mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-06-02 10:57:49 +08:00
优化权限
This commit is contained in:
zhou-hao
@@ -2,6 +2,7 @@ package org.hswebframework.web.authorization.basic.configuration;
|
||||
|
||||
import org.hswebframework.web.authorization.AuthenticationManager;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationManager;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationManagerProvider;
|
||||
import org.hswebframework.web.authorization.access.DataAccessController;
|
||||
import org.hswebframework.web.authorization.access.DataAccessHandler;
|
||||
import org.hswebframework.web.authorization.basic.aop.AopMethodAuthorizeDefinitionParser;
|
||||
@@ -99,8 +100,8 @@ public class AuthorizingHandlerAutoConfiguration {
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean(ReactiveAuthenticationManager.class)
|
||||
public ReactiveAuthenticationManager embedAuthenticationManager(EmbedAuthenticationProperties properties) {
|
||||
// @ConditionalOnMissingBean(ReactiveAuthenticationManager.class)
|
||||
public ReactiveAuthenticationManagerProvider embedAuthenticationManager(EmbedAuthenticationProperties properties) {
|
||||
return new EmbedReactiveAuthenticationManager(properties);
|
||||
}
|
||||
|
||||
|
||||
@@ -159,6 +159,7 @@ public class DefaultBasicAuthorizeDefinition implements AopAuthorizeDefinition {
|
||||
for (ResourceAction action : ann.actions()) {
|
||||
putAnnotation(resource, action);
|
||||
}
|
||||
resource.setGroup(new ArrayList<>(Arrays.asList(ann.group())));
|
||||
resources.addResource(resource, ann.merge());
|
||||
}
|
||||
|
||||
|
||||
@@ -4,6 +4,7 @@ import lombok.AllArgsConstructor;
|
||||
import org.hswebframework.web.authorization.Authentication;
|
||||
import org.hswebframework.web.authorization.AuthenticationRequest;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationManager;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationManagerProvider;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.annotation.Order;
|
||||
@@ -16,7 +17,7 @@ import reactor.core.publisher.Mono;
|
||||
|
||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||
@AllArgsConstructor
|
||||
public class EmbedReactiveAuthenticationManager implements ReactiveAuthenticationManager {
|
||||
public class EmbedReactiveAuthenticationManager implements ReactiveAuthenticationManagerProvider {
|
||||
|
||||
private EmbedAuthenticationProperties properties;
|
||||
|
||||
|
||||
@@ -17,18 +17,19 @@
|
||||
|
||||
package org.hswebframework.web.authorization.basic.web;
|
||||
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import io.swagger.annotations.ApiParam;
|
||||
import lombok.SneakyThrows;
|
||||
import org.hswebframework.web.authorization.Authentication;
|
||||
import org.hswebframework.web.authorization.AuthenticationManager;
|
||||
import org.hswebframework.web.authorization.ReactiveAuthenticationManager;
|
||||
import org.hswebframework.web.authorization.annotation.Authorize;
|
||||
import org.hswebframework.web.authorization.events.*;
|
||||
import org.hswebframework.web.authorization.events.AuthorizationBeforeEvent;
|
||||
import org.hswebframework.web.authorization.events.AuthorizationDecodeEvent;
|
||||
import org.hswebframework.web.authorization.events.AuthorizationFailedEvent;
|
||||
import org.hswebframework.web.authorization.events.AuthorizationSuccessEvent;
|
||||
import org.hswebframework.web.authorization.exception.UnAuthorizedException;
|
||||
import org.hswebframework.web.authorization.simple.CompositeReactiveAuthenticationManager;
|
||||
import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest;
|
||||
import org.hswebframework.web.logging.AccessLogger;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.http.MediaType;
|
||||
@@ -36,7 +37,6 @@ import org.springframework.util.Assert;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.Map;
|
||||
import java.util.function.Function;
|
||||
|
||||
