gitee
/
eiam
mirror of https://gitee.com/topiam/eiam
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

合并同步服务到控制台模块

pull/63/MERGE
awenes 2023-10-01 21:35:23 +08:00
parent e54dcd408d
commit 396c18a656
87 changed files with 174 additions and 966 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
eiam-alert/pom.xml
View File

@ -1,34 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
eiam-alert - Employee Identity and Access Management
Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>cn.topiam</groupId>
<artifactId>eiam</artifactId>
<version>1.0.2-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>eiam-alert</artifactId>
<packaging>pom</packaging>
</project>

6
eiam-common/src/main/java/cn/topiam/employee/common/constant/SecurityConstants.java
View File

@ -24,10 +24,8 @@ package cn.topiam.employee.common.constant;
* Created by support@topiam.cn on 2020/7/26 21:07
*/
public final class SecurityConstants {
/**
* CODE
*
*/
public static final String PASSWORD_POLICY_CODE = "default";
public static String DEFAULT_ADMIN_USERNAME = "admin";
}

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/constants/SynchronizerConstants.java → eiam-common/src/main/java/cn/topiam/employee/common/constant/SynchronizerConstants.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-common - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.constants;
package cn.topiam.employee.common.constant;
import cn.topiam.employee.support.constant.EiamConstants;

7
eiam-common/src/main/java/cn/topiam/employee/common/repository/setting/AdministratorRepository.java
View File

@ -63,7 +63,7 @@ public interface AdministratorRepository extends LogicDeleteRepository<Administr
*/
@NotNull
@Cacheable
@Query(value = "SELECT * FROM administrator WHERE id_ = :id", nativeQuery = true)
@Query(value = "SELECT AdministratorEntity FROM AdministratorEntity WHERE id = :id")
Optional<AdministratorEntity> findByIdContainsDeleted(@NotNull @Param(value = "id") Long id);
/**
@ -89,7 +89,6 @@ public interface AdministratorRepository extends LogicDeleteRepository<Administr
*
* @param entity must not be {@literal null}.
* @return {@link AdministratorEntity}
* @param <S>
*/
@Override
@CacheEvict(allEntries = true)
@ -128,7 +127,7 @@ public interface AdministratorRepository extends LogicDeleteRepository<Administr
@Transactional(rollbackFor = Exception.class)
@Modifying
@CacheEvict(allEntries = true)
@Query(value = "update administrator set status_ = ?2 where id_ = ?1", nativeQuery = true)
@Query(value = "update AdministratorEntity set status = :status where id = :id")
void updateStatus(@Param(value = "id") String id, @Param(value = "status") String status);
/**
@ -140,7 +139,7 @@ public interface AdministratorRepository extends LogicDeleteRepository<Administr
@Transactional(rollbackFor = Exception.class)
@Modifying
@CacheEvict(allEntries = true)
@Query(value = "update administrator set password_ = ?2 where id_ = ?1", nativeQuery = true)
@Query(value = "update AdministratorEntity set password = :password where id = :id")
void updatePassword(@Param(value = "id") String id, @Param(value = "password") String password);
/**

2
eiam-console/src/main/java/cn/topiam/employee/EiamConsoleApplication.java
View File

@ -28,7 +28,7 @@ import org.springframework.boot.web.servlet.ServletComponentScan;
* Created by support@topiam.cn on 2020/7/9
*/
@ServletComponentScan
@SpringBootApplication(scanBasePackages = { "cn.topiam.employee" })
@SpringBootApplication
public class EiamConsoleApplication {
public static void main(String[] args) {
SpringApplication.run(EiamConsoleApplication.class, args);

31
eiam-console/src/main/java/cn/topiam/employee/console/access/DefaultAdministratorConstants.java
View File

@ -1,31 +0,0 @@
/*
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.access;
/**
*
* @author TopIAM
* Created by support@topiam.cn on 2023/5/24 23:16
*/
public interface DefaultAdministratorConstants {
/**
*
*/
String DEFAULT_ADMIN_USERNAME = "admin";
}

10
eiam-console/src/main/java/cn/topiam/employee/console/configuration/ConsoleSecurityConfiguration.java
View File

@ -59,11 +59,11 @@ import cn.topiam.employee.common.repository.account.UserElasticSearchRepository;
import cn.topiam.employee.common.repository.account.UserRepository;
import cn.topiam.employee.common.repository.setting.AdministratorRepository;
import cn.topiam.employee.common.repository.setting.SettingRepository;
import cn.topiam.employee.console.handler.*;
import cn.topiam.employee.console.listener.ConsoleAuthenticationFailureEventListener;
import cn.topiam.employee.console.listener.ConsoleAuthenticationSuccessEventListener;
import cn.topiam.employee.console.listener.ConsoleLogoutSuccessEventListener;
import cn.topiam.employee.console.listener.ConsoleSessionInformationExpiredStrategy;
import cn.topiam.employee.console.security.handler.*;
import cn.topiam.employee.console.security.listener.ConsoleAuthenticationFailureEventListener;
import cn.topiam.employee.console.security.listener.ConsoleAuthenticationSuccessEventListener;
import cn.topiam.employee.console.security.listener.ConsoleLogoutSuccessEventListener;
import cn.topiam.employee.console.security.listener.ConsoleSessionInformationExpiredStrategy;
import cn.topiam.employee.core.dynamic.UserSyncTask;
import cn.topiam.employee.core.security.form.FormLoginSecretFilter;
import cn.topiam.employee.support.autoconfiguration.SupportProperties;

4
eiam-console/src/main/java/cn/topiam/employee/console/converter/setting/AdministratorConverter.java
View File

@ -100,7 +100,7 @@ public interface AdministratorConverter {
* @param page {@link AdministratorEntity}
* @return {@link AdministratorListResult}
*/
@Mapping(target = "initialized", expression = "java(page.getUsername().equals(cn.topiam.employee.console.access.DefaultAdministratorConstants.DEFAULT_ADMIN_USERNAME))")
@Mapping(target = "initialized", expression = "java(page.getUsername().equals(cn.topiam.employee.common.constant.SecurityConstants.DEFAULT_ADMIN_USERNAME))")
@Mapping(target = "status", source = "status.code")
@Mapping(target = "emailVerified", source = "emailVerified", defaultValue = "false")
@Mapping(target = "authTotal", source = "authTotal", defaultValue = "0L")
@ -195,7 +195,7 @@ public interface AdministratorConverter {
* @return {@link AdministratorResult}
*/
@Mapping(target = "status", source = "status.code")
@Mapping(target = "initialized", expression = "java(user.getUsername().equals(cn.topiam.employee.console.access.DefaultAdministratorConstants.DEFAULT_ADMIN_USERNAME))")
@Mapping(target = "initialized", expression = "java(user.getUsername().equals(cn.topiam.employee.common.constant.SecurityConstants.DEFAULT_ADMIN_USERNAME))")
AdministratorResult entityConvertToAdministratorDetailsResult(AdministratorEntity user);
/**

