flyfish-group/flyfish-framework
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat:完美解决http basic的问题

Browse Source
This commit is contained in:
wangyu 2022-10-01 21:42:24 +08:00
parent 8fbc8ad6b1
commit d13807e793
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
View File

@ -17,6 +17,7 @@ import com.flyfish.framework.initializer.UserInitializer;
import com.flyfish.framework.service.AuthenticationAuditor; import com.flyfish.framework.service.AuthenticationAuditor;
import com.flyfish.framework.service.AuthenticationLogger; import com.flyfish.framework.service.AuthenticationLogger;
import com.flyfish.framework.service.UserService; import com.flyfish.framework.service.UserService;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.ObjectProvider; import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ -24,6 +25,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.http.HttpMethod; import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.ReactiveAuthenticationManager; import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager; import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@ -38,13 +40,13 @@ import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authentication.AuthenticationWebFilter; import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
import org.springframework.security.web.server.authentication.ServerAuthenticationConverter; import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler;
import org.springframework.security.web.server.context.ServerSecurityContextRepository; import org.springframework.security.web.server.context.ServerSecurityContextRepository;
import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository; import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import java.util.stream.Stream;
import static org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers.pathMatchers; import static org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers.pathMatchers;
/** /**
@ -131,8 +133,7 @@ public class WebSecurityConfig {
return http return http
.securityContextRepository(contextRepository()) .securityContextRepository(contextRepository())
.authorizeExchange() .authorizeExchange()
.pathMatchers(Stream.concat(Stream.of(properties.getAllowUris()), Stream.of("/api/logout", "/api/login")) .pathMatchers(ArrayUtils.addAll(properties.getAllowUris(), "/api/logout", "/api/login")).permitAll()
.toArray(String[]::new)).permitAll()
.pathMatchers("/api/users/**").authenticated() .pathMatchers("/api/users/**").authenticated()
.anyExchange().authenticated() .anyExchange().authenticated()
.and() .and()
@ -144,9 +145,13 @@ public class WebSecurityConfig {
.logoutUrl("/api/logout") .logoutUrl("/api/logout")
.logoutSuccessHandler(new JsonLogoutSuccessHandler(authenticationAuditor, tokenProvider)) .logoutSuccessHandler(new JsonLogoutSuccessHandler(authenticationAuditor, tokenProvider))
.and() .and()
.exceptionHandling()
.authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED))
.accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.UNAUTHORIZED))
.and()
.csrf().disable() .csrf().disable()
.addFilterAt( .addFilterAt(
configure(properties, authenticationManager, authenticationAuditor, authenticationConverter), configure(authenticationManager, authenticationAuditor, authenticationConverter),
SecurityWebFiltersOrder.FORM_LOGIN) SecurityWebFiltersOrder.FORM_LOGIN)
.build(); .build();
} }
@ -192,14 +197,12 @@ public class WebSecurityConfig {
/** /**
* 配置登录相关参数 * 配置登录相关参数
* *
* @param properties 安全属性
* @param authenticationAuditor 审计器 * @param authenticationAuditor 审计器
* @param authenticationConverter 转换器 * @param authenticationConverter 转换器
* @param authenticationManager 鉴权管理器 * @param authenticationManager 鉴权管理器
* @return 结果 * @return 结果
*/ */
private AuthenticationWebFilter configure(SecurityProperties properties, private AuthenticationWebFilter configure(ReactiveAuthenticationManager authenticationManager,
ReactiveAuthenticationManager authenticationManager,
AuthenticationAuditor authenticationAuditor, AuthenticationAuditor authenticationAuditor,
ServerAuthenticationConverter authenticationConverter) { ServerAuthenticationConverter authenticationConverter) {
AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(authenticationManager); AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(authenticationManager);