diff --git a/hippo4j-server/hippo4j-auth/pom.xml b/hippo4j-server/hippo4j-auth/pom.xml
index c4fa4446..e6db0228 100644
--- a/hippo4j-server/hippo4j-auth/pom.xml
+++ b/hippo4j-server/hippo4j-auth/pom.xml
@@ -27,6 +27,10 @@
com.baomidou
mybatis-plus-boot-starter
+
+ org.springframework.boot
+ spring-boot-starter-validation
+
mysql
mysql-connector-java
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
index f3f0d9ea..c2f2da86 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/config/GlobalSecurityConfig.java
@@ -17,11 +17,17 @@
package cn.hippo4j.auth.config;
+import java.util.stream.Stream;
+
+import javax.annotation.Resource;
+
import cn.hippo4j.auth.constant.Constants;
import cn.hippo4j.auth.filter.JWTAuthenticationFilter;
import cn.hippo4j.auth.filter.JWTAuthorizationFilter;
import cn.hippo4j.auth.security.JwtTokenManager;
+import cn.hippo4j.auth.service.ConsumerService;
import cn.hippo4j.auth.service.impl.UserDetailsServiceImpl;
+
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -40,9 +46,6 @@ import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import javax.annotation.Resource;
-import java.util.stream.Stream;
-
/**
* Global security config.
*/
@@ -60,6 +63,9 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private JwtTokenManager tokenManager;
+ @Resource
+ private ConsumerService consumerService;
+
@Bean
public UserDetailsService customUserService() {
return new UserDetailsServiceImpl();
@@ -99,7 +105,7 @@ public class GlobalSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/doc.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs").anonymous()
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
- .addFilter(new JWTAuthorizationFilter(tokenManager, authenticationManager()))
+ .addFilter(new JWTAuthorizationFilter(tokenManager, authenticationManager(), consumerService))
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
disableAuthenticationIfNeeded(http);
http.authorizeRequests().anyRequest().authenticated();
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java
index 78f3bee5..760eb819 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java
@@ -17,7 +17,16 @@
package cn.hippo4j.auth.filter;
+import java.io.IOException;
+import java.util.Collections;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
import cn.hippo4j.auth.security.JwtTokenManager;
+import cn.hippo4j.auth.service.ConsumerService;
import cn.hippo4j.auth.toolkit.JwtTokenUtil;
import cn.hippo4j.common.toolkit.JSONUtil;
import cn.hippo4j.common.toolkit.StringUtil;
@@ -25,6 +34,7 @@ import cn.hippo4j.common.toolkit.UserContext;
import cn.hippo4j.common.web.base.Results;
import cn.hippo4j.common.web.exception.ServiceException;
import lombok.extern.slf4j.Slf4j;
+
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
@@ -32,13 +42,6 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Collections;
-
import static cn.hippo4j.common.constant.Constants.ACCESS_TOKEN;
import static cn.hippo4j.common.web.exception.ErrorCodeEnum.LOGIN_TIMEOUT;
@@ -50,9 +53,15 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
private final JwtTokenManager tokenManager;
- public JWTAuthorizationFilter(JwtTokenManager tokenManager, AuthenticationManager authenticationManager) {
+ private final ConsumerService consumerService;
+
+ private final String ROLE_DEFAULT = "ROLE_ADMIN";
+
+ public JWTAuthorizationFilter(JwtTokenManager tokenManager, AuthenticationManager authenticationManager,
+ ConsumerService consumerService) {
super(authenticationManager);
this.tokenManager = tokenManager;
+ this.consumerService = consumerService;
}
@Override
@@ -108,6 +117,11 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
if (expiration) {
throw new ServiceException(LOGIN_TIMEOUT);
}
