From 8f6049944133c58e56a20ffb2a19529f666cb09a Mon Sep 17 00:00:00 2001
From: "wangiegie@gmail.com" <wangiegie@gmail.com>
Date: Wed, 6 Dec 2017 23:08:26 +0800
Subject: [PATCH] =?UTF-8?q?end:=20anon=E8=AF=B7=E6=B1=82=E9=85=8D=E7=BD=AE?=
 =?UTF-8?q?=E5=8C=96=E3=80=81=E4=B8=83=E7=89=9B=E5=8F=82=E6=95=B0=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/config/QiniuPropertiesConfig.java  | 55 +++++++++++++++++++
 .../pig/admin/controller/UserController.java  | 42 ++++----------
 .../com/github/pig/common/util/UserUtils.java |  8 +--
 .../config/FilterUrlsPropertiesConifg.java    | 27 +++++++++
 .../config/ResourceServerConfiguration.java   | 18 ++++--
 5 files changed, 110 insertions(+), 40 deletions(-)
 create mode 100644 pig-admin-service/src/main/java/com/github/pig/admin/common/config/QiniuPropertiesConfig.java
 create mode 100644 pig-gateway/src/main/java/com/github/pig/gateway/config/FilterUrlsPropertiesConifg.java

diff --git a/pig-admin-service/src/main/java/com/github/pig/admin/common/config/QiniuPropertiesConfig.java b/pig-admin-service/src/main/java/com/github/pig/admin/common/config/QiniuPropertiesConfig.java
new file mode 100644
index 00000000..2a828664
--- /dev/null
+++ b/pig-admin-service/src/main/java/com/github/pig/admin/common/config/QiniuPropertiesConfig.java
@@ -0,0 +1,55 @@
+package com.github.pig.admin.common.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * @author lengleng
+ * @date 2017/12/6
+ * 七牛参数
+ */
+@Configuration
+@ConfigurationProperties(prefix = "qiniu")
+public class QiniuPropertiesConfig {
+    @Value("${qiniu.accessKey}")
+    private String accessKey;
+    @Value("${qiniu.secretKey}")
+    private String secretKey;
+    @Value("${qiniu.bucket}")
+    private String bucket;
+    @Value("${qiniu.host}")
+    private String qiniuHost;
+
+    public String getAccessKey() {
+        return accessKey;
+    }
+
+    public void setAccessKey(String accessKey) {
+        this.accessKey = accessKey;
+    }
+
+    public String getSecretKey() {
+        return secretKey;
+    }
+
+    public void setSecretKey(String secretKey) {
+        this.secretKey = secretKey;
+    }
+
+    public String getBucket() {
+        return bucket;
+    }
+
+    public void setBucket(String bucket) {
+        this.bucket = bucket;
+    }
+
+    public String getQiniuHost() {
+        return qiniuHost;
+    }
+
+    public void setQiniuHost(String qiniuHost) {
+        this.qiniuHost = qiniuHost;
+    }
+}
diff --git a/pig-admin-service/src/main/java/com/github/pig/admin/controller/UserController.java b/pig-admin-service/src/main/java/com/github/pig/admin/controller/UserController.java
index 63a53d4d..70c90475 100644
--- a/pig-admin-service/src/main/java/com/github/pig/admin/controller/UserController.java
+++ b/pig-admin-service/src/main/java/com/github/pig/admin/controller/UserController.java
@@ -2,6 +2,7 @@ package com.github.pig.admin.controller;
 
 import com.baomidou.mybatisplus.mapper.EntityWrapper;
 import com.baomidou.mybatisplus.plugins.Page;
+import com.github.pig.admin.common.config.QiniuPropertiesConfig;
 import com.github.pig.admin.dto.UserDto;
 import com.github.pig.admin.dto.UserInfo;
 import com.github.pig.admin.entity.SysUser;
@@ -13,29 +14,20 @@ import com.github.pig.common.constant.CommonConstant;
 import com.github.pig.common.util.UserUtils;
 import com.github.pig.common.vo.UserVo;
 import com.github.pig.common.web.BaseController;
-import com.google.gson.Gson;
-import com.qiniu.common.QiniuException;
 import com.qiniu.common.Zone;
-import com.qiniu.http.Response;
 import com.qiniu.storage.Configuration;
 import com.qiniu.storage.UploadManager;
-import com.qiniu.storage.model.DefaultPutRet;
 import com.qiniu.util.Auth;
 import com.xiaoleilu.hutool.io.FileUtil;
 import com.xiaoleilu.hutool.util.RandomUtil;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
 import javax.servlet.http.HttpServletRequest;
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -54,6 +46,8 @@ public class UserController extends BaseController {
     private SysUserRoleService sysUserRoleService;
     @Autowired
     private SysMenuService sysMenuService;
+    @Autowired
+    private QiniuPropertiesConfig qiniuPropertiesConfig;
 
