添加测试豁免;开始添加权限管理子系统相关接口;调整项目架构;

2020-03-22 17:57:43 +08:00 · 2020-03-22 17:57:43 +08:00 · ae21439c2e
commit ae21439c2e
parent a64d65a70e
17 changed files with 52 additions and 30 deletions
--- a/pom.xml
+++ b/pom.xml
@ -139,10 +139,10 @@
        </dependency>

        <dependency>
-            <groupId>org.mariadb.jdbc</groupId>
-            <artifactId>mariadb-java-client</artifactId>
-            <version>2.5.4</version>
-        </dependency>
+        <groupId>org.mariadb.jdbc</groupId>
+        <artifactId>mariadb-java-client</artifactId>
+        <version>2.5.4</version>
+    </dependency>

        <dependency>
            <groupId>com.h2database</groupId>
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.datamanager.JSONParameter;
 import com.codesdream.ase.component.datamanager.QuickJSONRespond;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.datamanager.JSONParameter;
 import com.codesdream.ase.component.datamanager.QuickJSONRespond;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.datamanager.JSONParameter;
 import com.codesdream.ase.component.datamanager.QuickJSONRespond;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.auth.JSONTokenAuthenticationToken;
 import com.codesdream.ase.component.datamanager.JSONParameter;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEJSONTokenAuthenticationFilter.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEJSONTokenAuthenticationFilter.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.auth.AJAXRequestChecker;
 import com.codesdream.ase.component.auth.JSONRandomCodeGenerator;
@ -53,7 +53,13 @@ public class ASEJSONTokenAuthenticationFilter extends OncePerRequestFilter {
        // 时间戳
        String timestamp = request.getHeader("timestamp");

-        if (signed != null && username != null && timestamp != null) {
+        // 服务端API测试豁免签名
+        if(signed != null && signed.equals("6d4923fca4dcb51f67b85e54a23a8d763d9e02af")){
+            //执行授权
+            doAuthentication("u_id_88883b9e023c8824310760d8bb8b6542e5a3f16a0d67253214e01ee7ab0e96a1", request);
+        }
+        // 正常认证
+        else if (signed != null && username != null && timestamp != null) {
            // 获得具体时间
            Date date = new Date(Long.parseLong(timestamp));

--- a/src/main/java/com/codesdream/ase/component/permission/ASEPasswordEncoder.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEPasswordEncoder.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.security.crypto.password.PasswordEncoder;
--- a/src/main/java/com/codesdream/ase/component/permission/ASESecurityAuthenticationProvider.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASESecurityAuthenticationProvider.java
@ -1,7 +1,5 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

-import com.codesdream.ase.component.auth.JSONTokenAuthenticationToken;
-import com.codesdream.ase.component.auth.JSONTokenUsernamePasswordAuthenticationToken;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.*;
 import org.springframework.security.core.Authentication;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernameEncoder.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernameEncoder.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.stereotype.Component;
--- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java
@ -1,4 +1,4 @@
-package com.codesdream.ase.component.permission;
+package com.codesdream.ase.component.auth;

 import com.codesdream.ase.component.auth.AJAXRequestChecker;
 import com.codesdream.ase.component.auth.JSONTokenUsernamePasswordAuthenticationToken;
@ -8,19 +8,17 @@ import com.codesdream.ase.component.json.request.UserLoginChecker;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
-import org.springframework.web.bind.annotation.RequestMapping;

 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.Optional;

-// 登录验证过滤器
+// 普通登录验证过滤器
@Slf4j
 public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {

--- a/src/main/java/com/codesdream/ase/configure/AppConfigure.java
+++ b/src/main/java/com/codesdream/ase/configure/AppConfigure.java
@ -39,4 +39,5 @@ public class AppConfigure {
    public String getOrganization() {
        return "全员育人WEB端开发组";
    }
+
 }
--- a/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java
+++ b/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java
@ -1,10 +1,9 @@
 package com.codesdream.ase.configure;

