From e83834079e874a9ff27cbdbc574c9d063e85b109 Mon Sep 17 00:00:00 2001 From: YunaiV Date: Thu, 21 Aug 2025 09:17:08 +0800 Subject: [PATCH 1/4] =?UTF-8?q?fix=EF=BC=9A=E3=80=90framework=20=E6=A1=86?= =?UTF-8?q?=E6=9E=B6=E3=80=91TenantSecurityWebFilter=20=E6=94=AF=E6=8C=81?= =?UTF-8?q?=20context-path=20=E6=A0=A1=E9=AA=8C=E6=97=A0=E9=9C=80=E7=A7=9F?= =?UTF-8?q?=E6=88=B7=20URL=20https://github.com/YunaiV/ruoyi-vue-pro/issue?= =?UTF-8?q?s/905?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tenant/core/security/TenantSecurityWebFilter.java | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java index c6d4d5e1b7..690e392d2e 100644 --- a/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java +++ b/yudao-framework/yudao-spring-boot-starter-biz-tenant/src/main/java/cn/iocoder/yudao/framework/tenant/core/security/TenantSecurityWebFilter.java @@ -101,13 +101,14 @@ public class TenantSecurityWebFilter extends ApiRequestFilter { } private boolean isIgnoreUrl(HttpServletRequest request) { + String apiUri = request.getRequestURI().substring(request.getContextPath().length()); // 快速匹配,保证性能 - if (CollUtil.contains(tenantProperties.getIgnoreUrls(), request.getRequestURI())) { + if (CollUtil.contains(tenantProperties.getIgnoreUrls(), apiUri)) { return true; } // 逐个 Ant 路径匹配 for (String url : tenantProperties.getIgnoreUrls()) { - if (pathMatcher.match(url, request.getRequestURI())) { + if (pathMatcher.match(url, apiUri)) { return true; } } From 98ed8009455f3e3f548a3c063a672f91e68817c9 Mon Sep 17 00:00:00 2001 From: YunaiV Date: Thu, 21 Aug 2025 12:58:10 +0800 Subject: [PATCH 2/4] =?UTF-8?q?feat=EF=BC=9A=E3=80=90system=20=E7=B3=BB?= =?UTF-8?q?=E7=BB=9F=E7=AE=A1=E7=90=86=E3=80=91oauth2=20=E6=94=AF=E6=8C=81?= =?UTF-8?q?=20ClientCredentials=20=E6=A8=A1=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../admin/oauth2/OAuth2OpenController.http | 8 ++++++ .../admin/oauth2/OAuth2OpenController.java | 27 ++++++++++++------- .../oauth2/OAuth2GrantServiceImpl.java | 4 +-- .../oauth2/OAuth2TokenServiceImpl.java | 5 +++- 4 files changed, 32 insertions(+), 12 deletions(-) diff --git a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.http b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.http index f770ed91d7..cdcebbfb1c 100644 --- a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.http +++ b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.http @@ -35,6 +35,14 @@ tenant-id: {{adminTenantId}} grant_type=password&username=admin&password=admin123&scope=user.read +### 请求 /system/oauth2/token + client_credentials 接口 => 成功 +POST {{baseUrl}}/system/oauth2/token +Content-Type: application/x-www-form-urlencoded +Authorization: Basic ZGVmYXVsdDphZG1pbjEyMw== +tenant-id: {{adminTenantId}} + +grant_type=client_credentials&scope=user.read + ### 请求 /system/oauth2/token + refresh_token 接口 => 成功 POST {{baseUrl}}/system/oauth2/token Content-Type: application/x-www-form-urlencoded diff --git a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.java b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.java index d06523e9c0..067ab8aaf1 100644 --- a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.java +++ b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/controller/admin/oauth2/OAuth2OpenController.java @@ -94,6 +94,7 @@ public class OAuth2OpenController { @Parameter(name = "scope", example = "user_info"), @Parameter(name = "refresh_token", example = "123424233"), }) + @SuppressWarnings("EnhancedSwitchMigration") public CommonResult postAccessToken(HttpServletRequest request, @RequestParam("grant_type") String grantType, @RequestParam(value = "code", required = false) String code, // 授权码模式 @@ -119,15 +120,23 @@ public class OAuth2OpenController { grantType, scopes, redirectUri); // 2. 