mirror of
https://github.com/zfile-dev/zfile.git
synced 2025-04-19 05:34:52 +00:00
⬆️ 升级依赖版本,修复安全漏洞
This commit is contained in:
zhaojun
54
pom.xml
54
pom.xml
@@ -2,23 +2,26 @@
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<groupId>im.zhaojun</groupId>
|
||||
<artifactId>zfile</artifactId>
|
||||
<version>4.1.5</version>
|
||||
<name>zfile</name>
|
||||
<packaging>jar</packaging>
|
||||
<description>一个在线的文件浏览系统</description>
|
||||
|
||||
<parent>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>2.6.8</version>
|
||||
<version>2.7.12</version>
|
||||
<relativePath/> <!-- lookup parent from repository -->
|
||||
</parent>
|
||||
|
||||
<groupId>im.zhaojun</groupId>
|
||||
<artifactId>zfile</artifactId>
|
||||
<version>4.1.4</version>
|
||||
<name>zfile</name>
|
||||
<packaging>war</packaging>
|
||||
<description>一个在线的文件浏览系统</description>
|
||||
|
||||
<properties>
|
||||
<java.version>1.8</java.version>
|
||||
<org.mapstruct.version>1.5.3.Final</org.mapstruct.version>
|
||||
<snakeyaml.version>2.0</snakeyaml.version>
|
||||
<jackson-bom.version>2.14.1</jackson-bom.version>
|
||||
<sqlite-jdbc.version>3.41.2.2</sqlite-jdbc.version>
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
@@ -52,9 +55,9 @@
|
||||
|
||||
<!-- 数据库相关 -->
|
||||
<dependency>
|
||||
<groupId>mysql</groupId>
|
||||
<artifactId>mysql-connector-java</artifactId>
|
||||
<version>8.0.31</version>
|
||||
<groupId>com.mysql</groupId>
|
||||
<artifactId>mysql-connector-j</artifactId>
|
||||
<version>8.0.33</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
@@ -82,12 +85,12 @@
|
||||
<dependency>
|
||||
<groupId>com.amazonaws</groupId>
|
||||
<artifactId>aws-java-sdk-s3</artifactId>
|
||||
<version>1.12.406</version>
|
||||
<version>1.12.463</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.qiniu</groupId>
|
||||
<artifactId>qiniu-java-sdk</artifactId>
|
||||
<version>7.12.0</version>
|
||||
<version>7.12.1</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.jcraft</groupId>
|
||||
@@ -105,7 +108,7 @@
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-spring-boot-starter</artifactId>
|
||||
<version>1.33.0</version>
|
||||
<version>1.34.0.temp1</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
@@ -121,7 +124,7 @@
|
||||
<dependency>
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-all</artifactId>
|
||||
<version>5.8.10</version>
|
||||
<version>5.8.18</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
@@ -143,9 +146,9 @@
|
||||
<artifactId>okhttp</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>fastjson</artifactId>
|
||||
<version>1.2.83_noneautotype</version>
|
||||
<groupId>com.alibaba.fastjson2</groupId>
|
||||
<artifactId>fastjson2</artifactId>
|
||||
<version>2.0.29</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.google.guava</groupId>
|
||||
@@ -175,7 +178,7 @@
|
||||
<dependency>
|
||||
<groupId>org.json</groupId>
|
||||
<artifactId>json</artifactId>
|
||||
<version>20200518</version>
|
||||
<version>20230227</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
@@ -191,6 +194,19 @@
|
||||
<groupId>org.springframework.retry</groupId>
|
||||
<artifactId>spring-retry</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- https://mvnrepository.com/artifact/commons-fileupload/commons-fileupload -->
|
||||
<dependency>
|
||||
<groupId>commons-fileupload</groupId>
|
||||
<artifactId>commons-fileupload</artifactId>
|
||||
<version>1.5</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>dns-cache-manipulator</artifactId>
|
||||
<version>1.8.1</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -1 +1 @@
|
||||
package im.zhaojun.zfile.core.config;
|
||||
package im.zhaojun.zfile.core.config;
|
||||
File diff suppressed because one or more lines are too long
