diff --git a/pig-register/src/main/java/com/alibaba/nacos/config/ConsoleConfig.java b/pig-register/src/main/java/com/alibaba/nacos/config/ConsoleConfig.java index 0efda00e..7a3ec617 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/config/ConsoleConfig.java +++ b/pig-register/src/main/java/com/alibaba/nacos/config/ConsoleConfig.java @@ -73,4 +73,5 @@ public class ConsoleConfig { public Jackson2ObjectMapperBuilderCustomizer jacksonObjectMapperCustomization() { return jacksonObjectMapperBuilder -> jacksonObjectMapperBuilder.timeZone(ZoneId.systemDefault().toString()); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/HealthController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/HealthController.java index 72d72c94..4cb798ac 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/HealthController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/HealthController.java @@ -51,10 +51,10 @@ public class HealthController { } /** - * Whether the Nacos is in broken states or not, and cannot recover except by being restarted. - * - * @return HTTP code equal to 200 indicates that Nacos is in right states. HTTP code equal to 500 indicates that - * Nacos is in broken states. + * Whether the Nacos is in broken states or not, and cannot recover except by being + * restarted. + * @return HTTP code equal to 200 indicates that Nacos is in right states. HTTP code + * equal to 500 indicates that Nacos is in broken states. */ @GetMapping("/liveness") public ResponseEntity liveness() { @@ -63,9 +63,8 @@ public class HealthController { /** * Ready to receive the request or not. - * - * @return HTTP code equal to 200 indicates that Nacos is ready. HTTP code equal to 500 indicates that Nacos is not - * ready. + * @return HTTP code equal to 200 indicates that Nacos is ready. HTTP code equal to + * 500 indicates that Nacos is not ready. */ @GetMapping("/readiness") public ResponseEntity readiness(HttpServletRequest request) { @@ -77,7 +76,8 @@ public class HealthController { } if (!isConfigReadiness && !isNamingReadiness) { - return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Config and Naming are not in readiness"); + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body("Config and Naming are not in readiness"); } if (!isConfigReadiness) { @@ -92,7 +92,8 @@ public class HealthController { try { persistService.configInfoCount(""); return true; - } catch (Exception e) { + } + catch (Exception e) { LOGGER.error("Config health check fail.", e); } return false; @@ -102,9 +103,11 @@ public class HealthController { try { apiCommands.metrics(request); return true; - } catch (Exception e) { + } + catch (Exception e) { LOGGER.error("Naming health check fail.", e); } return false; } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/NamespaceController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/NamespaceController.java index c6f39f7e..0a2874f4 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/NamespaceController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/NamespaceController.java @@ -75,8 +75,7 @@ public class NamespaceController { /** * Get namespace list. - * - * @param request request + * @param request request * @param response response * @return namespace list */ @@ -84,8 +83,8 @@ public class NamespaceController { public RestResult> getNamespaces(HttpServletRequest request, HttpServletResponse response) { // TODO 获取用kp List tenantInfos = persistService.findTenantByKp(DEFAULT_KP); - Namespace namespace0 = new Namespace("", DEFAULT_NAMESPACE, DEFAULT_QUOTA, persistService.configInfoCount(DEFAULT_TENANT), - NamespaceTypeEnum.GLOBAL.getType()); + Namespace namespace0 = new Namespace("", DEFAULT_NAMESPACE, DEFAULT_QUOTA, + persistService.configInfoCount(DEFAULT_TENANT), NamespaceTypeEnum.GLOBAL.getType()); List namespaces = new ArrayList(); namespaces.add(namespace0); for (TenantInfo tenantInfo : tenantInfos) { @@ -99,32 +98,32 @@ public class NamespaceController { /** * get namespace all info by namespace id. - * - * @param request request - * @param response response + * @param request request + * @param response response * @param namespaceId namespaceId * @return namespace all info */ @GetMapping(params = "show=all") public NamespaceAllInfo getNamespace(HttpServletRequest request, HttpServletResponse response, - @RequestParam("namespaceId") String