test-version22
/
MeterSphere
mirror of https://gitee.com/fit2cloud-feizhiyun/MeterSphere.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: 适配cas

This commit is contained in:
chenjianxing 2020-08-17 10:09:19 +08:00
parent 6e7fe725a1
commit 064304ba28
12 changed files with 161 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
backend/pom.xml
View File

@ -272,6 +272,24 @@
<scope>runtime</scope> <scope>runtime</scope>
</dependency> </dependency>
<!-- buji-pac4j -->
<dependency>
<groupId>org.pac4j</groupId>
<artifactId>pac4j-cas</artifactId>
<version>3.0.2</version>
</dependency>
<dependency>
<groupId>io.buji</groupId>
<artifactId>buji-pac4j</artifactId>
<version>4.0.0</version>
<exclusions>
<exclusion>
<artifactId>shiro-web</artifactId>
<groupId>org.apache.shiro</groupId>
</exclusion>
</exclusions>
</dependency>
</dependencies> </dependencies>
<build> <build>

5
backend/src/main/java/io/metersphere/commons/constants/OssMode.java Normal file
View File

@ -0,0 +1,5 @@
package io.metersphere.commons.constants;
public enum OssMode {
CAS,LOCAL
}

53
backend/src/main/java/io/metersphere/commons/utils/ShiroUtils.java Normal file
View File

@ -0,0 +1,53 @@
package io.metersphere.commons.utils;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import java.util.Map;
public class ShiroUtils {
public static void loadBaseFilterChain(Map<String, String> filterChainDefinitionMap){
filterChainDefinitionMap.put("/resource/**", "anon");
filterChainDefinitionMap.put("/signin", "anon");
filterChainDefinitionMap.put("/ldap/signin", "anon");
filterChainDefinitionMap.put("/ldap/open", "anon");
filterChainDefinitionMap.put("/isLogin", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
// for swagger
filterChainDefinitionMap.put("/swagger-ui.html", "anon");
filterChainDefinitionMap.put("/swagger-ui/**", "anon");
filterChainDefinitionMap.put("/v3/api-docs/**", "anon");
filterChainDefinitionMap.put("/403", "anon");
filterChainDefinitionMap.put("/anonymous/**", "anon");
}
public static Cookie getSessionIdCookie(){
SimpleCookie sessionIdCookie = new SimpleCookie();
sessionIdCookie.setPath("/");
sessionIdCookie.setName("MS_SESSION_ID");
return sessionIdCookie;
}
public static SessionManager getSessionManager(Long sessionTimeout, CacheManager cacheManager){
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionIdUrlRewritingEnabled(false);
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
sessionManager.setSessionIdCookie(ShiroUtils.getSessionIdCookie());
sessionManager.setGlobalSessionTimeout(sessionTimeout * 1000);// 超时时间ms
sessionManager.setCacheManager(cacheManager);
//sessionManager.setSessionIdCookieEnabled(true);
return sessionManager;
}
}

