center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

feat: 增加sso用户flyway,完善单点登出

Browse Source
This commit is contained in:
fit2cloud-chenyw 2021-09-15 14:41:06 +08:00
parent b2fef91417
commit 4ef83c477e
16 changed files with 150 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
backend/src/main/java/io/dataease/auth/server/AuthServer.java
View File

@ -119,8 +119,11 @@ public class AuthServer implements AuthApi {
if (isOpenOidc()) {
HttpServletRequest request = ServletUtils.request();
String idToken = request.getHeader("IdToken");
OidcXpackService oidcXpackService = SpringContextUtil.getBean(OidcXpackService.class);
oidcXpackService.logout(idToken);
if (StringUtils.isNotBlank(idToken)) {
OidcXpackService oidcXpackService = SpringContextUtil.getBean(OidcXpackService.class);
oidcXpackService.logout(idToken);
}
}
if (StringUtils.isEmpty(token) || StringUtils.equals("null", token) || StringUtils.equals("undefined", token)) {
return "success";

2
backend/src/main/java/io/dataease/auth/service/AuthUserService.java
View File

@ -13,6 +13,8 @@ public interface AuthUserService {
SysUserEntity getUserByName(String username);
SysUserEntity getUserBySub(String sub);
List<String> roles(Long userId);
List<String> permissions(Long userId);

5
backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
View File

@ -52,6 +52,11 @@ public class AuthUserServiceImpl implements AuthUserService {
return authMapper.findUserByName(username);
}
@Override
public SysUserEntity getUserBySub(String sub) {
return authMapper.findUserBySub(sub);
}
@Override
public List<String> roles(Long userId){
return authMapper.roleCodes(userId);

1
backend/src/main/java/io/dataease/auth/service/impl/DynamicMenuServiceImpl.java
View File

@ -13,7 +13,6 @@ import org.apache.commons.collections4.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

2
backend/src/main/java/io/dataease/base/domain/SysUser.java
View File

@ -39,5 +39,7 @@ public class SysUser implements Serializable {
private Integer from;
private String sub;
private static final long serialVersionUID = 1L;
}

70
backend/src/main/java/io/dataease/base/domain/SysUserExample.java
View File

@ -1213,6 +1213,76 @@ public class SysUserExample {
addCriterion("`from` not between", value1, value2, "from");
return (Criteria) this;
}
public Criteria andSubIsNull() {
addCriterion("sub is null");
return (Criteria) this;
}
public Criteria andSubIsNotNull() {
addCriterion("sub is not null");
return (Criteria) this;
}
public Criteria andSubEqualTo(String value) {
addCriterion("sub =", value, "sub");
return (Criteria) this;
}
public Criteria andSubNotEqualTo(String value) {
addCriterion("sub <>", value, "sub");
return (Criteria) this;
}
public Criteria andSubGreaterThan(String value) {
addCriterion("sub >", value, "sub");
return (Criteria) this;
}
public Criteria andSubGreaterThanOrEqualTo(String value) {
addCriterion("sub >=", value, "sub");
return (Criteria) this;
}
public Criteria andSubLessThan(String value) {
addCriterion("sub <", value, "sub");
return (Criteria) this;
}
public Criteria andSubLessThanOrEqualTo(String value) {
addCriterion("sub <=", value, "sub");
return (Criteria) this;
}
public Criteria andSubLike(String value) {
addCriterion("sub like", value, "sub");
return (Criteria) this;
}
public Criteria andSubNotLike(String value) {
addCriterion("sub not like", value, "sub");
return (Criteria) this;
}
public Criteria andSubIn(List<String> values) {
addCriterion("sub in", values, "sub");
return (Criteria) this;
}
public Criteria andSubNotIn(List<String> values) {
addCriterion("sub not in", values, "sub");
return (Criteria) this;
}
public Criteria andSubBetween(String value1, String value2) {
addCriterion("sub between", value1, value2, "sub");
return (Criteria) this;
}
public Criteria andSubNotBetween(String value1, String value2) {
addCriterion("sub not between", value1, value2, "sub");
return (Criteria) this;
}
}
public static class Criteria extends GeneratedCriteria {

