v 3.2.0

2025-12-07 17:38:32 +08:00 · 2021-12-14 12:38:06 +08:00 · 2021-12-14 12:38:06 +08:00 · de702ada8e
commit de702ada8e
parent c490551aef
53 changed files with 302 additions and 344 deletions
--- a/ReleaseNotes.txt
+++ b/ReleaseNotes.txt
@ -1,4 +1,30 @@
-MaxKey v 3.1.1 GA 2021/11/30
+MaxKey v 3.2.0 GA 202*/**/**
    *(MAXKEY-211001) 实现多租户基本功能
    *(MAXKEY-211002) Apache log4j漏洞升级到2.15.0
    *(MAXKEY-211004) 修改对称加密算法，
    *(MAXKEY-211005) OAuth 2.*增加departmentId用户返回属性
    *(MAXKEY-211006) 删除springfox,swagger依赖，增加springdoc依赖
 	*(MAXKEY-211007) 删除eclipsePluginApply.bat脚本
 	*(MAXKEY-211008) 同步器凭证加密
 	*(MAXKEY-211009) 社交账号提供商client_secret加密
    *(MAXKEY-211010) 依赖jar引用、更新和升级
        log4j           2.15.0
        tomcat          9.0.56
        springBoot      2.6.1
        springSecurity  5.6.0
        springData      2.6.0
        springSession   2.6.0
        springkafka     2.8.0
        springdoc       1.5.13
        springcloud     3.1.0
        guava           31.0.1-jre
        micrometercore  1.8.1
        commonspool2    2.11.1
        swaggerV3       2.1.11
 		jedis           3.7.1
 		mybatis         3.5.8
 MaxKey v 3.1.1 GA 2021/11/30
    *(MAXKEY-210901) 腾讯iOA零信任产品适配
    *(MAXKEY-210902) docker部署完善和文档优化
    *(MAXKEY-210903) docker-compose支持和文档
--- a/build.gradle
+++ b/build.gradle
@ -283,8 +283,8 @@ subprojects {
         implementation  group: 'org.springframework.session', name: 'spring-session-core', version: "${springSessionVersion}"
         implementation  group: 'org.springframework.session', name: 'spring-session-data-redis', version: "${springSessionVersion}"
-         implementation  group: 'org.springframework.plugin', name: 'spring-plugin-core', version: "${springplugincoreVersion}"
+         //implementation  group: 'org.springframework.plugin', name: 'spring-plugin-core', version: "${springplugincoreVersion}"
-         implementation  group: 'org.springframework.plugin', name: 'spring-plugin-metadata', version: "${springpluginmetadataVersion}"
+         //implementation  group: 'org.springframework.plugin', name: 'spring-plugin-metadata', version: "${springpluginmetadataVersion}"
         //spring cloud
         implementation  group: 'org.springframework.cloud', name: 'spring-cloud-commons', version: "${springcloudVersion}"
         implementation  group: 'org.springframework.cloud', name: 'spring-cloud-context', version: "${springcloudVersion}"
@ -354,7 +354,6 @@ subprojects {
         implementation  group: 'com.alibaba', name: 'druid', version: "${druidVersion}"
         implementation  group: 'com.alibaba', name: 'druid-spring-boot-starter', version: "${druidspringbootstarterVersion}"
         implementation  group: 'redis.clients', name: 'jedis', version: "${jedisVersion}"
         //implementation  group: 'org.ehcache', name: 'ehcache', version: "${ehcacheVersion}"
         //implementation  group: 'org.liquibase', name: 'liquibase-core', version: '4.3.5'
         implementation group: 'com.github.ben-manes.caffeine', name: 'caffeine', version: "${caffeineVersion}"
         //mybatis
@ -408,34 +407,22 @@ subprojects {
         implementation  group: 'com.alibaba', name: 'fastjson', version: "${fastjsonVersion}"
         //docs
         implementation  group: 'org.mapstruct', name: 'mapstruct', version: "${mapstructVersion}"
-         implementation  group: 'io.swagger', name: 'swagger-annotations', version: "${swaggerVersion}"
+         //implementation  group: 'io.swagger', name: 'swagger-annotations', version: "${swaggerVersion}"
-         implementation  group: 'io.swagger', name: 'swagger-models', version: "${swaggerVersion}"
+         //implementation  group: 'io.swagger', name: 'swagger-models', version: "${swaggerVersion}"
         implementation  group: 'io.swagger.core.v3', name: 'swagger-annotations', version: "${swaggerV3Version}"
         implementation  group: 'io.swagger.core.v3', name: 'swagger-core', version: "${swaggerV3Version}"
         implementation  group: 'io.swagger.core.v3', name: 'swagger-integration', version: "${swaggerV3Version}"
         implementation  group: 'io.swagger.core.v3', name: 'swagger-models', version: "${swaggerV3Version}"
-         //springfox
+         //springdoc
-         implementation  group: 'io.springfox', name: 'springfox-bean-validators', version: "${springfoxVersion}"
+         implementation group: 'io.github.classgraph', name: 'classgraph', version: '4.8.137'
-         implementation  group: 'io.springfox', name: 'springfox-core', version: "${springfoxVersion}"
+         implementation group: 'org.springdoc', name: 'springdoc-openapi-common', version: "${springdocVersion}"
-         implementation  group: 'io.springfox', name: 'springfox-data-rest', version: "${springfoxVersion}"
+         implementation group: 'org.springdoc', name: 'springdoc-openapi-webmvc-core', version: "${springdocVersion}"
-         implementation  group: 'io.springfox', name: 'springfox-spi', version: "${springfoxVersion}"
+         implementation group: 'org.springdoc', name: 'springdoc-openapi-ui', version: "${springdocVersion}"
-         implementation  group: 'io.springfox', name: 'springfox-oas', version: "${springfoxVersion}"
+         implementation group: 'org.webjars', name: 'webjars-locator-core', version: '0.48'
-         implementation  group: 'io.springfox', name: 'springfox-schema', version: "${springfoxVersion}"
+         implementation group: 'org.webjars', name: 'webjars-locator', version: '0.42'
-         implementation  group: 'io.springfox', name: 'springfox-swagger2', version: "${springfoxVersion}"
+         implementation group: 'org.webjars', name: 'swagger-ui', version: '4.1.3'
         implementation  group: 'io.springfox', name: 'springfox-swagger-ui', version: "${springfoxVersion}"
         implementation  group: 'io.springfox', name: 'springfox-swagger-common', version: "${springfoxVersion}"
         implementation  group: 'io.springfox', name: 'springfox-spring-webmvc', version: "${springfoxVersion}"
         implementation  group: 'io.springfox', name: 'springfox-spring-web', version: "${springfoxVersion}"
         implementation  group: 'io.springfox', name: 'springfox-spring-webflux', version: "${springfoxVersion}"
         implementation  group: 'io.springfox', name: 'springfox-boot-starter', version: "${springfoxVersion}"
         //knife4j
-         implementation  group: 'com.github.xiaoymin', name: 'knife4j-annotations', version: "${knife4jVersion}"
+         implementation group: 'com.github.xiaoymin', name: 'knife4j-springdoc-ui', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-core', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-spring-mvc', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-spring', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-spring-ui', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-spring-boot-starter', version: "${knife4jVersion}"
         implementation  group: 'com.github.xiaoymin', name: 'knife4j-spring-boot-autoconfigure', version: "${knife4jVersion}"
         //local jars
         implementation fileTree(dir: "${rootDir}/maxkey-lib/", include: '*.jar')
--- a/gradle.properties
+++ b/gradle.properties
@ -1,6 +1,6 @@
 #maxkey properties 
 group                           =maxkey.top
-version                         =3.1.1
+version                         =3.2.0
 vendor                          =https://www.maxkey.top
 author                          =MaxKeyTop
@ -26,7 +26,7 @@ commonsioVersion                =2.8.0
 commonslangVersion              =2.6
 commonslang3Version             =3.11
 commonsloggingVersion           =1.2
-commonspool2Version             =2.6.2
+commonspool2Version             =2.11.1
 commonshttpclientVersion        =3.1
 commonsfileuploadVersion        =1.4
 commonsemailVersion             =1.5
@ -41,20 +41,19 @@ commonscompressVersion          =1.20
 log4jVersion                    =2.15.0
 kafkaclientsVersion             =2.8.1
 poiVersion                      =4.1.2
-tomcatVersion                   =9.0.54
+tomcatVersion                   =9.0.56
 tomcatembedloggingjuliVersion   =8.5.2
 #spring
