Dante Cloud is an enterprise-level microservice architecture and service capability development platform that adopts domain-driven design (DDD) thinking, fully embraces Spring Authorization Server, is based on the OAuth2.1 protocol, and supports smart TVs, IoT and other Internet of Things devices. Certified microservices solution . Multi-tenant developed based on mainstream technology stacks such as Spring Authorization Server 1.1.2, Spring Boot 3.1.3, Spring Cloud 2022.0.4, Spring Cloud Tencent 1.11.9-2022.0.1, Spring Cloud Alibaba 2022.0.0.0, Nacos 2.2.4, etc. The system follows SpringBoot programming ideas and is highly modular and configurable. It has functions such as service discovery, configuration, circuit breaker, current limiting, downgrade, monitoring, multi-level caching, distributed transactions, and workflow.

Platform positioning

Build a mature, complete and comprehensive microservice architecture solution based on OAuth2.1 and separated from the front and back ends.
For the design and development of enterprise-level applications and Internet applications, it not only takes into account the micro-services of traditional projects, but also meets the needs of Internet application development, construction, and rapid iteration.
The platform architecture is constructed using various emerging technologies or mainstream technologies related to the microservice field and surrounding areas. It is a powerful tool to help quickly cross the stages of architecture technology selection and research and exploration.
The code is concise and standardized, with a reasonable and clear structure. It is a typical and comprehensive case of the development and application of new technologies, helping developers learn and master emerging technologies.

[1] Contents of this update

【Main update】
- [Refactoring] Reconstruct WebSocket related modules, standardize configuration code, integrate Spring Session, and support multi-instance WebSocket user information sharing.
【Other updates】
- [Fix] Fixed an issue where a parameter name writing error in the front-end project caused the login page interface to throw a verification error.
- [Fix] Fixed the issue of incorrect injection of custom BearerTokenResolver in the message-sdk-websocket module.
- [Fix] Fixed the problem that the WebSocket module failed to inject UserDetailsService, causing the message service to fail to start. fix:#I7ZLGN (ISSUED by jokeway)
- [Fix] Fixed the problem that after the system unified session expires, the front-end refresh page will not create a new session.
- [Fix] Fixed the issue where an error pop-up box and error prompt appear on the login page after the Session expires.
- [Fix] Fixed the problem that after viewing all information and jumping to the personal homepage, the page would not refresh again.
- [Fix] Temporarily fix the incompatibility of the latest front-end version vue-i18n, causing startup failure.
- [Optimization] Added a custom SessionAuthenticationStrategy to ensure that the principle information in the shared Session can be set accurately.
- [Optimization] Optimize the unclear problem of user information acquisition and transmission logic in WebSocket module. Solve the code coupling problem caused by high dependence on BearerTokenResolver.
- [Optimization] Simplify and standardize the message-sdk-websocket configuration code, optimize the module dependencies, and reduce duplicate and unnecessary dependencies.
- [Optimization] Unified control of httpclient dependent versions to solve the problem of multiple httpclient versions in the project.
- [Optimization] Unified control of checker-qual dependent versions to solve the problem of multiple checker-qual versions in the project and the maven plug-in prompting conflicts.
- [Fix] Fixed the Bean injection error when sending messages in the WebSocket module, resulting in a null error when sending all-member messages.
- [New] Added system default OIDC Scope and updated the database initialization script synchronously.
- [Optimization] Use Dante Cloud as the Minio console IDentity Provider (identity provider) for login authentication to achieve configuration persistence.
- [Fix] Fixed the problem of invalid parameter configuration of herodotus.oauth2.authorization.matcher.permit-all. fix: #7Z3O1 (ISSUED by Ryan)
- [Fix] Fix: HerodutusUser obtained through Social method will be parsed into the string "null", causing it to be saved as "avatar":"null" during serialization in the database fix: #I7ZIZ3 (ISSUED by jokeway)
- [Fix] Fixed the issue of failure to send private messages using WebSocket and the interface prompting no response error fix: #I7ZJ2E (ISSUED by jokeway)
- [Refactoring] Refactor all custom Jackson deserialization Mixins, and change all codes that do not use unified tool classes to use unified tool classes to facilitate maintenance.
- [Upgrade] minio docker image version upgraded to RELEASE.2023-09-07T02-05-02Z
[Dependency update]
- [Upgrade] fastjson2 version upgraded to 2.0.40
- [Upgrade] okio version upgraded to 3.5.0
- [Upgrade] xnio version upgraded to 3.8.10.Final
- [Upgrade] aws-java-sdk-s3 version upgraded to 1.12.544
- [Upgrade] quasar webjars version upgraded to 2.12.6
- [Upgrade] tencentcloud-sdk-java-sms version upgraded to 3.1.848

[2] Dante Cloud 3.0.0 new features

Convenient switching of core basic dependencies

Two new infrastructure supports are added Spring Cloud Tencent: and Spring Cloudnative microservice family bucket.
Newly added Spring Cloud Alibaba, Spring Cloud Tencentand Spring Cloudnative microservice family bucket three basic setting switching capabilities, you can switch to use Alibaba, Tencent, Spring and other infrastructure environments in a relatively convenient way. You can choose according to your actual needs and are no longer limited to running in a certain infrastructure environment.

