From ce93601c18b091a81858bccdfb3edba8a77238f7 Mon Sep 17 00:00:00 2001
From: qqkj <qqkj@163.com>
Date: Sat, 6 Mar 2021 00:56:15 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0mdp=E6=A8=A1=E5=9D=97?=
 =?UTF-8?q?=E6=89=AB=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .idea/xm-backend.iml                          |  5 +-
 .../src/main/java/com/xm/AutoConfig.java      | 13 ++++++
 .../main/java/com/xm/WebSecurityConfig.java   | 14 +++++-
 .../src/main/java/com/xm/XmApplication.java   |  1 -
 .../main/resources/application-dev.properties | 34 ++++++++++----
 .../resources/application-m1prod.properties   | 39 +++++++++-------
 xm-bootstrap/xm-bootstrap.iml                 |  4 +-
 .../com/xm/core/ctrl/XmMenuController.java    |  4 +-
 .../main/resources/application-dev.properties | 46 ++++++++++---------
 xm-core/src/test/java/com/xm/AutoConfig.java  | 13 ++++++
 .../test/java/com/xm/WebSecurityConfig.java   | 14 +++++-
 .../src/test/java/com/xm/XmApplication.java   |  2 +-
 xm-core/xm-core.iml                           |  4 +-
 13 files changed, 133 insertions(+), 60 deletions(-)
 create mode 100644 xm-bootstrap/src/main/java/com/xm/AutoConfig.java
 create mode 100644 xm-core/src/test/java/com/xm/AutoConfig.java

diff --git a/.idea/xm-backend.iml b/.idea/xm-backend.iml
index 6f2d6c42..961243e4 100644
--- a/.idea/xm-backend.iml
+++ b/.idea/xm-backend.iml
@@ -56,6 +56,7 @@
     <orderEntry type="library" name="Maven: org.springframework.security:spring-security-oauth2-core:5.4.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-audit-log-client:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-micro-client:M.1.0.0-RELEASE" level="project" />
+    <orderEntry type="library" name="Maven: com.alibaba:fastjson:1.2.59" level="project" />
     <orderEntry type="library" name="Maven: net.coobird:thumbnailator:0.4.8" level="project" />
     <orderEntry type="library" name="Maven: org.apache.poi:poi:3.17" level="project" />
     <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.15" level="project" />
@@ -93,7 +94,6 @@
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-redis:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-keyvalue:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-commons:2.4.2" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-oxm:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-context-support:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: redis.clients:jedis:3.3.0" level="project" />
@@ -112,13 +112,14 @@
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.module:jackson-module-parameter-names:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-ds:M.1.0.0-RELEASE" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-meta-client:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-tomcat-enhance:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-tomcat:2.4.1" level="project" />
     <orderEntry type="library" name="Maven: org.glassfish:jakarta.el:3.0.3" level="project" />
     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-websocket:9.0.41" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-spring-enhance:M.1.0.0-RELEASE" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-dao-mybatis:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-mybatis-enhance:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.github.pagehelper:pagehelper:5.2.0" level="project" />
diff --git a/xm-bootstrap/src/main/java/com/xm/AutoConfig.java b/xm-bootstrap/src/main/java/com/xm/AutoConfig.java
new file mode 100644
index 00000000..4c86f2ce
--- /dev/null
+++ b/xm-bootstrap/src/main/java/com/xm/AutoConfig.java
@@ -0,0 +1,13 @@
+package com.xm;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 要使用mdp平台功能，必须 扫码com.mdp包
+ * 一些默认公共配置
+ */
+@ComponentScan(basePackages={"com.mdp"})
+@Configuration
+public class AutoConfig {
+}
diff --git a/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java b/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
index 7b3e06b9..d6245595 100644
--- a/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
+++ b/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
@@ -2,10 +2,13 @@ package com.xm;
 
 import com.mdp.oauth2.client.resource.MdpJwtAuthenticationConverter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.web.client.RestOperations;
 
 /**
  * com.qqkj.WebSecurityConfig
@@ -16,9 +19,15 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+
     @Autowired
     MdpJwtAuthenticationConverter jwtConverter;
 
+    @Autowired
+    RestOperations restOperations;
+
+    @Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri:}")
+    String jwkSetUri="";
 
