更换 HttpBasic 认证模块包名

sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckHttpBasic.java

@@ -15,7 +15,7 @@
  */
 package cn.dev33.satoken.annotation;
 
-import cn.dev33.satoken.basic.SaBasicTemplate;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicTemplate;
 
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
@@ -32,13 +32,13 @@ import java.lang.annotation.Target;
  */
 @Retention(RetentionPolicy.RUNTIME)
 @Target({ ElementType.METHOD, ElementType.TYPE })
-public @interface SaCheckBasic {
+public @interface SaCheckHttpBasic {
 
     /**
      * 领域 
      * @return /
      */
-    String realm() default SaBasicTemplate.DEFAULT_REALM;
+    String realm() default SaHttpBasicTemplate.DEFAULT_REALM;
 
     /**
      * 需要校验的账号密码，格式形如 sa:123456 

sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckOr.java

@@ -61,11 +61,11 @@ public @interface SaCheckOr {
     SaCheckSafe[] safe() default {};
 
     /**
-     * 设定 @SaCheckBasic，参考 {@link SaCheckBasic}
+     * 设定 @SaCheckBasic，参考 {@link SaCheckHttpBasic}
      *
      * @return /
      */
-    SaCheckBasic[] basic() default {};
+    SaCheckHttpBasic[] basic() default {};
 
     /**
      * 设定 @SaCheckDisable，参考 {@link SaCheckDisable}

sa-token-core/src/main/java/cn/dev33/satoken/basic/SaBasicTemplate.java

@@ -23,11 +23,15 @@ import cn.dev33.satoken.secure.SaBase64Util;
 import cn.dev33.satoken.util.SaFoxUtil;
 
 /**
+ * <h2> 已更换至包：cn.dev33.satoken.httpauth.basic </h2>
+ * <h2> 已更换名称：SaHttpBasicTemplate </h2>
+ *
  * Sa-Token Http Basic 认证模块
  *
  * @author click33
  * @since 1.26.0
  */
+@Deprecated
 public class SaBasicTemplate {
 	
 	/**

sa-token-core/src/main/java/cn/dev33/satoken/basic/SaBasicUtil.java

@@ -16,11 +16,15 @@
 package cn.dev33.satoken.basic;
 
 /**
+ * <h2> 已更换至包：cn.dev33.satoken.httpauth.basic </h2>
+ * <h2> 已更换名称：SaHttpBasicUtil </h2>
+ *
  * Sa-Token Http Basic 认证模块，Util 工具类
  *
  * @author click33
  * @since 1.26.0
  */
+@Deprecated
 public class SaBasicUtil {
 
 	private SaBasicUtil() {

sa-token-core/src/main/java/cn/dev33/satoken/config/SaTokenConfig.java

@@ -15,7 +15,6 @@
  */
 package cn.dev33.satoken.config;
 
-import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.util.SaFoxUtil;
 
 import java.io.Serializable;
@@ -150,7 +149,7 @@ public class SaTokenConfig implements Serializable {
 	/**
 	 * Http Basic 认证的默认账号和密码，冒号隔开，例如：sa:123456
 	 */
-	private String basic = "";
+	private String httpBasic = "";
 
 	/**
 	 * Http Digest 认证的默认账号和密码，冒号隔开，例如：sa:123456
@@ -560,18 +559,18 @@ public class SaTokenConfig implements Serializable {
 	}
 
 	/**
-	 * @return Http Basic 认证的默认账号和密码 
+	 * @return Http Basic 认证的默认账号和密码，冒号隔开，例如：sa:123456
 	 */
-	public String getBasic() {
-		return basic;
+	public String getHttpBasic() {
+		return httpBasic;
 	}
 
 	/**
-	 * @param basic Http Basic 认证的默认账号和密码 
+	 * @param httpBasic Http Basic 认证的默认账号和密码，冒号隔开，例如：sa:123456
 	 * @return 对象自身
 	 */
-	public SaTokenConfig setBasic(String basic) {
-		this.basic = basic;
+	public SaTokenConfig setHttpBasic(String httpBasic) {
+		this.httpBasic = httpBasic;
 		return this;
 	}
 
