修改

4 years ago · 6bfd6b2530
parent 935fe128be
commit 6bfd6b2530
16 changed files with 44 additions and 76 deletions
--- a/sso-auth-center-service/sso-auth-center-admin/src/main/java/com/sso/controller/getway/OpenApiController.java
+++ b/sso-auth-center-service/sso-auth-center-admin/src/main/java/com/sso/controller/getway/OpenApiController.java
@ -10,7 +10,6 @@ import com.sso.common.utils.SystemClock;
 import com.sso.model.bo.getway.GetWayReqBO;
 import com.sso.service.getway.ApiClient;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.RandomStringUtils;
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
@ -42,8 +41,8 @@ public class OpenApiController {
 	public ResultModel<?> gateway(@Valid GetWayReqBO reqBO,
 								  HttpServletRequest request) throws Throwable {
 		Map<String, Object> mapParams = WebUtils.getParametersStartingWith(request, "");
-		//日志ID (请求的唯一标识+5位随机数)
-		MDC.put("logId", String.format("[%s-%s]", reqBO.getApiRequestId(), RandomStringUtils.randomAlphanumeric(5)));
+		//日志ID (系统编码+请求的唯一标识)
+		MDC.put("logId", String.format("[%s-%s]", reqBO.getSysCode(),reqBO.getApiRequestId()));

 		log.info("[ 统一认证开放接口 start ] >> method={} mapParams = {}", reqBO.getMethod(), mapParams);
 		long start = SystemClock.millisClock().now();
--- a/sso-auth-center-service/sso-auth-center-admin/src/main/resources/config/application-dev.properties
+++ b/sso-auth-center-service/sso-auth-center-admin/src/main/resources/config/application-dev.properties
@ -2,7 +2,7 @@ server.port=9901

 #日志配置
 logging.level.root=info
-logging.level.com.sso=info
+logging.level.com.sso=DEBUG
 logging.level.org.springframework=warn
 #日志文件路径
 log.root.path=${user.home}/logs/sso-auth-center
@ -48,7 +48,7 @@ spring.redis.pool-config.min-evictable-idle-time-millis=300000


 # 管理后台系统模块数据源
-spring.datasource.admin.url=jdbc:mysql://localhost:3306/my-sso?useUnicode=true&characterEncoding=utf8&autoReconnect=true&serverTimezone=Asia/Shanghai&allowMultiQueries=true
+spring.datasource.admin.url=jdbc:mysql://localhost:3306/auth-center?useUnicode=true&characterEncoding=utf8&autoReconnect=true&serverTimezone=Asia/Shanghai&allowMultiQueries=true
 spring.datasource.admin.username=root
 spring.datasource.admin.password=123456
 spring.datasource.admin.driver-class-name=com.mysql.cj.jdbc.Driver
@ -71,8 +71,8 @@ sys.config.tokenHeader=Authorization
 # 令牌密钥
 sys.config.tokenSecret=abcdefghijklmnopqrstuvwxyz
 #认证中心系统编码
-sys.config.authSsoSysCode=auth-test
-# 超级管理员用户(用户ID|用户名)
+sys.config.authSsoSysCode=auth-center
+# 超级管理员用户(用户ID|用户名)(用于控制超级管理员账号不允许编辑)
 sys.config.supperAdminUser=1000|admin

 # 令牌有效期（默认180分钟）
@ -80,11 +80,9 @@ sys.config.tokenExpireTime=180
 #统一认证中心登录地址
 sys.config.ssoLoginUrl=http://www.myauth.com:9528/login

-#文件上传目录
+#文件上传目录( 开源项目-未引入第三方-例如oss，建议图片服务器与认证中心服务分离)
 # 文件路径 示例（ Windows配置D:/xqiang/uploadPath，Linux配置 /home/xqiang/uploadPath）
-sys.config.fileProfile=/Users/mengqiang/files/upload
-
-
+sys.config.fileProfile=${user.home}/files/upload

 # 开发环境配置
 # 应用的访问路径
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/dao/entity/SsoSystem.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/dao/entity/SsoSystem.java
@ -35,11 +35,6 @@ public class SsoSystem implements Serializable {
 	 */
 	private String sysName;

-	/**
-	 * 系统权限编码
-	 */
-	private String sysGrantCode;
-
 	/**
 	 * 系统链接
 	 */
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/model/bo/getway/ApplyAuthBO.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/model/bo/getway/ApplyAuthBO.java
@ -2,6 +2,7 @@ package com.sso.model.bo.getway;

 import lombok.Data;

+import javax.validation.constraints.Pattern;
 import java.io.Serializable;

