mirror of
https://gitee.com/dromara/sa-token.git
synced 2025-06-28 13:16:24 +08:00
refactor: API Sign 模块拆分独立插件包:sa-token-sign
This commit is contained in:
click33
parent
9fcaf89412
commit
df91c2ece0
@ -184,6 +184,11 @@
|
||||
<artifactId>sa-token-apikey</artifactId>
|
||||
<version>${revision}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
<version>${revision}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-quick-login</artifactId>
|
||||
|
||||
@ -34,7 +34,6 @@ import cn.dev33.satoken.same.SaSameTemplate;
|
||||
import cn.dev33.satoken.secure.totp.SaTotpTemplate;
|
||||
import cn.dev33.satoken.serializer.SaSerializerTemplate;
|
||||
import cn.dev33.satoken.serializer.impl.SaSerializerTemplateForJson;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import cn.dev33.satoken.stp.StpInterfaceDefaultImpl;
|
||||
import cn.dev33.satoken.stp.StpLogic;
|
||||
@ -238,25 +237,6 @@ public class SaManager {
|
||||
return saSerializerTemplate;
|
||||
}
|
||||
|
||||
/**
|
||||
* API 参数签名
|
||||
*/
|
||||
private volatile static SaSignTemplate saSignTemplate;
|
||||
public static void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaManager.saSignTemplate = saSignTemplate;
|
||||
SaTokenEventCenter.doRegisterComponent("SaSignTemplate", saSignTemplate);
|
||||
}
|
||||
public static SaSignTemplate getSaSignTemplate() {
|
||||
if (saSignTemplate == null) {
|
||||
synchronized (SaManager.class) {
|
||||
if (saSignTemplate == null) {
|
||||
SaManager.saSignTemplate = new SaSignTemplate();
|
||||
}
|
||||
}
|
||||
}
|
||||
return saSignTemplate;
|
||||
}
|
||||
|
||||
/**
|
||||
* Same-Token 同源系统认证模块
|
||||
*/
|
||||
|
||||
@ -21,8 +21,6 @@ import cn.dev33.satoken.stp.parameter.enums.SaReplacedRange;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* Sa-Token 配置类 Model
|
||||
@ -223,16 +221,6 @@ public class SaTokenConfig implements Serializable {
|
||||
*/
|
||||
public SaCookieConfig cookie = new SaCookieConfig();
|
||||
|
||||
/**
|
||||
* API 签名配置对象
|
||||
*/
|
||||
public SaSignConfig sign = new SaSignConfig();
|
||||
|
||||
/**
|
||||
* API 签名配置 多实例
|
||||
*/
|
||||
public Map<String, SaSignConfig> signMany = new LinkedHashMap<>();
|
||||
|
||||
/**
|
||||
* @return token 名称 (同时也是: cookie 名称、提交 token 时参数的名称、存储 token 时的 key 前缀)
|
||||
*/
|
||||
@ -861,42 +849,6 @@ public class SaTokenConfig implements Serializable {
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return API 签名全局配置对象
|
||||
*/
|
||||
public SaSignConfig getSign() {
|
||||
return sign;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param sign API 签名全局配置对象
|
||||
* @return 对象自身
|
||||
*/
|
||||
public SaTokenConfig setSign(SaSignConfig sign) {
|
||||
this.sign = sign;
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 API 签名配置 多实例
|
||||
*
|
||||
* @return /
|
||||
*/
|
||||
public Map<String, SaSignConfig> getSignMany() {
|
||||
return this.signMany;
|
||||
}
|
||||
|
||||
/**
|
||||
* 设置 API 签名配置 多实例
|
||||
*
|
||||
* @param signMany /
|
||||
* @return /
|
||||
*/
|
||||
public SaTokenConfig setSignMany(Map<String, SaSignConfig> signMany) {
|
||||
this.signMany = signMany;
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
@ -938,8 +890,6 @@ public class SaTokenConfig implements Serializable {
|
||||
+ ", sameTokenTimeout=" + sameTokenTimeout
|
||||
+ ", checkSameToken=" + checkSameToken
|
||||
+ ", cookie=" + cookie
|
||||
+ ", sign=" + sign
|
||||
+ ", signMany=" + signMany
|
||||
+ "]";
|
||||
}
|
||||
|
||||
@ -954,7 +904,7 @@ public class SaTokenConfig implements Serializable {
|
||||
*/
|
||||
@Deprecated
|
||||
public long getActivityTimeout() {
|
||||
System.err.println("配置项已过期,请更换:sa-token.activity-timeout -> sa-token.active-timeout");
|
||||
// System.err.println("配置项已过期,请更换:sa-token.activity-timeout -> sa-token.active-timeout");
|
||||
return activeTimeout;
|
||||
}
|
||||
|
||||
|
||||
@ -193,42 +193,6 @@ public interface SaErrorCode {
|
||||
/** RSA 私钥解密异常 */
|
||||
int CODE_12119 = 12119;
|
||||
|
||||
// ------------
|
||||
|
||||
/** 参与参数签名的秘钥不可为空 */
|
||||
int CODE_12201 = 12201;
|
||||
|
||||
/** 给定的签名无效 */
|
||||
int CODE_12202 = 12202;
|
||||
|
||||
/** timestamp 超出允许的范围 */
|
||||
int CODE_12203 = 12203;
|
||||
|
||||
/** 未找到对应 appid 的 SaSignConfig */
|
||||
int CODE_12211 = 12211;
|
||||
|
||||
// ------------
|
||||
|
||||
/** 无效 API Key */
|
||||
int CODE_12301 = 12301;
|
||||
|
||||
/** API Key 已过期 */
|
||||
int CODE_12302 = 12302;
|
||||
|
||||
/** API Key 已被禁用 */
|
||||
int CODE_12303 = 12303;
|
||||
|
||||
/** API Key 字段自检未通过 */
|
||||
int CODE_12304 = 12304;
|
||||
|
||||
/** 未开启索引记录功能却调用了相关 API */
|
||||
int CODE_12305 = 12305;
|
||||
|
||||
/** API Key 不具有指定 Scope */
|
||||
int CODE_12311 = 12311;
|
||||
|
||||
/** API Key 不属于指定用户 */
|
||||
int CODE_12312 = 12312;
|
||||
|
||||
// ------------
|
||||
|
||||
|
||||
@ -148,36 +148,4 @@ public class SaTokenException extends RuntimeException {
|
||||
}
|
||||
}
|
||||
|
||||
// ------------------- 已过期 -------------------
|
||||
|
||||
/**
|
||||
* 如果flag==true,则抛出message异常
|
||||
* <h2>已过期:请使用 notTrue 代替,用法不变</h2>
|
||||
*
|
||||
* @param flag 标记
|
||||
* @param message 异常信息
|
||||
* @param code 异常细分状态码
|
||||
*/
|
||||
@Deprecated
|
||||
public static void throwBy(boolean flag, String message, int code) {
|
||||
if(flag) {
|
||||
throw new SaTokenException(message).setCode(code);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 如果value==null或者isEmpty,则抛出message异常
|
||||
* <h2>已过期:请使用 notEmpty 代替,用法不变</h2>
|
||||
*
|
||||
* @param value 值
|
||||
* @param message 异常信息
|
||||
* @param code 异常细分状态码
|
||||
*/
|
||||
@Deprecated
|
||||
public static void throwByNull(Object value, String message, int code) {
|
||||
if(SaFoxUtil.isEmpty(value)) {
|
||||
throw new SaTokenException(message).setCode(code);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -61,7 +61,6 @@ public final class SaAnnotationStrategy {
|
||||
annotationHandlerMap.put(SaCheckHttpBasic.class, new SaCheckHttpBasicHandler());
|
||||
annotationHandlerMap.put(SaCheckHttpDigest.class, new SaCheckHttpDigestHandler());
|
||||
annotationHandlerMap.put(SaCheckOr.class, new SaCheckOrHandler());
|
||||
annotationHandlerMap.put(SaCheckSign.class, new SaCheckSignHandler());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
package com.pj.h5;
|
||||
|
||||
import cn.dev33.satoken.sso.template.SaSsoUtil;
