[ISSUE #3566] move the permission code of nacos-core module to nacos-auth module (#3593)

* move the permission code of nacos-core module to nacos-auth module.

* Fix some code style issues

* address server module auth package name change.

* test change

* Incorrect package name correction

address/src/main/java/com/alibaba/nacos/address/auth/AddressServerAuthManager.java

@@ -16,10 +16,10 @@
 
 package com.alibaba.nacos.address.auth;
 
-import com.alibaba.nacos.core.auth.AccessException;
+import com.alibaba.nacos.auth.AuthManager;
-import com.alibaba.nacos.core.auth.AuthManager;
+import com.alibaba.nacos.auth.exception.AccessException;
-import com.alibaba.nacos.core.auth.Permission;
+import com.alibaba.nacos.auth.model.Permission;
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.model.User;
 
 /**
  * Address server auth manager.

address/src/main/java/com/alibaba/nacos/address/configuration/AddressServerSpringConfiguration.java

@@ -17,7 +17,7 @@
 package com.alibaba.nacos.address.configuration;
 
 import com.alibaba.nacos.address.auth.AddressServerAuthManager;
-import com.alibaba.nacos.core.auth.AuthManager;
+import com.alibaba.nacos.auth.AuthManager;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;

auth/pom.xml

@@ -36,7 +36,21 @@
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>${project.groupId}</groupId>
+            <artifactId>nacos-common</artifactId>
+        </dependency>
     
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter</artifactId>
+            <optional>true</optional>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+        </dependency>
     </dependencies>
     
     <build>

auth/src/main/java/com/alibaba/nacos/auth/AuthManager.java

@@ -14,12 +14,17 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth;
+
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.model.User;
 
 /**
  * Access control entry. Can be extended by 3rd party implementations.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public interface AuthManager {

auth/src/main/java/com/alibaba/nacos/auth/annotation/Secured.java

@@ -14,8 +14,11 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.annotation;
 
+import com.alibaba.nacos.auth.common.ActionTypes;
+import com.alibaba.nacos.auth.parser.DefaultResourceParser;
+import com.alibaba.nacos.auth.parser.ResourceParser;
 import org.apache.commons.lang3.StringUtils;
 
 import java.lang.annotation.Retention;
@@ -25,6 +28,7 @@ import java.lang.annotation.RetentionPolicy;
  * Annotation indicating that the annotated request should be authorized.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 @Retention(RetentionPolicy.RUNTIME)

auth/src/main/java/com/alibaba/nacos/auth/common/ActionTypes.java

@@ -14,12 +14,13 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
 
 /**
  * Resource action type definitions.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public enum ActionTypes {

auth/src/main/java/com/alibaba/nacos/auth/common/AuthConfigs.java

@@ -14,18 +14,15 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
 
+import com.alibaba.nacos.auth.common.env.ReloadableConfigs;
 import com.alibaba.nacos.common.JustForTest;
-import com.alibaba.nacos.core.env.ReloadableConfigs;
 import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.stereotype.Component;
 
 import java.util.Objects;
 
@@ -33,9 +30,9 @@ import java.util.Objects;
  * Auth related configurations.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
-@Component
 @Configuration
 public class AuthConfigs {
     
@@ -107,21 +104,4 @@ public class AuthConfigs {
     public static void setCachingEnabled(boolean cachingEnabled) {
         AuthConfigs.cachingEnabled = cachingEnabled;
     }
-    
-    @Bean
-    public FilterRegistrationBean authFilterRegistration() {
-        FilterRegistrationBean<AuthFilter> registration = new FilterRegistrationBean<>();
-        registration.setFilter(authFilter());
-        registration.addUrlPatterns("/*");
-        registration.setName("authFilter");
-        registration.setOrder(6);
-        
-        return registration;
-    }
-    
-    @Bean
-    public AuthFilter authFilter() {
-        return new AuthFilter();
-    }
-    
 }

auth/src/main/java/com/alibaba/nacos/auth/common/AuthSystemTypes.java

@@ -14,12 +14,13 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.common;
 
 /**
  * Types of all auth implementations.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public enum AuthSystemTypes {

auth/src/main/java/com/alibaba/nacos/auth/common/env/ReloadableConfigs.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.env;
+package com.alibaba.nacos.auth.common.env;
 
