browser-backend

src/main/java/com/edgec/browserbackend/BrowserBackendApplication.java

@@ -2,8 +2,10 @@ package com.edgec.browserbackend;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 
 @SpringBootApplication
+@EnableAuthorizationServer
 public class BrowserBackendApplication {
 
     public static void main(String[] args) {

src/main/java/com/edgec/browserbackend/account/controller/AccountController.java

@@ -30,6 +30,7 @@ import java.util.Enumeration;
 import java.util.List;
 
 @RestController
+@RequestMapping("account")
 public class AccountController {
 
     public static final String WECHAT_PAY_CALLBACK_URL = "https://cloudam.cn/accounts/0xwxpaycallback/";
@@ -47,44 +48,37 @@ public class AccountController {
 
     private static final Logger logger = LoggerFactory.getLogger(AccountController.class);
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/precharge/{name}", method = RequestMethod.POST)
     public IpChargeResultDto preCharge(@PathVariable String name, @RequestBody IpChargeRequestDto requestDto) {
         return accountService.preCharge(name, requestDto);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/prechargeIp/{name}/{amount}/{money}", method = RequestMethod.PUT)
     public IpChargeResultDto preChargeIp(@PathVariable String name, @PathVariable int amount, @PathVariable double money) {
         return accountService.preChargeIp(name, amount, money);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/precharge/money", method = RequestMethod.POST)
     public IpChargeResultDto preChargeByMoney(@RequestParam("accountId") String name, @RequestParam("money") double money) {
         return accountService.preChargeByMoney(name, money);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/charge/{name}", method = RequestMethod.PUT)
     public IpChargeResultDto charge(@PathVariable String name, @RequestBody IpChargeRequestDto requestDto) {
         return accountService.charge(name, requestDto);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/charge/money", method = RequestMethod.PUT)
     public IpChargeResultDto chargeByMoney(@RequestParam("accountId") String name, @RequestParam("money") double money, @RequestBody IpChargeRequestDto requestDto) {
         return accountService.chargeByMoney(name, money, requestDto);
     }
 
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/{name}", method = RequestMethod.GET)
     public Account getAccountByName(@PathVariable String name) {
         return accountService.findByName(name);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/{name}/children/{level}", method = RequestMethod.GET)
     public List<UserDto> getDesendentUsers(@PathVariable String name, @PathVariable int level) {
         return accountService.getAllDesendentUsers(name, level);

src/main/java/com/edgec/browserbackend/account/domain/User.java

@@ -22,28 +22,8 @@ public class User {
 
     private boolean enabled = false;
 
-    private String agencyID;
-
     private String lockReason;
 
-    private boolean isVpsUser = false;
-
-    public boolean isVpsUser() {
-        return isVpsUser;
-    }
-
-    public void setVpsUser(boolean vpsUser) {
-        isVpsUser = vpsUser;
-    }
-
-    public String getAgencyID() {
-        return agencyID;
-    }
-
-    public void setAgencyID(String agencyID) {
-        this.agencyID = agencyID;
-    }
-
     public String getOtp() {
         return otp;
     }

src/main/java/com/edgec/browserbackend/account/service/impl/AccountServiceImpl.java

@@ -527,7 +527,7 @@ public class AccountServiceImpl implements AccountService {
     @Override
     public Account createWithSms(User user) {
 
-        boolean isVps = user.isVpsUser();
+        boolean isVps = true;
 
         Account existing = repository.findByName(user.getUsername());
         if (existing != null)

src/main/java/com/edgec/browserbackend/auth/config/OAuth2AuthorizationConfig.java

@@ -47,32 +47,7 @@ public class OAuth2AuthorizationConfig extends AuthorizationServerConfigurerAdap
                 .authorizedGrantTypes("refresh_token", "password")
                 .scopes("ui")
                 .and()
-                .withClient("account-service")
-                .secret(env.getProperty("ACCOUNT_SERVICE_PASSWORD"))
-                .authorizedGrantTypes("client_credentials", "refresh_token")
-                .scopes("server")
-                .and()
-                .withClient("intelligroup-service")
-                .secret(env.getProperty("INTELLIGROUP_SERVICE_PASSWORD"))
-                .authorizedGrantTypes("client_credentials", "refresh_token")
-                .scopes("server")
-                .and()
-                .withClient("intelligroup-vps")
-                .secret(env.getProperty("INTELLIGROUP_SERVICE_PASSWORD"))
-                .authorizedGrantTypes("client_credentials", "refresh_token")
-                .scopes("server")
-                .and()
-                .withClient("c3-app")
-                .secret(env.getProperty("ACCOUNT_SERVICE_PASSWORD"))
-                .authorizedGrantTypes("client_credentials", "refresh_token")
-                .scopes("server")
-                .and()
-                .withClient("c3-ecc-app")
-                .secret(env.getProperty("ACCOUNT_SERVICE_PASSWORD"))
-                .authorizedGrantTypes("client_credentials", "refresh_token")
-                .scopes("server")
-                .and()
-                .withClient("c3-ip-app")
+                .withClient("cloudam-browser")
                 .secret(env.getProperty("ACCOUNT_SERVICE_PASSWORD"))
                 .authorizedGrantTypes("client_credentials", "refresh_token")
                 .scopes("server");

src/main/java/com/edgec/browserbackend/auth/config/WebSecurityConfig.java

@@ -30,7 +30,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     public void configure(WebSecurity web) throws Exception {
         web.ignoring()
-                .antMatchers("/users/verify/**", "/users/changepass");
+                .antMatchers("/users/verify/**", "/users/changepass", "/");
     }
 
