51 Star 120 Fork 44

Iven / shiro-uaa

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
贡献代码
同步代码
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README
Apache-2.0

License Maven Central Gitee Github

shiro-uaa

A lightweight User Account and Authentication (UAA) Server base on Shiro.

来源

当刚开始一个项目时,相信Shiro的简便会成为大多数开发者权限框架的首选,但当项目扩展后,从1到n,并且需要统一认证和授权时,Shiro本身并不支持统一认证和授权成为了限制,Shiro有CasFilter,但是CAS又是另外一套框架,较为重,为了能使认证授权服务更简单,轻量,易用,所以有了Shiro-UAA

为什么用 shiro-uaa

  • 轻量 UAA Server
  • 纯粹的 Shiro
  • 学习简单
  • 容易扩展
  • 开箱即用

认证授权流程

map.png

说明

  • auth-server

    maven
    <dependency>
        <groupId>com.github.xfslove</groupId>
        <artifactId>shiro-uaa-auth-server</artifactId>
        <version>1.0.7-SNAPSHOT</version>
    </dependency>
    内置endpoint
    URI地址 说明
    /uaa-auth/authentication 请求授权的地址,会定向到你的登录页
    /uaa-auth/authentication/apporve Auth Server同意授权,分发code地址
    /uaa-auth/access-token 从Auth Server获取access-token的地址
    /uaa-auth/logout 从Auth Server登出的地址
    可扩展api
    接口名 说明
    AccessClientService 接入应用服务
    AccessTokenService access-token服务
    AccountService 用户服务
    AuthCodeService code服务
    RoleService 角色服务
    login

    自定义Login页面和登录验证,implement org.apache.shiro.authc.credential.CredentialsMatcher ,实现登录时的校验逻辑,配置shiro.loginUrl

    forwardError

    默认情况下,当Server出现OAuthProblem的时候,会带着错误信息跳转到Resource的地址(redirect_uri参数),如果配置了forwardErrorUrl则不会重定向而显示错误页面,页面需要自定义,配置shiro.uaa.server.forwardErrorUrl, 此配置的目的是防止使用Server做非正常跳转

    扩展的配置参数
    参数名 说明
    shiro.uaa.server.codeExpires UAA分发Code过期时间,单位为秒
    shiro.uaa.server.accessTokenExpires UAA分发AccessToken过期时间,单位为秒
    shiro.uaa.server.refreshTokenExpires UAA分发RefreshToken过期时间,单位为秒
    shiro.loginUrl 自定义的登录地址
    shiro.uaa.server.clients[].name 接入应用名称,使用默认内存AccessClientService时有效
    shiro.uaa.server.clients[].clientId 接入应用clientId,使用默认内存AccessClientService时有效
    shiro.uaa.server.clients[].clientSecret 接入应用clientSecret,使用默认内存AccessClientService时有效
    shiro.uaa.server.roles[].name 角色名称,对应Shiro的Role,使用默认内存RoleService时有效
    shiro.uaa.server.roles[].permCodes[] 角色权限,对应Shiro的Permission,使用默认内存RoleService时有效
    shiro.uaa.server.roles[].clientId 角色所属应用,使用默认内存RoleService时有效
    shiro.uaa.server.accounts[].username 账号登录名,使用默认内存AccountService时有效
    shiro.uaa.server.accounts[].password 账号密码,使用默认内存AccountService时有效
    shiro.uaa.server.accounts[].roles[] 账号拥有角色,使用默认内存AccountService时有效
    shiro.uaa.server.forwardErrorUrl 自定义OAuthProblem Error地址
  • resource-server

    maven
    <dependency>
        <groupId>com.github.xfslove</groupId>
        <artifactId>shiro-uaa-resource-server</artifactId>
        <version>1.0.7-SNAPSHOT</version>
    </dependency>
    filterChainDefinition

    implement CustomFilterChainDefinition ,定义不同的path经过不同的Filter,默认/**经过resourceServerFilter

    logout

    先从Resource Server登出,再从UAA登出,配置shiro.logoutUrl参数加载LogoutEndpoint

    注解

    和Shiro一样

    注解名
    @RequiresRoles
    @RequiresPermissions
    @RequiresUser
    @RequiresAuthentication
    @RequiresGuest
    扩展的配置参数
    参数名 说明
    shiro.uaa.resource.serverScheme UAA地址的Scheme
    shiro.uaa.resource.serverHost UAA地址的Host
    shiro.uaa.resource.serverPort UAA地址的Port
    shiro.uaa.resource.serverContextPath UAA地址的ContextPath
    shiro.uaa.resource.clientId UAA分配的ClientId
    shiro.uaa.resource.clientSecret UAA分配的ClientSecret
    shiro.logoutUrl Resource Server登出地址
  • biz-logger

    记录用户的业务记录

    maven
    <dependency>
        <groupId>com.github.xfslove</groupId>
        <artifactId>shiro-uaa-biz-logger</artifactId>
        <version>1.0.7-SNAPSHOT</version>
    </dependency>
    注解
    注解名
    @BizLogger
    注解方法 说明
    remark 备注,默认:""
    class_ 是否记录类名,默认:true
    method 是否记录方法名,默认:true
    arguments 需要记录参数的索引,默认:{}
    return_ 是否记录返回值,默认:false
    subject 是否记录用户名,默认:true
    BizLoggerEntityStringifier

    implement BizLoggerEntityStringifier ,自定义logger输出内容

Requires

jdk1.8+ and spring boot

TODO

  • 提供auth-server可部署服务
  • 为auth-server提供用户metrics

例子

shiro-uaa-samples

Lincense

Apache 2.0 license.

Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "{}" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright {yyyy} {name of copyright owner} Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

简介

shiro-uaa 是一个基于 Shiro 实现的轻量级用户账号和身份认证解决方案 (UAA) 服务 展开 收起
Java
Apache-2.0
取消

发行版

暂无发行版

贡献者

全部

近期动态

加载更多
不能加载更多了
Java
1
https://gitee.com/xfslove/shiro-uaa.git
git@gitee.com:xfslove/shiro-uaa.git
xfslove
shiro-uaa
shiro-uaa
1.0.7-SNAPSHOT

搜索帮助

14c37bed 8189591 565d56ea 8189591