add basic Authorization support

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/pom.xml

@@ -60,6 +60,19 @@
             <optional>true</optional>
         </dependency>
 
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-basic</artifactId>
+            <version>${project.version}</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <optional>true</optional>
+        </dependency>
+
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
@@ -72,13 +85,6 @@
             <scope>test</scope>
         </dependency>
 
-        <dependency>
-            <groupId>org.hswebframework.web</groupId>
-            <artifactId>hsweb-authorization-basic</artifactId>
-            <version>${project.version}</version>
-            <scope>test</scope>
-        </dependency>
-
         <dependency>
             <groupId>org.hswebframework.web</groupId>
             <artifactId>hsweb-spring-boot-starter</artifactId>
@@ -93,11 +99,5 @@
             <scope>test</scope>
         </dependency>
 
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>servlet-api</artifactId>
-            <version>2.5</version>
-            <scope>test</scope>
-        </dependency>
     </dependencies>
 </project>

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/AuthorizationAutoConfiguration.java

@@ -21,6 +21,8 @@ package org.hswebframework.web.authorization.starter;
 import org.hswebframework.web.authorization.AuthenticationInitializeService;
 import org.hswebframework.web.authorization.AuthenticationManager;
 import org.hswebframework.web.authorization.simple.DefaultAuthorizationAutoConfiguration;
+import org.hswebframework.web.authorization.token.UserTokenManager;
+import org.hswebframework.web.service.authorization.UserService;
 import org.hswebframework.web.service.authorization.simple.SimpleAuthenticationManager;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -45,8 +47,14 @@ public class AuthorizationAutoConfiguration {
     }
 
     @Bean
-    @ConditionalOnProperty(prefix = "hsweb.authorize",name = "sync",havingValue = "true")
-    public AutoSyncPermission autoSyncPermission(){
+    @ConditionalOnProperty(prefix = "hsweb.authorize", name = "sync", havingValue = "true")
+    public AutoSyncPermission autoSyncPermission() {
         return new AutoSyncPermission();
     }
+
+    @Bean
+    @ConditionalOnProperty(prefix = "hsweb.authorize", name = "basic-authorization", havingValue = "true")
+    public BasicAuthorizationTokenParser basicAuthorizationTokenParser(UserService userService, UserTokenManager tokenManager) {
+        return new BasicAuthorizationTokenParser(userService, tokenManager);
+    }
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/src/main/java/org/hswebframework/web/authorization/starter/BasicAuthorizationTokenParser.java

@@ -0,0 +1,88 @@
+package org.hswebframework.web.authorization.starter;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.binary.Base64;
+import org.hswebframework.web.authorization.basic.web.AuthorizedToken;
+import org.hswebframework.web.authorization.basic.web.ParsedToken;
+import org.hswebframework.web.authorization.basic.web.UserTokenParser;
+import org.hswebframework.web.authorization.token.UserToken;
+import org.hswebframework.web.authorization.token.UserTokenManager;
+import org.hswebframework.web.entity.authorization.UserEntity;
+import org.hswebframework.web.service.authorization.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class BasicAuthorizationTokenParser implements UserTokenParser {
+
+    private UserService userService;
+
+    private UserTokenManager userTokenManager;
+
+    public BasicAuthorizationTokenParser(UserService userService, UserTokenManager userTokenManager) {
+        this.userService = userService;
+        this.userTokenManager = userTokenManager;
+    }
+
+    @Override
+    public ParsedToken parseToken(HttpServletRequest request) {
+        String authorization = request.getHeader("Authorization");
+        if (authorization == null) {
+            return null;
+        }
+        if (authorization.contains(" ")) {
+            String[] info = authorization.split("[ ]");
+            if (info[0].equalsIgnoreCase("Basic")) {
+                authorization = info[1];
+            }
+        }
+        try {
+            String usernameAndPassword = new String(Base64.decodeBase64(authorization));
+            UserToken token = userTokenManager.getByToken(usernameAndPassword);
+            if (token != null && token.isEffective()) {
+                return new ParsedToken() {
+                    @Override
+                    public String getToken() {
+                        return usernameAndPassword;
+                    }
+
+                    @Override
+                    public String getType() {
+                        return "basic";
+                    }
+                };
+            }
+            if (usernameAndPassword.contains(":")) {
+                String[] arr = usernameAndPassword.split("[:]");
+                UserEntity user = userService.selectByUserNameAndPassword(arr[0], arr[1]);
+                if (user != null) {
+                    return new AuthorizedToken() {
+                        @Override
+                        public String getUserId() {
+                            return user.getId();
+                        }
+
+                        @Override
+                        public String getToken() {
+                            return usernameAndPassword;
+                        }
+
+                        @Override
+                        public String getType() {
+                            return "basic";
+                        }
+
+                        @Override
+                        public long getMaxInactiveInterval() {
+                            //10分钟有效期
+                            return 10_60_1000;
+                        }
+                    };
+                }
+            }
+        } catch (Exception e) {
+            return null;
+        }
+
+        return null;
+    }
+}