27
backend/src/main/java/io/dataease/base/mapper/SysUserMapper.xml
View File

@ -19,6 +19,7 @@
<result column="update_time" jdbcType="BIGINT" property="updateTime" />
<result column="language" jdbcType="VARCHAR" property="language" />
<result column="from" jdbcType="INTEGER" property="from" />
<result column="sub" jdbcType="VARCHAR" property="sub" />
</resultMap>
<sql id="Example_Where_Clause">
<where>
@ -81,7 +82,7 @@
<sql id="Base_Column_List">
user_id, dept_id, username, nick_name, gender, phone, email, `password`, is_admin,
enabled, create_by, update_by, pwd_reset_time, create_time, update_time, `language`,
`from`
`from`, sub
</sql>
<select id="selectByExample" parameterType="io.dataease.base.domain.SysUserExample" resultMap="BaseResultMap">
select
@ -119,13 +120,15 @@
email, `password`, is_admin,
enabled, create_by, update_by,
pwd_reset_time, create_time, update_time,
`language`, `from`)
`language`, `from`, sub
)
values (#{userId,jdbcType=BIGINT}, #{deptId,jdbcType=BIGINT}, #{username,jdbcType=VARCHAR},
#{nickName,jdbcType=VARCHAR}, #{gender,jdbcType=VARCHAR}, #{phone,jdbcType=VARCHAR},
#{email,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR}, #{isAdmin,jdbcType=BIT},
#{enabled,jdbcType=BIGINT}, #{createBy,jdbcType=VARCHAR}, #{updateBy,jdbcType=VARCHAR},
#{pwdResetTime,jdbcType=BIGINT}, #{createTime,jdbcType=BIGINT}, #{updateTime,jdbcType=BIGINT},
#{language,jdbcType=VARCHAR}, #{from,jdbcType=INTEGER})
#{language,jdbcType=VARCHAR}, #{from,jdbcType=INTEGER}, #{sub,jdbcType=VARCHAR}
)
</insert>
<insert id="insertSelective" parameterType="io.dataease.base.domain.SysUser">
insert into sys_user
@ -181,6 +184,9 @@
<if test="from != null">
`from`,
</if>
<if test="sub != null">
sub,
</if>
</trim>
<trim prefix="values (" suffix=")" suffixOverrides=",">
<if test="userId != null">
@ -234,6 +240,9 @@
<if test="from != null">
#{from,jdbcType=INTEGER},
</if>
<if test="sub != null">
#{sub,jdbcType=VARCHAR},
</if>
</trim>
</insert>
<select id="countByExample" parameterType="io.dataease.base.domain.SysUserExample" resultType="java.lang.Long">
@ -296,6 +305,9 @@
<if test="record.from != null">
`from` = #{record.from,jdbcType=INTEGER},
</if>
<if test="record.sub != null">
sub = #{record.sub,jdbcType=VARCHAR},
</if>
</set>
<if test="_parameter != null">
<include refid="Update_By_Example_Where_Clause" />
@ -319,7 +331,8 @@
create_time = #{record.createTime,jdbcType=BIGINT},
update_time = #{record.updateTime,jdbcType=BIGINT},
`language` = #{record.language,jdbcType=VARCHAR},
`from` = #{record.from,jdbcType=INTEGER}
`from` = #{record.from,jdbcType=INTEGER},
sub = #{record.sub,jdbcType=VARCHAR}
<if test="_parameter != null">
<include refid="Update_By_Example_Where_Clause" />
</if>
@ -375,6 +388,9 @@
<if test="from != null">
`from` = #{from,jdbcType=INTEGER},
</if>
<if test="sub != null">
sub = #{sub,jdbcType=VARCHAR},
</if>
</set>
where user_id = #{userId,jdbcType=BIGINT}
</update>
@ -395,7 +411,8 @@
create_time = #{createTime,jdbcType=BIGINT},
update_time = #{updateTime,jdbcType=BIGINT},
`language` = #{language,jdbcType=VARCHAR},
`from` = #{from,jdbcType=INTEGER}
`from` = #{from,jdbcType=INTEGER},
sub = #{sub,jdbcType=VARCHAR}
where user_id = #{userId,jdbcType=BIGINT}
</update>
</mapper>