@@ -118,7 +118,7 @@ public final class HttpLoggingInterceptor implements Interceptor {
|
||||
void log(String message);
|
||||
|
||||
/** A {@link Logger} defaults output appropriate for the current platform. */
|
||||
Logger DEFAULT = message -> Platform.get().log(INFO, message, null);
|
||||
Logger DEFAULT = message -> Platform.get().log(message, INFO, null);
|
||||
|
||||
Logger DEBUG = log::debug;
|
||||
Logger TRACE = log::trace;
|
||||
|
||||
@@ -5,7 +5,7 @@ import cn.hutool.core.io.IoUtil;
|
||||
import cn.hutool.core.util.BooleanUtil;
|
||||
import cn.hutool.core.util.CharsetUtil;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.alibaba.fastjson2.JSONArray;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
|
||||
import im.zhaojun.zfile.core.exception.file.InvalidStorageSourceException;
|
||||
|
||||
@@ -2,7 +2,7 @@ package im.zhaojun.zfile.module.storage.controller.callback;
|
||||
|
||||
import cn.hutool.core.codec.Base64;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
|
||||
import im.zhaojun.zfile.module.storage.model.dto.OAuth2TokenDTO;
|
||||
import io.swagger.annotations.Api;
|
||||
|
||||
@@ -3,9 +3,9 @@ package im.zhaojun.zfile.module.storage.controller.helper;
|
||||
import cn.hutool.http.HttpRequest;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import cn.hutool.http.HttpUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.alibaba.fastjson2.JSONArray;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
|
||||
import im.zhaojun.zfile.module.storage.model.request.GetGoogleDriveListRequest;
|
||||
import im.zhaojun.zfile.module.storage.model.result.GoogleDriveInfoResult;
|
||||
|
||||
@@ -4,8 +4,8 @@ import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.http.HttpRequest;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import cn.hutool.http.HttpUtil;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.alibaba.fastjson2.JSONArray;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport;
|
||||
import im.zhaojun.zfile.module.storage.model.request.SharePointSearchSitesRequest;
|
||||
import im.zhaojun.zfile.module.storage.model.request.SharePointSiteListsRequest;
|
||||
|
||||
@@ -4,9 +4,10 @@ import cn.hutool.crypto.SecureUtil;
|
||||
import cn.hutool.http.Header;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import cn.hutool.http.HttpUtil;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.amazonaws.auth.AWSStaticCredentialsProvider;
|
||||
import com.alibaba.fastjson2.JSONArray;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import com.amazonaws.auth.AWSCredentials;
|
||||
import com.amazonaws.auth.AWSCredentialsProvider;
|
||||
import com.amazonaws.auth.BasicSessionCredentials;
|
||||
import com.amazonaws.client.builder.AwsClientBuilder;
|
||||
import com.amazonaws.services.s3.AmazonS3ClientBuilder;
|
||||
|
||||
@@ -10,9 +10,9 @@ import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.http.HttpRequest;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import cn.hutool.http.HttpUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.alibaba.fastjson2.JSONArray;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import im.zhaojun.zfile.core.exception.StorageSourceRefreshTokenException;
|
||||
import im.zhaojun.zfile.core.exception.http.HttpResponseStatusErrorException;
|
||||
import im.zhaojun.zfile.core.util.RequestHolder;
|
||||
|
||||
@@ -5,7 +5,7 @@ import cn.hutool.core.io.FileUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.crypto.SecureUtil;
|
||||
import com.UpYun;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.upyun.Params;
|
||||
import com.upyun.UpException;
|
||||
import com.upyun.UpYunUtils;
|
||||
|
||||
@@ -0,0 +1,106 @@
|
||||
/*
|
||||
*
|
||||
