Merge pull request #41 from codingapi/3.x

3.x

Author: xlorne

README.md

@@ -18,7 +18,7 @@ v.3.x 为springboot 3.x版本,使用jdk17版本
 
 * springboot-starter | Springboot领域驱动框架
 * springboot-starter-data-fast | 快速数据呈现框架
-* springboot-starter-security-jwt | security&jwt权限框架
+* springboot-starter-security | security&jwt权限框架
 
 ## SpringBoot DDD Architecture | SpringBoot DDD 框架图
 
@@ -44,7 +44,7 @@ v.3.x 为springboot 3.x版本,使用jdk17版本
      <!-- security&jwt权限框架 -->
      <dependency>
         <groupId>com.codingapi.springboot</groupId>
-        <artifactId>springboot-starter-security-jwt</artifactId>
+        <artifactId>springboot-starter-security</artifactId>
         <version>${last.version}</version>
      </dependency>
      

docs/wiki/springboot-starter-security-jwt.md renamed to docs/wiki/springboot-starter-security.md

@@ -1,18 +1,28 @@
-springboot-starter-security-jwt 功能介绍
+springboot-starter-security 功能介绍
+
+支持无状态的JWT和有状态的redis两种不同的token机制
 
 配置文件,默认参数即说明
 ```properties
+# JWT开关
+codingapi.security.jwt.enable=true
 # JWT密钥 需大于32位的字符串
-codingapi.security.jwt-secret=codingapi.security.jwt.secretkey
+codingapi.security.jwt.secret-key=codingapi.security.jwt.secretkey
+
+# JWT 有效时间(毫秒) 15分钟有效期 1000*60*15=900000
+codingapi.security.jwt.valid-time=900000
+# JWT 更换令牌时间(毫秒) 10分钟后更换令牌 1000*60*10=600000
+codingapi.security.jwt.rest-time=600000
+
 # JWT AES密钥
 codingapi.security.ase-key=QUNEWCQlXiYqJCNYQ1phc0FDRFgkJV4mKiQjWENaYXM=
 # JWT AES IV
 codingapi.security.aes-iv=QUNYRkdIQEVEUyNYQ1phcw==
 
-# JWT 有效时间(毫秒) 15分钟有效期 1000*60*15=900000
-codingapi.security.jwt-time=900000
-# JWT 更换令牌时间(毫秒) 10分钟后更换令牌 1000*60*10=600000
-codingapi.security.jwt-rest-time=600000
+# Redis开关
+#codingapi.security.redis.enable=true
+#spring.data.redis.host=localhost
+#spring.data.redis.port=6379
 
 # Security 配置 请求权限拦截地址
 codingapi.security.authenticated-urls=/api/**

pom.xml

@@ -6,13 +6,13 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>3.1.8</version>
+        <version>3.2.4</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
 
     <groupId>com.codingapi.springboot</groupId>
     <artifactId>springboot-parent</artifactId>
-    <version>3.1.10</version>
+    <version>3.2.0</version>
 
     <url>https://github.com/codingapi/springboot-framewrok</url>
     <name>springboot-parent</name>
@@ -32,7 +32,7 @@
         <maven.gpg.plugin>3.1.0</maven.gpg.plugin>
         <codingapi.framework.version>${project.version}</codingapi.framework.version>
         <fastjson.version>2.0.42</fastjson.version>
-        <jsonwebtoken.jjwt.version>0.12.3</jsonwebtoken.jjwt.version>
+        <jsonwebtoken.jjwt.version>0.12.5</jsonwebtoken.jjwt.version>
         <commons-io.version>2.15.0</commons-io.version>
         <commons-dbutils.version>1.8.1</commons-dbutils.version>
         <commons-text.version>1.11.0</commons-text.version>
@@ -145,7 +145,7 @@
 
             <dependency>
                 <groupId>com.codingapi.springboot</groupId>
-                <artifactId>springboot-starter-security-jwt</artifactId>
+                <artifactId>springboot-starter-security</artifactId>
                 <version>${codingapi.framework.version}</version>
             </dependency>
 
@@ -251,7 +251,7 @@
             </activation>
             <modules>
                 <module>springboot-starter</module>
-                <module>springboot-starter-security-jwt</module>
+                <module>springboot-starter-security</module>
                 <module>springboot-starter-data-fast</module>
             </modules>
         </profile>
@@ -262,7 +262,7 @@
 
             <modules>
                 <module>springboot-starter</module>
-                <module>springboot-starter-security-jwt</module>
+                <module>springboot-starter-security</module>
                 <module>springboot-starter-data-fast</module>
             </modules>
 
@@ -311,7 +311,7 @@
 
             <modules>
                 <module>springboot-starter</module>
-                <module>springboot-starter-security-jwt</module>
+                <module>springboot-starter-security</module>
                 <module>springboot-starter-data-fast</module>
             </modules>
 

springboot-starter-data-fast/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>3.1.10</version>
+        <version>3.2.0</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

springboot-starter-security-jwt/src/main/resources/META-INF/spring.factories

@@ -6,13 +6,13 @@
     <parent>
         <artifactId>springboot-parent</artifactId>
         <groupId>com.codingapi.springboot</groupId>
-        <version>3.1.10</version>
+        <version>3.2.0</version>
     </parent>
 
-    <artifactId>springboot-starter-security-jwt</artifactId>
+    <artifactId>springboot-starter-security</artifactId>
 
-    <name>springboot-starter-security-jwt</name>
-    <description>springboot-starter-security-jwt project for Spring Boot</description>
+    <name>springboot-starter-security</name>
+    <description>springboot-starter-security project for Spring Boot</description>
 
     <properties>
         <java.version>17</java.version>