38
backend/src/main/java/io/metersphere/config/ShiroConfig.java
View File

@ -1,5 +1,6 @@
package io.metersphere.config; package io.metersphere.config;
import io.metersphere.commons.utils.ShiroUtils;
import io.metersphere.security.ApiKeyFilter; import io.metersphere.security.ApiKeyFilter;
import io.metersphere.security.LoginFilter; import io.metersphere.security.LoginFilter;
import io.metersphere.security.ShiroDBRealm; import io.metersphere.security.ShiroDBRealm;
@ -9,9 +10,8 @@ import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator; import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
import org.springframework.context.EnvironmentAware; import org.springframework.context.EnvironmentAware;
@ -29,6 +29,7 @@ import java.util.Map;
import java.util.Objects; import java.util.Objects;
@Configuration @Configuration
@ConditionalOnProperty(prefix="oss",name = "mode", havingValue = "local", matchIfMissing = true)
public class ShiroConfig implements EnvironmentAware { public class ShiroConfig implements EnvironmentAware {
private Environment env; private Environment env;
@ -42,26 +43,8 @@ public class ShiroConfig implements EnvironmentAware {
shiroFilterFactoryBean.setSuccessUrl("/"); shiroFilterFactoryBean.setSuccessUrl("/");
shiroFilterFactoryBean.getFilters().put("apikey", new ApiKeyFilter()); shiroFilterFactoryBean.getFilters().put("apikey", new ApiKeyFilter());
Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap(); Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap();
filterChainDefinitionMap.put("/resource/**", "anon"); ShiroUtils.loadBaseFilterChain(filterChainDefinitionMap);
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/signin", "anon");
filterChainDefinitionMap.put("/ldap/signin", "anon");
filterChainDefinitionMap.put("/ldap/open", "anon");
filterChainDefinitionMap.put("/isLogin", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
// for swagger
filterChainDefinitionMap.put("/swagger-ui.html", "anon");
filterChainDefinitionMap.put("/swagger-ui/**", "anon");
filterChainDefinitionMap.put("/v3/api-docs/**", "anon");
filterChainDefinitionMap.put("/403", "anon");
filterChainDefinitionMap.put("/anonymous/**", "anon");
filterChainDefinitionMap.put("/**", "apikey, authc"); filterChainDefinitionMap.put("/**", "apikey, authc");
return shiroFilterFactoryBean; return shiroFilterFactoryBean;
} }
@ -120,18 +103,7 @@ public class ShiroConfig implements EnvironmentAware {
@Bean @Bean
public SessionManager sessionManager(MemoryConstrainedCacheManager memoryConstrainedCacheManager) { public SessionManager sessionManager(MemoryConstrainedCacheManager memoryConstrainedCacheManager) {
Long sessionTimeout = env.getProperty("session.timeout", Long.class, 1800L); // 默认1800s, 半个小时 Long sessionTimeout = env.getProperty("session.timeout", Long.class, 1800L); // 默认1800s, 半个小时
return ShiroUtils.getSessionManager(sessionTimeout, memoryConstrainedCacheManager);
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setSessionIdUrlRewritingEnabled(false);
sessionManager.setGlobalSessionTimeout(sessionTimeout * 1000);// 超时时间ms
sessionManager.setDeleteInvalidSessions(true);
sessionManager.setSessionValidationSchedulerEnabled(true);
SimpleCookie sessionIdCookie = new SimpleCookie();
sessionManager.setSessionIdCookie(sessionIdCookie);
sessionIdCookie.setPath("/");
sessionIdCookie.setName("MS_SESSION_ID");
sessionManager.setCacheManager(memoryConstrainedCacheManager);
return sessionManager;
} }
/** /**

12
backend/src/main/java/io/metersphere/controller/IndexController.java
View File

@ -1,6 +1,7 @@
package io.metersphere.controller; package io.metersphere.controller;
import io.metersphere.commons.utils.SessionUtils; import io.metersphere.commons.utils.SessionUtils;
import org.apache.shiro.SecurityUtils;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
@ -22,4 +23,15 @@ public class IndexController {
return "redirect:/"; return "redirect:/";
} }
} }
@GetMapping(value = "/oss/login")
public String ossLogin() {
return "redirect:/";
}
@GetMapping(value = "/oss/logout")
public void ossLogout() {
SecurityUtils.getSubject().logout();
}
} }

30
backend/src/main/java/io/metersphere/controller/LoginController.java
View File