14
eiam-console/src/main/java/cn/topiam/employee/console/initialize/DefaultAdministratorInitialize.java → eiam-console/src/main/java/cn/topiam/employee/console/initializer/DefaultAdministratorInitializer.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.initialize;
package cn.topiam.employee.console.initializer;
import java.io.BufferedWriter;
import java.io.File;
@ -42,7 +42,7 @@ import cn.topiam.employee.common.entity.setting.AdministratorEntity;
import cn.topiam.employee.common.enums.UserStatus;
import cn.topiam.employee.common.repository.setting.AdministratorRepository;
import cn.topiam.employee.support.trace.TraceUtils;
import static cn.topiam.employee.console.access.DefaultAdministratorConstants.DEFAULT_ADMIN_USERNAME;
import static cn.topiam.employee.common.constant.SecurityConstants.DEFAULT_ADMIN_USERNAME;
import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
import static cn.topiam.employee.support.util.CreateFileUtil.createFile;
@ -54,10 +54,10 @@ import static cn.topiam.employee.support.util.CreateFileUtil.createFile;
*/
@Order(2)
@Component
public class DefaultAdministratorInitialize implements ApplicationListener<ContextRefreshedEvent> {
public class DefaultAdministratorInitializer implements ApplicationListener<ContextRefreshedEvent> {
private final Logger logger = LoggerFactory
.getLogger(DefaultAdministratorInitialize.class);
.getLogger(DefaultAdministratorInitializer.class);
private static final String DIR_NAME = ".topiam";
private static final String USER_HOME = "user.home";
@ -158,9 +158,9 @@ public class DefaultAdministratorInitialize implements ApplicationListener<Conte
private final RedissonClient redissonClient;
public DefaultAdministratorInitialize(AdministratorRepository administratorRepository,
PasswordEncoder passwordEncoder,
RedissonClient redissonClient) {
public DefaultAdministratorInitializer(AdministratorRepository administratorRepository,
PasswordEncoder passwordEncoder,
RedissonClient redissonClient) {
this.administratorRepository = administratorRepository;
this.passwordEncoder = passwordEncoder;
this.redissonClient = redissonClient;

8
eiam-console/src/main/java/cn/topiam/employee/console/initialize/DefaultAppGroupInitialize.java → eiam-console/src/main/java/cn/topiam/employee/console/initializer/DefaultAppGroupInitializer.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.initialize;
package cn.topiam.employee.console.initializer;
import java.util.Arrays;
import java.util.Optional;
@ -47,7 +47,7 @@ import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
*/
@Order(2)
@Component
public class DefaultAppGroupInitialize implements ApplicationListener<ContextRefreshedEvent> {
public class DefaultAppGroupInitializer implements ApplicationListener<ContextRefreshedEvent> {
@Override
@Transactional(rollbackFor = Exception.class)
@ -94,8 +94,8 @@ public class DefaultAppGroupInitialize implements ApplicationListener<ContextRef
private final RedissonClient redissonClient;
public DefaultAppGroupInitialize(AppGroupRepository appGroupRepository,
RedissonClient redissonClient) {
public DefaultAppGroupInitializer(AppGroupRepository appGroupRepository,
RedissonClient redissonClient) {
this.appGroupRepository = appGroupRepository;
this.redissonClient = redissonClient;
}

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/ConsoleAccessDeniedHandler.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/ConsoleAccessDeniedHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;
import java.io.IOException;

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/ConsoleAuthenticationEntryPoint.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/ConsoleAuthenticationEntryPoint.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;
import java.io.IOException;

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/ConsoleAuthenticationFailureHandler.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/ConsoleAuthenticationFailureHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/ConsoleAuthenticationSuccessHandler.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/ConsoleAuthenticationSuccessHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;
import java.util.List;

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/ConsoleLogoutSuccessHandler.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/ConsoleLogoutSuccessHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

2
eiam-console/src/main/java/cn/topiam/employee/console/handler/package-info.java → eiam-console/src/main/java/cn/topiam/employee/console/security/handler/package-info.java
View File

@ -21,4 +21,4 @@
* @author TopIAM
* Created by support@topiam.cn on 2020/10/29 23:12
*/
package cn.topiam.employee.console.handler;
package cn.topiam.employee.console.security.handler;

2
eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAuthenticationFailureEventListener.java → eiam-console/src/main/java/cn/topiam/employee/console/security/listener/ConsoleAuthenticationFailureEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.listener;
package cn.topiam.employee.console.security.listener;
import java.util.Optional;

2
eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleAuthenticationSuccessEventListener.java → eiam-console/src/main/java/cn/topiam/employee/console/security/listener/ConsoleAuthenticationSuccessEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.listener;
package cn.topiam.employee.console.security.listener;
import org.springframework.context.ApplicationListener;
import org.springframework.lang.NonNull;

2
eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleLogoutSuccessEventListener.java → eiam-console/src/main/java/cn/topiam/employee/console/security/listener/ConsoleLogoutSuccessEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.listener;
package cn.topiam.employee.console.security.listener;
import java.util.List;

2
eiam-console/src/main/java/cn/topiam/employee/console/listener/ConsoleSessionInformationExpiredStrategy.java → eiam-console/src/main/java/cn/topiam/employee/console/security/listener/ConsoleSessionInformationExpiredStrategy.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.listener;
package cn.topiam.employee.console.security.listener;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.session.SessionInformationExpiredEvent;

2
eiam-console/src/main/java/cn/topiam/employee/console/constant/package-info.java → eiam-console/src/main/java/cn/topiam/employee/console/security/listener/package-info.java
View File

@ -15,4 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.constant;
package cn.topiam.employee.console.security.listener;

2
eiam-console/src/main/java/cn/topiam/employee/console/listener/package-info.java → eiam-console/src/main/java/cn/topiam/employee/console/security/package-info.java
View File

@ -15,4 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.listener;
package cn.topiam.employee.console.security;

2
eiam-console/src/main/java/cn/topiam/employee/console/service/setting/impl/AdministratorServiceImpl.java
View File

@ -65,7 +65,7 @@ import cn.topiam.employee.support.util.PhoneNumberUtils;
import cn.topiam.employee.support.validation.annotation.ValidationPhone;
import lombok.extern.slf4j.Slf4j;
import static cn.topiam.employee.console.access.DefaultAdministratorConstants.DEFAULT_ADMIN_USERNAME;
import static cn.topiam.employee.common.constant.SecurityConstants.DEFAULT_ADMIN_USERNAME;
import static cn.topiam.employee.support.util.PhoneNumberUtils.getPhoneNumber;
/**