|
||||
import cn.dev33.satoken.sso.template.SaSsoServerUtil;
|
||||
import cn.dev33.satoken.sso.util.SaSsoConsts;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
@ -30,11 +30,11 @@ public class H5Controller {
|
||||
redirect = SaFoxUtil.decoderUrl(redirect);
|
||||
if(SaSsoConsts.MODE_SIMPLE.equals(mode)) {
|
||||
// 模式一
|
||||
SaSsoUtil.checkRedirectUrl(client, redirect);
|
||||
SaSsoServerUtil.checkRedirectUrl(client, redirect);
|
||||
return SaResult.data(redirect);
|
||||
} else {
|
||||
// 模式二或模式三
|
||||
String redirectUrl = SaSsoUtil.buildRedirectUrl(client, redirect, StpUtil.getLoginId(), StpUtil.getLoginDeviceId());
|
||||
String redirectUrl = SaSsoServerUtil.buildRedirectUrl(client, redirect, StpUtil.getLoginId(), StpUtil.getLoginDeviceId());
|
||||
return SaResult.data(redirectUrl);
|
||||
}
|
||||
}
|
||||
|
||||
@ -67,6 +67,13 @@
|
||||
<artifactId>commons-pool2</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Sa-Token API 参数签名 -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
<version>${sa-token.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- @ConfigurationProperties -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
||||
@ -1,7 +1,6 @@
|
||||
package com.pj.test;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckHttpDigest;
|
||||
import cn.dev33.satoken.annotation.SaCheckSign;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.session.SaSession;
|
||||
import cn.dev33.satoken.session.SaTerminalInfo;
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
- 请求参数被篡改。
|
||||
- 请求被抓包,然后重放攻击。
|
||||
|
||||
sa-token api-sign 模块将帮你轻松解决以上难题。*(此插件是内嵌到 sa-token-core 核心包中的模块,开发者无需再次引入其它依赖,插件直接可用)*
|
||||
sa-token-sign 模块将帮你轻松解决以上难题。
|
||||
|
||||
本篇将根据假设的需求场景,循序渐进讲明白跨系统接口调用时必做的几个步骤,以及为什么要有这些步骤的原因。
|
||||
|
||||
@ -383,7 +383,7 @@ public SaResult addMoney(long userId, long money, long timestamp, String nonce,
|
||||
|
||||
### 9、使用 Sa-Token 框架完成 API 参数签名
|
||||
|
||||
接下来步入正题,使用 Sa-Token 内置的 sign 模块,方便的完成 API 签名创建、校验等步骤:
|
||||
接下来步入正题,使用 sa-token-sign 模块,方便的完成 API 签名创建、校验等步骤:
|
||||
- 不限制请求的参数数量,方便组织业务需求代码。
|
||||
- 自动补全 nonce、timestamp 参数,省时省力。
|
||||
- 自动构建签名,并序列化参数为字符串。
|
||||
@ -391,16 +391,16 @@ public SaResult addMoney(long userId, long money, long timestamp, String nonce,
|
||||
|
||||
|
||||
#### 9.1、引入依赖
|
||||
api-sign 模块已内嵌到核心包,只需要引入 sa-token 本身依赖即可:(请求发起端和接收端都需要引入)
|
||||
请求发起端和接收端都需要引入:
|
||||
|
||||
<!---------------------------- tabs:start ---------------------------->
|
||||
<!-------- tab:Maven 方式 -------->
|
||||
|
||||
``` xml
|
||||
<!-- Sa-Token 权限认证,在线文档:https://sa-token.cc -->
|
||||
<!-- Sa-Token 整合 API 参数签名校验 -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-spring-boot-starter</artifactId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
<version>${sa.top.version}</version>
|
||||
</dependency>
|
||||
```
|
||||
@ -408,8 +408,8 @@ api-sign 模块已内嵌到核心包,只需要引入 sa-token 本身依赖即
|
||||
<!-------- tab:Gradle 方式 -------->
|
||||
|
||||
``` gradle
|
||||
// Sa-Token 权限认证,在线文档:https://sa-token.cc
|
||||
implementation 'cn.dev33:sa-token-spring-boot-starter:${sa.top.version}'
|
||||
// Sa-Token 整合 API 参数签名校验
|
||||
implementation 'cn.dev33:sa-token-sign:${sa.top.version}'
|
||||
```
|
||||
<!---------------------------- tabs:end ---------------------------->
|
||||
|
||||
|
||||
@ -201,6 +201,7 @@ Maven依赖一直无法加载成功?[参考解决方案](https://sa-token.cc/d
|
||||
├── sa-token-sso // [插件] Sa-Token 实现 SSO 单点登录
|
||||
├── sa-token-oauth2 // [插件] Sa-Token 实现 OAuth2.0 认证
|
||||
├── sa-token-apikey // [插件] Sa-Token 实现 API Key 认证
|
||||
├── sa-token-sign // [插件] Sa-Token 实现 API 参数签名
|
||||
├── sa-token-redisson // [插件] Sa-Token 整合 Redisson (数据缓存插件)
|
||||
├── sa-token-redisx // [插件] Sa-Token 整合 Redisx (数据缓存插件)
|
||||
├── sa-token-serializer-features // [插件] Sa-Token 序列化实现扩展
|
||||
@ -213,6 +214,7 @@ Maven依赖一直无法加载成功?[参考解决方案](https://sa-token.cc/d
|
||||
├── sa-token-grpc // [插件] Sa-Token 整合 gRPC (RPC 调用鉴权、状态传递)
|
||||
├── sa-token-quick-login // [插件] Sa-Token 快速注入登录页插件
|
||||
├── sa-token-redisson-spring-boot-starter // [插件] Sa-Token 整合 Redisson - SpringBoot 自动配置包 (数据缓存插件)
|
||||
├── sa-token-forest // [插件] Sa-Token 整合 Forest,http 请求
|
||||
├── sa-token-demo // [示例] Sa-Token 示例合集
|
||||
├── sa-token-demo-alone-redis // [示例] Sa-Token 集成 alone-redis 模块
|
||||
├── sa-token-demo-alone-redis-cluster // [示例] Sa-Token 集成 alone-redis 模块、集群模式
|
||||
|
||||
@ -34,6 +34,7 @@
|
||||
<module>sa-token-sso</module>
|
||||
<module>sa-token-oauth2</module>
|
||||
<module>sa-token-apikey</module>
|
||||
<module>sa-token-sign</module>
|
||||
<module>sa-token-redisson</module>
|
||||
<module>sa-token-redisx</module>
|
||||
<module>sa-token-serializer-features</module>
|
||||
|
||||
@ -0,0 +1,47 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.apikey.error;
|
||||
|
||||
/**
|
||||
* 定义 sa-token-apikey 模块所有异常细分状态码
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public interface SaApiKeyErrorCode {
|
||||
|
||||
/** 无效 API Key */
|
||||
int CODE_12301 = 12301;
|
||||
|
||||
/** API Key 已过期 */
|
||||
int CODE_12302 = 12302;
|
||||
|
||||
/** API Key 已被禁用 */
|
||||
int CODE_12303 = 12303;
|
||||
|
||||
/** API Key 字段自检未通过 */
|
||||
int CODE_12304 = 12304;
|
||||
|
||||
/** 未开启索引记录功能却调用了相关 API */
|
||||
int CODE_12305 = 12305;
|
||||
|
||||
/** API Key 不具有指定 Scope */
|
||||
int CODE_12311 = 12311;
|
||||
|
||||
/** API Key 不属于指定用户 */
|
||||
int CODE_12312 = 12312;
|
||||
|
||||
}
|
||||
@ -13,7 +13,9 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.exception;
|
||||
package cn.dev33.satoken.apikey.exception;
|
||||
|
||||
import cn.dev33.satoken.exception.SaTokenException;
|
||||
|
||||
/**
|
||||
* 一个异常:代表 ApiKey 相关错误
|
||||
@ -13,7 +13,7 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.exception;
|
||||
package cn.dev33.satoken.apikey.exception;
|
||||
|
||||
/**
|
||||
* 一个异常:代表 ApiKey Scope 相关错误
|
||||
@ -15,9 +15,9 @@
|
||||
*/
|
||||
package cn.dev33.satoken.apikey.model;
|
||||
|
||||
import cn.dev33.satoken.apikey.error.SaApiKeyErrorCode;
|
||||
import cn.dev33.satoken.apikey.exception.ApiKeyException;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
import cn.dev33.satoken.error.SaErrorCode;
|
||||
import cn.dev33.satoken.exception.ApiKeyException;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
import java.io.Serializable;
|
||||