 /**
@ -16,15 +17,9 @@ public class ApplyAuthBO implements Serializable {
 	private static final long serialVersionUID = -3755046680856409972L;

 	/**
-	 * 退出登录访问地址
-	 */
-	private String loginOutUrl;
-
-	/**
-	 * 菜单类型
-	 * 1-列表; 2-树形列表
+	 * 登录token
 	 */
-	private String menuType;
+	private String ssoToken;

 	/**
 	 * 跳转url
@ -32,14 +27,16 @@ public class ApplyAuthBO implements Serializable {
 	private String redirectUrl;

 	/**
-	 * 登录token
+	 * 退出登录访问地址
 	 */
-	private String ssoToken;
+	private String loginOutUrl;

 	/**
-	 * 来源IP
+	 * 菜单类型
+	 * 1-列表; 2-树形列表
 	 */
-	private String sourceIp;
+	@Pattern(regexp = "[1-2]", message = "菜单类型可选值为1~2")
+	private String menuType;


 }
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/model/bo/getway/GetWayReqBO.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/model/bo/getway/GetWayReqBO.java
@ -4,6 +4,7 @@ package com.sso.model.bo.getway;
 import lombok.Data;

 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Pattern;
 import java.io.Serializable;

@ -34,8 +35,7 @@ public class GetWayReqBO implements Serializable {
 	@NotBlank(message = "版本号不能为空")
 	private String version;

-	@NotBlank(message = "签名类型不能为空")
-	@Pattern(regexp = "[1-3]", message = "签名类型只能为1或2或3")
+	@Pattern(regexp = "[1-2]", message = "签名类型可选值为1~2")
 	private String signType;

 	@NotBlank(message = "请求时间戳不能为空")
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/service/admin/impl/SystemServiceImpl.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/service/admin/impl/SystemServiceImpl.java
@ -24,6 +24,7 @@ import com.sso.model.vo.platform.SystemDetailVO;
 import com.sso.model.vo.platform.SystemListVO;
 import com.sso.service.admin.SystemService;
 import com.sso.service.admin.login.PermissionService;
+import com.sso.service.base.SysConfigService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
@ -60,6 +61,8 @@ public class SystemServiceImpl implements SystemService {
 	private SsoSystemManagerMapper ssoSystemManagerMapper;
 	@Resource
 	private SysConfigProperty sysConfigProperty;
+	@Resource
+	private SysConfigService sysConfigService;

 	/**
 	 * 我的平台列表
@ -73,7 +76,7 @@ public class SystemServiceImpl implements SystemService {

 		List<SsoSystem> systemList = null;
 		//管理员拥有所有权限
-		if (SsoPermissionConstants.ADMIN_USER_SET.contains(loginUser.getUsername())) {
+		if (sysConfigService.getSupperAdminUserId().equals(loginUser.getUserId())) {
 			systemList = ssoSystemMapper.listMySystemByAdmin(loginUser.getUserId(), SystemStatusEnum.getEnableStatusList());
 		} else {
 			systemList = ssoSystemMapper.listMySystemByUserId(loginUser.getUserId());
@ -140,10 +143,10 @@ public class SystemServiceImpl implements SystemService {

 		List<SsoSystem> systemList = null;
 		//管理员拥有所有权限
-		if (SsoPermissionConstants.ADMIN_USER_SET.contains(loginUser.getUsername())) {
+		if (sysConfigService.getSupperAdminUserId().equals(loginUser.getUser().getUserId())) {
 			systemList = ssoSystemMapper.listMySystemByAdmin(loginUser.getUser().getUserId(), SystemStatusEnum.getAllStatusList());
 		}
-		//认证中心管理员-角色拥有所有权限
+		//认证中心管理员-角色拥有所有平台管理权限
 		else if (loginUser.getRoleKeyList().contains(SsoPermissionConstants.ADMIN_ROLE_KEY)) {
 			systemList = ssoSystemMapper.listMySystemByAdmin(loginUser.getUser().getUserId(), SystemStatusEnum.getAllStatusList());
 		} else {
@ -200,13 +203,13 @@ public class SystemServiceImpl implements SystemService {
 		//新增
 		ssoSystemMapper.insertSelective(ssoSystem);

-		//若非管理员-管理员拥有所有权限
-		if (SsoPermissionConstants.ADMIN_USER_SET.contains(loginUser.getUsername())) {
+		//管理员拥有所有权限
+		if (sysConfigService.getSupperAdminUserId().equals(loginUser.getUserId())) {
 			log.info("[ 平台新增完成 ] >> {}", saveBO.getLogValue());
 			return;
 		}