28
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/configuration/IdentitySourceBeanRegistry.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/configuration/IdentitySourceBeanRegistry.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.configuration;
package cn.topiam.employee.console.synchronizer.configuration;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
@ -47,6 +47,7 @@ import cn.topiam.employee.common.entity.identitysource.IdentitySourceEntity;
import cn.topiam.employee.common.enums.TriggerType;
import cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider;
import cn.topiam.employee.common.repository.identitysource.IdentitySourceRepository;
import cn.topiam.employee.console.synchronizer.task.IdentitySourceSyncTask;
import cn.topiam.employee.identitysource.core.IdentitySource;
import cn.topiam.employee.identitysource.core.IdentitySourceConfig;
import cn.topiam.employee.identitysource.core.client.IdentitySourceClient;
@ -64,14 +65,12 @@ import cn.topiam.employee.identitysource.feishu.client.FeiShuClient;
import cn.topiam.employee.identitysource.wechatwork.WeChatWorkConfig;
import cn.topiam.employee.identitysource.wechatwork.WeChatWorkIdentitySource;
import cn.topiam.employee.identitysource.wechatwork.client.WeChatWorkClient;
import cn.topiam.employee.support.scheduler.SpringSchedulerRegistrar;
import cn.topiam.employee.support.scheduler.SpringSchedulerRegister;
import cn.topiam.employee.support.trace.TraceUtils;
import cn.topiam.employee.synchronizer.task.IdentitySourceSyncTask;
import lombok.extern.slf4j.Slf4j;
import static cn.topiam.employee.common.enums.identitysource.IdentitySourceProvider.DINGTALK;
import static cn.topiam.employee.support.lock.LockAspect.getTopiamLockKeyPrefix;
import static cn.topiam.employee.synchronizer.configuration.IdentitySourceBeanUtils.getSourceBeanName;
/**
* Bean
@ -124,7 +123,8 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
.getBeanFactory();
//如果已经存在,销毁
try {
if (ObjectUtils.isNotEmpty(beanFactory.getBean(getSourceBeanName(id)))) {
if (ObjectUtils
.isNotEmpty(beanFactory.getBean(IdentitySourceBeanUtils.getSourceBeanName(id)))) {
destroyIdentitySourceBean(id, applicationContext);
}
} catch (NoSuchBeanDefinitionException ignored) {
@ -200,7 +200,7 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
//设置为 RefreshScope
definitionBuilder.setScope("refresh");
return new BeanDefinitionHolder(definitionBuilder.getBeanDefinition(),
getSourceBeanName(entity.getId().toString()));
IdentitySourceBeanUtils.getSourceBeanName(entity.getId().toString()));
}
/**
@ -213,7 +213,7 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
ApplicationContext applicationContext) {
BeanDefinitionRegistry beanDefinitionRegistry = (BeanDefinitionRegistry) ((ConfigurableApplicationContext) applicationContext)
.getBeanFactory();
String beanName = getSourceBeanName(id);
String beanName = IdentitySourceBeanUtils.getSourceBeanName(id);
try {
beanDefinitionRegistry.removeBeanDefinition(beanName);
} catch (NoSuchBeanDefinitionException ignored) {
@ -229,11 +229,11 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
public static void registerIdentitySourceSyncTask(IdentitySourceEntity entity,
ApplicationContext applicationContext) {
String id = entity.getId().toString();
String beanName = getSourceBeanName(id);
String beanName = IdentitySourceBeanUtils.getSourceBeanName(id);
IdentitySource<? extends IdentitySourceConfig> identitySource = (IdentitySource<? extends IdentitySourceConfig>) applicationContext
.getBean(beanName);
SpringSchedulerRegistrar schedulerRegistrarHelp = applicationContext
.getBean(SpringSchedulerRegistrar.class);
SpringSchedulerRegister schedulerRegistrarHelp = applicationContext
.getBean(SpringSchedulerRegister.class);
RedissonClient redissonClient = applicationContext.getBean(RedissonClient.class);
//注册定时任务
String cronExpression = entity.getJobConfig().getCronExpression(CronType.SPRING);
@ -252,8 +252,8 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
*/
public static void destroyIdentitySourceSyncTask(String id,
ApplicationContext applicationContext) {
SpringSchedulerRegistrar schedulerRegistrarHelp = applicationContext
.getBean(SpringSchedulerRegistrar.class);
SpringSchedulerRegister schedulerRegistrarHelp = applicationContext
.getBean(SpringSchedulerRegister.class);
schedulerRegistrarHelp.removeCronTask(id);
}
@ -304,7 +304,7 @@ public class IdentitySourceBeanRegistry implements IdentitySourceEventListener {
@Override
public void sync(String id) {
IdentitySource<? extends IdentitySourceConfig> identitySource = (IdentitySource<? extends IdentitySourceConfig>) applicationContext
.getBean(getSourceBeanName(id));
.getBean(IdentitySourceBeanUtils.getSourceBeanName(id));
RedissonClient redissonClient = applicationContext.getBean(RedissonClient.class);
StopWatch stopWatch = new StopWatch();
stopWatch.start();

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/configuration/IdentitySourceBeanUtils.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/configuration/IdentitySourceBeanUtils.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.configuration;
package cn.topiam.employee.console.synchronizer.configuration;
import org.apache.commons.codec.digest.DigestUtils;

18
eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/configuration/package-info.java Normal file
View File

@ -0,0 +1,18 @@
/*
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.synchronizer.configuration;

8
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/endpoint/IdentitySourceEventReceiveEndpoint.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/endpoint/IdentitySourceEventReceiveEndpoint.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.endpoint;
package cn.topiam.employee.console.synchronizer.endpoint;
import java.util.Optional;
@ -28,15 +28,15 @@ import org.springframework.web.bind.annotation.RestController;
import cn.topiam.employee.common.entity.identitysource.IdentitySourceEntity;
import cn.topiam.employee.common.repository.identitysource.IdentitySourceRepository;
import cn.topiam.employee.console.synchronizer.configuration.IdentitySourceBeanUtils;
import cn.topiam.employee.identitysource.core.IdentitySource;
import cn.topiam.employee.identitysource.core.IdentitySourceConfig;
import cn.topiam.employee.support.trace.Trace;
import cn.topiam.employee.synchronizer.configuration.IdentitySourceBeanUtils;
import lombok.extern.slf4j.Slf4j;
import jakarta.servlet.http.HttpServletRequest;
import static cn.topiam.employee.synchronizer.constants.SynchronizerConstants.EVENT_RECEIVE_PATH;
import static cn.topiam.employee.common.constant.SynchronizerConstants.EVENT_RECEIVE_PATH;
/**
*

18
eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/endpoint/package-info.java Normal file
View File

@ -0,0 +1,18 @@
/*
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console.synchronizer.endpoint;

2
eiam-console/src/main/java/cn/topiam/employee/console/package-info.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/package-info.java
View File

@ -15,4 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.console;
package cn.topiam.employee.console.synchronizer;

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/processor/AbstractIdentitySourcePostProcessor.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/processor/AbstractIdentitySourcePostProcessor.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.processor;
package cn.topiam.employee.console.synchronizer.processor;
import java.io.InputStream;
import java.net.URL;

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/processor/DefaultIdentitySourceDeptPostProcessor.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/processor/DefaultIdentitySourceDeptPostProcessor.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.processor;
package cn.topiam.employee.console.synchronizer.processor;
import java.io.Serial;
import java.io.Serializable;

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/processor/DefaultIdentitySourceEventPostProcessor.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/processor/DefaultIdentitySourceEventPostProcessor.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.processor;
package cn.topiam.employee.console.synchronizer.processor;
import java.time.LocalDateTime;
import java.util.*;

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/processor/DefaultIdentitySourceUserPostProcessor.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/processor/DefaultIdentitySourceUserPostProcessor.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.processor;
package cn.topiam.employee.console.synchronizer.processor;
import java.io.Serial;
import java.io.Serializable;

4
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/task/IdentitySourceSyncTask.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/task/IdentitySourceSyncTask.java
View File

@ -1,5 +1,5 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.task;
package cn.topiam.employee.console.synchronizer.task;
import java.util.concurrent.TimeUnit;

2
eiam-console/src/main/test/java/cn/topiam/employee/package-info.java → eiam-console/src/main/java/cn/topiam/employee/console/synchronizer/task/package-info.java
View File

@ -15,4 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee;
package cn.topiam.employee.console.synchronizer.task;

50
eiam-console/src/main/test/java/cn/topiam/employee/GeoLocationServiceTest.java
View File

