Skip to content

Commit a82c50a

Browse files
zhou-haozhou-hao
authored
Merge pull request hs-web#106 from hs-web/3.0.x
3.0.4
2 parents e8dc76c + 63615a7 commit a82c50a

File tree

222 files changed

+2779
-273
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

222 files changed

+2779
-273
lines changed

hsweb-authorization/hsweb-authorization-api/pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
<parent>
66
<artifactId>hsweb-authorization</artifactId>
77
<groupId>org.hswebframework.web</groupId>
8-
<version>3.0.3</version>
8+
<version>3.0.4</version>
99
</parent>
1010
<modelVersion>4.0.0</modelVersion>
1111

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -128,7 +128,6 @@ default boolean hasRole(String roleId) {
128128
* @param <T> 属性值类型
129129
* @return Optional属性值
130130
*/
131-
@Deprecated
132131
<T extends Serializable> Optional<T> getAttribute(String name);
133132

134133
/**
@@ -139,7 +138,6 @@ default boolean hasRole(String roleId) {
139138
* @param object 属性值
140139
* @see AuthenticationManager#sync(Authentication)
141140
*/
142-
@Deprecated
143141
void setAttribute(String name, Serializable object);
144142

145143
/**
@@ -148,7 +146,6 @@ default boolean hasRole(String roleId) {
148146
* @param attributes 属性值map
149147
* @see AuthenticationManager#sync(Authentication)
150148
*/
151-
@Deprecated
152149
void setAttributes(Map<String, Serializable> attributes);
153150

154151
/**
@@ -159,15 +156,13 @@ default boolean hasRole(String roleId) {
159156
* @return 被删除的值
160157
* @see AuthenticationManager#sync(Authentication)
161158
*/
162-
@Deprecated
163159
<T extends Serializable> T removeAttributes(String name);
164160

165161
/**
166162
* 获取全部属性,此属性为通过{@link this#setAttribute(String, Serializable)}或{@link this#setAttributes(Map)}设置的属性。
167163
*
168164
* @return 全部属性集合
169165
*/
170-
@Deprecated
171166
Map<String, Serializable> getAttributes();
172167

173168
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/TwoFactor.java

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
package org.hswebframework.web.authorization.annotation;
2+
3+
import org.hswebframework.web.authorization.twofactor.TwoFactorValidator;
4+
5+
import java.lang.annotation.*;
6+
7+
/**
8+
* 开启2FA双重验证
9+
*
10+
* @see org.hswebframework.web.authorization.twofactor.TwoFactorValidatorManager
11+
* @see org.hswebframework.web.authorization.twofactor.TwoFactorValidatorProvider
12+
* @see org.hswebframework.web.authorization.twofactor.TwoFactorValidator
13+
* @since 3.0.4
14+
*/
15+
@Target({ElementType.TYPE, ElementType.METHOD})
16+
@Retention(RetentionPolicy.RUNTIME)
17+
@Inherited
18+
@Documented
19+
public @interface TwoFactor {
20+
21+
/**
22+
* @return 接口的标识, 用于实现不同的操作, 可能会配置不同的验证规则
23+
*/
24+
String value();
25+
26+
/**
27+
* @return 验证有效期, 超过有效期后需要重新进行验证
28+
*/
29+
long timeout() default 10 * 60 * 1000L;
30+
31+
/**
32+
* 验证器供应商,如: totp,sms,email,由{@link org.hswebframework.web.authorization.twofactor.TwoFactorValidatorProvider}进行自定义.
33+
* <p>
34+
* 可通过配置项: hsweb.authorize.two-factor.default-provider 来修改默认配置
35+
*
36+
* @return provider
37+
* @see TwoFactorValidator#getProvider()
38+
*/
39+
String provider() default "default";
40+
41+
/**
42+
* 验证码的http参数名,在进行验证的时候需要传入此参数
43+
*
44+
* @return 验证码的参数名
45+
*/
46+
String parameter() default "verifyCode";
47+
48+
/**
49+
* @return 关闭验证
50+
*/
51+
boolean ignore() default false;
52+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/exception/AccessDenyException.java

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11
package org.hswebframework.web.authorization.exception;
22

3+
import lombok.Getter;
4+
35
/**
46
* 权限验证异常
57
*
@@ -10,6 +12,9 @@ public class AccessDenyException extends RuntimeException {
1012