@@ -30,19 +30,28 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis</artifactId>
+            <scope>provided</scope>
+        </dependency>
+
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-api</artifactId>
+            <scope>provided</scope>
         </dependency>
 
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-impl</artifactId>
+            <scope>provided</scope>
         </dependency>
 
         <dependency>
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-jackson</artifactId>
+            <scope>provided</scope>
         </dependency>
 
         <dependency>

springboot-starter-security-jwt/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports

@@ -4,9 +4,9 @@
 import com.codingapi.springboot.security.controller.VersionController;
 import com.codingapi.springboot.security.dto.request.LoginRequest;
 import com.codingapi.springboot.security.filter.*;
-import com.codingapi.springboot.security.jwt.Jwt;
-import com.codingapi.springboot.security.jwt.Token;
-import com.codingapi.springboot.security.properties.SecurityJwtProperties;
+import com.codingapi.springboot.security.gateway.Token;
+import com.codingapi.springboot.security.gateway.TokenGateway;
+import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -16,8 +16,10 @@
 import org.springframework.core.env.Environment;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -60,23 +62,23 @@ public PasswordEncoder passwordEncoder() {
 
     @Bean
     @ConditionalOnMissingBean
-    public SecurityLoginHandler securityLoginHandler(){
-       return new SecurityLoginHandler() {
-           @Override
-           public void preHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler) throws Exception {
+    public SecurityLoginHandler securityLoginHandler() {
+        return new SecurityLoginHandler() {
+            @Override
+            public void preHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler) throws Exception {
 
-           }
+            }
 
-           @Override
-           public void postHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler, Token token) {
+            @Override
+            public void postHandle(HttpServletRequest request, HttpServletResponse response, LoginRequest handler, Token token) {
 
-           }
-       };
+            }
+        };
     }
 
     @Bean
     @ConditionalOnMissingBean
-    public AuthenticationTokenFilter authenticationTokenFilter(){
+    public AuthenticationTokenFilter authenticationTokenFilter() {
         return (request, response, chain) -> {
 
         };
@@ -85,22 +87,29 @@ public AuthenticationTokenFilter authenticationTokenFilter(){
 
     @Bean
     @ConditionalOnMissingBean
-    public SecurityFilterChain filterChain(HttpSecurity security, Jwt jwt,SecurityLoginHandler loginHandler,
-                                           SecurityJwtProperties properties,AuthenticationTokenFilter authenticationTokenFilter) throws Exception {
+    public SecurityFilterChain filterChain(HttpSecurity security, TokenGateway tokenGateway, SecurityLoginHandler loginHandler,
+                                           CodingApiSecurityProperties properties, AuthenticationTokenFilter authenticationTokenFilter) throws Exception {
         //disable basic auth
-        security.httpBasic().disable();
+        security.httpBasic(AbstractHttpConfigurer::disable);
 
         //before add addCorsMappings to enable cors.
-        security.cors();
-        if(properties.isDisableCsrf() ){
-            security.csrf().disable();
-        }
-        security.apply(new HttpSecurityConfigurer(jwt,loginHandler,properties,authenticationTokenFilter));
-        security
-                .exceptionHandling()
-                .authenticationEntryPoint(new MyUnAuthenticationEntryPoint())
-                .accessDeniedHandler(new MyAccessDeniedHandler())
-                .and()
+        security.cors(httpSecurityCorsConfigurer -> {
+            if (properties.isDisableCors()) {
+                httpSecurityCorsConfigurer.disable();
+            }
+        });
+
+        security.csrf(httpSecurityCsrfConfigurer -> {
+            if (properties.isDisableCsrf()) {
+                httpSecurityCsrfConfigurer.disable();
+            }
+        });
+
+
+        security.with(new HttpSecurityConfigurer(tokenGateway, loginHandler, properties, authenticationTokenFilter), Customizer.withDefaults());
+        security.exceptionHandling(httpSecurityExceptionHandlingConfigurer ->
+                        httpSecurityExceptionHandlingConfigurer.authenticationEntryPoint(new MyUnAuthenticationEntryPoint())
+                                .accessDeniedHandler(new MyAccessDeniedHandler()))
                 .authorizeHttpRequests(
                         registry -> {
                             registry.requestMatchers(properties.getIgnoreUrls()).permitAll()
@@ -109,15 +118,13 @@ public SecurityFilterChain filterChain(HttpSecurity security, Jwt jwt,SecurityLo
                         }
                 )
                 //default login url :/login
-                .formLogin()
-                .loginProcessingUrl(properties.getLoginProcessingUrl())
