From a85df0513f26dd4180751753de30487dfebf8533 Mon Sep 17 00:00:00 2001 From: fit2cloud-chenyw Date: Tue, 23 Sep 2025 17:39:27 +0800 Subject: [PATCH] =?UTF-8?q?feat(X-Pack):=20=E8=AE=A4=E8=AF=81=E8=AE=BE?= =?UTF-8?q?=E7=BD=AE=E6=96=B0=E5=A2=9E=20SAML2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/assets/svg/logo_saml.svg | 1 + core/core-frontend/src/locales/zh-CN.ts | 5 ++- sdk/api/api-base/pom.xml | 2 +- .../settings/XpackAuthenticationApi.java | 8 +++++ .../api/xpack/settings/XpackSaml2Api.java | 17 ++++++++++ .../api/xpack/settings/vo/XpackSaml2VO.java | 32 +++++++++++++++++++ .../io/dataease/utils/WhitelistUtils.java | 1 + 7 files changed, 64 insertions(+), 2 deletions(-) create mode 100644 core/core-frontend/src/assets/svg/logo_saml.svg create mode 100644 sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackSaml2Api.java create mode 100644 sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/vo/XpackSaml2VO.java diff --git a/core/core-frontend/src/assets/svg/logo_saml.svg b/core/core-frontend/src/assets/svg/logo_saml.svg new file mode 100644 index 0000000000..6b68211741 --- /dev/null +++ b/core/core-frontend/src/assets/svg/logo_saml.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/core/core-frontend/src/locales/zh-CN.ts b/core/core-frontend/src/locales/zh-CN.ts index c9b338d68c..46199bc13b 100644 --- a/core/core-frontend/src/locales/zh-CN.ts +++ b/core/core-frontend/src/locales/zh-CN.ts @@ -679,7 +679,10 @@ export default { sub_area_tip: '请选择省份或直辖市', delete_custom_area_tip: '该操作会导致使用了自定义区域的地图无法正常展示,确定删除?', please_select_area: '请选择区域', - delete_custom_sub_area_tip: '确定删除该自定义区域?' + delete_custom_sub_area_tip: '确定删除该自定义区域?', + saml: { + title: 'SAML2 设置' + } }, components: { dashboard_style: '仪表板风格', diff --git a/sdk/api/api-base/pom.xml b/sdk/api/api-base/pom.xml index 5dbb3a0bba..d4f985f370 100644 --- a/sdk/api/api-base/pom.xml +++ b/sdk/api/api-base/pom.xml @@ -11,4 +11,4 @@ api-base - \ No newline at end of file + diff --git a/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackAuthenticationApi.java b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackAuthenticationApi.java index 6a085ab87b..c859a1f684 100644 --- a/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackAuthenticationApi.java +++ b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackAuthenticationApi.java @@ -41,6 +41,14 @@ public interface XpackAuthenticationApi { @PostMapping("/save/oauth2") String saveOauth2(@RequestBody XpackOauth2VO editor); + @Operation(summary = "保存SAML2") + @PostMapping("/save/saml") + String saveSaml2(@RequestBody XpackSaml2VO editor); + + @Operation(summary = "SAML2信息") + @GetMapping("/info/saml") + XpackSaml2VO samlInfo(); + @Operation(summary = "OIDC信息") @GetMapping("/info/oidc") XpackOidcVO oidcInfo(); diff --git a/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackSaml2Api.java b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackSaml2Api.java new file mode 100644 index 0000000000..df422d593d --- /dev/null +++ b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/XpackSaml2Api.java @@ -0,0 +1,17 @@ +package io.dataease.api.xpack.settings; + +import com.github.xiaoymin.knife4j.annotations.ApiSupport; +import io.swagger.v3.oas.annotations.tags.Tag; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PostMapping; + +@Tag(name = "Saml2认证") +@ApiSupport(order = 899) +public interface XpackSaml2Api { + + @GetMapping("/login") + void saml2Login(); + + @PostMapping("/sso") + void saml2Callback() throws Exception; +} diff --git a/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/vo/XpackSaml2VO.java b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/vo/XpackSaml2VO.java new file mode 100644 index 0000000000..ae20026c3f --- /dev/null +++ b/sdk/api/api-base/src/main/java/io/dataease/api/xpack/settings/vo/XpackSaml2VO.java @@ -0,0 +1,32 @@ +package io.dataease.api.xpack.settings.vo; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import lombok.Data; + +import java.io.Serializable; +import java.security.PrivateKey; +import java.security.cert.X509Certificate; + +@Data +public class XpackSaml2VO implements Serializable { + + private String spEntityId; + private String spAcs; + + private String idpSsoUrl; + private String idpEntityId; + private String idpLogoutUrl; + + + @JsonIgnore + private PrivateKey spPrivateKey; + @JsonIgnore + private X509Certificate spCertificate; + @JsonIgnore + private X509Certificate idpCertificate; + + private int assertionValidityTime = 300; // 5分钟 + private boolean wantAssertionsSigned = true; + private boolean wantAuthnRequestsSigned = true; + +} diff --git a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java index 3df7fa5e50..5d0a50d0d1 100644 --- a/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java +++ b/sdk/common/src/main/java/io/dataease/utils/WhitelistUtils.java @@ -88,6 +88,7 @@ public class WhitelistUtils { || StringUtils.startsWithAny(requestURI, "/exportCenter/download") || StringUtils.startsWithAny(requestURI, "/i18n/") || StringUtils.startsWithAny(requestURI, "/communicate/image/") + || StringUtils.startsWithAny(requestURI, "/saml/") || StringUtils.startsWithAny(requestURI, "/communicate/down/"); }