@@ -697,7 +696,7 @@ public class SaTokenConfig implements Serializable {
 				+ ", logLevelInt=" + logLevelInt
 				+ ", isColorLog=" + isColorLog
 				+ ", jwtSecretKey=" + jwtSecretKey 
-				+ ", basic=" + basic
+				+ ", httpBasic=" + httpBasic
 				+ ", httpDigest=" + httpDigest
 				+ ", currDomain=" + currDomain 
 				+ ", sameTokenTimeout=" + sameTokenTimeout
@@ -707,8 +706,12 @@ public class SaTokenConfig implements Serializable {
 				+ "]";
 	}
 
+
+
+	// ------------------- 过期方法 -------------------
+
 	/**
-	 * 请更改为 getActiveTimeout()
+	 * <h2> 请更改为 getActiveTimeout() </h2>
 	 * @return token 最低活跃频率（单位：秒），如果 token 超过此时间没有访问系统就会被冻结，默认-1 代表不限制，永不冻结
 	 * 							（例如可以设置为 1800 代表 30 分钟内无操作就冻结）
 	 */
@@ -719,7 +722,7 @@ public class SaTokenConfig implements Serializable {
 	}
 
 	/**
-	 * 请更改为 setActiveTimeout()
+	 * <h2> 请更改为 setActiveTimeout() </h2>
 	 * @param activityTimeout token 最低活跃频率（单位：秒），如果 token 超过此时间没有访问系统就会被冻结，默认-1 代表不限制，永不冻结
 	 * 								（例如可以设置为 1800 代表 30 分钟内无操作就冻结）
 	 * @return 对象自身
@@ -731,5 +734,24 @@ public class SaTokenConfig implements Serializable {
 		return this;
 	}
 
+	/**
+	 * <h2> 请更改为 getHttpBasic() </h2>
+	 * @return Http Basic 认证的默认账号和密码
+	 */
+	@Deprecated
+	public String getBasic() {
+		return httpBasic;
+	}
+
+	/**
+	 * <h2> 请更改为 setHttpBasic() </h2>
+	 * @param basic Http Basic 认证的默认账号和密码
+	 * @return 对象自身
+	 */
+	@Deprecated
+	public SaTokenConfig setBasic(String basic) {
+		this.httpBasic = basic;
+		return this;
+	}
 
 }

sa-token-core/src/main/java/cn/dev33/satoken/httpauth/basic/SaHttpBasicTemplate.java

@@ -0,0 +1,95 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.httpauth.basic;
+
+import cn.dev33.satoken.SaManager;
+import cn.dev33.satoken.context.SaHolder;
+import cn.dev33.satoken.error.SaErrorCode;
+import cn.dev33.satoken.exception.NotBasicAuthException;
+import cn.dev33.satoken.secure.SaBase64Util;
+import cn.dev33.satoken.util.SaFoxUtil;
+
+/**
+ * Sa-Token Http Basic 认证模块
+ *
+ * @author click33
+ * @since 1.26.0
+ */
+public class SaHttpBasicTemplate {
+	
+	/**
+	 * 默认的 Realm 领域名称
+	 */
+	public static final String DEFAULT_REALM = "Sa-Token";
+
+	/**
+	 * 在校验失败时，设置响应头，并抛出异常
+	 * @param realm 领域 
+	 */
+	public void throwNotBasicAuthException(String realm) {
+		SaHolder.getResponse().setStatus(401).setHeader("WWW-Authenticate", "Basic Realm=" + realm);
+		throw new NotBasicAuthException().setCode(SaErrorCode.CODE_10311);
+	}
+
+	/**
+	 * 获取浏览器提交的 Basic 参数 （裁剪掉前缀并解码）
+	 * @return 值
+	 */
+	public String getAuthorizationValue() {
+		
+		// 获取前端提交的请求头 Authorization 参数
+		String authorization = SaHolder.getRequest().getHeader("Authorization");
+		
+		// 如果不是以 Basic 作为前缀，则视为无效 
+		if(authorization == null || ! authorization.startsWith("Basic ")) {
+			return null;
+		}
+		
+		// 裁剪前缀并解码 
+		return SaBase64Util.decode(authorization.substring(6));
+	}
+	
+	/**
+	 * 对当前会话进行 Basic 校验（使用全局配置的账号密码），校验不通过则抛出异常  
+	 */
+	public void check() {
+		check(DEFAULT_REALM, SaManager.getConfig().getHttpBasic());
+	}
+
+	/**
+	 * 对当前会话进行 Basic 校验（手动设置账号密码），校验不通过则抛出异常  
+	 * @param account 账号（格式为 user:password）
+	 */
+	public void check(String account) {
+		check(DEFAULT_REALM, account);
+	}
+
+	/**
+	 * 对当前会话进行 Basic 校验（手动设置 Realm 和 账号密码），校验不通过则抛出异常 
+	 * @param realm 领域 
+	 * @param account 账号（格式为 user:password）
+	 */
+	public void check(String realm, String account) {
+		if(SaFoxUtil.isEmpty(account)) {
+			account = SaManager.getConfig().getHttpBasic();
+		}
+		String authorization = getAuthorizationValue();
+		if(SaFoxUtil.isEmpty(authorization) || ! authorization.equals(account)) {
+			throwNotBasicAuthException(realm);
+		}
+	}
+
+}

