mirror of https://gitee.com/maxjhandsome/pig
🎨 Improving structure / format of the code. 代码格式化
This commit is contained in:
lbw
parent
67ed0368f1
commit
fefdc8db32
|
|
@ -73,4 +73,5 @@ public class ConsoleConfig {
|
|||
public Jackson2ObjectMapperBuilderCustomizer jacksonObjectMapperCustomization() {
|
||||
return jacksonObjectMapperBuilder -> jacksonObjectMapperBuilder.timeZone(ZoneId.systemDefault().toString());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,10 +51,10 @@ public class HealthController {
|
|||
}
|
||||
|
||||
/**
|
||||
* Whether the Nacos is in broken states or not, and cannot recover except by being restarted.
|
||||
*
|
||||
* @return HTTP code equal to 200 indicates that Nacos is in right states. HTTP code equal to 500 indicates that
|
||||
* Nacos is in broken states.
|
||||
* Whether the Nacos is in broken states or not, and cannot recover except by being
|
||||
* restarted.
|
||||
* @return HTTP code equal to 200 indicates that Nacos is in right states. HTTP code
|
||||
* equal to 500 indicates that Nacos is in broken states.
|
||||
*/
|
||||
@GetMapping("/liveness")
|
||||
public ResponseEntity<String> liveness() {
|
||||
|
|
@ -63,9 +63,8 @@ public class HealthController {
|
|||
|
||||
/**
|
||||
* Ready to receive the request or not.
|
||||
*
|
||||
* @return HTTP code equal to 200 indicates that Nacos is ready. HTTP code equal to 500 indicates that Nacos is not
|
||||
* ready.
|
||||
* @return HTTP code equal to 200 indicates that Nacos is ready. HTTP code equal to
|
||||
* 500 indicates that Nacos is not ready.
|
||||
*/
|
||||
@GetMapping("/readiness")
|
||||
public ResponseEntity<String> readiness(HttpServletRequest request) {
|
||||
|
|
@ -77,7 +76,8 @@ public class HealthController {
|
|||
}
|
||||
|
||||
if (!isConfigReadiness && !isNamingReadiness) {
|
||||
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Config and Naming are not in readiness");
|
||||
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
|
||||
.body("Config and Naming are not in readiness");
|
||||
}
|
||||
|
||||
if (!isConfigReadiness) {
|
||||
|
|
@ -92,7 +92,8 @@ public class HealthController {
|
|||
try {
|
||||
persistService.configInfoCount("");
|
||||
return true;
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
LOGGER.error("Config health check fail.", e);
|
||||
}
|
||||
return false;
|
||||
|
|
@ -102,9 +103,11 @@ public class HealthController {
|
|||
try {
|
||||
apiCommands.metrics(request);
|
||||
return true;
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
LOGGER.error("Naming health check fail.", e);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,8 +75,7 @@ public class NamespaceController {
|
|||
|
||||
/**
|
||||
* Get namespace list.
|
||||
*
|
||||
* @param request request
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @return namespace list
|
||||
*/
|
||||
|
|
@ -84,8 +83,8 @@ public class NamespaceController {
|
|||
public RestResult<List<Namespace>> getNamespaces(HttpServletRequest request, HttpServletResponse response) {
|
||||
// TODO 获取用kp
|
||||
List<TenantInfo> tenantInfos = persistService.findTenantByKp(DEFAULT_KP);
|
||||
Namespace namespace0 = new Namespace("", DEFAULT_NAMESPACE, DEFAULT_QUOTA, persistService.configInfoCount(DEFAULT_TENANT),
|
||||
NamespaceTypeEnum.GLOBAL.getType());
|
||||
Namespace namespace0 = new Namespace("", DEFAULT_NAMESPACE, DEFAULT_QUOTA,
|
||||
persistService.configInfoCount(DEFAULT_TENANT), NamespaceTypeEnum.GLOBAL.getType());
|
||||
List<Namespace> namespaces = new ArrayList<Namespace>();
|
||||
namespaces.add(namespace0);
|
||||
for (TenantInfo tenantInfo : tenantInfos) {
|
||||
|
|
@ -99,32 +98,32 @@ public class NamespaceController {
|
|||
|
||||
/**
|
||||
* get namespace all info by namespace id.
