mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-06-03 03:12:25 +08:00
增加OAuth2
This commit is contained in:
zhou-hao
@@ -22,6 +22,8 @@ import reactor.core.publisher.Mono;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.*;
|
||||
import java.util.function.BiPredicate;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
@@ -207,4 +209,13 @@ public interface Authentication extends Serializable {
|
||||
*/
|
||||
Authentication merge(Authentication source);
|
||||
|
||||
/**
|
||||
* copy为新的权限信息
|
||||
*
|
||||
* @param permissionFilter 权限过滤
|
||||
* @param dimension 维度过滤
|
||||
* @return 新的权限信息
|
||||
*/
|
||||
Authentication copy(BiPredicate<Permission, String> permissionFilter,
|
||||
Predicate<Dimension> dimension);
|
||||
}
|
||||
|
||||
@@ -153,7 +153,7 @@ public interface Permission extends Serializable {
|
||||
* @see FieldFilterDataAccessConfig#getFields()
|
||||
*/
|
||||
default Optional<FieldFilterDataAccessConfig> findFieldFilter(String action) {
|
||||
return findDataAccess(conf -> FieldFilterDataAccessConfig.class.isInstance(conf) && conf.getAction().equals(action));
|
||||
return findDataAccess(conf -> conf instanceof FieldFilterDataAccessConfig && conf.getAction().equals(action));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -164,7 +164,7 @@ public interface Permission extends Serializable {
|
||||
*/
|
||||
default Set<String> findDenyFields(String action) {
|
||||
return findFieldFilter(action)
|
||||
.filter(conf -> DENY_FIELDS.equals(conf.getType()))
|
||||
.filter(conf -> DENY_FIELDS.equals(conf.getType().getId()))
|
||||
.map(FieldFilterDataAccessConfig::getFields)
|
||||
.orElseGet(Collections::emptySet);
|
||||
}
|
||||
@@ -210,6 +210,8 @@ public interface Permission extends Serializable {
|
||||
|
||||
Permission copy();
|
||||
|
||||
Permission copy(Predicate<String> actionFilter,Predicate<DataAccessConfig> dataAccessFilter);
|
||||
|
||||
/**
|
||||
* 数据权限查找判断逻辑接口
|
||||
*
|
||||
|
||||
@@ -6,10 +6,7 @@ import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFacto
|
||||
import org.hswebframework.web.authorization.simple.builder.DataAccessConfigConverter;
|
||||
import org.hswebframework.web.authorization.simple.builder.SimpleAuthenticationBuilderFactory;
|
||||
import org.hswebframework.web.authorization.simple.builder.SimpleDataAccessConfigBuilderFactory;
|
||||
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
|
||||
import org.hswebframework.web.authorization.token.UserTokenAuthenticationSupplier;
|
||||
import org.hswebframework.web.authorization.token.UserTokenReactiveAuthenticationSupplier;
|
||||
import org.hswebframework.web.authorization.token.UserTokenManager;
|
||||
import org.hswebframework.web.authorization.token.*;
|
||||
import org.hswebframework.web.authorization.twofactor.TwoFactorValidatorManager;
|
||||
import org.hswebframework.web.authorization.twofactor.defaults.DefaultTwoFactorValidatorManager;
|
||||
import org.hswebframework.web.convert.CustomMessageConverter;
|
||||
|
||||
@@ -23,7 +23,9 @@ import org.hswebframework.web.authorization.*;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.*;
|
||||
import java.util.function.BiPredicate;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Getter
|
||||
@@ -40,9 +42,10 @@ public class SimpleAuthentication implements Authentication {
|
||||
|
||||
private Map<String, Serializable> attributes = new HashMap<>();
|
||||
|
||||
public static Authentication of(){
|
||||
public static Authentication of() {
|
||||
return new SimpleAuthentication();
|
||||
}
|
||||
|
||||
@Override
|
||||
@SuppressWarnings("unchecked")
|
||||
public <T extends Serializable> Optional<T> getAttribute(String name) {
|
||||
@@ -77,4 +80,19 @@ public class SimpleAuthentication implements Authentication {
|
||||
}
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Authentication copy(BiPredicate<Permission, String> permissionFilter,
|
||||
Predicate<Dimension> dimension) {
|
||||
SimpleAuthentication authentication = new SimpleAuthentication();
|
||||
authentication.setUser(user);
|
||||
authentication.setDimensions(dimensions.stream().filter(dimension).collect(Collectors.toList()));
|
||||
authentication.setPermissions(permissions
|
||||
.stream()
|
||||