namespaceId) { + @RequestParam("namespaceId") String namespaceId) { // TODO 获取用kp if (StringUtils.isBlank(namespaceId)) { - return new NamespaceAllInfo(namespaceId, DEFAULT_NAMESPACE_SHOW_NAME, DEFAULT_QUOTA, persistService.configInfoCount(DEFAULT_TENANT), - NamespaceTypeEnum.GLOBAL.getType(), DEFAULT_NAMESPACE_DESCRIPTION); - } else { + return new NamespaceAllInfo(namespaceId, DEFAULT_NAMESPACE_SHOW_NAME, DEFAULT_QUOTA, + persistService.configInfoCount(DEFAULT_TENANT), NamespaceTypeEnum.GLOBAL.getType(), + DEFAULT_NAMESPACE_DESCRIPTION); + } + else { TenantInfo tenantInfo = persistService.findTenantByKp(DEFAULT_KP, namespaceId); int configCount = persistService.configInfoCount(namespaceId); - return new NamespaceAllInfo(namespaceId, tenantInfo.getTenantName(), DEFAULT_QUOTA, configCount, NamespaceTypeEnum.CUSTOM.getType(), - tenantInfo.getTenantDesc()); + return new NamespaceAllInfo(namespaceId, tenantInfo.getTenantName(), DEFAULT_QUOTA, configCount, + NamespaceTypeEnum.CUSTOM.getType(), tenantInfo.getTenantDesc()); } } /** * create namespace. - * - * @param request request - * @param response response + * @param request request + * @param response response * @param namespaceName namespace Name * @param namespaceDesc namespace Desc * @return whether create ok @@ -132,12 +131,13 @@ public class NamespaceController { @PostMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE) public Boolean createNamespace(HttpServletRequest request, HttpServletResponse response, - @RequestParam("customNamespaceId") String namespaceId, @RequestParam("namespaceName") String namespaceName, - @RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) { + @RequestParam("customNamespaceId") String namespaceId, @RequestParam("namespaceName") String namespaceName, + @RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) { // TODO 获取用kp if (StringUtils.isBlank(namespaceId)) { namespaceId = UUID.randomUUID().toString(); - } else { + } + else { namespaceId = namespaceId.trim(); if (!namespaceIdCheckPattern.matcher(namespaceId).matches()) { return false; @@ -149,14 +149,13 @@ public class NamespaceController { return false; } } - persistService.insertTenantInfoAtomic(DEFAULT_KP, namespaceId, namespaceName, namespaceDesc, DEFAULT_CREATE_SOURCE, - System.currentTimeMillis()); + persistService.insertTenantInfoAtomic(DEFAULT_KP, namespaceId, namespaceName, namespaceDesc, + DEFAULT_CREATE_SOURCE, System.currentTimeMillis()); return true; } /** * check namespaceId exist. - * * @param namespaceId namespace id * @return true if exist, otherwise false */ @@ -170,17 +169,16 @@ public class NamespaceController { /** * edit namespace. - * - * @param namespace namespace + * @param namespace namespace * @param namespaceShowName namespace ShowName - * @param namespaceDesc namespace Desc + * @param namespaceDesc namespace Desc * @return whether edit ok */ @PutMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE) public Boolean editNamespace(@RequestParam("namespace") String namespace, - @RequestParam("namespaceShowName") String namespaceShowName, - @RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) { + @RequestParam("namespaceShowName") String namespaceShowName, + @RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) { // TODO 获取用kp persistService.updateTenantNameAtomic(DEFAULT_KP, namespace, namespaceShowName, namespaceDesc); return true; @@ -188,16 +186,15 @@ public class NamespaceController { /** * del namespace by id. - * - * @param request request - * @param response response + * @param request request + * @param response response * @param namespaceId namespace Id * @return whether del ok */ @DeleteMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE) public Boolean deleteConfig(HttpServletRequest request, HttpServletResponse response, - @RequestParam("namespaceId") String namespaceId) { + @RequestParam("namespaceId") String namespaceId) { persistService.removeTenantInfoAtomic(DEFAULT_KP, namespaceId); return true; } diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/PermissionController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/PermissionController.java index e76ac193..e94c6014 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/PermissionController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/PermissionController.java @@ -45,25 +45,23 @@ public class