Move plugin config to nacos-auth-plugin-impl module.

This commit is contained in:
KomachiSion 2022-01-26 11:54:52 +08:00
parent aba0facf90
commit 9020bb9d6e
15 changed files with 290 additions and 88 deletions

View File

@ -59,21 +59,6 @@
<groupId>org.apache.tomcat.embed</groupId> <groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId> <artifactId>tomcat-embed-core</artifactId>
</dependency> </dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<scope>runtime</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>

View File

@ -16,23 +16,24 @@
package com.alibaba.nacos.auth.config; package com.alibaba.nacos.auth.config;
import com.alibaba.nacos.plugin.auth.constant.Constants;
import com.alibaba.nacos.common.JustForTest; import com.alibaba.nacos.common.JustForTest;
import com.alibaba.nacos.common.event.ServerConfigChangeEvent; import com.alibaba.nacos.common.event.ServerConfigChangeEvent;
import com.alibaba.nacos.common.notify.Event; import com.alibaba.nacos.common.notify.Event;
import com.alibaba.nacos.common.notify.NotifyCenter; import com.alibaba.nacos.common.notify.NotifyCenter;
import com.alibaba.nacos.common.notify.listener.Subscriber; import com.alibaba.nacos.common.notify.listener.Subscriber;
import com.alibaba.nacos.common.utils.ConvertUtils; import com.alibaba.nacos.common.utils.ConvertUtils;
import com.alibaba.nacos.plugin.auth.constant.Constants;
import com.alibaba.nacos.sys.env.EnvUtil; import com.alibaba.nacos.sys.env.EnvUtil;
import io.jsonwebtoken.io.Decoders; import com.alibaba.nacos.sys.utils.PropertiesUtil;
import io.jsonwebtoken.io.DecodingException;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import java.nio.charset.StandardCharsets; import java.util.HashMap;
import java.util.Map;
import java.util.Objects; import java.util.Objects;
import java.util.Properties;
/** /**
* Auth related configurations. * Auth related configurations.
@ -46,6 +47,8 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
private static final Logger LOGGER = LoggerFactory.getLogger(AuthConfigs.class); private static final Logger LOGGER = LoggerFactory.getLogger(AuthConfigs.class);
private static final String PREFIX = "nacos.core.auth.plugin";
@JustForTest @JustForTest
private static Boolean cachingEnabled = null; private static Boolean cachingEnabled = null;
@ -55,23 +58,6 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
@Value("${" + Constants.Auth.NACOS_CORE_AUTH_ENABLED + ":false}") @Value("${" + Constants.Auth.NACOS_CORE_AUTH_ENABLED + ":false}")
private boolean authEnabled; private boolean authEnabled;
/**
* secret key.
*/
@Value("${" + Constants.Auth.NACOS_CORE_AUTH_DEFAULT_TOKEN_SECRET_KEY + ":}")
private String secretKey;
/**
* secret key byte array.
*/
private byte[] secretKeyBytes;
/**
* Token validity time(seconds).
*/
@Value("${" + Constants.Auth.NACOS_CORE_AUTH_DEFAULT_TOKEN_EXPIRE_SECONDS + ":18000}")
private long tokenValidityInSeconds;
/** /**
* Which auth system is in use. * Which auth system is in use.
*/ */
@ -87,24 +73,30 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
@Value("${" + Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE + ":false}") @Value("${" + Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE + ":false}")
private boolean enableUserAgentAuthWhite; private boolean enableUserAgentAuthWhite;
private Map<String, Properties> authPluginProperties = new HashMap<>();
public AuthConfigs() { public AuthConfigs() {
NotifyCenter.registerSubscriber(this); NotifyCenter.registerSubscriber(this);