2
backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.java
View File

@ -25,6 +25,8 @@ public interface AuthMapper {
SysUserEntity findUserByName(@Param("username") String username);
SysUserEntity findUserBySub(@Param("sub") String sub);
List<CurrentRoleDto> roles(@Param("userId") Long userId);

4
backend/src/main/java/io/dataease/base/mapper/ext/AuthMapper.xml
View File

@ -28,6 +28,10 @@
select user_id, username,nick_name, dept_id, password, enabled,email, phone, language ,is_admin from sys_user where username = #{username}
</select>
<select id="findUserBySub" resultMap="baseMap">
select user_id, username,nick_name, dept_id, password, enabled,email, phone, language ,is_admin from sys_user where sub = #{sub}
</select>
<select id="roleCodes" resultType="String">
select r.id from sys_role r
left join sys_users_roles sur on sur.role_id = r.role_id

1
backend/src/main/java/io/dataease/commons/constants/AuthConstants.java
View File

@ -6,6 +6,7 @@ public class AuthConstants {
public final static String USER_CACHE_NAME = "users_info";
public final static String USER_ROLE_CACHE_NAME = "users_roles_info";
public final static String USER_PERMISSION_CACHE_NAME = "users_permissions_info";
public final static String ID_TOKEN_KEY = "IdToken";
}

4
backend/src/main/java/io/dataease/plugins/server/SSOServer.java
View File

@ -52,10 +52,10 @@ public class SSOServer {
SSOToken ssoToken = oidcXpackService.requestSsoToken(config, code, state);
SSOUserInfo ssoUserInfo = oidcXpackService.requestUserInfo(config, ssoToken.getAccessToken());
SysUserEntity sysUserEntity = authUserService.getUserByName(ssoUserInfo.getUserName());
SysUserEntity sysUserEntity = authUserService.getUserBySub(ssoUserInfo.getSub());
if(null == sysUserEntity){
sysUserService.saveOIDCUser(ssoUserInfo);
sysUserEntity = authUserService.getUserByName(ssoUserInfo.getUserName());
sysUserEntity = authUserService.getUserBySub(ssoUserInfo.getSub());
}
TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
String realPwd = CodingUtil.md5(sysUserService.defaultPWD());

3
backend/src/main/java/io/dataease/service/sys/SysUserService.java
View File

@ -111,7 +111,7 @@ public class SysUserService {
public void saveOIDCUser(SSOUserInfo ssoUserInfo) {
long now = System.currentTimeMillis();
SysUser sysUser = new SysUser();
sysUser.setUsername(ssoUserInfo.getUserName());
sysUser.setUsername(ssoUserInfo.getUsername());
sysUser.setNickName(ssoUserInfo.getNickName());
sysUser.setEmail(ssoUserInfo.getEmail());
sysUser.setPassword(CodingUtil.md5(DEFAULT_PWD));
@ -120,6 +120,7 @@ public class SysUserService {
sysUser.setEnabled(1L);
sysUser.setLanguage("zh_CN");
sysUser.setFrom(2);
sysUser.setSub(ssoUserInfo.getSub());
sysUserMapper.insert(sysUser);
SysUser dbUser = findOne(sysUser);
if (null != dbUser && null != dbUser.getUserId()) {

