From 4eccebafb3a495f58abf2e81b27ecfeafb4da877 Mon Sep 17 00:00:00 2001
From: lorne <1991wangliang@gmail.com>
Date: Fri, 20 Jun 2025 21:37:54 +0800
Subject: [PATCH 1/2] 2.10.4 add HttpSecurityCustomer
---
pom.xml | 2 +-
springboot-starter-data-authorization/pom.xml | 2 +-
springboot-starter-data-fast/pom.xml | 2 +-
springboot-starter-flow/pom.xml | 2 +-
springboot-starter-security/pom.xml | 2 +-
.../security/AutoConfiguration.java | 26 ++++++----
.../customer/DefaultHttpSecurityCustomer.java | 50 +++++++++++++++++++
.../customer/HttpSecurityCustomer.java | 9 ++++
.../CodingApiSecurityProperties.java | 9 ++++
springboot-starter/pom.xml | 2 +-
.../src/main/resources/META-INF/banner.txt | 2 +-
11 files changed, 91 insertions(+), 17 deletions(-)
create mode 100644 springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/DefaultHttpSecurityCustomer.java
create mode 100644 springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/HttpSecurityCustomer.java
diff --git a/pom.xml b/pom.xml
index daad4555..d2d5d0dc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,7 +15,7 @@
com.codingapi.springboot
springboot-parent
- 2.10.3
+ 2.10.4
https://github.com/codingapi/springboot-framewrok
springboot-parent
diff --git a/springboot-starter-data-authorization/pom.xml b/springboot-starter-data-authorization/pom.xml
index c4a5dbc7..4b6698a5 100644
--- a/springboot-starter-data-authorization/pom.xml
+++ b/springboot-starter-data-authorization/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.3
+ 2.10.4
springboot-starter-data-authorization
diff --git a/springboot-starter-data-fast/pom.xml b/springboot-starter-data-fast/pom.xml
index 94a3ff78..e1a9af60 100644
--- a/springboot-starter-data-fast/pom.xml
+++ b/springboot-starter-data-fast/pom.xml
@@ -5,7 +5,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.3
+ 2.10.4
4.0.0
diff --git a/springboot-starter-flow/pom.xml b/springboot-starter-flow/pom.xml
index b366126e..e27424b1 100644
--- a/springboot-starter-flow/pom.xml
+++ b/springboot-starter-flow/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.3
+ 2.10.4
springboot-starter-flow
diff --git a/springboot-starter-security/pom.xml b/springboot-starter-security/pom.xml
index 1482367f..7abb2fee 100644
--- a/springboot-starter-security/pom.xml
+++ b/springboot-starter-security/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.3
+ 2.10.4
springboot-starter-security
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java
index b60f597c..b8b21a76 100644
--- a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java
+++ b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java
@@ -2,6 +2,8 @@
import com.codingapi.springboot.security.configurer.HttpSecurityConfigurer;
import com.codingapi.springboot.security.controller.VersionController;
+import com.codingapi.springboot.security.customer.DefaultHttpSecurityCustomer;
+import com.codingapi.springboot.security.customer.HttpSecurityCustomer;
import com.codingapi.springboot.security.dto.request.LoginRequest;
import com.codingapi.springboot.security.dto.response.LoginResponse;
import com.codingapi.springboot.security.filter.*;
@@ -67,6 +69,11 @@ public AuthenticationTokenFilter authenticationTokenFilter() {
};
}
+ @Bean
+ @ConditionalOnMissingBean
+ public HttpSecurityCustomer httpSecurityCustomer(CodingApiSecurityProperties properties){
+ return new DefaultHttpSecurityCustomer(properties);
+ }
@Bean
@ConditionalOnMissingBean
@@ -91,16 +98,15 @@ public LoginResponse postHandle(HttpServletRequest request, HttpServletResponse
@Bean
@ConditionalOnMissingBean
- public SecurityFilterChain filterChain(HttpSecurity security, TokenGateway tokenGateway, SecurityLoginHandler loginHandler,
- CodingApiSecurityProperties properties, AuthenticationTokenFilter authenticationTokenFilter) throws Exception {
- //disable basic auth
- security.httpBasic().disable();
-
- //before add addCorsMappings to enable cors.