PermissionController { /** * Query permissions of a role. - * - * @param role the role - * @param pageNo page index + * @param role the role + * @param pageNo page index * @param pageSize page size * @return permission of a role */ @GetMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.READ) public Object getPermissions(@RequestParam int pageNo, @RequestParam int pageSize, - @RequestParam(name = "role", defaultValue = StringUtils.EMPTY) String role) { + @RequestParam(name = "role", defaultValue = StringUtils.EMPTY) String role) { return nacosRoleService.getPermissionsFromDatabase(role, pageNo, pageSize); } /** * Add a permission to a role. - * - * @param role the role + * @param role the role * @param resource the related resource - * @param action the related action + * @param action the related action * @return ok if succeed */ @PostMapping @@ -75,17 +73,17 @@ public class PermissionController { /** * Delete a permission from a role. - * - * @param role the role + * @param role the role * @param resource the related resource - * @param action the related action + * @param action the related action * @return ok if succeed */ @DeleteMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "permissions", action = ActionTypes.WRITE) public Object deletePermission(@RequestParam String role, @RequestParam String resource, - @RequestParam String action) { + @RequestParam String action) { nacosRoleService.deletePermission(role, resource, action); return RestResultUtils.success("delete permission ok!"); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/RoleController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/RoleController.java index 49744ffc..a8079f69 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/RoleController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/RoleController.java @@ -47,8 +47,7 @@ public class RoleController { /** * Get roles list. - * - * @param pageNo number index of page + * @param pageNo number index of page * @param pageSize page size * @param username optional, username of user * @return role list @@ -56,13 +55,12 @@ public class RoleController { @GetMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.READ) public Object getRoles(@RequestParam int pageNo, @RequestParam int pageSize, - @RequestParam(name = "username", defaultValue = "") String username) { + @RequestParam(name = "username", defaultValue = "") String username) { return roleService.getRolesFromDatabase(username, pageNo, pageSize); } /** * Fuzzy matching role name . - * * @param role role id * @return role list */ @@ -75,9 +73,10 @@ public class RoleController { /** * Add a role to a user * - *

This method is used for 2 functions: 1. create a role and bind it to GLOBAL_ADMIN. 2. bind a role to an user. - * - * @param role role name + *

+ * This method is used for 2 functions: 1. create a role and bind it to GLOBAL_ADMIN. + * 2. bind a role to an user. + * @param role role name * @param username username * @return Code 200 and message 'add role ok!' */ @@ -90,18 +89,18 @@ public class RoleController { /** * Delete a role. If no username is specified, all users under this role are deleted. - * - * @param role role + * @param role role * @param username username * @return ok if succeed */ @DeleteMapping @Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "roles", action = ActionTypes.WRITE) public Object deleteRole(@RequestParam String role, - @RequestParam(name = "username", defaultValue = StringUtils.EMPTY) String username) { + @RequestParam(name = "username", defaultValue = StringUtils.EMPTY) String username) { if (StringUtils.isBlank(username)) { roleService.deleteRole(role); - } else { + } + else { roleService.deleteRole(role, username); } return RestResultUtils.success("delete role of user " + username + " ok!"); diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/ServerStateController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/ServerStateController.java index e1431785..1ed07f9d 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/ServerStateController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/ServerStateController.java @@ -37,7 +37,6 @@ public class ServerStateController { /** * Get server state of current server. - * * @return state json. */ @GetMapping("/state") diff --git a/pig-register/src/main/java/com/alibaba/nacos/controller/UserController.java