18
backend/src/main/resources/db/migration/V26__de1.3.sql
View File

@ -30,11 +30,23 @@ ALTER TABLE `sys_user` ADD COLUMN `from` int(4) NOT NULL COMMENT '来源' AFTER
INSERT INTO `sys_menu` VALUES (60, 1, 0, 1, '导入LDAP用户', 'system-user-import', 'system/user/imp-ldap', 11, NULL, 'user-ldap', b'0', b'0', b'1', 'user:import', NULL, NULL, NULL, NULL);
BEGIN;
INSERT INTO `system_parameter` VALUES ('ldap.url', NULL, 'text', 1);
INSERT INTO `system_parameter` VALUES ('ldap.dn', NULL, 'text', 2);
INSERT INTO `system_parameter` VALUES ('ldap.password', NULL, 'password', 3);
INSERT INTO `system_parameter` VALUES ('ldap.ou', NULL, 'text', 4);
INSERT INTO `system_parameter` VALUES ('ldap.mapping', NULL, 'text', 6);
INSERT INTO `system_parameter` VALUES ('ldap.open', NULL, 'text', 7);
INSERT INTO `system_parameter` VALUES ('ldap.ou', NULL, 'text', 4);
INSERT INTO `system_parameter` VALUES ('ldap.password', NULL, 'password', 3);
INSERT INTO `system_parameter` VALUES ('ldap.url', NULL, 'text', 1);
INSERT INTO `system_parameter` VALUES ('oidc.authEndpoint', NULL, 'text', 1);
INSERT INTO `system_parameter` VALUES ('oidc.tokenEndpoint', NULL, 'text', 2);
INSERT INTO `system_parameter` VALUES ('oidc.userinfoEndpoint', NULL, 'text', 3);
INSERT INTO `system_parameter` VALUES ('oidc.logoutEndpoint', NULL, 'text', 4);
INSERT INTO `system_parameter` VALUES ('oidc.clientId', NULL, 'text', 5);
INSERT INTO `system_parameter` VALUES ('oidc.secret', NULL, 'password', 6);
INSERT INTO `system_parameter` VALUES ('oidc.scope', NULL, 'text', 7);
INSERT INTO `system_parameter` VALUES ('oidc.redirectUrl', NULL, 'text', 8);
INSERT INTO `system_parameter` VALUES ('oidc.open', NULL, 'text', 9);
COMMIT;
ALTER TABLE `sys_user` ADD COLUMN `sub` varchar(255) COMMENT 'oidc用户ID' AFTER `from`;

3
frontend/src/settings.js
View File

@ -3,6 +3,9 @@ module.exports = {
RefreshTokenKey: 'refreshauthorization',
LinkTokenKey: 'LINK-PWD-TOKEN',
title: 'DataEase',
/* for sso */
IdTokenKey: 'IdToken',
AccessTokenKey: 'AccessToken',
/**
* @type {boolean} true | false

10
frontend/src/utils/auth.js
View File

@ -3,8 +3,16 @@ import Config from '@/settings'
const TokenKey = Config.TokenKey
const IdTokenKey = Config.IdTokenKey
const AccessTokenKey = Config.AccessTokenKey
const linkTokenKey = Config.LinkTokenKey
export function getIdToken() {
return Cookies.get(IdTokenKey)
}
export function getToken() {
return Cookies.get(TokenKey)
}
@ -14,6 +22,8 @@ export function setToken(token) {
}
export function removeToken() {
Cookies.remove(IdTokenKey)
Cookies.remove(AccessTokenKey)
return Cookies.remove(TokenKey)
}

6
frontend/src/utils/request.js
View File

@ -2,7 +2,7 @@ import axios from 'axios'
// import { MessageBox, Message } from 'element-ui'
import store from '@/store'
import { $alert, $error } from './message'
import { getToken } from '@/utils/auth'
import { getToken, getIdToken } from '@/utils/auth'
import Config from '@/settings'
import i18n from '@/lang'
import { tryShowLoading, tryHideLoading } from './loading'
@ -23,6 +23,10 @@ const service = axios.create({
service.interceptors.request.use(
config => {
// do something before request is sent
const idToken = getIdToken()
if (idToken) {
config.headers[Config.IdTokenKey] = idToken
}
if (store.getters.token) {
// let each request carry token