diff --git a/README.md b/README.md
new file mode 100644
index 0000000..f43d1dd
--- /dev/null
+++ b/README.md
@@ -0,0 +1,8 @@
+# TeamModel extension
+> SpringBoot base version of TeamModel extension
+>
+> **注意**: 所有复盘输出均已脱敏,不包含任何业务,密码等关键信息
+
+## 迁移目录:
+- Azure OIDC(SSO) 迁移
+- id-token(jwt) 验证迁移 (出现语言框架之间的签名算法规范问题,解决见: [输出复盘](https://juejin.cn/post/7300036605099163702))
\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index 917d01c..da41da6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,6 +57,13 @@
spring-boot-starter-test
test
+
+
+
+ com.aliyun
+ alibaba-dingtalk-service-sdk
+ 2.0.0
+
diff --git a/src/main/java/cn/teammodel/security/utils/JwtTokenUtil.java b/src/main/java/cn/teammodel/security/utils/JwtTokenUtil.java
index 32c0e95..0e92e17 100644
--- a/src/main/java/cn/teammodel/security/utils/JwtTokenUtil.java
+++ b/src/main/java/cn/teammodel/security/utils/JwtTokenUtil.java
@@ -25,12 +25,10 @@ import java.util.stream.Collectors;
@Component
@Slf4j
public class JwtTokenUtil {
- private static final String CLAIM_KEY_USERNAME = "sub";
- private static final String CLAIM_KEY_CREATED = "created";
+ private static final long NEVER_EXPIRE = 315360000; // 没有永不过期的api: 让时钟偏移十年
@Value("${jwt.secret}")
private String secret;
- private Integer expiration = 30;
/**
* 生成token
@@ -40,27 +38,19 @@ public class JwtTokenUtil {
@Deprecated
public String generateToken(UserDetails userDetails){
Map claims = new HashMap<>();
- claims.put(CLAIM_KEY_USERNAME,userDetails.getUsername());
- claims.put(CLAIM_KEY_CREATED,new Date());
+ // 添加 payload
+ //claims.put(CLAIM_KEY_USERNAME,userDetails.getUsername());
+ //claims.put(CLAIM_KEY_CREATED,new Date());
return generateToken(claims);
}
@Deprecated
private String generateToken(Map claims){
return Jwts.builder()
.setClaims(claims)
- .setExpiration(getExpirationDate())
.signWith(SignatureAlgorithm.HS512,secret)
.compact();
}
- /**
- * 生成token过期时间
- * @return 过期时间
- */
- private Date getExpirationDate() {
- return new Date(System.currentTimeMillis() + expiration * 1000);
- }
-
/**
* 从token中获取用户名
* @param token 前端传入的token
@@ -88,10 +78,11 @@ public class JwtTokenUtil {
try {
claims = Jwts.parser()
.setSigningKey(new SecretKeySpec(secret.getBytes(StandardCharsets.UTF_8), "HmacSHA256"))
+ .setAllowedClockSkewSeconds(NEVER_EXPIRE)
.parseClaimsJws(token)
.getBody();
} catch (Exception e) {
- log.info("jwt解析出错:{}",token);
+ log.warn("token 解析出错:{}",e.getMessage());
}
return claims;
}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index 74b1bdd..74849ac 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -14,4 +14,7 @@ spring:
audiences: 72643704-b2e7-4b26-b881-bd5865e7a7a5
jwt:
- secret: fXO6ko/qyXeYrkecPeKdgXnuLXf9vMEtnBC9OB3s+aA=
\ No newline at end of file
+ secret: fXO6ko/qyXeYrkecPeKdgXnuLXf9vMEtnBC9OB3s+aA=
+
+dingding:
+ server-url: https://oapi.dingtalk.com/robot/send?access_token=32d9b24f69c2c4fd7c2dab43268b6258a7214d2620e0805d7b6d1429003b64b6
\ No newline at end of file
diff --git a/src/test/java/cn/teammodel/TestWithoutSpring.java b/src/test/java/cn/teammodel/TestWithoutSpring.java
index 484bc84..a5c6f3c 100644
--- a/src/test/java/cn/teammodel/TestWithoutSpring.java
+++ b/src/test/java/cn/teammodel/TestWithoutSpring.java
@@ -1,7 +1,14 @@
package cn.teammodel;
+import com.dingtalk.api.DefaultDingTalkClient;
+import com.dingtalk.api.DingTalkClient;
+import com.dingtalk.api.request.OapiRobotSendRequest;
+import com.dingtalk.api.response.OapiRobotSendResponse;
+import com.taobao.api.ApiException;
import org.junit.jupiter.api.Test;
+import java.util.Arrays;
+
/**
* @author winter
* @create 2023-11-10 10:42
@@ -22,4 +29,38 @@ public class TestWithoutSpring {
// e.printStackTrace();
// }
}
+
+ @Test
+ public void testDingDing() throws ApiException {
+ DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/robot/send?access_token=32d9b24f69c2c4fd7c2dab43268b6258a7214d2620e0805d7b6d1429003b64b6");
+ OapiRobotSendRequest request = new OapiRobotSendRequest();
+ request.setMsgtype("text");
+ OapiRobotSendRequest.Text text = new OapiRobotSendRequest.Text();
+ text.setContent("测试告警文本消息");
+ request.setText(text);
+ OapiRobotSendRequest.At at = new OapiRobotSendRequest.At();
+ at.setAtMobiles(Arrays.asList("15196506772"));
+// isAtAll类型如果不为Boolean,请升级至最新SDK
+ at.setIsAtAll(true);
+ at.setAtUserIds(Arrays.asList("109929","32099"));
+ request.setAt(at);
+
+ request.setMsgtype("link");
+ OapiRobotSendRequest.Link link = new OapiRobotSendRequest.Link();
+ link.setMessageUrl("https://www.dingtalk.com/");
+ link.setPicUrl("");
+ link.setTitle("告警时代的火车向前开");
+ link.setText("告警这个即将发布的新版本,创始人xx称它为红树林。而在此之前,每当面临重大升级,产品经理们都会取一个应景的代号,这一次,为什么是红树林");
+ request.setLink(link);
+
+ request.setMsgtype("markdown");
+ OapiRobotSendRequest.Markdown markdown = new OapiRobotSendRequest.Markdown();
+ markdown.setTitle("杭州天气");
+ markdown.setText("#### 告警杭州天气 @156xxxx8827\n" +
+ "> 9度,西北风1级,空气良89,相对温度73%\n\n" +
+ "> \n" +
+ "> ###### 10点20分发布 [天气](http://www.thinkpage.cn/) \n");
+ request.setMarkdown(markdown);
+ OapiRobotSendResponse response = client.execute(request);
+ }
}