feature: add double token support for seata netty communication authe…

…ntication
apache · Oct 15, 2024 · 32009a8 · 32009a8
1 parent 679f86e
commit 32009a8
Show file tree

Hide file tree

Showing 33 changed files with 1,156 additions and 373 deletions.
diff --git a/common/src/main/java/org/apache/seata/common/ConfigurationKeys.java b/common/src/main/java/org/apache/seata/common/ConfigurationKeys.java
@@ -68,6 +68,11 @@ public interface ConfigurationKeys {
      */
     String SEATA_PREFIX = SEATA_FILE_ROOT_CONFIG + ".";
 
+    /**
+     * The constant SECURITY_PREFIX
+     */
+    String SECURITY_PREFIX = "security.";
+
     /**
      * The constant SERVICE_PREFIX.
      */
@@ -1014,6 +1019,31 @@ public interface ConfigurationKeys {
      */
     String SERVER_APPLICATION_DATA_SIZE_CHECK = SERVER_PREFIX + "applicationDataLimitCheck";
 
+    /**
+     * The constant SECURITY_USERNAME;
+     */
+    String SECURITY_USERNME = SECURITY_PREFIX + "username";
+
+    /**
+     * The constant SECURITY_PASSWORD;
+     */
+    String SECURITY_PASSWORD = SECURITY_PREFIX + "password";
+
+    /**
+     * The constant SECURITY_SECRET_KEY;
+     */
+    String SECURITY_SECRET_KEY = SECURITY_PREFIX + "secretKey";
+
+    /**
+     * The constant SECURITY_ACCESS_TOKEN_VALID_TIME;
+     */
+    String SECURITY_ACCESS_TOKEN_VALID_TIME = SECURITY_PREFIX + "accessTokenValidityInMilliseconds";
+
+    /**
+     * The constant SECURITY_REFRESH_TOKEN_VALID_TIME;
+     */
+    String SECURITY_REFRESH_TOKEN_VALID_TIME = SECURITY_PREFIX + "refreshTokenValidityInMilliseconds";
+
     /**
      * The constant ROCKET_MQ_MSG_TIMEOUT
      */

diff --git a/common/src/main/java/org/apache/seata/common/util/StringUtils.java b/common/src/main/java/org/apache/seata/common/util/StringUtils.java
@@ -16,6 +16,10 @@
  */
 package org.apache.seata.common.util;
 
+import org.apache.seata.common.Constants;
+import org.apache.seata.common.exception.ShouldNeverHappenException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import java.io.ByteArrayOutputStream;
 import java.io.InputStream;
 import java.lang.annotation.Annotation;
@@ -25,15 +29,14 @@
 import java.text.SimpleDateFormat;
 import java.util.Collection;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import org.apache.seata.common.Constants;
-import org.apache.seata.common.exception.ShouldNeverHappenException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import static org.apache.seata.common.ConfigurationKeys.EXTRA_DATA_KV_CHAR;
+import static org.apache.seata.common.ConfigurationKeys.EXTRA_DATA_SPLIT_CHAR;
 
 /**
  * The type String utils.
@@ -331,7 +334,7 @@ public static boolean isNotEmpty(final CharSequence cs) {
 
     /**
      * hump to Line or line to hump, only spring environment use
-     * 
+     *
      * @param str str
      * @return string string
      */
@@ -446,4 +449,35 @@ public static boolean hasText(CharSequence str) {
         return false;
     }
 