 springVersion                   =5.3.13
-springBootVersion               =2.5.6
+springBootVersion               =2.6.1
-springSecurityVersion           =5.5.3
+springSecurityVersion           =5.6.0
-springDataVersion               =2.5.7
+springDataVersion               =2.6.0
-springSessionVersion            =2.5.3
+springSessionVersion            =2.6.0
-springkafkaVersion              =2.7.8
+springkafkaVersion              =2.8.0
 springretryVersion              =1.3.0
 springplugincoreVersion         =2.0.0.RELEASE
 springpluginmetadataVersion     =2.0.0.RELEASE
-springfoxVersion                =3.0.0
+springcloudVersion              =3.1.0
 springcloudVersion              =3.0.4
 springcloudalibabaVersion       =2021.1
 springcloudalibabaspringVersion =1.0.11
 springcloudalibabacsplVersion   =1.8.2
@ -64,7 +63,7 @@ jibGradlePluginVersion          =3.1.4
 jhlabsfiltersVersion            =2.0.235-1
 kaptchaVersion                  =2.3.2
 gsonVersion                     =2.8.8
-guavaVersion                    =30.1.1-jre
+guavaVersion                    =31.0.1-jre
 tinkVersion                     =1.4.0
 zxingcoreVersion                =3.4.1
 concurrentlinkedhashmaplruVersion =1.4.2
@ -72,18 +71,18 @@ concurrentlinkedhashmaplruVersion =1.4.2
 jbossloggingVersion             =3.4.2.Final
 hibernateVersion                =6.2.0.Final
 #doc
-swaggerVersion                  =1.6.2
+swaggerV3Version                =2.1.11
-swaggerV3Version                =2.1.10
+springdocVersion                =1.5.13
 knife4jVersion                  =3.0.3
 #database
 postgresqlVersion               =42.2.20
 mysqlconnectorjavaVersion       =8.0.26
 druidVersion                    =1.2.8
 druidspringbootstarterVersion   =1.2.8
-jedisVersion                    =3.7.0
+jedisVersion                    =3.7.1
 ehcacheVersion                  =3.9.6
 caffeineVersion                 =2.9.2
-mybatisVersion                  =3.5.7
+mybatisVersion                  =3.5.8
 mybatisspringVersion            =2.0.6
 #saml
 opensamlVersion                 =2.6.6
@ -153,7 +152,7 @@ xmlsecVersion                   =1.5.8
 xpp3Version                     =1.1.6
 xstreamVersion                  =1.4.10
 passayVersion                   =1.6.0
-micrometercoreVersion           =1.6.4
+micrometercoreVersion           =1.8.1
 LatencyUtilsVersion             =2.0.3
 stax2apiVersion                 =4.2.1
 mapstructVersion                =1.4.1.Final
--- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/SwaggerConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/SwaggerConfig.java
@ -1,27 +1,21 @@
 package org.maxkey.autoconfigure;
-import java.util.ArrayList;
+import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springdoc.core.GroupedOpenApi;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import com.github.xiaoymin.knife4j.spring.annotations.EnableKnife4j;
+
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.models.ExternalDocumentation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.models.OpenAPI;
-import springfox.documentation.builders.PathSelectors;
+import io.swagger.v3.oas.models.info.Info;
-import springfox.documentation.builders.RequestHandlerSelectors;
+import io.swagger.v3.oas.models.info.License;
 import springfox.documentation.oas.annotations.EnableOpenApi;
 import springfox.documentation.service.ApiInfo;
 import springfox.documentation.service.Contact;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spring.web.plugins.Docket;
 import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@EnableOpenApi
@EnableKnife4j
 public class SwaggerConfig {
-
+	final static Logger _logger = LoggerFactory.getLogger(SwaggerConfig.class);
    @Value("${maxkey.swagger.title}")
    String title;
@ -35,38 +29,45 @@ public class SwaggerConfig {
    boolean enable;
    @Bean
-    public Docket docket(){
+    public GroupedOpenApi userApi(){
-        if(enable) {
+        String[] paths = { 
-            return new Docket(DocumentationType.SWAGGER_2)
+        		"/login",
-                .apiInfo(apiInfo())
+        		"/logout",
-                .select()
+        		"/login/**",
-                .apis(RequestHandlerSelectors.basePackage("org.maxkey")
+        		"/logout/**",
-                        .and(RequestHandlerSelectors.withClassAnnotation(Api.class))
+        		"/authz/**",
-                        .and(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class)))
+        		"/authz/**/**",
-                .paths(PathSelectors.any())
+        		"/metadata/saml20/**" , 
-                .build();
+        		"/onlineticket/validate/**",
-        }else {
+        		"/api/connect/v10/userinfo",
-            return null;
+        		"/api/oauth/v20/me"
-        }
+        		
-
+        	};
        String[] packagedToMatch = { "org.maxkey.authz" };
        return GroupedOpenApi.builder().group(title)
                .pathsToMatch(paths)
                .packagesToScan(packagedToMatch).build();
    }
-    //    配置swagger信息
+	@Bean
-    @SuppressWarnings(value = { })
+	public OpenAPI docOpenAPI() {
-    private ApiInfo apiInfo() {
+		return new OpenAPI()
-        Contact contact = new Contact(
+				.info(
-                                "MaxKey.top", 
+					new Info()
-                                "https://www.maxkey.top/", 
+						.title(title)
-                                "maxkeysupport@163.com");
+						.description(description)
-        
+						.version(version)
-        return new ApiInfo(
+						.termsOfService("https://www.maxkey.top/")
-                title,
+						.license(
-                description,
+							new License()
-                version,
+								.name("Apache License, Version 2.0")
-                "https://www.maxkey.top/",
+								.url("http://www.apache.org/licenses/LICENSE-2.0")
-                contact,
+						)
-                "Apache License, Version 2.0",
+				).
-                "http://www.apache.org/licenses/LICENSE-2.0",
+				externalDocs(
-                new ArrayList<>());
+						new ExternalDocumentation()
-    }
+						.description("MaxKey.top contact maxkeysupport@163.com")
 						.url("https://www.maxkey.top/")
 				);
 	}
 }
--- a/maxkey-core/src/main/java/org/maxkey/entity/GroupMember.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/GroupMember.java
@ -69,22 +69,24 @@ public class GroupMember extends UserInfo implements Serializable{
 	 * @param memberId
 	 * @param type
 	 */
-	public GroupMember(String groupId, String memberId, String type) {
+	public GroupMember(String groupId, String memberId, String type , String instId) {
 		super();
 		this.groupId = groupId;
 		this.memberId = memberId;
 		this.type = type;
 		this.instId = instId;
 	}
 	public GroupMember(String groupId, String groupName, String memberId,
-			String memberName, String type) {
+			String memberName, String type , String instId) {
 		super();
 		this.groupId = groupId;
 		this.groupName = groupName;
 		this.memberId = memberId;
 		this.memberName = memberName;
 		this.type = type;
 		this.instId = instId;
 	}
--- a/maxkey-core/src/main/java/org/maxkey/entity/GroupPrivileges.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/GroupPrivileges.java
@ -66,10 +66,11 @@ public class GroupPrivileges extends Apps implements Serializable{
 	 * @param groupId
 	 * @param appId
 	 */
-	public GroupPrivileges(String groupId, String appId) {
+	public GroupPrivileges(String groupId, String appId, String instId) {
 		super();
 		this.groupId = groupId;
 		this.appId = appId;
 		this.instId = instId;
 	}
--- a/maxkey-core/src/main/java/org/maxkey/entity/RoleMember.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/RoleMember.java
@ -120,21 +120,23 @@ public class RoleMember extends UserInfo implements Serializable {
 		this.instName = instName;
 	}
-	public RoleMember(String roleId, String memberId, String type) {
+	public RoleMember(String roleId, String memberId, String type , String instId) {
        super();
        this.roleId = roleId;
        this.memberId = memberId;
        this.type = type;
        this.instId = instId;
    }