-                .permitAll()
-                .and()
+                .formLogin(httpSecurityFormLoginConfigurer ->
+                        httpSecurityFormLoginConfigurer.loginPage(properties.getLoginProcessingUrl())
+                )
                 //default logout url :/logout
-                .logout()
-                .logoutUrl(properties.getLogoutUrl())
-                .addLogoutHandler(new MyLogoutHandler())
-                .logoutSuccessHandler(new MyLogoutSuccessHandler());
+                .logout(httpSecurityLogoutConfigurer -> httpSecurityLogoutConfigurer.logoutUrl(properties.getLogoutUrl())
+                        .addLogoutHandler(new MyLogoutHandler())
+                        .logoutSuccessHandler(new MyLogoutSuccessHandler()));
 
         return security.build();
     }
@@ -135,18 +142,11 @@ public AuthenticationProvider authenticationProvider(UserDetailsService userDeta
 
 
     @Bean
-    @ConditionalOnMissingBean
-    public Jwt jwt(SecurityJwtProperties properties) {
-        return new Jwt(properties.getJwtSecretKey(), properties.getJwtTime(), properties.getJwtRestTime());
-    }
-
-
-    @Bean
-    public WebMvcConfigurer corsConfigurer(SecurityJwtProperties securityJwtProperties) {
+    public WebMvcConfigurer corsConfigurer(CodingApiSecurityProperties securityJwtProperties) {
         return new WebMvcConfigurer() {
             @Override
             public void addCorsMappings(CorsRegistry registry) {
-                if(securityJwtProperties.isDisableCors()) {
+                if (securityJwtProperties.isDisableCors()) {
                     registry.addMapping("/**")
                             .allowedHeaders("*")
                             .allowedMethods("*")
@@ -163,14 +163,14 @@ public void addCorsMappings(CorsRegistry registry) {
 
     @Bean
     @ConfigurationProperties(prefix = "codingapi.security")
-    public SecurityJwtProperties securityJwtProperties() {
-        return new SecurityJwtProperties();
+    public CodingApiSecurityProperties codingApiSecurityProperties() {
+        return new CodingApiSecurityProperties();
     }
 
 
     @Bean
     @ConditionalOnMissingBean
-    public VersionController versionController(Environment environment){
+    public VersionController versionController(Environment environment) {
         return new VersionController(environment);
     }
 

springboot-starter-security-jwt/pom.xml renamed to springboot-starter-security/pom.xml

@@ -4,26 +4,27 @@
 import com.codingapi.springboot.security.filter.MyAuthenticationFilter;
 import com.codingapi.springboot.security.filter.MyLoginFilter;
 import com.codingapi.springboot.security.filter.SecurityLoginHandler;
-import com.codingapi.springboot.security.jwt.Jwt;
-import com.codingapi.springboot.security.properties.SecurityJwtProperties;
+import com.codingapi.springboot.security.gateway.TokenGateway;
+import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
 import lombok.AllArgsConstructor;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.DefaultSecurityFilterChain;
 
 @AllArgsConstructor
-public class HttpSecurityConfigurer extends AbstractHttpConfigurer<HttpSecurityConfigurer, HttpSecurity> {
+public class HttpSecurityConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
 
-    private final Jwt jwt;
+    private final TokenGateway tokenGateway;
 
     private final SecurityLoginHandler securityLoginHandler;
-    private final SecurityJwtProperties securityJwtProperties;
+    private final CodingApiSecurityProperties securityJwtProperties;
     private final AuthenticationTokenFilter authenticationTokenFilter;
 
     @Override
     public void configure(HttpSecurity security) throws Exception {
         AuthenticationManager manager = security.getSharedObject(AuthenticationManager.class);
-        security.addFilter(new MyLoginFilter(manager, jwt,securityLoginHandler, securityJwtProperties));
-        security.addFilter(new MyAuthenticationFilter(manager,securityJwtProperties,jwt,authenticationTokenFilter));
+        security.addFilter(new MyLoginFilter(manager, tokenGateway,securityLoginHandler, securityJwtProperties));
+        security.addFilter(new MyAuthenticationFilter(manager, securityJwtProperties, tokenGateway, authenticationTokenFilter));
     }
 }

springboot-starter-security-jwt/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java renamed to springboot-starter-security/src/main/java/com/codingapi/springboot/security/AutoConfiguration.java

@@ -1,6 +1,6 @@
 package com.codingapi.springboot.security.configurer;
 
-import com.codingapi.springboot.security.properties.SecurityJwtProperties;
+import com.codingapi.springboot.security.properties.CodingApiSecurityProperties;
 import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
@@ -10,7 +10,7 @@
 @AllArgsConstructor
 public class WebSecurityConfigurer implements WebSecurityCustomizer {
 
-    private final SecurityJwtProperties securityJwtProperties;
+    private final CodingApiSecurityProperties securityJwtProperties;
 
     @Override
     public void customize(WebSecurity web) {