-		//为新增该平台用户-添加用户与当前系统关系
+		//若非管理员-为新增该平台用户-添加用户与当前系统关系
 		this.addUserSystemRelation(saveBO.getSysCode(), loginUser.getUserId(), saveBO);
 		//为新增该平台用户-添加系统管理权限
 		this.addSystemMgmt(saveBO.getSysCode(), loginUser.getUserId(), saveBO);
@ -387,7 +390,6 @@ public class SystemServiceImpl implements SystemService {
 	private SsoSystem buildSsoSystem(SystemSaveBO saveBO) {
 		SsoSystem ssoSystem = new SsoSystem();
 		ssoSystem.setSysCode(saveBO.getSysCode());
-		ssoSystem.setSysGrantCode(saveBO.getSysCode());
 		ssoSystem.setSysName(saveBO.getSysName());
 		ssoSystem.setSysUrl(saveBO.getSysUrl());
 		ssoSystem.setSysIcon(saveBO.getSysIcon());
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/service/admin/login/SysPermissionService.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/service/admin/login/SysPermissionService.java
@ -20,6 +20,7 @@ import com.sso.framework.config.property.SysConfigProperty;
 import com.sso.model.vo.login.LoginMenuVO;
 import com.sso.model.vo.login.LoginUserInfoVO;
 import com.sso.service.base.SsoTokenService;
+import com.sso.service.base.SysConfigService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.util.CollectionUtils;
@ -37,14 +38,14 @@ public class SysPermissionService {

 	@Autowired
 	private SsoTokenService ssoTokenService;
-
 	@Resource
 	private SsoMenuMapper ssoMenuMapper;
 	@Resource
 	private SsoRoleMapper ssoRoleMapper;
 	@Resource
 	private SysConfigProperty sysConfigProperty;
-
+	@Resource
+	private SysConfigService sysConfigService;

 	/**
 	 * 获取登录用户信息
@ -74,7 +75,7 @@ public class SysPermissionService {
 	public Set<String> getRolePermission(LoginUserVO user) {
 		Set<String> roles = new HashSet<>();
 		// 管理员拥有所有权限
-		if (SsoPermissionConstants.ADMIN_USER_SET.contains(user.getUsername())) {
+		if (sysConfigService.getSupperAdminUserId().equals(user.getUserId())) {
 			roles.add("**");
 		} else {
 			roles.addAll(ssoRoleMapper.getRoleKeyBySysCodeAndUserId(sysConfigProperty.getAuthSsoSysCode(), user.getUserId()));
@ -97,7 +98,7 @@ public class SysPermissionService {
 		List<SsoMenu> menuList;

 		//管理员拥有所有权限
-		if (SsoPermissionConstants.ADMIN_USER_SET.contains(user.getUsername())) {
+		if (sysConfigService.getSupperAdminUserId().equals(user.getUserId())) {
 			permissionList = Collections.singleton(SsoPermissionConstants.ALL_PERMISSION);
 			menuList = ssoMenuMapper.getEnableMenuListBySysCode(sysCode);
 			//转换成树结构
--- a/sso-auth-center-service/sso-business/src/main/java/com/sso/service/getway/impl/ApplyAuthServiceImpl.java
+++ b/sso-auth-center-service/sso-business/src/main/java/com/sso/service/getway/impl/ApplyAuthServiceImpl.java
@ -79,7 +79,8 @@ public class ApplyAuthServiceImpl implements ApplyAuthService {
 		//入参token为空，说明未登录，返回扫码授权url
 		if (StringUtils.isEmpty(authBO.getSsoToken())) {
 			log.info("[ 认证失败 ] >> token 为空 ，返回认证中心登录地址 ");
-			return ApplyAuthVO.authFailNeedLogin(sysConfigProperty.getSsoLoginUrl());
+			String targetRedirectUrl = StringUtils.isNoneBlank(authBO.getRedirectUrl()) ? authBO.getRedirectUrl() : system.getSysUrl();
+			return ApplyAuthVO.authFailNeedLogin(sysConfigProperty.getSsoLoginUrl(), targetRedirectUrl);
 		}

 		//toke缓存key
@ -110,7 +111,7 @@ public class ApplyAuthServiceImpl implements ApplyAuthService {
 		//刷新token有效期
 		redisCache.hSet(tokenCacheKey, loginUserInfo.getToken(), loginUserInfo, sysConfigProperty.getTokenExpireTime(), TimeUnit.MINUTES);