sa-token-core/src/main/java/cn/dev33/satoken/httpauth/basic/SaHttpBasicUtil.java

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.httpauth.basic;
+
+/**
+ * Sa-Token Http Basic 认证模块，Util 工具类
+ *
+ * @author click33
+ * @since 1.26.0
+ */
+public class SaHttpBasicUtil {
+
+	private SaHttpBasicUtil() {
+	}
+	
+	/**
+	 * 底层使用的 SaBasicTemplate 对象
+	 */
+	public static SaHttpBasicTemplate saHttpBasicTemplate = new SaHttpBasicTemplate();
+
+	/**
+	 * 获取浏览器提交的 Basic 参数 （裁剪掉前缀并解码）
+	 * @return 值
+	 */
+	public static String getAuthorizationValue() {
+		return saHttpBasicTemplate.getAuthorizationValue();
+	}
+	
+	/**
+	 * 对当前会话进行 Basic 校验（使用全局配置的账号密码），校验不通过则抛出异常  
+	 */
+	public static void check() {
+		saHttpBasicTemplate.check();
+	}
+
+	/**
+	 * 对当前会话进行 Basic 校验（手动设置账号密码），校验不通过则抛出异常  
+	 * @param account 账号（格式为 user:password）
+	 */
+	public static void check(String account) {
+		saHttpBasicTemplate.check(account);
+	}
+
+	/**
+	 * 对当前会话进行 Basic 校验（手动设置 Realm 和 账号密码），校验不通过则抛出异常 
+	 * @param realm 领域 
+	 * @param account 账号（格式为 user:password）
+	 */
+	public static void check(String realm, String account) {
+		saHttpBasicTemplate.check(realm, account);
+	}
+
+}

sa-token-core/src/main/java/cn/dev33/satoken/strategy/SaStrategy.java

@@ -17,7 +17,7 @@ package cn.dev33.satoken.strategy;
 
 import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.annotation.*;
-import cn.dev33.satoken.basic.SaBasicUtil;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
 import cn.dev33.satoken.exception.RequestPathInvalidException;
 import cn.dev33.satoken.exception.SaTokenException;
 import cn.dev33.satoken.fun.strategy.*;
@@ -180,13 +180,13 @@ public final class SaStrategy {
 			SaManager.getStpLogic(checkDisable.type(), false).checkByAnnotation(checkDisable);
 		}
 
-		// 校验 @SaCheckBasic 注解
-		SaCheckBasic checkBasic = (SaCheckBasic) SaStrategy.instance.getAnnotation.apply(element, SaCheckBasic.class);
-		if(checkBasic != null) {
-			SaBasicUtil.check(checkBasic.realm(), checkBasic.account());
+		// 校验 @SaCheckHttpBasic 注解
+		SaCheckHttpBasic checkHttpBasic = (SaCheckHttpBasic) SaStrategy.instance.getAnnotation.apply(element, SaCheckHttpBasic.class);
+		if(checkHttpBasic != null) {
+			SaHttpBasicUtil.check(checkHttpBasic.realm(), checkHttpBasic.account());
 		}
 
-		// 校验 @SaCheckBasic 注解
+		// 校验 @SaCheckHttpDigest 注解
 		SaCheckHttpDigest checkHttpDigest = (SaCheckHttpDigest) SaStrategy.instance.getAnnotation.apply(element, SaCheckHttpDigest.class);
 		if(checkHttpDigest != null) {
 			SaHttpDigestUtil.checkByAnnotation(checkHttpDigest);
@@ -265,10 +265,10 @@ public final class SaStrategy {
 		}
 