b/pig-register/src/main/java/com/alibaba/nacos/controller/UserController.java index e48b8672..24ae0ab0 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/controller/UserController.java +++ b/pig-register/src/main/java/com/alibaba/nacos/controller/UserController.java @@ -65,7 +65,7 @@ import java.util.Objects; * @author nkorange */ @RestController("user") -@RequestMapping({"/v1/auth", "/v1/auth/users"}) +@RequestMapping({ "/v1/auth", "/v1/auth/users" }) public class UserController { @Autowired @@ -88,7 +88,6 @@ public class UserController { /** * Create a new user. - * * @param username username * @param password password * @return ok if create succeed @@ -109,7 +108,6 @@ public class UserController { /** * Delete an existed user. - * * @param username username of user * @return ok if deleted succeed, keep silent if user not exist * @since 1.2.0 @@ -131,8 +129,7 @@ public class UserController { /** * Update an user. - * - * @param username username of user + * @param username username of user * @param newPassword new password of user * @param response http response * @param request http request @@ -143,7 +140,7 @@ public class UserController { @PutMapping @Secured(resource = NacosAuthConfig.UPDATE_PASSWORD_ENTRY_POINT, action = ActionTypes.WRITE) public Object updateUser(@RequestParam String username, @RequestParam String newPassword, - HttpServletResponse response, HttpServletRequest request) throws IOException { + HttpServletResponse response, HttpServletRequest request) throws IOException { // admin or same user if (!hasPermission(username, request)) { response.sendError(HttpServletResponse.SC_FORBIDDEN, "authorization failed!"); @@ -178,8 +175,7 @@ public class UserController { /** * Get paged users. - * - * @param pageNo number index of page + * @param pageNo number index of page * @param pageSize size of page * @return A collection of users, empty set if no user is found * @since 1.2.0 @@ -193,21 +189,21 @@ public class UserController { /** * Login to Nacos * - *

This methods uses username and password to require a new token. - * + *

+ * This methods uses username and password to require a new token. * @param username username of user * @param password password * @param response http response - * @param request http request + * @param request http request * @return new token of the user * @throws AccessException if user info is incorrect */ @PostMapping("/login") public Object login(@RequestParam String username, @RequestParam String password, HttpServletResponse response, - HttpServletRequest request) throws AccessException { + HttpServletRequest request) throws AccessException { - if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType()) || AuthSystemTypes.LDAP - .name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { + if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType()) + || AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { NacosUser user = (NacosUser) authManager.login(request); response.addHeader(NacosAuthConfig.AUTHORIZATION_HEADER, NacosAuthConfig.TOKEN_PREFIX + user.getToken()); @@ -220,12 +216,14 @@ public class UserController { return result; } - // create Authentication class through username and password, the implement class is UsernamePasswordAuthenticationToken + // create Authentication class through username and password, the implement class + // is UsernamePasswordAuthenticationToken UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); try { - // use the method authenticate of AuthenticationManager(default implement is ProviderManager) to valid Authentication + // use the method authenticate of AuthenticationManager(default implement is + // ProviderManager) to valid Authentication Authentication authentication = authenticationManager.authenticate(authenticationToken); // bind SecurityContext to Authentication SecurityContextHolder.getContext().setAuthentication(authentication); @@ -234,22 +232,23 @@ public class UserController { // write Token to Http header response.addHeader(NacosAuthConfig.AUTHORIZATION_HEADER, "Bearer " + token); return RestResultUtils.success("Bearer " + token); - } catch (BadCredentialsException authentication) { + } + catch (BadCredentialsException authentication) { return RestResultUtils.failed(HttpStatus.UNAUTHORIZED.value(), null, "Login