-		//刷新登录记录表效期
+		//刷新在线用户记录表效期
 		if (StringUtils.isNotBlank(loginUserInfo.getRequestId())) {
 			ssoOnlineUserMapper.refreshExpireTimeByRequestId(loginUserInfo.getRequestId(), loginUserInfo.getExpireTime());
 		}
--- a/sso-auth-center-service/sso-business/src/main/resources/mapper/mybatis/SsoMenuMapper.xml
+++ b/sso-auth-center-service/sso-business/src/main/resources/mapper/mybatis/SsoMenuMapper.xml
@ -111,7 +111,8 @@
        AND a.sys_code = #{sysCode,jdbcType=VARCHAR}
        AND d.sys_code = #{sysCode,jdbcType=VARCHAR}
        AND d.user_id = #{userId,jdbcType=BIGINT}
-        OR (a.sys_code = #{sysCode,jdbcType=VARCHAR} and use_type=1 )
+        <!-- 未删除-并且启用状态+默认开放访问的菜单 -->
+        OR (a.sys_code = #{sysCode,jdbcType=VARCHAR}  AND a.del_flag = 0  AND a.`status` = 0 and a.use_type=1 )
        ORDER BY a.sort_num
    </select>

--- a/sso-auth-center-service/sso-business/src/main/resources/mapper/mybatis/SsoSystemMapper.xml
+++ b/sso-auth-center-service/sso-business/src/main/resources/mapper/mybatis/SsoSystemMapper.xml
@ -7,7 +7,6 @@
        <id column="sys_id" property="sysId" jdbcType="BIGINT"/>
        <result column="sys_code" property="sysCode" jdbcType="VARCHAR"/>
        <result column="sys_name" property="sysName" jdbcType="VARCHAR"/>
-        <result column="sys_grant_code" property="sysGrantCode" jdbcType="VARCHAR"/>
        <result column="sys_url" property="sysUrl" jdbcType="VARCHAR"/>
        <result column="sys_icon" property="sysIcon" jdbcType="VARCHAR"/>
        <result column="sys_env" property="sysEnv" jdbcType="INTEGER"/>
@ -27,7 +26,6 @@
      sys_id,
      sys_code,
      sys_name,
-      sys_grant_code,
      sys_url,
      sys_icon,
      sys_env,
@ -46,7 +44,6 @@
      a.sys_id,
      a.sys_code,
      a.sys_name,
-      a.sys_grant_code,
      a.sys_url,
      a.sys_icon,
      a.sys_env,
@ -106,7 +103,6 @@
          a.sys_id,
          a.sys_code,
          a.sys_name,
-          a.sys_grant_code,
          a.sys_url,
          a.sys_icon,
          a.sys_env,
@ -138,7 +134,6 @@
          a.sys_id,
          a.sys_code,
          a.sys_name,
-          a.sys_grant_code,
          a.sys_url,
          a.sys_icon,
          a.sys_env,
@ -181,7 +176,6 @@
        sys_id,
        sys_code,
        sys_name,
-        sys_grant_code,
        sys_url,
        sys_icon,
        sys_env,
@ -199,7 +193,6 @@
          #{sysId,jdbcType=BIGINT},
          #{sysCode,jdbcType=VARCHAR},
          #{sysName,jdbcType=VARCHAR},
-          #{sysGrantCode,jdbcType=VARCHAR},
          #{sysUrl,jdbcType=VARCHAR},
          #{sysIcon,jdbcType=VARCHAR},
          #{sysEnv,jdbcType=INTEGER},
@ -226,9 +219,6 @@
            <if test="sysName != null">
                sys_name,
            </if>
-            <if test="sysGrantCode != null">
-                sys_grant_code,
-            </if>
            <if test="sysUrl != null">
                sys_url,
            </if>
@ -273,9 +263,6 @@
            <if test="sysName != null">
                #{sysName,jdbcType=VARCHAR},
            </if>
-            <if test="sysGrantCode != null">
-                #{sysGrantCode,jdbcType=VARCHAR},
-            </if>
            <if test="sysUrl != null">
                #{sysUrl,jdbcType=VARCHAR},
            </if>
@ -317,7 +304,6 @@
      SET
       sys_code = #{sysCode,jdbcType=VARCHAR},
       sys_name = #{sysName,jdbcType=VARCHAR},
-       sys_grant_code = #{sysGrantCode,jdbcType=VARCHAR},
       sys_url = #{sysUrl,jdbcType=VARCHAR},
       sys_icon = #{sysIcon,jdbcType=VARCHAR},
       sys_env = #{sysEnv,jdbcType=INTEGER},
@ -354,9 +340,6 @@
            <if test="sysName != null">
                sys_name = #{sysName,jdbcType=VARCHAR},
            </if>
-            <if test="sysGrantCode != null">
-                sys_grant_code = #{sysGrantCode,jdbcType=VARCHAR},
-            </if>
            <if test="sysUrl != null">
                sys_url = #{sysUrl,jdbcType=VARCHAR},
            </if>
--- a/sso-auth-center-service/sso-common/src/main/java/com/sso/common/constant/SsoPermissionConstants.java
+++ b/sso-auth-center-service/sso-common/src/main/java/com/sso/common/constant/SsoPermissionConstants.java
@ -1,8 +1,5 @@
 package com.sso.common.constant;

