1 Star 0 Fork 804

傲笑红尘 / dante-cloud

forked from dromara / dante-cloud 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
贡献代码
同步代码
取消
提示: 由于 Git 不支持空文件夾,创建文件夹后会生成空的 .keep 文件
Loading...
README
Apache-2.0

logo

简洁优雅 · 稳定高效 | 宁静致远 · 精益求精

基于 Spring Authorization Server 全新适配 OAuth 2.1 协议的企业级微服务架构


Spring Authorization Server 0.3.1 Spring Boot 2.7.2 Spring Cloud 2021.0.3 Spring Cloud Alibaba 2021.0.1.0 Nacos 2.1.1

Version 2.7.2.6 Java 8,11,17 License Apache 2.0 码匠君 Github star Github fork Gitee star Gitee fork

Github 仓库   |   Gitee 仓库   |   文档

如果您觉得有帮助,请点右上角 "Star" 支持一下,谢谢!


重要说明

本项目已经正式加入 Dromara 开源社区 【Dromara 开源社区官网地址】,同时项目名称也变更为 Dante Cloud (但丁)。因此项目地址产生了变更,需要对已检出代码的 Git 进行修改,以免影响代码的更新。如条件允许,建议使用新地址全新下载代码。给大家带来不便,敬请谅解!

谢谢大家对 Eurynome Cloud 支持与厚爱,希望大家继续给与 Dante Cloud 关注与支持。

项目涉及的代码包以及相关文档和说明,会在后续逐步进行变更和修改。

企业级技术中台微服务架构与服务能力开发平台

Dante Cloud (但丁,原 Eurynome Cloud) 是一款企业级微服务架构和服务能力开发平台。基于 Spring Boot 2.7.2、Spring Cloud 2021.0.3、Spring Cloud Alibaba 2021.0.1.0、Spring Authorization Server 0.3.1、Nacos 2.1.1 等最新版本开发,遵循 SpringBoot 编程思想,高度模块化和可配置化。具备服务发现、配置、熔断、限流、降级、监控、多级缓存、分布式事务、工作流等功能,代码简洁,架构清晰,非常适合学习和企业作为基础框架使用。

平台定位

  • 构建成熟的、完善的、全面的,基于 OAuth2 的、前后端分离的微服务架构解决方案。
  • 面向企业级应用和互联网应用设计开发,既兼顾传统项目的微服务化,又满足互联网应用开发建设、快速迭代的使用需求。
  • 平台架构使用微服务领域及周边相关的各类新兴技术或主流技术进行建设,是帮助快速跨越架构技术选型、研究探索阶段的利器。
  • 代码简洁规范、结构合理清晰,是新技术开发应用的典型的、综合性案例,助力开发人员对新兴技术的学习和掌握。

新版前端特点:

  1. 未使用任何流行开源模版,使用全新技术栈,完全纯"手写"全新前端工程。
  2. 借鉴参考流行开源版本的使用和设计,新版前端界面风格和操作习惯尽量与当前流行方式统一。
  3. 充份使用 Typescript 语言特性,解决大量类型校验问题,尽可能规避 "any" 式的 Typescript 编程语言使用方式。
  4. 充份使用 Composition Api 和 Hooks 等 Vue3 框架新版特性进行代码编写。
  5. 充份利用 Component、Hooks 以及 Typescript 面向对象等特性,抽取通用组件和代码,尽可能降低工程重复代码。
  6. 对较多 Quasar 基础组件和应用功能组件进行封装,以方便代码的统一修改维护和开发使用。
  7. 对生产模式下,对基于 Vite3 的工程打包进行深度性能优化。
  8. 提供以 docker-compose 方式,对工程生产代码进行容器化打包和部署。

新版后端特点

  • 基于 Spring Authorization Server 深度定制:

    • 基于 Spring Data JPA,重新构建 Spring Authorization Server 基础数据存储代码,替代原有 JDBC 数据访问方式,破除 Spring Authorization Server 原有数据存储局限,扩展为更符合实际应用的方式和设计。
    • 基于 Spring Authorization Server,在 OAuth 2.1 规范基础之上,增加自定义“密码”认证模式,以兼容现有基于 OAuth 2 规范的、前后端分离的应用。
    • 基于 Spring Authorization Server,在 OAuth 2.1 规范基础之上,增加自定义 Social Credentials 认证模式,支持手机短信验证码、微信小程序、第三方应用登录。
    • 遵照 Spring Security 5 以及 Spring Authorization Server 的代码规范,进行 OAuth2 认证服务器核心代码的开发,遵照其使用 Jackson 反序列化的方式, 增加大量自定义 Jackson Module。
    • 支持 Spring Authorization Server 的标准的 Token 加密校验方式外,还了增加支持自定义证书的 Token 加密方式,可通过配置动态修改
    • 支持 OAuth2 OIDC 认证模式,补充前端 OIDC 认证相关配置操作,以及对应的 /userinfo 接口调用支持 和 客户端注册支持
    • 支持 OAuth2 Authorization Code PKCE 认证模式
    • 扩展 Spring Authorization Server 默认的 Client Credentials 模式,实现 Refresh Token 的创建。
    • 扩展 Spring Authorization Server 默认的 Client Credentials 模式,实现真正的使用 Scope 权限对接口进行验证。 增加客户端 Scope 的权限配置功能,并与已有的用户权限体系解耦
    • 自定义 Spring Authorization Server 授权码模式登录认证页面和授权确认页面,授权码模式登录采用数据加密传输。支持多种验证码类型,暂不支持行为验证码。
  • 代码结构的大规模调整和优化:

    • 对原有代码进行了深度的“庖丁解牛”,严格遵照“单一职责”原则,根据各个组件的职责以及用途,将整个工程拆解细化为多个各自独立组件模块,在最大程度上降低代码间的耦合,也更容易聚焦和定位问题。
    • 将通用化组件提取为独立工程,独立编译、按需选用,极大的降低系统主工程代码量。相关组件也已上传至 Maven 中央仓库,降低系统主工程工程代码编译耗时,改进和提升 CICD 效率,
    • 原有主工程代码结构也进行了深化调整,代码分包更加合理,代码逻辑也更加清晰。

额外说明

  1. 本项目以后将主要维护 Spring Authorization Server 版本,原有基于 Spring Security OAuth2 的版本已经移至 spring-security-oauth2 分支,可以从该分支或发行版页面获取历史版本继续使用。后期会根据 ISSUE 以及使用用户反馈情况,再行决定是否继续维护 Spring Security OAuth2 版本。
  2. 基于 Vue3、Vite3、Vuetify3、Pinia 等新版前端已发布,原有基于 Vue2、Vuetify2、Typescript 开发的前端代码已移至 vue2+vuetify2+typescript 分支
  3. 自 2.7.2.3 版本起,Dante Cloud 所有核心代码全部开源。
  • 新开放内容包括:

    • 接口权限鉴权:全面整合 @PreAuthorize 注解权限与 URL 权限,通过后端动态配置,无须在代码中配置 Spring Security 权限注解以及权限方法,即可实现接口鉴权以及权限的动态修改。采用分布式鉴权方案,规避 Gateway 统一鉴权的压力以及重复鉴权问题
    • 动态权限数据分发:采用分布式服务独立鉴权方案,Spring Security @PreAuthorize 的权限注解、权限方法以及 URL 权限,通过后端动态配置后,实时动态分发至对应服务。
    • User 数据策略访问:OAuth2 UserDetails 核心数据支持直连数据库获取和 Feign 远程调用两种模式。OAuth2 直连数据库模式性能更优,Feign 访问远程调用可扩展性更强。可通过配置动态修改采用策略方式。
    • 手机短信验证码注册认证:采用自定义 OAuth2 授权模式,使用统一 Token 接口,实现手机验证码登录认证,与平台为统一体系,统一返回OAuth2 Token,支持服务接口鉴权
    • 第三方系统社交注册认证:集成 JustAuth,采用自定义 OAuth2 授权模式,使用统一 Token 接口,实现基于 JustAuth 实现第三方系统社交登录认证,与平台为统一体系,统一返回 OAuth2 Token,支持服务接口鉴权。所有 JustAuth 支持的第三方系统均支持。
    • 微信小程序注册认证:采用自定义 OAuth2 授权模式,使用统一 Token 接口,实现支持微信小程序登录认证,与平台为统一体系,统一返回 OAuth2 Token,支持服务接口鉴权。
    • 其它方式注册认证:采用策略模式对外部系登录认证和用户注册进行接入支持,采用 OAuth2 默认认证接口。目前未集成的外部系统,可参考标准,适当增减参数,即可支持接入。
    • 多通道 SMS 集成:集成阿里,百度,中国移动,华为,京东,极光,网易,七牛,腾讯,又拍,云片等平台短信发送通道。可通过配置动态选择具体使用通道。支持多模版定义以及模版参数顺序控制
    • 微信小程序订阅消息:支持微信小程序订阅消息发送。提供订阅消息模版工厂,可根据自身业务需求,编写少量代码既可以拓展支持新订阅消息模版。

重要信息

不一定非要捐赠或者参与编写代码,才是参与开源项目的正确方式。点个 Star、提个格式规范的 ISSUE,也是在积极参与开源项目,更是对作者莫大的支持和鼓励。

开发新手在群内提问或新开 Issue 提问前,请先阅读 【提问的智慧】,并确保认真、详细地查阅过本项目 【在线文档】,特别是【常见问题】章节。避免浪费大家的宝贵时间;

[1]、总体架构

输入图片说明

部分功能演示,正在逐步添加

(1) 方法级动态权限

输入图片说明

(2) 服务调用链监控

输入图片说明

(3) 灵活定制验证码

  • 滑块拼图验证码

滑块拼图验证码

  • 文字点选验证码

文字点选验证码

[2]、功能介绍

详情见在线文档

[3]、技术栈和版本说明

(1)Spring 全家桶及核心技术版本

组件 版本
Spring Boot 2.7.2
Spring Cloud 2021.0.3
Spring Cloud Alibaba 2021.0.1.0
Spring Authorization Server 0.3.1
Spring Boot Admin 2.7.4
Nacos 2.1.1
Sentinel 1.8.3
Seata 1.3.0