@ -140,19 +140,19 @@ public class ApiKeyModel implements Serializable {
|
||||
*/
|
||||
public void checkByCanSaved() {
|
||||
if (SaFoxUtil.isEmpty(this.apiKey)) {
|
||||
throw new ApiKeyException("ApiKey 值不可为空").setApiKey(apiKey).setCode(SaErrorCode.CODE_12304);
|
||||
throw new ApiKeyException("ApiKey 值不可为空").setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12304);
|
||||
}
|
||||
if (this.loginId == null) {
|
||||
throw new ApiKeyException("无效 ApiKey: " + apiKey).setApiKey(apiKey).setCode(SaErrorCode.CODE_12304);
|
||||
throw new ApiKeyException("无效 ApiKey: " + apiKey).setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12304);
|
||||
}
|
||||
if (this.createTime == 0) {
|
||||
throw new ApiKeyException("请指定 createTime 创建时间").setApiKey(apiKey).setCode(SaErrorCode.CODE_12304);
|
||||
throw new ApiKeyException("请指定 createTime 创建时间").setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12304);
|
||||
}
|
||||
if (this.expiresTime == 0) {
|
||||
throw new ApiKeyException("请指定 expiresTime 过期时间").setApiKey(apiKey).setCode(SaErrorCode.CODE_12304);
|
||||
throw new ApiKeyException("请指定 expiresTime 过期时间").setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12304);
|
||||
}
|
||||
if (this.isValid == null) {
|
||||
throw new ApiKeyException("请指定 isValid 是否生效").setApiKey(apiKey).setCode(SaErrorCode.CODE_12304);
|
||||
throw new ApiKeyException("请指定 isValid 是否生效").setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12304);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -17,14 +17,14 @@ package cn.dev33.satoken.apikey.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.apikey.SaApiKeyManager;
|
||||
import cn.dev33.satoken.apikey.error.SaApiKeyErrorCode;
|
||||
import cn.dev33.satoken.apikey.exception.ApiKeyException;
|
||||
import cn.dev33.satoken.apikey.exception.ApiKeyScopeException;
|
||||
import cn.dev33.satoken.apikey.model.ApiKeyModel;
|
||||
import cn.dev33.satoken.config.SaTokenConfig;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
import cn.dev33.satoken.error.SaErrorCode;
|
||||
import cn.dev33.satoken.exception.ApiKeyException;
|
||||
import cn.dev33.satoken.exception.ApiKeyScopeException;
|
||||
import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
|
||||
import cn.dev33.satoken.session.SaSession;
|
||||
import cn.dev33.satoken.session.raw.SaRawSessionDelegator;
|
||||
@ -124,13 +124,13 @@ public class SaApiKeyTemplate {
|
||||
public ApiKeyModel checkApiKey(String apiKey) {
|
||||
ApiKeyModel ak = getApiKey(apiKey);
|
||||
if(ak == null) {
|
||||
throw new ApiKeyException("无效 API Key: " + apiKey).setApiKey(apiKey).setCode(SaErrorCode.CODE_12301);
|
||||
throw new ApiKeyException("无效 API Key: " + apiKey).setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12301);
|
||||
}
|
||||
if(ak.timeExpired()) {
|
||||
throw new ApiKeyException("API Key 已过期: " + apiKey).setApiKey(apiKey).setCode(SaErrorCode.CODE_12302);
|
||||
throw new ApiKeyException("API Key 已过期: " + apiKey).setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12302);
|
||||
}
|
||||
if(! ak.getIsValid()) {
|
||||
throw new ApiKeyException("API Key 已被禁用: " + apiKey).setApiKey(apiKey).setCode(SaErrorCode.CODE_12303);
|
||||
throw new ApiKeyException("API Key 已被禁用: " + apiKey).setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12303);
|
||||
}
|
||||
return ak;
|
||||
}
|
||||
@ -315,7 +315,7 @@ public class SaApiKeyTemplate {
|
||||
throw new ApiKeyScopeException("该 API Key 不具备 Scope:" + scope)
|
||||
.setApiKey(apiKey)
|
||||
.setScope(scope)
|
||||
.setCode(SaErrorCode.CODE_12311);
|
||||
.setCode(SaApiKeyErrorCode.CODE_12311);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -352,7 +352,7 @@ public class SaApiKeyTemplate {
|
||||
throw new ApiKeyScopeException("该 API Key 不具备 Scope:" + scopes[0])
|
||||
.setApiKey(apiKey)
|
||||
.setScope(scopes[0])
|
||||
.setCode(SaErrorCode.CODE_12311);
|
||||
.setCode(SaApiKeyErrorCode.CODE_12311);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -378,12 +378,12 @@ public class SaApiKeyTemplate {
|
||||
public void checkApiKeyLoginId(String apiKey, Object loginId) {
|
||||
ApiKeyModel ak = getApiKey(apiKey);
|
||||
if(ak == null) {
|
||||
throw new ApiKeyException("无效 API Key: " + apiKey).setApiKey(apiKey).setCode(SaErrorCode.CODE_12301);
|
||||
throw new ApiKeyException("无效 API Key: " + apiKey).setApiKey(apiKey).setCode(SaApiKeyErrorCode.CODE_12301);
|
||||
}
|
||||
if (SaFoxUtil.notEquals(String.valueOf(ak.getLoginId()), String.valueOf(loginId))) {
|
||||
throw new ApiKeyException("该 API Key 不属于用户: " + loginId)
|
||||
.setApiKey(apiKey)
|
||||
.setCode(SaErrorCode.CODE_12312);
|
||||
.setCode(SaApiKeyErrorCode.CODE_12312);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -28,6 +28,11 @@
|
||||
<artifactId>sa-token-jwt</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<!-- sa-token-sign 校验 nonce -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
||||
|
||||
@ -15,7 +15,6 @@
|
||||
*/
|
||||
package cn.dev33.satoken.oauth2.scope.handler;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.jwt.SaJwtUtil;
|
||||
@ -29,6 +28,7 @@ import cn.dev33.satoken.oauth2.data.model.oidc.IdTokenModel;
|
||||
import cn.dev33.satoken.oauth2.data.model.request.ClientIdAndSecretModel;
|
||||
import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception;
|
||||
import cn.dev33.satoken.oauth2.scope.CommonScope;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
@ -127,7 +127,7 @@ public class OidcScopeHandler implements SaOAuth2ScopeHandlerInterface {
|
||||
if(SaFoxUtil.isEmpty(nonce)) {
|
||||
nonce = SaFoxUtil.getRandomString(32);
|
||||
}
|
||||
SaManager.getSaSignTemplate().checkNonce(nonce);
|
||||
SaSignManager.getSaSignTemplate().checkNonce(nonce);
|
||||
return nonce;
|
||||
}
|
||||
|
||||
|
||||
21
sa-token-plugin/sa-token-sign/pom.xml
Normal file
21
sa-token-plugin/sa-token-sign/pom.xml
Normal file
@ -0,0 +1,21 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>sa-token-plugin</artifactId>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<version>${revision}</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-core</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@ -0,0 +1,35 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.plugin;
|
||||
|
||||
import cn.dev33.satoken.sign.annotation.handle.SaCheckSignHandler;
|
||||