+    public static HashMap<String, String> string2Map(String inputString) {
+        HashMap<String, String> resultMap = new HashMap<>();
+        if (StringUtils.isBlank(inputString)) {
+            return resultMap;
+        }
+        String[] keyValuePairs = inputString.split(EXTRA_DATA_SPLIT_CHAR);
+        for (String pair : keyValuePairs) {
+            String[] keyValue = pair.trim().split(EXTRA_DATA_KV_CHAR);
+            if (keyValue.length == 2) {
+                resultMap.put(keyValue[0].trim(), keyValue[1].trim());
+            }
+        }
+        return resultMap;
+    }
+
+    public static String map2String(HashMap<String, String> inputMap) {
+        if (inputMap == null || inputMap.isEmpty()) {
+            return "";
+        }
+        StringBuilder resultString = new StringBuilder();
+        for (Map.Entry<String, String> entry : inputMap.entrySet()) {
+            String key = entry.getKey();
+            String value = entry.getValue();
+            String pair = key + EXTRA_DATA_KV_CHAR + value + EXTRA_DATA_SPLIT_CHAR;
+            resultString.append(pair);
+        }
+        if (resultString.length() > 0) {
+            resultString.deleteCharAt(resultString.length() - 1);
+        }
+        return resultString.toString();
+    }
 }
diff --git a/console/src/main/java/org/apache/seata/console/controller/AuthController.java b/console/src/main/java/org/apache/seata/console/controller/AuthController.java
@@ -16,11 +16,9 @@
  */
 package org.apache.seata.console.controller;
 
-import javax.servlet.http.HttpServletResponse;
-
 import org.apache.seata.common.result.Code;
-import org.apache.seata.console.config.WebSecurityConfig;
 import org.apache.seata.common.result.SingleResult;
+import org.apache.seata.console.config.WebSecurityConfig;
 import org.apache.seata.console.security.User;
 import org.apache.seata.console.utils.JwtTokenUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -34,6 +32,8 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import javax.servlet.http.HttpServletResponse;
+
 /**
  * auth user
  *
@@ -58,7 +58,6 @@ public class AuthController {
     public SingleResult<String> login(HttpServletResponse response, @RequestBody User user) {
         UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
             user.getUsername(), user.getPassword());
-
         try {
             //AuthenticationManager(default ProviderManager) #authenticate check Authentication
             Authentication authentication = authenticationManager.authenticate(authenticationToken);

diff --git a/core/src/main/java/org/apache/seata/core/auth/AuthResult.java b/core/src/main/java/org/apache/seata/core/auth/AuthResult.java
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.seata.core.auth;
+
+import org.apache.seata.core.protocol.ResultCode;
+
+public class AuthResult {
+    private ResultCode resultCode;
+
+    private String accessToken;
+
+    private String refreshToken;
+
+    public AuthResult() {
+    }
+
+    public AuthResult(AuthResultBuilder builder) {
+        this.resultCode = builder.getResultCode();
+        this.accessToken = builder.getAccessToken();
+        this.refreshToken = builder.getRefreshToken();
+    }
+
+    public ResultCode getResultCode() {
+        return resultCode;
+    }
+
+    public void setResultCode(ResultCode resultCode) {
+        this.resultCode = resultCode;
+    }
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+    public void setRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+    }
+
+}
diff --git a/core/src/main/java/org/apache/seata/core/auth/AuthResultBuilder.java b/core/src/main/java/org/apache/seata/core/auth/AuthResultBuilder.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.seata.core.auth;
+
+import org.apache.seata.core.protocol.ResultCode;
+
+public class AuthResultBuilder {
+    private ResultCode resultCode;
+    private String accessToken;
+    private String refreshToken;
+
+    public ResultCode getResultCode() {
+        return resultCode;
+    }
+
+    public String getAccessToken() {
+        return accessToken;
+    }
+
+    public String getRefreshToken() {
+        return refreshToken;
+    }
+
+    // 设置 resultCode
+    public AuthResultBuilder setResultCode(ResultCode resultCode) {
+        this.resultCode = resultCode;
+        return this;
+    }
+
+    // 设置 accessToken
+    public AuthResultBuilder setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+        return this;
+    }
+
+    // 设置 refreshToken
+    public AuthResultBuilder setRefreshToken(String refreshToken) {
+        this.refreshToken = refreshToken;
+        return this;
+    }
+
+    // 构建最终的 AuthResult 对象
+    public AuthResult build() {
+        return new AuthResult(this);
+    }
+}