.map(permission -> permission.copy(action -> permissionFilter.test(permission, action), conf -> true))
|
||||
.filter(per -> !per.getActions().isEmpty())
|
||||
.collect(Collectors.toList())
|
||||
);
|
||||
return authentication;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,6 +5,8 @@ import org.hswebframework.web.authorization.Permission;
|
||||
import org.hswebframework.web.authorization.access.DataAccessConfig;
|
||||
|
||||
import java.util.*;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
* @author zhouhao
|
||||
@@ -42,16 +44,22 @@ public class SimplePermission implements Permission {
|
||||
return dataAccesses;
|
||||
}
|
||||
|
||||
public Permission copy() {
|
||||
@Override
|
||||
public Permission copy(Predicate<String> actionFilter,
|
||||
Predicate<DataAccessConfig> dataAccessFilter) {
|
||||
SimplePermission permission = new SimplePermission();
|
||||
|
||||
permission.setId(id);
|
||||
permission.setName(name);
|
||||
permission.setActions(new HashSet<>(getActions()));
|
||||
permission.setDataAccesses(new HashSet<>(getDataAccesses()));
|
||||
permission.setActions(getActions().stream().filter(actionFilter).collect(Collectors.toSet()));
|
||||
permission.setDataAccesses(getDataAccesses().stream().filter(dataAccessFilter).collect(Collectors.toSet()));
|
||||
if (options != null) {
|
||||
permission.setOptions(new HashMap<>(options));
|
||||
}
|
||||
return permission;
|
||||
}
|
||||
|
||||
public Permission copy() {
|
||||
return copy(action -> true, conf -> true);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,4 +15,8 @@ public interface ParsedToken {
|
||||
* @return 令牌类型
|
||||
*/
|
||||
String getType();
|
||||
|
||||
static ParsedToken of(String type, String token) {
|
||||
return SimpleParsedToken.of(type, token);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,32 @@
|
||||
package org.hswebframework.web.authorization.token;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import org.hswebframework.web.authorization.Authentication;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationSupplier;
|
||||
import org.hswebframework.web.context.ContextKey;
|
||||
import org.hswebframework.web.context.ContextUtils;
|
||||
import org.hswebframework.web.logger.ReactiveLogger;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@AllArgsConstructor
|
||||
public class ReactiveTokenAuthenticationSupplier implements ReactiveAuthenticationSupplier {
|
||||
|
||||
private final TokenAuthenticationManager tokenManager;
|
||||
|
||||
@Override
|
||||
public Mono<Authentication> get(String userId) {
|
||||
return Mono.empty();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Authentication> get() {
|
||||
return ContextUtils.reactiveContext()
|
||||
.flatMap(context ->
|
||||
context.get(ContextKey.of(ParsedToken.class))
|
||||
.map(t -> tokenManager.getByToken(t.getToken()))
|
||||
.orElseGet(Mono::empty))
|
||||
.flatMap(auth -> ReactiveLogger.mdc("userId", auth.getUser().getId())
|
||||
.then(ReactiveLogger.mdc("username", auth.getUser().getName()))
|
||||
.thenReturn(auth));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
package org.hswebframework.web.authorization.token;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
@AllArgsConstructor(staticName = "of")
|
||||
public class SimpleParsedToken implements ParsedToken{
|
||||
|
||||
private String type;
|
||||
|
||||
private String token;
|
||||
|
||||
|
||||
}
|
||||
@@ -31,4 +31,10 @@ public interface TokenAuthenticationManager {
|
||||
*/
|
||||
Mono<Void> putAuthentication(String token, Authentication auth, Duration ttl);
|
||||
|
||||
/**
|
||||
* 删除token
|
||||
* @param token token
|
||||
* @return void
|
||||
*/
|
||||
Mono<Void> removeToken(String token);
|
||||
}
|
||||
|
||||
@@ -38,6 +38,13 @@ public class RedisTokenAuthenticationManager implements TokenAuthenticationManag
|
||||
.get("token-auth:" + token);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Void> removeToken(String token) {
|
||||
return operations
|
||||
.delete(token)
|
||||
.then();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Void> putAuthentication(String token, Authentication auth, Duration ttl) {
|
||||
return ttl.isNegative()
|
||||
|
||||
Reference in New Issue
Block a user