Support GraalVMnative image

Adjust the pom build configuration of various modules as a whole, and add redundant duplicate configurations appropriately to support Spring Nativeor GraalVMcompile needs. Avoid Native compilation of all modules, causing errors.

Spring Authorization ServerFull feature support and extensions

Implements multi-tenant system architecture based on Spring Authorization Serverand and supports two modes: Database and Schema.Spring Data JPA
Based on this , the basic data storage code is Spring Data JPArebuilt to replace the original JDBC data access method, break the limitations of the original data storage, and expand to a method and design that is more in line with actual applications.Spring Authorization ServerSpring Authorization Server
Based Spring Authorization Serveron the OAuth 2.1 specification, a custom Resource Ownership Password(password) authentication mode is added to be compatible with existing front-end and back-end separation applications based on the OAuth 2 specification, and supports the Refresh Tokenuse of .
Based Spring Authorization Serveron the OAuth 2.1 specification, a custom Social Credentials(social login) authentication mode is added, which supports mobile phone SMS verification code, WeChat applet, JustAuththird-party application login based on and supports Refresh Tokenthe use of .
Extend the Spring Authorization Serverdefault Client Credentialsmode to truly use Scope permissions to verify the interface. Add the permission configuration function of client Scope and decouple it from the existing user permission system
Support Spring Authorization Server Authorization Code PKCEauthentication mode
In addition to Spring Authorization Serverthe standard encryption verification method, it supports encryption verification methods JWT Tokenbased on custom certificates , which can be dynamically modified through configuration.JWT Token
Support Opaque Token(opaque token) format and verification method, which will reduce JWT Tokenthe risk of being captured and parsed. You can set whether the default Token format adopts Opaque Tokenformat or JWT Tokenformat by modifying the configuration parameters.
Fully supports OpenID Connectthe (OIDC) protocol. When using the system, you can quickly switch between OIDC mode and traditional OAuth2 mode through front-end switch configuration according to usage needs.
Deeply expands Authorization Code, Resource Ownership Password, Social Credentialsseveral modes, fully integrates IdToken, Opaque Token, JWT Tokenand the existing permission system, while providing IdTokentwo ways of user information transmission without the need for secondary requests, and custom Token expansion, reducing frequent requests for user information.
Customize Spring Authorization Serverthe authorization code mode login authentication page and authorization confirmation page. Authorization code mode login uses data encryption and transmission. Supports multiple verification code types, but behavioral verification codes are not supported yet.
Added new Spring Authorization Server certification modes based on IoT devices that support smart TVs, IoT, etc.
Spring SecurityInterface authentication and dynamic modification of permissions can be achieved without configuring permission annotations and permission methods in the code . Adopt a distributed authentication solution to avoid the pressure of unified authentication on Gateway and the problem of repeated authentication
OAuth2 UserDetails core data supports two modes: direct database acquisition and Feign remote invocation. The OAuth2 direct database mode has better performance, and Feign access remote calling is more scalable. The policy approach can be dynamically modified through configuration.
Based on a custom Session and a mixture of national secret SM2(asymmetric) and SM4(symmetric encryption) algorithms, dynamic secret key generation and encrypted transmission based on digital envelope technology are realized. Utilize the "one person, one code mechanism" to realize dynamic encrypted transmission of password mode login data. Cooperate with OAuth2 Client verification to protect the rationality and security of interface calls and front-end and back-end data transmission.

pnpm monorepoRefactor the front end using

It does not use any popular open source templates, uses a new technology stack, and is a completely new "handwritten" front-end project.
Drawing on the use and design of popular open source versions, the new version's front-end interface style and operating habits are as consistent as possible with the current popular methods.
Make full use of the Typescript language features to solve a large number of type verification problems and avoid the "any" way of using the Typescript programming language as much as possible.
Make full use of the new Vue3 framework features such as Composition API and Hooks for code writing.
Make full use of the object-oriented features of Component, Hooks and Typescript to extract common components and codes to reduce duplicate code in projects as much as possible.
Encapsulate many Quasar basic components and application functional components to facilitate unified modification, maintenance, development and use of code.
In-depth performance optimization of Vite3-based project packaging in production mode.
Provides containerized packaging and deployment of engineering production code using docker-compose.
This version is based on pnpm and uses monorepo mode to reconstruct the front-end project. Building the monorepo version front end is to pave the way for expanding more functions and adding application-level functions.
Extract utils, components, apis, bpmn-designer and other related codes to form a shared module.
The shared modules have been optimized and configured and can be compiled into independent components and released as separate components.
The code is maintained and developed independently in the form of shared modules, which reduces the complexity of existing engineering code and facilitates subsequent function expansion and code reuse.