优化权限控制

hsweb-authorization/hsweb-authorization-api/pom.xml

@@ -16,6 +16,11 @@
             <artifactId>hsweb-boost-aop</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>com.alibaba</groupId>
             <artifactId>fastjson</artifactId>

hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/AuthorizationAutoConfiguration.java

@@ -1,10 +1,12 @@
 package org.hswebframework.web.authorization.simple;
 
+import org.hswebframework.web.authorization.Authentication;
 import org.hswebframework.web.authorization.builder.AuthenticationBuilderFactory;
 import org.hswebframework.web.authorization.builder.DataAccessConfigBuilderFactory;
 import org.hswebframework.web.authorization.simple.builder.DataAccessConfigConvert;
 import org.hswebframework.web.authorization.simple.builder.SimpleAuthenticationBuilderFactory;
 import org.hswebframework.web.authorization.simple.builder.SimpleDataAccessConfigBuilderFactory;
+import org.hswebframework.web.convert.CustomMessageConverter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.context.properties.ConfigurationProperties;
@@ -40,4 +42,21 @@ public class AuthorizationAutoConfiguration {
     public AuthenticationBuilderFactory authenticationBuilderFactory(DataAccessConfigBuilderFactory dataAccessConfigBuilderFactory) {
         return new SimpleAuthenticationBuilderFactory(dataAccessConfigBuilderFactory);
     }
+
+    @Bean
+    public CustomMessageConverter authenticationCustomMessageConverter(AuthenticationBuilderFactory factory) {
+        return new CustomMessageConverter() {
+            @Override
+            public boolean support(Class clazz) {
+                return clazz == Authentication.class;
+            }
+
+            @Override
+            public Object convert(Class clazz, byte[] message) {
+                String json = new String(message);
+
+                return factory.create().json(json).build();
+            }
+        };
+    }
 }

hsweb-authorization/hsweb-authorization-cloud/src/main/java/org/hswebframework/web/authorization/cloud/CloudAuthorizationAutoConfiguration.java

@@ -0,0 +1,12 @@
+package org.hswebframework.web.authorization.cloud;
+
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author zhouhao
+ * @since
+ */
+@Configuration
+public class CloudAuthorizationAutoConfiguration {
+
+}

hsweb-authorization/hsweb-authorization-cloud/src/main/java/org/hswebframework/web/authorization/cloud/feign/FeignAuthenticationManager.java

@@ -8,16 +8,13 @@ import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 
-/**
- * Created by zhouhao on 2017/10/10.
- */
 @FeignClient(name = "${hsweb.cloud.user-center.name:user-center}")
 public interface FeignAuthenticationManager extends AuthenticationManager {
     @Override
-    @RequestMapping(value = "/user-auth/{userId}",method = RequestMethod.GET)
-     Authentication getByUserId(@PathVariable("userId") String userId);
+    @RequestMapping(value = "/user-auth/{userId}", method = RequestMethod.GET)
+    Authentication getByUserId(@PathVariable("userId") String userId);
 
     @Override
-    @RequestMapping(value = "/user-auth",method = RequestMethod.PUT)
-     Authentication sync(Authentication authentication);
+    @RequestMapping(value = "/user-auth", method = RequestMethod.PUT)
+    Authentication sync(Authentication authentication);
 }

hsweb-authorization/hsweb-authorization-cloud/src/main/java/org/hswebframework/web/authorization/cloud/feign/FeignUserTokenManager.java

@@ -16,54 +16,54 @@ import java.util.List;
 public interface FeignUserTokenManager extends UserTokenManager {
 
     @Override
-    @RequestMapping(value = "/user-token/token/{token}",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/token/{token}",method = RequestMethod.GET)
     UserToken getByToken(@PathVariable("token") String token);
 
     @Override
-    @RequestMapping(value = "/user-token/user/{userId}",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/user/{userId}",method = RequestMethod.GET)
     List<UserToken> getByUserId(@PathVariable("userId") String userId);
 
     @Override
-    @RequestMapping(value = "/user-token/user/{userId}/logged",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/user/{userId}/logged",method = RequestMethod.GET)
     boolean userIsLoggedIn(@PathVariable("userId") String userId);
 
     @Override
-    @RequestMapping(value = "/user-token/token/{token}/logged",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/token/{token}/logged",method = RequestMethod.GET)
     boolean tokenIsLoggedIn(@PathVariable("token") String token);
 
     @Override
-    @RequestMapping(value = "/user-token/user/total",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/user/total",method = RequestMethod.GET)
     long totalUser();
 
     @Override
-    @RequestMapping(value = "/user-token/token/total",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/token/total",method = RequestMethod.GET)
     long totalToken();
 
     @Override
-    @RequestMapping(value = "/user-token",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token",method = RequestMethod.GET)
     List<UserToken> allLoggedUser();
 
     @Override
-    @RequestMapping(value = "/user-token/user/{userId}",method = RequestMethod.DELETE)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/user/{userId}",method = RequestMethod.DELETE)
     void signOutByUserId(@PathVariable("userId") String userId);
 
     @Override
-    @RequestMapping(value = "/user-token/token/{token}",method = RequestMethod.DELETE)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/token/{token}",method = RequestMethod.DELETE)
     void signOutByToken(@PathVariable("token") String token);
 
     @Override
-    @RequestMapping(value = "/user-token/user/{userId}/{state}",method = RequestMethod.PUT)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/user/{userId}/{state}",method = RequestMethod.PUT)
     void changeUserState(@PathVariable("userId") String userId, @PathVariable("state") TokenState state);
 
     @Override
-    @RequestMapping(value = "/user-token/token/{token}/{state}",method = RequestMethod.PUT)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/token/{token}/{state}",method = RequestMethod.PUT)
     void changeTokenState(@PathVariable("token") String token, @PathVariable("state") TokenState state);
 
     @Override
-    @RequestMapping(value = "/user-token/{token}/{userId}/{maxInactiveInterval}",method = RequestMethod.POST)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/{token}/{userId}/{maxInactiveInterval}",method = RequestMethod.POST)
     UserToken signIn(@PathVariable("token") String token, @PathVariable("userId") String userId, @PathVariable("maxInactiveInterval") long maxInactiveInterval);
 
     @Override
-    @RequestMapping(value = "/user-token/{token}/touch",method = RequestMethod.GET)
+    @RequestMapping(value = "${hsweb.cloud.user-center.prefix:/}user-token/{token}/touch",method = RequestMethod.GET)
     void touch(@PathVariable("token") String token);
 }

hsweb-authorization/hsweb-authorization-jwt/src/main/java/org/hswebframework/web/authorization/jwt/JwtTokenParser.java

@@ -2,6 +2,7 @@ package org.hswebframework.web.authorization.jwt;
 
 import com.alibaba.fastjson.JSON;
 import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
 import org.hswebframework.web.authorization.basic.web.ParsedToken;
 import org.hswebframework.web.authorization.basic.web.UserTokenParser;
@@ -47,6 +48,8 @@ public class JwtTokenParser implements UserTokenParser {
                     return null;
                 }
                 return JSON.parseObject(claims.getSubject(), DefaultAuthorizedToken.class);
+            } catch (ExpiredJwtException e) {
+                return null;
             } catch (Exception e) {
                 logger.error("parse token [{}] error", headerToken, e);
                 return null;

hsweb-core/src/main/java/org/hswebframework/web/convert/CustomMessageConverter.java

@@ -0,0 +1,11 @@
+package org.hswebframework.web.convert;
+
+/**
+ * @author zhouhao
+ * @since
+ */
+public interface CustomMessageConverter {
+    boolean support(Class clazz);
+
+    Object convert(Class clazz, byte[] message);
+}

hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/HswebAutoConfiguration.java

@@ -25,10 +25,9 @@ import com.alibaba.fastjson.parser.deserializer.JavaBeanDeserializer;
 import com.alibaba.fastjson.parser.deserializer.ObjectDeserializer;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import org.hswebframework.web.ThreadLocalUtils;
-import org.hswebframework.web.commons.entity.Entity;
 import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.commons.entity.factory.MapperEntityFactory;
-import org.hswebframework.web.commons.model.Model;
+import org.hswebframework.web.convert.CustomMessageConverter;
 import org.hswebframework.web.starter.convert.FastJsonGenericHttpMessageConverter;
 import org.hswebframework.web.starter.convert.FastJsonHttpMessageConverter;
 import org.hswebframework.web.starter.entity.EntityFactoryInitConfiguration;
@@ -77,19 +76,27 @@ public class HswebAutoConfiguration {
     @Autowired
     private EntityProperties entityProperties;
 