-    public RoleMember(String roleId, String roleName, String memberId, String memberName, String type) {
+    public RoleMember(String roleId, String roleName, String memberId, String memberName, String type ,String instId) {
        super();
        this.roleId = roleId;
        this.roleName = roleName;
        this.memberId = memberId;
        this.memberName = memberName;
        this.type = type;
        this.instId = instId;
    }
    @Override
--- a/maxkey-core/src/main/java/org/maxkey/entity/RolePermissions.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/RolePermissions.java
@ -53,9 +53,10 @@ public class RolePermissions  extends JpaBaseEntity implements Serializable {
    public RolePermissions() {
    }
-    public RolePermissions(String appId, String roleId) {
+    public RolePermissions(String appId, String roleId, String instId) {
        this.appId = appId;
        this.roleId = roleId;
        this.instId = instId;
    }
    /**
@ -64,11 +65,12 @@ public class RolePermissions  extends JpaBaseEntity implements Serializable {
     * @param roleId String
     * @param resourceId String
     */
-    public RolePermissions(String appId, String roleId, String resourceId) {
+    public RolePermissions(String appId, String roleId, String resourceId , String instId) {
        this.id = WebContext.genId();
        this.appId = appId;
        this.roleId = roleId;
        this.resourceId = resourceId;
        this.instId = instId;
    }
    public String getId() {
--- a/maxkey-gataway/src/main/resources/application.yml
+++ b/maxkey-gataway/src/main/resources/application.yml
@ -1,7 +1,7 @@
 #端口号
 application:
  name: maxkey-gateway-server
-  formatted-version: v3.1.1 GA
+  formatted-version: v3.2.0 GA
 server:
  port: 9000
 spring:
--- a/maxkey-identitys/maxkey-synchronizers-activedirectory/src/main/java/org/maxkey/synchronizer/activedirectory/ActiveDirectoryOrganizationService.java
+++ b/maxkey-identitys/maxkey-synchronizers-activedirectory/src/main/java/org/maxkey/synchronizer/activedirectory/ActiveDirectoryOrganizationService.java
@ -120,6 +120,7 @@ public class ActiveDirectoryOrganizationService  extends AbstractSynchronizerSer
 			org.setStreet(LdapUtils.getAttributeStringValue(OrganizationalUnit.STREET,attributeMap));
 			org.setPostalCode(LdapUtils.getAttributeStringValue(OrganizationalUnit.POSTALCODE,attributeMap));
 			org.setDescription(LdapUtils.getAttributeStringValue(OrganizationalUnit.DESCRIPTION,attributeMap));
 			org.setInstId(this.synchronizer.getInstId());
 			orgsNamePathMap.put(org.getNamePath(), org);
 			_logger.info("org " + org);
 			organizationsService.insert(org);
--- a/maxkey-identitys/maxkey-synchronizers-activedirectory/src/main/java/org/maxkey/synchronizer/activedirectory/ActiveDirectoryUsersService.java
+++ b/maxkey-identitys/maxkey-synchronizers-activedirectory/src/main/java/org/maxkey/synchronizer/activedirectory/ActiveDirectoryUsersService.java
@ -151,6 +151,7 @@ public class ActiveDirectoryUsersService extends AbstractSynchronizerService
 			userInfo.setUserType("EMPLOYEE");
 			userInfo.setTimeZone("Asia/Shanghai");
 			userInfo.setStatus(1);
 			userInfo.setInstId(this.synchronizer.getInstId());
 			UserInfo quser=new UserInfo();
 			quser.setUsername(userInfo.getUsername());
 			UserInfo loadedUser=userInfoService.load(quser);
--- a/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingOrganizationService.java
+++ b/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingOrganizationService.java
@ -18,12 +18,10 @@
 package org.maxkey.synchronizer.dingding;
 import org.maxkey.entity.Organizations;
-import org.maxkey.entity.Synchronizers;
+import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.persistence.service.OrganizationsService;
 import org.maxkey.synchronizer.ISynchronizerService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import com.dingtalk.api.DefaultDingTalkClient;
 import com.dingtalk.api.DingTalkClient;
@ -33,14 +31,11 @@ import com.dingtalk.api.response.OapiV2DepartmentListsubResponse.DeptBaseRespons
 import com.taobao.api.ApiException;
@Service
-public class DingdingOrganizationService   implements ISynchronizerService{
+public class DingdingOrganizationService  extends AbstractSynchronizerService implements ISynchronizerService{
 	final static Logger _logger = LoggerFactory.getLogger(DingdingOrganizationService.class);
 	OapiV2DepartmentListsubResponse rspDepts;
 	@Autowired
 	OrganizationsService organizationsService;
 	String access_token;
 	public void sync() {
@ -78,6 +73,7 @@ public class DingdingOrganizationService   implements ISynchronizerService{
 		org.setId(dept.getDeptId()+"");
 		org.setName(dept.getName());
 		org.setParentId(dept.getParentId()+"");
 		org.setInstId(this.synchronizer.getInstId());
 		return org;
 	}
@ -94,19 +90,6 @@ public class DingdingOrganizationService   implements ISynchronizerService{
 	public OapiV2DepartmentListsubResponse getRspDepts() {
 		return rspDepts;
 	}
 	public OrganizationsService getOrganizationsService() {
 		return organizationsService;
 	}
 	public void setOrganizationsService(OrganizationsService organizationsService) {
 		this.organizationsService = organizationsService;
 	}
 	@Override
 	public void setSynchronizer(Synchronizers Synchronizer) {
 	}
 }
--- a/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingSynchronizerService.java
+++ b/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingSynchronizerService.java
@ -48,12 +48,13 @@ public class DingdingSynchronizerService  implements ISynchronizerService{
 		_logger.info("Sync ...");
 		dingdingAccessTokenService.setAppkey(synchronizer.getPrincipal());
 		dingdingAccessTokenService.setAppsecret(synchronizer.getCredentials());
 		String access_token=dingdingAccessTokenService.requestToken();
 		dingdingOrganizationService.setSynchronizer(synchronizer);
 		dingdingOrganizationService.setAccess_token(access_token);
 		dingdingOrganizationService.sync();
 		dingdingUsersService.setSynchronizer(synchronizer);
 		dingdingUsersService.setAccess_token(access_token);
 		dingdingUsersService.sync();
 	}
--- a/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingUsersService.java
+++ b/maxkey-identitys/maxkey-synchronizers-dingding/src/main/java/org/maxkey/synchronizer/dingding/DingdingUsersService.java
@ -19,9 +19,8 @@ package org.maxkey.synchronizer.dingding;
 import org.joda.time.DateTime;
 import org.joda.time.format.DateTimeFormat;
 import org.maxkey.entity.Synchronizers;
 import org.maxkey.entity.UserInfo;
-import org.maxkey.persistence.service.UserInfoService;
+import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.synchronizer.ISynchronizerService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -36,14 +35,11 @@ import com.dingtalk.api.response.OapiV2DepartmentListsubResponse.DeptBaseRespons
 import com.dingtalk.api.response.OapiV2UserListResponse.ListUserResponse;
@Service
-public class DingdingUsersService   implements ISynchronizerService{
+public class DingdingUsersService  extends AbstractSynchronizerService implements ISynchronizerService{
 	final static Logger _logger = LoggerFactory.getLogger(DingdingUsersService.class);
 	@Autowired
-	DingdingOrganizationService organizationService;
+	DingdingOrganizationService dingdingOrganizationService;
 	@Autowired
 	UserInfoService userInfoService;
 	String access_token;
@ -51,7 +47,7 @@ public class DingdingUsersService   implements ISynchronizerService{
 		_logger.info("Sync Users...");
 		try {
-			OapiV2DepartmentListsubResponse rspDepts = organizationService.getRspDepts();
+			OapiV2DepartmentListsubResponse rspDepts = dingdingOrganizationService.getRspDepts();
 			for(DeptBaseResponse dept : rspDepts.getResult()) {
 				DingTalkClient client = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/list");
 				OapiV2UserListRequest req = new OapiV2UserListRequest();
@ -101,35 +97,19 @@ public class DingdingUsersService   implements ISynchronizerService{
 		userInfo.setWorkPhoneNumber(user.getTelephone());//鍏徃鐢佃瘽
 		userInfo.setWorkOfficeName(user.getWorkPlace());//鍔炲叕瀹<EFBFBD>
 		userInfo.setDescription(user.getRemark());//澶囨敞
-		
+		userInfo.setInstId(this.synchronizer.getInstId());
