system.domain.vo.SysClientVo; + +/** + * 授权管理Mapper接口 + * + * @author Michelle.Chung + */ +public interface SysClientMapper extends BaseMapperPlus { + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysSocialMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysSocialMapper.java new file mode 100644 index 000000000..b94206137 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/mapper/SysSocialMapper.java @@ -0,0 +1,14 @@ +package org.dromara.system.mapper; + +import org.dromara.common.mybatis.core.mapper.BaseMapperPlus; +import org.dromara.system.domain.SysSocial; +import org.dromara.system.domain.vo.SysSocialVo; + +/** + * 社会化关系Mapper接口 + * + * @author thiszhc + */ +public interface SysSocialMapper extends BaseMapperPlus { + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysClientService.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysClientService.java new file mode 100644 index 000000000..43828445f --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysClientService.java @@ -0,0 +1,58 @@ +package org.dromara.system.service; + +import org.dromara.common.mybatis.core.page.PageQuery; +import org.dromara.common.mybatis.core.page.TableDataInfo; +import org.dromara.system.domain.bo.SysClientBo; +import org.dromara.system.domain.vo.SysClientVo; + +import java.util.Collection; +import java.util.List; + +/** + * 客户端管理Service接口 + * + * @author Michelle.Chung + */ +public interface ISysClientService { + + /** + * 查询客户端管理 + */ + SysClientVo queryById(Long id); + + /** + * 查询客户端信息基于客户端id + */ + SysClientVo queryByClientId(String clientId); + + /** + * 查询客户端管理列表 + */ + TableDataInfo queryPageList(SysClientBo bo, PageQuery pageQuery); + + /** + * 查询客户端管理列表 + */ + List queryList(SysClientBo bo); + + /** + * 新增客户端管理 + */ + Boolean insertByBo(SysClientBo bo); + + /** + * 修改客户端管理 + */ + Boolean updateByBo(SysClientBo bo); + + /** + * 修改状态 + */ + int updateUserStatus(Long id, String status); + + /** + * 校验并批量删除客户端管理信息 + */ + Boolean deleteWithValidByIds(Collection ids, Boolean isValid); + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysSocialService.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysSocialService.java new file mode 100644 index 000000000..9c8275efd --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/ISysSocialService.java @@ -0,0 +1,51 @@ +package org.dromara.system.service; + +import org.dromara.system.domain.bo.SysSocialBo; +import org.dromara.system.domain.vo.SysSocialVo; + +import java.util.List; + +/** + * 社会化关系Service接口 + * + * @author thiszhc + */ +public interface ISysSocialService { + + + /** + * 查询社会化关系 + */ + SysSocialVo queryById(String id); + + /** + * 查询社会化关系列表 + */ + List queryList(); + + /** + * 查询社会化关系列表 + */ + List queryListByUserId(Long userId); + + /** + * 新增授权关系 + */ + Boolean insertByBo(SysSocialBo bo); + + + /** + * 删除社会化关系信息 + */ + Boolean deleteWithValidById(Long id); + + + /** + * 根据 authId 查询 SysSocial 表和 SysUser 表,返回 SysSocialAuthResult 映射的对象 + * @param authId 认证ID + * @return SysSocial + */ + SysSocialVo selectByAuthId(String authId); + + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysClientServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysClientServiceImpl.java new file mode 100644 index 000000000..9fa3b2a4d --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysClientServiceImpl.java @@ -0,0 +1,143 @@ +package org.dromara.system.service.impl; + +import cn.hutool.crypto.SecureUtil; +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper; +import com.baomidou.mybatisplus.core.toolkit.Wrappers; +import com.baomidou.mybatisplus.extension.plugins.pagination.Page; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; +import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.common.core.utils.StringUtils; +import org.dromara.common.mybatis.core.page.PageQuery; +import org.dromara.common.mybatis.core.page.TableDataInfo; +import org.dromara.system.domain.SysClient; +import org.dromara.system.domain.bo.SysClientBo; +import org.dromara.system.domain.vo.SysClientVo; +import org.dromara.system.mapper.SysClientMapper; +import org.dromara.system.service.ISysClientService; +import org.springframework.stereotype.Service; + +import java.util.Collection; +import java.util.List; +import java.util.Map; + +/** + * 客户端管理Service业务层处理 + * + * @author Michelle.Chung + */ +@Slf4j +@RequiredArgsConstructor +@Service +public class SysClientServiceImpl implements ISysClientService { + + private final SysClientMapper baseMapper; + + /** + * 查询客户端管理 + */ + @Override + public SysClientVo queryById(Long id) { + SysClientVo vo = baseMapper.selectVoById(id); + vo.setGrantTypeList(List.of(vo.getGrantType().split(","))); + return vo; + } + + + /** + * 查询客户端管理 + */ + @Override + public SysClientVo queryByClientId(String clientId) { + return baseMapper.selectVoOne(new LambdaQueryWrapper().eq(SysClient::getClientId, clientId)); + } + + /** + * 查询客户端管理列表 + */ + @Override + public TableDataInfo queryPageList(SysClientBo bo, PageQuery pageQuery) { + LambdaQueryWrapper lqw = buildQueryWrapper(bo); + Page result = baseMapper.selectVoPage(pageQuery.build(), lqw); + result.getRecords().forEach(r -> r.setGrantTypeList(List.of(r.getGrantType().split(",")))); + return TableDataInfo.build(result); + } + + /** + * 查询客户端管理列表 + */ + @Override + public List queryList(SysClientBo bo) { + LambdaQueryWrapper lqw = buildQueryWrapper(bo); + return baseMapper.selectVoList(lqw); + } + + private LambdaQueryWrapper buildQueryWrapper(SysClientBo bo) { + Map params = bo.getParams(); + LambdaQueryWrapper lqw = Wrappers.lambdaQuery(); + lqw.eq(StringUtils.isNotBlank(bo.getClientId()), SysClient::getClientId, bo.getClientId()); + lqw.eq(StringUtils.isNotBlank(bo.getClientKey()), SysClient::getClientKey, bo.getClientKey()); + lqw.eq(StringUtils.isNotBlank(bo.getClientSecret()), SysClient::getClientSecret, bo.getClientSecret()); + lqw.eq(StringUtils.isNotBlank(bo.getStatus()), SysClient::getStatus, bo.getStatus()); + return lqw; + } + + /** + * 新增客户端管理 + */ + @Override + public Boolean insertByBo(SysClientBo bo) { + SysClient add = MapstructUtils.convert(bo, SysClient.class); + validEntityBeforeSave(add); + add.setGrantType(String.join(",", bo.getGrantTypeList())); + // 生成clientid + String clientKey = bo.getClientKey(); + String clientSecret = bo.getClientSecret(); + add.setClientId(SecureUtil.md5(clientKey + clientSecret)); + boolean flag = baseMapper.insert(add) > 0; + if (flag) { + bo.setId(add.getId()); + } + return flag; + } + + /** + * 修改客户端管理 + */ + @Override + public Boolean updateByBo(SysClientBo bo) { + SysClient update = MapstructUtils.convert(bo, SysClient.class); + validEntityBeforeSave(update); + return baseMapper.updateById(update) > 0; + } + + /** + * 修改状态 + */ + @Override + public int updateUserStatus(Long