|
||||
*
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param namespaceId namespaceId
|
||||
* @return namespace all info
|
||||
*/
|
||||
@GetMapping(params = "show=all")
|
||||
public NamespaceAllInfo getNamespace(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("namespaceId") String namespaceId) {
|
||||
@RequestParam("namespaceId") String namespaceId) {
|
||||
// TODO 获取用kp
|
||||
if (StringUtils.isBlank(namespaceId)) {
|
||||
return new NamespaceAllInfo(namespaceId, DEFAULT_NAMESPACE_SHOW_NAME, DEFAULT_QUOTA, persistService.configInfoCount(DEFAULT_TENANT),
|
||||
NamespaceTypeEnum.GLOBAL.getType(), DEFAULT_NAMESPACE_DESCRIPTION);
|
||||
} else {
|
||||
return new NamespaceAllInfo(namespaceId, DEFAULT_NAMESPACE_SHOW_NAME, DEFAULT_QUOTA,
|
||||
persistService.configInfoCount(DEFAULT_TENANT), NamespaceTypeEnum.GLOBAL.getType(),
|
||||
DEFAULT_NAMESPACE_DESCRIPTION);
|
||||
}
|
||||
else {
|
||||
TenantInfo tenantInfo = persistService.findTenantByKp(DEFAULT_KP, namespaceId);
|
||||
int configCount = persistService.configInfoCount(namespaceId);
|
||||
return new NamespaceAllInfo(namespaceId, tenantInfo.getTenantName(), DEFAULT_QUOTA, configCount, NamespaceTypeEnum.CUSTOM.getType(),
|
||||
tenantInfo.getTenantDesc());
|
||||
return new NamespaceAllInfo(namespaceId, tenantInfo.getTenantName(), DEFAULT_QUOTA, configCount,
|
||||
NamespaceTypeEnum.CUSTOM.getType(), tenantInfo.getTenantDesc());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* create namespace.
|
||||
*
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param namespaceName namespace Name
|
||||
* @param namespaceDesc namespace Desc
|
||||
* @return whether create ok
|
||||
|
|
@ -132,12 +131,13 @@ public class NamespaceController {
|
|||
@PostMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||
public Boolean createNamespace(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("customNamespaceId") String namespaceId, @RequestParam("namespaceName") String namespaceName,
|
||||
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
||||
@RequestParam("customNamespaceId") String namespaceId, @RequestParam("namespaceName") String namespaceName,
|
||||
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
||||
// TODO 获取用kp
|
||||
if (StringUtils.isBlank(namespaceId)) {
|
||||
namespaceId = UUID.randomUUID().toString();
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
namespaceId = namespaceId.trim();
|
||||
if (!namespaceIdCheckPattern.matcher(namespaceId).matches()) {
|
||||
return false;
|
||||
|
|
@ -149,14 +149,13 @@ public class NamespaceController {
|
|||
return false;
|
||||
}
|
||||
}
|
||||
persistService.insertTenantInfoAtomic(DEFAULT_KP, namespaceId, namespaceName, namespaceDesc, DEFAULT_CREATE_SOURCE,
|
||||
System.currentTimeMillis());
|
||||
persistService.insertTenantInfoAtomic(DEFAULT_KP, namespaceId, namespaceName, namespaceDesc,
|
||||
DEFAULT_CREATE_SOURCE, System.currentTimeMillis());
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* check namespaceId exist.
|
||||
*
|
||||
* @param namespaceId namespace id
|
||||
* @return true if exist, otherwise false
|
||||
*/
|
||||
|
|
@ -170,17 +169,16 @@ public class NamespaceController {
|
|||
|
||||
/**
|
||||
* edit namespace.
|
||||
*
|
||||
* @param namespace namespace
|
||||
* @param namespace namespace
|
||||
* @param namespaceShowName namespace ShowName
|
||||
* @param namespaceDesc namespace Desc
|
||||
* @param namespaceDesc namespace Desc
|
||||
* @return whether edit ok
|
||||
*/
|
||||
@PutMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||
public Boolean editNamespace(@RequestParam("namespace") String namespace,
|
||||
@RequestParam("namespaceShowName") String namespaceShowName,
|
||||
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
||||
@RequestParam("namespaceShowName") String namespaceShowName,
|
||||
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
||||
// TODO 获取用kp
|
||||
persistService.updateTenantNameAtomic(DEFAULT_KP, namespace, namespaceShowName, namespaceDesc);
|
||||
return true;
|
||||
|
|
@ -188,16 +186,15 @@ public class NamespaceController {
|
|||
|
||||
/**
|
||||
* del namespace by id.