@ -1,50 +0,0 @@
/*
* eiam-console - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee;
import cn.topiam.employee.support.geo.GeoLocation;
import cn.topiam.employee.support.geo.GeoLocationService;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit.jupiter.SpringExtension;
@ExtendWith(SpringExtension.class)
@SpringBootTest
public class GeoLocationServiceTest {
private final Logger logger= LoggerFactory.getLogger(GeoLocationServiceTest.class);
@Test
public void getGeoLocation() throws JsonProcessingException {
GeoLocation geoLocation = geoLocationService.getGeoLocation("119.163.76.166");
logger.info("Test 119.163.76.166 GeoLocation : {}", objectMapper.writerWithDefaultPrettyPrinter().writeValueAsString(geoLocation));
}
@Autowired
private ObjectMapper objectMapper;
@Autowired
private GeoLocationService geoLocationService;
}

143
eiam-core/src/main/test/schema/FormSchemaTests.java
View File

@ -1,143 +0,0 @@
/*
* eiam-core - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package schema;
import cn.topiam.employee.common.schema.FormSchema;
import cn.topiam.employee.common.schema.field.*;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.HashMap;
import java.util.concurrent.ConcurrentMap;
/**
* FormSchemaTests
*
* @author TopIAM
* Created by support@topiam.cn on 2023/4/12 21:17
*/
public class FormSchemaTests {
private final Logger logger= LoggerFactory.getLogger(FormSchemaTests.class);
@Test
public void test() throws JsonProcessingException {
//@formatter:off
// Input
Input input = (Input) new Input("输入框")
.addRule(new Field.Rule().required(true).min(2).max(20).type("string"))
.setPlaceholder(Lists.newArrayList("请输入")).setDisabled(false);
//数字输入
NumberInput numberInput = new NumberInput("数字");
//文本区域
TextArea textArea = new TextArea("文本区域");
// Select
ConcurrentMap<String, Object> selectProps = Maps.newConcurrentMap();
selectProps.put("allowClear", "true");
Select select = (Select) new Select("下拉单选",
Lists.newArrayList(
new Option("选项A", "A"),
new Option("选项B", "B"),
new Option("选项C", "C")))
.addRule(new Field.Rule().required(true).message("请选择一个选项"))
.setPlaceholder(Lists.newArrayList("请选择一个选项"))
.addProps(selectProps);
//多选Select
MultiSelect multiSelect = (MultiSelect) new MultiSelect("下拉多选",
Lists.newArrayList(
new Option("选项A", "A"),
new Option("选项B", "B"),
new Option("选项C", "C")))
.addRule(new Field.Rule().required(true).message("请选择一个选项"))
.setPlaceholder(Lists.newArrayList("请选择一个选项"))
.addProps(selectProps);
//Switch
Switch aswitch = new Switch("开关");
//Radio
Radio radio = (Radio) new Radio("单选框",
Lists.newArrayList(
new Option("选项A", "A"),
new Option("选项B", "B"),
new Option("选项C", "C")))
.setRules(Lists.newArrayList(new Field.Rule().required(true).message("请选择一个选项")));
//多选框
Checkboxes checkBoxes = new Checkboxes("多选框", Lists.newArrayList(
new Option("选项A", "A"),
new Option("选项B", "B"),
new Option("选项C", "C")));
//单选框
Checkbox checkBox = new Checkbox("单选框");
//年
Year year = new Year("年");
//季度
Quarter quarter = new Quarter("季度");
//月份
Month month = new Month("月份");
//周选择
Week week = new Week("周");
//日期
Date date = new Date("日期");
//日期时间
DateTime dateTime = new DateTime("日期时间");
ObjectMapper objectMapper = new ObjectMapper();
objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
//FormSchema
FormSchema formSchema = new FormSchema();
formSchema.setType("object");
HashMap<String, Object> map = new HashMap<>(16);
map.put("input", input);
map.put("number", numberInput);
map.put("textarea", textArea);
map.put("select", select);
map.put("multiselect", multiSelect);
map.put("radio", radio);
map.put("switch", aswitch);
map.put("checkbox", checkBox);
map.put("checkboxes", checkBoxes);
map.put("year", year);
map.put("month", month);
map.put("quarter", quarter);
map.put("week", week);
map.put("date", date);
map.put("date_time", dateTime);
formSchema.setProperties(map);
String schema = objectMapper.writerWithDefaultPrettyPrinter()
.writeValueAsString(formSchema);
logger.info("JSON Schema: \n{}",schema);
}
}

13
eiam-openapi/src/main/java/cn/topiam/employee/EiamOpenApiApplication.java
View File

@ -20,13 +20,6 @@ package cn.topiam.employee;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.FilterType;
import cn.topiam.employee.audit.controller.AuditController;
import cn.topiam.employee.common.exception.handler.GlobalExceptionHandler;
import cn.topiam.employee.common.storage.controller.StorageFileResource;
import cn.topiam.employee.core.configuration.EiamApiConfiguration;
/**
*
@ -35,11 +28,7 @@ import cn.topiam.employee.core.configuration.EiamApiConfiguration;
* Created by support@topiam.cn on 2020/7/9
*/
@ServletComponentScan
@SpringBootApplication(scanBasePackages = { "cn.topiam.employee" })
@ComponentScan(excludeFilters = { @ComponentScan.Filter(type = FilterType.ASSIGNABLE_TYPE, value = { EiamApiConfiguration.class,
StorageFileResource.class,
AuditController.class,
GlobalExceptionHandler.class }) })
@SpringBootApplication
public class EiamOpenApiApplication {
public static void main(String[] args) {
SpringApplication.run(EiamOpenApiApplication.class, args);

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/authorization/AccessTokenAuthenticationEntryPoint.java
View File

@ -25,7 +25,7 @@ import org.springframework.security.core.AuthenticationException;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import cn.topiam.employee.support.security.web.AbstractAuthenticationEntryPoint;
import cn.topiam.employee.support.util.HttpResponseUtils;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/authorization/AccessTokenAuthenticationProvider.java
View File

@ -30,7 +30,7 @@ import org.springframework.util.Assert;
import com.alibaba.fastjson2.JSONObject;
import cn.topiam.employee.openapi.authorization.store.AccessTokenStore;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
/**
*

8
eiam-openapi/src/main/java/cn/topiam/employee/openapi/authorization/AuthorizationEndpoint.java
View File

@ -35,13 +35,13 @@ import com.alibaba.fastjson2.JSONObject;
import cn.topiam.employee.common.entity.app.AppEntity;
import cn.topiam.employee.common.repository.app.AppRepository;
import cn.topiam.employee.openapi.authorization.store.AccessTokenStore;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.openapi.constants.OpenApiStatus.*;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.ACCESS_TOKEN_EXPIRES_IN;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.AUTH_PATH;
import static cn.topiam.employee.openapi.constant.OpenApiStatus.*;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.ACCESS_TOKEN_EXPIRES_IN;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.AUTH_PATH;
/**
* access_token

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/common/OpenApiResponse.java
View File

@ -19,7 +19,7 @@ package cn.topiam.employee.openapi.common;
import com.fasterxml.jackson.annotation.JsonProperty;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import cn.topiam.employee.support.trace.TraceUtils;
import lombok.Data;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/configuration/OpenApiConfiguration.java
View File