* Copyright 2017-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package springfox.documentation.swagger2.web;
|
||||
|
||||
import io.swagger.models.Swagger;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||
import org.springframework.plugin.core.PluginRegistry;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.util.HtmlUtils;
|
||||
import springfox.documentation.annotations.ApiIgnore;
|
||||
import springfox.documentation.service.Documentation;
|
||||
import springfox.documentation.spi.DocumentationType;
|
||||
import springfox.documentation.spring.web.DocumentationCache;
|
||||
import springfox.documentation.spring.web.OnReactiveWebApplication;
|
||||
import springfox.documentation.spring.web.json.Json;
|
||||
import springfox.documentation.spring.web.json.JsonSerializer;
|
||||
import springfox.documentation.spring.web.plugins.Docket;
|
||||
import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
import static org.springframework.util.MimeTypeUtils.*;
|
||||
import static springfox.documentation.swagger2.web.Swagger2ControllerWebMvc.*;
|
||||
|
||||
@RestController
|
||||
@ApiIgnore
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.REACTIVE)
|
||||
@RequestMapping(SWAGGER2_SPECIFICATION_PATH)
|
||||
@Conditional({OnReactiveWebApplication.class})
|
||||
public class Swagger2ControllerWebFlux {
|
||||
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(Swagger2ControllerWebFlux.class);
|
||||
private static final String HAL_MEDIA_TYPE = "application/hal+json";
|
||||
|
||||
private final DocumentationCache documentationCache;
|
||||
private final ServiceModelToSwagger2Mapper mapper;
|
||||
private final JsonSerializer jsonSerializer;
|
||||
private final PluginRegistry<WebFluxSwaggerTransformationFilter, DocumentationType> transformations;
|
||||
|
||||
@Autowired
|
||||
public Swagger2ControllerWebFlux(
|
||||
DocumentationCache documentationCache,
|
||||
ServiceModelToSwagger2Mapper mapper,
|
||||
JsonSerializer jsonSerializer,
|
||||
@Qualifier("webFluxSwaggerTransformationFilterRegistry")
|
||||
PluginRegistry<WebFluxSwaggerTransformationFilter, DocumentationType> transformations) {
|
||||
this.documentationCache = documentationCache;
|
||||
this.mapper = mapper;
|
||||
this.jsonSerializer = jsonSerializer;
|
||||
this.transformations = transformations;
|
||||
}
|
||||
|
||||
@RequestMapping(
|
||||
method = RequestMethod.GET,
|
||||
produces = {APPLICATION_JSON_VALUE, HAL_MEDIA_TYPE})
|
||||
@ResponseBody
|
||||
public ResponseEntity<Json> getDocumentation(
|
||||
@RequestParam(value = "group", required = false) String swaggerGroup,
|
||||
ServerHttpRequest request) {
|
||||
|
||||
String groupName = Optional.ofNullable(swaggerGroup).orElse(Docket.DEFAULT_GROUP_NAME);
|
||||
Documentation documentation = documentationCache.documentationByGroup(groupName);
|
||||
if (documentation == null) {
|
||||
LOGGER.warn("Unable to find specification for group {}", HtmlUtils.htmlEscape(groupName));
|
||||
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
|
||||
}
|
||||
Swagger swagger = mapper.mapDocumentation(documentation);
|
||||
SwaggerTransformationContext<ServerHttpRequest> context
|
||||
= new SwaggerTransformationContext<>(swagger, request);
|
||||
List<WebFluxSwaggerTransformationFilter> filters = transformations.getPluginsFor(DocumentationType.SWAGGER_2);
|
||||
for (WebFluxSwaggerTransformationFilter each : filters) {
|
||||
context = context.next(each.transform(context));
|
||||
}
|
||||
return new ResponseEntity<>(jsonSerializer.toJson(context.getSpecification()), HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,110 @@
|
||||
/*
|
||||
*
|
||||
* Copyright 2017-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package springfox.documentation.swagger2.web;
|
||||
|
||||