 		// 6、校验注解：@SaCheckBasic
-		SaCheckBasic[] checkBasicArray = at.basic();
-		for (SaCheckBasic item : checkBasicArray) {
+		SaCheckHttpBasic[] checkBasicArray = at.basic();
+		for (SaCheckHttpBasic item : checkBasicArray) {
 			try {
-				SaBasicUtil.check(item.realm(), item.account());
+				SaHttpBasicUtil.check(item.realm(), item.account());
 				return;
 			} catch (SaTokenException e) {
 				errorList.add(e);

sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/up/HttpBasicController.java

@@ -1,11 +1,10 @@
 package com.pj.cases.up;
 
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
+import cn.dev33.satoken.util.SaResult;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.basic.SaBasicUtil;
-import cn.dev33.satoken.util.SaResult;
-
 /**
  * Sa-Token Http Basic 认证 
  * 
@@ -28,7 +27,7 @@ public class HttpBasicController {
 	@RequestMapping("getInfo")
 	public SaResult login() {
 		// 1、Http Basic 认证校验，账号=sa，密码=123456
-		SaBasicUtil.check("sa:123456");
+		SaHttpBasicUtil.check("sa:123456");
 		
 		// 2、返回数据 
 		String data = "这是通过 Http Basic 校验后才返回的数据";

sa-token-demo/sa-token-demo-springboot-redis/src/main/java/com/pj/test/AtController.java

@@ -3,7 +3,7 @@ package com.pj.test;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.annotation.SaCheckBasic;
+import cn.dev33.satoken.annotation.SaCheckHttpBasic;
 import cn.dev33.satoken.annotation.SaCheckLogin;
 import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.annotation.SaCheckRole;
@@ -71,7 +71,7 @@ public class AtController {
 	}
 	
 	// 通过Basic认证后才可以进入  ---- http://localhost:8081/at/checkBasic 
-	@SaCheckBasic(account = "sa:123456")
+	@SaCheckHttpBasic(account = "sa:123456")
 	@RequestMapping("checkBasic")
 	public SaResult checkBasic() {
 		return SaResult.ok();

sa-token-demo/sa-token-demo-springboot/src/main/java/com/pj/test/AtController.java

@@ -3,7 +3,7 @@ package com.pj.test;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.annotation.SaCheckBasic;
+import cn.dev33.satoken.annotation.SaCheckHttpBasic;
 import cn.dev33.satoken.annotation.SaCheckLogin;
 import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.annotation.SaCheckRole;
@@ -71,7 +71,7 @@ public class AtController {
 	}
 	
 	// 通过Basic认证后才可以进入  ---- http://localhost:8081/at/checkBasic 
-	@SaCheckBasic(account = "sa:123456")
+	@SaCheckHttpBasic(account = "sa:123456")
 	@RequestMapping("checkBasic")
 	public SaResult checkBasic() {
 		return SaResult.ok();

sa-token-demo/sa-token-demo-springboot3-redis/src/main/java/com/pj/test/AtController.java

@@ -3,7 +3,7 @@ package com.pj.test;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.annotation.SaCheckBasic;
+import cn.dev33.satoken.annotation.SaCheckHttpBasic;
 import cn.dev33.satoken.annotation.SaCheckLogin;
 import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.annotation.SaCheckRole;
@@ -71,7 +71,7 @@ public class AtController {
 	}
 	
 	// 通过Basic认证后才可以进入  ---- http://localhost:8081/at/checkBasic 
-	@SaCheckBasic(account = "sa:123456")
+	@SaCheckHttpBasic(account = "sa:123456")
 	@RequestMapping("checkBasic")
 	public SaResult checkBasic() {
 		return SaResult.ok();

sa-token-demo/sa-token-demo-test/src/main/java/com/pj/test/AtController.java

@@ -3,7 +3,7 @@ package com.pj.test;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.annotation.SaCheckBasic;
+import cn.dev33.satoken.annotation.SaCheckHttpBasic;
 import cn.dev33.satoken.annotation.SaCheckLogin;
 import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.annotation.SaCheckRole;
@@ -71,7 +71,7 @@ public class AtController {
 	}
 	
 	// 通过Basic认证后才可以进入  ---- http://localhost:8081/at/checkBasic 
-	@SaCheckBasic(account = "sa:123456")
+	@SaCheckHttpBasic(account = "sa:123456")
 	@RequestMapping("checkBasic")
 	public SaResult checkBasic() {
 		return SaResult.ok();

sa-token-starter/sa-token-solon-plugin/src/main/java/cn/dev33/satoken/solon/XPluginImp.java