refreshPluginProperties();
} }
public byte[] getSecretKeyBytes() { private void refreshPluginProperties() {
if (secretKeyBytes == null) {
try { try {
secretKeyBytes = Decoders.BASE64.decode(secretKey); Map<String, Properties> newProperties = new HashMap<>();
} catch (DecodingException e) { Properties properties = PropertiesUtil.getPropertiesWithPrefix(EnvUtil.getEnvironment(), PREFIX);
secretKeyBytes = secretKey.getBytes(StandardCharsets.UTF_8); for (String each : properties.stringPropertyNames()) {
int typeIndex = each.indexOf('.');
String type = each.substring(0, typeIndex);
if (!newProperties.containsKey(type)) {
newProperties.put(type, new Properties());
} }
String subKey = each.substring(typeIndex + 1);
newProperties.get(type).setProperty(subKey, properties.getProperty(each));
} }
return secretKeyBytes; authPluginProperties = newProperties;
} catch (Exception e) {
LOGGER.warn("Refresh plugin properties failed ", e);
} }
public long getTokenValidityInSeconds() {
return tokenValidityInSeconds;
} }
public String getNacosAuthSystemType() { public String getNacosAuthSystemType() {
@ -141,8 +133,15 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
if (Objects.nonNull(AuthConfigs.cachingEnabled)) { if (Objects.nonNull(AuthConfigs.cachingEnabled)) {
return cachingEnabled; return cachingEnabled;
} }
return ConvertUtils.toBoolean( return ConvertUtils.toBoolean(EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_CACHING_ENABLED, "true"));
EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_CACHING_ENABLED, "true")); }
public Properties getAuthPluginProperties(String authType) {
if (!authPluginProperties.containsKey(authType)) {
LOGGER.warn("Can't find properties for type {}, will use empty properties", authType);
return new Properties();
}
return authPluginProperties.get(authType);
} }
@JustForTest @JustForTest
@ -154,14 +153,13 @@ public class AuthConfigs extends Subscriber<ServerConfigChangeEvent> {
public void onEvent(ServerConfigChangeEvent event) { public void onEvent(ServerConfigChangeEvent event) {
try { try {
authEnabled = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_ENABLED, Boolean.class, false); authEnabled = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_ENABLED, Boolean.class, false);
cachingEnabled = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_CACHING_ENABLED, Boolean.class, cachingEnabled = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_CACHING_ENABLED, Boolean.class, true);
true);
serverIdentityKey = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SERVER_IDENTITY_KEY, ""); serverIdentityKey = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SERVER_IDENTITY_KEY, "");
serverIdentityValue = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SERVER_IDENTITY_VALUE, ""); serverIdentityValue = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SERVER_IDENTITY_VALUE, "");
enableUserAgentAuthWhite = EnvUtil.getProperty( enableUserAgentAuthWhite = EnvUtil
Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE, Boolean.class, .getProperty(Constants.Auth.NACOS_CORE_AUTH_ENABLE_USER_AGENT_AUTH_WHITE, Boolean.class, false);
false);
nacosAuthSystemType = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SYSTEM_TYPE, ""); nacosAuthSystemType = EnvUtil.getProperty(Constants.Auth.NACOS_CORE_AUTH_SYSTEM_TYPE, "");
refreshPluginProperties();
} catch (Exception e) { } catch (Exception e) {
LOGGER.warn("Upgrade auth config from env failed, use old value", e); LOGGER.warn("Upgrade auth config from env failed, use old value", e);
} }

