diff --git a/linkis-dist/package/db/upgrade/1.7.0_schema/mysql/linkis_ddl.sql b/linkis-dist/package/db/upgrade/1.7.0_schema/mysql/linkis_ddl.sql
index f58e190077e..06d05a47a96 100644
--- a/linkis-dist/package/db/upgrade/1.7.0_schema/mysql/linkis_ddl.sql
+++ b/linkis-dist/package/db/upgrade/1.7.0_schema/mysql/linkis_ddl.sql
@@ -98,6 +98,9 @@ CREATE TABLE `linkis_ps_python_module_info` (
ALTER TABLE `linkis_cg_manager_service_instance` ADD COLUMN mapping_ports varchar(128);
ALTER TABLE `linkis_cg_manager_service_instance` ADD COLUMN mapping_host varchar(128);
+-- Add token_sign column to linkis_token table for token signature support
+ALTER TABLE `linkis_token` ADD COLUMN `token_sign` VARCHAR(255) DEFAULT NULL COMMENT 'Token签名' AFTER `token_name`;
+
diff --git a/linkis-dist/package/db/upgrade/1.7.0_schema/postgresql/linkis_ddl.sql b/linkis-dist/package/db/upgrade/1.7.0_schema/postgresql/linkis_ddl.sql
new file mode 100644
index 00000000000..f5214a81264
--- /dev/null
+++ b/linkis-dist/package/db/upgrade/1.7.0_schema/postgresql/linkis_ddl.sql
@@ -0,0 +1,20 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+-- Add token_sign column to linkis_token table for token signature support
+ALTER TABLE linkis_token ADD COLUMN IF NOT EXISTS token_sign VARCHAR(255) DEFAULT NULL;
+COMMENT ON COLUMN linkis_token.token_sign IS 'Token签名';
diff --git a/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/pom.xml b/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/pom.xml
index 37805414680..e2c72da2bb7 100644
--- a/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/pom.xml
+++ b/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/pom.xml
@@ -6,9 +6,9 @@
~ The ASF licenses this file to You under the Apache License, Version 2.0
~ (the "License"); you may not use this file except in compliance with
~ the License. You may obtain a copy of the License at
- ~
+ ~
~ http://www.apache.org/licenses/LICENSE-2.0
- ~
+ ~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -68,6 +68,14 @@
org.springframework.cloud
spring-cloud-starter
+
+ org.springframework.boot
+ spring-boot-starter-logging
+
+
+ org.yaml
+ snakeyaml
+
@@ -76,6 +84,28 @@
jersey-apache-client4
+
+ org.springframework.boot
+ spring-boot-starter-actuator
+ ${spring.boot.version}
+
+
+ org.springframework.boot
+ spring-boot-starter-logging
+
+
+ org.yaml
+ snakeyaml
+
+
+
+
+
+ io.micrometer
+ micrometer-registry-prometheus
+ compile
+
+
diff --git a/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/src/main/assembly/distribution.xml b/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/src/main/assembly/distribution.xml
index a444a0b6fd3..1fec96d110f 100644
--- a/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/src/main/assembly/distribution.xml
+++ b/linkis-spring-cloud-services/linkis-service-discovery/linkis-eureka/src/main/assembly/distribution.xml
@@ -43,8 +43,8 @@
aopalliance:aopalliance:jar
com.netflix.archaius:archaius-core:jar
org.aspectj:aspectjweaver:jar
- org.bouncycastle:bcpkix-jdk18on:jar
- org.bouncycastle:bcprov-jdk18on:jar
+ org.bouncycastle:bcpkix-jdk15on:jar
+ org.bouncycastle:bcprov-jdk15on:jar
org.checkerframework:checker-qual:jar
commons-collections:commons-collections:jar
commons-configuration:commons-configuration:jar
@@ -70,6 +70,11 @@
com.fasterxml.jackson.module:jackson-module-parameter-names:jar
jakarta.annotation:jakarta.annotation-api:jar
javax.inject:javax.inject:jar
+ com.sun.jersey.contribs:jersey-apache-client4:jar
+ com.sun.jersey:jersey-client:jar
+ com.sun.jersey:jersey-core:jar
+ com.sun.jersey:jersey-server:jar
+ com.sun.jersey:jersey-servlet:jar
org.codehaus.jettison:jettison:jar
joda-time:joda-time:jar
com.google.code.findbugs:jsr305:jar
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/main/scala/org/apache/linkis/gateway/authentication/service/CachedTokenService.scala b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/main/scala/org/apache/linkis/gateway/authentication/service/CachedTokenService.scala
index 4b3fcd85739..150bc9ad90d 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/main/scala/org/apache/linkis/gateway/authentication/service/CachedTokenService.scala
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/main/scala/org/apache/linkis/gateway/authentication/service/CachedTokenService.scala
@@ -52,7 +52,7 @@ class CachedTokenService extends TokenService {
private val tokenCache: LoadingCache[String, Token] = CacheBuilder.newBuilder
.maximumSize(TokenConfiguration.TOKEN_CACHE_MAX_SIZE)
- .refreshAfterWrite(TokenConfiguration.TOKEN_CACHE_EXPIRE_MINUTES, TimeUnit.MINUTES)
+ .expireAfterWrite(TokenConfiguration.TOKEN_CACHE_EXPIRE_MINUTES, TimeUnit.MINUTES)
.build(new CacheLoader[String, Token]() {
override def load(tokenName: String): Token = {
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/java/org/apache/linkis/gateway/authentication/service/CachedTokenServiceTest.java b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/java/org/apache/linkis/gateway/authentication/service/CachedTokenServiceTest.java