@ -28,7 +28,7 @@ import cn.topiam.employee.support.util.AppVersionUtils;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Contact;
import io.swagger.v3.oas.models.info.Info;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.*;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.*;
/**
* OpenAPI

4
eiam-openapi/src/main/java/cn/topiam/employee/openapi/configuration/OpenApiSecurityConfiguration.java
View File

@ -35,8 +35,8 @@ import cn.topiam.employee.openapi.authorization.AccessTokenAuthenticationProvide
import cn.topiam.employee.openapi.authorization.store.AccessTokenStore;
import cn.topiam.employee.openapi.authorization.store.RedisAccessTokenStore;
import static cn.topiam.employee.common.constant.ConfigBeanNameConstants.DEFAULT_SECURITY_FILTER_CHAIN;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.AUTH_PATH;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.OPEN_API_V1_PATH;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.AUTH_PATH;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.OPEN_API_V1_PATH;
/**
* ConsoleSecurityConfiguration

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/constants/OpenApiStatus.java → eiam-openapi/src/main/java/cn/topiam/employee/openapi/constant/OpenApiStatus.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.constants;
package cn.topiam.employee.openapi.constant;
import cn.topiam.employee.support.enums.BaseEnum;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/constants/OpenApiV1Constants.java → eiam-openapi/src/main/java/cn/topiam/employee/openapi/constant/OpenApiV1Constants.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.constants;
package cn.topiam.employee.openapi.constant;
import static cn.topiam.employee.support.constant.EiamConstants.V1_API_PATH;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/constants/package-info.java → eiam-openapi/src/main/java/cn/topiam/employee/openapi/constant/package-info.java
View File

@ -15,4 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.openapi.constants;
package cn.topiam.employee.openapi.constant;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/account/OrganizationController.java
View File

@ -38,7 +38,7 @@ import lombok.RequiredArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.ORGANIZATION_PATH;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.ORGANIZATION_PATH;
/**
* -

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/endpoint/account/UserController.java
View File

@ -40,7 +40,7 @@ import lombok.AllArgsConstructor;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.tags.Tag;
import static cn.topiam.employee.openapi.constants.OpenApiV1Constants.USER_PATH;
import static cn.topiam.employee.openapi.constant.OpenApiV1Constants.USER_PATH;
/**
* -

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/exception/OpenApiException.java
View File

@ -17,7 +17,7 @@
*/
package cn.topiam.employee.openapi.exception;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
/**
* OpenApiException

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/exception/handler/GlobalExceptionHandler.java
View File

@ -22,7 +22,7 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.servlet.ModelAndView;
import cn.topiam.employee.openapi.common.OpenApiResponse;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import cn.topiam.employee.openapi.exception.OpenApiException;
import lombok.AllArgsConstructor;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/account/impl/OrganizationServiceImpl.java
View File

@ -43,7 +43,7 @@ import cn.topiam.employee.common.repository.account.OrganizationMemberRepository
import cn.topiam.employee.common.repository.account.OrganizationRepository;
import cn.topiam.employee.core.mq.UserMessagePublisher;
import cn.topiam.employee.core.mq.UserMessageTag;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import cn.topiam.employee.openapi.converter.account.OrganizationConverter;
import cn.topiam.employee.openapi.exception.OpenApiException;
import cn.topiam.employee.openapi.pojo.result.account.OrganizationChildResult;

2
eiam-openapi/src/main/java/cn/topiam/employee/openapi/service/account/impl/UserServiceImpl.java
View File

@ -50,7 +50,7 @@ import cn.topiam.employee.core.message.mail.MailMsgEventPublish;
import cn.topiam.employee.core.message.sms.SmsMsgEventPublish;
import cn.topiam.employee.core.mq.UserMessagePublisher;
import cn.topiam.employee.core.mq.UserMessageTag;
import cn.topiam.employee.openapi.constants.OpenApiStatus;
import cn.topiam.employee.openapi.constant.OpenApiStatus;
import cn.topiam.employee.openapi.converter.account.UserConverter;
import cn.topiam.employee.openapi.exception.OpenApiException;
import cn.topiam.employee.openapi.pojo.result.account.UserListResult;

2
eiam-portal/src/main/java/cn/topiam/employee/EiamPortalApplication.java
View File

@ -29,7 +29,7 @@ import org.springframework.boot.web.servlet.ServletComponentScan;
*/
@ServletComponentScan
@SpringBootApplication(scanBasePackages = { "cn.topiam.employee" })
@SpringBootApplication
public class EiamPortalApplication {
public static void main(String[] args) {

8
eiam-portal/src/main/java/cn/topiam/employee/portal/configuration/security/AbstractSecurityConfiguration.java
View File

@ -44,10 +44,10 @@ import cn.topiam.employee.common.entity.setting.SettingEntity;
import cn.topiam.employee.common.repository.setting.SettingRepository;
import cn.topiam.employee.core.setting.constant.SecuritySettingConstants;
import cn.topiam.employee.portal.authentication.AuthenticationTrustResolverImpl;
import cn.topiam.employee.portal.handler.PortalAccessDeniedHandler;
import cn.topiam.employee.portal.handler.PortalAuthenticationEntryPoint;
import cn.topiam.employee.portal.handler.PortalLogoutSuccessHandler;
import cn.topiam.employee.portal.listener.PortalSessionInformationExpiredStrategy;
import cn.topiam.employee.portal.security.handler.PortalAccessDeniedHandler;
import cn.topiam.employee.portal.security.handler.PortalAuthenticationEntryPoint;
import cn.topiam.employee.portal.security.handler.PortalLogoutSuccessHandler;
import cn.topiam.employee.portal.security.listener.PortalSessionInformationExpiredStrategy;
import cn.topiam.employee.support.redis.KeyStringRedisSerializer;
import cn.topiam.employee.support.security.csrf.SpaCsrfTokenRequestHandler;
import static org.springframework.security.web.header.writers.XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK;

10
eiam-portal/src/main/java/cn/topiam/employee/portal/configuration/security/PortalSecurityConfiguration.java
View File

@ -78,11 +78,11 @@ import cn.topiam.employee.core.security.password.task.impl.PasswordExpireLockTas
import cn.topiam.employee.core.security.password.task.impl.PasswordExpireWarnTask;
import cn.topiam.employee.core.security.task.UserExpireLockTask;
import cn.topiam.employee.core.security.task.UserUnlockTask;
import cn.topiam.employee.portal.handler.PortalAuthenticationFailureHandler;
import cn.topiam.employee.portal.handler.PortalAuthenticationSuccessHandler;
import cn.topiam.employee.portal.listener.PortalAuthenticationFailureEventListener;
import cn.topiam.employee.portal.listener.PortalAuthenticationSuccessEventListener;
import cn.topiam.employee.portal.listener.PortalLogoutSuccessEventListener;
import cn.topiam.employee.portal.security.handler.PortalAuthenticationFailureHandler;
import cn.topiam.employee.portal.security.handler.PortalAuthenticationSuccessHandler;
import cn.topiam.employee.portal.security.listener.PortalAuthenticationFailureEventListener;
import cn.topiam.employee.portal.security.listener.PortalAuthenticationSuccessEventListener;
import cn.topiam.employee.portal.security.listener.PortalLogoutSuccessEventListener;
import cn.topiam.employee.support.autoconfiguration.SupportProperties;
import cn.topiam.employee.support.geo.GeoLocationService;
import cn.topiam.employee.support.jackjson.SupportJackson2Module;

