docs: 完善部署文档
diff --git "a/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md" "b/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
index a6d9645..5a8472d 100644
--- "a/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
+++ "b/deploy-manifests/k8s-rancher/0.0.1.\345\274\200\346\224\276\345\271\263\345\217\260\345\256\211\350\243\205\351\203\250\347\275\262\346\211\213\345\206\214.md"
@@ -123,7 +123,7 @@
```
dev-portal.paas.xxx.edu.cn 开放平台的前端前台UI
- dev-admin-spa.paas.xxx.edu.cn 开放平台的前端后台UI
+ dev-admin.paas.xxx.edu.cn 开放平台的前端后台UI
dev-center.paas.xxx.edu.cn 开放平台的网关api
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql b/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
index 29c586c..9c35bf4 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
+++ b/deploy-manifests/k8s-rancher/open-platform/1.0.init.sql
@@ -1,25 +1,38 @@
use cas_server;
+-- portal-ui 认证对接信息
INSERT INTO `TB_SERVICE` (`ID`, `COMPANY_ID`, `DELETED`, `ADD_ACCOUNT`, `ADD_TIME`,
`NAME`, `DESCRIPTION`, `INFORMATION_URL`, `LOGOUT_URL`,
`RESPONSE_TYPE`, `LOGOUT_TYPE`,
`EVALUATION_ORDER`, `FRIENDLY_NAME`, `REGISTERED_SERVICE_ID`, `SERVICE_ID`,
`ENABLED`, `SSO_ENABLED`, `REQUIRE_ALL_ATTRIBUTES`,
- `APPLICATION_ID`, `EXTERNAL_ID`,
`ID_TOKEN_ENABLED`, `JWT_AS_SERVICE_TICKET`,
+ `APPLICATION_ID`, `EXTERNAL_ID`,
`APPLICATION_DOMAIN`
)
-VALUES ('15', '1', 0, 'admin', '2020-07-01 00:00:00',
- '开发者中心', '开发者中心', 'https://dev-center.paas.xxx.edu.cn/dev-portal', 'https://dev-center.paas.xxx.edu.cn/dev-portal/?clearCertification=clearCertification',
+VALUES ('90', '1', 0, 'admin', '2021-10-20 00:00:00',
+ '开发者中心', '开发者中心', 'https://dev-portal.paas.xxx.edu.cn/', 'https://dev-portal.paas.xxx.edu.cn/?clearCertification=clearCertification',
'REDIRECT', 'FRONT_CHANNEL',
- 15, '开发者中心', 15, 'https://dev-center.paas.xxx.edu.cn/dev-portal/(.*)',
+ 90, '开发者中心', 90, 'https://dev-portal.paas.xxx.edu.cn/(.*)',
1, 1, 1,
- '15', '15',
1, 1,
- 'dev-center.paas.xxx.edu.cn'
+ '90', '90',
+ 'dev-portal.paas.xxx.edu.cn'
);
+
+-- 修改根域名
+update TB_SERVICE
+set
+ INFORMATION_URL='https://dev-portal.paas.xxx.edu.cn/',
+ LOGOUT_URL='https://dev-portal.paas.xxx.edu.cn/?clearCertification=clearCertification',
+ SERVICE_ID='https://dev-portal.paas.xxx.edu.cn/(.*)',
+ ID_TOKEN_ENABLED=1,
+ JWT_AS_SERVICE_TICKET=1,
+ APPLICATION_DOMAIN='dev-portal.paas.xxx.edu.cn'
+where ID='90'; -- todo, modify
+
commit;
@@ -43,7 +56,7 @@
`IS_DEVELOPER`, `IS_OPERATOR`, `IS_SCOPE_AUDIT`, `IS_ADMINISTRATOR`, `IS_SCHOOL_ACCOUNT`,
`TYPE`, `NAME`, `STATUS`
)