+ Integer consumerId = consumerService.getConsumerId(token);
+ if (consumerId != null) {
+ return new UsernamePasswordAuthenticationToken(consumerId, null,
+ Collections.singleton(new SimpleGrantedAuthority(ROLE_DEFAULT)));
+ }
String username = JwtTokenUtil.getUsername(token);
String userRole = JwtTokenUtil.getUserRole(token);
UserContext.setUserInfo(username, userRole);
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerMapper.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerMapper.java
new file mode 100644
index 00000000..b7c9a416
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerMapper.java
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.mapper;
+
+import cn.hippo4j.auth.model.ConsumerInfo;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:02
+ *@description:
+ */
+@Mapper
+public interface ConsumerMapper extends BaseMapper {
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerTokenMapper.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerTokenMapper.java
new file mode 100644
index 00000000..8f79d44f
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/mapper/ConsumerTokenMapper.java
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.mapper;
+
+import cn.hippo4j.auth.model.ConsumerTokenInfo;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:02
+ *@description:
+ */
+@Mapper
+public interface ConsumerTokenMapper extends BaseMapper {
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerInfo.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerInfo.java
new file mode 100644
index 00000000..04fee8cb
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerInfo.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.model;
+
+import java.time.LocalDateTime;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 12:58
+ *@description:
+ */
+@Data
+@TableName("consumer")
+public class ConsumerInfo {
+
+ /**
+ * 自增id
+ */
+ @TableId(type = IdType.AUTO)
+ private Integer id;
+
+ /**
+ * appid
+ */
+ private String appId;
+
+ /**
+ * 应用名
+ */
+ private String name;
+
+ /**
+ * 1: deleted, 0: normal
+ */
+ private String isDeleted;
+
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createTime;
+
+ /**
+ * 修改时间
+ */
+ private LocalDateTime updateTime;
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerTokenInfo.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerTokenInfo.java
new file mode 100644
index 00000000..6125bef6
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/ConsumerTokenInfo.java
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.model;
+
+import java.time.LocalDateTime;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.Data;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:00
+ *@description:
+ */
+@Data
+@TableName("consumer_token")
+public class ConsumerTokenInfo {
+
+ @TableId(type = IdType.AUTO)
+ /**
+ * 自增id
+ */
+ private Integer id;
+
+ /**
+ * 消费者id
+ */
+ private Integer consumerId;
+
+ /**
+ * token
+ */
+ private String token;
+
+ /**
+ * token失效时间
+ */
+ private LocalDateTime expires;
+
+ /**
+ * 1: deleted, 0: normal
+ */
+ private int isDeleted;
+
+ /**
+ * 创建时间
+ */
+ private LocalDateTime createTime;
+
+ /**
+ * 修改时间
+ */
+ private LocalDateTime updateTime;
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/biz/conmuser/ConsumerDTO.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/biz/conmuser/ConsumerDTO.java
new file mode 100644
index 00000000..f57c8cc5
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/model/biz/conmuser/ConsumerDTO.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.model.biz.conmuser;
+
+import javax.validation.constraints.NotNull;
+
+import lombok.Data;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:12
+ *@description:
+ */
+@Data
+public class ConsumerDTO {
+
+ /**
+ * appid
+ */