id, String status) { + return baseMapper.update(null, + new LambdaUpdateWrapper() + .set(SysClient::getStatus, status) + .eq(SysClient::getId, id)); + } + + /** + * 保存前的数据校验 + */ + private void validEntityBeforeSave(SysClient entity) { + //TODO 做一些数据校验,如唯一约束 + } + + /** + * 批量删除客户端管理 + */ + @Override + public Boolean deleteWithValidByIds(Collection ids, Boolean isValid) { + if (isValid) { + //TODO 做一些业务上的校验,判断是否需要校验 + } + return baseMapper.deleteBatchIds(ids) > 0; + } +} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSocialServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSocialServiceImpl.java new file mode 100644 index 000000000..065dea0da --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSocialServiceImpl.java @@ -0,0 +1,97 @@ +package org.dromara.system.service.impl; + +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import lombok.RequiredArgsConstructor; +import org.dromara.common.core.utils.MapstructUtils; +import org.dromara.system.domain.SysSocial; +import org.dromara.system.domain.bo.SysSocialBo; +import org.dromara.system.domain.vo.SysSocialVo; +import org.dromara.system.mapper.SysSocialMapper; +import org.dromara.system.service.ISysSocialService; +import org.springframework.stereotype.Service; + +import java.util.List; + +/** + * 社会化关系Service业务层处理 + * + * @author thiszhc + * @date 2023-06-12 + */ +@RequiredArgsConstructor +@Service +public class SysSocialServiceImpl implements ISysSocialService { + + private final SysSocialMapper baseMapper; + + + /** + * 查询社会化关系 + */ + @Override + public SysSocialVo queryById(String id) { + return baseMapper.selectVoById(id); + } + + /** + * 授权列表 + */ + @Override + public List queryList() { + return baseMapper.selectVoList(); + } + + @Override + public List queryListByUserId(Long userId) { + return baseMapper.selectVoList(new LambdaQueryWrapper().eq(SysSocial::getUserId, userId)); + } + + + /** + * 新增社会化关系 + */ + @Override + public Boolean insertByBo(SysSocialBo bo) { + SysSocial add = MapstructUtils.convert(bo, SysSocial.class); + validEntityBeforeSave(add); + boolean flag = baseMapper.insert(add) > 0; + if (flag) { + if (add != null) { + bo.setId(add.getId()); + } else { + return false; + } + } + return flag; + } + + + /** + * 保存前的数据校验 + */ + private void validEntityBeforeSave(SysSocial entity) { + //TODO 做一些数据校验,如唯一约束 + } + + + /** + * 删除社会化关系 + */ + @Override + public Boolean deleteWithValidById(Long id) { + return baseMapper.deleteById(id) > 0; + } + + + /** + * 根据 authId 查询用户信息 + * + * @param authId 认证id + * @return 授权信息 + */ + @Override + public SysSocialVo selectByAuthId(String authId) { + return baseMapper.selectVoOne(new LambdaQueryWrapper().eq(SysSocial::getAuthId, authId)); + } + +} diff --git a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientMapper.xml b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientMapper.xml new file mode 100644 index 000000000..fd150ad12 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientMapper.xml @@ -0,0 +1,7 @@ + + + + + diff --git a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysSocialMapper.xml b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysSocialMapper.xml new file mode 100644 index 000000000..baa4b5946 --- /dev/null +++ b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysSocialMapper.xml @@ -0,0 +1,7 @@ + + + + + diff --git a/sql/oracle/oracle_ry_cloud.sql b/sql/oracle/oracle_ry_cloud.sql index d3bda60e4..f7e2cadac 100644 --- a/sql/oracle/oracle_ry_cloud.sql +++ b/sql/oracle/oracle_ry_cloud.sql @@ -1,3 +1,72 @@ +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +create table sys_social +( + id number(20) not null, + user_id number(20) not null, + tenant_id varchar2(20) default null, + auth_id varchar2(255) not null, + source varchar2(255) not null, + open_id varchar2(255) default null, + user_name varchar2(30) not null, + nick_name varchar2(30) default '', + email varchar2(255) default '', + avatar varchar2(500) default '', + access_token varchar2(255) not null, + expire_in number(100) default null, + refresh_token varchar2(255) default null, + access_code varchar2(255) default null, + union_id varchar2(255) default null, + scope varchar2(255) default null, + token_type varchar2(255) default null, + id_token varchar2(255) default null, + mac_algorithm varchar2(255) default null, + mac_key varchar2(255) default null, + code varchar2(255) default null, + oauth_token varchar2(255) default null, + oauth_token_secret varchar2(255) default null, + create_dept number(20), + create_by number(20), + create_time date, + update_by number(20), + update_time date, + del_flag char(1) default '0' +); + +alter table sys_social add constraint pk_sys_social primary key (id); + +comment on table sys_social is '社会化关系表'; +comment on column sys_social.id is '主键'; +comment on column sys_social.user_id is '用户ID'; +comment on column sys_social.tenant_id is '租户id'; +comment on column sys_social.auth_id is '平台+平台唯一id'; +comment on column sys_social.source is '用户来源'; +comment on column sys_social.open_id is '平台编号唯一id'; +comment on column sys_social.user_name is '登录账号'; +comment on column sys_social.nick_name is '用户昵称'; +comment on column sys_social.email is '用户邮箱'; +comment on column sys_social.avatar is '头像地址'; +comment on column sys_social.access_token is '用户的授权令牌'; +comment on column sys_social.expire_in is '用户的授权令牌的有效期,部分平台可能没有'; +comment on column sys_social.refresh_token is '刷新令牌,部分平台可能没有'; +comment on column sys_social.access_code is '平台的授权信息,部分平台可能没有'; +comment on column sys_social.union_id is '用户的 unionid'; +comment on column sys_social.scope is '授予的权限,部分平台可能没有'; +comment on column sys_social.token_type is '个别平台的授权信息,部分平台可能没有'; +comment on column sys_social.id_token is 'id token,部分平台可能没有'; +comment on column sys_social.mac_algorithm is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.mac_key is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.code is '用户的授权code,部分平台可能没有'; +comment on column sys_social.oauth_token is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.oauth_token_secret is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.create_dept is '创建部门'; +comment on column sys_social.create_by is '创建者'; +comment on column sys_social.create_time is '创建时间'; +comment on column sys_social.update_by is '更新者'; +comment on column sys_social.update_time is '更新时间'; +comment on column sys_social.del_flag is '删除标志(0代表存在 2代表删除)'; + -- ---------------------------- -- 租户表 -- ---------------------------- @@ -372,7 +441,8 @@ insert into sys_menu values('113', 'Admin控制台', '2', '5', 'http://local insert into sys_menu values('114', '表单构建', '3', '1', 'build', 'tool/build/index', '', 1, 0, 'C', '0', '0', 'tool:build:list', 'build', 103, 1, sysdate, null, null, '表单构建菜单'); insert into sys_menu values('115', '代码生成', '3', '2', 