+    @Autowired(required = false)
+    private List<CustomMessageConverter> converters;
+
     @Bean
     @Primary
     @ConfigurationProperties(prefix = "fastjson")
-    public FastJsonHttpMessageConverter fastJsonHttpMessageConverter(@Autowired(required = false) EntityFactory entityFactory) {
+    public FastJsonHttpMessageConverter fastJsonHttpMessageConverter() {
         FastJsonHttpMessageConverter converter = new FastJsonHttpMessageConverter();
-        converter.setEntityFactory(entityFactory);
+        converter.setFeatures(
+                SerializerFeature.WriteNullListAsEmpty,
+                SerializerFeature.WriteNullNumberAsZero,
+                SerializerFeature.WriteNullBooleanAsFalse
+        );
+        converter.setConverters(converters);
         return converter;
     }
 
     @Bean
     @Primary
     @ConfigurationProperties(prefix = "fastjson")
-    public FastJsonGenericHttpMessageConverter fastJsonGenericHttpMessageConverter(@Autowired(required = false) EntityFactory entityFactory) {
+    public FastJsonGenericHttpMessageConverter fastJsonGenericHttpMessageConverter(EntityFactory entityFactory) {
         JSON.DEFAULT_PARSER_FEATURE |= Feature.DisableFieldSmartMatch.getMask();
         FastJsonGenericHttpMessageConverter converter = new FastJsonGenericHttpMessageConverter();
         converter.setFeatures(
@@ -97,7 +104,7 @@ public class HswebAutoConfiguration {
                 SerializerFeature.WriteNullNumberAsZero,
                 SerializerFeature.WriteNullBooleanAsFalse
         );
-        converter.setEntityFactory(entityFactory);
+        converter.setConverters(converters);
         ParserConfig.global = new ParserConfig() {
             @Override
             public ObjectDeserializer getDeserializer(Type type) {
@@ -113,7 +120,7 @@ public class HswebAutoConfiguration {
                     checkAutoType(type.getTypeName(), ((Class) type));
                     if (Modifier.isAbstract(classType.getModifiers()) || Modifier.isInterface(classType.getModifiers())) {
                         Class realType;
-                        if (entityFactory != null&& (realType=entityFactory.getInstanceType(classType))!=null) {
+                        if (entityFactory != null && (realType = entityFactory.getInstanceType(classType)) != null) {
                             return new JavaBeanDeserializer(this, realType, type);
                         }
                     } else {

hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/convert/FastJsonGenericHttpMessageConverter.java

@@ -9,11 +9,9 @@ import com.alibaba.fastjson.serializer.SerializeFilter;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.alibaba.fastjson.serializer.SimplePropertyPreFilter;
 import org.hswebframework.web.ThreadLocalUtils;
-import org.hswebframework.web.commons.entity.Entity;
-import org.hswebframework.web.commons.entity.factory.EntityFactory;
-import org.hswebframework.web.commons.model.Model;
 import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.utils.StringUtils;
+import org.hswebframework.web.convert.CustomMessageConverter;
 import org.springframework.core.Ordered;
 import org.springframework.http.HttpInputMessage;
 import org.springframework.http.HttpOutputMessage;
@@ -36,7 +34,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
-public class FastJsonGenericHttpMessageConverter extends AbstractGenericHttpMessageConverter<Object> implements Ordered{
+public class FastJsonGenericHttpMessageConverter extends AbstractGenericHttpMessageConverter<Object> implements Ordered {
 
     public final static Charset UTF8 = Charset.forName("UTF-8");
 
@@ -44,26 +42,22 @@ public class FastJsonGenericHttpMessageConverter extends AbstractGenericHttpMess
 
     private SerializerFeature[] features = new SerializerFeature[0];
 
-    private EntityFactory entityFactory;
+    private List<CustomMessageConverter> converters;
 
     public FastJsonGenericHttpMessageConverter() {
         super(new MediaType("application", "json", UTF8),
                 new MediaType("application", "*+json", UTF8));
     }
 
+    public void setConverters(List<CustomMessageConverter> converters) {
+        this.converters = converters;
+    }
+
     @Override
     public int getOrder() {
         return Ordered.HIGHEST_PRECEDENCE;
     }
 
-    public void setEntityFactory(EntityFactory entityFactory) {
-        this.entityFactory = entityFactory;
-    }
-
-    public EntityFactory getEntityFactory() {
-        return entityFactory;
-    }
-
     @Override
     protected boolean supports(Class<?> clazz) {
 
@@ -72,7 +66,7 @@ public class FastJsonGenericHttpMessageConverter extends AbstractGenericHttpMess
 