+ @NotNull
+ private String appId;
+
+ /**
+ * 应用名
+ */
+ @NotNull
+ private String name;
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java
index 2abd58d6..e8dff914 100644
--- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/security/JwtTokenManager.java
@@ -17,10 +17,14 @@
package cn.hippo4j.auth.security;
+import java.util.Date;
+import java.util.List;
+
import cn.hippo4j.common.toolkit.StringUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
+
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
@@ -28,9 +32,6 @@ import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Component;
-import java.util.Date;
-import java.util.List;
-
import static cn.hippo4j.auth.constant.Constants.TOKEN_VALIDITY_IN_SECONDS;
import static cn.hippo4j.auth.toolkit.JwtTokenUtil.SECRET;
import static cn.hippo4j.common.constant.Constants.AUTHORITIES_KEY;
@@ -51,6 +52,10 @@ public class JwtTokenManager {
long now = System.currentTimeMillis();
Date validity;
validity = new Date(now + TOKEN_VALIDITY_IN_SECONDS * 1000L);
+ return createToken(userName, validity);
+ }
+
+ public String createToken(String userName, Date validity) {
Claims claims = Jwts.claims().setSubject(userName);
String token = Jwts.builder()
.setClaims(claims)
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/ConsumerService.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/ConsumerService.java
new file mode 100644
index 00000000..3072fb34
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/ConsumerService.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.service;
+
+import cn.hippo4j.auth.model.ConsumerInfo;
+import cn.hippo4j.auth.model.ConsumerTokenInfo;
+import cn.hippo4j.auth.model.biz.conmuser.ConsumerDTO;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:10
+ *@description:
+ */
+public interface ConsumerService {
+
+ ConsumerInfo createConsumer(ConsumerDTO consumerDTO);
+
+ ConsumerTokenInfo generateAndSaveConsumerToken(ConsumerInfo consumer);
+
+ Integer getConsumerId(String tokenHeader);
+}
diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/ConsumerServiceImpl.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/ConsumerServiceImpl.java
new file mode 100644
index 00000000..057bd56a
--- /dev/null
+++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/service/impl/ConsumerServiceImpl.java
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.service.impl;
+
+import java.util.Calendar;
+import java.util.Date;
+import java.util.GregorianCalendar;
+
+import cn.hippo4j.auth.mapper.ConsumerMapper;
+import cn.hippo4j.auth.mapper.ConsumerTokenMapper;
+import cn.hippo4j.auth.model.ConsumerInfo;
+import cn.hippo4j.auth.model.ConsumerTokenInfo;
+import cn.hippo4j.auth.model.biz.conmuser.ConsumerDTO;
+import cn.hippo4j.auth.security.JwtTokenManager;
+import cn.hippo4j.auth.service.ConsumerService;
+import cn.hippo4j.common.toolkit.StringUtil;
+import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import lombok.RequiredArgsConstructor;
+
+import org.springframework.stereotype.Service;
+import org.springframework.util.ObjectUtils;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:10
+ *@description:
+ */
+@Service
+@RequiredArgsConstructor
+public class ConsumerServiceImpl implements ConsumerService {
+
+ private static final Date DEFAULT_EXPIRES = new GregorianCalendar(2099, Calendar.JANUARY, 1).getTime();
+
+ private final ConsumerMapper consumerMapper;
+
+ private final ConsumerTokenMapper consumerTokenMapper;
+
+ private final JwtTokenManager jwtTokenManager;
+
+ @Override
+ public ConsumerInfo createConsumer(ConsumerDTO consumerDTO) {
+ ConsumerInfo consumerDO = new ConsumerInfo();
+ consumerDO.setAppId(consumerDTO.getAppId());
+ consumerDO.setName(consumerDTO.getName());