     @Override
     public void configure(WebSecurity web) throws Exception {
@@ -32,10 +41,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
      */
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests().mvcMatchers("/authorize","/authorized","/","/index","/oauth2/login/token","/oauth2/login/token/web").permitAll().and().oauth2Client().and().logout().disable();
+        http.authorizeRequests().anyRequest().authenticated();
+        http.oauth2Client().and().logout().disable();
         http.formLogin().usernameParameter("userloginid");
         http.oauth2Login();
-        http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter);
+        http.oauth2ResourceServer().jwt().decoder(NimbusJwtDecoder.withJwkSetUri(jwkSetUri).restOperations(restOperations).build()).jwtAuthenticationConverter(jwtConverter);
         http.csrf().disable();
     }
 
diff --git a/xm-bootstrap/src/main/java/com/xm/XmApplication.java b/xm-bootstrap/src/main/java/com/xm/XmApplication.java
index caf74912..3ba22042 100644
--- a/xm-bootstrap/src/main/java/com/xm/XmApplication.java
+++ b/xm-bootstrap/src/main/java/com/xm/XmApplication.java
@@ -8,7 +8,6 @@ import org.springframework.stereotype.Component;
 
 @SpringCloudApplication
 @EnableRedisHttpSession
-@ComponentScan(basePackages={"com.mdp","com.xm"})
 public class XmApplication  {
 	
  
diff --git a/xm-bootstrap/src/main/resources/application-dev.properties b/xm-bootstrap/src/main/resources/application-dev.properties
index 33c546fb..4f110ed5 100644
--- a/xm-bootstrap/src/main/resources/application-dev.properties
+++ b/xm-bootstrap/src/main/resources/application-dev.properties
@@ -42,27 +42,45 @@ mdp.arc.file-upload-root-path=E:/arc/files
 spring.http.multipart.maxFileSize=10Mb
 spring.http.multipart.maxRequestSize=10Mb
 
-
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate，本地调试如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
-mdp.oauth2.server.uri=http://134.175.57.249:7000
+mdp.api-gate=http://134.175.57.249:7015
+mdp.platform-branch-id=platform-branch-001
+
+# 权限自动注册接口，云环境下 http://微服务名称/sys/qx/autoRegist，本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=${mdp.api-gate}/sys/sys/qx/autoRegist
+# 审计日志收集，云环境下 http://微服务名称/audit/base/operLog/add，本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=${mdp.api-gate}/audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode，本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= ${mdp.api-gate}/sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list，本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= ${mdp.api-gate}//sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list，本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= ${mdp.api-gate}/sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list，本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= ${mdp.api-gate}/sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list，本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= ${mdp.api-gate}/sys/sys/userTpa/list
+
+
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server，本地调试http://127.0.0.1:7000，本地如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2server
+mdp.oauth2.server.uri=http://oauth2server
 # 客户端必须在数据库表adm.oauth_client_details中配置，否则无法访问
 
 # 下面配置 password 模式
-spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.password-client.provider=oauth2server
 spring.security.oauth2.client.registration.password-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.password-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.password-client.authorization-grant-type= password
 spring.security.oauth2.client.registration.password-client.scope= all
 
 # 下面配置 client_credentials 模式
-spring.security.oauth2.client.registration.def-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.def-client.provider=oauth2server
 spring.security.oauth2.client.registration.def-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.def-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.def-client.authorization-grant-type= client_credentials
 spring.security.oauth2.client.registration.def-client.scope= all
 
 # 下面配置authorization_code模式
-spring.security.oauth2.client.registration.code-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.code-client.provider=oauth2server
 spring.security.oauth2.client.registration.code-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.code-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.code-client.authorization-grant-type= authorization_code
@@ -71,9 +89,9 @@ spring.security.oauth2.client.registration.code-client.redirect-uri= ${messages.
 spring.security.oauth2.client.registration.code-client.scope= all
 
 # 授权码方式获取code
-spring.security.oauth2.client.provider.def-oauth-server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
+spring.security.oauth2.client.provider.oauth2server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
 # 获取token接口
-spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
+spring.security.oauth2.client.provider.oauth2server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
 
 # 资源服务器
 spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
diff --git a/xm-bootstrap/src/main/resources/application-m1prod.properties b/xm-bootstrap/src/main/resources/application-m1prod.properties
index 761e7ce0..3ec0781b 100644
--- a/xm-bootstrap/src/main/resources/application-m1prod.properties
+++ b/xm-bootstrap/src/main/resources/application-m1prod.properties
@@ -30,7 +30,9 @@ spring.jackson.serialization.indent_output=true
 spring.jackson.serialization.fail_on_empty_beans=false
 spring.jackson.deserialization.fail_on_unknown_properties=false
 spring.jackson.parser.allow_unquoted_control_chars=true
-spring.jackson.parser.allow_single_quotes=true
+spring.jackson.parser.allow_single_quotes=true#限制文件上传大小
+spring.http.multipart.maxFileSize=10Mb
+spring.http.multipart.maxRequestSize=10Mb
 