import cn.dev33.satoken.strategy.SaAnnotationStrategy;
|
||||
|
||||
/**
|
||||
* SaToken 插件安装:API 参数签名 组件
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public class SaTokenPluginForSign implements SaTokenPlugin {
|
||||
|
||||
@Override
|
||||
public void install() {
|
||||
// 安装 API 参数签名 鉴权注解
|
||||
SaAnnotationStrategy.instance.registerAnnotationHandler(new SaCheckSignHandler());
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,91 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.listener.SaTokenEventCenter;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.template.SaSignTemplate;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 管理 Sa-Token API 参数签名 所有全局组件
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public class SaSignManager {
|
||||
|
||||
/**
|
||||
* API 参数签名 配置 Bean
|
||||
*/
|
||||
private static volatile SaSignConfig config;
|
||||
public static SaSignConfig getConfig() {
|
||||
if (config == null) {
|
||||
// 初始化默认值
|
||||
synchronized (SaSignManager.class) {
|
||||
if (config == null) {
|
||||
setConfig(new SaSignConfig());
|
||||
}
|
||||
}
|
||||
}
|
||||
return config;
|
||||
}
|
||||
public static void setConfig(SaSignConfig config) {
|
||||
SaSignManager.config = config;
|
||||
}
|
||||
|
||||
/**
|
||||
* API 签名配置 多实例 配置 Bean
|
||||
*/
|
||||
private static volatile Map<String, SaSignConfig> signMany;
|
||||
public static Map<String, SaSignConfig> getSignMany() {
|
||||
if (signMany == null) {
|
||||
// 初始化默认值
|
||||
synchronized (SaSignManager.class) {
|
||||
if (signMany == null) {
|
||||
setSignMany(new LinkedHashMap<>());
|
||||
}
|
||||
}
|
||||
}
|
||||
return signMany;
|
||||
}
|
||||
public static void setSignMany(Map<String, SaSignConfig> signMany) {
|
||||
SaSignManager.signMany = signMany;
|
||||
}
|
||||
|
||||
/**
|
||||
* API 参数签名
|
||||
*/
|
||||
private volatile static SaSignTemplate saSignTemplate;
|
||||
public static void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaSignManager.saSignTemplate = saSignTemplate;
|
||||
SaTokenEventCenter.doRegisterComponent("SaSignTemplate", saSignTemplate);
|
||||
}
|
||||
public static SaSignTemplate getSaSignTemplate() {
|
||||
if (saSignTemplate == null) {
|
||||
synchronized (SaManager.class) {
|
||||
if (saSignTemplate == null) {
|
||||
SaSignManager.saSignTemplate = new SaSignTemplate();
|
||||
}
|
||||
}
|
||||
}
|
||||
return saSignTemplate;
|
||||
}
|
||||
|
||||
}
|
||||
@ -13,7 +13,7 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.annotation;
|
||||
package cn.dev33.satoken.sign.annotation;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
@ -21,7 +21,7 @@ import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* 权限认证校验:必须具有正确的参数签名才可以通过校验
|
||||
* API 参数签名校验:必须具有正确的参数签名才可以通过校验
|
||||
*
|
||||
* <p> 可标注在方法、类上(效果等同于标注在此类的所有方法上)
|
||||
*
|
||||
@ -13,12 +13,13 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.annotation.handler;
|
||||
package cn.dev33.satoken.sign.annotation.handle;
|
||||
|
||||
import cn.dev33.satoken.annotation.SaCheckSign;
|
||||
import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
|
||||
import cn.dev33.satoken.sign.annotation.SaCheckSign;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.sign.SaSignMany;
|
||||
import cn.dev33.satoken.sign.template.SaSignMany;
|
||||
|
||||
import java.lang.reflect.AnnotatedElement;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.config;
|
||||
package cn.dev33.satoken.sign.config;
|
||||
|
||||
import cn.dev33.satoken.exception.SaTokenException;
|
||||
import cn.dev33.satoken.fun.SaParamRetFunction;
|
||||
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign.config;
|
||||
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* SaSignManyConfig 配置包装类,以更方便框架完成属性注入操作
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public class SaSignManyConfigWrapper {
|
||||
|
||||
public Map<String, SaSignConfig> signMany = new LinkedHashMap<>();
|
||||
|
||||
/**
|
||||
* 获取
|
||||
*
|
||||
* @return signMany
|
||||
*/
|
||||
public Map<String, SaSignConfig> getSignMany() {
|
||||
return this.signMany;
|
||||
}
|
||||
|
||||
/**
|
||||
* 设置
|
||||
*
|
||||
* @param signMany
|
||||
*/
|
||||
public void setSignMany(Map<String, SaSignConfig> signMany) {
|
||||
this.signMany = signMany;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "SaSignManyConfigWrapper{" +
|
||||
"signMany=" + signMany +
|
||||
'}';
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,38 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign.error;
|
||||
|
||||
/**
|
||||
* 定义 sa-token-sign 模块所有异常细分状态码
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
public interface SaSignErrorCode {
|
||||
|
||||
/** 参与参数签名的秘钥不可为空 */
|
||||
int CODE_12201 = 12201;
|
||||
|
||||
/** 给定的签名无效 */
|
||||
int CODE_12202 = 12202;
|
||||
|
||||
/** timestamp 超出允许的范围 */
|
||||
int CODE_12203 = 12203;
|
||||
|
||||
/** 未找到对应 appid 的 SaSignConfig */
|
||||
int CODE_12211 = 12211;
|
||||
|
||||
}
|
||||
@ -13,8 +13,9 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.exception;
|
||||
package cn.dev33.satoken.sign.exception;
|
||||
|
||||
import cn.dev33.satoken.exception.SaTokenException;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
/**
|
||||
@ -13,13 +13,13 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign;
|
||||
package cn.dev33.satoken.sign.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.config.SaSignConfig;
|
||||
import cn.dev33.satoken.error.SaErrorCode;
|
||||
import cn.dev33.satoken.exception.SaSignException;
|
||||
import cn.dev33.satoken.fun.SaParamRetFunction;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.error.SaSignErrorCode;
|
||||
import cn.dev33.satoken.sign.exception.SaSignException;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
/**
|
||||
@ -34,7 +34,7 @@ public class SaSignMany {
|
||||
* 根据 appid 获取 SaSignConfig,允许自定义
|
||||
*/
|
||||
public static SaParamRetFunction<String, SaSignConfig> findSaSignConfigMethod = (appid) -> {
|
||||
return SaManager.getConfig().getSignMany().get(appid);
|
||||
return SaSignManager.getSignMany().get(appid);
|
||||
};
|
||||
|
||||
/**
|
||||
@ -46,13 +46,13 @@ public class SaSignMany {
|
||||
|
||||
// appid 为空,返回全局默认 SaSignTemplate
|
||||
if(SaFoxUtil.isEmpty(appid)){
|
||||
return SaManager.getSaSignTemplate();
|
||||
return SaSignManager.getSaSignTemplate();
|
||||
}
|
||||
|
||||