'gen', 'tool/gen/index', '', 1, 0, 'C', '0', '0', 'tool:gen:list', 'code', 103, 1, sysdate, null, null, '代码生成菜单'); insert into sys_menu values('121', '租户管理', '6', '1', 'tenant', 'system/tenant/index', '', 1, 0, 'C', '0', '0', 'system:tenant:list', 'list', 103, 1, sysdate, null, null, '租户管理菜单'); -insert into sys_menu values('122', '租户套餐管理', '6', '2', 'tenantPackage', 'system/tenantPackage/index', '', 1, 0, 'C', '0', '0', 'system:tenantPackage:list', 'form', 103, 1, sysdate, null, null, '租户套餐管理菜单'); +insert into sys_menu values('122', '租户套餐管理', '6', '2', 'tenantPackage', 'system/tenantPackage/index', '', 1, 0, 'C', '0', '0', 'system:tenantPackage:list', 'form', 103, 1, sysdate, null, null, '租户套餐管理菜单'); +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', 1, 0, 'C', '0', '0', 'system:client:list', 'international', 103, 1, sysdate, null, null, '客户端管理菜单'); -- springboot-admin监控 insert into sys_menu values('117', 'Admin监控', '2', '5', 'Admin', 'monitor/admin/index', '', 1, 0, 'C', '0', '0', 'monitor:admin:list', 'dashboard', 103, 1, sysdate, null, null, 'Admin监控菜单'); -- oss菜单 @@ -466,6 +536,12 @@ insert into sys_menu values('1612', '租户套餐新增', '122', '2', '#', '', ' insert into sys_menu values('1613', '租户套餐修改', '122', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:edit', '#', 103, 1, sysdate, null, null, ''); insert into sys_menu values('1614', '租户套餐删除', '122', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:remove', '#', 103, 1, sysdate, null, null, ''); insert into sys_menu values('1615', '租户套餐导出', '122', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:export', '#', 103, 1, sysdate, null, null, ''); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:query', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:add', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:edit', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:remove', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:export', '#', 103, 1, sysdate, null, null, ''); -- ---------------------------- @@ -585,6 +661,11 @@ insert into sys_role_menu values ('2', '1057'); insert into sys_role_menu values ('2', '1058'); insert into sys_role_menu values ('2', '1059'); insert into sys_role_menu values ('2', '1060'); +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065'); -- ---------------------------- -- 8、角色和部门关联表 角色1-N部门 @@ -719,7 +800,9 @@ insert into sys_dict_type values(6, '000000', '系统是否', 'sys_yes_no', insert into sys_dict_type values(7, '000000', '通知类型', 'sys_notice_type', '0', 103, 1, sysdate, null, null, '通知类型列表'); insert into sys_dict_type values(8, '000000', '通知状态', 'sys_notice_status', '0', 103, 1, sysdate, null, null, '通知状态列表'); insert into sys_dict_type values(9, '000000', '操作类型', 'sys_oper_type', '0', 103, 1, sysdate, null, null, '操作类型列表'); -insert into sys_dict_type values(10, '000000', '系统状态', 'sys_common_status', '0', 103, 1, sysdate, null, null, '登录状态列表'); +insert into sys_dict_type values(10, '000000', '系统状态', 'sys_common_status', '0', 103, 1, sysdate, null, null, '登录状态列表'); +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, sysdate, null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, sysdate, null, null, '客户端设备类型'); -- ---------------------------- @@ -789,6 +872,13 @@ insert into sys_dict_data values(25, '000000', 8, '生成代码', '8', 's insert into sys_dict_data values(26, '000000', 9, '清空数据', '9', 'sys_oper_type', '', 'danger', 'N', '0', 103, 1, sysdate, null, null, '清空操作'); insert into sys_dict_data values(27, '000000', 1, '成功', '0', 'sys_common_status', '', 'primary', 'N', '0', 103, 1, sysdate, null, null, '正常状态'); insert into sys_dict_data values(28, '000000', 2, '失败', '1', 'sys_common_status', '', 'danger', 'N', '0', 103, 1, sysdate, null, null, '停用状态'); +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, 'APP端'); -- ---------------------------- @@ -1109,6 +1199,49 @@ insert into sys_oss_config values (4, '000000', 'qcloud', 'XXXXXXXXXXXXXXX', 'X insert into sys_oss_config values (5, '000000', 'image', 'ruoyi', 'ruoyi123', 'ruoyi', 'image', '127.0.0.1:9000', '','N', '', '1', '1', '', NULL, 103, 1, sysdate, 1, sysdate); +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +create table sys_client ( + id number(20) not null, + client_id varchar2(64) default null, + client_key varchar2(32) default null, + client_secret varchar2(255) default null, + grant_type varchar2(255) default null, + device_type varchar2(32) default null, + active_timeout number(11) default 1800, + timeout number(11) default 604800, + status char(1) default '0', + del_flag char(1) default '0', + create_dept number(20) default null, + create_by number(20) default null, + create_time date, + update_by number(20) default null, + update_time date +) + +alter table sys_client add constraint pk_sys_client primary key (id); + +comment on table sys_client is '系统授权表'; +comment on column sys_client.id is '主建'; +comment on column sys_client.client_id is '客户端id'; +comment on column sys_client.client_key is '客户端key'; +comment on column sys_client.client_secret is '客户端秘钥'; +comment on column sys_client.grant_type is '授权类型'; +comment on column sys_client.device_type is '设备类型'; +comment on column sys_client.active_timeout is 'token活跃超时时间'; +comment on column sys_client.timeout is 'token固定超时'; +comment on column sys_client.status is '状态(0正常 1停用)'; +comment on column sys_client.del_flag is '删除标志(0代表存在 2代表删除)'; +comment on column sys_client.create_dept is '创建部门'; +comment on column sys_client.create_by is '创建者'; +comment on column sys_client.create_time is '创建时间'; +comment on column sys_client.update_by is '更新者'; +comment on column sys_client.update_time is '更新时间'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, sysdate, 1, sysdate); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, sysdate, 1, sysdate); + -- ---------------------------- -- 钩子 ,用于session连接之后 自动设置默认的date类型格式化 简化时间查询 -- 如需设置其它配置 可在此钩子内任意增加处理语句 diff --git a/sql/postgres/postgres_ry_cloud.sql b/sql/postgres/postgres_ry_cloud.sql index 6c704be28..27d8e99b6 100644 --- a/sql/postgres/postgres_ry_cloud.sql +++ b/sql/postgres/postgres_ry_cloud.sql @@ -1,3 +1,71 @@ +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +create table sys_social +( + id int8 not null, + user_id int8 not null, + tenant_id varchar(20) default null::varchar, + auth_id varchar(255) not null, + source varchar(255) not null, + open_id varchar(255) default null::varchar, + user_name varchar(30) not null, + nick_name varchar(30) default ''::varchar, + email varchar(255) default ''::varchar, + avatar varchar(500) default ''::varchar, + access_token varchar(255) not null, + expire_in int8 default null, + refresh_token varchar(255) default null::varchar, + access_code varchar(255) default null::varchar, + union_id