 
 #配置图片文件上传下载的相关参数，如果此次配置将覆盖数据库系统参数中的 arcImageUploadRootPath 及 arcImageDownloadBaseUri两个参数
@@ -40,19 +42,30 @@ spring.jackson.parser.allow_single_quotes=true
 
 #mdp.auth.ips=ip1,ip2,ip3,授权ip地址列表，如果非授权ip应用只允许使用24小时
 mdp.auth.ips=172.18.153.152
-mdp.auth.qx-regist-url=/sys/sys/sys/qx/autoRegist
-mdp.audit.audit-log-url=/audit/audit/audit/base/operLog/add
+
+mdp.api-gate=http://gate
 mdp.platform-branch-id=platform-branch-001
 
-#限制文件上传大小
-spring.http.multipart.maxFileSize=10Mb
-spring.http.multipart.maxRequestSize=10Mb
+# 权限自动注册接口，云环境下 http://微服务名称/sys/qx/autoRegist，本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=http://sys/sys/qx/autoRegist
+# 审计日志收集，云环境下 http://微服务名称/audit/base/operLog/add，本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=http://audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode，本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= http://sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list，本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= http://sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list，本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= http://sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list，本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= http://sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list，本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= http://sys/sys/userTpa/list
 
 
 
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate，本地调试如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
-mdp.oauth2.server.uri=http://172.16.16.16:7000
-# 客户端必须在数据库表adm.oauth_client_details中配置，否则无法访问
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server，本地调试如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2server
+# oauth2client服务比较特殊，oauth2client工程访问oauth2server要通过非cloud方式访问。即http://ip:port/的方式，或者https://www.qingqinkj.com/api/m1/oauth2server
+mdp.oauth2.server.uri= http://oauth2server
 
 # 下面配置 password 模式
 spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
@@ -85,14 +98,6 @@ spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.
 # 资源服务器
 spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
 
-#配置数据源
-#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-#spring.datasource.jdbc-url=jdbc:oracle:thin:@193.112.138.144:1521:KEYUNSITDB
-#spring.datasource.username=root
-#spring.datasource.password=lqaz@WSX
-#spring.datasource.validation-query=select 1
-#spring.datasource.test-on-borrow=true
-#spring.datasource.validation-interval=30000
 
 
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
diff --git a/xm-bootstrap/xm-bootstrap.iml b/xm-bootstrap/xm-bootstrap.iml
index cb24a5f4..3f7d25e5 100644
--- a/xm-bootstrap/xm-bootstrap.iml
+++ b/xm-bootstrap/xm-bootstrap.iml
@@ -126,7 +126,6 @@
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-redis:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-keyvalue:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-commons:2.4.2" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-oxm:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: redis.clients:jedis:3.3.0" level="project" />
     <orderEntry type="library" name="Maven: org.apache.commons:commons-pool2:2.9.0" level="project" />
@@ -137,7 +136,6 @@
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.module:jackson-module-parameter-names:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-ds:M.1.0.0-RELEASE" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.alibaba:fastjson:1.2.59" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-oauth2-client:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-qx-api:M.1.0.0-RELEASE" level="project" />
@@ -209,6 +207,8 @@
     <orderEntry type="library" name="Maven: org.glassfish:jakarta.el:3.0.3" level="project" />
     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-websocket:9.0.41" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-spring-enhance:M.1.0.0-RELEASE" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-dao-mybatis:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-mybatis-enhance:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.github.pagehelper:pagehelper:5.2.0" level="project" />
diff --git a/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java b/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
index f350aaa6..73664eaa 100644
--- a/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
+++ b/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
@@ -82,8 +82,8 @@ public class XmMenuController {
 		Map<String,Object> m = new HashMap<>(); 
 		RequestUtils.transformArray(xmMenu, "menuIds");
 		PageUtils.startPage(xmMenu);
-		Tips tips=new Tips("查询成功"); 
-			List<Map<String,Object>>	xmMenuList = xmMenuService.selectListMapByWhereWithState(xmMenu);	//列出XmMenu列表
+		Tips tips=new Tips("查询成功");
+		List<Map<String,Object>>	xmMenuList = xmMenuService.selectListMapByWhereWithState(xmMenu);	//列出XmMenu列表
 			PageUtils.responePage(m, xmMenuList);
 			m.put("data",xmMenuList);  
 		m.put("tips", tips);
diff --git a/xm-core/src/main/resources/application-dev.properties b/xm-core/src/main/resources/application-dev.properties
index 08d53e8a..20bcd979 100644
--- a/xm-core/src/main/resources/application-dev.properties
+++ b/xm-core/src/main/resources/application-dev.properties
@@ -1,7 +1,7 @@
 #内置服务器的端口
 server.port=7067
 spring.application.name=xm
-server.context-path=/${spring.application.name}
+#server.context-path=/${spring.application.name}
 #session失效时间 秒
 server.session.timeout=43200
 spring.session.store-type=redis
@@ -16,17 +16,6 @@ spring.sleuth.sampler.percentage=1.0
 
