From f5dbe6c6baf14e861ce7ffbe24b5d43bb2fcd812 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 5 Jan 2023 13:30:30 +0000 Subject: [PATCH 1/3] Bump json5 in /sa-token-demo/sa-token-demo-sso-client-vue2 Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../package-lock.json | 36 +++++++++---------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json b/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json index 7a8f0d37..71f4d4c9 100644 --- a/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json +++ b/sa-token-demo/sa-token-demo-sso-client-vue2/package-lock.json @@ -2890,9 +2890,9 @@ "dev": true }, "node_modules/@vue/vue-loader-v15/node_modules/json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "dependencies": { "minimist": "^1.2.0" @@ -6657,9 +6657,9 @@ "dev": true }, "node_modules/json5": { - "version": "2.2.1", - "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz", - "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true, "bin": { "json5": "lib/cli.js" @@ -10320,9 +10320,9 @@ "dev": true }, "node_modules/vue-style-loader/node_modules/json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "dependencies": { "minimist": "^1.2.0" @@ -13258,9 +13258,9 @@ "dev": true }, "json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "requires": { "minimist": "^1.2.0" @@ -16167,9 +16167,9 @@ "dev": true }, "json5": { - "version": "2.2.1", - "resolved": "https://registry.npmmirror.com/json5/-/json5-2.2.1.tgz", - "integrity": "sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz", + "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true }, "jsonfile": { @@ -18916,9 +18916,9 @@ "dev": true }, "json5": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.1.tgz", - "integrity": "sha512-aKS4WQjPenRxiQsC93MNfjx+nbF4PAdYzmd/1JIj8HYzqfbu86beTuNgXDzPknWk0n0uARlyewZo4s++ES36Ow==", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/json5/-/json5-1.0.2.tgz", + "integrity": "sha512-g1MWMLBiz8FKi1e4w0UyVL3w+iJceWAFBAaBnnGKOpNa5f8TLktkbre1+s6oICydWAm+HRUGTmI+//xv2hvXYA==", "dev": true, "requires": { "minimist": "^1.2.0" From 0a25a62abbc57ba3710d647d5f8f62654771f12d Mon Sep 17 00:00:00 2001 From: AppleOfGray Date: Tue, 10 Jan 2023 01:02:44 +0000 Subject: [PATCH 2/3] =?UTF-8?q?=E6=B7=BB=E5=8A=A0alone-redis=E9=9B=86?= =?UTF-8?q?=E7=BE=A4=E6=A8=A1=E5=BC=8F=E6=96=87=E6=A1=A3=20=E8=BF=99?= =?UTF-8?q?=E4=BA=9B=E9=85=8D=E7=BD=AE=E9=83=BD=E6=98=AF=E5=92=8Cspring=20?= =?UTF-8?q?redis=E4=BF=9D=E6=8C=81=E4=B8=80=E8=87=B4=E7=9A=84,=20=E5=BA=95?= =?UTF-8?q?=E5=B1=82=E5=AE=9E=E7=8E=B0=E4=B9=9F=E6=98=AF=E8=B0=83=E7=94=A8?= =?UTF-8?q?=E7=9A=84spring=E7=9B=B8=E5=85=B3=E7=9A=84=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E7=B1=BB,=20=E4=B8=94=E9=85=8D=E7=BD=AE=E5=8F=82=E6=95=B0?= =?UTF-8?q?=E5=B9=B6=E4=B8=8D=E6=98=AFsatoken=E7=8B=AC=E5=88=9B=E7=9A=84,?= =?UTF-8?q?=20=E5=BC=80=E5=8F=91=E8=80=85=E5=8F=AA=E9=9C=80=E8=A6=81?= =?UTF-8?q?=E6=9C=89spring=20redis=E5=AF=B9=E6=8E=A5=E5=9F=BA=E7=A1=80?= =?UTF-8?q?=E5=B0=B1=E5=8F=AF=E4=BB=A5=E7=94=A8.=20=E8=80=8C=E5=85=B3?= =?UTF-8?q?=E4=BA=8Espring=20redis=E7=9A=84=E9=9B=86=E7=BE=A4=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E6=96=87=E7=8C=AE,=20=E7=99=BE=E5=BA=A6=E4=B8=8A?= =?UTF-8?q?=E5=A4=AA=E5=A4=9A=E4=BA=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sa-token-doc/plugin/alone-redis.