varchar(255) default null::varchar, + scope varchar(255) default null::varchar, + token_type varchar(255) default null::varchar, + id_token varchar(255) default null::varchar, + mac_algorithm varchar(255) default null::varchar, + mac_key varchar(255) default null::varchar, + code varchar(255) default null::varchar, + oauth_token varchar(255) default null::varchar, + oauth_token_secret varchar(255) default null::varchar, + create_dept int8, + create_by int8, + create_time timestamp, + update_by int8, + update_time timestamp, + del_flag char default '0'::bpchar, + constraint "pk_sys_social" primary key (id) +); + +comment on table sys_social is '社会化关系表'; +comment on column sys_social.id is '主键'; +comment on column sys_social.user_id is '用户ID'; +comment on column sys_social.tenant_id is '租户id'; +comment on column sys_social.auth_id is '平台+平台唯一id'; +comment on column sys_social.source is '用户来源'; +comment on column sys_social.open_id is '平台编号唯一id'; +comment on column sys_social.user_name is '登录账号'; +comment on column sys_social.nick_name is '用户昵称'; +comment on column sys_social.email is '用户邮箱'; +comment on column sys_social.avatar is '头像地址'; +comment on column sys_social.access_token is '用户的授权令牌'; +comment on column sys_social.expire_in is '用户的授权令牌的有效期,部分平台可能没有'; +comment on column sys_social.refresh_token is '刷新令牌,部分平台可能没有'; +comment on column sys_social.access_code is '平台的授权信息,部分平台可能没有'; +comment on column sys_social.union_id is '用户的 unionid'; +comment on column sys_social.scope is '授予的权限,部分平台可能没有'; +comment on column sys_social.token_type is '个别平台的授权信息,部分平台可能没有'; +comment on column sys_social.id_token is 'id token,部分平台可能没有'; +comment on column sys_social.mac_algorithm is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.mac_key is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.code is '用户的授权code,部分平台可能没有'; +comment on column sys_social.oauth_token is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.oauth_token_secret is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.create_dept is '创建部门'; +comment on column sys_social.create_by is '创建者'; +comment on column sys_social.create_time is '创建时间'; +comment on column sys_social.update_by is '更新者'; +comment on column sys_social.update_time is '更新时间'; +comment on column sys_social.del_flag is '删除标志(0代表存在 2代表删除)'; + -- ---------------------------- -- 租户表 -- ---------------------------- @@ -383,6 +451,7 @@ insert into sys_menu values('114', '表单构建', '3', '1', 'build', insert into sys_menu values('115', '代码生成', '3', '2', 'gen', 'tool/gen/index', '', '1', '0', 'C', '0', '0', 'tool:gen:list', 'code', 103, 1, now(), null, null, '代码生成菜单'); insert into sys_menu values('121', '租户管理', '6', '1', 'tenant', 'system/tenant/index', '', '1', '0', 'C', '0', '0', 'system:tenant:list', 'list', 103, 1, now(), null, null, '租户管理菜单'); insert into sys_menu values('122', '租户套餐管理', '6', '2', 'tenantPackage', 'system/tenantPackage/index', '', '1', '0', 'C', '0', '0', 'system:tenantPackage:list', 'form', 103, 1, now(), null, null, '租户套餐管理菜单'); +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', '1', '0', 'C', '0', '0', 'system:client:list', 'international', 103, 1, now(), null, null, '客户端管理菜单'); -- oss菜单 insert into sys_menu values('118', '文件管理', '1', '10', 'oss', 'system/oss/index', '', '1', '0', 'C', '0', '0', 'system:oss:list', 'upload', 103, 1, now(), null, null, '文件管理菜单'); -- 三级菜单 @@ -474,6 +543,12 @@ insert into sys_menu values('1612', '租户套餐新增', '122', '2', '#', '', ' insert into sys_menu values('1613', '租户套餐修改', '122', '3', '#', '', '', '1', '0', 'F', '0', '0', 'system:tenantPackage:edit', '#', 103, 1, now(), null, null, ''); insert into sys_menu values('1614', '租户套餐删除', '122', '4', '#', '', '', '1', '0', 'F', '0', '0', 'system:tenantPackage:remove', '#', 103, 1, now(), null, null, ''); insert into sys_menu values('1615', '租户套餐导出', '122', '5', '#', '', '', '1', '0', 'F', '0', '0', 'system:tenantPackage:export', '#', 103, 1, now(), null, null, ''); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:query', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:add', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:edit', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:remove', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:export', '#', 103, 1, now(), null, null, ''); -- ---------------------------- @@ -595,6 +670,11 @@ insert into sys_role_menu values ('2', '1057'); insert into sys_role_menu values ('2', '1058'); insert into sys_role_menu values ('2', '1059'); insert into sys_role_menu values ('2', '1060'); +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065'); -- ---------------------------- -- 8、角色和部门关联表 角色1-N部门 @@ -735,6 +815,8 @@ insert into sys_dict_type values(7, '000000', '通知类型', 'sys_notice_type', insert into sys_dict_type values(8, '000000', '通知状态', 'sys_notice_status', '0', 103, 1, now(), null, null, '通知状态列表'); insert into sys_dict_type values(9, '000000', '操作类型', 'sys_oper_type', '0', 103, 1, now(), null, null, '操作类型列表'); insert into sys_dict_type values(10, '000000', '系统状态', 'sys_common_status', '0', 103, 1, now(), null, null, '登录状态列表'); +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, now(), null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, now(), null, null, '客户端设备类型'); -- ---------------------------- @@ -805,6 +887,13 @@ insert into sys_dict_data values(25, '000000', 8, '生成代码', '8', 's insert into sys_dict_data values(26, '000000', 9, '清空数据', '9', 'sys_oper_type', '', 'danger', 'N', '0', 103, 1, now(), null, null, '清空操作'); insert into sys_dict_data values(27, '000000', 1, '成功', '0', 'sys_common_status', '', 'primary', 'N', '0', 103, 1, now(), null, null, '正常状态'); insert into sys_dict_data values(28, '000000', 2, '失败', '1', 'sys_common_status', '', 'danger', 'N', '0', 103, 1, now(), null, null, '停用状态'); +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, now(), null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, now(), null, null, 'APP端'); -- ---------------------------- @@ -1129,6 +1218,51 @@ insert into sys_oss_config values (3, '000000', 'aliyun', 'XXXXXXXXXXXXXXX', 'X insert into sys_oss_config values (4, '000000', 'qcloud', 'XXXXXXXXXXXXXXX', 'XXXXXXXXXXXXXXX', 'ruoyi-1250000000', '', 'cos.ap-beijing.myqcloud.com', '','N', 'ap-beijing', '1', '1', '', 103, 1, now(), 1, now(), null); insert into sys_oss_config values (5, '000000', 'image', 'ruoyi', 'ruoyi123', 'ruoyi', 'image', '127.0.0.1:9000', '','N', '', '1', '1', '', 103, 1, now(), 1, now(), NULL); + +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +drop table if exists sys_client; +create table sys_client ( + id int8, + client_id varchar(64) default ''::varchar, + client_key varchar(32) default ''::varchar, + client_secret varchar(255) default ''::varchar, + grant_type varchar(255) default ''::varchar, + device_type varchar(32) default ''::varchar, + active_timeout int4 default 1800, + timeout int4 default 604800, + status char(1) default '0'::bpchar, + del_flag char(1) default '0'::bpchar, + create_dept int8, + create_by int8, + create_time timestamp, + update_by int8, + update_time timestamp, + constraint sys_client_pk primary key (id) +); + +comment on table sys_client is '系统授权表'; +comment on column sys_client.id is '主建'; +comment on column sys_client.client_id is '客户端id'; +comment on column sys_client.client_key is '客户端key'; +comment on column sys_client.client_secret is '客户端秘钥'; +comment on column sys_client.grant_type is '授权类型'; +comment on column sys_client.device_type is '设备类型'; +comment on column sys_client.active_timeout is 'token活跃超时时间'; +comment on column sys_client.timeout is 'token固定超时'; +comment on column sys_client.status is '状态(0正常 1停用)'; +comment on column sys_client.del_flag is '删除标志(0代表存在 2代表删除)'; +comment on column sys_client.create_dept is '创建部门'; +comment on column sys_client.create_by is '创建者'; +comment on column sys_client.create_time is '创建时间'; +comment on column sys_client.update_by is '更新者'; +comment on column sys_client.update_time is '更新时间'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, now(), 1, now()); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, now(), 1, now()); + + -- 字符串自动转时间 避免框架时间查询报错问题 create or replace function cast_varchar_to_timestamp(varchar) returns timestamptz as $$ select to_timestamp($1, 'yyyy-mm-dd hh24:mi:ss'); diff --git a/sql/ry-cloud.sql b/sql/ry-cloud.sql index c875b7057..d2c55a848 100644 --- a/sql/ry-cloud.sql +++ b/sql/ry-cloud.sql @@ -1,3 +1,41 @@ +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +drop table if exists sys_social; +create table sys_social +( + id bigint not null comment '主键', + user_id bigint not null comment '用户ID', + tenant_id varchar(20) default null comment '租户id', + auth_id varchar(255) not null comment '平台+平台唯一id', + source varchar(255) not null comment '用户来源', + open_id varchar(255) default null comment '平台编号唯一id', + user_name varchar(30) not null comment '登录账号', + nick_name varchar(30) default '' comment '用户昵称', + email varchar(255) default '' comment '用户邮箱', + avatar varchar(500) default '' comment '头像地址', + access_token varchar(255) not null comment '用户的授权令牌', + expire_in int default null comment '用户的授权令牌的有效期,部分平台可能没有', + refresh_token varchar(255) default null comment '刷新令牌,部分平台可能没有', + access_code varchar(255) default null comment '平台的授权信息,部分平台可能没有', + union_id varchar(255) default null comment '用户的 unionid', + scope varchar(255) default null comment '授予的权限,部分平台可能没有', + token_type varchar(255) default null comment '个别平台的授权信息,部分平台可能没有', + id_token varchar(255) default null comment 'id token,部分平台可能没有', + mac_algorithm varchar(255) default null comment '小米平台用户的附带属性,部分平台可能没有', + mac_key varchar(255) default null comment '小米平台用户的附带属性,部分平台可能没有', + code varchar(255) default null comment '用户的授权code,部分平台可能没有', + oauth_token varchar(255) default null comment 'Twitter平台用户的附带属性,部分平台可能没有', + oauth_token_secret varchar(255) default null comment 'Twitter平台用户的附带属性,部分平台可能没有', + create_dept bigint(20) comment '创建部门', + create_by bigint(20) comment '创建者', + create_time datetime comment '创建时间', + update_by bigint(20) comment '更新者', + update_time datetime comment '更新时间', + del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)', + PRIMARY KEY (id) +) engine=innodb comment = '社会化关系表'; + -- ---------------------------- -- 租户表 -- ---------------------------- @@ -248,8 +286,9 @@ insert into sys_menu values('112', 'Nacos控制台', '2', '4', 'http://local insert into sys_menu values('113', 'Admin控制台', '2', '5', 'http://localhost:9100/login', '', '', 0, 0, 'C', '0', '0', 'monitor:server:list', 'server', 103, 1, sysdate(), null, null, '服务监控菜单'); insert into sys_menu values('114', '表单构建', '3', '1', 'build', 'tool/build/index', '', 1, 0, 'C', '0', '0', 'tool:build:list', 'build', 103, 1, sysdate(), null, null, '表单构建菜单'); insert into sys_menu values('115', '代码生成', '3', '2', 'gen', 'tool/gen/index', '', 1, 0, 'C', '0', '0', 'tool:gen:list', 'code', 103, 1, sysdate(), null, null, '代码生成菜单'); -insert into sys_menu values ('121', '租户管理', '6', '1', 'tenant', 'system/tenant/index', '', 1, 0, 'C', '0', '0', 'system:tenant:list', 'list', 103, 1, sysdate(), null, null, '租户管理菜单'); -insert into sys_menu values ('122', '租户套餐管理', '6', '2', 'tenantPackage', 'system/tenantPackage/index', '', 1, 0, 'C', '0', '0', 'system:tenantPackage:list', 'form', 103, 1, sysdate(), null, null, '租户套餐管理菜单'); +insert into sys_menu values('121', '租户管理', '6', '1', 'tenant', 'system/tenant/index', '', 1, 0, 'C', '0', '0', 'system:tenant:list', 'list', 103, 1, sysdate(), null, null, '租户管理菜单'); +insert into sys_menu values('122', '租户套餐管理', '6', '2', 'tenantPackage', 'system/tenantPackage/index', '', 1, 0, 'C', '0', '0', 'system:tenantPackage:list', 'form', 103, 1, sysdate(), null, null, '租户套餐管理菜单'); +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', 1, 0, 'C', '0', '0', 'system:client:list', 'international', 103, 1, sysdate(), null, null, '客户端管理菜单'); -- oss菜单 insert into sys_menu values('118', '文件管理', '1', '10', 'oss', 'system/oss/index', '', 1, 0, 'C', '0', '0', 'system:oss:list', 'upload', 103, 1, sysdate(), null, null, '文件管理菜单'); -- 三级菜单 @@ -341,6 +380,12 @@ insert into sys_menu values ('1612', '租户套餐新增', '122', '2', '#', '', insert into sys_menu values ('1613', '租户套餐修改', '122', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:edit', '#', 103, 1, sysdate(), null, null, ''); insert into sys_menu values ('1614', '租户套餐删除', '122', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:remove', '#', 103, 1, sysdate(), null, null, ''); insert into sys_menu values ('1615', '租户套餐导出', '122', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:tenantPackage:export', '#', 103, 1, sysdate(), null, null, ''); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:query', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:add', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:edit', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:remove', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:export', '#', 103, 1, sysdate(), null, null, ''); -- ---------------------------- @@ -452,6 +497,11 @@ insert into sys_role_menu values ('2', '1057'); insert into sys_role_menu values ('2', '1058'); insert into sys_role_menu values ('2', '1059'); insert into sys_role_menu values ('2', '1060'); +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065'); -- ---------------------------- -- 8、角色和部门关联表 角色1-N部门 @@ -548,6 +598,8 @@ insert into sys_dict_type values(7, '000000', '通知类型', 'sys_notice_type', insert into sys_dict_type values(8, '000000', '通知状态', 'sys_notice_status', '0', 103, 