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Value;
@@ -31,6 +31,7 @@ import java.util.Properties;
  * Reload application.properties.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 @Component

auth/src/main/java/com/alibaba/nacos/auth/exception/AccessException.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.exception;
 
 import com.alibaba.nacos.api.exception.NacosException;
 
@@ -22,6 +22,7 @@ import com.alibaba.nacos.api.exception.NacosException;
  * Exception to be thrown if authorization is failed.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public class AccessException extends NacosException {

auth/src/main/java/com/alibaba/nacos/auth/model/Permission.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
 
 import java.io.Serializable;
 
@@ -22,6 +22,7 @@ import java.io.Serializable;
  * Permission to auth.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public class Permission implements Serializable {

auth/src/main/java/com/alibaba/nacos/auth/model/Resource.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
 
 import java.io.Serializable;
 
@@ -22,6 +22,7 @@ import java.io.Serializable;
  * Resource used in authorization.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public class Resource implements Serializable {

auth/src/main/java/com/alibaba/nacos/auth/model/User.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.model;
 
 import java.io.Serializable;
 
@@ -22,6 +22,7 @@ import java.io.Serializable;
  * User information in authorization.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public class User implements Serializable {

auth/src/main/java/com/alibaba/nacos/auth/parser/DefaultResourceParser.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.parser;
 
 import org.apache.commons.lang3.StringUtils;
 
@@ -22,6 +22,7 @@ import org.apache.commons.lang3.StringUtils;
  * Default resource parser.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public class DefaultResourceParser implements ResourceParser {

auth/src/main/java/com/alibaba/nacos/auth/parser/ResourceParser.java

@@ -14,12 +14,13 @@
  * limitations under the License.
  */
 
-package com.alibaba.nacos.core.auth;
+package com.alibaba.nacos.auth.parser;
 
 /**
  * Resource parser.
  *
  * @author nkorange
+ * @author mai.jh
  * @since 1.2.0
  */
 public interface ResourceParser {

config/src/main/java/com/alibaba/nacos/config/server/auth/ConfigResourceParser.java

@@ -16,11 +16,10 @@
 
 package com.alibaba.nacos.config.server.auth;
 
-import com.alibaba.nacos.core.auth.Resource;
-import com.alibaba.nacos.core.auth.ResourceParser;
-
 import javax.servlet.http.HttpServletRequest;
 
+import com.alibaba.nacos.auth.model.Resource;
+import com.alibaba.nacos.auth.parser.ResourceParser;
 import org.apache.commons.lang3.StringUtils;
 
 /**

config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigController.java

@@ -17,6 +17,8 @@
 package com.alibaba.nacos.config.server.controller;
 
 import com.alibaba.nacos.api.exception.NacosException;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.common.utils.MapUtils;
 import com.alibaba.nacos.config.server.auth.ConfigResourceParser;
@@ -43,8 +45,6 @@ import com.alibaba.nacos.config.server.utils.ParamUtils;
 import com.alibaba.nacos.config.server.utils.RequestUtil;
 import com.alibaba.nacos.config.server.utils.TimeUtils;
 import com.alibaba.nacos.config.server.utils.ZipUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.utils.InetUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.time.DateFormatUtils;

config/src/main/java/com/alibaba/nacos/config/server/controller/ConfigOpsController.java

@@ -16,6 +16,8 @@
 
 package com.alibaba.nacos.config.server.controller;
 
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.common.model.RestResultUtils;
 import com.alibaba.nacos.common.utils.Objects;
@@ -29,8 +31,6 @@ import com.alibaba.nacos.config.server.service.repository.PersistService;
 import com.alibaba.nacos.config.server.service.repository.embedded.DatabaseOperate;
 import com.alibaba.nacos.config.server.utils.LogUtil;
 import com.alibaba.nacos.config.server.utils.PropertyUtil;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.utils.ApplicationUtils;
 import com.alibaba.nacos.core.utils.WebUtils;
 import org.apache.commons.lang3.StringUtils;

config/src/main/java/com/alibaba/nacos/config/server/utils/RequestUtil.java

@@ -16,7 +16,7 @@
 
 package com.alibaba.nacos.config.server.utils;
 