// 获取 SaSignConfig
|
||||
SaSignConfig config = findSaSignConfigMethod.run(appid);
|
||||
if(config == null){
|
||||
throw new SaSignException("未找到签名配置,appid=" + appid).setCode(SaErrorCode.CODE_12211);
|
||||
throw new SaSignException("未找到签名配置,appid=" + appid).setCode(SaSignErrorCode.CODE_12211);
|
||||
}
|
||||
|
||||
// 创建 SaSignTemplate 并返回
|
||||
@ -13,13 +13,15 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign;
|
||||
package cn.dev33.satoken.sign.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.config.SaSignConfig;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.error.SaErrorCode;
|
||||
import cn.dev33.satoken.exception.SaSignException;
|
||||
import cn.dev33.satoken.sign.error.SaSignErrorCode;
|
||||
import cn.dev33.satoken.sign.exception.SaSignException;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.util.SaFoxUtil;
|
||||
|
||||
import java.util.Map;
|
||||
@ -79,7 +81,7 @@ public class SaSignTemplate {
|
||||
return signConfig;
|
||||
}
|
||||
// 否则使用全局默认配置
|
||||
return SaManager.getConfig().getSign();
|
||||
return SaSignManager.getConfig();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -160,7 +162,7 @@ public class SaSignTemplate {
|
||||
*/
|
||||
public String createSign(Map<String, ?> paramsMap) {
|
||||
String secretKey = getSecretKey();
|
||||
SaSignException.notEmpty(secretKey, "参与参数签名的秘钥不可为空", SaErrorCode.CODE_12201);
|
||||
SaSignException.notEmpty(secretKey, "参与参数签名的秘钥不可为空", SaSignErrorCode.CODE_12201);
|
||||
|
||||
// 如果调用者不小心传入了 sign 参数,则此处需要将 sign 参数排除在外
|
||||
if(paramsMap.containsKey(sign)) {
|
||||
@ -237,7 +239,7 @@ public class SaSignTemplate {
|
||||
*/
|
||||
public void checkTimestamp(long timestamp) {
|
||||
if( ! isValidTimestamp(timestamp) ) {
|
||||
throw new SaSignException("timestamp 超出允许的范围:" + timestamp).setCode(SaErrorCode.CODE_12203);
|
||||
throw new SaSignException("timestamp 超出允许的范围:" + timestamp).setCode(SaSignErrorCode.CODE_12203);
|
||||
}
|
||||
}
|
||||
|
||||
@ -297,7 +299,7 @@ public class SaSignTemplate {
|
||||
*/
|
||||
public void checkSign(Map<String, ?> paramsMap, String sign) {
|
||||
if( ! isValidSign(paramsMap, sign) ) {
|
||||
throw new SaSignException("无效签名:" + sign).setCode(SaErrorCode.CODE_12202);
|
||||
throw new SaSignException("无效签名:" + sign).setCode(SaSignErrorCode.CODE_12202);
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,10 +13,10 @@
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.sign;
|
||||
package cn.dev33.satoken.sign.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@ -36,7 +36,7 @@ public class SaSignUtil {
|
||||
* @return 拼接出的参数字符串
|
||||
*/
|
||||
public static String joinParams(Map<String, ?> paramsMap) {
|
||||
return SaManager.getSaSignTemplate().joinParams(paramsMap);
|
||||
return SaSignManager.getSaSignTemplate().joinParams(paramsMap);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -45,7 +45,7 @@ public class SaSignUtil {
|
||||
* @return 拼接出的参数字符串
|
||||
*/
|
||||
public static String joinParamsDictSort(Map<String, ?> paramsMap) {
|
||||
return SaManager.getSaSignTemplate().joinParamsDictSort(paramsMap);
|
||||
return SaSignManager.getSaSignTemplate().joinParamsDictSort(paramsMap);
|
||||
}
|
||||
|
||||
|
||||
@ -57,7 +57,7 @@ public class SaSignUtil {
|
||||
* @return 签名
|
||||
*/
|
||||
public static String createSign(Map<String, ?> paramsMap) {
|
||||
return SaManager.getSaSignTemplate().createSign(paramsMap);
|
||||
return SaSignManager.getSaSignTemplate().createSign(paramsMap);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -66,7 +66,7 @@ public class SaSignUtil {
|
||||
* @return 加工后的参数列表
|
||||
*/
|
||||
public static Map<String, Object> addSignParams(Map<String, Object> paramsMap) {
|
||||
return SaManager.getSaSignTemplate().addSignParams(paramsMap);
|
||||
return SaSignManager.getSaSignTemplate().addSignParams(paramsMap);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -76,7 +76,7 @@ public class SaSignUtil {
|
||||
* @return 加工后的参数列表 转化为的参数字符串
|
||||
*/
|
||||
public static String addSignParamsAndJoin(Map<String, Object> paramsMap) {
|
||||
return SaManager.getSaSignTemplate().addSignParamsAndJoin(paramsMap);
|
||||
return SaSignManager.getSaSignTemplate().addSignParamsAndJoin(paramsMap);
|
||||
}
|
||||
|
||||
|
||||
@ -88,7 +88,7 @@ public class SaSignUtil {
|
||||
* @return 是否在允许的范围内
|
||||
*/
|
||||
public static boolean isValidTimestamp(long timestamp) {
|
||||
return SaManager.getSaSignTemplate().isValidTimestamp(timestamp);
|
||||
return SaSignManager.getSaSignTemplate().isValidTimestamp(timestamp);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -96,7 +96,7 @@ public class SaSignUtil {
|
||||
* @param timestamp 待校验的时间戳
|
||||
*/
|
||||
public static void checkTimestamp(long timestamp) {
|
||||
SaManager.getSaSignTemplate().checkTimestamp(timestamp);
|
||||
SaSignManager.getSaSignTemplate().checkTimestamp(timestamp);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -106,7 +106,7 @@ public class SaSignUtil {
|
||||
* @return 是否有效
|
||||
*/
|
||||
public static boolean isValidNonce(String nonce) {
|
||||
return SaManager.getSaSignTemplate().isValidNonce(nonce);
|
||||
return SaSignManager.getSaSignTemplate().isValidNonce(nonce);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -115,7 +115,7 @@ public class SaSignUtil {
|
||||
* @param nonce 待校验的随机字符串
|
||||
*/
|
||||
public static void checkNonce(String nonce) {
|
||||
SaManager.getSaSignTemplate().checkNonce(nonce);
|
||||
SaSignManager.getSaSignTemplate().checkNonce(nonce);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -125,7 +125,7 @@ public class SaSignUtil {
|
||||
* @return 签名是否有效
|
||||
*/
|
||||
public static boolean isValidSign(Map<String, ?> paramsMap, String sign) {
|
||||
return SaManager.getSaSignTemplate().isValidSign(paramsMap, sign);
|
||||
return SaSignManager.getSaSignTemplate().isValidSign(paramsMap, sign);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -134,7 +134,7 @@ public class SaSignUtil {
|
||||
* @param sign 待验证的签名
|
||||
*/
|
||||
public static void checkSign(Map<String, ?> paramsMap, String sign) {
|
||||
SaManager.getSaSignTemplate().checkSign(paramsMap, sign);
|
||||
SaSignManager.getSaSignTemplate().checkSign(paramsMap, sign);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -143,7 +143,7 @@ public class SaSignUtil {
|
||||
* @return 是否合法
|
||||
*/
|
