Dante Cloud It is an enterprise-level microservice architecture and service capability development platform. It is a microservice architecture based on the OAuth2.1 protocol that fully embraces Spring Authorization Server. Based on mainstream technology stacks such as Spring Authorization Server 1.0.0, Spring Boot 3.0.1, Spring Cloud 2022.0.0, Spring Cloud Tencent 1.8.2-2022.0.0, Spring Cloud Alibaba 2022.0.0-RC1, Nacos 2.2.1-RC The developed multi-tenant system follows the SpringBoot programming idea and is highly modular and configurable.It has functions such as service discovery, configuration, circuit breaking, current limiting, downgrading, monitoring, multi-level caching, distributed transactions, and workflow

platform positioning

  • Build a mature, complete, comprehensive, OAuth2.1-based microservice architecture solution with front-end and back-end separation.
  • Designed and developed for enterprise-level applications and Internet applications, it not only takes into account the micro-service of traditional projects, but also meets the needs of Internet application development and construction, and rapid iteration.
  • The platform architecture is built using various emerging technologies or mainstream technologies related to the microservice field and its surroundings, which is a sharp tool to help quickly cross the stage of architecture technology selection and research and exploration.
  • The code is concise and standardized, and the structure is reasonable and clear. It is a typical and comprehensive case of new technology development and application, and helps developers learn and master emerging technologies.

release background

Since November 24, new versions such as Spring Boot 3.0, Spring Cloud 2022.0.0, and Spring Cloud Tencent 1.8.2 were released, and the entire Java community has entered a new era of Java 17 and Spring Boot 3. Keeping up with the development of Java technology and the Spring community, so that more new features with better quality and better performance can serve the actual development work, Dante Cloud is also upgraded and adapted simultaneously, and a new version 3.0 has been developed.

[1] Dante Cloud 3.0.0 new features

  1. The core foundation relies on convenient switching
  • add Spring Cloud Tencent with Spring Cloud Supported by two types of infrastructure, including the native microservice family bucket.
  • add Spring Cloud Alibaba,Spring Cloud Tencent with Spring Cloud The ability to switch between three basic settings of the native microservice family bucket allows you to switch between Alibaba, Tencent, Spring and other infrastructure environments in a relatively convenient manner. You can choose according to your actual needs, and you are no longer limited to running in a certain infrastructure environment.
  1. support GraalVM native image
  • Adjust the pom build configuration of various modules as a whole, and appropriately increase redundant and repeated configurations to support Spring Native or GraalVM Compilation required. Avoid Native compilation of all modules, resulting in errors.
  1. Spring Authorization Server Full feature support and extension
  • based on Spring Authorization Server with Spring Data JPA Realize the multi-tenant system architecture and support two modes of Database and Schema.
  • based on Spring Data JPA,rebuild Spring Authorization Server The basic data storage code replaces the original JDBC data access method and breaks the Spring Authorization Server The original data storage limitation has been extended to a method and design that is more in line with practical applications.
  • based on Spring Authorization Serverbased on the OAuth 2.1 specification, add custom Resource Ownership Password (Password) authentication mode to be compatible with existing OAuth 2-based applications that separate front and back ends, support Refresh Token usage of.
  • based on Spring Authorization Serverbased on the OAuth 2.1 specification, add custom Social Credentials (Socialized login) authentication mode, support SMS verification code, WeChat applet, based on JustAuth third-party application login, support Refresh Token usage of.
  • expand Spring Authorization Server default Client Credentials Mode, to realize the real verification of the interface by using the Scope permission.Increase the permission configuration function of client Scope and decouple it from the existing user permission system
  • support Spring Authorization Server Authorization Code PKCE authentication mode
  • exist Spring Authorization Server the standard JWT Token In addition to the encryption verification method, it supports user-defined certificate-based JWT Token The encryption verification method can be dynamically modified through configuration.
  • support Opaque Token (opaque token) format and verification method, will be low JWT Token Risk of being caught parsing.You can set the default Token format by modifying the configuration parameters Opaque Token format is still JWT Token Format.
  • full support OpenID Connect (OIDC) protocol, when the system is in use, it can quickly switch between the OIDC mode and the traditional OAuth2 mode through the front-end switch configuration according to the usage requirements
  • depth extension Authorization Code,Resource Ownership Password,Social Credentials Several modes, fully integrated IdToken,Opaque Token,JWT Token With the existing permission system, while providing IdToken And custom Token extension two user information transmission methods without secondary requests, reducing frequent requests for user information.
  • customize Spring Authorization Server Authorization code mode login authentication page and authorization confirmation page, authorization code mode login adopts encrypted data transmission. Multiple types of verification codes are supported, but behavioral verification codes are not supported for now.
  • No need to configure in code Spring Security Permission annotations and permission methods can realize interface authentication and dynamic modification of permissions.Adopt a distributed authentication scheme to avoid the pressure of Gateway unified authentication and the problem of repeated authentication
  • The core data of OAuth2 UserDetails supports two modes: direct database acquisition and Feign remote invocation. The performance of OAuth2 directly connected to the database mode is better, and the remote call of Feign access is more scalable. The policy mode can be dynamically modified through configuration.
  • Based on custom Session, mixed national secret SM2 (asymmetric) and SM4 (Symmetric Encryption) Algorithm to realize the dynamic generation and encrypted transmission of secret keys based on digital envelope technology. Utilize the “one person one code mechanism” to realize dynamic encrypted transmission of password mode login data. Cooperate with OAuth2 Client authentication to protect the rationality and security of interface calls and front-end and back-end data transmission.
  1. use pnpm monorepo Refactor the front end
  • Front-end engineering package manager changed to pnpm.
  • use monorepo The mode reconstructs the front-end project, extracts related codes such as utils, components, apis, bpmn-designer, and forms a shared module
  • The shared module has been optimized and configured, and can be compiled into an independent component using Vite, which can be released separately as a component
  • The code is maintained and developed separately in the form of a shared module, which reduces the complexity of the existing project code and facilitates the expansion of subsequent functions and the reuse of code.

