A MatrixAuthDemo project is provided in GitHub project to show how to connect business application into MatrixAuth, which is under the demo folder of the project.github home page of MatrixAuth
We take the business application in the form of SpingBoot as an example.
1 Import Jar
Business applications need to be accessed through MatrixAuthClient package. Take a project using Maven as an example, where POM introduces the latest MatrixAuthClient package through the following code.
<dependency>
<groupId>com.github.yeecode.matrixauth</groupId>
<artifactId>MatrixAuthClient</artifactId>
<version>${last.version}</version>
</dependency>
2 Config
In the application.properties file of the business application, configure the following information:
yeecode.matrixauth.applicationName:Required, application name of the current business application, for example “app01“。yeecode.matrixauth.serverUrl:Required, address and port of MatrixAuth, for example”http://127.0.0.1:12301“。yeecode.matrixauth.applicationToken:appToken of the business application. For details, see “APIs > APIs for System Admin >/application/add”.yeecode.matrixauth.datasource.driver:Required, data source driver of MatrixAuthClient, for example”com.mysql.jdbc.Driver“。yeecode.matrixauth.datasource.url:Required,Address and configuration information of RBAC data source of current business application (matrixauth default data source, if independent RBAC data source is not used), for example”jdbc:mysql://localhost:3306/ds01?useUnicode=true&characterEncoding=UTF-8&serverTimezone=GMT%2B8“yeecode.matrixauth.datasource.userName:Required, user name of RBAC data source of current business application (matrixauth default data source if independent RBAC data source is not used).yeecode.matrixauth.datasource.password:Required, password of RBAC data source of current business application (matrixauth default data source if independent RBAC data source is not used).yeecode.matrixauth.cacheclient.url:Optional. If the business application has no cache, it will not be filled. The cache address and port of the current business application, for example”127.0.0.1:6379“。yeecode.matrixauth.cacheclient.password:Optional. If the business application has no cache, it will not be filled. The cached password of the current business application. If the password is not set, this item is left blank.
3 Import beans of MatrixAuthClient
Scan beans in MatrixAuthClient by following configuration:
@ComponentScan(basePackages = {"{package path of business application}", "com.github.yeecode.matrixauth.client"})
4 Configure AOP
Create a facet setting class, and use the following code to introduce MatrixAuthClient’s authorization operation into each interface of the business application.
@Aspect
@Component
public class AuthAop {
@Autowired
private MatrixAuthAop matrixAuthAop;
@Pointcut("execution(public * com.github.yeecode.matrixauth.demo.controller.*.*(..))")
public void inController() {
}
@Around("inController()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
return matrixAuthAop.judgeAuth(joinPoint);
}
}
5 Implement two business methods
Create a configuration class to implement the MatrixAuthSetup interface. As follows:
@Component
public class MatrixAuthConfiguration implements MatrixAuthSetup {
@Override
public String getCurrentUserKey() {
return "user01";
}
@Override
public Boolean handleLocalPerm(Method method, Object[] args, String[] permissionsInAnnotation, Set<String> permissionsUserOwned) {
return true;
}
}
There are two methods in MatrixAuthSetup:
getCurrentUserKey: returns theuserKeyof the current business user. The MatrixAuthClient needs to obtain the unique ID of the current user according to the return value of this method, and obtain and judge the permissions accordingly. In general, this value can be obtained from the user’s HTTP request.handleLocalPerm: this method is used to process the information in the@localPermannotation. Any problems brought into MatrixAuthClient by business applications can be solved by referring to matrixauthdemo project, which is under thedemofolder.
So far, the service application access operation is completed.