1, sysdate(), null, null, '通知状态列表'); insert into sys_dict_type values(9, '000000', '操作类型', 'sys_oper_type', '0', 103, 1, sysdate(), null, null, '操作类型列表'); insert into sys_dict_type values(10, '000000', '系统状态', 'sys_common_status', '0', 103, 1, sysdate(), null, null, '登录状态列表'); +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, sysdate(), null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, sysdate(), null, null, '客户端设备类型'); -- ---------------------------- @@ -600,7 +652,13 @@ insert into sys_dict_data values(25, '000000', 8, '生成代码', '8', 's insert into sys_dict_data values(26, '000000', 9, '清空数据', '9', 'sys_oper_type', '', 'danger', 'N', '0', 103, 1, sysdate(), null, null, '清空操作'); insert into sys_dict_data values(27, '000000', 1, '成功', '0', 'sys_common_status', '', 'primary', 'N', '0', 103, 1, sysdate(), null, null, '正常状态'); insert into sys_dict_data values(28, '000000', 2, '失败', '1', 'sys_common_status', '', 'danger', 'N', '0', 103, 1, sysdate(), null, null, '停用状态'); - +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, 'APP端'); -- ---------------------------- -- 13、参数配置表 @@ -794,6 +852,33 @@ insert into sys_oss_config values (4, '000000', 'qcloud', 'XXXXXXXXXXXXXXX', 'X insert into sys_oss_config values (5, '000000', 'image', 'ruoyi', 'ruoyi123', 'ruoyi', 'image', '127.0.0.1:9000', '','N', '', '1' ,'1', '', 103, 1, sysdate(), 1, sysdate(), NULL); +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +drop table if exists sys_client; +create table sys_client ( + id bigint(20) not null comment 'id', + client_id varchar(64) default null comment '客户端id', + client_key varchar(32) default null comment '客户端key', + client_secret varchar(255) default null comment '客户端秘钥', + grant_type varchar(255) default null comment '授权类型', + device_type varchar(32) default null comment '设备类型', + active_timeout int(11) default 1800 comment 'token活跃超时时间', + timeout int(11) default 604800 comment 'token固定超时', + status char(1) default '0' comment '状态(0正常 1停用)', + del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)', + create_dept bigint(20) default null comment '创建部门', + create_by bigint(20) default null comment '创建者', + create_time datetime default null comment '创建时间', + update_by bigint(20) default null comment '更新者', + update_time datetime default null comment '更新时间', + primary key (id) +) engine=innodb comment='系统授权表'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, sysdate(), 1, sysdate()); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, sysdate(), 1, sysdate()); + + -- for AT mode you must to init this sql for you business database. the seata server not need it. CREATE TABLE IF NOT EXISTS undo_log ( diff --git a/sql/update/oracle/update_2.0-2.1.sql b/sql/update/oracle/update_2.0-2.1.sql index 70c815e86..340be196d 100644 --- a/sql/update/oracle/update_2.0-2.1.sql +++ b/sql/update/oracle/update_2.0-2.1.sql @@ -1 +1,141 @@ -UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110' +UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110'; + +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +create table sys_social +( + id number(20) not null, + user_id number(20) not null, + tenant_id varchar2(20) default null, + auth_id varchar2(255) not null, + source varchar2(255) not null, + open_id varchar2(255) default null, + user_name varchar2(30) not null, + nick_name varchar2(30) default '', + email varchar2(255) default '', + avatar varchar2(500) default '', + access_token varchar2(255) not null, + expire_in number(100) default null, + refresh_token varchar2(255) default null, + access_code varchar2(255) default null, + union_id varchar2(255) default null, + scope varchar2(255) default null, + token_type varchar2(255) default null, + id_token varchar2(255) default null, + mac_algorithm varchar2(255) default null, + mac_key varchar2(255) default null, + code varchar2(255) default null, + oauth_token varchar2(255) default null, + oauth_token_secret varchar2(255) default null, + create_dept number(20), + create_by number(20), + create_time date, + update_by number(20), + update_time date, + del_flag char(1) default '0' +); + +alter table sys_social add constraint pk_sys_social primary key (id); + +comment on table sys_social is '社会化关系表'; +comment on column sys_social.id is '主键'; +comment on column sys_social.user_id is '用户ID'; +comment on column sys_social.tenant_id is '租户id'; +comment on column sys_social.auth_id is '平台+平台唯一id'; +comment on column sys_social.source is '用户来源'; +comment on column sys_social.open_id is '平台编号唯一id'; +comment on column sys_social.user_name is '登录账号'; +comment on column sys_social.nick_name is '用户昵称'; +comment on column sys_social.email is '用户邮箱'; +comment on column sys_social.avatar is '头像地址'; +comment on column sys_social.access_token is '用户的授权令牌'; +comment on column sys_social.expire_in is '用户的授权令牌的有效期,部分平台可能没有'; +comment on column sys_social.refresh_token is '刷新令牌,部分平台可能没有'; +comment on column sys_social.access_code is '平台的授权信息,部分平台可能没有'; +comment on column sys_social.union_id is '用户的 unionid'; +comment on column sys_social.scope is '授予的权限,部分平台可能没有'; +comment on column sys_social.token_type is '个别平台的授权信息,部分平台可能没有'; +comment on column sys_social.id_token is 'id token,部分平台可能没有'; +comment on column sys_social.mac_algorithm is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.mac_key is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.code is '用户的授权code,部分平台可能没有'; +comment on column sys_social.oauth_token is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.oauth_token_secret is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.create_dept is '创建部门'; +comment on column sys_social.create_by is '创建者'; +comment on column sys_social.create_time is '创建时间'; +comment on column sys_social.update_by is '更新者'; +comment on column sys_social.update_time is '更新时间'; +comment on column sys_social.del_flag is '删除标志(0代表存在 2代表删除)'; + + +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +create table sys_client ( + id number(20) not null, + client_id varchar2(64) default null, + client_key varchar2(32) default null, + client_secret varchar2(255) default null, + grant_type varchar2(255) default null, + device_type varchar2(32) default null, + active_timeout number(11) default 1800, + timeout number(11) default 604800, + status char(1) default '0', + del_flag char(1) default '0', + create_dept number(20) default null, + create_by number(20) default null, + create_time date, + update_by number(20) default null, + update_time date +) + +alter table sys_client add constraint pk_sys_client primary key (id); + +comment on table sys_client is '系统授权表'; +comment on column sys_client.id is '主建'; +comment on column sys_client.client_id is '客户端id'; +comment on column sys_client.client_key is '客户端key'; +comment on column sys_client.client_secret