 		return userInfo;
 	}
-	public void setOrganizationService(DingdingOrganizationService organizationService) {
+
 		this.organizationService = organizationService;
 	}
 	public void setAccess_token(String access_token) {
 		this.access_token = access_token;
 	}
-	public UserInfoService getUserInfoService() {
+	public void setDingdingOrganizationService(DingdingOrganizationService dingdingOrganizationService) {
-		return userInfoService;
+		this.dingdingOrganizationService = dingdingOrganizationService;
 	}
 	public void setUserInfoService(UserInfoService userInfoService) {
 		this.userInfoService = userInfoService;
 	}
 	public DingdingOrganizationService getOrganizationService() {
 		return organizationService;
 	}
 	@Override
 	public void setSynchronizer(Synchronizers Synchronizer) {
 	}
 }
--- a/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapOrganizationService.java
+++ b/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapOrganizationService.java
@ -117,6 +117,7 @@ public class LdapOrganizationService extends AbstractSynchronizerService  implem
 			org.setPhone(LdapUtils.getAttributeStringValue(OrganizationalUnit.TELEPHONENUMBER,attributeMap));
 			org.setFax(LdapUtils.getAttributeStringValue(OrganizationalUnit.FACSIMILETELEPHONENUMBER,attributeMap));
 			org.setDescription(LdapUtils.getAttributeStringValue(OrganizationalUnit.DESCRIPTION,attributeMap));
 			org.setInstId(this.synchronizer.getInstId());
 			orgsNamePathMap.put(org.getNamePath(), org);
            _logger.info("org " + org);
            organizationsService.insert(org);
--- a/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapSynchronizerService.java
+++ b/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapSynchronizerService.java
@ -49,6 +49,7 @@ public class LdapSynchronizerService  implements ISynchronizerService{
 		        synchronizer.getCredentials(),
 		        synchronizer.getBasedn());
 		ldapUtils.openConnection();
 		ldapOrganizationService.setSynchronizer(synchronizer);
 		ldapUsersService.setSynchronizer(synchronizer);
@ -58,6 +59,7 @@ public class LdapSynchronizerService  implements ISynchronizerService{
 		ldapOrganizationService.sync();
 		ldapUsersService.sync();
 		ldapUtils.close();
 	}
--- a/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java
+++ b/maxkey-identitys/maxkey-synchronizers-ldap/src/main/java/org/maxkey/synchronizer/ldap/LdapUsersService.java
@ -138,6 +138,7 @@ public class LdapUsersService extends AbstractSynchronizerService  implements IS
 			userInfo.setUserType("EMPLOYEE");
 			userInfo.setTimeZone("Asia/Shanghai");
 			userInfo.setStatus(1);
 			userInfo.setInstId(this.synchronizer.getInstId());
 			UserInfo quser=new UserInfo();
            quser.setUsername(userInfo.getUsername());
            UserInfo loadedUser=userInfoService.load(quser);
--- a/maxkey-identitys/maxkey-synchronizers-reorgdept/src/main/java/org/maxkey/synchronizer/reorg/ReorgDeptSynchronizerService.java
+++ b/maxkey-identitys/maxkey-synchronizers-reorgdept/src/main/java/org/maxkey/synchronizer/reorg/ReorgDeptSynchronizerService.java
@ -40,6 +40,7 @@ public class ReorgDeptSynchronizerService implements ISynchronizerService {
    public void sync() throws Exception {
        _logger.info("Sync ...");
        reorgDeptService.setSynchronizer(synchronizer);
        reorgDeptService.sync();
    }
--- a/maxkey-identitys/maxkey-synchronizers-reorgdept/src/main/java/org/maxkey/synchronizer/workweixin/service/ReorgDeptService.java
+++ b/maxkey-identitys/maxkey-synchronizers-reorgdept/src/main/java/org/maxkey/synchronizer/workweixin/service/ReorgDeptService.java
@ -22,22 +22,16 @@ import java.util.List;
 import org.maxkey.constants.ConstantsStatus;
 import org.maxkey.entity.Organizations;
-import org.maxkey.entity.Synchronizers;
+import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.persistence.service.OrganizationsService;
 import org.maxkey.synchronizer.ISynchronizerService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@Service
-public class ReorgDeptService implements ISynchronizerService{
+public class ReorgDeptService extends AbstractSynchronizerService implements ISynchronizerService{
 	final static Logger _logger = LoggerFactory.getLogger(ReorgDeptService.class);
-	
+
 	@Autowired
 	OrganizationsService organizationsService;
 	String rootParentOrgId = "-1";
 	public void sync() {
@ -46,7 +40,9 @@ public class ReorgDeptService implements ISynchronizerService{
 		try {
 			long responseCount =0;
 			HashMap<String,Organizations>orgCastMap =new HashMap<String,Organizations>();
-			List<Organizations> listOrg = organizationsService.findAll();
+			Organizations queryOrganization =new Organizations();
 			queryOrganization.setInstId(this.synchronizer.getInstId());
 			List<Organizations> listOrg = organizationsService.query(queryOrganization);
 			buildNamePath(orgCastMap,listOrg);
@ -104,18 +100,4 @@ public class ReorgDeptService implements ISynchronizerService{
 	   	}while(listOrg.size()>listOrg.size());
 	}
 	public OrganizationsService getOrganizationsService() {
 		return organizationsService;
 	}
 	public void setOrganizationsService(OrganizationsService organizationsService) {
 		this.organizationsService = organizationsService;
 	}
 	@Override
 	public void setSynchronizer(Synchronizers synchronizer) {
 	}
 }
--- a/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinOrganizationService.java
+++ b/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinOrganizationService.java
@ -18,8 +18,7 @@
 package org.maxkey.synchronizer.workweixin;
 import org.maxkey.entity.Organizations;
-import org.maxkey.entity.Synchronizers;
+import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.persistence.service.OrganizationsService;
 import org.maxkey.synchronizer.ISynchronizerService;
 import org.maxkey.synchronizer.workweixin.entity.WorkWeixinDepts;
 import org.maxkey.synchronizer.workweixin.entity.WorkWeixinDeptsResponse;
@ -27,16 +26,12 @@ import org.maxkey.util.JsonUtils;
 import org.maxkey.web.HttpRequestAdapter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@Service
-public class WorkweixinOrganizationService implements ISynchronizerService{
+public class WorkweixinOrganizationService extends AbstractSynchronizerService implements ISynchronizerService{
 	final static Logger _logger = LoggerFactory.getLogger(WorkweixinOrganizationService.class);
 	@Autowired
 	OrganizationsService organizationsService;
 	WorkWeixinDeptsResponse deptsResponse;
 	String access_token;
@ -77,6 +72,7 @@ public class WorkweixinOrganizationService implements ISynchronizerService{
 		org.setName(dept.getName());
 		org.setParentId(dept.getParentid()+"");
 		org.setSortIndex(dept.getOrder());
 		org.setInstId(this.synchronizer.getInstId());
 		return org;
 	}
@ -96,18 +92,4 @@ public class WorkweixinOrganizationService implements ISynchronizerService{
 		this.deptsResponse = deptsResponse;
 	}
 	public OrganizationsService getOrganizationsService() {
 		return organizationsService;
 	}
 	public void setOrganizationsService(OrganizationsService organizationsService) {
 		this.organizationsService = organizationsService;
 	}
 	@Override
 	public void setSynchronizer(Synchronizers synchronizer) {
 	}
 }
--- a/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinSynchronizerService.java
+++ b/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinSynchronizerService.java
@ -48,9 +48,11 @@ public class WorkweixinSynchronizerService  implements ISynchronizerService{
 		workweixinAccessTokenService.setCorpsecret(synchronizer.getCredentials());
 		String access_token=workweixinAccessTokenService.requestToken();
 		workweixinOrganizationService.setSynchronizer(synchronizer);
 		workweixinOrganizationService.setAccess_token(access_token);
 		workweixinOrganizationService.sync();
 		workweixinUsersService.setSynchronizer(synchronizer);
 		workweixinUsersService.setAccess_token(access_token);
 		workweixinUsersService.sync();
 	}
--- a/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinUsersService.java
+++ b/maxkey-identitys/maxkey-synchronizers-workweixin/src/main/java/org/maxkey/synchronizer/workweixin/WorkweixinUsersService.java