|
||||
*
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param request request
|
||||
* @param response response
|
||||
* @param namespaceId namespace Id
|
||||
* @return whether del ok
|
||||
*/
|
||||
@DeleteMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||
public Boolean deleteConfig(HttpServletRequest request, HttpServletResponse response,
|
||||
@RequestParam("namespaceId") String namespaceId) {
|
||||
@RequestParam("namespaceId") String namespaceId) {
|
||||
persistService.removeTenantInfoAtomic(DEFAULT_KP, namespaceId);
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,25 +45,23 @@ public class PermissionController {
|
|||
|
||||
/**
|
||||
* Query permissions of a role.
|
||||
*
|
||||
* @param role the role
|
||||
* @param pageNo page index
|
||||
* @param role the role
|
||||
* @param pageNo page index
|
||||
* @param pageSize page size
|
||||
* @return permission of a role
|
||||
*/
|
||||
@GetMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.READ)
|
||||
public Object getPermissions(@RequestParam int pageNo, @RequestParam int pageSize,
|
||||
@RequestParam(name = "role", defaultValue = StringUtils.EMPTY) String role) {
|
||||
@RequestParam(name = "role", defaultValue = StringUtils.EMPTY) String role) {
|
||||
return nacosRoleService.getPermissionsFromDatabase(role, pageNo, pageSize);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a permission to a role.
|
||||
*
|
||||
* @param role the role
|
||||
* @param role the role
|
||||
* @param resource the related resource
|
||||
* @param action the related action
|
||||
* @param action the related action
|
||||
* @return ok if succeed
|
||||
*/
|
||||
@PostMapping
|
||||
|
|
@ -75,17 +73,17 @@ public class PermissionController {
|
|||
|
||||
/**
|
||||
* Delete a permission from a role.
|
||||
*
|
||||
* @param role the role
|
||||
* @param role the role
|
||||
* @param resource the related resource
|
||||
* @param action the related action
|
||||
* @param action the related action
|
||||
* @return ok if succeed
|
||||
*/
|
||||
@DeleteMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.WRITE)
|
||||
public Object deletePermission(@RequestParam String role, @RequestParam String resource,
|
||||
@RequestParam String action) {
|
||||
@RequestParam String action) {
|
||||
nacosRoleService.deletePermission(role, resource, action);
|
||||
return RestResultUtils.success("delete permission ok!");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,8 +47,7 @@ public class RoleController {
|
|||
|
||||
/**
|
||||
* Get roles list.
|
||||
*
|
||||
* @param pageNo number index of page
|
||||
* @param pageNo number index of page
|
||||
* @param pageSize page size
|
||||
* @param username optional, username of user
|
||||
* @return role list
|
||||
|
|
@ -56,13 +55,12 @@ public class RoleController {
|
|||
@GetMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.READ)
|
||||
public Object getRoles(@RequestParam int pageNo, @RequestParam int pageSize,
|
||||
@RequestParam(name = "username", defaultValue = "") String username) {
|
||||
@RequestParam(name = "username", defaultValue = "") String username) {
|
||||
return roleService.getRolesFromDatabase(username, pageNo, pageSize);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fuzzy matching role name .
|
||||
*
|
||||
* @param role role id
|
||||
* @return role list
|
||||
*/
|
||||
|
|
@ -75,9 +73,10 @@ public class RoleController {
|
|||
/**
|
||||
* Add a role to a user
|
||||
*
|
||||
* <p>This method is used for 2 functions: 1. create a role and bind it to GLOBAL_ADMIN. 2. bind a role to an user.
|
||||
*
|
||||
* @param role role name
|
||||
* <p>
|
||||
* This method is used for 2 functions: 1. create a role and bind it to GLOBAL_ADMIN.
|
||||
* 2. bind a role to an user.
|
||||
* @param role role name
|
||||
* @param username username
|
||||
* @return Code 200 and message 'add role ok!'