@@ -45,16 +45,15 @@ import java.util.function.Function;
|
||||
*/
|
||||
@RestController
|
||||
@RequestMapping("${hsweb.web.mappings.authorize:authorize}")
|
||||
@AccessLogger("授权")
|
||||
@Api(tags = "权限-用户授权", value = "授权")
|
||||
public class AuthorizationController {
|
||||
|
||||
@Autowired
|
||||
private ReactiveAuthenticationManager authenticationManager;
|
||||
|
||||
@Autowired
|
||||
private ApplicationEventPublisher eventPublisher;
|
||||
|
||||
@Autowired
|
||||
private ReactiveAuthenticationManager authenticationManager;
|
||||
|
||||
@GetMapping("/me")
|
||||
@Authorize
|
||||
@ApiOperation("当前登录用户权限信息")
|
||||
@@ -65,6 +64,7 @@ public class AuthorizationController {
|
||||
|
||||
@PostMapping(value = "/login", consumes = MediaType.APPLICATION_JSON_VALUE)
|
||||
@ApiOperation("用户名密码登录,json方式")
|
||||
@Authorize(ignore = true)
|
||||
public Mono<Map<String, Object>> authorizeByJson(@ApiParam(example = "{\"username\":\"admin\",\"password\":\"admin\"}")
|
||||
@RequestBody Mono<Map<String, Object>> parameter) {
|
||||
return doLogin(parameter);
|
||||
@@ -72,6 +72,7 @@ public class AuthorizationController {
|
||||
|
||||
@PostMapping(value = "/login", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
|
||||
@ApiOperation("用户名密码登录,参数方式")
|
||||
@Authorize(ignore = true)
|
||||
public Mono<Map<String, Object>> authorizeByUrlEncoded(@ApiParam(hidden = true) @RequestParam Map<String, Object> parameter) {
|
||||
|
||||
return doLogin(Mono.just(parameter));
|
||||
@@ -102,6 +103,7 @@ public class AuthorizationController {
|
||||
// 验证通过
|
||||
return authenticationManager
|
||||
.authenticate(Mono.just(new PlainTextUsernamePasswordAuthenticationRequest(username, password)))
|
||||
.switchIfEmpty(Mono.error(() -> new IllegalArgumentException("密码错误")))
|
||||
.map(auth -> {
|
||||
//触发授权成功事件
|
||||
AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(auth, parameterGetter);
|
||||
|
||||
@@ -0,0 +1,56 @@
|
||||
package org.hswebframework.web.authorization.basic.web;
|
||||
|
||||
import org.hswebframework.web.authorization.*;
|
||||
import org.hswebframework.web.authorization.simple.CompositeReactiveAuthenticationManager;
|
||||
import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest;
|
||||
import org.hswebframework.web.authorization.simple.SimpleAuthentication;
|
||||
import org.hswebframework.web.authorization.simple.SimpleUser;
|
||||
import org.junit.Test;
|
||||
import reactor.core.publisher.Mono;
|
||||
import reactor.test.StepVerifier;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
|
||||
public class CompositeReactiveAuthenticationManagerTest {
|
||||
|
||||
@Test
|
||||
public void test() {
|
||||
CompositeReactiveAuthenticationManager manager = new CompositeReactiveAuthenticationManager(
|
||||
Arrays.asList(
|
||||
new ReactiveAuthenticationManagerProvider() {
|
||||
@Override
|
||||
public Mono<Authentication> authenticate(Mono<AuthenticationRequest> request) {
|
||||
return Mono.error(new IllegalArgumentException("密码错误"));
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Authentication> getByUserId(String userId) {
|
||||
return Mono.empty();
|
||||
}
|
||||
},
|
||||
new ReactiveAuthenticationManagerProvider() {
|
||||
@Override
|
||||
public Mono<Authentication> authenticate(Mono<AuthenticationRequest> request) {
|
||||
SimpleAuthentication authentication = new SimpleAuthentication();
|
||||
authentication.setUser(SimpleUser.builder().id("test").build());
|
||||
|
||||
return Mono.just(authentication);
|
||||
}
|
||||
|
||||
@Override
|
||||
public Mono<Authentication> getByUserId(String userId) {
|
||||
return Mono.empty();
|
||||
}
|
||||
}
|
||||
)
|
||||
);
|
||||
|
||||
manager.authenticate(Mono.just(new PlainTextUsernamePasswordAuthenticationRequest()))
|
||||
.map(Authentication::getUser)
|
||||
.map(User::getId)
|
||||
.as(StepVerifier::create)
|
||||
.expectNext("test")
|
||||
.verifyComplete();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user