+ consumerMapper.insert(consumerDO);
+ return consumerDO;
+
+ }
+
+ @Override
+ public ConsumerTokenInfo generateAndSaveConsumerToken(ConsumerInfo consumer) {
+ String token = jwtTokenManager.createToken(consumer.getName(), DEFAULT_EXPIRES);
+ ConsumerTokenInfo consumerTokenDO = new ConsumerTokenInfo();
+ consumerTokenDO.setConsumerId(consumer.getId());
+ consumerTokenDO.setToken(token);
+ consumerTokenMapper.insert(consumerTokenDO);
+ return consumerTokenDO;
+ }
+
+ @Override
+ public Integer getConsumerId(String tokenHeader) {
+ if (StringUtil.isEmpty(tokenHeader)) {
+ return null;
+ }
+ LambdaUpdateWrapper wrapper = Wrappers.lambdaUpdate();
+ wrapper.eq(ConsumerTokenInfo::getToken, tokenHeader);
+ ConsumerTokenInfo consumerTokenDO = consumerTokenMapper.selectOne(wrapper);
+
+ return ObjectUtils.isEmpty(consumerTokenDO) ? null : consumerTokenDO.getConsumerId();
+ }
+}
diff --git a/hippo4j-server/hippo4j-bootstrap/src/main/resources/application.properties b/hippo4j-server/hippo4j-bootstrap/src/main/resources/application.properties
index 354af4fd..43d5f75e 100644
--- a/hippo4j-server/hippo4j-bootstrap/src/main/resources/application.properties
+++ b/hippo4j-server/hippo4j-bootstrap/src/main/resources/application.properties
@@ -37,7 +37,7 @@ hippo4j.database.init_script=sql-script/mysql/hippo4j_manager.sql
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/hippo4j_manager?characterEncoding=utf-8&zeroDateTimeBehavior=convertToNull&transformedBitIsBoolean=true&serverTimezone=GMT%2B8
spring.datasource.username=root
-spring.datasource.password=root
+spring.datasource.password=123456
### Hikari Datasource
spring.datasource.hikari.pool-name=Hikari
diff --git a/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/h2/hippo4j_manager.sql b/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/h2/hippo4j_manager.sql
index cc95e707..dc259b6a 100755
--- a/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/h2/hippo4j_manager.sql
+++ b/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/h2/hippo4j_manager.sql
@@ -162,6 +162,32 @@ CREATE TABLE IF NOT EXISTS `his_config_verify` (
PRIMARY KEY (`id`)
);
+CREATE TABLE IF NOT EXISTS `consumer` (
+ `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT '自增Id',
+ `app_id` varchar(500) NOT NULL DEFAULT 'default' COMMENT 'AppID',
+ `name` varchar(500) NOT NULL DEFAULT 'default' COMMENT '应用名',
+ `is_deleted` bit(1) NOT NULL DEFAULT b'0' COMMENT '1: deleted, 0: normal',
+ `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
+ `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `UK_AppId_DeletedAt` (`app_id`))
+ ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='开放API消费者';
+
+CREATE TABLE IF NOT EXISTS `consumer_token` (
+ `Id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT '自增Id',
+ `consumer_id` int(11) unsigned DEFAULT NULL COMMENT '消费者id',
+ `token` varchar(256) NOT NULL DEFAULT '' COMMENT 'token',
+ `expires` datetime NOT NULL DEFAULT '2099-01-01 00:00:00' COMMENT 'token失效时间',
+ `is_deleted` bit(1) NOT NULL DEFAULT b'0' COMMENT '1: deleted, 0: normal',
+ `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
+ `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',
+ PRIMARY KEY (`Id`),
+ UNIQUE KEY `UK_Token_DeletedAt` (`Token`)
+ ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='consumer token表';
+
+
+
+
INSERT IGNORE INTO `tenant` (`id`, `tenant_id`, `tenant_name`, `tenant_desc`, `owner`, `gmt_create`, `gmt_modified`, `del_flag`) VALUES ('1', 'prescription', '处方组', '负责维护处方服务, 包括不限于电子处方等业务', '谢良辰', '2021-10-24 13:42:11', '2021-10-24 13:42:11', '0');
INSERT IGNORE INTO `item` (`id`, `tenant_id`, `item_id`, `item_name`, `item_desc`, `owner`, `gmt_create`, `gmt_modified`, `del_flag`) VALUES ('1', 'prescription', 'dynamic-threadpool-example', '动态线程池示例项目', '动态线程池示例项目,对应 Hippo 项目的 example 模块', '马称', '2021-10-24 16:11:00', '2021-10-24 16:11:00', '0');