is '客户端秘钥'; +comment on column sys_client.grant_type is '授权类型'; +comment on column sys_client.device_type is '设备类型'; +comment on column sys_client.active_timeout is 'token活跃超时时间'; +comment on column sys_client.timeout is 'token固定超时'; +comment on column sys_client.status is '状态(0正常 1停用)'; +comment on column sys_client.del_flag is '删除标志(0代表存在 2代表删除)'; +comment on column sys_client.create_dept is '创建部门'; +comment on column sys_client.create_by is '创建者'; +comment on column sys_client.create_time is '创建时间'; +comment on column sys_client.update_by is '更新者'; +comment on column sys_client.update_time is '更新时间'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, sysdate, 1, sysdate); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, sysdate, 1, sysdate); + +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, sysdate, null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, sysdate, null, null, '客户端设备类型'); + +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate, null, null, 'APP端'); + +-- 二级菜单 +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', 1, 0, 'C', '0', '0', 'system:client:list', 'international', 103, 1, sysdate, null, null, '客户端管理菜单'); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:query', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:add', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:edit', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:remove', '#', 103, 1, sysdate, null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:export', '#', 103, 1, sysdate, null, null, ''); + +-- 角色菜单权限 +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065'); diff --git a/sql/update/postgres/update_2.0-2.1.sql b/sql/update/postgres/update_2.0-2.1.sql index 70c815e86..3ebf65dc2 100644 --- a/sql/update/postgres/update_2.0-2.1.sql +++ b/sql/update/postgres/update_2.0-2.1.sql @@ -1 +1,140 @@ -UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110' +UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110'; + +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +create table sys_social +( + id int8 not null, + user_id int8 not null, + tenant_id varchar(20) default null::varchar, + auth_id varchar(255) not null, + source varchar(255) not null, + open_id varchar(255) default null::varchar, + user_name varchar(30) not null, + nick_name varchar(30) default ''::varchar, + email varchar(255) default ''::varchar, + avatar varchar(500) default ''::varchar, + access_token varchar(255) not null, + expire_in int8 default null, + refresh_token varchar(255) default null::varchar, + access_code varchar(255) default null::varchar, + union_id varchar(255) default null::varchar, + scope varchar(255) default null::varchar, + token_type varchar(255) default null::varchar, + id_token varchar(255) default null::varchar, + mac_algorithm varchar(255) default null::varchar, + mac_key varchar(255) default null::varchar, + code varchar(255) default null::varchar, + oauth_token varchar(255) default null::varchar, + oauth_token_secret varchar(255) default null::varchar, + create_dept int8, + create_by int8, + create_time timestamp, + update_by int8, + update_time timestamp, + del_flag char default '0'::bpchar, + constraint "pk_sys_social" primary key (id) +); + +comment on table sys_social is '社会化关系表'; +comment on column sys_social.id is '主键'; +comment on column sys_social.user_id is '用户ID'; +comment on column sys_social.tenant_id is '租户id'; +comment on column sys_social.auth_id is '平台+平台唯一id'; +comment on column sys_social.source is '用户来源'; +comment on column sys_social.open_id is '平台编号唯一id'; +comment on column sys_social.user_name is '登录账号'; +comment on column sys_social.nick_name is '用户昵称'; +comment on column sys_social.email is '用户邮箱'; +comment on column sys_social.avatar is '头像地址'; +comment on column sys_social.access_token is '用户的授权令牌'; +comment on column sys_social.expire_in is '用户的授权令牌的有效期,部分平台可能没有'; +comment on column sys_social.refresh_token is '刷新令牌,部分平台可能没有'; +comment on column sys_social.access_code is '平台的授权信息,部分平台可能没有'; +comment on column sys_social.union_id is '用户的 unionid'; +comment on column sys_social.scope is '授予的权限,部分平台可能没有'; +comment on column sys_social.token_type is '个别平台的授权信息,部分平台可能没有'; +comment on column sys_social.id_token is 'id token,部分平台可能没有'; +comment on column sys_social.mac_algorithm is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.mac_key is '小米平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.code is '用户的授权code,部分平台可能没有'; +comment on column sys_social.oauth_token is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.oauth_token_secret is 'Twitter平台用户的附带属性,部分平台可能没有'; +comment on column sys_social.create_dept is '创建部门'; +comment on column sys_social.create_by is '创建者'; +comment on column sys_social.create_time is '创建时间'; +comment on column sys_social.update_by is '更新者'; +comment on column sys_social.update_time is '更新时间'; +comment on column sys_social.del_flag is '删除标志(0代表存在 2代表删除)'; + + +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +drop table if exists sys_client; +create table sys_client ( + id int8, + client_id varchar(64) default ''::varchar, + client_key varchar(32) default ''::varchar, + client_secret varchar(255) default ''::varchar, + grant_type varchar(255) default ''::varchar, + device_type varchar(32) default ''::varchar, + active_timeout int4 default 1800, + timeout int4 default 604800, + status char(1) default '0'::bpchar, + del_flag char(1) default '0'::bpchar, + create_dept int8, + create_by int8, + create_time timestamp, + update_by int8, + update_time timestamp, + constraint sys_client_pk primary key (id) +); + +comment on table sys_client is '系统授权表'; +comment on column sys_client.id is '主建'; +comment on column sys_client.client_id is '客户端id'; +comment on column sys_client.client_key is '客户端key'; +comment on column sys_client.client_secret is '客户端秘钥'; +comment on column sys_client.grant_type is '授权类型'; +comment on column sys_client.device_type is '设备类型'; +comment on column sys_client.active_timeout is 'token活跃超时时间'; +comment on column sys_client.timeout is 'token固定超时'; +comment on column sys_client.status is '状态(0正常 1停用)'; +comment on column sys_client.del_flag is '删除标志(0代表存在 2代表删除)'; +comment on column sys_client.create_dept is '创建部门'; +comment on column sys_client.create_by is '创建者'; +comment on column sys_client.create_time is '创建时间'; +comment on column sys_client.update_by is '更新者'; +comment on column sys_client.update_time is '更新时间'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, now(), 1, now()); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, now(), 1, now()); + +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, now(), null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, now(), null, null, '客户端设备类型'); + +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, now(), null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, now(), null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, now(), null, null, 