-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;

 /**
 * 权限相关常量信息
@ -21,9 +18,4 @@ public class SsoPermissionConstants {
 	 */
 	public static final String ADMIN_ROLE_KEY = "admin";

-	/**
-	 * 管理员账户名
-	 */
-	public static final Set<String> ADMIN_USER_SET = new HashSet<>(Collections.singletonList("admin"));
-
 }
--- a/sso-auth-center-service/sso-common/src/main/java/com/sso/common/enums/SignTypeEnum.java
+++ b/sso-auth-center-service/sso-common/src/main/java/com/sso/common/enums/SignTypeEnum.java
@ -1,6 +1,7 @@
 package com.sso.common.enums;

 import lombok.Getter;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.math.NumberUtils;

 /**
--- a/sso-auth-center-service/sso-common/src/main/java/com/sso/common/utils/SsoSignUtil.java
+++ b/sso-auth-center-service/sso-common/src/main/java/com/sso/common/utils/SsoSignUtil.java
@ -39,7 +39,6 @@ public class SsoSignUtil {
 			//MD5 方式拼接 &secret
 			content = content + "&secret=" + secret;

-			log.info("[ 加签参数 ] content:{}", content);
 			//MD5加签
 			return DigestUtils.md5Hex(content);
 		} catch (Exception e) {
--- a/sso-auth-center-service/sso-framework/src/main/java/com/sso/framework/gateway/ApiScanner.java
+++ b/sso-auth-center-service/sso-framework/src/main/java/com/sso/framework/gateway/ApiScanner.java
@ -42,7 +42,7 @@ public class ApiScanner implements CommandLineRunner {
 	/**
 	 * 统计扫描次数
 	 */
-	private final AtomicInteger atomicInteger = new AtomicInteger(0);
+	private final AtomicInteger methodSize = new AtomicInteger(0);

 	@Resource
 	private ApiContainer apiContainer;
@ -61,7 +61,7 @@ public class ApiScanner implements CommandLineRunner {
 			//获取扫描类下所有方法
 			Method[] methods = ReflectionUtils.getAllDeclaredMethods(map.getValue().getClass());
 			for (Method method : methods) {
-				atomicInteger.incrementAndGet();
+				methodSize.incrementAndGet();
 				//找到带有OpenApi 注解的方法
 				OpenApi openApi = AnnotationUtils.findAnnotation(method, OpenApi.class);
 				if (null == openApi) {
@ -79,14 +79,13 @@ public class ApiScanner implements CommandLineRunner {
 				LOGGER.info("Api开放接口加载成功 >> method = {} , desc={}", openApi.method(), openApi.desc());
 			}
 		}
-		LOGGER.info("Api开放接口容器加载完毕 >> size = {} loopTimes={}", apiContainer.size(), atomicInteger.get());
+		LOGGER.info("Api开放接口容器加载完毕 >> size = {} , methodSize={}", apiContainer.size(), methodSize.get());
 	}

 	/**
 	 * 获取业务参数对象
 	 *
 	 * @param method
-	 * @return
 	 */
 	private String getParamName(Method method) {
 		ArrayList<String> result = new ArrayList<>();
--- a/sso-auth-center-vue/src/views/sso/platform/platformDetail.vue
+++ b/sso-auth-center-vue/src/views/sso/platform/platformDetail.vue
@ -449,7 +449,7 @@ export default {
        sysIcon: '',
        sysEnv: 0,
        status: 0,
-        sortNum: 0,
+        sortNum: 100,
        remarks: ''
      }
      this.updateSecretForm = {
--- a/sso-auth-center-vue/src/views/sso/platform/platformMgmt.vue
+++ b/sso-auth-center-vue/src/views/sso/platform/platformMgmt.vue
@ -251,7 +251,7 @@ export default {
        sysIcon: '',
        sysEnv: 0,
        status: 0,
-        sortNum: 0,
+        sortNum: 100,
        remarks: ''
      }
      this.resetForm('addForm')