From e6e37cef41e56937020347e41b30357e9f1a7196 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=98=BF=E6=B2=90?= Date: Wed, 20 Jul 2022 12:25:29 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=9D=83=E9=99=90=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E6=96=B9=E5=BC=8F=EF=BC=8C=E5=85=81=E8=AE=B8=E4=BF=AE?= =?UTF-8?q?=E6=94=B9auth.yml=E9=85=8D=E7=BD=AE=E6=96=87=E4=BB=B6=EF=BC=8C?= =?UTF-8?q?=E5=BF=BD=E7=95=A5=E4=B8=8D=E9=9C=80=E8=A6=81=E8=AE=A4=E8=AF=81?= =?UTF-8?q?=E7=9A=84=E8=B5=84=E6=BA=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../framework/security/config/PermitResource.java | 58 ++++++++++++++++++---- .../security/config/ResourceServerConfig.java | 9 +++- fast-boot-new/src/main/resources/auth.yml | 4 ++ fast-boot-system/src/main/resources/auth.yml | 11 ++++ 4 files changed, 70 insertions(+), 12 deletions(-) create mode 100644 fast-boot-new/src/main/resources/auth.yml create mode 100644 fast-boot-system/src/main/resources/auth.yml diff --git a/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java b/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java index 8bda3df..8ff764a 100644 --- a/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java +++ b/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java @@ -1,23 +1,59 @@ package net.maku.framework.security.config; +import lombok.SneakyThrows; +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.config.YamlPropertiesFactoryBean; +import org.springframework.core.io.Resource; +import org.springframework.core.io.support.PathMatchingResourcePatternResolver; +import org.springframework.core.io.support.ResourcePatternResolver; +import org.springframework.stereotype.Component; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Properties; + /** * 允许访问的资源 * * @author 阿沐 babamu@126.com */ +@Component public class PermitResource { /** * 指定被 spring security oauth2.0 忽略的URL */ - public static final String [] IGNORING_URLS = { - "/actuator/**", - "/v3/api-docs/**", - "/webjars/**", - "/swagger/**", - "/swagger-resources/**", - "/swagger-ui.html", - "/swagger-ui/**", - "/doc.html", - "/sys/oauth/captcha" - }; + @SneakyThrows + public List getPermitList(){ + ResourcePatternResolver resolver = new PathMatchingResourcePatternResolver(); + Resource[] resources = resolver.getResources("classpath*:auth.yml"); + String key = "auth.ignore_urls"; + + return getPropertiesList(key, resources); + } + + private List getPropertiesList(String key, Resource... resources){ + List list = new ArrayList<>(); + + // 解析资源文件 + for(Resource resource : resources) { + Properties properties = loadYamlProperties(resource); + + for (Map.Entry entry : properties.entrySet()) { + String tmpKey = StringUtils.substringBefore(entry.getKey().toString(), "["); + if(tmpKey.equalsIgnoreCase(key)){ + list.add(entry.getValue().toString()); + } + } + } + return list; + } + + private Properties loadYamlProperties(Resource... resources) { + YamlPropertiesFactoryBean factory = new YamlPropertiesFactoryBean(); + factory.setResources(resources); + factory.afterPropertiesSet(); + + return factory.getObject(); + } } diff --git a/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java b/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java index daeac9f..ca5cf45 100644 --- a/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java +++ b/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java @@ -11,6 +11,8 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.R import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; import org.springframework.security.oauth2.provider.token.TokenStore; +import java.util.List; + /** * 资源服务器配置 * @@ -22,6 +24,7 @@ import org.springframework.security.oauth2.provider.token.TokenStore; @EnableGlobalMethodSecurity(prePostEnabled = true) public class ResourceServerConfig extends ResourceServerConfigurerAdapter { private final TokenStore tokenStore; + private final PermitResource permitResource; @Override public void configure(ResourceServerSecurityConfigurer resources) { @@ -32,11 +35,15 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { + // 忽略授权的地址列表 + List permitList = permitResource.getPermitList(); + String [] permits = permitList.toArray(new String[permitList.size()]); + http .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() .authorizeRequests() - .antMatchers(PermitResource.IGNORING_URLS).permitAll() + .antMatchers(permits).permitAll() .anyRequest().authenticated() ; } diff --git a/fast-boot-new/src/main/resources/auth.yml b/fast-boot-new/src/main/resources/auth.yml new file mode 100644 index 0000000..0fde962 --- /dev/null +++ b/fast-boot-new/src/main/resources/auth.yml @@ -0,0 +1,4 @@ +# 配置忽略认证的URL地址 +auth: + ignore_urls: + - /new/** \ No newline at end of file diff --git a/fast-boot-system/src/main/resources/auth.yml b/fast-boot-system/src/main/resources/auth.yml new file mode 100644 index 0000000..e0a9b12 --- /dev/null +++ b/fast-boot-system/src/main/resources/auth.yml @@ -0,0 +1,11 @@ +auth: + ignore_urls: + - /actuator/** + - /v3/api-docs/** + - /webjars/** + - /swagger/** + - /swagger-resources/** + - /swagger-ui.html + - /swagger-ui/** + - /doc.html + - /sys/oauth/captcha \ No newline at end of file