@ -1,10 +1,15 @@
package io.metersphere.controller; package io.metersphere.controller;
import io.metersphere.commons.constants.OssMode;
import io.metersphere.commons.constants.UserSource; import io.metersphere.commons.constants.UserSource;
import io.metersphere.commons.user.SessionUser;
import io.metersphere.commons.utils.SessionUtils;
import io.metersphere.controller.request.LoginRequest; import io.metersphere.controller.request.LoginRequest;
import io.metersphere.service.UserService; import io.metersphere.service.UserService;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils; import org.apache.shiro.SecurityUtils;
import org.springframework.context.i18n.LocaleContextHolder; import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.core.env.Environment;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource; import javax.annotation.Resource;
@ -15,11 +20,21 @@ public class LoginController {
@Resource @Resource
private UserService userService; private UserService userService;
@Resource
private Environment env;
@GetMapping(value = "/isLogin") @GetMapping(value = "/isLogin")
public ResultHolder isLogin() { public ResultHolder isLogin() {
if (SecurityUtils.getSubject().isAuthenticated()) { if (SecurityUtils.getSubject().isAuthenticated()) {
return ResultHolder.success(LocaleContextHolder.getLocale()); SessionUser user = SessionUtils.getUser();
if (StringUtils.isBlank(user.getLanguage())) {
user.setLanguage(LocaleContextHolder.getLocale().toString());
}
return ResultHolder.success(user);
}
String ossMode = env.getProperty("oss.mode");
if (ossMode != null && StringUtils.equalsIgnoreCase(OssMode.CAS.name(), ossMode)) {
return ResultHolder.error("oss");
} }
return ResultHolder.error(""); return ResultHolder.error("");
} }
@ -30,9 +45,19 @@ public class LoginController {
return userService.login(request); return userService.login(request);
} }
@GetMapping(value = "/currentUser")
public ResultHolder currentUser() {
return ResultHolder.success(SecurityUtils.getSubject().getSession().getAttribute("user"));
}
@GetMapping(value = "/signout") @GetMapping(value = "/signout")
public ResultHolder logout() { public ResultHolder logout() {
SecurityUtils.getSubject().logout(); String ossMode = env.getProperty("oss.mode");
if (ossMode != null && StringUtils.equalsIgnoreCase(OssMode.CAS.name(), ossMode)) {
return ResultHolder.error("oss");
} else {
SecurityUtils.getSubject().logout();
}
return ResultHolder.success(""); return ResultHolder.success("");
} }
@ -42,5 +67,4 @@ public class LoginController {
return userService.getDefaultLanguage(); return userService.getDefaultLanguage();
} }
} }

24
backend/src/main/java/io/metersphere/dto/UserDTO.java
View File

@ -1,6 +1,7 @@
package io.metersphere.dto; package io.metersphere.dto;
import io.metersphere.base.domain.Role; import io.metersphere.base.domain.Role;
import io.metersphere.base.domain.User;
import io.metersphere.base.domain.UserRole; import io.metersphere.base.domain.UserRole;
import lombok.Getter; import lombok.Getter;
import lombok.Setter; import lombok.Setter;
@ -10,28 +11,7 @@ import java.util.List;
@Getter @Getter
@Setter @Setter
public class UserDTO { public class UserDTO extends User {
private String id;
private String name;
private String email;
private String phone;
private String status;
private String source;
private Long createTime;
private Long updateTime;
private String language;
private String lastWorkspaceId;
private String lastOrganizationId;
private List<Role> roles = new ArrayList<>(); private List<Role> roles = new ArrayList<>();

10
backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
View File

@ -49,15 +49,16 @@ public class ShiroDBRealm extends AuthorizingRealm {
*/ */
@Override @Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String userId = (String) principals.getPrimaryPrincipal();
return getAuthorizationInfo(userId, userService);
}
String userName = (String) principals.getPrimaryPrincipal(); public static AuthorizationInfo getAuthorizationInfo(String userId, UserService userService) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
// roles 内容填充 // roles 内容填充
UserDTO userDTO = userService.getUserDTO(userName); UserDTO userDTO = userService.getUserDTO(userId);
Set<String> roles = userDTO.getRoles().stream().map(Role::getId).collect(Collectors.toSet()); Set<String> roles = userDTO.getRoles().stream().map(Role::getId).collect(Collectors.toSet());
authorizationInfo.setRoles(roles); authorizationInfo.setRoles(roles);
return authorizationInfo; return authorizationInfo;
} }
@ -148,7 +149,6 @@ public class ShiroDBRealm extends AuthorizingRealm {
if (!userService.checkUserPassword(userId, password)) { if (!userService.checkUserPassword(userId, password)) {
throw new IncorrectCredentialsException(Translator.get("password_is_incorrect")); throw new IncorrectCredentialsException(Translator.get("password_is_incorrect"));
} }
//
SessionUser sessionUser = SessionUser.fromUser(user); SessionUser sessionUser = SessionUser.fromUser(user);
SessionUtils.putUser(sessionUser); SessionUtils.putUser(sessionUser);
return new SimpleAuthenticationInfo(userId, password, getName()); return new SimpleAuthenticationInfo(userId, password, getName());