index 05286487ed8..312ae7ef019 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/java/org/apache/linkis/gateway/authentication/service/CachedTokenServiceTest.java
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/java/org/apache/linkis/gateway/authentication/service/CachedTokenServiceTest.java
@@ -91,5 +91,16 @@ void testDoAuth() {
assertThrows(
TokenAuthException.class, () -> tokenService.doAuth(TokenName, "test", "10.10.10.10"));
logger.info("assertThrows:{}", exception.getMessage());
+
+ exception =
+ assertThrows(
+ TokenAuthException.class, () -> tokenService.doAuth("NOT-EXIST", "test", "127.0.0.1"));
+ logger.info("assertThrows:{}", exception.getMessage());
+
+ exception =
+ assertThrows(
+ TokenAuthException.class,
+ () -> tokenService.doAuth("LINKISCLI-AUTH", "test", "127.0.0.1"));
+ logger.info("assertThrows:{}", exception.getMessage());
}
}
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/create_pg.sql b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/create_pg.sql
index 725ed37bf14..fadcb086826 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/create_pg.sql
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/create_pg.sql
@@ -35,3 +35,5 @@ delete from linkis_mg_gateway_auth_token;
-- Default Tokens
-- ----------------------------
INSERT INTO "linkis_mg_gateway_auth_token"("token_name","legal_users","legal_hosts","business_owner","create_time","update_time","elapse_day","update_by") VALUES ('LINKIS-UNAVAILABLE-TOKEN','test','127.0.0.1','BDP',now(),now(),-1,'LINKIS');
+INSERT INTO "linkis_mg_gateway_auth_token"("token_name","legal_users","legal_hosts","business_owner","create_time","update_time","elapse_day","update_by") VALUES (concat('DSS-', md5(cast(random() as varchar))),'*','*','BDP',now(),now(),-1,'LINKIS');
+
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/data.sql b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/data.sql
new file mode 100644
index 00000000000..36d823c7b1e
--- /dev/null
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-authentication/src/test/resources/data.sql
@@ -0,0 +1,22 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+DELETE FROM linkis_mg_gateway_auth_token;
+-- ----------------------------
+-- Default Tokens
+-- ----------------------------
+INSERT INTO `linkis_mg_gateway_auth_token`(`token_name`,`legal_users`,`legal_hosts`,`business_owner`,`create_time`,`update_time`,`elapse_day`,`update_by`) VALUES ('LINKIS-UNAVAILABLE-TOKEN','test','127.0.0.1','BDP',curdate(),curdate(),-1,'LINKIS');
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/pom.xml b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/pom.xml
index 322c2c61b7e..e7444893388 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/pom.xml
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/pom.xml
@@ -74,6 +74,17 @@
io.springfox
springfox-spring-web
${springfox.version}
+
+
+ io.github.classgraph
+ classgraph
+
+
+
+
+ io.github.classgraph
+ classgraph
+ ${classgraph.version}
io.springfox
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/src/main/scala/org/apache/linkis/gateway/config/GatewayConfiguration.scala b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/src/main/scala/org/apache/linkis/gateway/config/GatewayConfiguration.scala
index b9ef27105af..ec34644eb60 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/src/main/scala/org/apache/linkis/gateway/config/GatewayConfiguration.scala
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-gateway-core/src/main/scala/org/apache/linkis/gateway/config/GatewayConfiguration.scala
@@ -50,7 +50,7 @@ object GatewayConfiguration {
val OAUTH_CLIENT_ID = CommonVars("wds.linkis.gateway.auth.oauth.client.id", "")
val OAUTH_CLIENT_SECRET = CommonVars("wds.linkis.gateway.auth.oauth.client.secret", "")
val OAUTH_SCOPE = CommonVars("wds.linkis.gateway.auth.oauth.scope", "")
-
+
val PASS_AUTH_REQUEST_URI =
CommonVars("wds.linkis.gateway.conf.url.pass.auth", "/dws/").getValue.split(",")
diff --git a/linkis-spring-cloud-services/linkis-service-gateway/linkis-spring-cloud-gateway/pom.xml b/linkis-spring-cloud-services/linkis-service-gateway/linkis-spring-cloud-gateway/pom.xml
index eead24e624f..e1a025a11da 100644
--- a/linkis-spring-cloud-services/linkis-service-gateway/linkis-spring-cloud-gateway/pom.xml
+++ b/linkis-spring-cloud-services/linkis-service-gateway/linkis-spring-cloud-gateway/pom.xml
@@ -48,6 +48,10 @@
org.springframework.cloud
spring-cloud-starter-gateway
+
+ org.codehaus.jackson
+ jackson-core-asl
+
@@ -97,8 +101,17 @@
io.projectreactor.netty
reactor-netty
+
+ io.projectreactor.netty
+ reactor-netty-http
+
+
+ io.projectreactor.netty
+ reactor-netty-http
+ ${reactor-netty-http.version}
+
org.springframework.boot
spring-boot-starter
diff --git a/pom.xml b/pom.xml
index 9a6f73579c2..02041964e3d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -158,6 +158,7 @@
1.5.4
1.4.21
6.4.0
+ 4.8.112
3.9.1
2.0