|
||||
*/
|
||||
|
|
@ -90,18 +89,18 @@ public class RoleController {
|
|||
|
||||
/**
|
||||
* Delete a role. If no username is specified, all users under this role are deleted.
|
||||
*
|
||||
* @param role role
|
||||
* @param role role
|
||||
* @param username username
|
||||
* @return ok if succeed
|
||||
*/
|
||||
@DeleteMapping
|
||||
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.WRITE)
|
||||
public Object deleteRole(@RequestParam String role,
|
||||
@RequestParam(name = "username", defaultValue = StringUtils.EMPTY) String username) {
|
||||
@RequestParam(name = "username", defaultValue = StringUtils.EMPTY) String username) {
|
||||
if (StringUtils.isBlank(username)) {
|
||||
roleService.deleteRole(role);
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
roleService.deleteRole(role, username);
|
||||
}
|
||||
return RestResultUtils.success("delete role of user " + username + " ok!");
|
||||
|
|
|
|||
|
|
@ -37,7 +37,6 @@ public class ServerStateController {
|
|||
|
||||
/**
|
||||
* Get server state of current server.
|
||||
*
|
||||
* @return state json.
|
||||
*/
|
||||
@GetMapping("/state")
|
||||
|
|
|
|||
|
|
@ -65,7 +65,7 @@ import java.util.Objects;
|
|||
* @author nkorange
|
||||
*/
|
||||
@RestController("user")
|
||||
@RequestMapping({"/v1/auth", "/v1/auth/users"})
|
||||
@RequestMapping({ "/v1/auth", "/v1/auth/users" })
|
||||
public class UserController {
|
||||
|
||||
@Autowired
|
||||
|
|
@ -88,7 +88,6 @@ public class UserController {
|
|||
|
||||
/**
|
||||
* Create a new user.
|
||||
*
|
||||
* @param username username
|
||||
* @param password password
|
||||
* @return ok if create succeed
|
||||
|
|
@ -109,7 +108,6 @@ public class UserController {
|
|||
|
||||
/**
|
||||
* Delete an existed user.
|
||||
*
|
||||
* @param username username of user
|
||||
* @return ok if deleted succeed, keep silent if user not exist
|
||||
* @since 1.2.0
|
||||
|
|
@ -131,8 +129,7 @@ public class UserController {
|
|||
|
||||
/**
|
||||
* Update an user.
|
||||
*
|
||||
* @param username username of user
|
||||
* @param username username of user
|
||||
* @param newPassword new password of user
|
||||
* @param response http response
|
||||
* @param request http request
|
||||
|
|
@ -143,7 +140,7 @@ public class UserController {
|
|||
@PutMapping
|
||||
@Secured(resource = NacosAuthConfig.UPDATE_PASSWORD_ENTRY_POINT, action = ActionTypes.WRITE)
|
||||
public Object updateUser(@RequestParam String username, @RequestParam String newPassword,
|
||||
HttpServletResponse response, HttpServletRequest request) throws IOException {
|
||||
HttpServletResponse response, HttpServletRequest request) throws IOException {
|
||||
// admin or same user
|
||||
if (!hasPermission(username, request)) {
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN, "authorization failed!");
|
||||
|
|
@ -178,8 +175,7 @@ public class UserController {
|
|||
|
||||
/**
|
||||
* Get paged users.
|
||||
*
|
||||
* @param pageNo number index of page
|
||||
* @param pageNo number index of page
|
||||
* @param pageSize size of page
|
||||
* @return A collection of users, empty set if no user is found
|
||||
* @since 1.2.0
|
||||
|
|
@ -193,21 +189,21 @@ public class UserController {
|
|||
/**
|
||||
* Login to Nacos
|
||||
*
|
||||
* <p>This methods uses username and password to require a new token.
|
||||
*
|
||||
* <p>
|
||||
* This methods uses username and password to require a new token.