'APP端'); + +-- 二级菜单 +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', '1', '0', 'C', '0', '0', 'system:client:list', 'international', 103, 1, now(), null, null, '客户端管理菜单'); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:query', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:add', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:edit', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:remove', '#', 103, 1, now(), null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', '1', '0', 'F', '0', '0', 'system:client:export', '#', 103, 1, now(), null, null, ''); + +-- 角色菜单权限 +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065'); diff --git a/sql/update/update_2.0-2.1.sql b/sql/update/update_2.0-2.1.sql index 24cee60fa..a12d62e80 100644 --- a/sql/update/update_2.0-2.1.sql +++ b/sql/update/update_2.0-2.1.sql @@ -1,2 +1,93 @@ -UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110' +UPDATE sys_menu SET menu_name = 'PowerJob控制台', path = 'http://localhost:7700' WHERE menu_id = '110'; +-- ---------------------------- +-- 第三方平台授权表 +-- ---------------------------- +drop table if exists sys_social; +create table sys_social +( + id bigint not null comment '主键', + user_id bigint not null comment '用户ID', + tenant_id varchar(20) default null comment '租户id', + auth_id varchar(255) not null comment '平台+平台唯一id', + source varchar(255) not null comment '用户来源', + open_id varchar(255) default null comment '平台编号唯一id', + user_name varchar(30) not null comment '登录账号', + nick_name varchar(30) default '' comment '用户昵称', + email varchar(255) default '' comment '用户邮箱', + avatar varchar(500) default '' comment '头像地址', + access_token varchar(255) not null comment '用户的授权令牌', + expire_in int default null comment '用户的授权令牌的有效期,部分平台可能没有', + refresh_token varchar(255) default null comment '刷新令牌,部分平台可能没有', + access_code varchar(255) default null comment '平台的授权信息,部分平台可能没有', + union_id varchar(255) default null comment '用户的 unionid', + scope varchar(255) default null comment '授予的权限,部分平台可能没有', + token_type varchar(255) default null comment '个别平台的授权信息,部分平台可能没有', + id_token varchar(255) default null comment 'id token,部分平台可能没有', + mac_algorithm varchar(255) default null comment '小米平台用户的附带属性,部分平台可能没有', + mac_key varchar(255) default null comment '小米平台用户的附带属性,部分平台可能没有', + code varchar(255) default null comment '用户的授权code,部分平台可能没有', + oauth_token varchar(255) default null comment 'Twitter平台用户的附带属性,部分平台可能没有', + oauth_token_secret varchar(255) default null comment 'Twitter平台用户的附带属性,部分平台可能没有', + create_dept bigint(20) comment '创建部门', + create_by bigint(20) comment '创建者', + create_time datetime comment '创建时间', + update_by bigint(20) comment '更新者', + update_time datetime comment '更新时间', + del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)', + PRIMARY KEY (id) +) engine=innodb comment = '社会化关系表'; + + +-- ---------------------------- +-- 系统授权表 +-- ---------------------------- +drop table if exists sys_client; +create table sys_client ( + id bigint(20) not null comment 'id', + client_id varchar(64) default null comment '客户端id', + client_key varchar(32) default null comment '客户端key', + client_secret varchar(255) default null comment '客户端秘钥', + grant_type varchar(255) default null comment '授权类型', + device_type varchar(32) default null comment '设备类型', + active_timeout int(11) default 1800 comment 'token活跃超时时间', + timeout int(11) default 604800 comment 'token固定超时', + status char(1) default '0' comment '状态(0正常 1停用)', + del_flag char(1) default '0' comment '删除标志(0代表存在 2代表删除)', + create_dept bigint(20) default null comment '创建部门', + create_by bigint(20) default null comment '创建者', + create_time datetime default null comment '创建时间', + update_by bigint(20) default null comment '更新者', + update_time datetime default null comment '更新时间', + primary key (id) +) engine=innodb comment='系统授权表'; + +insert into sys_client values (1, 'e5cd7e4891bf95d1d19206ce24a7b32e', 'pc', 'pc123', 'password,social', 'pc', 1800, 604800, 0, 0, 103, 1, sysdate(), 1, sysdate()); +insert into sys_client values (2, '428a8310cd442757ae699df5d894f051', 'app', 'app123', 'password,sms,social', 'app', 1800, 604800, 0, 0, 103, 1, sysdate(), 1, sysdate()); + +insert into sys_dict_type values(11, '000000', '授权类型', 'sys_grant_type', '0', 103, 1, sysdate(), null, null, '认证授权类型'); +insert into sys_dict_type values(12, '000000', '设备类型', 'sys_device_type', '0', 103, 1, sysdate(), null, null, '客户端设备类型'); + +insert into sys_dict_data values(30, '000000', 0, '密码认证', 'password', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '密码认证'); +insert into sys_dict_data values(31, '000000', 0, '短信认证', 'sms', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '短信认证'); +insert into sys_dict_data values(32, '000000', 0, '邮件认证', 'email', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '邮件认证'); +insert into sys_dict_data values(33, '000000', 0, '小程序认证', 'xcx', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '小程序认证'); +insert into sys_dict_data values(34, '000000', 0, '三方登录认证', 'social', 'sys_grant_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, '三方登录认证'); +insert into sys_dict_data values(35, '000000', 0, 'PC端', 'pc', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, 'PC端'); +insert into sys_dict_data values(36, '000000', 0, 'APP端', 'app', 'sys_device_type', '', 'default', 'N', '0', 103, 1, sysdate(), null, null, 'APP端'); + +-- 二级菜单 +insert into sys_menu values('123', '客户端管理', '1', '11', 'client', 'system/client/index', '', 1, 0, 'C', '0', '0', 'system:client:list', 'international', 103, 1, sysdate(), null, null, '客户端管理菜单'); +-- 客户端管理按钮 +insert into sys_menu values('1061', '客户端管理查询', '123', '1', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:query', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1062', '客户端管理新增', '123', '2', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:add', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1063', '客户端管理修改', '123', '3', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:edit', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1064', '客户端管理删除', '123', '4', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:remove', '#', 103, 1, sysdate(), null, null, ''); +insert into sys_menu values('1065', '客户端管理导出', '123', '5', '#', '', '', 1, 0, 'F', '0', '0', 'system:client:export', '#', 103, 1, sysdate(), null, null, ''); + +-- 角色菜单权限 +insert into sys_role_menu values ('2', '1061'); +insert into sys_role_menu values ('2', '1062'); +insert into sys_role_menu values ('2', '1063'); +insert into sys_role_menu values ('2', '1064'); +insert into sys_role_menu values ('2', '1065');