View File

@ -44,6 +44,7 @@ public class AuthConfigsTest {
public void setUp() throws Exception { public void setUp() throws Exception {
environment = new MockEnvironment(); environment = new MockEnvironment();
EnvUtil.setEnvironment(environment); EnvUtil.setEnvironment(environment);
environment.setProperty("nacos.core.auth.plugin.test.key", "test");
authConfigs = new AuthConfigs(); authConfigs = new AuthConfigs();
} }

View File

@ -120,16 +120,6 @@ nacos.core.auth.system.type=nacos
### If turn on auth system: ### If turn on auth system:
nacos.core.auth.enabled=false nacos.core.auth.enabled=false
### worked when nacos.core.auth.system.type=ldap{0} is Placeholder,replace login username
# nacos.core.auth.ldap.url=ldap://localhost:389
# nacos.core.auth.ldap.userdn=cn={0},ou=user,dc=company,dc=com
### The token expiration in seconds:
nacos.core.auth.default.token.expire.seconds=18000
### The default token:
nacos.core.auth.default.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay. ### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay.
nacos.core.auth.caching.enabled=true nacos.core.auth.caching.enabled=true
@ -141,8 +131,15 @@ nacos.core.auth.enable.userAgentAuthWhite=false
nacos.core.auth.server.identity.key=serverIdentity nacos.core.auth.server.identity.key=serverIdentity
nacos.core.auth.server.identity.value=security nacos.core.auth.server.identity.value=security
### authority key in request: ### worked when nacos.core.auth.system.type=nacos
nacos.core.auth.authorityKey=authority,username,password ### The token expiration in seconds:
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
### The default token:
nacos.core.auth.plugin.nacos.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
### worked when nacos.core.auth.system.type=ldap{0} is Placeholder,replace login username
# nacos.core.auth.ldap.url=ldap://localhost:389
# nacos.core.auth.ldap.userdn=cn={0},ou=user,dc=company,dc=com
#*************** Istio Related Configurations ***************# #*************** Istio Related Configurations ***************#
### If turn on the MCP server: ### If turn on the MCP server:

View File

@ -146,16 +146,6 @@ nacos.core.auth.system.type=nacos
### If turn on auth system: ### If turn on auth system:
nacos.core.auth.enabled=false nacos.core.auth.enabled=false
### worked when nacos.core.auth.system.type=ldap{0} is Placeholder,replace login username
# nacos.core.auth.ldap.url=ldap://localhost:389
# nacos.core.auth.ldap.userdn=cn={0},ou=user,dc=company,dc=com
### The token expiration in seconds:
nacos.core.auth.default.token.expire.seconds=18000
### The default token:
nacos.core.auth.default.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay. ### Turn on/off caching of auth information. By turning on this switch, the update of auth information would have a 15 seconds delay.
nacos.core.auth.caching.enabled=true nacos.core.auth.caching.enabled=true
@ -167,6 +157,16 @@ nacos.core.auth.enable.userAgentAuthWhite=false
nacos.core.auth.server.identity.key=serverIdentity nacos.core.auth.server.identity.key=serverIdentity
nacos.core.auth.server.identity.value=security nacos.core.auth.server.identity.value=security
### worked when nacos.core.auth.system.type=nacos
### The token expiration in seconds:
nacos.core.auth.plugin.nacos.token.expire.seconds=18000
### The default token:
nacos.core.auth.plugin.nacos.token.secret.key=SecretKey012345678901234567890123456789012345678901234567890123456789
### worked when nacos.core.auth.system.type=ldap{0} is Placeholder,replace login username
# nacos.core.auth.ldap.url=ldap://localhost:389
# nacos.core.auth.ldap.userdn=cn={0},ou=user,dc=company,dc=com
#*************** Istio Related Configurations ***************# #*************** Istio Related Configurations ***************#
### If turn on the MCP server: ### If turn on the MCP server:
nacos.istio.mcp.server.enabled=false nacos.istio.mcp.server.enabled=false