failed"); } } /** * Update password. - * * @param oldPassword old password * @param newPassword new password - * @return Code 200 if update successfully, Code 401 if old password invalid, otherwise 500 + * @return Code 200 if update successfully, Code 401 if old password invalid, + * otherwise 500 */ @PutMapping("/password") @Deprecated public RestResult updatePassword(@RequestParam(value = "oldPassword") String oldPassword, - @RequestParam(value = "newPassword") String newPassword) { + @RequestParam(value = "newPassword") String newPassword) { Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); String username = ((UserDetails) principal).getUsername(); User user = userDetailsService.getUserFromDatabase(username); @@ -262,15 +261,14 @@ public class UserController { return RestResultUtils.success("Update password success"); } return RestResultUtils.failed(HttpStatus.UNAUTHORIZED.value(), "Old password is invalid"); - } catch (Exception e) { + } + catch (Exception e) { return RestResultUtils.failed(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Update userpassword failed"); } } - /** * Fuzzy matching username. - * * @param username username * @return Matched username */ @@ -279,4 +277,5 @@ public class UserController { public List searchUsersLikeUsername(@RequestParam String username) { return userDetailsService.findUserLikeUsername(username); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/enums/NamespaceTypeEnum.java b/pig-register/src/main/java/com/alibaba/nacos/enums/NamespaceTypeEnum.java index a40e526a..a82a39b2 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/enums/NamespaceTypeEnum.java +++ b/pig-register/src/main/java/com/alibaba/nacos/enums/NamespaceTypeEnum.java @@ -17,8 +17,8 @@ package com.alibaba.nacos.enums; /** - * the enum of namespace. - * 0 : Global configuration, 1 : Default private namespace ,2 : Custom namespace. + * the enum of namespace. 0 : Global configuration, 1 : Default private namespace ,2 : + * Custom namespace. * * @author chenglu * @date 2021-05-25 17:01 @@ -62,4 +62,5 @@ public enum NamespaceTypeEnum { public String getDescription() { return description; } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/exception/ConsoleExceptionHandler.java b/pig-register/src/main/java/com/alibaba/nacos/exception/ConsoleExceptionHandler.java index 338c7da5..092c1c4f 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/exception/ConsoleExceptionHandler.java +++ b/pig-register/src/main/java/com/alibaba/nacos/exception/ConsoleExceptionHandler.java @@ -51,4 +51,5 @@ public class ConsoleExceptionHandler { LOGGER.error("CONSOLE", e); return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ExceptionUtil.getAllExceptionMsg(e)); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/filter/JwtAuthenticationTokenFilter.java b/pig-register/src/main/java/com/alibaba/nacos/filter/JwtAuthenticationTokenFilter.java index 835d77f7..3d8eb97a 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/filter/JwtAuthenticationTokenFilter.java +++ b/pig-register/src/main/java/com/alibaba/nacos/filter/JwtAuthenticationTokenFilter.java @@ -73,4 +73,5 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { } return null; } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/model/NamespaceAllInfo.java b/pig-register/src/main/java/com/alibaba/nacos/model/NamespaceAllInfo.java index 515ce2c6..3ffb5f84 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/model/NamespaceAllInfo.java +++ b/pig-register/src/main/java/com/alibaba/nacos/model/NamespaceAllInfo.java @@ -37,7 +37,7 @@ public class NamespaceAllInfo extends Namespace { } public NamespaceAllInfo(String namespace, String namespaceShowName, int quota, int configCount, int type, - String namespaceDesc) { + String namespaceDesc) { super(namespace, namespaceShowName, quota, configCount, type); this.namespaceDesc = namespaceDesc; } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtAuthenticationEntryPoint.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtAuthenticationEntryPoint.java index 99df10e1..f340adf7 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtAuthenticationEntryPoint.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtAuthenticationEntryPoint.java @@ -43,4 +43,5 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint { LOGGER.error("Responding with unauthorized error. Message:{}, url:{}", e.getMessage(), request.getRequestURI()); response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtTokenManager.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtTokenManager.java index c2df43b3..c908b9bf 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtTokenManager.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/JwtTokenManager.java @@ -48,7 +48,6 @@ public class JwtTokenManager { /** * Create token. - * * @param authentication auth info * @return token */ @@ -58,7 +57,6 @@ public class JwtTokenManager { /** * Create token. - * * @param userName auth info * @return token */ @@ -76,7 +74,6 @@ public class JwtTokenManager { /** * Get auth Info. - * * @param token token * @return auth info */ @@ -93,7 +90,6 @@ public class JwtTokenManager { /** * validate token. - * * @param token token */ public void validateToken(String token) { diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/LdapAuthenticationProvider.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/LdapAuthenticationProvider.java index 1f902318..01799760 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/LdapAuthenticationProvider.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/LdapAuthenticationProvider.java @@ -89,7 +89,8 @@ public class LdapAuthenticationProvider implements AuthenticationProvider { UserDetails userDetails = userDetailsService.loadUserByUsername(username); if (PasswordEncoderUtil.matches(password, userDetails.getPassword())) { return new UsernamePasswordAuthenticationToken(userDetails, password, userDetails.getAuthorities()); - } else { + } + else { return null; } } @@ -101,7 +102,8 @@ public class LdapAuthenticationProvider implements AuthenticationProvider { UserDetails userDetails; try { userDetails = userDetailsService.loadUserByUsername(LDAP_PREFIX + username); - } catch (UsernameNotFoundException exception) { + } + catch (UsernameNotFoundException exception) { String nacosPassword = PasswordEncoderUtil.encode(DEFAULT_PASSWORD); userDetailsService.createUser(LDAP_PREFIX + username, nacosPassword); User user = new User(); @@ -137,16 +139,20 @@ public class LdapAuthenticationProvider implements AuthenticationProvider { LdapContext ctx = null; try { ctx = new InitialLdapContext(env, null); - } catch (CommunicationException e) { + } + catch (CommunicationException e) { LOG.error("LDAP Service connect timeout:{}", e.getMessage()); throw new RuntimeException("LDAP Service connect timeout"); - } catch (javax.naming.AuthenticationException e) { + } + catch (javax.naming.AuthenticationException e) { LOG.error("login error:{}", e.getMessage()); throw new RuntimeException("login error!"); - } catch (Exception e) { + } + catch (Exception e) { LOG.warn("Exception cause by:{}", e.getMessage()); return false; - } finally { + } + finally { closeContext(ctx); } return true; @@ -161,9 +167,11 @@ public class LdapAuthenticationProvider implements AuthenticationProvider { if (ctx != null) { try { ctx.close(); - } catch (Exception e) { + } + catch (Exception e) { LOG.error("Exception closing context", e); } } } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthConfig.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthConfig.java index 58b06e7c..bc8378a2 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthConfig.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthConfig.java @@ -90,7 +90,8 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter { String ignoreUrls = null; if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { ignoreUrls = DEFAULT_ALL_PATH_PATTERN; - } else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { + } + else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { ignoreUrls = DEFAULT_ALL_PATH_PATTERN; } if (StringUtils.isBlank(authConfigs.getNacosAuthSystemType())) { @@ -107,7 +108,8 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter { protected void configure(AuthenticationManagerBuilder auth) throws Exception { if (AuthSystemTypes.NACOS.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); - } else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { + } + else if (AuthSystemTypes.LDAP.name().equalsIgnoreCase(authConfigs.getNacosAuthSystemType())) { auth.authenticationProvider(ldapAuthenticationProvider); } } @@ -117,11 +119,11 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter { if (StringUtils.isBlank(authConfigs.getNacosAuthSystemType())) { http.csrf().disable().cors()// We don't need CSRF for JWT based authentication - .