[2] This update

  • major update
    • [升级] Spring Boot version upgrade to 3.0.1
    • [升级] Spring Cloud Tencent version upgrade to 1.8.2-2022.0.0
    • [升级] Spring Cloud Alibaba version upgrade to 2022.0.0.0-RC1
    • [升级] Nacos version upgraded to 2.2.1-RC
    • [升级] MyBatis Plus version upgraded to 3.5.3.1
  • new features
    • [新增] Added an independent messaging service that integrates functions such as Stomp WebSocket, private messages, and announcements. It supports front-end and back-end to exchange messages through WebSocket and REST interfaces.
    • [新增] Added private message, announcement sending, and new message reminder, browsing information based on private message dialogue
    • [新增] Added a mechanism for manually parsing Token information, and supports both JWT Token and Opaque Token.
    • [新增] WebSocket module, supports WebSocket Token authentication and login user information analysis function
    • [新增] Added real-time online user statistics and synchronous real-time refresh function
    • [新增] The front end adds the function of dynamically generating the default Avatar based on the user ID.
    • [新增] Added an independent personal setting page on the front end, including private messages and announcement viewing functions
    • [新增] The front end adopts the new version of Stomp JS to realize WebSocket support.
  • other updates
    • [优化] Remove the additional JetCache automatic injection configuration code, and use the new version of JetCache’s own configuration instead.
    • [优化] Add additional user information in Token to facilitate front-end use and reduce repeated queries.
    • [优化] Adjust the DTO code placement directory of some modules
    • [优化] Restore Spring Cloud Alibaba related code, delete Sentinel temporary support for new version of Spring Boot code.
    • [优化] Change the default infrastructure to Alibaba, and delete the Zookeeper service discovery configuration in the Spring Cloud Alibaba infrastructure environment.
    • [重构] Delete the engine-protect module and merge related codes into the engine-rest module
    • [修复] Fix the Parameter method error of the XSS Request wrapper, resulting in the error that the parameter cannot be obtained.
    • [修复] Fix the problem that the WebSocket Token cannot be parsed correctly caused by the additional identifier added by the Anti Samoyed XSS protection code.
    • [修复] Fix the problem of incorrect paging query data based on JetCache custom JPA second-level cache due to the change of Hibernate 6 code.
  • Dependency update
    • [升级] jetcache version upgrade to 2.7.2
    • [升级] hutool version upgrade to 5.8.11
    • [升级] The spring-boot-admin version is upgraded to 3.0.0-M8
    • [升级] The spring-security-cas version is upgraded to 5.8.1
    • [升级] The springdoc version is upgraded to 2.0.2
    • [升级] wxjava version upgrade to 4.4.7.B
    • [升级] The version of mybatis-plus-boot-starter is upgraded to 3.5.3.1
    • [升级] The version of mybatis-plus-generator is upgraded to 3.5.3.1
    • [升级] tencentcloud-sdk-java-sms version upgrade to 3.1.667
    • [升级] Alipay-sdk-java version upgraded to 4.35.9.ALL
    • [升级] The version of com.baidu.aip is upgraded to 4.16.13

[3]interface preview

1. Community vision

Let every open source enthusiast experience the joy of open source.

2. Community official website

https://dromara.org is the official website of the Dromara open source community.

3. Member projects

#Dante #Cloud #released #Spring #Boot #version #upgraded #News Fast Delivery

Leave a Comment

Your email address will not be published. Required fields are marked *