View File

@ -16,7 +16,6 @@
package com.alibaba.nacos.plugin.auth.impl; package com.alibaba.nacos.plugin.auth.impl;
import com.alibaba.nacos.auth.config.AuthConfigs;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.SignatureAlgorithm;
@ -44,7 +43,7 @@ public class JwtTokenManager {
private static final String AUTHORITIES_KEY = "auth"; private static final String AUTHORITIES_KEY = "auth";
@Autowired @Autowired
private AuthConfigs authConfigs; private NacosAuthConfig nacosAuthConfig;
/** /**
* Create token. * Create token.
@ -67,11 +66,12 @@ public class JwtTokenManager {
long now = System.currentTimeMillis(); long now = System.currentTimeMillis();
Date validity; Date validity;
validity = new Date(now + authConfigs.getTokenValidityInSeconds() * 1000L);
validity = new Date(now + nacosAuthConfig.getTokenValidityInSeconds() * 1000L);
Claims claims = Jwts.claims().setSubject(userName); Claims claims = Jwts.claims().setSubject(userName);
return Jwts.builder().setClaims(claims).setExpiration(validity) return Jwts.builder().setClaims(claims).setExpiration(validity)
.signWith(Keys.hmacShaKeyFor(authConfigs.getSecretKeyBytes()), SignatureAlgorithm.HS256).compact(); .signWith(Keys.hmacShaKeyFor(nacosAuthConfig.getSecretKeyBytes()), SignatureAlgorithm.HS256).compact();
} }
/** /**
@ -81,7 +81,7 @@ public class JwtTokenManager {
* @return auth info * @return auth info
*/ */
public Authentication getAuthentication(String token) { public Authentication getAuthentication(String token) {
Claims claims = Jwts.parserBuilder().setSigningKey(authConfigs.getSecretKeyBytes()).build() Claims claims = Jwts.parserBuilder().setSigningKey(nacosAuthConfig.getSecretKeyBytes()).build()
.parseClaimsJws(token).getBody(); .parseClaimsJws(token).getBody();
List<GrantedAuthority> authorities = AuthorityUtils List<GrantedAuthority> authorities = AuthorityUtils
@ -97,7 +97,7 @@ public class JwtTokenManager {
* @param token token * @param token token
*/ */
public void validateToken(String token) { public void validateToken(String token) {
Jwts.parserBuilder().setSigningKey(authConfigs.getSecretKeyBytes()).build().parseClaimsJws(token); Jwts.parserBuilder().setSigningKey(nacosAuthConfig.getSecretKeyBytes()).build().parseClaimsJws(token);
} }
} }

View File

@ -19,9 +19,12 @@ package com.alibaba.nacos.plugin.auth.impl;
import com.alibaba.nacos.auth.config.AuthConfigs; import com.alibaba.nacos.auth.config.AuthConfigs;
import com.alibaba.nacos.common.utils.StringUtils; import com.alibaba.nacos.common.utils.StringUtils;
import com.alibaba.nacos.core.code.ControllerMethodsCache; import com.alibaba.nacos.core.code.ControllerMethodsCache;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthConstants;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes; import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes;
import com.alibaba.nacos.plugin.auth.impl.filter.JwtAuthenticationTokenFilter; import com.alibaba.nacos.plugin.auth.impl.filter.JwtAuthenticationTokenFilter;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUserDetailsServiceImpl; import com.alibaba.nacos.plugin.auth.impl.users.NacosUserDetailsServiceImpl;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.io.DecodingException;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.core.env.Environment; import org.springframework.core.env.Environment;
@ -39,6 +42,8 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
import org.springframework.web.cors.CorsUtils; import org.springframework.web.cors.CorsUtils;
import javax.annotation.PostConstruct; import javax.annotation.PostConstruct;
import java.nio.charset.StandardCharsets;
import java.util.Properties;
/** /**
* Spring security config. * Spring security config.
@ -76,12 +81,36 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter {
@Autowired @Autowired
private ControllerMethodsCache methodsCache; private ControllerMethodsCache methodsCache;
/**
* secret key.
*/
private String secretKey;
/**
* secret key byte array.
*/
private byte[] secretKeyBytes;
/**
* Token validity time(seconds).
*/
private long tokenValidityInSeconds;
/** /**
* Init. * Init.
*/ */
@PostConstruct @PostConstruct
public void init() { public void init() {
methodsCache.initClassMethod("com.alibaba.nacos.plugin.auth.impl.controller"); methodsCache.initClassMethod("com.alibaba.nacos.plugin.auth.impl.controller");
initProperties();
}
private void initProperties() {
Properties properties = authConfigs.getAuthPluginProperties(AuthConstants.AUTH_PLUGIN_TYPE);
String validitySeconds = properties
.getProperty(AuthConstants.TOKEN_EXPIRE_SECONDS, AuthConstants.DEFAULT_TOKEN_EXPIRE_SECONDS);
tokenValidityInSeconds = Long.parseLong(validitySeconds);
secretKey = properties.getProperty(AuthConstants.TOKEN_SECRET_KEY, AuthConstants.DEFAULT_TOKEN_SECRET_KEY);
} }
@Bean(name = BeanIds.AUTHENTICATION_MANAGER) @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@ -141,4 +170,19 @@ public class NacosAuthConfig extends WebSecurityConfigurerAdapter {
return new BCryptPasswordEncoder(); return new BCryptPasswordEncoder();
} }
public byte[] getSecretKeyBytes() {
if (secretKeyBytes == null) {
try {
secretKeyBytes = Decoders.BASE64.decode(secretKey);
} catch (DecodingException e) {
secretKeyBytes = secretKey.getBytes(StandardCharsets.UTF_8);
}
}
return secretKeyBytes;
}
public long getTokenValidityInSeconds() {
return tokenValidityInSeconds;
}
} }