-import com.codesdream.ase.component.permission.*;
+import com.codesdream.ase.component.auth.*;
 import com.codesdream.ase.service.ASEUserDetailsService;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@ -14,11 +13,8 @@ import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.session.SessionRegistry;
 import org.springframework.security.core.session.SessionRegistryImpl;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy;
 import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
 import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
-import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
-import org.springframework.security.web.context.SecurityContextPersistenceFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

 import javax.annotation.Resource;
--- a/src/main/java/com/codesdream/ase/controller/LeavesController.java
+++ b/src/main/java/com/codesdream/ase/controller/LeavesController.java
@ -3,7 +3,7 @@ package com.codesdream.ase.controller;
 import com.alibaba.fastjson.JSONObject;
 import com.codesdream.ase.component.datamanager.JSONParameter;
 import com.codesdream.ase.component.json.request.UserLeaveRequest;
-import com.codesdream.ase.component.permission.ASEUsernameEncoder;
+import com.codesdream.ase.component.auth.ASEUsernameEncoder;
 import com.codesdream.ase.service.LeavesService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Controller;
--- a/src/main/java/com/codesdream/ase/controller/LoginController.java
+++ b/src/main/java/com/codesdream/ase/controller/LoginController.java
@ -4,8 +4,6 @@ import com.alibaba.fastjson.JSONObject;
 import com.codesdream.ase.component.datamanager.JSONParameter;
 import com.codesdream.ase.component.datamanager.QuickJSONRespond;
 import com.codesdream.ase.component.json.respond.JSONStandardFailedRespond;
-import com.codesdream.ase.component.json.respond.JSONBaseRespondObject;
-import com.codesdream.ase.component.permission.ASEUsernameEncoder;
 import com.codesdream.ase.component.json.request.UserLoginChecker;
 import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond;
 import com.codesdream.ase.service.IUserService;
@ -49,7 +47,7 @@ public class LoginController {

        // 检查是否为JSON
        Optional<JSONObject> json = jsonParameter.getJSONByRequest(request);
-        if(!json.isPresent()) return jsonParameter.getJSONString(new JSONStandardFailedRespond());
+        if(!json.isPresent()) return quickJSONRespond.getRespond400("Invalid JSON Form");


        UserLoginChecker loginChecker = json.get().toJavaObject(UserLoginChecker.class);
--- a/src/main/java/com/codesdream/ase/controller/PermissionContainer.java
+++ b/src/main/java/com/codesdream/ase/controller/PermissionContainer.java
@ -0,0 +1,23 @@
+package com.codesdream.ase.controller;
+
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletRequest;
+
+@RestController
+@RequestMapping("pmt")
+public class PermissionContainer {
+
+    @Secured({"ROLE_ADMIN","ROLE_USER"})
+    @PostMapping("tag")
+    public String createTag(HttpServletRequest request, Authentication authentication){
+        return "";
+    }
+
+
+}
--- a/src/main/java/com/codesdream/ase/service/UserService.java
+++ b/src/main/java/com/codesdream/ase/service/UserService.java
@ -1,7 +1,7 @@
 package com.codesdream.ase.service;

-import com.codesdream.ase.component.permission.ASEPasswordEncoder;
-import com.codesdream.ase.component.permission.ASEUsernameEncoder;
+import com.codesdream.ase.component.auth.ASEPasswordEncoder;
+import com.codesdream.ase.component.auth.ASEUsernameEncoder;
 import com.codesdream.ase.component.permission.UserRolesListGenerator;
 import com.codesdream.ase.exception.UserInformationIllegalException;
 import com.codesdream.ase.exception.UserNotFoundException;
--- a/src/test/java/com/codesdream/ase/test/PermissionServiceTest.java
+++ b/src/test/java/com/codesdream/ase/test/PermissionServiceTest.java
@ -8,6 +8,7 @@ import com.codesdream.ase.service.IPermissionService;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.junit4.SpringRunner;

 import javax.annotation.Resource;
@ -15,6 +16,7 @@ import javax.annotation.Resource;

@SpringBootTest
@RunWith(SpringRunner.class)
+@ActiveProfiles("test")
 public class PermissionServiceTest {

    @Resource