根据授权模式,获取访问令牌 - OAuth2AccessTokenDO accessTokenDO = switch (grantTypeEnum) { - // TODO @xingyu:这里改了,可能会影响 jdk8 版本哈; - case AUTHORIZATION_CODE -> - oauth2GrantService.grantAuthorizationCodeForAccessToken(client.getClientId(), code, redirectUri, state); - case PASSWORD -> oauth2GrantService.grantPassword(username, password, client.getClientId(), scopes); - case CLIENT_CREDENTIALS -> oauth2GrantService.grantClientCredentials(client.getClientId(), scopes); - case REFRESH_TOKEN -> oauth2GrantService.grantRefreshToken(refreshToken, client.getClientId()); - default -> throw new IllegalArgumentException("未知授权类型:" + grantType); - }; + OAuth2AccessTokenDO accessTokenDO; + switch (grantTypeEnum) { + case AUTHORIZATION_CODE: + accessTokenDO = oauth2GrantService.grantAuthorizationCodeForAccessToken(client.getClientId(), code, redirectUri, state); + break; + case PASSWORD: + accessTokenDO = oauth2GrantService.grantPassword(username, password, client.getClientId(), scopes); + break; + case CLIENT_CREDENTIALS: + accessTokenDO = oauth2GrantService.grantClientCredentials(client.getClientId(), scopes); + break; + case REFRESH_TOKEN: + accessTokenDO = oauth2GrantService.grantRefreshToken(refreshToken, client.getClientId()); + break; + default: + throw new IllegalArgumentException("未知授权类型:" + grantType); + } Assert.notNull(accessTokenDO, "访问令牌不能为空"); // 防御性检查 return success(OAuth2OpenConvert.INSTANCE.convert(accessTokenDO)); } diff --git a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImpl.java b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImpl.java index e95fecccc6..56c980ab7b 100644 --- a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImpl.java +++ b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImpl.java @@ -86,8 +86,8 @@ public class OAuth2GrantServiceImpl implements OAuth2GrantService { @Override public OAuth2AccessTokenDO grantClientCredentials(String clientId, List scopes) { - // TODO 芋艿:项目中使用 OAuth2 解决的是三方应用的授权,内部的 SSO 等问题,所以暂时不考虑 client_credentials 这个场景 - throw new UnsupportedOperationException("暂时不支持 client_credentials 授权模式"); + // 特殊:https://yuanbao.tencent.com/bot/app/share/chat/wFj642xSZHHx + return oauth2TokenService.createAccessToken(0L, UserTypeEnum.ADMIN.getValue(), clientId, scopes); } @Override diff --git a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java index fb0e756a20..5c628b8e1e 100644 --- a/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java +++ b/yudao-module-system/src/main/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImpl.java @@ -197,6 +197,9 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService { * @return 用户信息 */ private Map buildUserInfo(Long userId, Integer userType) { + if (userId == null || userId <= 0) { + return Collections.emptyMap(); + } if (userType.equals(UserTypeEnum.ADMIN.getValue())) { AdminUserDO user = adminUserService.getUser(userId); return MapUtil.builder(LoginUser.INFO_KEY_NICKNAME, user.getNickname()) @@ -205,7 +208,7 @@ public class OAuth2TokenServiceImpl implements OAuth2TokenService { // 注意:目前 Member 暂时不读取,可以按需实现 return Collections.emptyMap(); } - return null; + throw new IllegalArgumentException("未知用户类型:" + userType); } private static String generateAccessToken() { From ba4c539330bccfddcdbf46c40532afa893bf4311 Mon Sep 17 00:00:00 2001 From: YunaiV Date: Sun, 24 Aug 2025 10:19:28 +0800 Subject: [PATCH 3/4] =?UTF-8?q?feat=EF=BC=9A=E3=80=90bpm=20=E5=B7=A5?= =?UTF-8?q?=E4=BD=9C=E6=B5=81=E3=80=91=E5=AE=A1=E6=89=B9=E7=BB=93=E6=9D=9F?= =?UTF-8?q?=E5=90=8E=EF=BC=8C=E5=A2=9E=E5=8A=A0=20reason=20=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../module/bpm/api/event/BpmProcessInstanceStatusEvent.java | 5 +++++ .../module/bpm/convert/task/BpmProcessInstanceConvert.java | 5 +++-- .../bpm/service/task/BpmProcessInstanceServiceImpl.java | 2 +- .../system/service/oauth2/OAuth2TokenServiceImplTest.java | 1 + 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/api/event/BpmProcessInstanceStatusEvent.java b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/api/event/BpmProcessInstanceStatusEvent.java index 5522d01b38..1340e89f80 100644 --- a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/api/event/BpmProcessInstanceStatusEvent.java +++ b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/api/event/BpmProcessInstanceStatusEvent.java @@ -28,6 +28,11 @@ public class BpmProcessInstanceStatusEvent extends ApplicationEvent { */ @NotNull(message = "流程实例的状态不能为空") private Integer status; + /** + * 流程实例结束的原因 + */ + private String reason; + /** * 流程实例对应的业务标识 * 例如说,请假 diff --git a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/convert/task/BpmProcessInstanceConvert.java b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/convert/task/BpmProcessInstanceConvert.java index c82414b532..460115286b 100644 --- a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/convert/task/BpmProcessInstanceConvert.java +++ b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/convert/task/BpmProcessInstanceConvert.java @@ -119,8 +119,9 @@ public interface BpmProcessInstanceConvert { @Mapping(source = "from.id", target = "to.id", ignore = true) void copyTo(BpmProcessDefinitionInfoDO from, @MappingTarget BpmProcessDefinitionRespVO to); - default BpmProcessInstanceStatusEvent buildProcessInstanceStatusEvent(Object source, ProcessInstance instance, Integer status) { - return new BpmProcessInstanceStatusEvent(source).setId(instance.getId()).setStatus(status) + default BpmProcessInstanceStatusEvent buildProcessInstanceStatusEvent(Object source, ProcessInstance instance, + Integer status, String reason) { + return new BpmProcessInstanceStatusEvent(source).setId(instance.getId()).setStatus(status).setReason(reason) .setProcessDefinitionKey(instance.getProcessDefinitionKey()).setBusinessKey(instance.getBusinessKey()); } diff --git a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/service/task/BpmProcessInstanceServiceImpl.java b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/service/task/BpmProcessInstanceServiceImpl.java index b4a871e145..877d47e88d 100644 --- a/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/service/task/BpmProcessInstanceServiceImpl.java +++ b/yudao-module-bpm/src/main/java/cn/iocoder/yudao/module/bpm/service/task/BpmProcessInstanceServiceImpl.java @@ -960,7 +960,7 @@ public class BpmProcessInstanceServiceImpl implements BpmProcessInstanceService // 3. 发送流程实例的状态事件 processInstanceEventPublisher.sendProcessInstanceResultEvent( - BpmProcessInstanceConvert.INSTANCE.buildProcessInstanceStatusEvent(this, instance, status)); + BpmProcessInstanceConvert.INSTANCE.buildProcessInstanceStatusEvent(this, instance, status, reason)); // 4. 流程后置通知 if (Objects.equals(status, BpmProcessInstanceStatusEnum.APPROVE.getStatus())) { diff --git a/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImplTest.java b/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImplTest.java index 0aad4446a1..36b69c75dd 100644 --- a/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImplTest.java +++ b/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2TokenServiceImplTest.java @@ -236,6 +236,7 @@ public class OAuth2TokenServiceImplTest extends BaseDbAndRedisUnitTest { public void testCheckAccessToken_refreshToken() { // mock 数据(访问令牌) OAuth2RefreshTokenDO refreshTokenDO = randomPojo(OAuth2RefreshTokenDO.class) + .setUserId(0L) .setExpiresTime(LocalDateTime.now().plusDays(1)); oauth2RefreshTokenMapper.insert(refreshTokenDO); // 准备参数 From 51d9611c6262513f46ec9977497effcd96954adb Mon Sep 17 00:00:00 2001 From: YunaiV Date: Sun, 24 Aug 2025 10:36:26 +0800 Subject: [PATCH 4/4] =?UTF-8?q?chore=EF=BC=9Aredisson=20=E4=BB=8E=203.4.1?= =?UTF-8?q?=20to=203.50.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- yudao-dependencies/pom.xml | 2 +- .../system/service/oauth2/OAuth2GrantServiceImplTest.java | 8 -------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/yudao-dependencies/pom.xml b/yudao-dependencies/pom.xml index ede38b34cc..4549aac5a7 100644 --- a/yudao-dependencies/pom.xml +++ b/yudao-dependencies/pom.xml @@ -28,7 +28,7 @@ 1.5.4 4.3.1 3.0.6 - 3.41.0 + 3.50.0 8.1.3.140 8.6.0 5.1.0 diff --git a/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImplTest.java b/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImplTest.java index 52c722831f..944086671b 100644 --- a/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImplTest.java +++ b/yudao-module-system/src/test/java/cn/iocoder/yudao/module/system/service/oauth2/OAuth2GrantServiceImplTest.java @@ -16,7 +16,6 @@ import java.util.List; import static cn.hutool.core.util.RandomUtil.randomEle; import static cn.iocoder.yudao.framework.test.core.util.AssertUtils.assertPojoEquals; import static cn.iocoder.yudao.framework.test.core.util.RandomUtils.*; -import static java.util.Collections.emptyList; import static org.junit.jupiter.api.Assertions.*; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.when; @@ -135,13 +134,6 @@ public class OAuth2GrantServiceImplTest extends BaseMockitoUnitTest { refreshToken, clientId)); } - @Test - public void testGrantClientCredentials() { - assertThrows(UnsupportedOperationException.class, - () -> oauth2GrantService.grantClientCredentials(randomString(), emptyList()), - "暂时不支持 client_credentials 授权模式"); - } - @Test public void testRevokeToken_clientIdError() { // 准备参数