 
 
-#配置数据源
-#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-#spring.datasource.jdbc-url=jdbc:mysql://123.207.117.5:3306/adm?useUnicode=true&characterEncoding=utf-8&useSSL=false&allowMultiQueries=true&serverTimezone=CTTin
-#spring.datasource.username=root
-#spring.datasource.password=lqaz@WSX
-#spring.datasource.validation-query=select 1
-#spring.datasource.test-on-borrow=true
-#spring.datasource.validation-interval=30000
-#spring.jpa.properties.hibernate.dialect =org.hibernate.dialect.Oracle10gDialect
-#spring.jpa.database =ORACLE
-
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
 spring.datasource.jdbc-url=jdbc:mysql://123.207.117.5:3306/xm?useUnicode=true&characterEncoding=utf-8&useSSL=false&allowMultiQueries=true&serverTimezone=CTT&allowPublicKeyRetrieval=true
 spring.datasource.username=root
@@ -77,32 +66,47 @@ mdp.ac.account-check-sign=true
 ###end ac##########
 #mdp.auth.ips=ip1,ip2,ip3,授权ip地址列表，如果非授权ip应用只允许使用24小时
 mdp.auth.ips=172.18.153.152
-mdp.auth.qx-regist-url=/sys/sys/sys/qx/autoRegist
-mdp.audit.audit-log-url=/audit/audit/audit/base/operLog/add
-mdp.platform-branch-id=platform-branch-001
 
 
+mdp.api-gate=http://134.175.57.249:7015
+mdp.platform-branch-id=platform-branch-001
 
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate，本地调试如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
+# 权限自动注册接口，云环境下 http://微服务名称/sys/qx/autoRegist，本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=${mdp.api-gate}/sys/sys/qx/autoRegist
+# 审计日志收集，云环境下 http://微服务名称/audit/base/operLog/add，本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=${mdp.api-gate}/audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode，本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= ${mdp.api-gate}/sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list，本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= ${mdp.api-gate}//sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list，本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= ${mdp.api-gate}/sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list，本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= ${mdp.api-gate}/sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list，本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= ${mdp.api-gate}/sys/sys/userTpa/list
+
+
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server，本地调试http://127.0.0.1:7000，本地如果不起验证服务器，可改为 https://www.qingqinkj.com/api/m1/oauth2server
 mdp.oauth2.server.uri=http://134.175.57.249:7000
 # 客户端必须在数据库表adm.oauth_client_details中配置，否则无法访问
 
 # 下面配置 password 模式
-spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.password-client.provider=oauth2server
 spring.security.oauth2.client.registration.password-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.password-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.password-client.authorization-grant-type= password
 spring.security.oauth2.client.registration.password-client.scope= all
 
 # 下面配置 client_credentials 模式
-spring.security.oauth2.client.registration.def-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.def-client.provider=oauth2server
 spring.security.oauth2.client.registration.def-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.def-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.def-client.authorization-grant-type= client_credentials
 spring.security.oauth2.client.registration.def-client.scope= all
 
 # 下面配置authorization_code模式
-spring.security.oauth2.client.registration.code-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.code-client.provider=oauth2server
 spring.security.oauth2.client.registration.code-client.client-id=${spring.application.name}
 spring.security.oauth2.client.registration.code-client.client-secret= ${spring.application.name}-8888
 spring.security.oauth2.client.registration.code-client.authorization-grant-type= authorization_code
@@ -111,9 +115,9 @@ spring.security.oauth2.client.registration.code-client.redirect-uri= ${messages.
 spring.security.oauth2.client.registration.code-client.scope= all
 
