3 年前 · 4a19e4b67d
--- a/src/main/java/com/inspur/smsb/gateway/config/AuthorizationManager.java
+++ b/src/main/java/com/inspur/smsb/gateway/config/AuthorizationManager.java
@@ -31,7 +31,6 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
 
				         // todo 资源权限角色关系列表,需要初始化到容器中
			
 
				         Map<Object, Object> resourceRolesMap = new HashMap<>();
			
 
				         resourceRolesMap.put("/token/**","force");
			
 
				-        resourceRolesMap.put("/**/orchestration/calendarRelease/**","delete-force");
			
 
				         Iterator<Object> iterator = resourceRolesMap.keySet().iterator();
			
 
				         List<String> authorities = new ArrayList<>();
			
 
				         while (iterator.hasNext()) {
			
@@ -45,6 +44,9 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
 
				             .flatMapIterable(Authentication::getAuthorities)
			
 
				             .map(GrantedAuthority::getAuthority)
			
 
				             .any(roleId -> {
			
 
				+                log.info("访问路径：{}", path);
			
 
				+                log.info("用户角色roleId：{}", roleId);
			
 
				+                log.info("资源需要权限authorities：{}", authorities);
			
 
				                 return authorities.contains(roleId);
			
 
				             })
			
 
				             .map(AuthorizationDecision::new)
			
--- a/src/main/java/com/inspur/smsb/gateway/config/ResourceServerConfig.java
+++ b/src/main/java/com/inspur/smsb/gateway/config/ResourceServerConfig.java
@@ -32,7 +32,7 @@ public class ResourceServerConfig {
 
				         http.oauth2ResourceServer().jwt()
			
 
				             .jwtAuthenticationConverter(jwtAuthenticationConverter());
			
 
				         http.authorizeExchange()
			
 
				-            .pathMatchers("").permitAll()
			
 
				+            .pathMatchers("/**").permitAll() // todo 增加白名单
			
 
				             .anyExchange().access(authorizationManager)
			
 
				             .and()
			
 
				             .exceptionHandling()
			
--- a/src/main/resources/bootstrap.yml
+++ b/src/main/resources/bootstrap.yml
@@ -4,8 +4,6 @@ server:
 
				 spring:
			
 
				   application:
			
 
				     name: smsb-gateway
			
 
				-  profiles:
			
 
				-    active: test
			
 
				   cloud:
			
 
				     nacos:
			
 
				       server-addr: 10.180.88.84:8060
			
@@ -14,7 +12,3 @@ spring:
 
				       config:
			
 
				         file-extension: yml
			
 
				         refresh-enabled: true
			
 
				-        namespace: 1365e7bc-51b7-44fe-a902-7327e4c9ed4a
			
 
				-      discovery:
			
 
				-        namespace: 1365e7bc-51b7-44fe-a902-7327e4c9ed4a
			
 
				-