     @Override

src/main/java/com/edgec/browserbackend/auth/controller/UserController.java

@@ -6,6 +6,7 @@ import com.edgec.browserbackend.auth.service.UserAuthService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.token.TokenService;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.web.bind.annotation.*;
 
@@ -21,7 +22,6 @@ public class UserController {
     private UserAuthService userAuthService;
 
     @Autowired
-    @Qualifier("consumerTokenServices")
     ConsumerTokenServices consumerTokenServices;
 
     @RequestMapping(method = RequestMethod.DELETE, value = "/token")
@@ -39,43 +39,36 @@ public class UserController {
         return principal;
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/{name}/roles/{roles}", method = RequestMethod.PUT)
     public void updateRoles(@PathVariable String name, @PathVariable String roles) {
         userAuthService.updateRoles(name, roles);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/{name}/addroles/{roles}", method = RequestMethod.PUT)
     public void addRoles(@PathVariable String name, @PathVariable String roles) {
         userAuthService.addRoles(name, roles);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(method = RequestMethod.POST)
     public void createUser(@Valid @RequestBody User user) {
         userAuthService.create(user);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(value = "/resetpasswd", method = RequestMethod.POST)
     public void resetUserPassword(@Valid @RequestBody User user) {
         userAuthService.resetUserPassword(user);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/current/{name}", method = RequestMethod.DELETE)
     public void deleteUser(@PathVariable String name) {
         userAuthService.deleteUser(name);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(method = RequestMethod.PUT)
     public void resetUser(@Valid @RequestBody User user) {
         userAuthService.reset(user);
     }
 
-    @PreAuthorize("#oauth2.hasScope('server')")
     @RequestMapping(path = "/{lockOrUnlock}",method = RequestMethod.PUT)
     public void lockOrUnlockUser(@Valid @RequestBody User user, @PathVariable String lockOrUnlock) {//@RequestParam("by") String by,
         if("lock".equals(lockOrUnlock)){

src/main/java/com/edgec/browserbackend/common/commons/client/ElasticsearchClient.java