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sa-token-doc/plugin/alone-redis.md b/sa-token-doc/plugin/alone-redis.md index 4a70d1b9..f7ca5a9b 100644 --- a/sa-token-doc/plugin/alone-redis.md +++ b/sa-token-doc/plugin/alone-redis.md @@ -118,6 +118,10 @@ spring.redis.timeout=10s 具体可参考示例:[码云:application.yml](https://gitee.com/dromara/sa-token/blob/master/sa-token-demo/sa-token-demo-alone-redis/src/main/resources/application.yml) +集群配置说明: alone-redis同样可以配置集群(cluster模式和sentinel模式), 且基础配置参数和spring redis集群配置别无二致 + +集群配置示例可参考demo项目sa-token-demo-alone-redis-cluster + ### 3、测试 新建Controller测试一下 From 9469251376015597e92d7f6864287dbc35871ce0 Mon Sep 17 00:00:00 2001 From: click33 <2393584716@qq.com> Date: Tue, 10 Jan 2023 16:35:35 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E7=BB=86=E8=8A=82=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../satoken/annotation/SaCheckBasic.java | 2 +- .../satoken/annotation/SaCheckLogin.java | 2 +- .../satoken/annotation/SaCheckPermission.java | 2 +- .../dev33/satoken/annotation/SaCheckRole.java | 2 +- .../java/cn/dev33/satoken/stp/StpLogic.java | 12 ++++------- .../SaTokenAloneRedisClusterApplication.java | 2 +- .../src/main/resources/application.yml | 2 +- sa-token-doc/plugin/jwt-extend.md | 20 +++++++++++++++++++ .../satoken/jwt/StpLogicJwtForSimple.java | 8 ++++++++ .../cn/dev33/satoken/sso/SaSsoProcessor.java | 6 ++++-- 10 files changed, 42 insertions(+), 16 deletions(-) diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java index 8d862042..3c3821b5 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckBasic.java @@ -8,7 +8,7 @@ import java.lang.annotation.Target; import cn.dev33.satoken.basic.SaBasicTemplate; /** - * Http Basic 认证:只有通过 Basic 认证后才能进入该方法 + * Http Basic 认证校验:只有通过 Basic 认证后才能进入该方法 *

可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java index a2cf62e6..759d4eda 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckLogin.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 登录认证:只有登录之后才能进入该方法 + * 登录认证校验:只有登录之后才能进入该方法 *

可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java index 1f2d5165..784bcef6 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckPermission.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 权限认证:必须具有指定权限才能进入该方法 + * 权限认证校验:必须具有指定权限才能进入该方法 *

可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java index 79ebe55d..8dd422bb 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/annotation/SaCheckRole.java @@ -6,7 +6,7 @@ import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** - * 角色认证:必须具有指定角色标识才能进入该方法 + * 角色认证校验:必须具有指定角色标识才能进入该方法 *

可标注在函数、类上(效果等同于标注在此类的所有方法上) * @author kong * diff --git a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java index 00b29c34..314e6855 100644 --- a/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java +++ b/sa-token-core/src/main/java/cn/dev33/satoken/stp/StpLogic.java @@ -412,14 +412,10 @@ public class StpLogic { if(isConcurrent) { // 全局配置是否允许复用旧 Token if(getConfigOfIsShare()) { - // 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响,这里必须确保 is-share 配置项在 ExtraData 为空时才可以生效 - // 即:在 login 时提供了 Extra 数据后,即使配置了 is-share=true 也不能复用旧 Token,必须创建新 Token - if(loginModel.isSetExtraData() == false) { - String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault()); - // 复用成功的话就直接返回,否则还是要继续新建Token - if(SaFoxUtil.isNotEmpty(tokenValue)) { - return tokenValue; - } + String