Quarkus结合oidc及hibernate的上手试验
quarkus官方文档
介绍
1
2
3
4
5
6
| 专为OpenJDK HotSpot和GraalVM量身定制的Kubernetes本机Java堆栈,采用最佳Java库和标准精制而成。--QUARKUS 1.8.3
Quarkus为GraalVM和HotSpot量身定制您的应用程序。惊人的快速启动时间,极低的RSS内存(不仅是堆大小!)在容器编排平台(如Kubernetes)中提供了近乎即时的向上扩展和高密度的内存利用率。我们使用一种称为编译时启动的技术。
Quarkus是开源的。该项目的所有依赖项都可以在Apache Software License 2.0
响应式编程-- jdk9之后的Publisher/Flow
|
-- 关于quarkus的快,官方写了几个例子:https://quarkus.io/vision/continuum
开始适用
- jdk:9+
- maven:362+
- ide:idea
- 下载支持quarkus的插件
quarkus oidc认证
1
2
3
4
| <dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-oidc</artifactId>
</dependency>
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
| [@Slf4j](https:
@ApplicationScoped
public class RolesAugmentor implements SecurityIdentityAugmentor, Supplier<SecurityIdentity> {
SecurityIdentity identity;
[@Override](https:
public int priority() {
return 0;
}
[@Override](https:
public Uni<SecurityIdentity> augment(SecurityIdentity securityIdentity, AuthenticationRequestContext authenticationRequestContext) {
this.identity = securityIdentity;
return authenticationRequestContext.runBlocking(this::get);
}
[@Override](https:
public SecurityIdentity get() {
if (!identity.isAnonymous()) {
Set<String> roles = identity.getRoles();
Set<String> perSet = new HashSet<>();
Map<String, Object> map = ((JsonWebToken) identity.getPrincipal()).getClaim("client-id");
return QuarkusSecurityIdentity.builder()
.setPrincipal(identity.getPrincipal())
.addAttributes(map == null ? Collections.emptyMap() : map)
.addCredentials(identity.getCredentials())
.addRoles(perSet)
.build();
}
return identity;
}
}
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| @ApplicationScoped
public class CustomTenantResolver implements io.quarkus.oidc.TenantResolver {
@Override
public String resolve(RoutingContext context) {
String path = context.request().path();
String[] parts = path.split("/");
if (parts.length == 0) {
return "defult";
}
return parts[1];
}
}
|
quarkus 数据源
1
2
3
4
5
6
7
8
9
10
11
|
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-hibernate-orm</artifactId>
</dependency>
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-jdbc-postgresql</artifactId>
</dependency>
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
| @ApplicationScoped
public class CustomTenantResolver implements io.quarkus.hibernate.orm.runtime.tenant.TenantResolver {
@Inject
RoutingContext context;
@ConfigProperty(name = "quarkus.hibernate-orm.datasource")
public String tenant;
@Override
public String getDefaultTenantId() {
return tenant;
}
@Override
public String resolveTenantId() {
String path = context.request().path();
String[] parts = path.split("/");
if (parts.length == 0) {
return getDefaultTenantId();
}
return parts[1];
}
}
|
多数据源/oidc配置
- quarkus支持多数据源配置,但编译后的文件不支持二次更改(字节码增强)
参考地址
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
quarkus.datasource.db-kind=postgresql
quarkus.datasource.username=username
quarkus.datasource.password=password
quarkus.datasource.jdbc.url=jdbc:postgresql://192.168.56.110:5432/default
quarkus.hibernate-orm.multitenant=DATABASE
quarkus.hibernate-orm.dialect=org.hibernate.dialect.PostgreSQL10Dialect
quarkus.hibernate-orm.datasource=default
quarkus.hibernate-orm.database.generation=none
quarkus.hibernate-orm.packages=org.xiaowu
quarkus.oidc.auth-server-url=http://192.168.56.110:8080/auth/realms/default
quarkus.oidc.client-id=service
quarkus.oidc.credentials.secret=secret
quarkus.datasource.default.db-kind=${quarkus.datasource.db-kind}
quarkus.datasource.default.username=${quarkus.datasource.username}
quarkus.datasource.default.password=${quarkus.datasource.password}
quarkus.datasource.default.jdbc.url=${quarkus.datasource.jdbc.url}
quarkus.oidc."default".auth-server-url=${quarkus.oidc.auth-server-url}
quarkus.oidc."default".client-id=${quarkus.oidc.client-id}
quarkus.oidc."default".credentials.secret=${quarkus.oidc.credentials.secret}
quarkus.datasource.A.db-kind=postgresql
quarkus.datasource.A.username=username
quarkus.datasource.A.password=password
quarkus.datasource.A.jdbc.url=jdbc:postgresql://192.168.56.110:5432/A
quarkus.oidc.A.auth-server-url=http://192.168.56.110:8080/auth/realms/A
quarkus.oidc.A.client-id=backend-service
quarkus.oidc.A.credentials.secret=secret
|
