Home Explore Help
Sign In
uskycloud
/
usky-cloud
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

网关验证码过滤器添加放行校验

RuoYi 4 years ago
parent
085e6631c6
commit
57723b9ca1
4 changed files with 26 additions and 41 deletions
Split View Show Diff Stats
  1. 5 0
      ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java
  2. 4 6
      ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
  3. 0 33
      ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreClientProperties.java
  4. 17 2
      ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java

+ 5 - 0
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java
View File 

@@ -7,6 +7,11 @@ package com.ruoyi.common.core.constant;
 
  */

 public class SecurityConstants

 {

+    /**

+     * 令牌类型

+     */

+    public static final String BEARER_TOKEN_TYPE = "Bearer";

+

     /**

      * 授权token url

      */

+ 4 - 6
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
View File 

@@ -1,10 +1,12 @@
 
 package com.ruoyi.common.security.feign;

 

+import org.springframework.http.HttpHeaders;

 import org.springframework.security.core.Authentication;

 import org.springframework.security.core.context.SecurityContext;

 import org.springframework.security.core.context.SecurityContextHolder;

 import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;

 import org.springframework.stereotype.Component;

+import com.ruoyi.common.core.constant.SecurityConstants;

 import feign.RequestInterceptor;

 import feign.RequestTemplate;

 

@@ -16,10 +18,6 @@ import feign.RequestTemplate;
 
 @Component

 public class OAuth2FeignRequestInterceptor implements RequestInterceptor

 {

-    private final String AUTHORIZATION_HEADER = "Authorization";

-

-    private final String BEARER_TOKEN_TYPE = "Bearer";

-

     @Override

     public void apply(RequestTemplate requestTemplate)

     {

@@ -28,8 +26,8 @@ public class OAuth2FeignRequestInterceptor implements RequestInterceptor
 
         if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails)

         {

             OAuth2AuthenticationDetails dateils = (OAuth2AuthenticationDetails) authentication.getDetails();

-            requestTemplate.header(AUTHORIZATION_HEADER,

-                    String.format("%s %s", BEARER_TOKEN_TYPE, dateils.getTokenValue()));

+            requestTemplate.header(HttpHeaders.AUTHORIZATION,

+                    String.format("%s %s", SecurityConstants.BEARER_TOKEN_TYPE, dateils.getTokenValue()));

         }

     }

 }

+ 0 - 33
ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreClientProperties.java
View File 

@@ -1,33 +0,0 @@
 
-package com.ruoyi.gateway.config.properties;

-

-import java.util.ArrayList;

-import java.util.List;

-import org.springframework.boot.context.properties.ConfigurationProperties;

-import org.springframework.cloud.context.config.annotation.RefreshScope;

-import org.springframework.context.annotation.Configuration;

-

-/**

- * 放行终端配置

- * 

- * @author ruoyi

- */

-@Configuration

-@RefreshScope

-@ConfigurationProperties(prefix = "ignore")

-public class IgnoreClientProperties

-{

-    /**

-     * 放行终端配置,网关不校验此处的终端

-     */

-    private List<String> clients = new ArrayList<>();

-

-    public List<String> getClients()

-    {

-        return clients;

-    }

-

-    public void setClients(List<String> clients)

-    {

-        this.clients = clients;

-    }

-}

+ 17 - 2
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
View File 

@@ -3,6 +3,7 @@ package com.ruoyi.gateway.filter;
 
 import org.springframework.beans.factory.annotation.Autowired;

 import org.springframework.cloud.gateway.filter.GatewayFilter;

 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;

+import org.springframework.http.HttpHeaders;

 import org.springframework.http.server.reactive.ServerHttpRequest;

 import org.springframework.http.server.reactive.ServerHttpResponse;

 import org.springframework.stereotype.Component;

@@ -25,6 +26,12 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
 
     @Autowired

     private ValidateCodeService validateCodeService;

 

+    private static final String BASIC_ = "Basic ";

+

+    private static final String CODE = "code";

+

+    private static final String UUID = "uuid";

+

     @Override

     public GatewayFilter apply(Object config)

     {

@@ -36,10 +43,18 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
 
             {

                 return chain.filter(exchange);

             }

+

+            // 消息头存在内容,且不存在验证码参数,不处理

+            String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);

+            if (StringUtils.isNotEmpty(header) && StringUtils.startsWith(header, BASIC_)

+                    && !request.getQueryParams().containsKey(CODE) && !request.getQueryParams().containsKey(UUID))

+            {

+                return chain.filter(exchange);

+            }

             try

             {

-                validateCodeService.checkCapcha(request.getQueryParams().getFirst("code"),

-                        request.getQueryParams().getFirst("uuid"));

+                validateCodeService.checkCapcha(request.getQueryParams().getFirst(CODE),

+                        request.getQueryParams().getFirst(UUID));

             }

             catch (Exception e)

             {