import io.swagger.models.Swagger;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.plugin.core.PluginRegistry;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.util.HtmlUtils;
|
||||
import springfox.documentation.annotations.ApiIgnore;
|
||||
import springfox.documentation.service.Documentation;
|
||||
import springfox.documentation.spi.DocumentationType;
|
||||
import springfox.documentation.spring.web.DocumentationCache;
|
||||
import springfox.documentation.spring.web.OnServletBasedWebApplication;
|
||||
import springfox.documentation.spring.web.json.Json;
|
||||
import springfox.documentation.spring.web.json.JsonSerializer;
|
||||
import springfox.documentation.spring.web.plugins.Docket;
|
||||
import springfox.documentation.swagger2.mappers.ServiceModelToSwagger2Mapper;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import static java.util.Optional.*;
|
||||
import static org.springframework.util.MimeTypeUtils.*;
|
||||
import static springfox.documentation.swagger2.web.Swagger2ControllerWebMvc.*;
|
||||
|
||||
@ApiIgnore
|
||||
@RestController
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
|
||||
@RequestMapping(SWAGGER2_SPECIFICATION_PATH)
|
||||
@Conditional(OnServletBasedWebApplication.class)
|
||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||
public class Swagger2ControllerWebMvc {
|
||||
public static final String SWAGGER2_SPECIFICATION_PATH
|
||||
= "${springfox.documentation.swagger.v2.path:/v2/api-docs}";
|
||||
|
||||
private static final Logger LOGGER = LoggerFactory.getLogger(Swagger2ControllerWebMvc.class);
|
||||
private static final String HAL_MEDIA_TYPE = "application/hal+json";
|
||||
private final DocumentationCache documentationCache;
|
||||
private final ServiceModelToSwagger2Mapper mapper;
|
||||
private final JsonSerializer jsonSerializer;
|
||||
private final PluginRegistry<WebMvcSwaggerTransformationFilter, DocumentationType> transformations;
|
||||
|
||||
@Autowired
|
||||
public Swagger2ControllerWebMvc(
|
||||
DocumentationCache documentationCache,
|
||||
ServiceModelToSwagger2Mapper mapper,
|
||||
JsonSerializer jsonSerializer,
|
||||
@Qualifier("webMvcSwaggerTransformationFilterRegistry")
|
||||
PluginRegistry<WebMvcSwaggerTransformationFilter, DocumentationType> transformations) {
|
||||
this.documentationCache = documentationCache;
|
||||
this.mapper = mapper;
|
||||
this.jsonSerializer = jsonSerializer;
|
||||
this.transformations = transformations;
|
||||
}
|
||||
|
||||
@RequestMapping(
|
||||
method = RequestMethod.GET,
|
||||
produces = {APPLICATION_JSON_VALUE, HAL_MEDIA_TYPE})
|
||||
public ResponseEntity<Json> getDocumentation(
|
||||
@RequestParam(value = "group", required = false) String swaggerGroup,
|
||||
HttpServletRequest servletRequest) {
|
||||
|
||||
String groupName = ofNullable(swaggerGroup).orElse(Docket.DEFAULT_GROUP_NAME);
|
||||
Documentation documentation = documentationCache.documentationByGroup(groupName);
|
||||
if (documentation == null) {
|
||||
LOGGER.warn("Unable to find specification for group {}", HtmlUtils.htmlEscape(groupName));
|
||||
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
|
||||
}
|
||||
Swagger swagger = mapper.mapDocumentation(documentation);
|
||||
SwaggerTransformationContext<HttpServletRequest> context
|
||||
= new SwaggerTransformationContext<>(swagger, servletRequest);
|
||||
List<WebMvcSwaggerTransformationFilter> filters = transformations.getPluginsFor(DocumentationType.SWAGGER_2);
|
||||
for (WebMvcSwaggerTransformationFilter each : filters) {
|
||||
context = context.next(each.transform(context));
|
||||
}
|
||||
return new ResponseEntity<>(jsonSerializer.toJson(context.getSpecification()), HttpStatus.OK);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user