-VALUES ('13', '1', 0, 'admin', '2020-07-01 00:00:00',
+VALUES ('90', '1', 0, 'admin', '2020-10-20 00:00:00',
'openadmin', 'openadmin', 1, 1, 1, 1,
0, 0, 0, 1, 0,
'admin', '开放平台管理员', '1'
@@ -142,33 +155,33 @@
`UID`, `PASSWORD`, `NAME`, `NAME_SPELLING`, `FULL_NAME_SPELLING`,
`CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`, `PHONE_NUMBER`, `EMAIL`,
`GENDER_ID`, `NATION_ID`, `COUNTRY_ID`, `ADDRESS_ID`)
-VALUES ('13', 0,
- '13', 'openadmin', '开放平台管理员', 'openadmin', 'openadmin',
- '20001', '13', null, 'openadmin@supwisdom.com',
+VALUES ('90', 0,
+ '90', 'openadmin', '开放平台管理员', 'openadmin', 'openadmin',
+ '20001', '90', null, 'openadmin@supwisdom.com',
'30001', '40001', '50156', null);
INSERT INTO `TB_B_SAFETY`(`ID`, `DELETED`, `USER_ID`, `SCORE`, `PASSWORD_SCORE`, `SECURE_EMAIL`, `SECURE_PHONE`)
-VALUES ('13', 0, '13', '0', '0', null, null);
+VALUES ('90', 0, '90', '0', '0', null, null);
INSERT INTO `TB_B_ACCOUNT` (`ID`, `DELETED`, `USER_ID`,
`ACCOUNT_NAME`, `ACCOUNT_EXPIRY_DATE`, `ORGANIZATION_ID`, `IDENTITY_TYPE_ID`,
`ACTIVATION`, `STATE`, `IS_DATA_CENTER`,
`USER_UID`, `USER_NAME`, `CERTIFICATE_TYPE_ID`, `CERTIFICATE_NUMBER`)
-VALUES ('13', 0, '13',
- 'openadmin', null, '0', 'D02',
+VALUES ('90', 0, '90',
+ 'openadmin', null, '0', '1',
1, 'NORMAL', 0,
- '13', '开放平台管理员', '20001', '13');
+ '90', '开放平台管理员', '20001', '90');
INSERT INTO `TB_B_ACCOUNT_ORGANIZATION` (`ID`, `DELETED`,
`ROOT_ORGANIZATION_ID`, `ACCOUNT_ID`, `ORGANIZATION_ID`)
-VALUES ('13_0', 0,
- '0', '13', '0');
+VALUES ('90_0', 0,
+ '0', '90', '0');
/*
INSERT INTO `TB_B_ACCOUNT_LABEL`(`ID`, `DELETED`,
`ACCOUNT_ID`, `LABEL_ID`)
-VALUES ('13_1', 0, '13', '1');
+VALUES ('90_1', 0, '90', '1');
*/
commit;
diff --git a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
index fae1f18..5834216 100644
--- a/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
+++ b/deploy-manifests/k8s-rancher/open-platform/1.developer-center/4.5.developer-center-gateway-zuul.yaml
@@ -44,13 +44,13 @@
##
# security idtoken
#
- INFRAS_SECURITY_IDTOKEN_ENABLED: "true"
+ INFRAS_SECURITY_IDTOKEN_ENABLED: "false"
# 这里依赖cas 服务
INFRAS_SECURITY_IDTOKEN_SIGNING_KEY_URL: "http://cas-server-site-webapp-svc.cas-server.svc.cluster.local:8080/cas/jwt/publicKey"
# 对接 uniauth认证时,使用以下配置
#INFRAS_SECURITY_IDTOKEN_SIGNING_KEY_URL: "http://uniauth-prod-backend.uniauth.svc.cluster.local:9090/idtoken/publicKey"
- INFRAS_SECURITY_JWT_ENABLED: "false"
+ INFRAS_SECURITY_JWT_ENABLED: "true"
INFRAS_SECURITY_JWT_TOKEN_GENERATE_TYPE: cas
INFRAS_SECURITY_JWT_TOKEN_DECRYPT_KEY_PRIVATE_KEY_PEM_PKCS8: ""