From d13807e793283f9de4f669cf0f82caf5ce156d2e Mon Sep 17 00:00:00 2001
From: wangyu <727842003@qq.com>
Date: Sat, 1 Oct 2022 21:42:24 +0800
Subject: [PATCH] =?UTF-8?q?feat=EF=BC=9A=E5=AE=8C=E7=BE=8E=E8=A7=A3?=
 =?UTF-8?q?=E5=86=B3http=20basic=E7=9A=84=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../framework/config/WebSecurityConfig.java   | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java b/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
index 181b826..eae65c1 100644
--- a/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
@@ -17,6 +17,7 @@ import com.flyfish.framework.initializer.UserInitializer;
 import com.flyfish.framework.service.AuthenticationAuditor;
 import com.flyfish.framework.service.AuthenticationLogger;
 import com.flyfish.framework.service.UserService;
+import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@@ -24,6 +25,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.ReactiveAuthenticationManager;
 import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@@ -38,13 +40,13 @@ import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
+import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
 import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
+import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler;
 import org.springframework.security.web.server.context.ServerSecurityContextRepository;
 import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
 import reactor.core.publisher.Mono;
 
-import java.util.stream.Stream;
-
 import static org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers.pathMatchers;
 
 /**
@@ -131,8 +133,7 @@ public class WebSecurityConfig {
         return http
                 .securityContextRepository(contextRepository())
                 .authorizeExchange()
-                .pathMatchers(Stream.concat(Stream.of(properties.getAllowUris()), Stream.of("/api/logout", "/api/login"))
-                        .toArray(String[]::new)).permitAll()
+                .pathMatchers(ArrayUtils.addAll(properties.getAllowUris(), "/api/logout", "/api/login")).permitAll()
                 .pathMatchers("/api/users/**").authenticated()
                 .anyExchange().authenticated()
                 .and()
@@ -144,9 +145,13 @@ public class WebSecurityConfig {
                 .logoutUrl("/api/logout")
                 .logoutSuccessHandler(new JsonLogoutSuccessHandler(authenticationAuditor, tokenProvider))
                 .and()
+                .exceptionHandling()
+                .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED))
+                .accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.UNAUTHORIZED))
+                .and()
                 .csrf().disable()
                 .addFilterAt(
-                        configure(properties, authenticationManager, authenticationAuditor, authenticationConverter),
+                        configure(authenticationManager, authenticationAuditor, authenticationConverter),
                         SecurityWebFiltersOrder.FORM_LOGIN)
                 .build();
     }
@@ -192,14 +197,12 @@ public class WebSecurityConfig {
     /**
      * 配置登录相关参数
      *
-     * @param properties              安全属性
      * @param authenticationAuditor   审计器
      * @param authenticationConverter 转换器
      * @param authenticationManager   鉴权管理器
      * @return 结果
      */
-    private AuthenticationWebFilter configure(SecurityProperties properties,
-                                              ReactiveAuthenticationManager authenticationManager,
+    private AuthenticationWebFilter configure(ReactiveAuthenticationManager authenticationManager,
                                               AuthenticationAuditor authenticationAuditor,
                                               ServerAuthenticationConverter authenticationConverter) {
         AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(authenticationManager);