@ -17,9 +17,8 @@
 package org.maxkey.synchronizer.workweixin;
 import org.maxkey.entity.Synchronizers;
 import org.maxkey.entity.UserInfo;
-import org.maxkey.persistence.service.UserInfoService;
+import org.maxkey.synchronizer.AbstractSynchronizerService;
 import org.maxkey.synchronizer.ISynchronizerService;
 import org.maxkey.synchronizer.workweixin.entity.WorkWeixinDepts;
 import org.maxkey.synchronizer.workweixin.entity.WorkWeixinUsers;
@ -32,14 +31,11 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@Service
-public class WorkweixinUsersService  implements ISynchronizerService{
+public class WorkweixinUsersService extends AbstractSynchronizerService implements ISynchronizerService{
 	final static Logger _logger = LoggerFactory.getLogger(WorkweixinUsersService.class);
 	@Autowired
-	WorkweixinOrganizationService organizationService;
+	WorkweixinOrganizationService workweixinOrganizationService;
 	@Autowired
 	UserInfoService userInfoService;
 	String access_token;
@ -49,7 +45,7 @@ public class WorkweixinUsersService  implements ISynchronizerService{
 		_logger.info("Sync Users...");
 		try {
-			for (WorkWeixinDepts dept : organizationService.getDeptsResponse().getDepartment()) {
+			for (WorkWeixinDepts dept : workweixinOrganizationService.getDeptsResponse().getDepartment()) {
 				HttpRequestAdapter request =new HttpRequestAdapter();
 				String responseBody = request.get(String.format(USERS_URL, access_token,dept.getId()));
 				WorkWeixinUsersResponse usersResponse  =JsonUtils.gson2Object(responseBody, WorkWeixinUsersResponse.class);
@ -88,35 +84,17 @@ public class WorkweixinUsersService  implements ISynchronizerService{
 		//激活状态: 1=已激活，2=已禁用，4=未激活，5=退出企业。
 		userInfo.setStatus(user.getStatus());
-
+		userInfo.setInstId(this.synchronizer.getInstId());
 		return userInfo;
 	}
 	public void setOrganizationService(WorkweixinOrganizationService organizationService) {
 		this.organizationService = organizationService;
 	}
 	public void setAccess_token(String access_token) {
 		this.access_token = access_token;
 	}
-	public UserInfoService getUserInfoService() {
+	public void setWorkweixinOrganizationService(WorkweixinOrganizationService workweixinOrganizationService) {
-		return userInfoService;
+		this.workweixinOrganizationService = workweixinOrganizationService;
 	}
 	public void setUserInfoService(UserInfoService userInfoService) {
 		this.userInfoService = userInfoService;
 	}
 	public WorkweixinOrganizationService getOrganizationService() {
 		return organizationService;
 	}
 	@Override
 	public void setSynchronizer(Synchronizers Synchronizer) {
 	}
 }
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/AuthorizeEndpoint.java
@ -36,14 +36,14 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "1-2认证总地址文档模块")
+@Tag(name = "1-2认证总地址文档模块")
@Controller
 public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(AuthorizeEndpoint.class);
@ -52,7 +52,7 @@ public class AuthorizeEndpoint extends AuthorizeBaseEndpoint{
 	AppsCasDetailsService casDetailsService;
 	//all single sign on url
-	@ApiOperation(value = "认证总地址接口", notes = "参数应用ID，分发到不同应用的认证地址",httpMethod="GET")
+	@Operation(summary = "认证总地址接口", description = "参数应用ID，分发到不同应用的认证地址",method="GET")
 	@RequestMapping("/authz/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/maxkey/authz/endpoint/OnlineTicketEndpoint.java
@ -26,10 +26,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "3-1-在线ticket文档模块")
+@Tag(name = "3-1-在线ticket文档模块")
@Controller
@RequestMapping(value={"/onlineticket"})
 public class OnlineTicketEndpoint {
@ -38,7 +38,7 @@ public class OnlineTicketEndpoint {
    @Qualifier("onlineTicketServices")
    protected OnlineTicketServices onlineTicketServices;
-    @ApiOperation(value = "在线ticket验证接口", notes = "",httpMethod="GET")
+    @Operation(summary = "在线ticket验证接口", description = "",method="GET")
    @ResponseBody
    @RequestMapping(value="/validate") 
    public String ticketValidate(
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas10AuthorizeEndpoint.java
@ -34,14 +34,14 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 * https://apereo.github.io/cas/6.2.x/protocol/CAS-Protocol-Specification.html
 */
-@Api(tags = "2-3-CAS API文档模块")
+@Tag(name = "2-3-CAS API文档模块")
@Controller
 public class Cas10AuthorizeEndpoint   extends CasBaseAuthorizeEndpoint{
@ -81,7 +81,7 @@ renew [OPTIONAL] - if this parameter is set, ticket validation will only succeed
 			no<LF>
 			<LF>
 	 */
-	@ApiOperation(value = "CAS 1.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@Operation(summary = "CAS 1.0 ticket验证接口", description = "通过ticket获取当前登录用户信息",method="POST")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_VALIDATE)
 	@ResponseBody
 	public String validate(
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas20AuthorizeEndpoint.java
@ -43,14 +43,14 @@ import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 * https://apereo.github.io/cas/6.2.x/protocol/CAS-Protocol-V2-Specification.html
 */
-@Api(tags = "2-3-CAS API文档模块")
+@Tag(name = "2-3-CAS API文档模块")
@Controller
 public class Cas20AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
@ -171,7 +171,7 @@ INTERNAL_ERROR - an internal error occurred during ticket validation
 For all error codes, it is RECOMMENDED that CAS provide a more detailed message as the body of the \<cas:authenticationFailure\> block of the XML response.
 	 */
-	@ApiOperation(value = "CAS 2.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@Operation(summary = "CAS 2.0 ticket验证接口", description = "通过ticket获取当前登录用户信息",method="POST")
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_SERVICE_VALIDATE,produces =MediaType.APPLICATION_XML_VALUE)
 	@ResponseBody
 	public String serviceValidate(
@ -293,7 +293,7 @@ Response on ticket validation failure:
 }
 	 */
-	@ApiOperation(value = "CAS 2.0 ticket代理验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@Operation(summary = "CAS 2.0 ticket代理验证接口", description = "通过ticket获取当前登录用户信息",method="POST")
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_PROXY_VALIDATE,produces =MediaType.APPLICATION_XML_VALUE)
 	@ResponseBody
 	public String proxy(
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/Cas30AuthorizeEndpoint.java
@ -42,20 +42,20 @@ import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 * https://apereo.github.io/cas/6.2.x/protocol/CAS-Protocol-Specification.html
 */
-@Api(tags = "2-3-CAS API文档模块")
+@Tag(name = "2-3-CAS API文档模块")
@Controller
 public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(Cas30AuthorizeEndpoint.class);
-	@ApiOperation(value = "CAS 3.0 ticket验证接口", notes = "通过ticket获取当前登录用户信息",httpMethod="POST")
+	@Operation(summary = "CAS 3.0 ticket验证接口", description = "通过ticket获取当前登录用户信息",method="POST")
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_SERVICE_VALIDATE_V3)
 	public void serviceValidate(
 			HttpServletRequest request,
@ -115,7 +115,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 		httpResponseAdapter.write(response,serviceResponseBuilder.serviceResponseBuilder(),format);
 	}
-	@ApiOperation(value = "CAS 3.0 ProxyTicket代理验证接口", notes = "通过ProxyGrantingTicket获取ProxyTicket",httpMethod="POST")
+	@Operation(summary = "CAS 3.0 ProxyTicket代理验证接口", description = "通过ProxyGrantingTicket获取ProxyTicket",method="POST")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_PROXY_V3)
 	public void proxy(
 			HttpServletRequest request,
@ -141,7 +141,7 @@ public class Cas30AuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	    httpResponseAdapter.write(response,proxyServiceResponseBuilder.serviceResponseBuilder(),format);
 	}
-	@ApiOperation(value = "CAS 3.0 ticket代理验证接口", notes = "通过ProxyTicket获取当前登录用户信息",httpMethod="POST")
+	@Operation(summary = "CAS 3.0 ticket代理验证接口", description = "通过ProxyTicket获取当前登录用户信息",method="POST")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_PROXY_VALIDATE_V3)
 	public void proxy(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasAuthorizeEndpoint.java
@ -42,20 +42,21 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 * https://apereo.github.io/cas/6.2.x/protocol/CAS-Protocol.html