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.model.User;
 import org.apache.commons.lang3.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;

console/src/main/java/com/alibaba/nacos/console/controller/NamespaceController.java

@@ -16,14 +16,14 @@
 
 package com.alibaba.nacos.console.controller;
 
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.config.server.model.TenantInfo;
 import com.alibaba.nacos.config.server.service.repository.PersistService;
 import com.alibaba.nacos.console.model.Namespace;
 import com.alibaba.nacos.console.model.NamespaceAllInfo;
 import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.DeleteMapping;

console/src/main/java/com/alibaba/nacos/console/controller/PermissionController.java

@@ -16,11 +16,11 @@
 
 package com.alibaba.nacos.console.controller;
 
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
 import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.DeleteMapping;

console/src/main/java/com/alibaba/nacos/console/controller/RoleController.java

@@ -16,11 +16,11 @@
 
 package com.alibaba.nacos.console.controller;
 
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
 import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.DeleteMapping;

console/src/main/java/com/alibaba/nacos/console/controller/UserController.java

@@ -17,6 +17,11 @@
 package com.alibaba.nacos.console.controller;
 
 import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
+import com.alibaba.nacos.auth.exception.AccessException;
 import com.alibaba.nacos.common.model.RestResult;
 import com.alibaba.nacos.common.utils.JacksonUtils;
 import com.alibaba.nacos.config.server.auth.RoleInfo;
@@ -28,11 +33,6 @@ import com.alibaba.nacos.console.security.nacos.users.NacosUser;
 import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
 import com.alibaba.nacos.console.utils.JwtTokenUtils;
 import com.alibaba.nacos.console.utils.PasswordEncoderUtil;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.fasterxml.jackson.databind.node.ObjectNode;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;

console/src/main/java/com/alibaba/nacos/console/exception/ConsoleExceptionHandler.java

@@ -16,8 +16,8 @@
 
 package com.alibaba.nacos.console.exception;
 
+import com.alibaba.nacos.auth.exception.AccessException;
 import com.alibaba.nacos.common.utils.ExceptionUtil;
-import com.alibaba.nacos.core.auth.AccessException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;

console/src/main/java/com/alibaba/nacos/console/security/nacos/JwtTokenManager.java

@@ -16,7 +16,7 @@
 
 package com.alibaba.nacos.console.security.nacos;
 
-import com.alibaba.nacos.core.auth.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthConfigs;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;

console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthConfig.java

@@ -16,10 +16,10 @@
 
 package com.alibaba.nacos.console.security.nacos;
 
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
 import com.alibaba.nacos.console.filter.JwtAuthenticationTokenFilter;
 import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;

console/src/main/java/com/alibaba/nacos/console/security/nacos/NacosAuthManager.java

@@ -17,14 +17,14 @@
 package com.alibaba.nacos.console.security.nacos;
 
 import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.AuthManager;
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.model.User;
 import com.alibaba.nacos.config.server.auth.RoleInfo;
 import com.alibaba.nacos.config.server.utils.RequestUtil;
 import com.alibaba.nacos.console.security.nacos.roles.NacosRoleServiceImpl;
 import com.alibaba.nacos.console.security.nacos.users.NacosUser;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.AuthManager;
-import com.alibaba.nacos.core.auth.Permission;
-import com.alibaba.nacos.core.auth.User;
 import com.alibaba.nacos.core.utils.Loggers;
 import io.jsonwebtoken.ExpiredJwtException;
 import org.apache.commons.lang3.StringUtils;

console/src/main/java/com/alibaba/nacos/console/security/nacos/roles/NacosRoleServiceImpl.java

@@ -16,6 +16,8 @@
 
 package com.alibaba.nacos.console.security.nacos.roles;
 
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.model.Permission;
 import com.alibaba.nacos.config.server.auth.PermissionInfo;
 import com.alibaba.nacos.config.server.auth.PermissionPersistService;
 import com.alibaba.nacos.config.server.auth.RoleInfo;
@@ -23,8 +25,6 @@ import com.alibaba.nacos.config.server.auth.RolePersistService;
 import com.alibaba.nacos.config.server.model.Page;
 import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
 import com.alibaba.nacos.console.security.nacos.users.NacosUserDetailsServiceImpl;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.Permission;
 import com.alibaba.nacos.core.utils.Loggers;
 import io.jsonwebtoken.lang.Collections;
 import org.apache.commons.lang3.StringUtils;

console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUser.java

@@ -16,7 +16,7 @@
 
 package com.alibaba.nacos.console.security.nacos.users;
 