|
||||
* @param username username of user
|
||||
* @param password password
|
||||
* @param response http response
|
||||
* @param request http request
|
||||
* @param request http request
|
||||
* @return new token of the user
|
||||
* @throws AccessException if user info is incorrect
|
||||
*/
|
||||
@PostMapping("/login")
|
||||
public Object login(@RequestParam String username, @RequestParam String password, HttpServletResponse response,
|
||||
HttpServletRequest request) throws AccessException {
|
||||
HttpServletRequest request) throws AccessException {
|
||||
|
||||
if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType()) || AuthSystemTypes.LDAP
|
||||
.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())
|
||||
|| AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
NacosUser user = (NacosUser) authManager.login(request);
|
||||
|
||||
response.addHeader(NacosAuthConfig.AUTHORIZATION_HEADER, NacosAuthConfig.TOKEN_PREFIX + user.getToken());
|
||||
|
|
@ -220,12 +216,14 @@ public class UserController {
|
|||
return result;
|
||||
}
|
||||
|
||||
// create Authentication class through username and password, the implement class is UsernamePasswordAuthenticationToken
|
||||
// create Authentication class through username and password, the implement class
|
||||
// is UsernamePasswordAuthenticationToken
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username,
|
||||
password);
|
||||
|
||||
try {
|
||||
// use the method authenticate of AuthenticationManager(default implement is ProviderManager) to valid Authentication
|
||||
// use the method authenticate of AuthenticationManager(default implement is
|
||||
// ProviderManager) to valid Authentication
|
||||
Authentication authentication = authenticationManager.authenticate(authenticationToken);
|
||||
// bind SecurityContext to Authentication
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
|
|
@ -234,22 +232,23 @@ public class UserController {
|
|||
// write Token to Http header
|
||||
response.addHeader(NacosAuthConfig.AUTHORIZATION_HEADER, "Bearer " + token);
|
||||
return RestResultUtils.success("Bearer " + token);
|
||||
} catch (BadCredentialsException authentication) {
|
||||
}
|
||||
catch (BadCredentialsException authentication) {
|
||||
return RestResultUtils.failed(HttpStatus.UNAUTHORIZED.value(), null, "Login failed");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Update password.
|
||||
*
|
||||
* @param oldPassword old password
|
||||
* @param newPassword new password
|
||||
* @return Code 200 if update successfully, Code 401 if old password invalid, otherwise 500
|
||||
* @return Code 200 if update successfully, Code 401 if old password invalid,
|
||||
* otherwise 500
|
||||
*/
|
||||
@PutMapping("/password")
|
||||
@Deprecated
|
||||
public RestResult<String> updatePassword(@RequestParam(value = "oldPassword") String oldPassword,
|
||||
@RequestParam(value = "newPassword") String newPassword) {
|
||||
@RequestParam(value = "newPassword") String newPassword) {
|
||||
Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
||||
String username = ((UserDetails) principal).getUsername();
|
||||
User user = userDetailsService.getUserFromDatabase(username);
|
||||
|
|
@ -262,15 +261,14 @@ public class UserController {
|
|||
return RestResultUtils.success("Update password success");
|
||||
}
|
||||
return RestResultUtils.failed(HttpStatus.UNAUTHORIZED.value(), "Old password is invalid");
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
return RestResultUtils.failed(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Update userpassword failed");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Fuzzy matching username.
|
||||
*
|
||||
* @param username username
|
||||
* @return Matched username
|
||||
*/
|
||||
|
|
@ -279,4 +277,5 @@ public class UserController {
|
|||
public List<String> searchUsersLikeUsername(@RequestParam String username) {
|
||||
return userDetailsService.findUserLikeUsername(username);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@
|
|||
package com.alibaba.nacos.enums;
|
||||
|
||||
/**
|
||||
* the enum of namespace.
|
||||
* 0 : Global configuration, 1 : Default private namespace ,2 : Custom namespace.
|
||||
* the enum of namespace. 0 : Global configuration, 1 : Default private namespace ,2 :
|
||||
* Custom namespace.
|
||||
*
|
||||
* @author chenglu
|
||||
* @date 2021-05-25 17:01
|
||||
|
|
@ -62,4 +62,5 @@ public enum NamespaceTypeEnum {
|
|||
public String getDescription() {
|
||||
return description;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -51,4 +51,5 @@ public class ConsoleExceptionHandler {
|
|||
LOGGER.error("CONSOLE", e);
|
||||
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ExceptionUtil.getAllExceptionMsg(e));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -73,4 +73,5 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
|||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ public class NamespaceAllInfo extends Namespace {
|
|||
}
|
||||
|
||||
public NamespaceAllInfo(String namespace, String namespaceShowName, int quota, int configCount, int type,
|
||||
String namespaceDesc) {
|
||||
String namespaceDesc) {
|
||||
super(namespace, namespaceShowName, quota, configCount, type);
|
||||
this.namespaceDesc = namespaceDesc;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,4 +43,5 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
|||
LOGGER.error("Responding with unauthorized error. Message:{}, url:{}", e.getMessage(), request.getRequestURI());
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,7 +48,6 @@ public class JwtTokenManager {
|
|||
|
||||
/**
|
||||
* Create token.
