完成 sa-token-demo-sso2-client-solon 示例 demo

sa-token-demo/sa-token-demo-sso2-client-solon/pom.xml

@@ -0,0 +1,53 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>cn.dev33</groupId>
+	<artifactId>sa-token-demo-sso2-client-solon</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+
+	<!-- Solon -->
+	<parent>
+		<groupId>org.noear</groupId>
+		<artifactId>solon-parent</artifactId>
+		<version>2.2.3</version>
+		<relativePath/>
+	</parent>
+	
+	<!-- 定义 Sa-Token 版本号 -->
+	<properties>
+		<sa-token.version>1.34.0</sa-token.version>
+	</properties>
+
+	<dependencies>
+
+		<!-- Solon 依赖 -->
+		<dependency>
+			<groupId>org.noear</groupId>
+			<artifactId>solon-api</artifactId>
+		</dependency>
+
+		<!-- Sa-Token 权限认证, 在线文档：https://sa-token.cc/ -->
+		<dependency>
+			<groupId>cn.dev33</groupId>
+			<artifactId>sa-token-solon-plugin</artifactId>
+			<version>${sa-token.version}</version>
+		</dependency>
+        
+		<!-- Sa-Token 插件：整合SSO -->
+		<dependency>
+            <groupId>cn.dev33</groupId>
+            <artifactId>sa-token-sso</artifactId>
+            <version>${sa-token.version}</version>
+        </dependency>
+
+		<!-- Sa-Token 整合 redisx -->
+		<dependency>
+			<groupId>cn.dev33</groupId>
+			<artifactId>sa-token-dao-redisx</artifactId>
+			<version>${sa-token.version}</version>
+		</dependency>
+	</dependencies>
+	
+	
+</project>

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/java/com/pj/SaConfig.java

@@ -0,0 +1,22 @@
+package com.pj;
+
+import cn.dev33.satoken.dao.SaTokenDao;
+import cn.dev33.satoken.solon.dao.SaTokenDaoOfRedis;
+import org.noear.solon.annotation.Bean;
+import org.noear.solon.annotation.Configuration;
+import org.noear.solon.annotation.Inject;
+
+/**
+ * @author noear 2023/3/13 created
+ */
+@Configuration
+public class SaConfig {
+
+    /**
+     * 配置 Sa-Token 单独使用的Redis连接 （此处需要和SSO-Server端连接同一个Redis）
+     * */
+    @Bean
+    public SaTokenDao saTokenDaoInit(@Inject("${sa-token-dao.redis}") SaTokenDaoOfRedis saTokenDao) {
+        return saTokenDao;
+    }
+}

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/java/com/pj/SaSso2ClientApp.java

@@ -0,0 +1,15 @@
+package com.pj;
+
+
+import org.noear.solon.Solon;
+import org.noear.solon.annotation.SolonMain;
+
+@SolonMain
+public class SaSso2ClientApp {
+
+	public static void main(String[] args) {
+		Solon.start(SaSso2ClientApp.class, args);
+		System.out.println("\nSa-Token SSO模式二 Client端启动成功");
+	}
+	
+}

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/java/com/pj/h5/CorsFilter.java

@@ -0,0 +1,38 @@
+package com.pj.h5;
+
+import org.noear.solon.annotation.Component;
+import org.noear.solon.core.handle.Context;
+import org.noear.solon.core.handle.Filter;
+import org.noear.solon.core.handle.FilterChain;
+
+
+/**
+ * 跨域过滤器
+ * @author kong 
+ */
+@Component(index = -200)
+public class CorsFilter implements Filter {
+	static final String OPTIONS = "OPTIONS";
+
+	@Override
+	public void doFilter(Context ctx, FilterChain chain) throws Throwable {
+		// 允许指定域访问跨域资源
+		ctx.headerSet("Access-Control-Allow-Origin", "*");
+		// 允许所有请求方式
+		ctx.headerSet("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
+		// 有效时间
+		ctx.headerSet("Access-Control-Max-Age", "3600");
+		// 允许的header参数
+		ctx.headerSet("Access-Control-Allow-Headers", "x-requested-with,satoken");
+
+		// 如果是预检请求，直接返回
+		if (OPTIONS.equals(ctx.method())) {
+			System.out.println("=======================浏览器发来了OPTIONS预检请求==========");
+			ctx.output("");
+			return;
+		}
+
+		// System.out.println("*********************************过滤器被使用**************************");
+		chain.doFilter(ctx);
+	}
+}

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/java/com/pj/h5/H5Controller.java