View File

@ -38,8 +38,6 @@ import java.util.List;
@SuppressWarnings("PMD.ServiceOrDaoClassShouldEndWithImplRule") @SuppressWarnings("PMD.ServiceOrDaoClassShouldEndWithImplRule")
public class NacosAuthPluginService implements AuthPluginService { public class NacosAuthPluginService implements AuthPluginService {
private static final String AUTH_PLUGIN_TYPE = "nacos";
private static final String USER_IDENTITY_PARAM_KEY = "user"; private static final String USER_IDENTITY_PARAM_KEY = "user";
private static final List<String> IDENTITY_NAMES = new LinkedList<String>() { private static final List<String> IDENTITY_NAMES = new LinkedList<String>() {
@ -77,7 +75,7 @@ public class NacosAuthPluginService implements AuthPluginService {
@Override @Override
public String getAuthServiceName() { public String getAuthServiceName() {
return AUTH_PLUGIN_TYPE; return AuthConstants.AUTH_PLUGIN_TYPE;
} }
private void checkNacosAuthManager() { private void checkNacosAuthManager() {

View File

@ -23,6 +23,8 @@ package com.alibaba.nacos.plugin.auth.impl.constant;
*/ */
public class AuthConstants { public class AuthConstants {
public static final String AUTH_PLUGIN_TYPE = "nacos";
public static final String GLOBAL_ADMIN_ROLE = "ROLE_ADMIN"; public static final String GLOBAL_ADMIN_ROLE = "ROLE_ADMIN";
public static final String AUTHORIZATION_HEADER = "Authorization"; public static final String AUTHORIZATION_HEADER = "Authorization";
@ -38,4 +40,12 @@ public class AuthConstants {
public static final String UPDATE_PASSWORD_ENTRY_POINT = CONSOLE_RESOURCE_NAME_PREFIX + "user/password"; public static final String UPDATE_PASSWORD_ENTRY_POINT = CONSOLE_RESOURCE_NAME_PREFIX + "user/password";
public static final String NACOS_USER_KEY = "nacosuser"; public static final String NACOS_USER_KEY = "nacosuser";
public static final String TOKEN_SECRET_KEY = "token.secret.key";
public static final String DEFAULT_TOKEN_SECRET_KEY = "";
public static final String TOKEN_EXPIRE_SECONDS = "token.expire.seconds";
public static final String DEFAULT_TOKEN_EXPIRE_SECONDS = "18000";
} }

