Home Explore Help
Register Sign In
Amoy2
/
wlyy2.0
Watch 5
Star 1
Fork 18
Files Issues 0 Pull Requests 0 Wiki
Browse Source

网关

Progr1mmer 6 years ago
parent
e82792e56b
commit
0f41ab1a1b
2 changed files with 157 additions and 0 deletions
Split View Show Diff Stats
  1. 22 0
      gateway/basic-gateway/src/main/java/com/yihu/gateway/config/WebSecurityConfig.java
  2. 135 0
      gateway/basic-gateway/src/main/java/com/yihu/gateway/filter/BasicZuulFilter.java

+ 22 - 0
gateway/basic-gateway/src/main/java/com/yihu/gateway/config/WebSecurityConfig.java
View File 

@ -0,0 +1,22 @@
 
package com.yihu.gateway.config;
 
import org.springframework.boot.autoconfigure.security.SecurityProperties;
 
import org.springframework.context.annotation.Configuration;
 
import org.springframework.core.annotation.Order;
 
import org.springframework.security.config.annotation.web.builders.WebSecurity;
 
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 
/**
 
 * Created by progr1mmer on 2017/9/27.
 
 */
 
@Configuration
 
@EnableWebSecurity
 
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
 
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
    @Override
 
    public void configure(WebSecurity web) throws Exception {
 
        web.ignoring().antMatchers("/**");
 
    }
 
}

+ 135 - 0
gateway/basic-gateway/src/main/java/com/yihu/gateway/filter/BasicZuulFilter.java
View File 

@ -0,0 +1,135 @@
 
//package com.yihu.gateway.filter;
 
//
 
//import com.fasterxml.jackson.databind.ObjectMapper;
 
//import com.netflix.zuul.ZuulFilter;
 
//import com.netflix.zuul.context.RequestContext;
 
//import com.yihu.ehr.util.rest.Envelop;
 
//import org.slf4j.Logger;
 
//import org.slf4j.LoggerFactory;
 
//import org.springframework.beans.factory.annotation.Autowired;
 
//import org.springframework.context.annotation.Bean;
 
//import org.springframework.context.annotation.Primary;
 
//import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
 
//import org.springframework.http.HttpStatus;
 
//import org.springframework.security.oauth2.common.OAuth2AccessToken;
 
//import org.springframework.security.oauth2.provider.token.TokenStore;
 
//import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
 
//import org.springframework.stereotype.Component;
 
//
 
//import javax.servlet.http.HttpServletRequest;
 
//import java.io.IOException;
 
//
 
///**
 
// * Created by progr1mmer on 2017/12/27
 
// */
 
//@Component
 
//public class BasicZuulFilter extends ZuulFilter {
 
//
 
//    private static final Logger logger = LoggerFactory.getLogger(BasicZuulFilter.class);
 
//    private static final String ACCESS_TOKEN_PARAMETER = "token";
 
//
 
//    @Autowired
 
//    private ObjectMapper objectMapper;
 
//    @Autowired
 
//    private TokenStore tokenStore;
 
//
 
//    @Override
 
//    public String filterType() {
 
//        return "pre";
 
//    }
 
//
 
//    @Override
 
//    public int filterOrder() {
 
//        return 0;
 
//    }
 
//
 
//    @Override
 
//    public boolean shouldFilter() {
 
//        return true;
 
//    }
 
//
 
//    @Override
 
//    public Object run() {
 
//        RequestContext ctx = RequestContext.getCurrentContext();
 
//        HttpServletRequest request = ctx.getRequest();
 
//        String url = request.getRequestURI();
 
//        //内部微服务有不需要认证的地址请在URL上追加/open/来进行过滤,如/api/v1.0/open/**,不要在此继续追加!!!
 
//        if (url.contains("/authentication/")
 
//                || url.contains("/file/")
 
//                || url.contains("/open/")
 
//                || url.contains("/jkzl/")
 
//                || url.contains("/fzGateway/")
 
//                || url.contains("/usersOfApp")
 
//                || url.contains("/users/h5/handshake")
 
//                || url.contains("/appVersion/getAppVersion")
 
//                || url.contains("/messageTemplate/messageOrderPush")
 
//                || url.contains("/account/")) {
 
//            return true;
 
//        }
 
//        return this.authenticate(ctx, request, url);
 
//    }
 
//
 
//    private Object authenticate(RequestContext ctx, HttpServletRequest request, String path) {
 
//        String accessToken = this.extractToken(request);
 
//        if (null == accessToken) {
 
//            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "token can not be null");
 
//        }
 
//        OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(accessToken);
 
//        if (null == oAuth2AccessToken) {
 
//            return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token");
 
//        }
 
//        if (oAuth2AccessToken.isExpired()) {
 
//            return this.forbidden(ctx, HttpStatus.PAYMENT_REQUIRED.value(), "expired token"); //返回402 登陆过期
 
//        }
 
//        //将token的认证信息附加到请求中,转发给下游微服务
 
//        /*OAuth2Authentication auth = tokenStore.readAuthentication(accessToken);
 
//        ctx.addZuulRequestHeader("x-auth-name", auth.getName());*/
 
//        //以下代码取消注释可开启Oauth2应用资源授权验证
 
//        /*Set<String> resourceIds = auth.getOAuth2Request().getResourceIds();
 
//        for (String resourceId : resourceIds) {
 
//            if (resourceId.equals("*")) {
 
//                return true;
 
//            }
 
//            if (!resourceId.startsWith("/")) {
 
//                resourceId = "/" + resourceId;
 
//            }
 
//            path = path.toLowerCase();
 
//            if (path.startsWith(resourceId)
 
//                    && (path.length() == resourceId.length() || path.charAt(resourceId.length()) == '/')) {
 
//                return true;
 
//            }
 
//        }
 
//        return this.forbidden(ctx, HttpStatus.FORBIDDEN.value(), "invalid token does not contain request resource " + path);*/
 
//        return true;
 
//    }
 
//
 
//    private String extractToken(HttpServletRequest request) {
 
//        String accessToken = request.getHeader(ACCESS_TOKEN_PARAMETER);
 
//        if (null == accessToken) {
 
//            accessToken = request.getParameter(ACCESS_TOKEN_PARAMETER);
 
//        }
 
//        return accessToken;
 
//    }
 
//
 
//    private Object forbidden(RequestContext requestContext, int status, String errorMsg) {
 
//        requestContext.setSendZuulResponse(false);
 
//        Envelop envelop = new Envelop();
 
//        envelop.setErrorCode(status);
 
//        envelop.setErrorMsg(errorMsg);
 
//        try {
 
//            requestContext.setResponseStatusCode(status);
 
//            requestContext.getResponse().getWriter().write(objectMapper.writeValueAsString(envelop));
 
//        } catch (IOException e) {
 
//            requestContext.setResponseStatusCode(HttpStatus.INTERNAL_SERVER_ERROR.value());
 
//            logger.error(e.getMessage());
 
//        }
 
//        return false;
 
//    }
 
//
 
//    @Bean
 
//    @Primary
 
//    public RedisTokenStore redisTokenStore(JedisConnectionFactory jedisConnectionFactory) {
 
//        return new RedisTokenStore(jedisConnectionFactory);
 
//    }
 
//
 
//}