@@ -16,8 +16,8 @@
 package cn.dev33.satoken.solon;
 
 import cn.dev33.satoken.SaManager;
-import cn.dev33.satoken.basic.SaBasicTemplate;
-import cn.dev33.satoken.basic.SaBasicUtil;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicTemplate;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
 import cn.dev33.satoken.config.SaTokenConfig;
 import cn.dev33.satoken.context.second.SaTokenSecondContextCreator;
 import cn.dev33.satoken.dao.SaTokenDao;
@@ -111,8 +111,8 @@ public class XPluginImp implements Plugin {
         });
 
         // Sa-Token Http Basic 认证模块 Bean
-        context.getBeanAsync(SaBasicTemplate.class, bean -> {
-            SaBasicUtil.saBasicTemplate = bean;
+        context.getBeanAsync(SaHttpBasicTemplate.class, bean -> {
+            SaHttpBasicUtil.saHttpBasicTemplate = bean;
         });
 
         // Sa-Token JSON 转换器 Bean

sa-token-starter/sa-token-spring-boot-autoconfig/src/main/java/cn/dev33/satoken/spring/SaBeanInject.java

@@ -23,8 +23,8 @@ import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.util.PathMatcher;
 
 import cn.dev33.satoken.SaManager;
-import cn.dev33.satoken.basic.SaBasicTemplate;
-import cn.dev33.satoken.basic.SaBasicUtil;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicTemplate;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
 import cn.dev33.satoken.config.SaTokenConfig;
 import cn.dev33.satoken.context.SaTokenContext;
 import cn.dev33.satoken.context.second.SaTokenSecondContextCreator;
@@ -143,8 +143,8 @@ public class SaBeanInject {
 	 * @param saBasicTemplate saBasicTemplate对象 
 	 */
 	@Autowired(required = false)
-	public void setSaBasicTemplate(SaBasicTemplate saBasicTemplate) {
-		SaBasicUtil.saBasicTemplate = saBasicTemplate;
+	public void setSaBasicTemplate(SaHttpBasicTemplate saBasicTemplate) {
+		SaHttpBasicUtil.saHttpBasicTemplate = saBasicTemplate;
 	}
 	
 	/**

sa-token-test/sa-token-springboot-test/src/test/java/cn/dev33/satoken/core/config/SaTokenConfigTest.java

@@ -89,8 +89,8 @@ public class SaTokenConfigTest {
 		config.setSameTokenTimeout(1004);
 		Assertions.assertEquals(config.getSameTokenTimeout(), 1004);
 
-		config.setBasic("sa:123456");
-		Assertions.assertEquals(config.getBasic(), "sa:123456");
+		config.setHttpBasic("sa:123456");
+		Assertions.assertEquals(config.getHttpBasic(), "sa:123456");
 
 		config.setCurrDomain("http://127.0.0.1:8084");
 		Assertions.assertEquals(config.getCurrDomain(), "http://127.0.0.1:8084");

sa-token-test/sa-token-springboot-test/src/test/java/cn/dev33/satoken/integrate/configure/inject/MySaBasicTemplate.java

@@ -17,9 +17,9 @@ package cn.dev33.satoken.integrate.configure.inject;
 
 import org.springframework.stereotype.Component;
 
-import cn.dev33.satoken.basic.SaBasicTemplate;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicTemplate;
 
 @Component
-public class MySaBasicTemplate extends SaBasicTemplate {
+public class MySaBasicTemplate extends SaHttpBasicTemplate {
 	
 }

sa-token-test/sa-token-springboot-test/src/test/java/cn/dev33/satoken/integrate/more/MoreController.java

@@ -18,7 +18,7 @@ package cn.dev33.satoken.integrate.more;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import cn.dev33.satoken.basic.SaBasicUtil;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
 import cn.dev33.satoken.context.SaHolder;
 import cn.dev33.satoken.context.model.SaRequest;
 import cn.dev33.satoken.util.SaFoxUtil;
@@ -57,7 +57,7 @@ public class MoreController {
 	// Http Basic 认证 
     @RequestMapping("basicAuth")
     public SaResult basicAuth() {
-    	SaBasicUtil.check("sa:123456");
+    	SaHttpBasicUtil.check("sa:123456");
     	return SaResult.ok();
     }