 */
-@Api(tags = "2-3-CAS API文档模块")
+@Tag(name = "2-3-CAS API文档模块")
@Controller
 public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(CasAuthorizeEndpoint.class);
-	@ApiOperation(value = "CAS页面跳转service认证接口", notes = "传递参数service",httpMethod="GET")
+	@Operation(summary = "CAS页面跳转service认证接口", description = "传递参数service",method="GET")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_LOGIN)
 	public ModelAndView casLogin(
 			HttpServletRequest request,
@ -68,7 +69,7 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	}
-	@ApiOperation(value = "CAS页面跳转应用ID认证接口", notes = "传递参数应用ID",httpMethod="GET")
+	@Operation(summary = "CAS页面跳转应用ID认证接口", description = "传递参数应用ID",method="GET")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_BASE + "/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
@ -171,7 +172,7 @@ public class CasAuthorizeEndpoint  extends CasBaseAuthorizeEndpoint{
 	 * @param casService
 	 * @return
 	 */
-	@ApiOperation(value = "CAS注销接口", notes = "CAS注销接口",httpMethod="GET")
+	@Operation(summary = "CAS注销接口", description = "CAS注销接口",method="GET")
 	@RequestMapping(CasConstants.ENDPOINT.ENDPOINT_LOGOUT)
 	public ModelAndView logout(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
+++ b/maxkey-protocols/maxkey-protocol-cas/src/main/java/org/maxkey/authz/cas/endpoint/CasRestV1Endpoint.java
@ -50,14 +50,14 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 * https://apereo.github.io/cas/6.2.x/protocol/REST-Protocol.html
 */
-@Api(tags = "2-4-CAS REST API文档模块")
+@Tag(name = "2-4-CAS REST API文档模块")
@Controller
 public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
    final static Logger _logger = LoggerFactory.getLogger(CasRestV1Endpoint.class);
@ -66,7 +66,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
    @Qualifier("authenticationProvider")
    AbstractAuthenticationProvider authenticationProvider ;
-    @ApiOperation(value = "CAS REST认证接口", notes = "通过用户名密码获取TGT",httpMethod="POST")
+    @Operation(summary = "CAS REST认证接口", description = "通过用户名密码获取TGT",method="POST")
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1, 
 	        method=RequestMethod.POST, 
 	        consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
@ -105,7 +105,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
        }
 	}
-    @ApiOperation(value = "CAS REST认证接口", notes = "通过TGT获取ST",httpMethod="POST")
+    @Operation(summary = "CAS REST认证接口", description = "通过TGT获取ST",method="POST")
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1+"/{ticketGrantingTicket}", 
 	            method=RequestMethod.POST, 
 	            consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
@ -132,7 +132,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
        }
 	       return new ResponseEntity<>("", HttpStatus.BAD_REQUEST);
 	   }
-    @ApiOperation(value = "CAS REST认证接口", notes = "检查TGT状态",httpMethod="GET")
+    @Operation(summary = "CAS REST认证接口", description = "检查TGT状态",method="GET")
    @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1 + "/{ticketGrantingTicket}", 
 	            method=RequestMethod.GET)
    public ResponseEntity<String> verifyTicketGrantingTicketStatus(
@ -151,7 +151,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
 	       return new ResponseEntity<>("", HttpStatus.NOT_FOUND);
 	}
-    @ApiOperation(value = "CAS REST认证接口", notes = "注销TGT状态",httpMethod="DELETE")
+    @Operation(summary = "CAS REST认证接口", description = "注销TGT状态",method="DELETE")
    @RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_TICKET_V1+"/{ticketGrantingTicket}", 
            method=RequestMethod.DELETE)
    public ResponseEntity<String> destroyTicketGrantingTicket(
@ -170,7 +170,7 @@ public class CasRestV1Endpoint  extends CasBaseAuthorizeEndpoint{
       return new ResponseEntity<>("", HttpStatus.NOT_FOUND);
    }
-    @ApiOperation(value = "CAS REST认证接口", notes = "用户名密码登录接口",httpMethod="POST")   
+    @Operation(summary = "CAS REST认证接口", description = "用户名密码登录接口",method="POST")   
 	@RequestMapping(value=CasConstants.ENDPOINT.ENDPOINT_REST_USERS_V1, 
            method=RequestMethod.POST, 
            consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
--- a/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-extendapi/src/main/java/org/maxkey/authz/exapi/endpoint/ExtendApiAuthorizeEndpoint.java
@ -37,19 +37,19 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "2-8-ExtendApi接口文档模块")
+@Tag(name = "2-8-ExtendApi接口文档模块")
@Controller
 public class ExtendApiAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(ExtendApiAuthorizeEndpoint.class);
-	@ApiOperation(value = "ExtendApi认证地址接口", notes = "参数应用ID",httpMethod="GET")
+	@Operation(summary = "ExtendApi认证地址接口", description = "参数应用ID",method="GET")
 	@RequestMapping("/authz/api/{id}")
 	public ModelAndView authorize(HttpServletRequest request,@PathVariable("id") String id){
--- a/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-formbased/src/main/java/org/maxkey/authz/formbased/endpoint/FormBasedAuthorizeEndpoint.java
@ -40,14 +40,14 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "2-7-FormBased接口文档模块")
+@Tag(name = "2-7-FormBased接口文档模块")
@Controller
 public class FormBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	final static Logger _logger = LoggerFactory.getLogger(FormBasedAuthorizeEndpoint.class);
@ -57,7 +57,7 @@ public class FormBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	FormBasedDefaultAdapter defaultFormBasedAdapter=new FormBasedDefaultAdapter();
-	@ApiOperation(value = "FormBased认证地址接口", notes = "参数应用ID",httpMethod="GET")
+	@Operation(summary = "FormBased认证地址接口", description = "参数应用ID",method="GET")
 	@RequestMapping("/authz/formbased/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-jwt/src/main/java/org/maxkey/authz/token/endpoint/JwtAuthorizeEndpoint.java
@ -43,14 +43,14 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "2-5-JWT令牌接口")
+@Tag(name = "2-5-JWT令牌接口")
@Controller
 public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
@ -64,7 +64,7 @@ public class JwtAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	@Autowired
 	ApplicationConfig applicationConfig;
-	@ApiOperation(value = "JWT应用ID认证接口", notes = "应用ID",httpMethod="GET")
+	@Operation(summary = "JWT应用ID认证接口", description = "应用ID",method="GET")
 	@RequestMapping("/authz/jwt/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/AuthorizationEndpoint.java
@ -66,8 +66,8 @@ import org.springframework.web.servlet.view.RedirectView;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
 import org.springframework.web.util.UriTemplate;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * <p>
@ -86,7 +86,7 @@ import io.swagger.annotations.ApiOperation;
 * @author Vladimir Kryachko
 * 
 */
-@Api(tags = "2-1-OAuth v2.0 API文档模块")
+@Tag(name = "2-1-OAuth v2.0 API文档模块")
@Controller
@SessionAttributes("authorizationRequest")
 public class AuthorizationEndpoint extends AbstractEndpoint {
@ -111,7 +111,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
 		this.errorPage = errorPage;
 	}
-    @ApiOperation(value = "OAuth 2.0 认证接口", notes = "传递参数应用ID，自动完成跳转认证拼接",httpMethod="GET")
+	@Operation(summary = "OAuth 2.0 认证接口", description = "传递参数应用ID，自动完成跳转认证拼接",method="GET")
    @RequestMapping(OAuth2Constants.ENDPOINT.ENDPOINT_BASE + "/{id}")
    public ModelAndView authorize(
            HttpServletRequest request,
@ -135,7 +135,7 @@ public class AuthorizationEndpoint extends AbstractEndpoint {
        return WebContext.redirect(authorizationUrl);
    }
-	@ApiOperation(value = "OAuth 2.0 认证接口", notes = "传递参数client_id,response_type,redirect_uri等",httpMethod="GET")
+	@Operation(summary = "OAuth 2.0 认证接口", description = "传递参数client_id,response_type,redirect_uri等",method="GET")
 	@RequestMapping(value = {
 								OAuth2Constants.ENDPOINT.ENDPOINT_AUTHORIZE,
 								OAuth2Constants.ENDPOINT.ENDPOINT_TENCENT_IOA_AUTHORIZE
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/CheckTokenEndpoint.java
@ -45,8 +45,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * Controller which decodes access tokens for clients who are not able to do so (or where opaque token values are used).