 # 授权码方式获取code
-spring.security.oauth2.client.provider.def-oauth-server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
+spring.security.oauth2.client.provider.oauth2server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
 # 获取token接口
-spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
+spring.security.oauth2.client.provider.oauth2server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
 
 # 资源服务器
 spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
diff --git a/xm-core/src/test/java/com/xm/AutoConfig.java b/xm-core/src/test/java/com/xm/AutoConfig.java
new file mode 100644
index 00000000..4c86f2ce
--- /dev/null
+++ b/xm-core/src/test/java/com/xm/AutoConfig.java
@@ -0,0 +1,13 @@
+package com.xm;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 要使用mdp平台功能，必须 扫码com.mdp包
+ * 一些默认公共配置
+ */
+@ComponentScan(basePackages={"com.mdp"})
+@Configuration
+public class AutoConfig {
+}
diff --git a/xm-core/src/test/java/com/xm/WebSecurityConfig.java b/xm-core/src/test/java/com/xm/WebSecurityConfig.java
index 7b3e06b9..d6245595 100644
--- a/xm-core/src/test/java/com/xm/WebSecurityConfig.java
+++ b/xm-core/src/test/java/com/xm/WebSecurityConfig.java
@@ -2,10 +2,13 @@ package com.xm;
 
 import com.mdp.oauth2.client.resource.MdpJwtAuthenticationConverter;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.web.client.RestOperations;
 
 /**
  * com.qqkj.WebSecurityConfig
@@ -16,9 +19,15 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+
     @Autowired
     MdpJwtAuthenticationConverter jwtConverter;
 
+    @Autowired
+    RestOperations restOperations;
+
+    @Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri:}")
+    String jwkSetUri="";
 
     @Override
     public void configure(WebSecurity web) throws Exception {
@@ -32,10 +41,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
      */
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests().mvcMatchers("/authorize","/authorized","/","/index","/oauth2/login/token","/oauth2/login/token/web").permitAll().and().oauth2Client().and().logout().disable();
+        http.authorizeRequests().anyRequest().authenticated();
+        http.oauth2Client().and().logout().disable();
         http.formLogin().usernameParameter("userloginid");
         http.oauth2Login();
-        http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter);
+        http.oauth2ResourceServer().jwt().decoder(NimbusJwtDecoder.withJwkSetUri(jwkSetUri).restOperations(restOperations).build()).jwtAuthenticationConverter(jwtConverter);
         http.csrf().disable();
     }
 
diff --git a/xm-core/src/test/java/com/xm/XmApplication.java b/xm-core/src/test/java/com/xm/XmApplication.java
index d92159c8..ba5facb1 100644
--- a/xm-core/src/test/java/com/xm/XmApplication.java
+++ b/xm-core/src/test/java/com/xm/XmApplication.java
@@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-@ComponentScan(basePackages={"com.mdp","com.xm"})
+//@ComponentScan(basePackages={"com.mdp","com.xm"})
 @SpringBootApplication
 @EnableRedisHttpSession
 public class XmApplication  {
diff --git a/xm-core/xm-core.iml b/xm-core/xm-core.iml
index bba16314..65bd7323 100644
--- a/xm-core/xm-core.iml
+++ b/xm-core/xm-core.iml
@@ -16,7 +16,6 @@
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-redis:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-keyvalue:2.4.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-commons:2.4.2" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-oxm:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-context-support:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: redis.clients:jedis:3.3.0" level="project" />
@@ -35,7 +34,6 @@
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.fasterxml.jackson.module:jackson-module-parameter-names:2.11.3" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-ds:M.1.0.0-RELEASE" level="project" />
-    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-oauth2-client:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-security:2.4.1" level="project" />
     <orderEntry type="library" name="Maven: org.springframework:spring-aop:5.3.2" level="project" />
@@ -123,6 +121,8 @@
     <orderEntry type="library" name="Maven: org.glassfish:jakarta.el:3.0.3" level="project" />
     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-websocket:9.0.41" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-spring-enhance:M.1.0.0-RELEASE" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-jdbc:5.3.2" level="project" />
+    <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.3.2" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-dao-mybatis:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.mdp:mdp-mybatis-enhance:M.1.0.0-RELEASE" level="project" />
     <orderEntry type="library" name="Maven: com.github.pagehelper:pagehelper:5.2.0" level="project" />