 
     /**
@@ -176,35 +170,19 @@ public class UserController extends BaseController {
     @PostMapping("/upload")
     public Map<String, String> upload(@RequestParam("file") MultipartFile file, HttpServletRequest request) {
         String fileExt = FileUtil.extName(file.getOriginalFilename());
-        //构造一个带指定Zone对象的配置类
         Configuration cfg = new Configuration(Zone.zone0());
         UploadManager uploadManager = new UploadManager(cfg);
-        String accessKey = "hM2cBDEM0FTYzpXbigRW90kV12NhhzhFM3jCzurJ";
-        String secretKey = "g0HJr2Ltrs0k6tJDY6pDI2aVMUCPSWZDTROLcFMs";
-        String bucket = "pigcloud";
         String key = RandomUtil.randomUUID() + "." + fileExt;
-        Auth auth = Auth.create(accessKey, secretKey);
-        String upToken = auth.uploadToken(bucket);
+        Auth auth = Auth.create(qiniuPropertiesConfig.getAccessKey(), qiniuPropertiesConfig.getSecretKey());
+        String upToken = auth.uploadToken(qiniuPropertiesConfig.getBucket());
         try {
-            Response response = uploadManager.put(file.getInputStream(), key, upToken, null, null);
-            //解析上传成功的结果
-            DefaultPutRet putRet = new Gson().fromJson(response.bodyString(), DefaultPutRet.class);
-            System.out.println(putRet.key);
-            System.out.println(putRet.hash);
-        } catch (QiniuException ex) {
-            Response r = ex.response;
-            System.err.println(r.toString());
-            try {
-                System.err.println(r.bodyString());
-            } catch (QiniuException ex2) {
-                //ignore
-            }
-        } catch (IOException e) {
-            e.printStackTrace();
+            uploadManager.put(file.getInputStream(), key, upToken, null, null);
+        } catch (Exception e) {
+            logger.error("文件上传异常", e);
+            throw new RuntimeException(e);
         }
-
         Map<String, String> resultMap = new HashMap<>(1);
-        resultMap.put("filename", "http://p0hpm86wj.bkt.clouddn.com/" + key);
+        resultMap.put("filename", qiniuPropertiesConfig.getQiniuHost() + key);
         return resultMap;
     }
 
diff --git a/pig-common/src/main/java/com/github/pig/common/util/UserUtils.java b/pig-common/src/main/java/com/github/pig/common/util/UserUtils.java
index 43dc4824..6e3714ca 100644
--- a/pig-common/src/main/java/com/github/pig/common/util/UserUtils.java
+++ b/pig-common/src/main/java/com/github/pig/common/util/UserUtils.java
@@ -19,7 +19,7 @@ import java.util.Base64;
  */
 public class UserUtils {
     private static Logger logger = LoggerFactory.getLogger(UserUtils.class);
-    private static final ThreadLocal<String> tlUser = new ThreadLocal<String>();
+    private static final ThreadLocal<String> TL_User = new ThreadLocal<>();
     private static final String KEY_USER = "user";
 
 
@@ -77,7 +77,7 @@ public class UserUtils {
      * @param username
      */
     public static void setUser(String username) {
-        tlUser.set(username);
+        TL_User.set(username);
 
         MDC.put(KEY_USER, username);
     }
@@ -88,11 +88,11 @@ public class UserUtils {
      * @return
      */
     public static String getUserName() {
-        return tlUser.get();
+        return TL_User.get();
     }
 
     public static void clearAllUserInfo() {
-        tlUser.remove();
+        TL_User.remove();
         MDC.remove(KEY_USER);
     }
 }
diff --git a/pig-gateway/src/main/java/com/github/pig/gateway/config/FilterUrlsPropertiesConifg.java b/pig-gateway/src/main/java/com/github/pig/gateway/config/FilterUrlsPropertiesConifg.java
new file mode 100644
index 00000000..90f1997b
--- /dev/null
+++ b/pig-gateway/src/main/java/com/github/pig/gateway/config/FilterUrlsPropertiesConifg.java
@@ -0,0 +1,27 @@
+package com.github.pig.gateway.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * @author lengleng
+ * @date 2017/12/6
+ */
+@Configuration
+@ConfigurationProperties(prefix = "filter.urls")
+public class FilterUrlsPropertiesConifg {
+    private List<String> anon = new ArrayList<>();
+
+    public List<String> getAnon() {
+        return anon;
+    }
+
+    public void setAnon(List<String> anon) {
+        this.anon = anon;
+    }
+}
diff --git a/pig-gateway/src/main/java/com/github/pig/gateway/config/ResourceServerConfiguration.java b/pig-gateway/src/main/java/com/github/pig/gateway/config/ResourceServerConfiguration.java
index 2a9f89a2..2a8b2130 100644
--- a/pig-gateway/src/main/java/com/github/pig/gateway/config/ResourceServerConfiguration.java
+++ b/pig-gateway/src/main/java/com/github/pig/gateway/config/ResourceServerConfiguration.java
@@ -1,15 +1,20 @@
 package com.github.pig.gateway.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
 
+import java.util.List;
+import java.util.Set;
+
 /**
  * @author lengleng
  * @date 2017/10/27
@@ -17,15 +22,20 @@ import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurity
 @Configuration
 @EnableResourceServer
 public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
+    @Autowired
+    private FilterUrlsPropertiesConifg filterUrlsPropertiesConifg;
     @Autowired
     private OAuth2WebSecurityExpressionHandler expressionHandler;
 
     @Override
     public void configure(HttpSecurity http) throws Exception {
-        http
-                .authorizeRequests()
-                .antMatchers("/auth/**").permitAll()
-                .anyRequest().access("@permissionService.hasPermission(request,authentication)");
+        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
+                .authorizeRequests();
+        for (String url : filterUrlsPropertiesConifg.getAnon()) {
+            registry.antMatchers(url).permitAll();
+        }
+        registry.anyRequest()
+                .access("@permissionService.hasPermission(request,authentication)");
     }
 
     @Override