优化配置文件

2022-04-30 00:12:50 +08:00 · 2022-04-30 00:12:50 +08:00 · 3f632afe34
parent 06a5136b1a
commit 3f632afe34
2 changed files with 22 additions and 4 deletions
--- a/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java
+++ b/fast-boot-framework/src/main/java/net/maku/framework/security/config/PermitResource.java
@ -0,0 +1,21 @@
+package net.maku.framework.security.config;
+
+/**
+ * 允许访问的资源
+ *
+ * @author 阿沐 babamu@126.com
+ */
+public class PermitResource {
+    /**
+     * 指定被 spring security oauth2.0 忽略的URL
+     */
+    public static final String [] IGNORING_URLS = {
+        "/actuator/**",
+        "/v3/api-docs/**",
+        "/webjars/**",
+        "/swagger/**",
+        "/swagger-resources/**",
+        "/doc.html",
+        "/oauth/captcha"
+    };
+}
--- a/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java
+++ b/fast-boot-framework/src/main/java/net/maku/framework/security/config/ResourceServerConfig.java
@ -35,11 +35,8 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
        http
            .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
            .and()
-            .requestMatchers()
-            // 被保护的资源
-            .antMatchers("/sys/**")
-            .and()
            .authorizeRequests()
+            .antMatchers(PermitResource.IGNORING_URLS).permitAll()
            .anyRequest().authenticated()
        ;
    }