24
eiam-portal/src/main/java/cn/topiam/employee/portal/package-info.java
View File

@ -1,24 +0,0 @@
/*
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* portal
*
* @author TopIAM
* Created by support@topiam.cn on 2021/7/13 21:34
*/
package cn.topiam.employee.portal;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/PortalAccessDeniedHandler.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/PortalAccessDeniedHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;
import java.io.IOException;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/PortalAuthenticationEntryPoint.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/PortalAuthenticationEntryPoint.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;
import java.io.IOException;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/PortalAuthenticationFailureHandler.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/PortalAuthenticationFailureHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;
import java.io.IOException;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/PortalAuthenticationSuccessHandler.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/PortalAuthenticationSuccessHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;
import java.io.IOException;
import java.util.List;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/PortalLogoutSuccessHandler.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/PortalLogoutSuccessHandler.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;
import java.io.IOException;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/handler/package-info.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/handler/package-info.java
View File

@ -21,4 +21,4 @@
* @author TopIAM
* Created by support@topiam.cn on 2020/10/29 23:12
*/
package cn.topiam.employee.portal.handler;
package cn.topiam.employee.portal.security.handler;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/listener/PortalAuthenticationFailureEventListener.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/listener/PortalAuthenticationFailureEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.listener;
package cn.topiam.employee.portal.security.listener;
import java.time.LocalDateTime;
import java.util.Objects;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/listener/PortalAuthenticationSuccessEventListener.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/listener/PortalAuthenticationSuccessEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.listener;
package cn.topiam.employee.portal.security.listener;
import org.springframework.context.ApplicationListener;
import org.springframework.lang.NonNull;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/listener/PortalLogoutSuccessEventListener.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/listener/PortalLogoutSuccessEventListener.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.listener;
package cn.topiam.employee.portal.security.listener;
import java.util.List;

2
eiam-portal/src/main/java/cn/topiam/employee/portal/listener/PortalSessionInformationExpiredStrategy.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/listener/PortalSessionInformationExpiredStrategy.java
View File

@ -15,7 +15,7 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.listener;
package cn.topiam.employee.portal.security.listener;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.session.SessionInformationExpiredEvent;

3
eiam-core/src/main/test/package-info.java → eiam-portal/src/main/java/cn/topiam/employee/portal/security/package-info.java
View File

@ -1,5 +1,5 @@
/*
* eiam-core - Employee Identity and Access Management
* eiam-portal - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
@ -15,3 +15,4 @@
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.portal.security;

5
eiam-protocol/eiam-protocol-form/src/main/java/cn/topiam/employee/protocol/form/context/FormAuthorizationServerContextFilter.java
View File

@ -39,6 +39,7 @@ import cn.topiam.employee.application.exception.AppNotExistException;
import cn.topiam.employee.application.form.FormApplicationService;
import cn.topiam.employee.application.form.model.FormProtocolConfig;
import cn.topiam.employee.support.util.IpUtils;
import cn.topiam.employee.support.web.servlet.RepeatedlyRequestWrapper;
import lombok.Getter;
@ -82,12 +83,12 @@ public final class FormAuthorizationServerContextFilter extends OncePerRequestFi
filterChain.doFilter(request, response);
return;
}
try {
//@formatter:off
Map<String, String> variables = matcher.getVariables();
String appCode = variables.get(APP_CODE);
if (this.logger.isTraceEnabled()) {
String body = IOUtils.toString(request.getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " ");
String logs = "\n" +
"┣ " + SEPARATE + "\n" +
"┣ App: " + appCode + "\n" +
@ -95,7 +96,7 @@ public final class FormAuthorizationServerContextFilter extends OncePerRequestFi
"┣ Request ip: " + IpUtils.getIpAddr(request) + "\n" +
"┣ Request headers: " + JSONObject.toJSONString(getRequestHeaders(request)) + "\n" +
"┣ Request parameters: " + JSONObject.toJSONString(request.getParameterMap()) + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(body, "-") + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(IOUtils.toString(new RepeatedlyRequestWrapper(request, response).getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " "), "-") + "\n" +
"┣ " + SEPARATE;
logger.trace(logs);
}

9
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/JwtLogoutAuthenticationProvider.java
View File

@ -35,10 +35,11 @@ public final class JwtLogoutAuthenticationProvider implements AuthenticationProv
JwtLogoutAuthenticationToken logoutAuthenticationToken = (JwtLogoutAuthenticationToken) authentication;
SessionInformation sessionInformation = sessionRegistry
.getSessionInformation(logoutAuthenticationToken.getSessionId());
if (sessionInformation.isExpired()) {
}
return null;
// if (StringUtils.hasText(logoutAuthenticationToken.getPostLogoutRedirectUri()) &&
// !registeredClient.getPostLogoutRedirectUris().contains(logoutAuthenticationToken.getPostLogoutRedirectUri())) {
// throwError(new JwtError(JwtErrorCodes.INVALID_REQUEST, "post_logout_redirect_uri"));
// }
return logoutAuthenticationToken;
}
@Override

10
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/authentication/JwtLogoutAuthenticationToken.java
View File

@ -37,10 +37,14 @@ public class JwtLogoutAuthenticationToken extends AbstractAuthenticationToken {
@Getter
private final String sessionId;
public JwtLogoutAuthenticationToken(Authentication principal, String sessionId) {
private final String postLogoutRedirectUri;
public JwtLogoutAuthenticationToken(Authentication principal, String sessionId,
String postLogoutRedirectUri) {
super(new ArrayList<>());
this.principal = principal;
this.sessionId = sessionId;
this.postLogoutRedirectUri = postLogoutRedirectUri;
}
/**
@ -82,4 +86,8 @@ public class JwtLogoutAuthenticationToken extends AbstractAuthenticationToken {
return !AnonymousAuthenticationToken.class.isAssignableFrom(this.principal.getClass())
&& this.principal.isAuthenticated();
}
public String getPostLogoutRedirectUri() {
return postLogoutRedirectUri;
}
}

1
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/configurers/JwtLogoutAuthorizationEndpointConfigurer.java
View File

@ -55,6 +55,7 @@ public class JwtLogoutAuthorizationEndpointConfigurer extends AbstractConfigurer
@Override
public void init(HttpSecurity httpSecurity) {
requestMatcher = new OrRequestMatcher(
new AntPathRequestMatcher(JWT_SLO_PATH, HttpMethod.GET.name()),
new AntPathRequestMatcher(JWT_SLO_PATH, HttpMethod.POST.name()));
httpSecurity.authenticationProvider(
new JwtLogoutAuthenticationProvider(getSessionRegistry(httpSecurity)));

4
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/context/JwtAuthorizationServerContextFilter.java
View File

