登陆请求直接放行

gateway-service/src/main/java/com/hungraim/ltc/gateway/config/ResourceServerConfig.java

@@ -38,78 +38,78 @@ import java.nio.charset.StandardCharsets;
 @EnableWebFluxSecurity
 public class ResourceServerConfig {
 
-  private final AuthorizationManager authorizationManager;
+    private final AuthorizationManager authorizationManager;
 
 
-  @Autowired
-  public ResourceServerConfig(AuthorizationManager authorizationManager) {
-    this.authorizationManager = authorizationManager;
-  }
+    @Autowired
+    public ResourceServerConfig(AuthorizationManager authorizationManager) {
+        this.authorizationManager = authorizationManager;
+    }
 
-  @Bean
-  public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
-    http.oauth2ResourceServer().jwt()
-      .jwtAuthenticationConverter(jwtAuthenticationConverter());
-    http.authorizeExchange()
-      .pathMatchers("**/oauth/token").permitAll()
-      .anyExchange().access(authorizationManager)
-      .and()
-      .exceptionHandling()
-      // 处理未授权
-      .accessDeniedHandler(accessDeniedHandler())
-      //处理未认证
-      .authenticationEntryPoint(authenticationEntryPoint())
-      .and().csrf().disable();
+    @Bean
+    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
+        http.oauth2ResourceServer().jwt()
+            .jwtAuthenticationConverter(jwtAuthenticationConverter());
+        http.authorizeExchange()
+            .pathMatchers("/oauth/token").permitAll()
+            .anyExchange().access(authorizationManager)
+            .and()
+            .exceptionHandling()
+            // 处理未授权
+            .accessDeniedHandler(accessDeniedHandler())
+            //处理未认证
+            .authenticationEntryPoint(authenticationEntryPoint())
+            .and().csrf().disable();
 
-    return http.build();
-  }
+        return http.build();
+    }
 
-  /**
-   * 未授权
-   */
-  @SuppressWarnings("unchecked")
-  @Bean
-  ServerAccessDeniedHandler accessDeniedHandler() {
-    return (exchange, denied) -> Mono.defer(() -> Mono.just(exchange.getResponse()))
-      .flatMap(response -> ResourceServerConfig.writeFailedToResponse(response, ResultCode.ACCESS_UNAUTHORIZED));
-  }
+    /**
+     * 未授权
+     */
+    @SuppressWarnings("unchecked")
+    @Bean
+    ServerAccessDeniedHandler accessDeniedHandler() {
+        return (exchange, denied) -> Mono.defer(() -> Mono.just(exchange.getResponse()))
+            .flatMap(response -> ResourceServerConfig.writeFailedToResponse(response, ResultCode.ACCESS_UNAUTHORIZED));
+    }
 
-  /**
-   * token无效或者已过期自定义响应
-   */
-  @SuppressWarnings("unchecked")
-  @Bean
-  ServerAuthenticationEntryPoint authenticationEntryPoint() {
-    return (exchange, e) -> Mono.defer(() -> Mono.just(exchange.getResponse()))
-      .flatMap(response -> ResourceServerConfig.writeFailedToResponse(response, ResultCode.TOKEN_INVALID_OR_EXPIRED));
-  }
+    /**
+     * token无效或者已过期自定义响应
+     */
+    @SuppressWarnings("unchecked")
+    @Bean
+    ServerAuthenticationEntryPoint authenticationEntryPoint() {
+        return (exchange, e) -> Mono.defer(() -> Mono.just(exchange.getResponse()))
+            .flatMap(response -> ResourceServerConfig.writeFailedToResponse(response, ResultCode.TOKEN_INVALID_OR_EXPIRED));
+    }
 
-  /**
-   * @link https://blog.csdn.net/qq_24230139/article/details/105091273
-   * ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
-   * 需要把jwt的Claim中的authorities加入
-   * 方案：重新定义权限管理器，默认转换器JwtGrantedAuthoritiesConverter
-   */
-  @Bean
-  public Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter() {
-    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
-    jwtGrantedAuthoritiesConverter.setAuthorityPrefix(AuthConstants.AUTHORITY_PREFIX);
-    jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName(AuthConstants.JWT_AUTHORITIES_KEY);
+    /**
+     * @link https://blog.csdn.net/qq_24230139/article/details/105091273
+     * ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
+     * 需要把jwt的Claim中的authorities加入
+     * 方案：重新定义权限管理器，默认转换器JwtGrantedAuthoritiesConverter
+     */
+    @Bean
+    public Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter() {
+        JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+        jwtGrantedAuthoritiesConverter.setAuthorityPrefix(AuthConstants.AUTHORITY_PREFIX);
+        jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName(AuthConstants.JWT_AUTHORITIES_KEY);
 
-    JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
-    jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter);
-    return new ReactiveJwtAuthenticationConverterAdapter(jwtAuthenticationConverter);
-  }
+        JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
+        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter);
+        return new ReactiveJwtAuthenticationConverterAdapter(jwtAuthenticationConverter);
+    }
 
 
-  public static Mono writeFailedToResponse(ServerHttpResponse response, ResultCode resultCode){
-    response.setStatusCode(HttpStatus.OK);
-    response.getHeaders().set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
-    response.getHeaders().set("Access-Control-Allow-Origin", "*");
-    response.getHeaders().set("Cache-Control", "no-cache");
-    String body = JSONUtil.toJsonStr(Result.failed(resultCode));
-    DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
-    return response.writeWith(Mono.just(buffer))
-      .doOnError(error -> DataBufferUtils.release(buffer));
-  }
+    public static Mono writeFailedToResponse(ServerHttpResponse response, ResultCode resultCode) {
+        response.setStatusCode(HttpStatus.OK);
+        response.getHeaders().set(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
+        response.getHeaders().set("Access-Control-Allow-Origin", "*");
+        response.getHeaders().set("Cache-Control", "no-cache");
+        String body = JSONUtil.toJsonStr(Result.failed(resultCode));
+        DataBuffer buffer = response.bufferFactory().wrap(body.getBytes(StandardCharsets.UTF_8));
+        return response.writeWith(Mono.just(buffer))
+            .doOnError(error -> DataBufferUtils.release(buffer));
+    }
 }