From d00a88a75ddb8638c86b34fbd5daec578ad521ea Mon Sep 17 00:00:00 2001 From: jiangqiang Date: Sat, 16 Jul 2022 11:00:07 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=A7=AF=E6=9C=A8=E6=8A=A5?= =?UTF-8?q?=E8=A1=A8=E7=9B=B8=E5=85=B3=E8=AE=BF=E9=97=AE=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../filter/TokenAuthenticationFilter.java | 31 +++---------- .../core/util/SecurityFrameworkUtils.java | 17 ------- .../config/SecurityConfiguration.java | 2 + .../yudao-module-visualization-biz/pom.xml | 7 +++ .../config/JimuReportTokenService.java | 44 +++++++++++++++++++ .../config/SecurityConfiguration.java | 26 ----------- .../src/main/resources/application.yaml | 1 - 7 files changed, 58 insertions(+), 70 deletions(-) create mode 100644 yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/config/JimuReportTokenService.java delete mode 100644 yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/security/config/SecurityConfiguration.java diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java index 29907a6a1..e87f5bc44 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java @@ -37,34 +37,13 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { private final OAuth2TokenApi oauth2TokenApi; - /** - * 积木报表内部请求获取token - * - * @param request - * @return - */ - private static String getToken(HttpServletRequest request) { - String token = request.getParameter("token"); - if (token == null) { - token = request.getHeader("X-Access-Token"); - } - return token; - } - @Override @SuppressWarnings("NullableProblems") protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { - String token; - Integer userType; - if (request.getRequestURI().startsWith("/jmreport/")) { - token = getToken(request); - userType = 2; - } else { - token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader()); - userType = WebFrameworkUtils.getLoginUserType(request); - } + String token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader()); if (StrUtil.isNotEmpty(token)) { + Integer userType = WebFrameworkUtils.getLoginUserType(request); try { // 1.1 基于 token 构建登录用户 LoginUser loginUser = buildLoginUserByToken(token, userType); @@ -109,11 +88,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { /** * 模拟登录用户,方便日常开发调试 - *

+ * * 注意,在线上环境下,一定要关闭该功能!!! * - * @param request 请求 - * @param token 模拟的 token,格式为 {@link SecurityProperties#getMockSecret()} + 用户编号 + * @param request 请求 + * @param token 模拟的 token,格式为 {@link SecurityProperties#getMockSecret()} + 用户编号 * @param userType 用户类型 * @return 模拟的 LoginUser */ diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java index a64f4aafd..5dc17b626 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java @@ -24,20 +24,6 @@ public class SecurityFrameworkUtils { private SecurityFrameworkUtils() {} - /** - * 积木报表内部请求获取token - * - * @param request - * @return - */ - private static String getToken(HttpServletRequest request) { - String token = request.getParameter("token"); - if (token == null) { - token = request.getHeader("X-Access-Token"); - } - return token; - } - /** * 从请求中,获得认证 Token * @@ -46,9 +32,6 @@ public class SecurityFrameworkUtils { * @return 认证 Token */ public static String obtainAuthorization(HttpServletRequest request, String header) { - if (request.getRequestURI().startsWith("/jmreport/")) { - return getToken(request); - } String authorization = request.getHeader(header); if (!StringUtils.hasText(authorization)) { return null; diff --git a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java index 7f671f319..f581fa102 100644 --- a/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java +++ b/yudao-module-infra/yudao-module-infra-biz/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/SecurityConfiguration.java @@ -27,6 +27,8 @@ public class SecurityConfiguration { .antMatchers("/swagger-resources/**").anonymous() .antMatchers("/webjars/**").anonymous() .antMatchers("/*/api-docs").anonymous(); + //积木报表 + registry.antMatchers("/jmreport/**").permitAll(); // Spring Boot Actuator 的安全配置 registry.antMatchers("/actuator").anonymous() .antMatchers("/actuator/**").anonymous(); diff --git a/yudao-module-visualization/yudao-module-visualization-biz/pom.xml b/yudao-module-visualization/yudao-module-visualization-biz/pom.xml index afd301de1..478079e28 100644 --- a/yudao-module-visualization/yudao-module-visualization-biz/pom.xml +++ b/yudao-module-visualization/yudao-module-visualization-biz/pom.xml @@ -23,6 +23,12 @@ ${revision} + + cn.iocoder.boot + yudao-module-system-biz + ${revision} + + cn.iocoder.boot @@ -57,5 +63,6 @@ org.jeecgframework.jimureport jimureport-spring-boot-starter + \ No newline at end of file diff --git a/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/config/JimuReportTokenService.java b/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/config/JimuReportTokenService.java new file mode 100644 index 000000000..9463e75f8 --- /dev/null +++ b/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/config/JimuReportTokenService.java @@ -0,0 +1,44 @@ +package cn.iocoder.yudao.module.visualization.config; + +import cn.hutool.core.util.StrUtil; +import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi; +import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenCheckRespDTO; +import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO; +import cn.iocoder.yudao.module.system.service.user.AdminUserService; +import org.jeecg.modules.jmreport.api.JmReportTokenServiceI; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +@Component +public class JimuReportTokenService implements JmReportTokenServiceI { + @Autowired + private OAuth2TokenApi oauth2TokenApi; + + @Autowired + private AdminUserService adminUserService; + + @Override + public String getUsername(String token) { + if (StrUtil.isNotEmpty(token)) { + OAuth2AccessTokenCheckRespDTO accessToken = oauth2TokenApi.checkAccessToken(token); + if (accessToken != null) { + Long userId = accessToken.getUserId(); + System.out.println(userId); + AdminUserDO user = adminUserService.getUser(userId); + if (user != null) { + return user.getUsername(); + } + } + } + return null; + } + + @Override + public Boolean verifyToken(String token) { + if (StrUtil.isNotEmpty(token)) { + OAuth2AccessTokenCheckRespDTO accessToken = oauth2TokenApi.checkAccessToken(token); + return accessToken != null; + } + return false; + } +} \ No newline at end of file diff --git a/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/security/config/SecurityConfiguration.java b/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/security/config/SecurityConfiguration.java deleted file mode 100644 index bc8a1f249..000000000 --- a/yudao-module-visualization/yudao-module-visualization-biz/src/main/java/cn/iocoder/yudao/module/visualization/framework/security/config/SecurityConfiguration.java +++ /dev/null @@ -1,26 +0,0 @@ -package cn.iocoder.yudao.module.visualization.framework.security.config; - -import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpMethod; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; - -/** - * visualization 模块的 Security 配置 - */ -@Configuration("visualizationSecurityConfiguration") -public class SecurityConfiguration { - - @Bean("visualizationAuthorizeRequestsCustomizer") - public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { - return new AuthorizeRequestsCustomizer() { - @Override - public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { - registry.antMatchers(HttpMethod.GET, "/jmreport/**").permitAll(); - } - }; - } - -} diff --git a/yudao-server/src/main/resources/application.yaml b/yudao-server/src/main/resources/application.yaml index 4aef3e736..5b4c550ea 100644 --- a/yudao-server/src/main/resources/application.yaml +++ b/yudao-server/src/main/resources/application.yaml @@ -69,7 +69,6 @@ yudao: security: permit-all_urls: - /admin-ui/** # /resources/admin-ui 目录下的静态资源 - - /jmreport/** swagger: title: 管理后台 description: 提供管理员管理的所有功能