View File

@ -25,6 +25,7 @@ import com.alibaba.nacos.common.utils.JacksonUtils;
import com.alibaba.nacos.plugin.auth.constant.ActionTypes; import com.alibaba.nacos.plugin.auth.constant.ActionTypes;
import com.alibaba.nacos.plugin.auth.exception.AccessException; import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.JwtTokenManager; import com.alibaba.nacos.plugin.auth.impl.JwtTokenManager;
import com.alibaba.nacos.plugin.auth.impl.NacosAuthConfig;
import com.alibaba.nacos.plugin.auth.impl.NacosAuthManager; import com.alibaba.nacos.plugin.auth.impl.NacosAuthManager;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthConstants; import com.alibaba.nacos.plugin.auth.impl.constant.AuthConstants;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes; import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes;
@ -82,6 +83,9 @@ public class UserController {
@Autowired @Autowired
private AuthConfigs authConfigs; private AuthConfigs authConfigs;
@Autowired
private NacosAuthConfig nacosAuthConfig;
@Autowired @Autowired
private NacosAuthManager authManager; private NacosAuthManager authManager;
@ -214,7 +218,7 @@ public class UserController {
ObjectNode result = JacksonUtils.createEmptyJsonNode(); ObjectNode result = JacksonUtils.createEmptyJsonNode();
result.put(Constants.ACCESS_TOKEN, user.getToken()); result.put(Constants.ACCESS_TOKEN, user.getToken());
result.put(Constants.TOKEN_TTL, authConfigs.getTokenValidityInSeconds()); result.put(Constants.TOKEN_TTL, nacosAuthConfig.getTokenValidityInSeconds());
result.put(Constants.GLOBAL_ADMIN, user.isGlobalAdmin()); result.put(Constants.GLOBAL_ADMIN, user.isGlobalAdmin());
result.put(Constants.USERNAME, user.getUserName()); result.put(Constants.USERNAME, user.getUserName());
return result; return result;

View File

@ -18,6 +18,7 @@ package com.alibaba.nacos.plugin.auth.impl.controller;
import com.alibaba.nacos.auth.config.AuthConfigs; import com.alibaba.nacos.auth.config.AuthConfigs;
import com.alibaba.nacos.plugin.auth.exception.AccessException; import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.NacosAuthConfig;
import com.alibaba.nacos.plugin.auth.impl.NacosAuthManager; import com.alibaba.nacos.plugin.auth.impl.NacosAuthManager;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes; import com.alibaba.nacos.plugin.auth.impl.constant.AuthSystemTypes;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUser; import com.alibaba.nacos.plugin.auth.impl.users.NacosUser;
@ -49,6 +50,9 @@ public class UserControllerTest {
@Mock @Mock
private AuthConfigs authConfigs; private AuthConfigs authConfigs;
@Mock
private NacosAuthConfig nacosAuthConfig;
@Mock @Mock
private NacosAuthManager authManager; private NacosAuthManager authManager;
@ -65,13 +69,14 @@ public class UserControllerTest {
user.setToken("1234567890"); user.setToken("1234567890");
injectObject("authConfigs", authConfigs); injectObject("authConfigs", authConfigs);
injectObject("authManager", authManager); injectObject("authManager", authManager);
injectObject("nacosAuthConfig", nacosAuthConfig);
} }
@Test @Test
public void testLoginWithAuthedUser() throws AccessException { public void testLoginWithAuthedUser() throws AccessException {
when(authManager.login(request)).thenReturn(user); when(authManager.login(request)).thenReturn(user);
when(authConfigs.getNacosAuthSystemType()).thenReturn(AuthSystemTypes.NACOS.name()); when(authConfigs.getNacosAuthSystemType()).thenReturn(AuthSystemTypes.NACOS.name());
when(authConfigs.getTokenValidityInSeconds()).thenReturn(18000L); when(nacosAuthConfig.getTokenValidityInSeconds()).thenReturn(18000L);
Object actual = userController.login("nacos", "nacos", response, request); Object actual = userController.login("nacos", "nacos", response, request);
assertThat(actual, instanceOf(JsonNode.class)); assertThat(actual, instanceOf(JsonNode.class));
String actualString = actual.toString(); String actualString = actual.toString();