1113
private static final long serialVersionUID = -5135300127303801430L;
1214

15+
@Getter
16+
private String code;
17+
1318
public AccessDenyException() {
1419
this("权限不足,拒绝访问!");
1520
}
@@ -21,4 +26,9 @@ public AccessDenyException(String message) {
2126
public AccessDenyException(String message, Throwable cause) {
2227
super(message, cause);
2328
}
29+
30+
public AccessDenyException(String message, String code, Throwable cause) {
31+
super(message, cause);
32+
this.code = code;
33+
}
2434
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/exception/NeedTwoFactorException.java

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
package org.hswebframework.web.authorization.exception;
2+
3+
import lombok.Getter;
4+
5+
/**
6+
* @author zhouhao
7+
* @since 3.0.4
8+
*/
9+
@Getter
10+
public class NeedTwoFactorException extends RuntimeException {
11+
private static final long serialVersionUID = 3655980280834947633L;
12+
private String provider;
13+
14+
public NeedTwoFactorException(String message, String provider) {
15+
super(message);
16+
this.provider = provider;
17+
}
18+
19+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/setting/SettingNullValueHolder.java

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
package org.hswebframework.web.authorization.setting;
2+
3+
import java.util.List;
4+
import java.util.Optional;
5+
6+
/**
7+
* @author zhouhao
8+
* @since 1.0.0
9+
*/
10+
public class SettingNullValueHolder implements SettingValueHolder {
11+
12+
public static final SettingNullValueHolder INSTANCE = new SettingNullValueHolder();
13+
14+
private SettingNullValueHolder() {
15+
}
16+
17+
@Override
18+
public <T> Optional<List<T>> asList(Class<T> t) {
19+
return Optional.empty();
20+
}
21+
22+
@Override
23+
public <T> Optional<T> as(Class<T> t) {
24+
return Optional.empty();
25+
}
26+
27+
@Override
28+
public Optional<String> asString() {
29+
return Optional.empty();
30+
}
31+
32+
@Override
33+
public Optional<Long> asLong() {
34+
return Optional.empty();
35+
}
36+
37+
@Override
38+
public Optional<Integer> asInt() {
39+
return Optional.empty();
40+
}
41+
42+
@Override
43+
public Optional<Double> asDouble() {
44+
return Optional.empty();
45+
}
46+
47+
@Override
48+
public Optional<Object> getValue() {
49+
return Optional.empty();
50+
}
51+
52+
@Override
53+
public UserSettingPermission getPermission() {
54+
return UserSettingPermission.NONE;
55+
}
56+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/setting/SettingValueHolder.java

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
package org.hswebframework.web.authorization.setting;
2+
3+
import java.util.List;
4+
import java.util.Optional;
5+
6+
public interface SettingValueHolder {
7+
8+
SettingValueHolder NULL = SettingNullValueHolder.INSTANCE;
9+
10+
<T> Optional<List<T>> asList(Class<T> t);
11+
12+
<T> Optional<T> as(Class<T> t);
13+
14+
Optional<String> asString();
15+
16+
Optional<Long> asLong();
17+
18+
Optional<Integer> asInt();
19+
20+
Optional<Double> asDouble();
21+
22+
Optional<Object> getValue();
23+
24+
UserSettingPermission getPermission();
25+
26+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/setting/StringSourceSettingHolder.java