-import com.alibaba.nacos.core.auth.User;
+import com.alibaba.nacos.auth.model.User;
 
 /**
  * Nacos User.

console/src/main/java/com/alibaba/nacos/console/security/nacos/users/NacosUserDetailsServiceImpl.java

@@ -16,10 +16,10 @@
 
 package com.alibaba.nacos.console.security.nacos.users;
 
+import com.alibaba.nacos.auth.common.AuthConfigs;
 import com.alibaba.nacos.config.server.auth.UserPersistService;
 import com.alibaba.nacos.config.server.model.Page;
 import com.alibaba.nacos.config.server.model.User;
-import com.alibaba.nacos.core.auth.AuthConfigs;
 import com.alibaba.nacos.core.utils.Loggers;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.scheduling.annotation.Scheduled;

console/src/test/java/com/alibaba/nacos/console/controller/UserControllerTest.java

@@ -16,11 +16,11 @@
 
 package com.alibaba.nacos.console.controller;
 
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.common.AuthSystemTypes;
+import com.alibaba.nacos.auth.exception.AccessException;
 import com.alibaba.nacos.console.security.nacos.NacosAuthManager;
 import com.alibaba.nacos.console.security.nacos.users.NacosUser;
-import com.alibaba.nacos.core.auth.AccessException;
-import com.alibaba.nacos.core.auth.AuthConfigs;
-import com.alibaba.nacos.core.auth.AuthSystemTypes;
 import com.fasterxml.jackson.databind.JsonNode;
 import org.junit.Before;
 import org.junit.Test;

core/src/main/java/com/alibaba/nacos/core/auth/AuthConfig.java

@@ -0,0 +1,46 @@
+/*
+ * Copyright 1999-2018 Alibaba Group Holding Ltd.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.alibaba.nacos.core.auth;
+
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * auth filter config.
+ *
+ * @author mai.jh
+ */
+@Configuration
+public class AuthConfig {
+    
+    @Bean
+    public FilterRegistrationBean authFilterRegistration() {
+        FilterRegistrationBean<AuthFilter> registration = new FilterRegistrationBean<>();
+        registration.setFilter(authFilter());
+        registration.addUrlPatterns("/*");
+        registration.setName("authFilter");
+        registration.setOrder(6);
+        
+        return registration;
+    }
+    
+    @Bean
+    public AuthFilter authFilter() {
+        return new AuthFilter();
+    }
+}

core/src/main/java/com/alibaba/nacos/core/auth/AuthFilter.java

@@ -16,6 +16,12 @@
 
 package com.alibaba.nacos.core.auth;
 
+import com.alibaba.nacos.auth.AuthManager;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.AuthConfigs;
+import com.alibaba.nacos.auth.exception.AccessException;
+import com.alibaba.nacos.auth.model.Permission;
+import com.alibaba.nacos.auth.parser.ResourceParser;
 import com.alibaba.nacos.common.utils.ExceptionUtil;
 import com.alibaba.nacos.core.code.ControllerMethodsCache;
 import com.alibaba.nacos.core.utils.Constants;

naming/src/main/java/com/alibaba/nacos/naming/controllers/CatalogController.java

@@ -21,9 +21,9 @@ import com.alibaba.nacos.api.exception.NacosException;
 import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.pojo.Cluster;
 import com.alibaba.nacos.api.naming.utils.NamingUtils;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.utils.WebUtils;
 import com.alibaba.nacos.naming.core.Instance;
 import com.alibaba.nacos.naming.core.Service;

naming/src/main/java/com/alibaba/nacos/naming/controllers/ClusterController.java

@@ -21,8 +21,8 @@ import com.alibaba.nacos.api.exception.NacosException;
 import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.pojo.healthcheck.AbstractHealthChecker;
 import com.alibaba.nacos.api.naming.pojo.healthcheck.HealthCheckerFactory;
-import com.alibaba.nacos.core.auth.ActionTypes;
+import com.alibaba.nacos.auth.annotation.Secured;
-import com.alibaba.nacos.core.auth.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.core.utils.WebUtils;
 import com.alibaba.nacos.naming.core.Cluster;
 import com.alibaba.nacos.naming.core.Service;