     @Override
     public boolean canRead(Type type, Class<?> contextClass, MediaType mediaType) {
-        return  type instanceof ParameterizedType&& super.canRead(type, contextClass, mediaType);
+        return type instanceof ParameterizedType && super.canRead(type, contextClass, mediaType);
     }
 
     @Override
@@ -103,14 +97,18 @@ public class FastJsonGenericHttpMessageConverter extends AbstractGenericHttpMess
 
     public Object readByBytes(Type type, byte[] bytes) {
         if (type == String.class) return new String(bytes, charset);
-//        if (type instanceof Class) {
-//            Class typeClass = ((Class) type);
-//            if (entityFactory != null && (Entity.class.isAssignableFrom(typeClass) || Model.class.isAssignableFrom(typeClass))) {
-//                @SuppressWarnings("unchecked")
-//                Class tmp = entityFactory.getInstanceType(typeClass);
-//                if (tmp != null) type = tmp;
-//            }
-//        }
+        if (type instanceof Class) {
+            Class clazz = ((Class) type);
+            if (null != converters) {
+                CustomMessageConverter converter = converters.stream()
+                        .filter(cvt -> cvt.support(clazz))
+                        .findFirst()
+                        .orElse(null);
+                if (converter != null) {
+                    return converter.convert(clazz, bytes);
+                }
+            }
+        }
         return JSON.parseObject(bytes, 0, bytes.length, charset.newDecoder(), type);
     }
 

hsweb-starter/hsweb-spring-boot-starter/src/main/java/org/hswebframework/web/starter/convert/FastJsonHttpMessageConverter.java

@@ -9,13 +9,10 @@ import com.alibaba.fastjson.serializer.SerializeFilter;
 import com.alibaba.fastjson.serializer.SerializerFeature;
 import com.alibaba.fastjson.serializer.SimplePropertyPreFilter;
 import org.hswebframework.web.ThreadLocalUtils;
-import org.hswebframework.web.commons.entity.Entity;
-import org.hswebframework.web.commons.entity.factory.EntityFactory;
-import org.hswebframework.web.commons.model.Model;
 import org.hswebframework.web.controller.message.ResponseMessage;
 import org.hswebframework.utils.StringUtils;
+import org.hswebframework.web.convert.CustomMessageConverter;
 import org.springframework.core.Ordered;
-import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpInputMessage;
 import org.springframework.http.HttpOutputMessage;
 import org.springframework.http.MediaType;
@@ -27,8 +24,6 @@ import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.lang.reflect.Modifier;
-import java.lang.reflect.Type;
 import java.nio.charset.Charset;
 import java.util.ArrayList;
 import java.util.List;
@@ -43,19 +38,15 @@ public class FastJsonHttpMessageConverter extends AbstractHttpMessageConverter<O
 
     private SerializerFeature[] features = new SerializerFeature[0];
 
-    private EntityFactory entityFactory;
+    private List<CustomMessageConverter> converters;
 
     public FastJsonHttpMessageConverter() {
         super(new MediaType("application", "json", UTF8),
                 new MediaType("application", "*+json", UTF8));
     }
 
-    public void setEntityFactory(EntityFactory entityFactory) {
-        this.entityFactory = entityFactory;
-    }
-
-    public EntityFactory getEntityFactory() {
-        return entityFactory;
+    public void setConverters(List<CustomMessageConverter> converters) {
+        this.converters = converters;
     }
 
     @Override
@@ -89,12 +80,15 @@ public class FastJsonHttpMessageConverter extends AbstractHttpMessageConverter<O
     }
 
     public Object readByBytes(Class<?> clazz, byte[] bytes) {
-//        if (clazz == String.class) return new String(bytes, charset);
-//        if (entityFactory != null && (Entity.class.isAssignableFrom(clazz) || Model.class.isAssignableFrom(clazz))) {
-//            @SuppressWarnings("unchecked")
-//            Class tmp = entityFactory.getInstanceType(clazz);
-//            if (tmp != null) clazz = tmp;
-//        }
+        if (null != converters) {
+            CustomMessageConverter converter = converters.stream()
+                    .filter(cvt -> cvt.support(clazz))
+                    .findFirst()
+                    .orElse(null);
+            if (converter != null) {
+                return converter.convert(clazz, bytes);
+            }
+        }
         return JSON.parseObject(bytes, 0, bytes.length, charset.newDecoder(), clazz);
     }