- security.cors();
- if (properties.isDisableCsrf()) {
- security.csrf().disable();
- }
+ public SecurityFilterChain filterChain(HttpSecurity security,
+ HttpSecurityCustomer httpSecurityCustomer,
+ TokenGateway tokenGateway,
+ SecurityLoginHandler loginHandler,
+ CodingApiSecurityProperties properties,
+ AuthenticationTokenFilter authenticationTokenFilter) throws Exception {
+
+ httpSecurityCustomer.customize(security);
+
security.apply(new HttpSecurityConfigurer(tokenGateway, loginHandler, properties, authenticationTokenFilter));
security
.exceptionHandling()
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/DefaultHttpSecurityCustomer.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/DefaultHttpSecurityCustomer.java
new file mode 100644
index 00000000..02733c6f
--- /dev/null
+++ b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/DefaultHttpSecurityCustomer.java
@@ -0,0 +1,50 @@
+package com.codingapi.springboot.security.customer;
+
+import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
+import lombok.AllArgsConstructor;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
+
+@AllArgsConstructor
+public class DefaultHttpSecurityCustomer implements HttpSecurityCustomer {
+
+ private final CodingApiSecurityProperties properties;
+
+ @Override
+ public void customize(HttpSecurity security) throws Exception {
+ //disable basic auth
+ if (properties.isDisableBasicAuth()) {
+ security.httpBasic(AbstractHttpConfigurer::disable);
+ }
+
+ //disable frame options
+ if (properties.isDisableFrameOptions()) {
+ security.headers(new Customizer>() {
+ @Override
+ public void customize(HeadersConfigurer httpSecurityHeadersConfigurer) {
+ httpSecurityHeadersConfigurer.frameOptions(new Customizer.FrameOptionsConfig>() {
+ @Override
+ public void customize(HeadersConfigurer.FrameOptionsConfig frameOptionsConfig) {
+ frameOptionsConfig.disable();
+ }
+ });
+ }
+ });
+ }
+
+ //before add addCorsMappings to enable cors.
+ security.cors(httpSecurityCorsConfigurer -> {
+ if (properties.isDisableCors()) {
+ httpSecurityCorsConfigurer.disable();
+ }
+ });
+
+ security.csrf(httpSecurityCsrfConfigurer -> {
+ if (properties.isDisableCsrf()) {
+ httpSecurityCsrfConfigurer.disable();
+ }
+ });
+ }
+}
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/HttpSecurityCustomer.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/HttpSecurityCustomer.java
new file mode 100644
index 00000000..ddc35dd6
--- /dev/null
+++ b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/customer/HttpSecurityCustomer.java
@@ -0,0 +1,9 @@
+package com.codingapi.springboot.security.customer;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+
+public interface HttpSecurityCustomer {
+
+ void customize(HttpSecurity security) throws Exception;
+
+}
diff --git a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/properties/CodingApiSecurityProperties.java b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/properties/CodingApiSecurityProperties.java
index 4a33d91b..0db1dad0 100644
--- a/springboot-starter-security/src/main/java/com/codingapi/springboot/security/properties/CodingApiSecurityProperties.java
+++ b/springboot-starter-security/src/main/java/com/codingapi/springboot/security/properties/CodingApiSecurityProperties.java
@@ -38,6 +38,15 @@ public class CodingApiSecurityProperties {
*/
private String aseIv = "QUNYRkdIQEVEUyNYQ1phcw==";
+ /**
+ * 禁用Basic Auth
+ */
+ private boolean disableBasicAuth = true;
+
+ /**
+ * 禁用FrameOptions
+ */
+ private boolean disableFrameOptions = true;
/**
* 启用禁用CSRF
diff --git a/springboot-starter/pom.xml b/springboot-starter/pom.xml
index d083955a..a7db9a65 100644
--- a/springboot-starter/pom.xml
+++ b/springboot-starter/pom.xml
@@ -5,7 +5,7 @@
com.codingapi.springboot
springboot-parent
- 2.10.3
+ 2.10.4
springboot-starter