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) - .and().authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll() - .antMatchers(LOGIN_ENTRY_POINT).permitAll() - .and().authorizeRequests().antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated() - .and().exceptionHandling().authenticationEntryPoint(new JwtAuthenticationEntryPoint()); + .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() + .authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll() + .antMatchers(LOGIN_ENTRY_POINT).permitAll().and().authorizeRequests() + .antMatchers(TOKEN_BASED_AUTH_ENTRY_POINT).authenticated().and().exceptionHandling() + .authenticationEntryPoint(new JwtAuthenticationEntryPoint()); // disable cache http.headers().cacheControl(); diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthManager.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthManager.java index 1105b3d4..fce7cd13 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthManager.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/NacosAuthManager.java @@ -74,9 +74,11 @@ public class NacosAuthManager implements AuthManager { try { tokenManager.validateToken(token); - } catch (ExpiredJwtException e) { + } + catch (ExpiredJwtException e) { throw new AccessException("token expired!"); - } catch (Exception e) { + } + catch (Exception e) { throw new AccessException("token invalid!"); } @@ -110,9 +112,11 @@ public class NacosAuthManager implements AuthManager { try { tokenManager.validateToken(token); - } catch (ExpiredJwtException e) { + } + catch (ExpiredJwtException e) { throw new AccessException("token expired!"); - } catch (Exception e) { + } + catch (Exception e) { throw new AccessException("token invalid!"); } @@ -189,16 +193,19 @@ public class NacosAuthManager implements AuthManager { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userName, rawPassword); authenticate = authenticationManager.authenticate(authenticationToken); - } catch (AuthenticationException e) { + } + catch (AuthenticationException e) { throw new AccessException("unknown user!"); } if (null == authenticate || StringUtils.isBlank(authenticate.getName())) { finalName = userName; - } else { + } + else { finalName = authenticate.getName(); } return tokenManager.createToken(finalName); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/roles/NacosRoleServiceImpl.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/roles/NacosRoleServiceImpl.java index 4e9f6018..6b447aaf 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/roles/NacosRoleServiceImpl.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/roles/NacosRoleServiceImpl.java @@ -75,8 +75,8 @@ public class NacosRoleServiceImpl { @Scheduled(initialDelay = 5000, fixedDelay = 15000) private void reload() { try { - Page roleInfoPage = rolePersistService - .getRolesByUserName(StringUtils.EMPTY, DEFAULT_PAGE_NO, Integer.MAX_VALUE); + Page roleInfoPage = rolePersistService.getRolesByUserName(StringUtils.EMPTY, DEFAULT_PAGE_NO, + Integer.MAX_VALUE); if (roleInfoPage == null) { return; } @@ -92,15 +92,16 @@ public class NacosRoleServiceImpl { Map> tmpPermissionInfoMap = new ConcurrentHashMap<>(16); for (String role : tmpRoleSet) { - Page permissionInfoPage = permissionPersistService - .getPermissions(role, DEFAULT_PAGE_NO, Integer.MAX_VALUE); + Page permissionInfoPage = permissionPersistService.getPermissions(role, DEFAULT_PAGE_NO, + Integer.MAX_VALUE); tmpPermissionInfoMap.put(role, permissionInfoPage.getPageItems()); } roleSet = tmpRoleSet; roleInfoMap = tmpRoleInfoMap; permissionInfoMap = tmpPermissionInfoMap; - } catch (Exception e) { + } + catch (Exception e) { Loggers.AUTH.warn("[LOAD-ROLES] load failed", e); } } @@ -108,15 +109,15 @@ public class NacosRoleServiceImpl { /** * Determine if the user has permission of the resource. * - *

Note if the user has many roles, this method returns true if any one role of the user has the desired - * permission. - * - * @param username user info + *