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
package org.hswebframework.web.authorization.setting;
2+
3+
4+
import com.alibaba.fastjson.JSON;
5+
import lombok.AllArgsConstructor;
6+
import lombok.Getter;
7+
import org.hswebframework.utils.StringUtils;
8+
import org.hswebframework.web.dict.EnumDict;
9+
10+
import java.util.List;
11+
import java.util.Optional;
12+
13+
/**
14+
* @author zhouhao
15+
* @since 3.0.4
16+
*/
17+
@AllArgsConstructor
18+
@Getter
19+
public class StringSourceSettingHolder implements SettingValueHolder {
20+
21+
private String value;
22+
23+
private UserSettingPermission permission;
24+
25+
public static SettingValueHolder of(String value, UserSettingPermission permission) {
26+
if (value == null) {
27+
return SettingValueHolder.NULL;
28+
}
29+
return new StringSourceSettingHolder(value, permission);
30+
}
31+
32+
@Override
33+
public <T> Optional<List<T>> asList(Class<T> t) {
34+
return getNativeValue()
35+
.map(v -> JSON.parseArray(v, t));
36+
}
37+
38+
protected <T> T convert(String value, Class<T> t) {
39+
if (t.isEnum()) {
40+
if (EnumDict.class.isAssignableFrom(t)) {
41+
T val = (T) EnumDict.find((Class) t, value).orElse(null);
42+
if (null != val) {
43+
return val;
44+
}
45+
}
46+
for (T enumConstant : t.getEnumConstants()) {
47+
if (((Enum) enumConstant).name().equalsIgnoreCase(value)) {
48+
return enumConstant;
49+
}
50+
}
51+
}
52+
return JSON.parseObject(value, t);
53+
}
54+
55+
@Override
56+
@SuppressWarnings("all")
57+
public <T> Optional<T> as(Class<T> t) {
58+
if (t == String.class) {
59+
return (Optional) asString();
60+
} else if (Long.class == t || long.class == t) {
61+
return (Optional) asLong();
62+
} else if (Integer.class == t || int.class == t) {
63+
return (Optional) asInt();
64+
} else if (Double.class == t || double.class == t) {
65+
return (Optional) asDouble();
66+
}
67+
return getNativeValue().map(v -> convert(v, t));
68+
}
69+
70+
@Override
71+
public Optional<String> asString() {
72+
return getNativeValue();
73+
}
74+
75+
@Override
76+
public Optional<Long> asLong() {
77+
return getNativeValue().map(StringUtils::toLong);
78+
}
79+
80+
@Override
81+
public Optional<Integer> asInt() {
82+
return getNativeValue().map(StringUtils::toInt);
83+
}
84+
85+
@Override
86+
public Optional<Double> asDouble() {
87+
return getNativeValue().map(StringUtils::toDouble);
88+
}
89+
90+
private Optional<String> getNativeValue() {
91+
return Optional.ofNullable(value);
92+
}
93+
94+
@Override
95+
public Optional<Object> getValue() {
96+
return Optional.ofNullable(value);
97+
}
98+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/setting/UserSettingManager.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
package org.hswebframework.web.authorization.setting;
2+
3+
/**
4+
* @author zhouhao
5+
* @since 3.0.4
6+
*/
7+
public interface UserSettingManager {
8+
9+
SettingValueHolder getSetting(String userId, String key);
10+
11+
void saveSetting(String userId, String key, String value, UserSettingPermission permission);
12+
13+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/setting/UserSettingPermission.java

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
package org.hswebframework.web.authorization.setting;
2+
3+
import lombok.AllArgsConstructor;
4+
import lombok.Getter;
5+
import org.hswebframework.web.dict.Dict;
6+
import org.hswebframework.web.dict.EnumDict;
7+
8+
/**
9+
* @author zhouhao
10+
* @since 3.0.4
11+
*/
12+
@AllArgsConstructor
13+
@Getter
14+
@Dict(id = "user-setting-permission")
15+
public enum UserSettingPermission implements EnumDict<String> {
16+
NONE("无"),
17+
R("读"),
18+
W("写"),
19+
RW("读写");
20+
private String text;
21+
22+
@Override
23+
public String getValue() {
24+
return name();
25+
}
26+
}

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/DefaultAuthorizationAutoConfiguration.java

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@
1111
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
1212
import org.hswebframework.web.authorization.token.UserTokenAuthenticationSupplier;
1313
import org.hswebframework.web.authorization.token.UserTokenManager;
14+
import org.hswebframework.web.authorization.twofactor.TwoFactorValidatorManager;
15+
import org.hswebframework.web.authorization.twofactor.defaults.DefaultTwoFactorValidatorManager;
1416
import org.hswebframework.web.convert.CustomMessageConverter;
1517
import org.springframework.beans.factory.annotation.Autowired;
1618
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@@ -56,6 +58,13 @@ public SimpleDataAccessConfigBuilderFactory dataAccessConfigBuilderFactory() {
5658
return factory;
5759
}
5860

61+
@Bean
62+
@ConditionalOnMissingBean(TwoFactorValidatorManager.class)
63+
@ConfigurationProperties("hsweb.authorize.two-factor")
64+
public DefaultTwoFactorValidatorManager defaultTwoFactorValidatorManager() {
65+
return new DefaultTwoFactorValidatorManager();
66+
}
67+
5968
@Bean
6069
@ConditionalOnMissingBean(AuthenticationBuilderFactory.class)
6170
public AuthenticationBuilderFactory authenticationBuilderFactory(DataAccessConfigBuilderFactory dataAccessConfigBuilderFactory) {

0 commit comments

Comments
 (0)