||||
public static boolean isValidParamMap(Map<String, String> paramMap) {
|
||||
return SaManager.getSaSignTemplate().isValidParamMap(paramMap);
|
||||
return SaSignManager.getSaSignTemplate().isValidParamMap(paramMap);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -151,7 +151,7 @@ public class SaSignUtil {
|
||||
* @param paramMap 待校验的请求参数集合
|
||||
*/
|
||||
public static void checkParamMap(Map<String, String> paramMap) {
|
||||
SaManager.getSaSignTemplate().checkParamMap(paramMap);
|
||||
SaSignManager.getSaSignTemplate().checkParamMap(paramMap);
|
||||
}
|
||||
|
||||
|
||||
@ -164,7 +164,7 @@ public class SaSignUtil {
|
||||
* @return 是否合法
|
||||
*/
|
||||
public static boolean isValidRequest(SaRequest request, String... paramNames) {
|
||||
return SaManager.getSaSignTemplate().isValidRequest(request, paramNames);
|
||||
return SaSignManager.getSaSignTemplate().isValidRequest(request, paramNames);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -173,7 +173,7 @@ public class SaSignUtil {
|
||||
* @param paramNames 指定参与签名的参数有哪些,如果不填写则默认为全部参数
|
||||
*/
|
||||
public static void checkRequest(SaRequest request, String... paramNames) {
|
||||
SaManager.getSaSignTemplate().checkRequest(request, paramNames);
|
||||
SaSignManager.getSaSignTemplate().checkRequest(request, paramNames);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1 @@
|
||||
cn.dev33.satoken.plugin.SaTokenPluginForSign
|
||||
@ -22,6 +22,11 @@
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-core</artifactId>
|
||||
</dependency>
|
||||
<!-- sa-token-sign -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
|
||||
|
||||
@ -16,8 +16,9 @@
|
||||
package cn.dev33.satoken.sso.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.template.SaSignTemplate;
|
||||
import cn.dev33.satoken.sso.SaSsoManager;
|
||||
import cn.dev33.satoken.sso.config.SaSsoClientConfig;
|
||||
import cn.dev33.satoken.sso.error.SaSsoErrorCode;
|
||||
@ -246,7 +247,7 @@ public class SaSsoClientTemplate extends SaSsoTemplate {
|
||||
* @return /
|
||||
*/
|
||||
public SaSignTemplate getSignTemplate() {
|
||||
SaSignConfig signConfig = SaManager.getSaSignTemplate().getSignConfigOrGlobal().copy();
|
||||
SaSignConfig signConfig = SaSignManager.getSaSignTemplate().getSignConfigOrGlobal().copy();
|
||||
|
||||
// 使用 secretKey 的优先级:SSO 模块全局配置 > sign 模块默认配置
|
||||
String secretKey = getClientConfig().getSecretKey();
|
||||
|
||||
@ -16,9 +16,10 @@
|
||||
package cn.dev33.satoken.sso.template;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.config.SaSignConfig;
|
||||
import cn.dev33.satoken.session.SaSession;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.template.SaSignTemplate;
|
||||
import cn.dev33.satoken.sso.SaSsoManager;
|
||||
import cn.dev33.satoken.sso.config.SaSsoClientModel;
|
||||
import cn.dev33.satoken.sso.config.SaSsoServerConfig;
|
||||
@ -327,7 +328,7 @@ public class SaSsoServerTemplate extends SaSsoTemplate {
|
||||
scm.setIsSlo(serverConfig.getIsSlo());
|
||||
scm.setSecretKey(serverConfig.getSecretKey());
|
||||
if(SaFoxUtil.isEmpty(scm.getSecretKey())) {
|
||||
scm.setSecretKey(SaManager.getSaSignTemplate().getSignConfigOrGlobal().getSecretKey());
|
||||
scm.setSecretKey(SaSignManager.getSaSignTemplate().getSignConfigOrGlobal().getSecretKey());
|
||||
}
|
||||
return scm;
|
||||
}
|
||||
@ -781,7 +782,7 @@ public class SaSsoServerTemplate extends SaSsoTemplate {
|
||||
* @return /
|
||||
*/
|
||||
public SaSignTemplate getSignTemplate(String client) {
|
||||
SaSignConfig signConfig = SaManager.getSaSignTemplate().getSignConfigOrGlobal().copy();
|
||||
SaSignConfig signConfig = SaSignManager.getSaSignTemplate().getSignConfigOrGlobal().copy();
|
||||
SaSsoClientModel clientModel = getClientNotNull(client);
|
||||
|
||||
// 使用 secretKey 的优先级:client 单独配置 > SSO 模块全局配置 > sign 模块默认配置
|
||||
|
||||
@ -42,6 +42,20 @@
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<!-- API Key (optional) -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-apikey</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<!-- API Sign (optional) -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<!-- redisx + snack3 -->
|
||||
<dependency>
|
||||
<groupId>org.noear</groupId>
|
||||
|
||||
@ -17,8 +17,6 @@ package cn.dev33.satoken.solon;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.annotation.handler.SaAnnotationHandlerInterface;
|
||||
import cn.dev33.satoken.apikey.SaApiKeyTemplate;
|
||||
import cn.dev33.satoken.apikey.loader.SaApiKeyDataLoader;
|
||||
import cn.dev33.satoken.config.SaTokenConfig;
|
||||
import cn.dev33.satoken.context.SaTokenContext;
|
||||
import cn.dev33.satoken.dao.SaTokenDao;
|
||||
@ -37,7 +35,6 @@ import cn.dev33.satoken.plugin.SaTokenPluginHolder;
|
||||
import cn.dev33.satoken.same.SaSameTemplate;
|
||||
import cn.dev33.satoken.secure.totp.SaTotpTemplate;
|
||||
import cn.dev33.satoken.serializer.SaSerializerTemplate;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import cn.dev33.satoken.stp.StpLogic;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
@ -222,39 +219,6 @@ public class SaBeanInject {
|
||||
SaManager.setSaSerializerTemplate(saSerializerTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 参数签名 Bean
|
||||
*
|
||||
* @param saSignTemplate 参数签名 Bean
|
||||
*/
|
||||
@Condition(onBean = SaSignTemplate.class)
|
||||
@Bean
|
||||
public void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaManager.setSaSignTemplate(saSignTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 ApiKey 模块 Bean
|
||||
*
|
||||
* @param apiKeyTemplate /
|
||||
*/
|
||||
@Condition(onBean = SaApiKeyTemplate.class)
|
||||
@Bean
|
||||
public void setSaApiKeyTemplate(SaApiKeyTemplate apiKeyTemplate) {
|
||||
SaManager.setSaApiKeyTemplate(apiKeyTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 ApiKey 数据加载器 Bean
|
||||
*
|
||||
* @param apiKeyDataLoader /
|
||||
*/
|
||||
@Condition(onBean = SaApiKeyDataLoader.class)
|
||||
@Bean
|
||||
public void setSaApiKeyDataLoader(SaApiKeyDataLoader apiKeyDataLoader) {
|
||||
SaManager.setSaApiKeyDataLoader(apiKeyDataLoader);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 TOTP 算法 Bean
|
||||
*
|
||||
|
||||
@ -15,8 +15,12 @@
|
||||
*/
|
||||
package cn.dev33.satoken.solon;
|
||||
|
||||
import cn.dev33.satoken.solon.apikey.SaApiKeyBeanInject;
|
||||
