优化配置
This commit is contained in:
阿沐
parent
13e56aa790
commit
0d210944cd
|
|
@ -1,7 +1,6 @@
|
|||
package net.maku.framework.security.config;
|
||||
package net.maku.security.config;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import net.maku.framework.security.exception.SecurityAuthenticationEntryPoint;
|
||||
import net.maku.framework.security.mobile.MobileAuthenticationProvider;
|
||||
import net.maku.framework.security.mobile.MobileUserDetailsService;
|
||||
import net.maku.framework.security.mobile.MobileVerifyCodeService;
|
||||
|
|
@ -11,23 +10,15 @@ import net.maku.framework.security.third.ThirdUserDetailsService;
|
|||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
|
||||
import org.springframework.security.authentication.ProviderManager;
|
||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
|
@ -43,8 +34,6 @@ import java.util.List;
|
|||
@EnableWebSecurity
|
||||
@EnableMethodSecurity
|
||||
public class SecurityConfig {
|
||||
private final OncePerRequestFilter authenticationTokenFilter;
|
||||
private final PermitResource permitResource;
|
||||
private final UserDetailsService userDetailsService;
|
||||
private final MobileUserDetailsService mobileUserDetailsService;
|
||||
private final MobileVerifyCodeService mobileVerifyCodeService;
|
||||
|
|
@ -84,26 +73,4 @@ public class SecurityConfig {
|
|||
|
||||
return providerManager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// 忽略授权的地址列表
|
||||
List<String> permitList = permitResource.getPermitList();
|
||||
String[] permits = permitList.toArray(new String[0]);
|
||||
|
||||
http
|
||||
.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers(permits).permitAll()
|
||||
.requestMatchers(HttpMethod.OPTIONS).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.exceptionHandling(exception -> exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint()))
|
||||
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
;
|
||||
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,56 @@
|
|||
package net.maku.framework.security.config;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import net.maku.framework.security.exception.SecurityAuthenticationEntryPoint;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Spring SecurityFilter 配置文件
|
||||
*
|
||||
* @author 阿沐 babamu@126.com
|
||||
* <a href="https://maku.net">MAKU</a>
|
||||
*/
|
||||
@Configuration
|
||||
@AllArgsConstructor
|
||||
@EnableWebSecurity
|
||||
@EnableMethodSecurity
|
||||
public class SecurityFilterConfig {
|
||||
private final OncePerRequestFilter authenticationTokenFilter;
|
||||
private final PermitResource permitResource;
|
||||
|
||||
@Bean
|
||||
SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
// 忽略授权的地址列表
|
||||
List<String> permitList = permitResource.getPermitList();
|
||||
String[] permits = permitList.toArray(new String[0]);
|
||||
|
||||
http
|
||||
.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers(permits).permitAll()
|
||||
.requestMatchers(HttpMethod.OPTIONS).permitAll()
|
||||
.anyRequest().authenticated()
|
||||
)
|
||||
.exceptionHandling(exception -> exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint()))
|
||||
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
;
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user