@ -54,7 +54,7 @@ import io.swagger.annotations.ApiOperation;
 * @author Luke Taylor
 * @author Joel D'sa
 */
-@Api(tags = "2-1-OAuth v2.0 API文档模块")
+@Tag(name = "2-1-OAuth v2.0 API文档模块")
@Controller
 public class CheckTokenEndpoint {
@ -78,7 +78,7 @@ public class CheckTokenEndpoint {
 		this.accessTokenConverter = accessTokenConverter;
 	}
-	@ApiOperation(value = "OAuth 2.0 token检查接口", notes = "传递参数token",httpMethod="POST")
+	@Operation(summary = "OAuth 2.0 token检查接口", description = "传递参数token",method="POST")
 	@RequestMapping(value = OAuth2Constants.ENDPOINT.ENDPOINT_CHECK_TOKEN)
 	@ResponseBody
 	public Map<String, ?> checkToken(@RequestParam(OAuth2Constants.PARAMETER.TOKEN) String value) {
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpoint.java
@ -53,8 +53,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * <p>
@ -73,7 +73,7 @@ import io.swagger.annotations.ApiOperation;
 * @author Dave Syer
 * 
 */
-@Api(tags = "2-1-OAuth v2.0 API文档模块")
+@Tag(name = "2-1-OAuth v2.0 API文档模块")
@Controller
 public class TokenEndpoint extends AbstractEndpoint {
@ -89,7 +89,7 @@ public class TokenEndpoint extends AbstractEndpoint {
 	 * @return OAuth2AccessToken Entity
 	 * @throws HttpRequestMethodNotSupportedException
 	 */
-	@ApiOperation(value = "OAuth 2.0 获取AccessToken接口", notes = "传递参数token等",httpMethod="GET")
+	@Operation(summary = "OAuth 2.0 获取AccessToken接口", description = "传递参数token等",method="GET")
 	@RequestMapping(value = {
 								OAuth2Constants.ENDPOINT.ENDPOINT_TOKEN,
 								OAuth2Constants.ENDPOINT.ENDPOINT_TENCENT_IOA_TOKEN
@ -103,7 +103,7 @@ public class TokenEndpoint extends AbstractEndpoint {
 		return postAccessToken(parameters);
 	}
-	@ApiOperation(value = "OAuth 2.0 获取AccessToken接口", notes = "传递参数token等",httpMethod="POST")
+	@Operation(summary = "OAuth 2.0 获取AccessToken接口", description = "传递参数token等",method="POST")
 	@RequestMapping(value = {
 								OAuth2Constants.ENDPOINT.ENDPOINT_TOKEN,
 								OAuth2Constants.ENDPOINT.ENDPOINT_TENCENT_IOA_TOKEN
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/OpenIdConnectUserInfoEndpoint.java
@ -51,6 +51,7 @@ import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
 import com.nimbusds.jose.EncryptionMethod;
 import com.nimbusds.jose.JWEAlgorithm;
@ -61,11 +62,12 @@ import com.nimbusds.jwt.EncryptedJWT;
 import com.nimbusds.jwt.JWT;
 import com.nimbusds.jwt.JWTClaimsSet;
 import com.nimbusds.jwt.JWTClaimsSet.Builder;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 import com.nimbusds.jwt.SignedJWT;
-@Api(tags = "2-1-OAuth v2.0 API文档模块")
+@Tag(name = "2-1-OAuth v2.0 API文档模块")
@Controller
 public class OpenIdConnectUserInfoEndpoint {
 	final static Logger _logger = LoggerFactory.getLogger(OpenIdConnectUserInfoEndpoint.class);	
@ -107,8 +109,8 @@ public class OpenIdConnectUserInfoEndpoint {
    @Autowired
    protected HttpResponseAdapter httpResponseAdapter;
-	@ApiOperation(value = "OIDC 用户信息接口", notes = "传递Authorization参数access_token",httpMethod="GET")
+    @Operation(summary = "OIDC 用户信息接口", description = "传递Authorization参数access_token",method="GET")
-	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_OPENID_CONNECT_USERINFO)
+	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_OPENID_CONNECT_USERINFO, method={RequestMethod.POST, RequestMethod.GET})
 	@ResponseBody
 	public String connect10aUserInfo(
 			@RequestHeader(value = "Authorization", required = true) String access_token,
--- a/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/userinfo/endpoint/UserInfoEndpoint.java
@ -49,11 +49,12 @@ import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "2-1-OAuth v2.0 API文档模块")
+@Tag(name = "2-1-OAuth v2.0 API文档模块")
@Controller
 public class UserInfoEndpoint {
 	final static Logger _logger = LoggerFactory.getLogger(UserInfoEndpoint.class);	
@ -95,8 +96,8 @@ public class UserInfoEndpoint {
    @Autowired
    protected HttpResponseAdapter httpResponseAdapter;
-	@ApiOperation(value = "OAuth 2.0 用户信息接口", notes = "传递参数access_token",httpMethod="GET")
+    @Operation(summary = "OAuth 2.0 用户信息接口", description = "传递参数access_token",method="GET")
-	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_USERINFO) 
+	@RequestMapping(value=OAuth2Constants.ENDPOINT.ENDPOINT_USERINFO, method={RequestMethod.POST, RequestMethod.GET}) 
 	public void apiV20UserInfo(
 			@RequestParam(value = "access_token", required = false) String access_token,
 			@RequestHeader(value = "authorization", required = false) String authorization_bearer,
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/endpoint/MetadataEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/metadata/endpoint/MetadataEndpoint.java
@ -47,12 +47,13 @@ import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "2-2-SAML v2.0 API文档模块")
+@Tag(name = "2-2-SAML v2.0 API文档模块")
@Controller
@RequestMapping(value = { "/metadata/saml20/" })
 public class MetadataEndpoint {
@ -75,8 +76,8 @@ public class MetadataEndpoint {
 	public static String IDP_METADATA_PREFIX = "Idp_Metadata_";
-	@ApiOperation(value = "SAML 2.0 元数据接口", notes = "参数Idp_Metadata_应用ID",httpMethod="GET")
+	@Operation(summary = "SAML 2.0 元数据接口", description = "参数Idp_Metadata_应用ID",method="GET")
-	@RequestMapping(value = "/{appid}.xml",produces = "application/xml")
+	@RequestMapping(value = "/{appid}.xml",produces = "application/xml", method={RequestMethod.POST, RequestMethod.GET})
 	@ResponseBody
 	public String  metadata(HttpServletRequest request,
 			HttpServletResponse response, @PathVariable("appid") String appId) {
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/IdpInitEndpoint.java
@ -40,8 +40,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * idp init  not need extract SAML request message
@ -49,7 +49,7 @@ import io.swagger.annotations.ApiOperation;
 * @author Crystal.Sea
 *
 */
-@Api(tags = "2-2-SAML v2.0 API文档模块")
+@Tag(name = "2-2-SAML v2.0 API文档模块")
@Controller
 public class IdpInitEndpoint {
 	private final static Logger logger = LoggerFactory.getLogger(IdpInitEndpoint.class);
@ -85,7 +85,7 @@ public class IdpInitEndpoint {
 	 * 
 	 *
 	 */
-	@ApiOperation(value = "SAML 2.0 IDP Init接口", notes = "传递参数应用ID",httpMethod="GET")
+	@Operation(summary = "SAML 2.0 IDP Init接口", description = "传递参数应用ID",method="GET")
 	@RequestMapping(value = "/authz/saml20/idpinit/{appid}", method=RequestMethod.GET)
 	public ModelAndView authorizeIdpInit(
 				HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/LogoutSamlEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/LogoutSamlEndpoint.java
@ -37,10 +37,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "2-2-SAML v2.0 API文档模块")
+@Tag(name = "2-2-SAML v2.0 API文档模块")
@Controller
 public class LogoutSamlEndpoint {
    private final static Logger logger = LoggerFactory.getLogger(LogoutSamlEndpoint.class);
@ -53,7 +53,7 @@ public class LogoutSamlEndpoint {
    @Qualifier("samlValidaotrSuite")
    private SAML2ValidatorSuite validatorSuite;
-    @ApiOperation(value = "SAML单点注销地址接口", notes = "",httpMethod="GET")
+    @Operation(summary = "SAML单点注销地址接口", description = "",method="GET")
    @SuppressWarnings("rawtypes")
    @RequestMapping(value = "/logout/saml", method=RequestMethod.GET)
    public ModelAndView samlRedirectLogout(
--- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/provider/endpoint/SingleSignOnEndpoint.java
@ -45,10 +45,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "2-2-SAML v2.0 API文档模块")
+@Tag(name = "2-2-SAML v2.0 API文档模块")
@Controller
 public class SingleSignOnEndpoint {
 	private final static Logger logger = LoggerFactory.getLogger(SingleSignOnEndpoint.class);
@ -78,7 +78,7 @@ public class SingleSignOnEndpoint {
 	@Autowired
 	private AppsSaml20DetailsService saml20DetailsService;
-	@ApiOperation(value = "SAML 2.0 SP Init接收接口", notes = "传递参数应用ID",httpMethod="POST")
+	@Operation(summary = "SAML 2.0 SP Init接收接口", description = "传递参数应用ID",method="POST")
 	@RequestMapping(value = "/authz/saml20/{appid}", method=RequestMethod.POST)
 	public ModelAndView authorizePost(
 			HttpServletRequest request,
@ -88,7 +88,7 @@ public class SingleSignOnEndpoint {
 		return extractSAMLRequest(extractPostBindingAdapter,appId,request);
 	}
-	@ApiOperation(value = "SAML 2.0 SP Init接收接口", notes = "传递参数应用ID",httpMethod="GET")
+	@Operation(summary = "SAML 2.0 SP Init接收接口", description = "传递参数应用ID",method="GET")
 	@RequestMapping(value = "/authz/saml20/{appid}", method=RequestMethod.GET)
 	public ModelAndView authorizeRedirect(
 			HttpServletRequest request,
--- a/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-tokenbased/src/main/java/org/maxkey/authz/token/endpoint/TokenBasedAuthorizeEndpoint.java
@ -43,14 +43,14 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "2-6-TokenBased接口文档模块")
+@Tag(name = "2-6-TokenBased接口文档模块")
@Controller
 public class TokenBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
@ -63,7 +63,7 @@ public class TokenBasedAuthorizeEndpoint  extends AuthorizeBaseEndpoint{
 	@Autowired
 	ApplicationConfig applicationConfig;
-	@ApiOperation(value = "TokenBased认证接口", notes = "传递参数应用ID",httpMethod="GET")
+	@Operation(summary = "TokenBased认证接口", description = "传递参数应用ID",method="GET")
 	@RequestMapping("/authz/tokenbased/{id}")
 	public ModelAndView authorize(
 			HttpServletRequest request,
--- a/maxkey-webs/maxkey-boot-monitor/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-boot-monitor/src/main/resources/application.properties