diff --git a/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/mysql/hippo4j_manager.sql b/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/mysql/hippo4j_manager.sql
index ce57eb44..6423cdb0 100644
--- a/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/mysql/hippo4j_manager.sql
+++ b/hippo4j-server/hippo4j-bootstrap/src/main/resources/sql-script/mysql/hippo4j_manager.sql
@@ -219,6 +219,30 @@ CREATE TABLE IF NOT EXISTS `his_config_verify` (
PRIMARY KEY (`id`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='参数变更审核记录表';
+CREATE TABLE IF NOT EXISTS `consumer` (
+ `id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT '自增Id',
+ `app_id` varchar(500) NOT NULL DEFAULT 'default' COMMENT 'AppID',
+ `name` varchar(500) NOT NULL DEFAULT 'default' COMMENT '应用名',
+ `is_deleted` bit(1) NOT NULL DEFAULT b'0' COMMENT '1: deleted, 0: normal',
+ `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
+ `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',
+ PRIMARY KEY (`id`),
+ UNIQUE KEY `UK_AppId_DeletedAt` (`app_id`))
+ ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='开放API消费者';
+
+CREATE TABLE IF NOT EXISTS `consumer_token` (
+ `Id` int(11) unsigned NOT NULL AUTO_INCREMENT COMMENT '自增Id',
+ `consumer_id` int(11) unsigned DEFAULT NULL COMMENT '消费者id',
+ `token` varchar(256) NOT NULL DEFAULT '' COMMENT 'token',
+ `expires` datetime NOT NULL DEFAULT '2099-01-01 00:00:00' COMMENT 'token失效时间',
+ `is_deleted` bit(1) NOT NULL DEFAULT b'0' COMMENT '1: deleted, 0: normal',
+ `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
+ `update_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',
+ PRIMARY KEY (`Id`),
+ UNIQUE KEY `UK_Token_DeletedAt` (`Token`)
+ ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='consumer token表';
+
+
/* Init SQL */
INSERT IGNORE INTO `tenant` (`id`, `tenant_id`, `tenant_name`, `tenant_desc`, `owner`, `gmt_create`, `gmt_modified`, `del_flag`) VALUES ('1', 'prescription', '处方组', '负责维护处方服务, 包括不限于电子处方等业务', '谢良辰', '2021-10-24 13:42:11', '2021-10-24 13:42:11', '0');
diff --git a/hippo4j-server/hippo4j-console/src/main/java/cn/hippo4j/console/controller/ConsumerController.java b/hippo4j-server/hippo4j-console/src/main/java/cn/hippo4j/console/controller/ConsumerController.java
new file mode 100644
index 00000000..a113ddec
--- /dev/null
+++ b/hippo4j-server/hippo4j-console/src/main/java/cn/hippo4j/console/controller/ConsumerController.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.console.controller;
+
+import javax.validation.Valid;
+
+import cn.hippo4j.auth.model.ConsumerInfo;
+import cn.hippo4j.auth.model.ConsumerTokenInfo;
+import cn.hippo4j.auth.model.biz.conmuser.ConsumerDTO;
+import cn.hippo4j.auth.service.ConsumerService;
+import cn.hippo4j.common.constant.Constants;
+import cn.hippo4j.common.web.base.Result;
+import cn.hippo4j.common.web.base.Results;
+import lombok.RequiredArgsConstructor;
+
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ *@author : wh
+ *@date : 2022/10/29 13:04
+ *@description:
+ */
+@RestController
+@RequiredArgsConstructor
+@RequestMapping(Constants.BASE_PATH + "/consumer")
+public class ConsumerController {
+
+ private final ConsumerService consumerService;
+
+ /**
+ * create consumer and token
+ * @param consumerDTO
+ * @return
+ */
+ @PostMapping()
+ @Transactional(rollbackFor = Exception.class)
+ public Result createConsumer(@Valid @RequestBody ConsumerDTO consumerDTO) {
+ ConsumerInfo consumer = consumerService.createConsumer(consumerDTO);
+ ConsumerTokenInfo consumerTokenDO = consumerService.generateAndSaveConsumerToken(consumer);
+ return Results.success(consumerTokenDO);
+
+ }
+}