@ -39,6 +39,7 @@ import cn.topiam.employee.application.exception.AppNotExistException;
import cn.topiam.employee.application.jwt.JwtApplicationService;
import cn.topiam.employee.application.jwt.model.JwtProtocolConfig;
import cn.topiam.employee.support.util.IpUtils;
import cn.topiam.employee.support.web.servlet.RepeatedlyRequestWrapper;
import lombok.Getter;
@ -87,7 +88,6 @@ public final class JwtAuthorizationServerContextFilter extends OncePerRequestFil
Map<String, String> variables = matcher.getVariables();
String appCode = variables.get(APP_CODE);
if (this.logger.isTraceEnabled()) {
String body = IOUtils.toString(request.getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " ");
String logs = "\n" +
"┣ " + SEPARATE + "\n" +
"┣ App: " + appCode + "\n" +
@ -95,7 +95,7 @@ public final class JwtAuthorizationServerContextFilter extends OncePerRequestFil
"┣ Request ip: " + IpUtils.getIpAddr(request) + "\n" +
"┣ Request headers: " + JSONObject.toJSONString(getRequestHeaders(request)) + "\n" +
"┣ Request parameters: " + JSONObject.toJSONString(request.getParameterMap()) + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(body, "-") + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(IOUtils.toString(new RepeatedlyRequestWrapper(request, response).getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " "), "-") + "\n" +
"┣ " + SEPARATE;
logger.trace(logs);
}

24
eiam-protocol/eiam-protocol-jwt/src/main/java/cn/topiam/employee/protocol/jwt/endpoint/authentication/JwtLogoutAuthenticationConverter.java
View File

@ -21,17 +21,12 @@ import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.util.StringUtils;
import cn.topiam.employee.protocol.jwt.authentication.JwtLogoutAuthenticationToken;
import cn.topiam.employee.protocol.jwt.exception.JwtError;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import static cn.topiam.employee.protocol.jwt.constant.JwtProtocolConstants.S_ID;
import static cn.topiam.employee.protocol.jwt.endpoint.JwtAuthenticationEndpointUtils.throwError;
/**
*
@ -44,26 +39,13 @@ public final class JwtLogoutAuthenticationConverter implements AuthenticationCon
@Override
public Authentication convert(HttpServletRequest request) {
if (request.getParameterValues(S_ID).length != 1) {
throwError(new JwtError(OAuth2ErrorCodes.INVALID_REQUEST,
"JWT Logout Request Parameter: " + S_ID));
}
String sessionId = request.getParameter(S_ID);
if (!StringUtils.hasText(sessionId)) {
HttpSession session = request.getSession(false);
if (session != null) {
sessionId = session.getId();
}
}
HttpSession session = request.getSession(false);
String sessionId = session.getId();
Authentication principal = SecurityContextHolder.getContext().getAuthentication();
if (principal == null) {
principal = ANONYMOUS_AUTHENTICATION;
}
return new JwtLogoutAuthenticationToken(principal, sessionId);
return new JwtLogoutAuthenticationToken(principal, sessionId, "");
}
}

4
eiam-protocol/eiam-protocol-oidc/src/main/java/cn/topiam/eiam/protocol/oidc/context/OidcAuthorizationServerContextFilter.java
View File

@ -43,6 +43,7 @@ import cn.topiam.employee.application.oidc.model.OidcProtocolConfig;
import cn.topiam.employee.core.help.ServerHelp;
import cn.topiam.employee.support.util.HttpUrlUtils;
import cn.topiam.employee.support.util.IpUtils;
import cn.topiam.employee.support.web.servlet.RepeatedlyRequestWrapper;
import lombok.Getter;
@ -94,7 +95,6 @@ public final class OidcAuthorizationServerContextFilter extends OncePerRequestFi
Map<String, String> variables = matcher.getVariables();
String appCode = variables.get(APP_CODE);
if (this.logger.isTraceEnabled()) {
String body = IOUtils.toString(request.getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " ");
String logs = "\n" +
"┣ " + SEPARATE + "\n" +
"┣ App: " + appCode + "\n" +
@ -102,7 +102,7 @@ public final class OidcAuthorizationServerContextFilter extends OncePerRequestFi
"┣ Request ip: " + IpUtils.getIpAddr(request) + "\n" +
"┣ Request headers: " + JSONObject.toJSONString(getRequestHeaders(request)) + "\n" +
"┣ Request parameters: " + JSONObject.toJSONString(request.getParameterMap()) + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(body, "-") + "\n" +
"┣ Request payload: " + StringUtils.defaultIfBlank(IOUtils.toString(new RepeatedlyRequestWrapper(request, response).getInputStream(),StandardCharsets.UTF_8).replaceAll("\\s+", " "), "-") + "\n" +
"┣ " + SEPARATE;
logger.trace(logs);
}

48
eiam-synchronizer/Dockerfile
View File

@ -1,48 +0,0 @@
#
# eiam-synchronizer - Employee Identity and Access Management
# Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
FROM azul/zulu-openjdk:17-jre as build
WORKDIR /workspace/app
ARG JAR_FILE=target/topiam-employee-synchronizer-*.jar
COPY ${JAR_FILE} target/application.jar
RUN java -Djarmode=layertools -jar target/application.jar extract --destination target/extracted
FROM azul/zulu-openjdk:17-jre
ARG EXTRACTED=/workspace/app/target/extracted
WORKDIR topiam
COPY --from=build ${EXTRACTED}/dependencies/ ./
COPY --from=build ${EXTRACTED}/spring-boot-loader/ ./
COPY --from=build ${EXTRACTED}/snapshot-dependencies/ ./
COPY --from=build ${EXTRACTED}/application/ ./
ENV TZ=Asia/Shanghai
RUN sed -i 's/archive.ubuntu.com/cn.archive.ubuntu.com/g' /etc/apt/sources.list \
&& apt-get update \
&& ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \
&& apt-get install tzdata \
&& apt-get clean \
&& apt-get autoclean \
&& apt-get autoremove \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
EXPOSE 1986
ENTRYPOINT ["java","-XX:TieredStopAtLevel=1","-Djava.security.egd=file:/dev/./urandom","-Dspring.main.lazy-initialization=false","org.springframework.boot.loader.JarLauncher"]

67
eiam-synchronizer/pom.xml
View File

@ -1,67 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
eiam-synchronizer - Employee Identity and Access Management
Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<groupId>cn.topiam</groupId>
<artifactId>eiam</artifactId>
<version>1.0.2-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>eiam-synchronizer</artifactId>
<packaging>jar</packaging>
<dependencies>
<!-- 身份源 -->
<dependency>
<groupId>cn.topiam</groupId>
<artifactId>eiam-identity-source-all</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>cn.topiam</groupId>
<artifactId>eiam-core</artifactId>
<version>${project.version}</version>
</dependency>
</dependencies>
<!-- build -->
<build>
<!--打包后名称-->
<finalName>topiam-employee-synchronizer-${project.version}</finalName>
<plugins>
<!--spring-boot-maven-plugin-->
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

38
eiam-synchronizer/src/main/java/cn/topiam/employee/EiamSynchronizerApplication.java
View File

@ -1,38 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.ServletComponentScan;
/**
*
*
* @author TopIAM
* Created by support@topiam.cn on 2020/7/9
*/
@ServletComponentScan
@SpringBootApplication(scanBasePackages = { "cn.topiam.employee" })
public class EiamSynchronizerApplication {
public static void main(String[] args) {
SpringApplication.run(EiamSynchronizerApplication.class, args);
}
}

36
eiam-synchronizer/src/main/java/cn/topiam/employee/ServletInitializer.java
View File

@ -1,36 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
/**
* servlet 3.0 +
*
* @author TopIAM
* Created by support@topiam.cn on 2020/7/9
*/
public class ServletInitializer extends SpringBootServletInitializer {
@Override
protected SpringApplicationBuilder configure(SpringApplicationBuilder application) {
return application.sources(EiamSynchronizerApplication.class);
}
}