naming/src/main/java/com/alibaba/nacos/naming/controllers/HealthController.java

@@ -19,9 +19,9 @@ package com.alibaba.nacos.naming.controllers;
 import com.alibaba.nacos.api.common.Constants;
 import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.pojo.healthcheck.AbstractHealthChecker;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.utils.ApplicationUtils;
 import com.alibaba.nacos.core.utils.WebUtils;
 import com.alibaba.nacos.naming.core.Instance;

naming/src/main/java/com/alibaba/nacos/naming/controllers/InstanceController.java

@@ -22,9 +22,9 @@ import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.NamingResponseCode;
 import com.alibaba.nacos.api.naming.PreservedMetadataKeys;
 import com.alibaba.nacos.api.naming.utils.NamingUtils;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.utils.WebUtils;
 import com.alibaba.nacos.naming.core.Instance;
 import com.alibaba.nacos.naming.core.Service;

naming/src/main/java/com/alibaba/nacos/naming/controllers/OperatorController.java

@@ -17,9 +17,9 @@
 package com.alibaba.nacos.naming.controllers;
 
 import com.alibaba.nacos.api.common.Constants;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.cluster.Member;
 import com.alibaba.nacos.core.cluster.NodeState;
 import com.alibaba.nacos.core.cluster.ServerMemberManager;

naming/src/main/java/com/alibaba/nacos/naming/controllers/ServiceController.java

@@ -21,10 +21,10 @@ import com.alibaba.nacos.api.exception.NacosException;
 import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.utils.NamingUtils;
 import com.alibaba.nacos.api.selector.SelectorType;
+import com.alibaba.nacos.auth.annotation.Secured;
+import com.alibaba.nacos.auth.common.ActionTypes;
 import com.alibaba.nacos.common.utils.IoUtils;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.ActionTypes;
-import com.alibaba.nacos.core.auth.Secured;
 import com.alibaba.nacos.core.cluster.ServerMemberManager;
 import com.alibaba.nacos.core.utils.WebUtils;
 import com.alibaba.nacos.naming.core.Cluster;

naming/src/main/java/com/alibaba/nacos/naming/web/NamingResourceParser.java

@@ -18,8 +18,8 @@ package com.alibaba.nacos.naming.web;
 
 import com.alibaba.nacos.api.naming.CommonParams;
 import com.alibaba.nacos.api.naming.utils.NamingUtils;
-import com.alibaba.nacos.core.auth.Resource;
+import com.alibaba.nacos.auth.model.Resource;
-import com.alibaba.nacos.core.auth.ResourceParser;
+import com.alibaba.nacos.auth.parser.ResourceParser;
 import org.apache.commons.lang3.StringUtils;
 
 import javax.servlet.http.HttpServletRequest;

test/src/test/java/com/alibaba/nacos/test/core/auth/AuthBase.java

@@ -16,8 +16,8 @@
 package com.alibaba.nacos.test.core.auth;
 
 import com.alibaba.nacos.api.PropertyKeyConst;
+import com.alibaba.nacos.auth.common.AuthConfigs;
 import com.alibaba.nacos.common.utils.JacksonUtils;
-import com.alibaba.nacos.core.auth.AuthConfigs;
 import com.alibaba.nacos.test.base.HttpClient4Test;
 import com.alibaba.nacos.test.base.Params;
 import com.fasterxml.jackson.databind.JsonNode;

test/src/test/java/com/alibaba/nacos/test/core/auth/Permission_ITCase.java

@@ -16,9 +16,9 @@
 package com.alibaba.nacos.test.core.auth;
 
 import com.alibaba.nacos.Nacos;
+import com.alibaba.nacos.auth.model.Permission;
 import com.alibaba.nacos.common.utils.JacksonUtils;
 import com.alibaba.nacos.config.server.model.Page;
-import com.alibaba.nacos.core.auth.Permission;
 import com.alibaba.nacos.test.base.HttpClient4Test;
 import com.alibaba.nacos.test.base.Params;
 import com.fasterxml.jackson.core.type.TypeReference;