diff --git a/springboot-starter/src/main/resources/META-INF/banner.txt b/springboot-starter/src/main/resources/META-INF/banner.txt
index 7b4110d8..685e5ca1 100644
--- a/springboot-starter/src/main/resources/META-INF/banner.txt
+++ b/springboot-starter/src/main/resources/META-INF/banner.txt
@@ -1,4 +1,4 @@
------------------------------------------------------
-CodingApi SpringBoot-Starter 2.10.3
+CodingApi SpringBoot-Starter 2.10.4
springboot version (${spring-boot.version})
------------------------------------------------------
From 59ed4505ae9f64c7a7c130ab340f5484653b8bb2 Mon Sep 17 00:00:00 2001
From: lorne <1991wangliang@gmail.com>
Date: Fri, 27 Jun 2025 14:52:38 +0800
Subject: [PATCH 2/2] add Any
---
pom.xml | 2 +-
springboot-starter-data-authorization/pom.xml | 2 +-
springboot-starter-data-fast/pom.xml | 2 +-
springboot-starter-flow/pom.xml | 2 +-
springboot-starter-security/pom.xml | 2 +-
springboot-starter/pom.xml | 2 +-
.../springboot/framework/annotation/ColumnType.java | 5 +++++
springboot-starter/src/main/resources/META-INF/banner.txt | 2 +-
8 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/pom.xml b/pom.xml
index d2d5d0dc..999755a7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,7 +15,7 @@
com.codingapi.springboot
springboot-parent
- 2.10.4
+ 2.10.5
https://github.com/codingapi/springboot-framewrok
springboot-parent
diff --git a/springboot-starter-data-authorization/pom.xml b/springboot-starter-data-authorization/pom.xml
index 4b6698a5..fa3f09c0 100644
--- a/springboot-starter-data-authorization/pom.xml
+++ b/springboot-starter-data-authorization/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.4
+ 2.10.5
springboot-starter-data-authorization
diff --git a/springboot-starter-data-fast/pom.xml b/springboot-starter-data-fast/pom.xml
index e1a9af60..f7e84726 100644
--- a/springboot-starter-data-fast/pom.xml
+++ b/springboot-starter-data-fast/pom.xml
@@ -5,7 +5,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.4
+ 2.10.5
4.0.0
diff --git a/springboot-starter-flow/pom.xml b/springboot-starter-flow/pom.xml
index e27424b1..5100e5d9 100644
--- a/springboot-starter-flow/pom.xml
+++ b/springboot-starter-flow/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.4
+ 2.10.5
springboot-starter-flow
diff --git a/springboot-starter-security/pom.xml b/springboot-starter-security/pom.xml
index 7abb2fee..ffebe777 100644
--- a/springboot-starter-security/pom.xml
+++ b/springboot-starter-security/pom.xml
@@ -6,7 +6,7 @@
springboot-parent
com.codingapi.springboot
- 2.10.4
+ 2.10.5
springboot-starter-security
diff --git a/springboot-starter/pom.xml b/springboot-starter/pom.xml
index a7db9a65..a314e5c3 100644
--- a/springboot-starter/pom.xml
+++ b/springboot-starter/pom.xml
@@ -5,7 +5,7 @@
com.codingapi.springboot
springboot-parent
- 2.10.4
+ 2.10.5
springboot-starter
diff --git a/springboot-starter/src/main/java/com/codingapi/springboot/framework/annotation/ColumnType.java b/springboot-starter/src/main/java/com/codingapi/springboot/framework/annotation/ColumnType.java
index 215814c1..40bb84f1 100644
--- a/springboot-starter/src/main/java/com/codingapi/springboot/framework/annotation/ColumnType.java
+++ b/springboot-starter/src/main/java/com/codingapi/springboot/framework/annotation/ColumnType.java
@@ -44,4 +44,9 @@ public enum ColumnType {
* JSON
*/
JSON,
+
+ /**
+ * 任意
+ */
+ Any
}
diff --git a/springboot-starter/src/main/resources/META-INF/banner.txt b/springboot-starter/src/main/resources/META-INF/banner.txt
index 685e5ca1..9555bc0b 100644
--- a/springboot-starter/src/main/resources/META-INF/banner.txt
+++ b/springboot-starter/src/main/resources/META-INF/banner.txt
@@ -1,4 +1,4 @@
------------------------------------------------------
-CodingApi SpringBoot-Starter 2.10.4
+CodingApi SpringBoot-Starter 2.10.5
springboot version (${spring-boot.version})
------------------------------------------------------