Spring 全家桶版本对应关系,详见:版本说明

(2)所涉及的相关的技术:

  • 持久层框架: Spring Data Jpa & Mybatis Plus
  • API 网关:Spring Cloud Gateway
  • 服务注册&发现和配置中心: Alibaba Nacos
  • 服务消费:Spring Cloud OpenFeign & RestTemplate & OkHttps
  • 负载均衡:Spring Cloud Loadbalancer
  • 服务熔断&降级&限流:Alibaba Sentinel
  • 服务监控:Spring Boot Admin
  • 消息队列:使用 Spring Cloud 消息总线 Spring Cloud Bus 默认 Kafka 适配 RabbitMQ
  • 链路跟踪:Skywalking
  • 分布式事务:Seata
  • 数据缓存:JetCache + Redis + Caffeine, 自定义多级缓存
  • 数据库: Postgresql,MySQL,Oracle ...
  • JSON 序列化:Jackson & FastJson
  • 文件服务:阿里云 OSS/Minio
  • 数据调试:p6spy
  • 日志中心:ELK
  • 日志收集:Logstash Logback Encoder

(3) 前端工程技术栈

  • Vue3
  • Vite3
  • Pinia
  • Typescript
  • Quasar2
  • Vue-Router 4
  • Vueliate

[4]、 版本号说明

本系统版本号,分为四段。

  • 第一段和第二段,与 Spring Boot 版本对应,根据采用的 Spring Boot 版本变更。例如,当前采用 Spring Boot 2.4.6 版本,那么就以 2.4.X.X 开头
  • 第三段,表示系统功能的变化
  • 第四段,表示系统功能维护及优化情况

[5]、工程结构

dante-cloud
├── configurations -- 配置文件脚本和统一Docker build上下文目录
├── dependencies -- 工程Maven顶级依赖,统一控制版本和依赖
├── module -- 依赖组件半成品拼装工程
├    ├── dante-module-common -- Module 相关模块公共辅助代码组件
├    ├── dante-module-security -- Security 相关配置代码模块组件
├    ├── dante-module-upms-logic -- UPMS 基础管理及共享代码模块组件
├    └── dante-module-upms-rest -- UPMS 基础管理接口模块组件
├── packages -- 基础核心Starter
├    ├── authorization-spring-boot-starter -- OAuth2 认证基础Starter,主要用于 UAA 认证服务器以及单体版 Dante Cloud
├    └── service-spring-boot-starter -- 平台接入应用服务通用 Starter
├── platform -- 平台核心服务
├    ├── dante-cloud-gateway -- 服务网关
├    ├── dante-cloud-monitor -- Spring Boot Admin 监控服务
├    ├── dante-cloud-upms -- 统一权限管理系统服务
├    └── dante-cloud-uaa -- 账户管理和统一认证模块
├── services -- 平台业务服务
├    ├── dante-cloud-bpmn-ability -- 工作流服务
├    ├── dante-cloud-bpmn-logic -- 工作流基础代码包
├    ├── dante-cloud-cmdb-ability -- 简约CMDB管理服务
└──  └── dante-cloud-cmdb-logic -- 简约CMDB基础代码包

[6]、项目地址

[7]、用户权益

  • 允许免费用于学习、毕设、公司项目、私活等。
  • 遵循 Apache-2.0 开源协议

[8]、交流反馈

[9]、界面预览

前端界面1 前端界面2 前端界面1
前端界面2 前端界面3 OAuth2 效果示例
前端界面3 OAuth2 效果示例 Nacos示例界面
日志中心示例界面 Sentinel 效果示例 Spring Boot Admin 效果示例1
Spring Boot Admin 效果示例2 Skywalking 效果示例1 Skywalking 效果示例2

[10]、鸣谢

https://jb.gg/OpenSourceSupport

Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright (c) 2019-2021 Gengwei Zheng(herodotus@aliyun.com) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

简介

企业级技术中台微服务架构与服务能力开发平台。基于Spring Authorization Server 0.3.1、Spring Boot 2.7.2、Spring Cloud 2021.0.3、Spring Cloud Alibaba 2021.0.1.0、Nacos 2.1.1开发,高度模块化和可配置化,非常适合学习和企业作为基础框架使用。🔝 🔝点个Star关注更新! 展开 收起
Java
Apache-2.0
取消

发行版

暂无发行版

贡献者

全部

近期动态

加载更多
不能加载更多了
Java
1
https://gitee.com/casson/dante-cloud.git
git@gitee.com:casson/dante-cloud.git
casson
dante-cloud
dante-cloud
master

搜索帮助

14c37bed 8189591 565d56ea 8189591