|
||||
*
|
||||
* @param authentication auth info
|
||||
* @return token
|
||||
*/
|
||||
|
|
@ -58,7 +57,6 @@ public class JwtTokenManager {
|
|||
|
||||
/**
|
||||
* Create token.
|
||||
*
|
||||
* @param userName auth info
|
||||
* @return token
|
||||
*/
|
||||
|
|
@ -76,7 +74,6 @@ public class JwtTokenManager {
|
|||
|
||||
/**
|
||||
* Get auth Info.
|
||||
*
|
||||
* @param token token
|
||||
* @return auth info
|
||||
*/
|
||||
|
|
@ -93,7 +90,6 @@ public class JwtTokenManager {
|
|||
|
||||
/**
|
||||
* validate token.
|
||||
*
|
||||
* @param token token
|
||||
*/
|
||||
public void validateToken(String token) {
|
||||
|
|
|
|||
|
|
@ -89,7 +89,8 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
|
|||
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
|
||||
if (PasswordEncoderUtil.matches(password, userDetails.getPassword())) {
|
||||
return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities());
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -101,7 +102,8 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
|
|||
UserDetails userDetails;
|
||||
try {
|
||||
userDetails = userDetailsService.loadUserByUsername(LDAP_PREFIX + username);
|
||||
} catch (UsernameNotFoundException exception) {
|
||||
}
|
||||
catch (UsernameNotFoundException exception) {
|
||||
String nacosPassword = PasswordEncoderUtil.encode(DEFAULT_PASSWORD);
|
||||
userDetailsService.createUser(LDAP_PREFIX + username, nacosPassword);
|
||||
User user = new User();
|
||||
|
|
@ -137,16 +139,20 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
|
|||
LdapContext ctx = null;
|
||||
try {
|
||||
ctx = new InitialLdapContext(env, null);
|
||||
} catch (CommunicationException e) {
|
||||
}
|
||||
catch (CommunicationException e) {
|
||||
LOG.error("LDAP Service connect timeout:{}", e.getMessage());
|
||||
throw new RuntimeException("LDAP Service connect timeout");
|
||||
} catch (javax.naming.AuthenticationException e) {
|
||||
}
|
||||
catch (javax.naming.AuthenticationException e) {
|
||||
LOG.error("login error:{}", e.getMessage());
|
||||
throw new RuntimeException("login error!");
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
LOG.warn("Exception cause by:{}", e.getMessage());
|
||||
return false;
|
||||
} finally {
|
||||
}
|
||||
finally {
|
||||
closeContext(ctx);
|
||||
}
|
||||
return true;
|
||||
|
|
@ -161,9 +167,11 @@ public class LdapAuthenticationProvider implements AuthenticationProvider {
|
|||
if (ctx != null) {
|
||||
try {
|
||||
ctx.close();
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
LOG.error("Exception closing context", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,7 +90,8 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter {
|
|||
String ignoreUrls = null;
|
||||
if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
ignoreUrls = DEFAULT_ALL_PATH_PATTERN;
|
||||
} else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
}
|
||||
else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
ignoreUrls = DEFAULT_ALL_PATH_PATTERN;
|
||||
}
|
||||
if (StringUtils.isBlank(authConfigs.getNacosAuthSystemType())) {
|
||||
|
|
@ -107,7 +108,8 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter {
|
|||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
|
||||
} else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
}
|
||||
else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) {
|
||||
auth.authenticationProvider(ldapAuthenticationProvider);
|
||||
}
|
||||
}
|
||||
|
|
@ -117,11 +119,11 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter {
|
|||
|
||||
if (StringUtils.isBlank(authConfigs.getNacosAuthSystemType())) {
|
||||
http.csrf().disable().cors()// We don't need CSRF for JWT based authentication
|
||||
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
|
||||