11
backend/src/main/java/io/metersphere/service/UserService.java
View File

@ -163,6 +163,17 @@ public class UserService {
userMapper.insertSelective(user); userMapper.insertSelective(user);
} }
public void createOssUser(User user) {
user.setCreateTime(System.currentTimeMillis());
user.setUpdateTime(System.currentTimeMillis());
user.setStatus(UserStatus.NORMAL);
if (StringUtils.isBlank(user.getEmail())) {
user.setEmail(user.getId() + "@metershpere.io");
}
userMapper.insertSelective(user);
}
private void checkEmailIsExist(String email) { private void checkEmailIsExist(String email) {
UserExample userExample = new UserExample(); UserExample userExample = new UserExample();
UserExample.Criteria criteria = userExample.createCriteria(); UserExample.Criteria criteria = userExample.createCriteria();

4
frontend/src/business/App.vue
View File

@ -25,6 +25,7 @@
import MsUser from "./components/common/head/HeaderUser"; import MsUser from "./components/common/head/HeaderUser";
import MsHeaderOrgWs from "./components/common/head/HeaderOrgWs"; import MsHeaderOrgWs from "./components/common/head/HeaderOrgWs";
import MsLanguageSwitch from "./components/common/head/LanguageSwitch"; import MsLanguageSwitch from "./components/common/head/LanguageSwitch";
import {saveLocalStorage} from "../common/js/utils";
export default { export default {
name: 'app', name: 'app',
@ -36,7 +37,8 @@
beforeCreate() { beforeCreate() {
this.$get("/isLogin").then(response => { this.$get("/isLogin").then(response => {
if (response.data.success) { if (response.data.success) {
this.$setLang(response.data.data); this.$setLang(response.data.data.language);
saveLocalStorage(response.data);
this.auth = true; this.auth = true;
} else { } else {
window.location.href = "/login" window.location.href = "/login"

13
frontend/src/business/components/common/head/HeaderUser.vue
View File

@ -18,6 +18,7 @@
<script> <script>
import {getCurrentUser} from "../../../../common/js/utils"; import {getCurrentUser} from "../../../../common/js/utils";
import AboutUs from "./AboutUs"; import AboutUs from "./AboutUs";
import axios from "axios";
export default { export default {
name: "MsUser", name: "MsUser",
@ -35,7 +36,17 @@
this.$router.push('/setting/personsetting').catch(error => error); this.$router.push('/setting/personsetting').catch(error => error);
break; break;
case "logout": case "logout":
this.$get("/signout", function () { axios.get("/signout").then(response => {
if (response.data.success) {
localStorage.clear();
window.location.href = "/login";
} else {
if (response.data.message === 'oss') {
localStorage.clear();
window.location.href = "/oss/logout"
}
}
}).catch(error => {
localStorage.clear(); localStorage.clear();
window.location.href = "/login"; window.location.href = "/login";
}); });

9
frontend/src/login/Login.vue
View File

@ -88,8 +88,15 @@
beforeCreate() { beforeCreate() {
this.$get("/isLogin").then(response => { this.$get("/isLogin").then(response => {
if (!response.data.success) { if (!response.data.success) {
this.ready = true; if (response.data.message === 'oss') {
window.location.href = "/oss/login"
} else {
this.ready = true;
}
} else { } else {
let user = response.data.data;
saveLocalStorage(user);
this.getLanguage(user.language);
window.location.href = "/" window.location.href = "/"
} }
}); });