import cn.dev33.satoken.solon.apikey.SaApiKeyBeanRegister;
|
||||
import cn.dev33.satoken.solon.oauth2.SaOAuth2BeanInject;
|
||||
import cn.dev33.satoken.solon.oauth2.SaOAuth2BeanRegister;
|
||||
import cn.dev33.satoken.solon.sign.SaSignBeanInject;
|
||||
import cn.dev33.satoken.solon.sign.SaSignBeanRegister;
|
||||
import cn.dev33.satoken.solon.sso.SaSsoBeanInject;
|
||||
import cn.dev33.satoken.solon.sso.SaSsoBeanRegister;
|
||||
import org.noear.solon.core.AppContext;
|
||||
@ -41,5 +45,13 @@ public class SaSolonPlugin implements Plugin {
|
||||
// sa-oauth2
|
||||
context.beanMake(SaOAuth2BeanRegister.class);
|
||||
context.beanMake(SaOAuth2BeanInject.class);
|
||||
|
||||
// sa-apikey
|
||||
context.beanMake(SaApiKeyBeanRegister.class);
|
||||
context.beanMake(SaApiKeyBeanInject.class);
|
||||
|
||||
// sa-sign
|
||||
context.beanMake(SaSignBeanRegister.class);
|
||||
context.beanMake(SaSignBeanInject.class);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,69 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.solon.apikey;
|
||||
|
||||
import cn.dev33.satoken.apikey.SaApiKeyManager;
|
||||
import cn.dev33.satoken.apikey.config.SaApiKeyConfig;
|
||||
import cn.dev33.satoken.apikey.loader.SaApiKeyDataLoader;
|
||||
import cn.dev33.satoken.apikey.template.SaApiKeyTemplate;
|
||||
import org.noear.solon.annotation.Bean;
|
||||
import org.noear.solon.annotation.Condition;
|
||||
import org.noear.solon.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* 注入 Sa-Token API Key 所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@Condition(onClass=SaApiKeyManager.class)
|
||||
@Configuration
|
||||
public class SaApiKeyBeanInject {
|
||||
|
||||
/**
|
||||
* 注入 API Key 配置对象
|
||||
*
|
||||
* @param saApiKeyConfig 配置对象
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaApiKeyConfig.class)
|
||||
public void setSaApiKeyConfig(SaApiKeyConfig saApiKeyConfig) {
|
||||
SaApiKeyManager.setConfig(saApiKeyConfig);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 API Key 模版方法 Bean
|
||||
*
|
||||
* @param apiKeyTemplate /
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaApiKeyTemplate.class)
|
||||
public void setSaApiKeyTemplate(SaApiKeyTemplate apiKeyTemplate) {
|
||||
SaApiKeyManager.setSaApiKeyTemplate(apiKeyTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 API Key 数据加载器 Bean
|
||||
*
|
||||
* @param apiKeyDataLoader /
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaApiKeyDataLoader.class)
|
||||
public void setSaApiKeyDataLoader(SaApiKeyDataLoader apiKeyDataLoader) {
|
||||
SaApiKeyManager.setSaApiKeyDataLoader(apiKeyDataLoader);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,48 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.solon.apikey;
|
||||
|
||||
import cn.dev33.satoken.apikey.SaApiKeyManager;
|
||||
import cn.dev33.satoken.apikey.config.SaApiKeyConfig;
|
||||
import org.noear.solon.annotation.Bean;
|
||||
import org.noear.solon.annotation.Condition;
|
||||
import org.noear.solon.annotation.Configuration;
|
||||
import org.noear.solon.annotation.Inject;
|
||||
|
||||
/**
|
||||
* 注册 Sa-Token API Key 所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@Configuration
|
||||
@Condition(onClass= SaApiKeyManager.class)
|
||||
public class SaApiKeyBeanRegister {
|
||||
|
||||
/**
|
||||
* 获取 API Key 配置对象
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
public SaApiKeyConfig getSaApiKeyConfig(@Inject(value = "${sa-token.api-key}", required = false) SaApiKeyConfig saApiKeyConfig) {
|
||||
if (saApiKeyConfig == null) {
|
||||
return new SaApiKeyConfig();
|
||||
} else {
|
||||
return saApiKeyConfig;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,69 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.solon.sign;
|
||||
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.config.SaSignManyConfigWrapper;
|
||||
import cn.dev33.satoken.sign.template.SaSignTemplate;
|
||||
import org.noear.solon.annotation.Bean;
|
||||
import org.noear.solon.annotation.Condition;
|
||||
import org.noear.solon.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* 注入 Sa-Token API 参数签名 所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@Configuration
|
||||
@Condition(onClass= SaSignManager.class)
|
||||
public class SaSignBeanInject {
|
||||
|
||||
/**
|
||||
* 注入 API 参数签名配置对象
|
||||
*
|
||||
* @param saSignConfig 配置对象
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaSignConfig.class)
|
||||
public void setSignConfig(SaSignConfig saSignConfig) {
|
||||
SaSignManager.setConfig(saSignConfig);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入 API 参数签名配置对象
|
||||
*
|
||||
* @param signManyConfigWrapper 配置对象
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaSignManyConfigWrapper.class)
|
||||
public void setSignManyConfig(SaSignManyConfigWrapper signManyConfigWrapper) {
|
||||
SaSignManager.setSignMany(signManyConfigWrapper.getSignMany());
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 参数签名 模版方法 Bean
|
||||
*
|
||||
* @param saSignTemplate 参数签名 Bean
|
||||
*/
|
||||
@Bean
|
||||
@Condition(onBean = SaSignTemplate.class)
|
||||
public void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaSignManager.setSaSignTemplate(saSignTemplate);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,62 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.solon.sign;
|
||||
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.config.SaSignManyConfigWrapper;
|
||||
import org.noear.solon.annotation.Bean;
|
||||
import org.noear.solon.annotation.Condition;
|
||||
import org.noear.solon.annotation.Configuration;
|
||||
import org.noear.solon.annotation.Inject;
|
||||
|
||||
/**
|
||||
* 注册 Sa-Token API 参数签名所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@Configuration
|
||||
@Condition(onClass= SaSignManager.class)
|
||||
public class SaSignBeanRegister {
|
||||
|
||||
/**
|
||||
* 获取 API 参数签名配置对象
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
public SaSignConfig getSaSignConfig(@Inject(value = "${sa-token.sign}", required = false) SaSignConfig saSignConfig) {
|
||||
if (saSignConfig == null) {
|
||||
return new SaSignConfig();
|
||||
} else {
|
||||
return saSignConfig;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 API 参数签名 Many 配置对象
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
public SaSignManyConfigWrapper getSaSignManyConfigWrapper(@Inject(value = "${sa-token}", required = false) SaSignManyConfigWrapper signManyConfigWrapper) {
