最新文档:https://elsfs.gitee.io/
elsfs 框架:https://gitee.com/elsfs/elsfs-cloud
环境准备
①后端开发环境
- 必要环境1. Java17+2. Maven 3.8+3. MySQL 8.0+4. Redis 5.0+5. nacos 2.2.x
- 常用工具1. idea 2022+2. navicat3. switchHosts4. Git
②配置本地hosts
注意:必须配置 hosts ,禁止修改代码中配置成IP | 梯子、VPN 等软件会导致 hosts 配置失效,请关闭!!
127.0.0.1 nacos
127.0.0.1 mysql
127.0.0.1 redis
127.0.0.1 kibana
③项目下载
平台地址giteegit clone https://gitee.com/elsfs/elsfs-cloud.gitgithubgit clone https://github.com/elsfs/elsfs-cloud.git 待开放
④初始化数据库
版本: mysql8.0+ 默认字符集: utf8mb4 默认排序规则: utf8mb4_general_ci
-- 核心数据库
source db/elsfs-mysql.sql;
-- nacos配置
source db/naocs-mysql.sql;
⑤配置文件修改
特别说明: host配置不要改成IP , why?
- 好处是在分布式系统中,会存在大量的IP 配置,不同模块链接数据库 、redis、mq 等,使用hosts 可以统一管理,做环境切换
- 非常适合容器化部署,在现有的docker-compose 、k8s 等中 service的概念和 hosts 设计非常吻合,不知道其他service 的ip 但你可以通过的 ping service_name 即可通信。 通过hosts 我们就可以实现一键启动 不需要关注你的mysql redis 的ip 配置是什么
# elsfs/elsfs-optionl/elsfs-optionl-nacos/src/main/resources/application.yml db:num:1user: ${MYSQL-USER:root}#修改:用户名password: ${MYSQL-PWD:root}#修改:密码, 特殊字符使用 '包裹'url:0: jdbc:mysql://${MYSQL_HOST:mysql}:${MYSQL_PORT:3306}/${MYSQL_DB:nacos}?characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=GMT%2B8&nullCatalogMeansCurrent=true&allowPublicKeyRetrieval=true
⑥启动nacos
找到对应模块的类,直接右键Main 启动即可
elsfs-optional/elsfs-optional-nacos/src/main/java/com/alibaba/nacos/NacosApplication.java
⑦redis、mysql 配置
:::tip
访问: http://nacos:8848/nacos (默认账号密码 nacos/nacos)
:::
修改对应的命名空间elsfs-cloud下的配置文件redis,mysql配置
application-dev.yml
elsfs:security:# 配置公钥和私钥 key-pairs:-id: key
created:2023-11-19T10:00:00.000Zpublic-key: publicKey.pem
private-key: privateKey.pem
issuer: http://localhost:7001spring:web:locale-resolver: accept_header
locale: zh_CN
data:redis:database:0host: redis
port:6379
elsfs-cloud-starter-dev.yml
spring:datasource:driver-class-name: com.mysql.cj.jdbc.Driver
username: ${MYSQL_USER:root}password: ${MYSQL_PASSWORD:root}url: jdbc:mysql://${MYSQL_HOST:mysql}:${MYSQL_PORT:3306}/${MYSQL_DB:elsfs-admin}?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghaisecurity:oauth2:client:registration:github:provider: github
# App ID: 670371client-id: xxx
client-secret: xxx
scope: user:email, read:user
gitee:# 指定oauth登录提供者,该oauth登录由provider中的gitee来处理provider: gitee
# 客户端名字client-name: Sign in with Gitee
# 客户端id,使用自己的gitee的客户端idclient-id: xxx
# 客户端秘钥,使用自己的gitee的客户端秘钥client-secret: xxx
# 认证方式authorization-grant-type: authorization_code
# 回调地址redirect-uri: http://127.0.0.1:7001/login/oauth2/code/gitee
# 申请scope列表scope:- user_info
- emails
qq:provider: qq
# appid:应用的唯一标识。在OAuth2.0认证过程中,appid的值即为oauth_consumer_key的值。# appid(oauth_consumer_key/client_id)client-id: your-app-app-id
# appkey:appid对应的密钥,访问用户资源时用来验证应用的合法性。在OAuth2.0认证过程中,appkey的值即为oauth_consumer_secret的值。# appkey(auth_consumer_secret/client_secret);client-secret: your-app-secret
authorization-grant-type: authorization_code
# 回调地址redirect-uri: http://127.0.0.1:7001/login/oauth2/code/qq
scope:- user_info
- emails
client-name: Sign in with QQ
google:client-id: your-app-client-id
client-secret: your-app-client-secret
facebook:client-id: your-app-client-id
client-secret: your-app-client-secret
okta:client-id: your-app-client-id
client-secret: your-app-client-secret
login-client:provider: spring
client-id: messaging-client
client-secret:"$2a$10$hVq5XfeMHERLoFo6RBUFieyrZF8ElwvRRgrig/wb/IkXUzz3zCZhG"client-authentication-method: client_secret_basic
authorization-grant-type: authorization_code
redirect-uri: http://admin.elsfs.test:7001/login/oauth2/code/login-client
scope:# - openid- message.read
- message.write
client-name: spring
provider:github:user-name-attribute: login
qq:user-name-attribute: openid
# https://wiki.connect.qq.com/%e4%bd%bf%e7%94%a8authorization_code%e8%8e%b7%e5%8f%96access_token# 发起授权申请的地址authorization-uri: https://graph.qq.com/oauth2.0/authorize
# 获取token的地址token-uri: https://graph.qq.com/oauth2.0/token?fmt=json&need_openid=1# 获取用户信息的地址 使用Access Token来获取用户的OpenIDuser-info-uri: https://graph.qq.com/oauth2.0/me?fmt=json
gitee:# 设置用户信息响应体中账号的字段user-name-attribute: id
# 获取token的地址token-uri: https://gitee.com/oauth/token
# 获取用户信息的地址user-info-uri: https://gitee.com/api/v5/user
# 发起授权申请的地址authorization-uri: https://gitee.com/oauth/authorize
spring:user-name-attribute: sub
token-uri: http://localhost:7002/oauth2/token
user-info-uri: http://localhost:7002/userinfo
authorization-uri: http://localhost:7002/oauth2/authorize
jwk-set-uri: http://localhost:7002/oauth2/jwks
okta:authorization-uri: https://your-subdomain.oktapreview.com/oauth2/v1/authorize
token-uri: https://your-subdomain.oktapreview.com/oauth2/v1/token
user-info-uri: https://your-subdomain.oktapreview.com/oauth2/v1/userinfo
jwk-set-uri: https://your-subdomain.oktapreview.com/oauth2/v1/keys
⑧启动顺序
elsfs-optional/elsfs-optional-nacos/src/main/java/com/alibaba/nacos/NacosApplication.java
starter/elsfs-cloud-oauth2-starter/src/main/java/org/elsfs/cloud/Oauth2ApplicationStarter.java
starter/elsfs-cloud-starter/src/main/java/org/elsfs/cloud/AdminApplicationStarter.java
标签:
安全
本文转载自: https://blog.csdn.net/qq_37993490/article/details/136764869
版权归原作者 程序舞姬 所有, 如有侵权,请联系我们删除。
版权归原作者 程序舞姬 所有, 如有侵权,请联系我们删除。