64
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/configuration/SynchronizerSecurityConfiguration.java
View File

@ -1,64 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.configuration;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import static cn.topiam.employee.common.constant.ConfigBeanNameConstants.DEFAULT_SECURITY_FILTER_CHAIN;
import static cn.topiam.employee.synchronizer.constants.SynchronizerConstants.EVENT_RECEIVE_PATH;
import static cn.topiam.employee.synchronizer.constants.SynchronizerConstants.SYNCHRONIZER_PATH;
/**
* SynchronizerSecurityConfiguration
*
* @author TopIAM
* Created by support@topiam.cn on 2019/9/27 22:54
*/
@EnableMethodSecurity
@Configuration
public class SynchronizerSecurityConfiguration {
/**
* SecurityFilterChain
*
* @param http {@link HttpSecurity}
* @return {@link SecurityFilterChain}
* @throws Exception Exception
*/
@RefreshScope
@Bean(name = DEFAULT_SECURITY_FILTER_CHAIN)
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
// @formatter:off
http
//认证请求
.securityMatcher(SYNCHRONIZER_PATH+"/**")
.authorizeHttpRequests(registry -> registry.requestMatchers(new AntPathRequestMatcher(EVENT_RECEIVE_PATH+"/*")).permitAll().anyRequest().authenticated())
//csrf过滤器
.csrf(httpSecurityCsrfConfigurer -> httpSecurityCsrfConfigurer.ignoringRequestMatchers(new AntPathRequestMatcher(EVENT_RECEIVE_PATH+"/*")));
// @formatter:on
return http.build();
}
public SynchronizerSecurityConfiguration() {
}
}

18
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/configuration/package-info.java
View File

@ -1,18 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.configuration;

18
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/endpoint/package-info.java
View File

@ -1,18 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.endpoint;

18
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/mapper/package-info.java
View File

@ -1,18 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.mapper;

18
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/package-info.java
View File

@ -1,18 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer;

18
eiam-synchronizer/src/main/java/cn/topiam/employee/synchronizer/task/package-info.java
View File

@ -1,18 +0,0 @@
/*
* eiam-synchronizer - Employee Identity and Access Management
* Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package cn.topiam.employee.synchronizer.task;

181
eiam-synchronizer/src/main/resources/application.yml
View File

@ -1,181 +0,0 @@
#
# eiam-synchronizer - Employee Identity and Access Management
# Copyright © 2022-Present Jinan Yuanchuang Network Technology Co., Ltd. (support@topiam.cn)
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# spring
spring:
application:
name: TopIAM 企业数字身份管控平台同步器
jackson:
#日期格式化
date-format: "yyyy-MM-dd HH:mm:ss"
#设置空如何序列化
default-property-inclusion: NON_NULL
deserialization:
#允许对象忽略json中不存在的属性
fail_on_unknown_properties: false
parser:
#允许出现单引号
allow_single_quotes: true
#允许出现特殊字符和转义符
allow_unquoted_control_chars: true
serialization:
#忽略无法转换的对象
fail_on_empty_beans: false
#格式化输出
indent_output: true
mvc:
formcontent:
filter:
enabled: true
cache:
type: redis
redis:
key-prefix: 'topiam'
servlet:
multipart:
max-file-size: 50MB
max-request-size: 50MB
session:
redis:
namespace: ${spring.cache.redis.key-prefix}:session
flush-mode: immediate
repository-type: indexed
datasource:
type: com.zaxxer.hikari.HikariDataSource
driver-class-name: com.mysql.cj.jdbc.Driver
hikari:
auto-commit: true
connection-test-query: SELECT 1
connection-timeout: 30000
idle-timeout: 30000
max-lifetime: 1800000
maximum-pool-size: 15
minimum-idle: 5
pool-name: eiam
#elasticsearch
elasticsearch:
socket-timeout: 30000s
connection-timeout: 10000s
data:
jpa:
repositories:
bootstrap-mode: deferred
#reids
redis:
database: 9
lettuce:
pool:
max-idle: 7
min-idle: 2
max-active: 7
max-wait: -1ms
shutdown-timeout: 200ms
timeout: 5000ms
jpa:
hibernate:
ddl-auto: none
show-sql: true
properties:
hibernate:
show_sql: true
format_sql: true
use_sql_comments: true
jdbc:
batch_size: 500
batch_versioned_data: true
order_inserts: true
types:
print:
banner: false
main:
banner-mode: off
quartz:
#相关属性配置
properties:
org:
quartz:
scheduler:
instanceId: AUTO #默认主机名和时间戳生成实例ID,可以是任何字符串,但对于所有调度程序来说,必须是唯一的 对应 QRTZ_SCHEDULER_STATE INSTANCE_NAME字段
jobStore:
class: org.springframework.scheduling.quartz.LocalDataSourceJobStore #持久化配置
driverDelegateClass: org.quartz.impl.jdbcjobstore.StdJDBCDelegate #我们仅为数据库制作了特定于数据库的代理
tablePrefix: QRTZ_ #数据库表前缀
misfireThreshold: 60000 #在被认为“失火”之前调度程序将“容忍”一个Triggers将其下一个启动时间通过的毫秒数。默认值如果您在配置中未输入此属性为6000060秒
clusterCheckinInterval: 5000 #设置此实例“检入”*与群集的其他实例的频率(以毫秒为单位)。影响检测失败实例的速度。
isClustered: true #打开群集功能
acquireTriggersWithinLock: true
useProperties: false
threadPool:
class: org.springframework.scheduling.quartz.SimpleThreadPoolTaskExecutor
threadCount: 10
threadPriority: 5
threadsInheritContextClassLoaderOfInitializingThread: true
job-store-type: jdbc
# 程序结束时会等待quartz相关的内容结束
wait-for-jobs-to-complete-on-shutdown: true
# QuartzScheduler启动时更新己存在的Job,这样就不用每次修改targetObject后删除qrtz_job_details表对应记录
overwrite-existing-jobs: true
jdbc:
initialize-schema: never
#rabbitmq
rabbitmq:
template:
reply-timeout: 60000
#日志配置
logging:
config: classpath:config/logback-spring.xml
server:
port: 1986
shutdown: graceful
#开启压缩 提高响应速度 减少带宽压力
compression:
enabled: true
mime-types: text/html,text/xml,text/plain,text/css,application/javascript,application/json,image/svg+xml
min-response-size: 1024
servlet:
session:
cookie:
secure: true
same-site: none
name: topiam-employee-synchronizer-cookie
http-only: true
encoding:
charset: UTF-8
#错误处理
error:
include-stacktrace: always
include-exception: true
include-message: always
include-binding-errors: always
# undertow
undertow:
threads:
io: 32
worker: 256
buffer-size: 1024
# springdoc
springdoc:
swagger-ui:
csrf:
enabled: true
cookie-name: 'topiam-csrf-cookie'
header-name: 'topiam-csrf'
enabled: false
cache:
disabled: true
writer-with-default-pretty-printer: true

2
pom.xml
View File

@ -61,12 +61,10 @@
<module>eiam-protocol</module>
<module>eiam-console</module>
<module>eiam-portal</module>
<module>eiam-synchronizer</module>
<module>eiam-identity-source</module>
<module>eiam-openapi</module>
<module>eiam-authentication</module>
<module>eiam-audit</module>
<module>eiam-alert</module>
</modules>
<!--dependencies-->
<dependencies>