@@ -0,0 +1,55 @@
+package com.pj.h5;
+
+import cn.dev33.satoken.sso.SaSsoProcessor;
+import cn.dev33.satoken.sso.SaSsoUtil;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.util.SaResult;
+import org.noear.solon.annotation.Controller;
+import org.noear.solon.annotation.Mapping;
+import org.noear.solon.core.handle.Context;
+import org.noear.solon.core.handle.Render;
+
+/**
+ * 前后台分离架构下集成SSO所需的代码 （SSO-Client端）
+ * <p>（注：如果不需要前后端分离架构下集成SSO，可删除此包下所有代码）</p>
+ * @author kong
+ *
+ */
+@Controller
+public class H5Controller implements Render {
+
+	// 当前是否登录 
+	@Mapping("/sso/isLogin")
+	public Object isLogin() {
+		return SaResult.data(StpUtil.isLogin());
+	}
+	
+	// 返回SSO认证中心登录地址 
+	@Mapping("/sso/getSsoAuthUrl")
+	public SaResult getSsoAuthUrl(String clientLoginUrl) {
+		String serverAuthUrl = SaSsoUtil.buildServerAuthUrl(clientLoginUrl, "");
+		return SaResult.data(serverAuthUrl);
+	}
+	
+	// 根据ticket进行登录 
+	@Mapping("/sso/doLoginByTicket")
+	public SaResult doLoginByTicket(String ticket) {
+		Object loginId = SaSsoProcessor.instance.checkTicket(ticket, "/sso/doLoginByTicket");
+		if(loginId != null) {
+			StpUtil.login(loginId);
+			return SaResult.data(StpUtil.getTokenValue());
+		}
+		return SaResult.error("无效ticket：" + ticket); 
+	}
+
+	// 全局异常拦截并转换
+	@Override
+	public void render(Object data, Context ctx) throws Throwable {
+		if(data instanceof Exception){
+			data = SaResult.error(((Exception)data).getMessage());
+		}
+
+		ctx.render(data);
+	}
+	
+}

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/java/com/pj/sso/SsoClientController.java

@@ -0,0 +1,49 @@
+package com.pj.sso;
+
+
+import cn.dev33.satoken.sso.SaSsoProcessor;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.util.SaResult;
+import org.noear.solon.annotation.Controller;
+import org.noear.solon.annotation.Mapping;
+import org.noear.solon.core.handle.Context;
+import org.noear.solon.core.handle.Render;
+
+/**
+ * Sa-Token-SSO Client端 Controller 
+ * @author kong
+ */
+@Controller
+public class SsoClientController implements Render {
+
+	// 首页 
+	@Mapping("/")
+	public String index() {
+		String str = "<h2>Sa-Token SSO-Client 应用端</h2>" + 
+					"<p>当前会话是否登录：" + StpUtil.isLogin() + "</p>" + 
+					"<p><a href=\"javascript:location.href='/sso/login?back=' + encodeURIComponent(location.href);\">登录</a> " + 
+					"<a href='/sso/logout?back=self'>注销</a></p>"; 
+		return str;
+	}
+
+	/*
+	 * SSO-Client端：处理所有SSO相关请求 
+	 * 		http://{host}:{port}/sso/login			-- Client端登录地址，接受参数：back=登录后的跳转地址 
+	 * 		http://{host}:{port}/sso/logout			-- Client端单点注销地址（isSlo=true时打开），接受参数：back=注销后的跳转地址 
+	 * 		http://{host}:{port}/sso/logoutCall		-- Client端单点注销回调地址（isSlo=true时打开），此接口为框架回调，开发者无需关心
+	 */
+	@Mapping("/sso/*")
+	public Object ssoRequest() {
+		return SaSsoProcessor.instance.clientDister();
+	}
+
+	// 全局异常拦截并转换
+	@Override
+	public void render(Object data, Context ctx) throws Throwable {
+		if(data instanceof Exception){
+			data = SaResult.error(((Exception)data).getMessage());
+		}
+
+		ctx.render(data);
+	}
+}

sa-token-demo/sa-token-demo-sso2-client-solon/src/main/resources/app.yml

@@ -0,0 +1,26 @@
+# 端口
+server:
+    port: 9001
+
+# sa-token配置 
+sa-token: 
+    # SSO-相关配置
+    sso: 
+        # SSO-Server端 统一认证地址 
+        auth-url: http://sa-sso-server.com:9000/sso/auth
+        # auth-url: http://127.0.0.1:8848/sa-token-demo-sso-server-h5/sso-auth.html
+        # 是否打开单点注销接口
+        is-slo: true
+    
+# 配置 Sa-Token 单独使用的Redis连接 （此处需要和SSO-Server端连接同一个Redis）
+sa-token-dao: #名字可以随意取
+    redis:
+        server: "localhost:6379"
+        password: 123456
+        db: 1
+        maxTotal: 200
+        
+        
+        
+        
+