Dante Cloud It is an enterprise-level microservice architecture and service capability development platform. The first version fully embracing Spring Authorization Server, a multi-tenant system based on the latest versions of Spring Authorization Server 0.4.0, Spring Boot 2.7.6, Spring Cloud 2021.0.5, Spring Cloud Alibaba 2021.0.4.0, Nacos 2.1.2, etc. Following the SpringBoot programming idea, it is highly modular and configurable.It has functions such as service discovery, configuration, circuit breaking, current limiting, downgrading, monitoring, multi-level caching, distributed transactions, and workflow
platform positioning
- Construct a mature, complete, comprehensive, OAuth2.1-based microservice architecture solution with front-end and back-end separation.
- Designed and developed for enterprise-level applications and Internet applications, it not only takes into account the micro-service of traditional projects, but also meets the needs of Internet application development and construction, and rapid iteration.
- The platform architecture is built using various emerging technologies or mainstream technologies related to the microservice field and its surroundings, which is a sharp tool to help quickly cross the stage of architecture technology selection and research and exploration.
- The code is concise and standardized, and the structure is reasonable and clear. It is a typical and comprehensive case of new technology development and application, and helps developers learn and master emerging technologies.
[1]why the name was changed to Dante Cloud
Dante Cloud (Dante), original project name Eurynome Cloud, Many friends have reported that the name is too long, difficult to read, and difficult to remember.Therefore after joining Dromara On the occasion of the open source community, the name was changed.
Dantethat is, Dante Alighieri (AD 1265-AD 1321), an Italian poet at the end of the 13th century, the founder of modern Italian, and one of the pioneering figures in the European Renaissance era. “Comedy”) is famous, and later a writer named Boccaccio named it sacred comedy.
He is considered the greatest poet of the Italian Renaissance in the Middle Ages, one of the most outstanding poets in the West, and one of the greatest writers. Engels commented: “The end of the feudal Middle Ages and the beginning of the modern capitalist era are marked by a great figure. This figure is the Italian Dante. He is the last poet of the Middle Ages. the first poet of
The name was changed to Dante Cloud, implying that this project will be like Engels’ evaluation of Dante. In the period of industry change, it can become a link between the past and the future, and help the transformation of enterprise information construction.
[2]the content of this update
- major update
- Spring Boot version upgrade to 2.7.6
- other updates
- [修复] Solve the problem of using the edge browser and using feign, reporting Unexpected char 0x0a (PR by Li Dalan, who is madly training chest muscles)
- [修复] Fix the problem of inaccurate verification and unreasonable status of the front-end unique field in different states of creating and editing. Solve the problem that the verification fails if the unique field data is not modified in the editing state.
- [修复] Optimize the distributed session sharing configuration of microservices to solve the inconsistency of shared sessions.
- [新增] Data initialization script supplements OIDC client registration related information
- Dependency update
- [升级] The fastjson2 version is upgraded to 2.0.20
- [升级] Dysmsapi20170525 version upgraded to 2.0.23
- [升级] The version of aliyun-java-sdk-core is upgraded to 4.6.3
- [升级] tencentcloud-sdk-java-sms version upgrade to 3.1.641
- [升级] Alipay-sdk-java version upgraded to 4.34.71.ALL
- [升级] aliyun-java-sdk-green version upgraded to 3.6.6
- [升级] Postgresql version upgrade to 42.5.1
- [升级] Jackson version upgrade to 2.14.1
[3]、Dante Cloud 2.7.X Features
1. Front end
- It does not use any popular open source templates, uses a new technology stack, and completely “handwritten” a new front-end project.
- Drawing on the use and design of popular open source versions, the new front-end interface style and operating habits are as consistent as possible with the current popular methods.
- Make full use of Typescript language features, solve a large number of type verification problems, and avoid the “any” type of Typescript programming language usage as much as possible.
- Make full use of new features of the Vue3 framework such as Composition Api and Hooks for code writing.
- Make full use of Component, Hooks, and Typescript object-oriented features to extract common components and code, and reduce engineering duplication as much as possible.
- Encapsulate many Quasar basic components and application function components to facilitate unified modification, maintenance and development of the code.