-package com.edgec.browserbackend.common.commons.client;
-
-
-import org.apache.commons.lang3.StringUtils;
-import org.apache.http.HttpHost;
-import org.apache.http.client.CredentialsProvider;
-import org.elasticsearch.action.DocWriteResponse;
-import org.elasticsearch.action.index.IndexRequest;
-import org.elasticsearch.action.index.IndexResponse;
-import org.elasticsearch.client.RequestOptions;
-import org.elasticsearch.client.RestClient;
-import org.elasticsearch.client.RestHighLevelClient;
-import org.elasticsearch.common.xcontent.XContentType;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-
-/**
- * Elasticsearch Rest Client
- * Make sure to config this client before use it
- * See example : intelligroup-tasks#com.edgec.intelligroup.config.ElasticsearchClientConfig
- */
-public class ElasticsearchClient {
-
-    private String hostname;
-    private int port;
-    private CredentialsProvider credentialsProvider;
-
-    private static final Logger log = LoggerFactory.getLogger(ElasticsearchClient.class);
-
-
-    public void index(String name, String id, String sourceJson) {
-        if (StringUtils.isEmpty(name) || StringUtils.isEmpty(id) || StringUtils.isEmpty(sourceJson)) {
-            throw new IllegalArgumentException("Missing params");
-        }
-        RestHighLevelClient client = buildRestClient();
-        try {
-            IndexRequest indexRequest = new IndexRequest(name).id(id).source(sourceJson, XContentType.JSON);
-
-            IndexResponse indexResponse = client.index(indexRequest, RequestOptions.DEFAULT);
-            if (indexResponse != null && indexResponse.getResult() != null) {
-                if (indexResponse.getResult() == DocWriteResponse.Result.CREATED) {
-                    log.info("Index created " + indexResponse.getId());
-                } else if (indexResponse.getResult() == DocWriteResponse.Result.UPDATED) {
-                    log.info("Index updated " + indexResponse.getId());
-                }
-            }
-        } catch (Exception e) {
-            log.error("Index request errors ", e);
-        } finally {
-            try {
-                client.close();
-            } catch (IOException e) {
-                log.error("Closing client errors ", e);
-            }
-        }
-    }
-
-    private RestHighLevelClient buildRestClient() {
-        RestHighLevelClient client = new RestHighLevelClient(
-                RestClient.builder(new HttpHost(hostname, port, "http"))
-                        .setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder).setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider)));
-        return client;
-    }
-
-
-    public ElasticsearchClient(String hostname, int port, CredentialsProvider credentialsProvider) {
-        log.info("Initialize ElasticsearchClient host {} port {}", hostname, port);
-        this.hostname = hostname;
-        this.port = port;
-        this.credentialsProvider = credentialsProvider;
-    }
-}
+//package com.edgec.browserbackend.common.commons.client;
+//
+//
+//import org.apache.commons.lang3.StringUtils;
+//import org.apache.http.HttpHost;
+//import org.apache.http.client.CredentialsProvider;
+//import org.elasticsearch.action.DocWriteResponse;
+//import org.elasticsearch.action.index.IndexRequest;
+//import org.elasticsearch.action.index.IndexResponse;
+//import org.elasticsearch.client.RequestOptions;
+//import org.elasticsearch.client.RestClient;
+//import org.elasticsearch.client.RestHighLevelClient;
+//import org.elasticsearch.common.xcontent.XContentType;
+//import org.slf4j.Logger;
+//import org.slf4j.LoggerFactory;
+//
+//import java.io.IOException;
+//
+///**
+// * Elasticsearch Rest Client
+// * Make sure to config this client before use it
+// * See example : intelligroup-tasks#com.edgec.intelligroup.config.ElasticsearchClientConfig
+// */
+//public class ElasticsearchClient {
+//
+//    private String hostname;
+//    private int port;
+//    private CredentialsProvider credentialsProvider;
+//
+//    private static final Logger log = LoggerFactory.getLogger(ElasticsearchClient.class);
+//
+//
+//    public void index(String name, String id, String sourceJson) {
+//        if (StringUtils.isEmpty(name) || StringUtils.isEmpty(id) || StringUtils.isEmpty(sourceJson)) {
+//            throw new IllegalArgumentException("Missing params");
+//        }
+//        RestHighLevelClient client = buildRestClient();
+//        try {
+//            IndexRequest indexRequest = new IndexRequest(name).id(id).source(sourceJson, XContentType.JSON);
+//
+//            IndexResponse indexResponse = client.index(indexRequest, RequestOptions.DEFAULT);
+//            if (indexResponse != null && indexResponse.getResult() != null) {
+//                if (indexResponse.getResult() == DocWriteResponse.Result.CREATED) {
+//                    log.info("Index created " + indexResponse.getId());
+//                } else if (indexResponse.getResult() == DocWriteResponse.Result.UPDATED) {
+//                    log.info("Index updated " + indexResponse.getId());
+//                }
+//            }
+//        } catch (Exception e) {
+//            log.error("Index request errors ", e);
+//        } finally {
+//            try {
+//                client.close();
+//            } catch (IOException e) {
+//                log.error("Closing client errors ", e);
+//            }
+//        }
+//    }
+//
+//    private RestHighLevelClient buildRestClient() {
+//        RestHighLevelClient client = new RestHighLevelClient(
+//                RestClient.builder(new HttpHost(hostname, port, "http"))
+//                        .setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder).setHttpClientConfigCallback(httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider)));
+//        return client;
+//    }
+//
+//
+//    public ElasticsearchClient(String hostname, int port, CredentialsProvider credentialsProvider) {
+//        log.info("Initialize ElasticsearchClient host {} port {}", hostname, port);
+//        this.hostname = hostname;
+//        this.port = port;
+//        this.credentialsProvider = credentialsProvider;
+//    }
+//}

src/main/resources/application.yml

+spring:
+  messages:
+    basename: i18n/messages
+    encoding: UTF-8
+  data:
+    mongodb:
+      uri: mongodb://user:${MONGODB_PASSWORD}@cloudam-browser:27017/browser
+  mail:
+    host: smtp.qiye.aliyun.com
+    port: 465
+    username: info@cloudam.io
+    password: Edgec2018
+    properties:
+      mail:
+        smtp:
+          auth: true
+          port: 465
+          socketFactory:
+            port: 465
+            class: javax.net.ssl.SSLSocketFactory
+          ssl:
+            enable: true
+security:
+  oauth2:
+    resource:
+      user-info-uri: http://localhost:6000/browser/users/current
 
+server:
+  servlet:
+    context-path: /browser
+  port: 6000
+
+---
+spring:
+  profiles: dev
+  data:
+    mongodb:
+      uri: mongodb://user:${MONGODB_PASSWORD}@cloudam-browser:27017/browser
+
+---
+spring:
+  profiles: prod
+  data:
+    mongodb:
+      uri: mongodb://user:${MONGODB_PASSWORD}@cloudam-browser:27017/browser
+
+---
+spring:
+  profiles: staging
+  data:
+    mongodb:
+      uri: mongodb://user:${MONGODB_PASSWORD}@cloudam-browser:27017/browser
\ No newline at end of file