.antMatchers(LOGIN_ENTRY_POINT).permitAll()
|
||||
.and().authorizeRequests().antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated()
|
||||
.and().exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint());
|
||||
.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
|
||||
.authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
|
||||
.antMatchers(LOGIN_ENTRY_POINT).permitAll().and().authorizeRequests()
|
||||
.antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated().and().exceptionHandling()
|
||||
.authenticationEntryPoint(new JwtAuthenticationEntryPoint());
|
||||
// disable cache
|
||||
http.headers().cacheControl();
|
||||
|
||||
|
|
|
|||
|
|
@ -74,9 +74,11 @@ public class NacosAuthManager implements AuthManager {
|
|||
|
||||
try {
|
||||
tokenManager.validateToken(token);
|
||||
} catch (ExpiredJwtException e) {
|
||||
}
|
||||
catch (ExpiredJwtException e) {
|
||||
throw new AccessException("token expired!");
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
throw new AccessException("token invalid!");
|
||||
}
|
||||
|
||||
|
|
@ -110,9 +112,11 @@ public class NacosAuthManager implements AuthManager {
|
|||
|
||||
try {
|
||||
tokenManager.validateToken(token);
|
||||
} catch (ExpiredJwtException e) {
|
||||
}
|
||||
catch (ExpiredJwtException e) {
|
||||
throw new AccessException("token expired!");
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
throw new AccessException("token invalid!");
|
||||
}
|
||||
|
||||
|
|
@ -189,16 +193,19 @@ public class NacosAuthManager implements AuthManager {
|
|||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userName,
|
||||
rawPassword);
|
||||
authenticate = authenticationManager.authenticate(authenticationToken);
|
||||
} catch (AuthenticationException e) {
|
||||
}
|
||||
catch (AuthenticationException e) {
|
||||
throw new AccessException("unknown user!");
|
||||
}
|
||||
|
||||
if (null == authenticate || StringUtils.isBlank(authenticate.getName())) {
|
||||
finalName = userName;
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
finalName = authenticate.getName();
|
||||
}
|
||||
|
||||
return tokenManager.createToken(finalName);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -75,8 +75,8 @@ public class NacosRoleServiceImpl {
|
|||
@Scheduled(initialDelay = 5000, fixedDelay = 15000)
|
||||
private void reload() {
|
||||
try {
|
||||
Page<RoleInfo> roleInfoPage = rolePersistService
|
||||
.getRolesByUserName(StringUtils.EMPTY, DEFAULT_PAGE_NO, Integer.MAX_VALUE);
|
||||
Page<RoleInfo> roleInfoPage = rolePersistService.getRolesByUserName(StringUtils.EMPTY, DEFAULT_PAGE_NO,
|
||||
Integer.MAX_VALUE);
|
||||
if (roleInfoPage == null) {
|
||||
return;
|
||||
}
|
||||
|
|
@ -92,15 +92,16 @@ public class NacosRoleServiceImpl {
|
|||
|
||||
Map<String, List<PermissionInfo>> tmpPermissionInfoMap = new ConcurrentHashMap<>(16);
|
||||
for (String role : tmpRoleSet) {
|
||||
Page<PermissionInfo> permissionInfoPage = permissionPersistService
|
||||
.getPermissions(role, DEFAULT_PAGE_NO, Integer.MAX_VALUE);
|
||||
Page<PermissionInfo> permissionInfoPage = permissionPersistService.getPermissions(role, DEFAULT_PAGE_NO,
|
||||
Integer.MAX_VALUE);
|
||||
tmpPermissionInfoMap.put(role, permissionInfoPage.getPageItems());
|
||||
}
|
||||
|
||||
roleSet = tmpRoleSet;
|
||||
roleInfoMap = tmpRoleInfoMap;
|
||||
permissionInfoMap = tmpPermissionInfoMap;
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
Loggers.AUTH.warn("[LOAD-ROLES] load failed", e);
|
||||
}
|
||||
}
|
||||
|
|
@ -108,15 +109,15 @@ public class NacosRoleServiceImpl {
|
|||
/**
|
||||
* Determine if the user has permission of the resource.
|
||||
*
|
||||
* <p>Note if the user has many roles, this method returns true if any one role of the user has the desired
|
||||
* permission.