|
||||
if (signManyConfigWrapper == null) {
|
||||
return new SaSignManyConfigWrapper();
|
||||
} else {
|
||||
return signManyConfigWrapper;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -43,7 +43,7 @@ public class SaSsoBeanRegister {
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
public SaSsoServerConfig getSaSsoServerConfig(@Inject(value = "${sa-token.sso-server)", required = false) SaSsoServerConfig serverConfig) {
|
||||
public SaSsoServerConfig getSaSsoServerConfig(@Inject(value = "${sa-token.sso-server}", required = false) SaSsoServerConfig serverConfig) {
|
||||
if (serverConfig == null) {
|
||||
return new SaSsoServerConfig();
|
||||
} else {
|
||||
|
||||
@ -70,6 +70,13 @@
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
<!-- API Sign (optional) -->
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-sign</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
|
||||
|
||||
@ -35,7 +35,6 @@ import cn.dev33.satoken.plugin.SaTokenPluginHolder;
|
||||
import cn.dev33.satoken.same.SaSameTemplate;
|
||||
import cn.dev33.satoken.secure.totp.SaTotpTemplate;
|
||||
import cn.dev33.satoken.serializer.SaSerializerTemplate;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.spring.pathmatch.SaPathMatcherHolder;
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import cn.dev33.satoken.stp.StpLogic;
|
||||
@ -207,16 +206,6 @@ public class SaBeanInject {
|
||||
SaManager.setSaSerializerTemplate(saSerializerTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 参数签名 Bean
|
||||
*
|
||||
* @param saSignTemplate 参数签名 Bean
|
||||
*/
|
||||
@Autowired(required = false)
|
||||
public void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaManager.setSaSignTemplate(saSignTemplate);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 TOTP 算法 Bean
|
||||
*
|
||||
|
||||
@ -37,7 +37,7 @@ public class SaApiKeyBeanInject {
|
||||
* @param saApiKeyConfig 配置对象
|
||||
*/
|
||||
@Autowired(required = false)
|
||||
public void setSaOAuth2Config(SaApiKeyConfig saApiKeyConfig) {
|
||||
public void setSaApiKeyConfig(SaApiKeyConfig saApiKeyConfig) {
|
||||
SaApiKeyManager.setConfig(saApiKeyConfig);
|
||||
}
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ import org.springframework.context.annotation.Bean;
|
||||
* 注册 Sa-Token API Key 所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.34.0
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@ConditionalOnClass(SaApiKeyManager.class)
|
||||
public class SaApiKeyBeanRegister {
|
||||
|
||||
@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.spring.sign;
|
||||
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.config.SaSignManyConfigWrapper;
|
||||
import cn.dev33.satoken.sign.template.SaSignTemplate;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
|
||||
/**
|
||||
* 注入 Sa-Token API 参数签名 所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@ConditionalOnClass(SaSignManager.class)
|
||||
public class SaSignBeanInject {
|
||||
|
||||
/**
|
||||
* 注入 API 参数签名配置对象
|
||||
*
|
||||
* @param saSignConfig 配置对象
|
||||
*/
|
||||
@Autowired(required = false)
|
||||
public void setSignConfig(SaSignConfig saSignConfig) {
|
||||
SaSignManager.setConfig(saSignConfig);
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入 API 参数签名配置对象
|
||||
*
|
||||
* @param signManyConfigWrapper 配置对象
|
||||
*/
|
||||
@Autowired(required = false)
|
||||
public void setSignManyConfig(SaSignManyConfigWrapper signManyConfigWrapper) {
|
||||
SaSignManager.setSignMany(signManyConfigWrapper.getSignMany());
|
||||
}
|
||||
|
||||
/**
|
||||
* 注入自定义的 参数签名 模版方法 Bean
|
||||
*
|
||||
* @param saSignTemplate 参数签名 Bean
|
||||
*/
|
||||
@Autowired(required = false)
|
||||
public void setSaSignTemplate(SaSignTemplate saSignTemplate) {
|
||||
SaSignManager.setSaSignTemplate(saSignTemplate);
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,54 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package cn.dev33.satoken.spring.sign;
|
||||
|
||||
import cn.dev33.satoken.sign.SaSignManager;
|
||||
import cn.dev33.satoken.sign.config.SaSignConfig;
|
||||
import cn.dev33.satoken.sign.config.SaSignManyConfigWrapper;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
|
||||
/**
|
||||
* 注册 Sa-Token API 参数签名所需要的 Bean
|
||||
*
|
||||
* @author click33
|
||||
* @since 1.43.0
|
||||
*/
|
||||
@ConditionalOnClass(SaSignManager.class)
|
||||
public class SaSignBeanRegister {
|
||||
|
||||
/**
|
||||
* 获取 API 参数签名配置对象
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
@ConfigurationProperties(prefix = "sa-token.sign")
|
||||
public SaSignConfig getSaSignConfig() {
|
||||
return new SaSignConfig();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取 API 参数签名 Many 配置对象
|
||||
* @return 配置对象
|
||||
*/
|
||||
@Bean
|
||||
@ConfigurationProperties(prefix = "sa-token")
|
||||
public SaSignManyConfigWrapper getSaSignManyConfigWrapper() {
|
||||
return new SaSignManyConfigWrapper();
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,19 @@
|
||||
/*
|
||||
* Copyright 2020-2099 sa-token.cc
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
/**
|
||||
* sa-token-sign 模块自动化配置(只有引入了 sa-token-sign 模块后,此包下的代码才会开始工作)
|
||||
*/
|
||||
package cn.dev33.satoken.spring.sign;
|
||||
@ -4,4 +4,8 @@ cn.dev33.satoken.spring.SaBeanInject,\
|
||||
cn.dev33.satoken.spring.sso.SaSsoBeanRegister,\
|
||||
cn.dev33.satoken.spring.sso.SaSsoBeanInject,\
|
||||
cn.dev33.satoken.spring.oauth2.SaOAuth2BeanRegister,\
|
||||
cn.dev33.satoken.spring.oauth2.SaOAuth2BeanInject
|
||||
cn.dev33.satoken.spring.oauth2.SaOAuth2BeanInject,\
|
||||
cn.dev33.satoken.spring.apikey.SaApiKeyBeanRegister,\
|
||||
cn.dev33.satoken.spring.apikey.SaApiKeyBeanInject,\
|
||||
cn.dev33.satoken.spring.sign.SaSignBeanRegister,\
|
||||
cn.dev33.satoken.spring.sign.SaSignBeanInject
|
||||
@ -4,3 +4,7 @@ cn.dev33.satoken.spring.sso.SaSsoBeanRegister
|
||||
cn.dev33.satoken.spring.sso.SaSsoBeanInject
|
||||
cn.dev33.satoken.spring.oauth2.SaOAuth2BeanRegister
|
||||
cn.dev33.satoken.spring.oauth2.SaOAuth2BeanInject
|
||||
cn.dev33.satoken.spring.apikey.SaApiKeyBeanRegister
|
||||
cn.dev33.satoken.spring.apikey.SaApiKeyBeanInject
|
||||
cn.dev33.satoken.spring.sign.SaSignBeanRegister
|
||||
cn.dev33.satoken.spring.sign.SaSignBeanInject
|
||||
Loading…
Reference in New Issue
Block a user