Home Explore Help
Register Sign In
lihao16
/
smsb-gateway-84
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

fix: whitelist鉴权调整

lijiaqi 1 year ago
parent
5e17a44b78
commit
ee19e464d0
2 changed files with 7 additions and 10 deletions
Split View Show Diff Stats
  1. 3 3
      src/main/java/com/inspur/smsb/gateway/config/AuthorizationManager.java
  2. 4 7
      src/main/java/com/inspur/smsb/gateway/config/WhiteListChecker.java

+ 3 - 3
src/main/java/com/inspur/smsb/gateway/config/AuthorizationManager.java
View File 

@@ -31,7 +31,7 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
 
     private PathRolesMap pathRolesMap;
 
 
     @Resource
 
-    private UrlAuthorizationDecision urlAuthorizationDecision;
 
+    private WhiteListChecker whiteListChecker;
 
 
     @Override
 
     public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
 
@@ -45,13 +45,13 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
 
             }
 
         });
 
         return mono
 
-            .filter(Authentication::isAuthenticated)
 
+            .filter(authentication -> authentication.isAuthenticated() || whiteListChecker.check(path))
 
             .flatMapIterable(Authentication::getAuthorities)
 
             .map(GrantedAuthority::getAuthority)
 
             .any(roleId -> {
 
                 return CollectionUtils.isEmpty(authorities)?Boolean.TRUE:authorities.contains(roleId);
 
             })
 
-            .map(auth -> new AuthorizationDecision(urlAuthorizationDecision.check(path)))
 
+            .map(AuthorizationDecision::new)
 
             .defaultIfEmpty(new AuthorizationDecision(false));
 
     }
 
 }

+ 4 - 7
src/main/java/com/inspur/smsb/gateway/config/UrlAuthorizationDecision.java → src/main/java/com/inspur/smsb/gateway/config/WhiteListChecker.java
View File 

@@ -1,10 +1,7 @@
 
 package com.inspur.smsb.gateway.config;
 
 
-import org.springframework.beans.factory.annotation.Value;
 
+import lombok.Setter;
 
 import org.springframework.boot.context.properties.ConfigurationProperties;
 
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
 
-import org.springframework.context.annotation.Configuration;
 
-import org.springframework.scheduling.annotation.EnableScheduling;
 
 import org.springframework.stereotype.Component;
 
 import org.springframework.util.AntPathMatcher;
 
 
@@ -14,14 +11,14 @@ import java.util.List;
 
  * @author lijiaqi
 
  * @date 2024-05-28 15:03
 
  */
 
-@EnableConfigurationProperties
 
-@Configuration
 
+@Component
 
 @ConfigurationProperties(prefix = "authorization")
 
-public class UrlAuthorizationDecision {
 
+public class WhiteListChecker {
 
 
     /**
 
      * 路径白名单
 
      */
 
+    @Setter
 
     private List<String> whiteList;
 
 
     private final AntPathMatcher antPathMatcher = new AntPathMatcher();