feat：完美解决http basic的问题

2022-10-01 21:42:24 +08:00 · 2022-10-01 21:42:24 +08:00 · d13807e793
commit d13807e793
parent 8fbc8ad6b1
1 changed files with 11 additions and 8 deletions
--- a/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
+++ b/flyfish-user/src/main/java/com/flyfish/framework/config/WebSecurityConfig.java
@ -17,6 +17,7 @@ import com.flyfish.framework.initializer.UserInitializer;
 import com.flyfish.framework.service.AuthenticationAuditor;
 import com.flyfish.framework.service.AuthenticationLogger;
 import com.flyfish.framework.service.UserService;
+import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@ -24,6 +25,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
 import org.springframework.context.annotation.Bean;
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
 import org.springframework.security.authentication.ReactiveAuthenticationManager;
 import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@ -38,13 +40,13 @@ import org.springframework.security.crypto.password.DelegatingPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
+import org.springframework.security.web.server.authentication.HttpStatusServerEntryPoint;
 import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
+import org.springframework.security.web.server.authorization.HttpStatusServerAccessDeniedHandler;
 import org.springframework.security.web.server.context.ServerSecurityContextRepository;
 import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
 import reactor.core.publisher.Mono;

-import java.util.stream.Stream;
-
 import static org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers.pathMatchers;

 /**
@ -131,8 +133,7 @@ public class WebSecurityConfig {
        return http
                .securityContextRepository(contextRepository())
                .authorizeExchange()
-                .pathMatchers(Stream.concat(Stream.of(properties.getAllowUris()), Stream.of("/api/logout", "/api/login"))
-                        .toArray(String[]::new)).permitAll()
+                .pathMatchers(ArrayUtils.addAll(properties.getAllowUris(), "/api/logout", "/api/login")).permitAll()
                .pathMatchers("/api/users/**").authenticated()
                .anyExchange().authenticated()
                .and()
@ -144,9 +145,13 @@ public class WebSecurityConfig {
                .logoutUrl("/api/logout")
                .logoutSuccessHandler(new JsonLogoutSuccessHandler(authenticationAuditor, tokenProvider))
                .and()
+                .exceptionHandling()
+                .authenticationEntryPoint(new HttpStatusServerEntryPoint(HttpStatus.UNAUTHORIZED))
+                .accessDeniedHandler(new HttpStatusServerAccessDeniedHandler(HttpStatus.UNAUTHORIZED))
+                .and()
                .csrf().disable()
                .addFilterAt(
-                        configure(properties, authenticationManager, authenticationAuditor, authenticationConverter),
+                        configure(authenticationManager, authenticationAuditor, authenticationConverter),
                        SecurityWebFiltersOrder.FORM_LOGIN)
                .build();
    }
@ -192,14 +197,12 @@ public class WebSecurityConfig {
    /**
     * 配置登录相关参数
     *
-     * @param properties              安全属性
     * @param authenticationAuditor   审计器
     * @param authenticationConverter 转换器
     * @param authenticationManager   鉴权管理器
     * @return 结果
     */
-    private AuthenticationWebFilter configure(SecurityProperties properties,
-                                              ReactiveAuthenticationManager authenticationManager,
+    private AuthenticationWebFilter configure(ReactiveAuthenticationManager authenticationManager,
                                              AuthenticationAuditor authenticationAuditor,
                                              ServerAuthenticationConverter authenticationConverter) {
        AuthenticationWebFilter authenticationFilter = new AuthenticationWebFilter(authenticationManager);