+ * Note if the user has many roles, this method returns true if any one role of the + * user has the desired permission. + * @param username user info * @param permission permission to auth * @return true if granted, false otherwise */ public boolean hasPermission(String username, Permission permission) { - //update password + // update password if (NacosAuthConfig.UPDATE_PASSWORD_ENTRY_POINT.equals(permission.getResource())) { return true; } @@ -147,8 +148,8 @@ public class NacosRoleServiceImpl { for (PermissionInfo permissionInfo : permissionInfoList) { String permissionResource = permissionInfo.getResource().replaceAll("\\*", ".*"); String permissionAction = permissionInfo.getAction(); - if (permissionAction.contains(permission.getAction()) && Pattern - .matches(permissionResource, permission.getResource())) { + if (permissionAction.contains(permission.getAction()) + && Pattern.matches(permissionResource, permission.getResource())) { return true; } } @@ -178,7 +179,8 @@ public class NacosRoleServiceImpl { public List getPermissions(String role) { List permissionInfoList = permissionInfoMap.get(role); if (!authConfigs.isCachingEnabled() || permissionInfoList == null) { - Page permissionInfoPage = getPermissionsFromDatabase(role, DEFAULT_PAGE_NO, Integer.MAX_VALUE); + Page permissionInfoPage = getPermissionsFromDatabase(role, DEFAULT_PAGE_NO, + Integer.MAX_VALUE); if (permissionInfoPage != null) { permissionInfoList = permissionInfoPage.getPageItems(); } @@ -192,8 +194,7 @@ public class NacosRoleServiceImpl { /** * Add role. - * - * @param role role name + * @param role role name * @param username user name */ public void addRole(String role, String username) { @@ -226,10 +227,9 @@ public class NacosRoleServiceImpl { /** * Add permission. - * - * @param role role name + * @param role role name * @param resource resource - * @param action action + * @param action action */ public void addPermission(String role, String resource, String action) { if (!roleSet.contains(role)) { @@ -245,4 +245,5 @@ public class NacosRoleServiceImpl { public List findRolesLikeRoleName(String role) { return rolePersistService.findRolesLikeRoleName(role); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUser.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUser.java index 021f9edd..2aceeb42 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUser.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUser.java @@ -50,4 +50,5 @@ public class NacosUser extends User { public String toString() { return "NacosUser{" + "token='" + token + '\'' + ", globalAdmin=" + globalAdmin + '}'; } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetails.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetails.java index 88d7f764..cc75e038 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetails.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetails.java @@ -71,4 +71,5 @@ public class NacosUserDetails implements UserDetails { public boolean isEnabled() { return true; } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetailsServiceImpl.java b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetailsServiceImpl.java index 3da53c74..33583a08 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetailsServiceImpl.java +++ b/pig-register/src/main/java/com/alibaba/nacos/security/nacos/users/NacosUserDetailsServiceImpl.java @@ -62,7 +62,8 @@ public class NacosUserDetailsServiceImpl implements UserDetailsService { map.put(user.getUsername(), user); } userMap = map; - } catch (Exception e) { + } + catch (Exception e) { Loggers.AUTH.warn("[LOAD-USERS] load failed", e); } } @@ -112,4 +113,5 @@ public class NacosUserDetailsServiceImpl implements UserDetailsService { public void deleteUser(String username) { userPersistService.deleteUser(username); } + } diff --git a/pig-register/src/main/java/com/alibaba/nacos/utils/PasswordEncoderUtil.java b/pig-register/src/main/java/com/alibaba/nacos/utils/PasswordEncoderUtil.java index 6d046935..c42fa919 100644 --- a/pig-register/src/main/java/com/alibaba/nacos/utils/PasswordEncoderUtil.java +++ b/pig-register/src/main/java/com/alibaba/nacos/utils/PasswordEncoderUtil.java @@ -32,4 +32,5 @@ public class PasswordEncoderUtil { public static String encode(String raw) { return new BCryptPasswordEncoder().encode(raw); } + } diff --git a/pig-upms/pig-upms-biz/pom.xml b/pig-upms/pig-upms-biz/pom.xml index 9e127ada..a7cd806a 100644 --- a/pig-upms/pig-upms-biz/pom.xml +++ b/pig-upms/pig-upms-biz/pom.xml @@ -70,6 +70,11 @@ org.springframework.boot spring-boot-starter-undertow + + + com.pig4cloud + pig-common-test +