Sa-Token is a lightweight Java authority authentication framework, which mainly solves a series of authority-related issues such as login authentication, authority authentication, distributed Session sessions, single sign-on, and OAuth2.0.
The framework is adapted to many common businesses such as kicking people offline, automatic renewal, separation of front and back, distributed conversations, etc. Through Sa-Token, you can realize the authority authentication part of the system in a very simple way
Sa-Token v1.30.0 version update includes the following:
- Added: Added an example of integrating Web-Socket authentication. [important]
- Added: Added an example of integrating Web-Socket (Spring package version) authentication.
- New: Add jfinal integration package
sa-token-jfinal-plugin
[important] - Added: Added jboot integration package
sa-token-jboot-plugin
(thanks to @nxstv for submitting the pr) StpUtil.getExtra("key")
Fix: Fix invalid bug when integrating sa-token-jwt Style mode- Upgrade: upgrade
sa-token-context-dubbo
dubbo version:2.7.11
->2.7.15
- Upgrade: With the help of
flatten-maven-plugin
unified version number definition (thanks to the pr submitted by @ruansheng8) [important] - Fix: Fix the problem that the plug-in circular dependency cannot be started
springboot 2.6.x
underquick-login
- Optimization:
sa-token-spring-aop
Change the dependencysa-token-core
to avoid the problem of starting error reporting in the webflux environment - Optimization: Changed source code annotation device identification to device type to be more semantic
- Fix: Solve the problem that dubbo parameters become lowercase under some protocols, resulting in invalid
Id-Token
authentication - Upgrade: Unit test upgrade to JUnit5
- Added: Added
maxLoginCount
configuration , specifying the maximum number of simultaneous online accounts for the same account [important] - Upgrade: Completely delete the SaTokenAction interface and completely replace it with SaStrategy
- Added: Added
sa-token-dao-redisx
plugin , thanks to the pr submitted by @noear [important] - Optimization: Add an exception prompt when parseToken is not configured with a jwt key, thanks to the pr submitted by @BATTLEHAWK00
- Optimization: sso, oauth2 plug-in calls the configuration class to use the getter method, thanks to the pr submitted by @Naah
- Added: New json converter module
- Refactoring: SaTokenListener#doLogin method adds tokenValue parameter [not backward compatible]
- Upgrade: SpringBoot related components depend on version upgrade to
2.5.12
- Documentation: Online Documentation All
AjaxJson
changed toSaResult
- Documentation: "Multi-account authentication" -> Change to "Multi-account authentication"
- Documentation: New dynamic demo diagrams in some chapters [important]
- Upgrade: Top-level exception class
SaTokenException
Add code exception subdivision status code. See [important] for details - Note the upgrade: Affected by the abnormal subdivision status code, the method
NotPermissionException
in the class is changed .getCode()
getPermission()
[not backward compatible] - SSO module upgrade:
- Refactor: SSO module split from core package into standalone plugin
sa-token-sso
[important] - Optimization: In the SSO mode three single-point logout callback method, the logout statement is changed to:
stpLogic.logout(loginId)
more suitable for the scenario - Fix: Solve the problem of double back parameters caused by the internal implementation inconsistency of some Servlet versions when sso builds the authentication address.
- Upgrade: SSO module provides fine-grained exception handling
- Refactoring: SSO mode three interfaces
/sso/checkTicket
,/sso/logout
, change the response body format [not backward compatible] - Optimization: SSO mode three single logout building examples are added
try-catch
to improve fault tolerance - Optimization:
SsoUtil.singleLogout
changed toSsoUtil.ssoLogout
, and no need to provide secretkey parameter [not backward compatible] - Upgrade: Change the interface call of SSO mode 3 to signature verification. [Important] [Not backward compatible]
- Added: Added an example of docking without sdk in the SSO mode for three times, thanks to @Sa-Potion for the suggestion and feedback [important]
- Refactor: SSO module split from core package into standalone plugin
- sa-token-jwt module upgrade:
- Refactoring:
sa-token-jwt
creation, mandatory verification of loginType [not backward compatible] - Refactoring:
StpLogicJwtForStateless
change from rewriting login method to rewriting createLoginSession - Refactoring:
SaJwtUtil
The tool class no longer swallows exception messages, and provides fine-grained exception codes. - Refactoring: renamed: StpLogicJwtForStyle -> StpLogicJwtForSimple
- Refactoring: renamed: StpLogicJwtForMix -> StpLogicJwtForMixin
- Fix: Fix the bug that the Extra data may be affected by the old token in
StpLogicJwtForSimple
the mode
- Refactoring:
Code repository: https://gitee.com/dromara/sa-token
Framework function structure diagram: