/functionList 获取应用功能权限清单

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/jwt/AuthJwt.java

@@ -25,8 +25,11 @@ import org.dromara.maxkey.authn.SignPrincipal;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 
+import com.fasterxml.jackson.annotation.JsonFormat;
 import com.fasterxml.jackson.annotation.JsonProperty;
 
+import io.swagger.v3.oas.annotations.media.Schema;
+
 public class AuthJwt implements Serializable {
 	
 	private static final long serialVersionUID = -914373258878811144L;
@@ -48,6 +51,10 @@ public class AuthJwt implements Serializable {
 	
 	@JsonProperty(EXPIRES_IN)
 	private int expiresIn;
+	
+	@JsonFormat(shape = JsonFormat.Shape.STRING)
+	@Schema(name = "twoFactor", description = "二次认证类型")
+	int   twoFactor;
 
 	private String remeberMe;
 	private String id;
@@ -98,7 +105,7 @@ public class AuthJwt implements Serializable {
 		this.instId = principal.getUserInfo().getInstId();
 		this.instName = principal.getUserInfo().getInstName();
 		
-		this.authorities = new ArrayList<String>();
+		this.authorities = new ArrayList<>();
 		for(GrantedAuthority grantedAuthority :authentication.getAuthorities()) {
 			this.authorities.add(grantedAuthority.getAuthority());
 		}

maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/web/PersistFieldAutoFillHandler.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.authn.web;
 
 import java.util.Date;

maxkey-core/src/main/java/org/dromara/maxkey/entity/SyncJobConfigField.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.entity;
 
 import jakarta.persistence.Column;

maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryAppResourceDto.java

@@ -0,0 +1,75 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+ 
+
+package org.dromara.maxkey.entity.authz;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class QueryAppResourceDto {
+	
+	String appId;
+	
+	String userId;
+	
+	List<String> groupIds;
+	
+	List<String> roleIds;
+
+	public QueryAppResourceDto(String userId,String appId) {
+		super();
+		this.appId = appId;
+		this.userId = userId;
+		groupIds = new ArrayList<>();
+		roleIds = new ArrayList<>();
+	}
+
+	public String getAppId() {
+		return appId;
+	}
+
+	public void setAppId(String appId) {
+		this.appId = appId;
+	}
+
+	public String getUserId() {
+		return userId;
+	}
+
+	public void setUserId(String userId) {
+		this.userId = userId;
+	}
+
+	public List<String> getGroupIds() {
+		return groupIds;
+	}
+
+	public void setGroupIds(List<String> groupIds) {
+		this.groupIds = groupIds;
+	}
+
+	public List<String> getRoleIds() {
+		return roleIds;
+	}
+
+	public void setRoleIds(List<String> roleIds) {
+		this.roleIds = roleIds;
+	}
+
+}

maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryGroupMembersDto.java

@@ -0,0 +1,49 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+ 
+
+package org.dromara.maxkey.entity.authz;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class QueryGroupMembersDto {
+	
+	List<String> members;
+
+	public QueryGroupMembersDto() {
+		members = new ArrayList<>();
+	}
+
+	public QueryGroupMembersDto(List<String> members) {
+		this.members = members;
+	}
+	
+	public void add(String memberId) {
+		this.members.add(memberId);
+	}
+
+	public List<String> getMembers() {
+		return members;
+	}
+
+	public void setMembers(List<String> members) {
+		this.members = members;
+	}
+	
+}

maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/QueryRoleMembersDto.java

@@ -0,0 +1,57 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+package org.dromara.maxkey.entity.authz;
+
+import java.util.ArrayList;
+import java.util.List;
+
+public class QueryRoleMembersDto {
+	String appId;
+	
+	List<String> members;
+
+	public QueryRoleMembersDto() {
+		members = new ArrayList<>();
+	}
+
+	public QueryRoleMembersDto(List<String> members) {
+		this.members = members;
+	}
+	
+	public String getAppId() {
+		return appId;
+	}
+
+	public void setAppId(String appId) {
+		this.appId = appId;
+	}
+	
+	public void add(String memberId) {
+		this.members.add(memberId);
+	}
+
+	public List<String> getMembers() {
+		return members;
+	}
+
+	public void setMembers(List<String> members) {
+		this.members = members;
+	}
+	
+}

maxkey-core/src/main/java/org/dromara/maxkey/entity/authz/vo/AppResourcesVo.java

@@ -0,0 +1,30 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+
+package org.dromara.maxkey.entity.authz.vo;
+
+import java.util.Set;
+
+import org.dromara.maxkey.entity.apps.Apps;
+import org.dromara.maxkey.entity.permissions.Resources;
+
+
+public record AppResourcesVo(Apps app,Set<Resources> functions) {
+
+}

maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/AuthzResourceMapper.java

@@ -0,0 +1,45 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+ 
+package org.dromara.maxkey.persistence.mapper;
+
+import java.util.List;
+
+import org.dromara.maxkey.entity.authz.QueryAppResourceDto;
+import org.dromara.maxkey.entity.authz.QueryGroupMembersDto;
+import org.dromara.maxkey.entity.authz.QueryRoleMembersDto;
+import org.dromara.maxkey.entity.idm.Groups;
+import org.dromara.maxkey.entity.idm.UserInfo;
+import org.dromara.maxkey.entity.permissions.Resources;
+import org.dromara.maxkey.entity.permissions.Roles;
+import org.dromara.mybatis.jpa.IJpaMapper;
+
+public  interface AuthzResourceMapper extends IJpaMapper<UserInfo> {
+	
+	public List<Resources> queryResourcesByGroupId(QueryAppResourceDto dto) ;
+	
+	public List<Resources> queryResourcesByRoleId(QueryAppResourceDto dto) ;
+	
+	
+	public List<Groups> queryGroupsByMembers(QueryGroupMembersDto dto) ;
+	
+	public List<Roles> queryRolesByMembers(QueryRoleMembersDto dto) ;
+	
+	
+}

maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/mapper/SyncJobConfigFieldMapper.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.persistence.mapper;
 
 import org.apache.ibatis.annotations.Param;

maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/AuthzResourceService.java

@@ -0,0 +1,54 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+
+package org.dromara.maxkey.persistence.service;
+
+import java.util.List;
+import java.util.Set;
+
+import org.dromara.maxkey.entity.apps.Apps;
+import org.dromara.maxkey.entity.authz.QueryAppResourceDto;
+import org.dromara.maxkey.entity.idm.UserInfo;
+import org.dromara.maxkey.entity.permissions.Resources;
+import org.dromara.mybatis.jpa.IJpaService;
+
+public interface AuthzResourceService   extends IJpaService<UserInfo>{
+	
+	/**
+	 * 根据主体获取用户对应得应用资源清单
+	 * @param user
+	 * @param app 
+	 * @return 资源清单列表
+	 */
+    public Set<Resources> getResourcesBySubject(UserInfo user,Apps  app);
+   
+	/**
+	 * 根据组列表获取资源清单
+	 * @param dto
+	 * @return
+	 */
+	public List<Resources> queryResourcesByGroupId(QueryAppResourceDto dto) ;
+
+	/**
+	 * 根据角色列表获取资源清单
+	 * @param dto
+	 * @return
+	 */
+	public List<Resources> queryResourcesByRoleId(QueryAppResourceDto dto) ;
+}

maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/PasswordPolicyValidatorService.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.persistence.service;
 
 import org.dromara.maxkey.entity.ChangePassword;

maxkey-persistence/src/main/java/org/dromara/maxkey/persistence/service/impl/AuthzResourceServiceImpl.java

@@ -0,0 +1,100 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+
+package org.dromara.maxkey.persistence.service.impl;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import org.dromara.maxkey.entity.apps.Apps;
+import org.dromara.maxkey.entity.authz.QueryAppResourceDto;
+import org.dromara.maxkey.entity.authz.QueryGroupMembersDto;
+import org.dromara.maxkey.entity.authz.QueryRoleMembersDto;
+import org.dromara.maxkey.entity.idm.Groups;
+import org.dromara.maxkey.entity.idm.UserInfo;
+import org.dromara.maxkey.entity.permissions.Resources;
+import org.dromara.maxkey.entity.permissions.Roles;
+import org.dromara.maxkey.persistence.mapper.AuthzResourceMapper;
+import org.dromara.maxkey.persistence.service.AuthzResourceService;
+import org.dromara.mybatis.jpa.service.impl.JpaServiceImpl;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class AuthzResourceServiceImpl   extends JpaServiceImpl<AuthzResourceMapper,UserInfo> implements AuthzResourceService{
+	private static final Logger logger = LoggerFactory.getLogger(AuthzResourceServiceImpl.class);
+
+	/**
+	 * 根据主体获取用户对应得应用资源清单
+	 * @param user
+	 * @param app 
+	 * @return 资源清单列表
+	 */
+    public Set<Resources> getResourcesBySubject(UserInfo user,Apps  app){
+    	logger.debug("user {} , app {}",user,app);
+    	Set<Resources> resourcesList = new HashSet<>();
+    	
+    	QueryAppResourceDto dto = new QueryAppResourceDto(user.getId(),app.getId());
+    	
+    	//查询用户的所属用户组
+    	QueryGroupMembersDto queryGroupMembersDto = new QueryGroupMembersDto();
+    	queryGroupMembersDto.add(user.getId());
+    	List<Groups> listGroup = getMapper().queryGroupsByMembers(queryGroupMembersDto);
+    	for(Groups group : listGroup) {
+    		dto.getGroupIds().add(group.getId());
+    	}
+    	
+    	//根据用户组获取应用资源
+    	List<Resources> groupResourcesList = queryResourcesByGroupId(dto);
+    	resourcesList.addAll(groupResourcesList);
+    	
+    	//查询用户的所属应用角色组
+    	QueryRoleMembersDto queryRoleMembersDto = new QueryRoleMembersDto();
+    	queryRoleMembersDto.setAppId(app.getId());
+    	queryRoleMembersDto.add(user.getId());
+    	List<Roles> listRoles = getMapper().queryRolesByMembers(queryRoleMembersDto);
+    	for(Roles role : listRoles) {
+    		dto.getRoleIds().add(role.getId());
+    	}
+    	//根据角色获取应用资源
+    	List<Resources> roleResourcesList = queryResourcesByRoleId(dto);
+    	resourcesList.addAll(roleResourcesList);
+
+    	return resourcesList;
+    }
+ 
+	/**
+	 * 根据组列表获取资源清单
+	 * @param dto
+	 * @return
+	 */
+	public List<Resources> queryResourcesByGroupId(QueryAppResourceDto dto) {
+		return getMapper().queryResourcesByGroupId(dto);
+	}
+
+	/**
+	 * 根据角色列表获取资源清单
+	 * @param dto
+	 * @return
+	 */
+	public List<Resources> queryResourcesByRoleId(QueryAppResourceDto dto) {
+		return getMapper().queryResourcesByRoleId(dto);
+	}
+}

maxkey-persistence/src/main/resources/org/dromara/maxkey/persistence/mapper/xml/mysql/AuthzResourceMapper.xml

@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="org.dromara.maxkey.persistence.mapper.AuthzResourceMapper" >
+
+	<select id="queryGroupsByMembers" parameterType="QueryGroupMembersDto" resultType="Groups">
+        select distinct mg.*
+        from mxk_groups mg
+        join mxk_group_member mgm
+        on mg.id = mgm.groupid
+        where mg.status = 1
+        and (
+        groupcode = 'ROLE_ALL_USER'
+        or mgm.memberid in(
+        <foreach collection="members" item="item" separator=",">
+            #{item}
+        </foreach>
+        )
+        )
+    </select>
+    
+    <select id="queryRolesByMembers" parameterType="QueryRoleMembersDto" resultType="Roles">
+        select distinct mr.*
+        from mxk_roles mr
+        join mxk_role_member mrm
+        on mr.id = mrm.roleid
+        where mr.status = 1
+        and mr.appid = #{appId}
+        and (
+        rolecode = 'ROLE_ALL_USER'
+        or mrm.memberid in(
+        <foreach collection="members" item="item" separator=",">
+            #{item}
+        </foreach>
+        )
+        )
+    </select>
+    
+	<select id="queryResourcesByGroupId" parameterType="QueryAppResourceDto" resultType="Resources">
+        SELECT distinct mr.*
+        FROM mxk_resources mr
+        join mxk_permission mp
+        on mr.id = mp.resourceid
+        where mr.appid = mp.appid
+        and mr.appid = #{appId}
+        and mr.status ='1'
+        and mp.appid = #{appId}
+        and mp.status =1
+        and mp.groupid in (
+        <foreach collection="groupIds" item="item" separator=",">
+            #{item}
+        </foreach>
+        )
+    </select>
+    
+    <select id="queryResourcesByRoleId" parameterType="QueryAppResourceDto" resultType="Resources">
+        SELECT distinct mr.*
+        FROM mxk_resources mr
+        join mxk_permission_role mpr
+        on mr.id = mpr.resourceid
+        where mr.appid = mpr.appid
+        and mr.appid = #{appId}
+        and mr.status ='1'
+        and mpr.appid = #{appId}
+        and mpr.status =1
+        and mpr.roleid in (
+        <foreach collection="roleIds" item="item" separator=",">
+            #{item}
+        </foreach>
+        )
+    </select>
+	
+</mapper>

maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/SyncJobConfigFieldService.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.synchronizer.service;
 
 import org.dromara.maxkey.entity.SyncJobConfigField;

maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/service/impl/SyncJobConfigFieldServiceImpl.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.synchronizer.service.impl;
 
 import org.dromara.maxkey.entity.SyncJobConfigField;

maxkey-synchronizers/maxkey-synchronizer/src/main/java/org/dromara/maxkey/synchronizer/utils/FieldUtil.java

@@ -1,3 +1,20 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
 package org.dromara.maxkey.synchronizer.utils;
 
 import org.joda.time.DateTime;

maxkey-web-apis/maxkey-web-api-rest/build.gradle

@@ -11,5 +11,7 @@ dependencies {
 	implementation project(":maxkey-common")
 	implementation project(":maxkey-core")
 	implementation project(":maxkey-persistence")
+	
+	implementation project(":maxkey-authentications:maxkey-authentication-core")
    
 }

maxkey-web-apis/maxkey-web-api-rest/src/main/java/org/dromara/maxkey/web/apis/identity/rest/RestResourcesController.java

@@ -0,0 +1,85 @@
+/*
+ * Copyright [2025] [MaxKey of copyright http://www.maxkey.top]
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+ 
+
+
+package org.dromara.maxkey.web.apis.identity.rest;
+
+import java.util.HashSet;
+import java.util.Set;
+
+
+import org.slf4j.LoggerFactory;
+import org.dromara.maxkey.authn.web.AuthorizationUtils;
+import org.dromara.maxkey.entity.Message;
+import org.dromara.maxkey.entity.apps.Apps;
+import org.dromara.maxkey.entity.authz.vo.AppResourcesVo;
+import org.dromara.maxkey.entity.idm.UserInfo;
+import org.dromara.maxkey.entity.permissions.Resources;
+import org.dromara.maxkey.persistence.service.AppsService;
+import org.dromara.maxkey.persistence.service.AuthzResourceService;
+import org.dromara.maxkey.persistence.service.UserInfoService;
+import org.slf4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import io.swagger.v3.oas.annotations.Operation;
+
+@RestController
+@RequestMapping("/api/idm/Resources")
+public class RestResourcesController {
+	static final  Logger logger = LoggerFactory.getLogger(RestResourcesController.class);
+
+    @Autowired
+    UserInfoService userInfoService;
+    
+    @Autowired
+    AppsService appsService;
+    
+    @Autowired
+    AuthzResourceService authzResourceService;
+   
+    @Operation(summary = "获取应用功能权限清单", description = "获取应用功能权限清单",method="GET")
+    @GetMapping("/functionList")
+    public Message<AppResourcesVo> getFunctionList(@RequestParam("userId") String userId) {
+    	logger.debug("userId {} ", userId);
+        UserInfo user = userInfoService.get(userId);
+        ///获取appId登录
+        User  principal = (User)AuthorizationUtils.getAuthentication().getPrincipal();
+        Apps app = appsService.get(principal.getUsername(),true);
+    	logger.debug("appId {} " , app.getId());	
+    	Apps relatedApp = new Apps();
+    	if(user != null) {
+	    	relatedApp.setId(app.getId());
+	    	relatedApp.setAppName(app.getAppName());
+	    	relatedApp.setLoginUrl(app.getLoginUrl());
+	    	relatedApp.setLogoutUrl(app.getLogoutUrl());
+	    	relatedApp.setProtocol(app.getProtocol());
+	    	relatedApp.setCategory(app.getCategory());
+	    	relatedApp.setVendor(app.getVendor());
+	    	relatedApp.setVendorUrl(app.getVendorUrl());
+	    	relatedApp.setDescription(app.getDescription());
+	    	Set<Resources> functions  = authzResourceService.getResourcesBySubject(user,app);
+	    	return new Message<>(new AppResourcesVo(relatedApp,functions)); 
+    	}else {
+    		return new Message<>(new AppResourcesVo(relatedApp,new HashSet<>())); 
+    	}
+    }
+}

maxkey-webs/maxkey-web-openapi/src/main/java/org/dromara/maxkey/web/interceptor/RestApiPermissionAdapter.java

@@ -17,17 +17,22 @@
 
 package org.dromara.maxkey.web.interceptor;
 
+import java.util.ArrayList;
+
 import org.apache.commons.lang3.StringUtils;
 import org.dromara.maxkey.authn.web.AuthorizationUtils;
 import org.dromara.maxkey.authz.oauth2.provider.OAuth2Authentication;
 import org.dromara.maxkey.authz.oauth2.provider.token.DefaultTokenServices;
+import org.dromara.maxkey.crypto.password.PasswordReciprocal;
+import org.dromara.maxkey.entity.apps.Apps;
+import org.dromara.maxkey.persistence.service.AppsService;
 import org.dromara.maxkey.util.AuthorizationHeader;
 import org.dromara.maxkey.util.AuthorizationHeaderUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.AsyncHandlerInterceptor;
@@ -45,11 +50,13 @@ import jakarta.servlet.http.HttpServletResponse;
 public class RestApiPermissionAdapter  implements AsyncHandlerInterceptor  {
 	private static final Logger logger = LoggerFactory.getLogger(RestApiPermissionAdapter.class);
 
+	static final String PASSWORD = "password";
+	
 	@Autowired
 	DefaultTokenServices oauth20TokenServices;
 
 	@Autowired
-	ProviderManager oauth20ClientAuthenticationManager;
+	AppsService appsService;
 	
 	/*
 	 * 请求前处理
@@ -68,11 +75,21 @@ public class RestApiPermissionAdapter  implements AsyncHandlerInterceptor  {
 			    if(StringUtils.isNotBlank(headerCredential.getUsername())&&
 			    		StringUtils.isNotBlank(headerCredential.getCredential())
 			    		) {
-			    	UsernamePasswordAuthenticationToken authRequest = 
+			    	String appId = headerCredential.getUsername();
-							new UsernamePasswordAuthenticationToken(
+			    	String credential = headerCredential.getCredential();
-									headerCredential.getUsername(),
+			    	Apps app = appsService.get(appId, true);
-									headerCredential.getCredential());
+			    	if(app != null ) {
-			    	authenticationToken= (UsernamePasswordAuthenticationToken)oauth20ClientAuthenticationManager.authenticate(authRequest);
+			    		if(	PasswordReciprocal.getInstance().matches(credential, app.getSecret())) {
+			    			ArrayList<SimpleGrantedAuthority> grantedAuthoritys = new ArrayList<>();
+			    			grantedAuthoritys.add(new SimpleGrantedAuthority("ROLE_USER"));
+			    			User user = new User(appId, PASSWORD, grantedAuthoritys);
+			    			authenticationToken= new UsernamePasswordAuthenticationToken(user, PASSWORD, grantedAuthoritys);
+			    		}else {
+			    			logger.trace("app {} secret not matches . ",appId);
+			    		}
+				    }else {
+				    	logger.trace("app {} not exists . ",appId);
+				    }
 			    }
 			}else if(StringUtils.isNotBlank(headerCredential.getCredential())){
 				logger.trace("Authentication bearer {}" , headerCredential.getCredential());