|
||||
*
|
||||
* @param username user info
|
||||
* <p>
|
||||
* Note if the user has many roles, this method returns true if any one role of the
|
||||
* user has the desired permission.
|
||||
* @param username user info
|
||||
* @param permission permission to auth
|
||||
* @return true if granted, false otherwise
|
||||
*/
|
||||
public boolean hasPermission(String username, Permission permission) {
|
||||
//update password
|
||||
// update password
|
||||
if (NacosAuthConfig.UPDATE_PASSWORD_ENTRY_POINT.equals(permission.getResource())) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -147,8 +148,8 @@ public class NacosRoleServiceImpl {
|
|||
for (PermissionInfo permissionInfo : permissionInfoList) {
|
||||
String permissionResource = permissionInfo.getResource().replaceAll("\\*", ".*");
|
||||
String permissionAction = permissionInfo.getAction();
|
||||
if (permissionAction.contains(permission.getAction()) && Pattern
|
||||
.matches(permissionResource, permission.getResource())) {
|
||||
if (permissionAction.contains(permission.getAction())
|
||||
&& Pattern.matches(permissionResource, permission.getResource())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
@ -178,7 +179,8 @@ public class NacosRoleServiceImpl {
|
|||
public List<PermissionInfo> getPermissions(String role) {
|
||||
List<PermissionInfo> permissionInfoList = permissionInfoMap.get(role);
|
||||
if (!authConfigs.isCachingEnabled() || permissionInfoList == null) {
|
||||
Page<PermissionInfo> permissionInfoPage = getPermissionsFromDatabase(role, DEFAULT_PAGE_NO, Integer.MAX_VALUE);
|
||||
Page<PermissionInfo> permissionInfoPage = getPermissionsFromDatabase(role, DEFAULT_PAGE_NO,
|
||||
Integer.MAX_VALUE);
|
||||
if (permissionInfoPage != null) {
|
||||
permissionInfoList = permissionInfoPage.getPageItems();
|
||||
}
|
||||
|
|
@ -192,8 +194,7 @@ public class NacosRoleServiceImpl {
|
|||
|
||||
/**
|
||||
* Add role.
|
||||
*
|
||||
* @param role role name
|
||||
* @param role role name
|
||||
* @param username user name
|
||||
*/
|
||||
public void addRole(String role, String username) {
|
||||
|
|
@ -226,10 +227,9 @@ public class NacosRoleServiceImpl {
|
|||
|
||||
/**
|
||||
* Add permission.
|
||||
*
|
||||
* @param role role name
|
||||
* @param role role name
|
||||
* @param resource resource
|
||||
* @param action action
|
||||
* @param action action
|
||||
*/
|
||||
public void addPermission(String role, String resource, String action) {
|
||||
if (!roleSet.contains(role)) {
|
||||
|
|
@ -245,4 +245,5 @@ public class NacosRoleServiceImpl {
|
|||
public List<String> findRolesLikeRoleName(String role) {
|
||||
return rolePersistService.findRolesLikeRoleName(role);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -50,4 +50,5 @@ public class NacosUser extends User {
|
|||
public String toString() {
|
||||
return "NacosUser{" + "token='" + token + '\'' + ", globalAdmin=" + globalAdmin + '}';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,4 +71,5 @@ public class NacosUserDetails implements UserDetails {
|
|||
public boolean isEnabled() {
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,7 +62,8 @@ public class NacosUserDetailsServiceImpl implements UserDetailsService {
|
|||
map.put(user.getUsername(), user);
|
||||
}
|
||||
userMap = map;
|
||||
} catch (Exception e) {
|
||||
}
|
||||
catch (Exception e) {
|
||||
Loggers.AUTH.warn("[LOAD-USERS] load failed", e);
|
||||
}
|
||||
}
|
||||
|
|
@ -112,4 +113,5 @@ public class NacosUserDetailsServiceImpl implements UserDetailsService {
|
|||
public void deleteUser(String username) {
|
||||
userPersistService.deleteUser(username);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,4 +32,5 @@ public class PasswordEncoderUtil {
|
|||
public static String encode(String raw) {
|
||||
return new BCryptPasswordEncoder().encode(raw);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -70,6 +70,11 @@
|
|||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-undertow</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-test</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
|
|||
Loading…
Reference in New Issue