- In the production mode, the in-depth performance optimization of Vite3-based project packaging is carried out.
- Provide containerized packaging and deployment of engineering production code in the docker-compose mode.
- Support password mode, authorization code mode, SMS mode, third-party socialization and other login modes.
Two, the back end
based on Spring Authorization Server
Deep customization and extension:
based on
Spring Authorization Server
andSpring Data JPA
Realize the multi-tenant system architecture and support two modes of Database and Schema.based on
Spring Data JPA
,rebuildSpring Authorization Server
The basic data storage code replaces the original JDBC data access method and breaks theSpring Authorization Server
The original data storage limitation has been extended to a method and design that is more in line with practical applications.based on
Spring Authorization Server
based on the OAuth 2.1 specification, add customResource Ownership Password
(Password) authentication mode, to be compatible with existing OAuth 2-based applications with front-end and back-end separation, and support the use of Refresh Token.based on
Spring Authorization Server
based on the OAuth 2.1 specification, add customSocial Credentials
(Social login) authentication mode, supports SMS verification code, WeChat applet, third-party application login based on JustAuth, and supports the use of Refresh Token.expand
Spring Authorization Server
defaultClient Credentials
mode, implementClient Credentials
The mode supports the use of Refresh Token.expand
Spring Authorization Server
defaultClient Credentials
Mode, to realize the real verification of the interface by using the Scope authority.Increase the permission configuration function of client Scope and decouple it from the existing user permission systemsupport
Spring Authorization Server
Authorization Code PKCE
authentication modesupport
Spring Authorization Server
In addition to the standard JWT Token encryption verification method, a JWT Token encryption verification method based on a custom certificate is added, which can be dynamically modified through configuration.Support Opaque Token (opaque token) format and verification method, which will reduce the risk of JWT Token being captured and analyzed. You can set the default Token format to be Opaque Token or JWT Token by modifying configuration parameters.
Fully supports the OpenID Connect (OIDC) protocol, when the system is in use, the OIDC mode and the traditional OAuth2 mode can be quickly switched through the front-end switch configuration according to the usage requirements
depth extension
Authorization Code
,Resource Ownership Password
,Social Credentials
Several modes fully integrate IdToken, Opaque Token, JWT Token and the existing permission system, and provide IdToken and custom Token expansion two user information transmission methods without secondary requests, reducing frequent requests for user information.customize
Spring Authorization Server
Authorization code mode login authentication page and authorization confirmation page, authorization code mode login adopts encrypted data transmission. Multiple types of verification codes are supported, but behavioral verification codes are not supported for now.- Based on JetCache’s multi-level cache support, realize customization
Spring Data JPA
The second-level cache effectively solves the Spring Cache query cache update problem. - fully integrated
@PreAuthorize
Annotation permissions andURL
Permissions are dynamically configured through the backend and do not need to be configured in codeSpring Security
Permission annotations and permission methods can realize interface authentication and dynamic modification of permissions.Adopt a distributed authentication scheme to avoid the pressure of Gateway unified authentication and the problem of repeated authentication - Adopt distributed service independent authentication scheme,
Spring Security
@PreAuthorize
Permission annotations, permission methods, andURL
Permissions are dynamically distributed to corresponding services in real time after being dynamically configured through the backend. OAuth2
UserDetails
Core Data supports direct database acquisition andFeign
There are two modes of remote calling.OAuth2
The performance of the direct connection database mode is better,Feign
Access to remote calls is more scalable. The policy mode can be dynamically modified through configuration.- Based on the custom Session, mixed national secret SM2 (asymmetric) and SM4 (symmetric encryption) algorithms, the secret key is dynamically generated and encrypted for transmission. Utilize the “one person one code mechanism” to realize dynamic encrypted transmission of password mode login data.Cooperate
OAuth2 Client
Verify and protect the rationality and security of interface calls and front-end and back-end data transmission.
[4]interface preview
Dromara Open Source Community
1. Community vision
Let every open source enthusiast experience the joy of open source.
2. Community official website
https://dromara.org is the official website of the Dromara open source community.
3. Member projects
#Dante #Cloud #released #enterpriselevel #microservice #architecture #adapted #OAuth #News Fast Delivery