tokenValue = getTokenValueByLoginId(id, loginModel.getDeviceOrDefault()); + // 复用成功的话就直接返回,否则还是要继续新建Token + if(SaFoxUtil.isNotEmpty(tokenValue)) { + return tokenValue; } } } diff --git a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java index d28a40c7..84c733c5 100644 --- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java +++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/java/com/pj/SaTokenAloneRedisClusterApplication.java @@ -13,7 +13,7 @@ import cn.dev33.satoken.SaManager; @SpringBootApplication public class SaTokenAloneRedisClusterApplication { - public static void main(String[] args) throws ClassNotFoundException { + public static void main(String[] args) { SpringApplication.run(SaTokenAloneRedisClusterApplication.class, args); System.out.println("\n启动成功:Sa-Token配置如下:" + SaManager.getConfig()); } diff --git a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml index 45805308..d077e783 100644 --- a/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml +++ b/sa-token-demo/sa-token-demo-alone-redis-cluster/src/main/resources/application.yml @@ -13,7 +13,7 @@ sa-token: # 配置Sa-Token单独使用的Redis连接 alone-redis: # 普通集群 - pattern: cluster + # pattern: cluster # Redis服务器连接用户名(默认为空) username: # Redis服务器连接密码(默认为空) diff --git a/sa-token-doc/plugin/jwt-extend.md b/sa-token-doc/plugin/jwt-extend.md index 9307c023..2b2d5cdb 100644 --- a/sa-token-doc/plugin/jwt-extend.md +++ b/sa-token-doc/plugin/jwt-extend.md @@ -216,3 +216,23 @@ public void setSaJwtTemplate() { }); } ``` + + +### 9、注意点 + +##### 1、使用 jwt-simple 模式后,is-share=false 恒等于 false。 + +`is-share=true` 的意思是每次登录都产生一样的 token,这种策略和 [ 为每个 token 单独设定 setExtra 数据 ] 不兼容的, +为保证正确设定 Extra 数据,当使用 `jwt-simple` 模式后,`is-share` 配置项 恒等于 `false`。 + + +##### 2、使用 jwt-mixin 模式后,is-concurrent 必须为 true。 + +`is-concurrent=false` 代表每次登录都把旧登录顶下线,但是 jwt-mixin 模式登录的 token 并不会记录在持久库数据中, +技术上来讲无法将其踢下线,所以此时顶人下线和踢人下线等 API 都属于不可用状态,所以此时 `is-concurrent` 配置项必须配置为 `true`。 + + + + + + diff --git a/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java b/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java index 702b24d4..85b1acf6 100644 --- a/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java +++ b/sa-token-plugin/sa-token-jwt/src/main/java/cn/dev33/satoken/jwt/StpLogicJwtForSimple.java @@ -65,4 +65,12 @@ public class StpLogicJwtForSimple extends StpLogic { return SaJwtUtil.getPayloadsNotCheck(tokenValue, loginType, jwtSecretKey()).get(key); } + + @Override + public boolean getConfigOfIsShare() { + // 为确保 jwt-simple 模式的 token Extra 数据生成不受旧token影响,这里必须让 is-share 恒为 false + // 即:在使用 jwt-simple 模式后,即使配置了 is-share=true 也不能复用旧 Token,必须每次创建新 Token + return false; + } + } diff --git a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java index c66d0d08..dfce1d98 100644 --- a/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java +++ b/sa-token-plugin/sa-token-sso/src/main/java/cn/dev33/satoken/sso/SaSsoProcessor.java @@ -319,7 +319,9 @@ public class SaSsoProcessor { StpLogic stpLogic = ssoTemplate.getStpLogic(); // 开始处理 - stpLogic.logout(); + if(stpLogic.isLogin()) { + stpLogic.logout(stpLogic.getLoginId()); + } // 返回 return ssoLogoutBack(req, res); @@ -337,7 +339,7 @@ public class SaSsoProcessor { // 如果未登录,则无需注销 if(stpLogic.isLogin() == false) { - return SaResult.ok(); + return ssoLogoutBack(req, res); } // 调用 sso-server 认证中心单点注销API