@ -18,7 +18,7 @@
 application.title                               =MaxKey
 #for dynamic service discovery
 spring.application.name                         =maxkey-monitor
-application.formatted-version                   =v3.1.1 GA
+application.formatted-version                   =v3.2.0 GA
 #nacos discovery
 spring.cloud.nacos.discovery.enabled            =${NACOS_DISCOVERY_ENABLED:false}
 spring.cloud.nacos.discovery.instance-enabled   =false
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
@ -45,14 +45,14 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
 /**
 * @author Crystal.Sea
 *
 */
-@Api(tags = "1-1-登录接口文档模块")
+@Tag(name = "1-1-登录接口文档模块")
@Controller
 public class LoginEndpoint {
 	private static Logger _logger = LoggerFactory.getLogger(LoginEndpoint.class);
@ -92,7 +92,7 @@ public class LoginEndpoint {
 	 * init login
 	 * @return
 	 */
-	@ApiOperation(value = "登录接口", notes = "用户登录地址",httpMethod="GET")
+	@Operation(summary  = "登录接口", description  = "用户登录地址",method="GET")
 	@RequestMapping(value={"/login"})
 	public ModelAndView login() {
 		_logger.debug("LoginController /login.");
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LogoutEndpoint.java
@ -48,10 +48,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "1-3-单点注销接口文档模块")
+@Tag(name = "1-3-单点注销接口文档模块")
@Controller
 public class LogoutEndpoint {
@ -70,7 +70,7 @@ public class LogoutEndpoint {
    @Qualifier("onlineTicketServices")
    protected OnlineTicketServices onlineTicketServices;
-	@ApiOperation(value = "单点注销接口", notes = "reLoginUrl跳转地址",httpMethod="GET")
+	@Operation(summary = "单点注销接口", description = "reLoginUrl跳转地址",method="GET")
 	@RequestMapping(value={"/logout"})
 	public ModelAndView logout(
 					HttpServletRequest request, 
@ -80,7 +80,7 @@ public class LogoutEndpoint {
 		return logoutModelAndView(request,response,"loggedout",reLoginUrl);
 	}
-	@ApiOperation(value = "登录超时接口", notes = "",httpMethod="GET")
+	@Operation(summary = "登录超时接口", description = "",method="GET")
 	@RequestMapping(value={"/timeout"})
 	public ModelAndView timeout(HttpServletRequest request, HttpServletResponse response){
 		return logoutModelAndView(request,response,"timeout",null);
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
@ -336,7 +336,7 @@ maxkey.swagger.enable                           =true
 maxkey.swagger.title                            =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfAPI\u6587\u6863
 maxkey.swagger.description                      =MaxKey\u5355\u70b9\u767b\u5f55\u8ba4\u8bc1\u7cfb\u7edfAPI\u6587\u6863
 maxkey.swagger.version                          =${application.formatted-version}
-
+springdoc.packagesToScan                        =org.maxkey
 ############################################################################
 #freemarker configuration                                                  #
 ############################################################################
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application.properties
@ -16,7 +16,7 @@
 #MaxKey Title and Version                                                  #
 ############################################################################
 application.title                           =MaxKey
-application.formatted-version               =v3.1.1 GA
+application.formatted-version               =v3.2.0 GA
 #for dynamic service discovery
 spring.application.name                     =maxkey
 ############################################################################
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/api/endpoint/RestTimeBasedOtpController.java
@ -27,10 +27,10 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
-import io.swagger.annotations.Api;
+import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.annotations.ApiOperation;
+import io.swagger.v3.oas.annotations.tags.Tag;
-@Api(tags = "基于时间令牌验证 API文档模块")
+@Tag(name = "基于时间令牌验证 API文档模块")
@Controller
@RequestMapping(value={"/im/api/otp"})
 public class RestTimeBasedOtpController {
@ -43,7 +43,7 @@ public class RestTimeBasedOtpController {
    @Qualifier("userInfoService")
    private UserInfoService userInfoService;
-    @ApiOperation(value = "基于时间令牌验证 API文档模块", notes = "传递参数username和token",httpMethod="GET")
+    @Operation(summary = "基于时间令牌验证 API文档模块", description = "传递参数username和token",method="GET")
    @ResponseBody
    @RequestMapping(value = "/timebased/validate", method = RequestMethod.GET)
    public boolean getUser(@RequestParam String username,
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/GroupMemberController.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/GroupMemberController.java
@ -129,9 +129,15 @@ public class GroupMemberController {
 			String[] arrMemberNames = memberNames.split(",");
 			for (int i = 0; i < arrMemberIds.length; i++) {
-				GroupMember newGroupMember = new GroupMember(groupId,groupMember.getGroupName(), arrMemberIds[i], arrMemberNames[i],"USER");
+				GroupMember newGroupMember = 
 						new GroupMember(
 							groupId,
 							groupMember.getGroupName(), 
 							arrMemberIds[i], 
 							arrMemberNames[i],
 							"USER",
 							WebContext.getUserInfo().getInstId());
 				newGroupMember.setId(WebContext.genId());
 				newGroupMember.setInstId(WebContext.getUserInfo().getInstId());
 				result = groupMemberService.insert(newGroupMember);
 			}
 			if(!result) {
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/GroupPrivilegesController.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/GroupPrivilegesController.java
@ -109,9 +109,9 @@ public class GroupPrivilegesController {
 			String[] arrAppIds = appIds.split(",");
 			for (int i = 0; i < arrAppIds.length; i++) {
-				GroupPrivileges newGroupApp = new GroupPrivileges(groupId, arrAppIds[i]);
+				GroupPrivileges newGroupApp = 
 						new GroupPrivileges(groupId, arrAppIds[i],WebContext.getUserInfo().getInstId());
 				newGroupApp.setId(WebContext.genId());
 				newGroupApp.setInstId(WebContext.getUserInfo().getInstId());
 				result = groupPrivilegesService.insert(newGroupApp);
 			}
 			if(!result) {
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/PermissionsController.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/PermissionsController.java
@ -62,8 +62,11 @@ public class PermissionsController {
 		_logger.debug("-save  :" + rolePermissions);
 		//have
-		RolePermissions queryRolePermissions = new RolePermissions(rolePermissions.getAppId(),rolePermissions.getRoleId());
+		RolePermissions queryRolePermissions = 
-		queryRolePermissions.setInstId(WebContext.getUserInfo().getInstId());
+				new RolePermissions(
 						rolePermissions.getAppId(),
 						rolePermissions.getRoleId(),
 						WebContext.getUserInfo().getInstId());
 		List<RolePermissions> rolePermissionsedList = rolesService.queryRolePermissions(queryRolePermissions);
 		HashMap<String,String >permedMap =new HashMap<String,String >();
@ -114,8 +117,11 @@ public class PermissionsController {
    public List<RolePermissions> querypermissions(@ModelAttribute("rolePermissions") RolePermissions rolePermissions) {
        _logger.debug("-querypermissions  :" + rolePermissions);
        //have
-        RolePermissions queryRolePermissions = new RolePermissions(rolePermissions.getAppId(),rolePermissions.getRoleId());
+        RolePermissions queryRolePermissions = 
-		queryRolePermissions.setInstId(WebContext.getUserInfo().getInstId());
+        		new RolePermissions(
        				rolePermissions.getAppId(),
        				rolePermissions.getRoleId(),
        				WebContext.getUserInfo().getInstId());
        List<RolePermissions> rolePermissionsedList = rolesService.queryRolePermissions(queryRolePermissions);
        return rolePermissionsedList;
 	}
--- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/RoleMemberController.java
+++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/contorller/RoleMemberController.java
@ -116,9 +116,15 @@ public class RoleMemberController {
 			String[] arrMemberNames = memberNames.split(",");
 			for (int i = 0; i < arrMemberIds.length; i++) {
-				RoleMember newRoleMember = new RoleMember(groupId,roleMember.getRoleName(), arrMemberIds[i], arrMemberNames[i],"USER");
+				RoleMember newRoleMember = 
 						new RoleMember(
 								groupId,
 								roleMember.getRoleName(), 
 								arrMemberIds[i], 
 								arrMemberNames[i],
 								"USER",
 								WebContext.getUserInfo().getInstId());
 				newRoleMember.setId(WebContext.genId());
 				newRoleMember.setInstId(WebContext.getUserInfo().getInstId());
 				result = roleMemberService.insert(newRoleMember);
 			}
 			if(!result) {
--- a/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties
+++ b/maxkey-webs/maxkey-web-mgt/src/main/resources/application.properties
@ -16,7 +16,7 @@
 #MaxKey Title and Version                                                  #
 ############################################################################
 application.title                               =MaxKey-Mgt
-application.formatted-version                   =v3.1.1 GA
+application.formatted-version                   =v3.2.0 GA
 #for dynamic service discovery
 spring.application.name                         =maxkey-mgt
 ############################################################################