View File

@ -67,6 +67,10 @@
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-test</artifactId> <artifactId>spring-boot-test</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-core-asl</artifactId>
</dependency>
</dependencies> </dependencies>
<build> <build>

View File

@ -0,0 +1,64 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.sys.utils;
import org.springframework.core.env.Environment;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Map;
import java.util.Properties;
/**
* Properties util.
*
* @author xiweng.yy
*/
public class PropertiesUtil {
public static Properties getPropertiesWithPrefix(Environment environment, String prefix)
throws ClassNotFoundException, NoSuchMethodException, InvocationTargetException, IllegalAccessException {
return handleSpringBinder(environment, prefix, Properties.class);
}
public static Map<String, Object> getPropertiesWithPrefixForMap(Environment environment, String prefix)
throws ClassNotFoundException, NoSuchMethodException, InvocationTargetException, IllegalAccessException {
return handleSpringBinder(environment, prefix, Map.class);
}
/**
* Handle spring binder to bind object.
*
* @param environment spring environment
* @param prefix properties prefix
* @param targetClass target class
* @param <T> target class
* @return binder object
*/
@SuppressWarnings("unchecked")
public static <T> T handleSpringBinder(Environment environment, String prefix, Class<T> targetClass)
throws NoSuchMethodException, IllegalAccessException, InvocationTargetException, ClassNotFoundException {
Class<?> binderClass = Class.forName("org.springframework.boot.context.properties.bind.Binder");
Method getMethod = binderClass.getDeclaredMethod("get", Environment.class);
Method bindMethod = binderClass.getDeclaredMethod("bind", String.class, Class.class);
Object binderObject = getMethod.invoke(null, environment);
String prefixParam = prefix.endsWith(".") ? prefix.substring(0, prefix.length() - 1) : prefix;
Object bindResultObject = bindMethod.invoke(binderObject, prefixParam, targetClass);
Method resultGetMethod = bindResultObject.getClass().getDeclaredMethod("get");
return (T) resultGetMethod.invoke(bindResultObject);
}
}

View File

@ -0,0 +1,72 @@
/*
* Copyright 1999-2021 Alibaba Group Holding Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.alibaba.nacos.sys.utils;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.junit4.SpringRunner;
import java.lang.reflect.InvocationTargetException;
import java.util.Map;
import java.util.Properties;
import static org.junit.Assert.assertEquals;
@RunWith(SpringRunner.class)
@ActiveProfiles("prefix")
@SpringBootTest(classes = PropertiesUtilTest.class)
public class PropertiesUtilTest {
@Autowired
private ConfigurableEnvironment environment;
@Test
@SuppressWarnings("unchecked")
public void testGetPropertiesWithPrefixForMap()
throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
Map<String, Object> actual = PropertiesUtil.getPropertiesWithPrefixForMap(environment, "nacos.prefix");
assertEquals(3, actual.size());
for (Map.Entry<String, Object> entry : actual.entrySet()) {
String key = entry.getKey();
Map<String, Object> subMap = (Map<String, Object>) entry.getValue();
switch (key) {
case "one":
assertEquals("1", subMap.get("value"));
break;
case "two":
assertEquals("2", subMap.get("value"));
break;
case "three":
assertEquals("3", subMap.get("value"));
break;
default:
throw new RuntimeException();
}
}
}
@Test
public void testGetPropertiesWithPrefix()
throws ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
Properties actual = PropertiesUtil.getPropertiesWithPrefix(environment, "nacos.prefix");
assertEquals(3, actual.size());
}
}

View File

@ -0,0 +1,20 @@
#
# Copyright 1999-2018 Alibaba Group Holding Ltd.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
nacos.prefix.one.value=1
nacos.prefix.two.value=2
nacos.prefix.three.value=3
nacos.other.prefix.one.value=1