mirror of https://gitee.com/maxjhandsome/pig
✨ pig-common-security Code optimization remove @ComponentScan.
This commit is contained in:
如梦技术
parent
dc4700a13c
commit
c1fc58bade
|
|
@ -17,7 +17,9 @@
|
||||||
package com.pig4cloud.pig.common.security.annotation;
|
package com.pig4cloud.pig.common.security.annotation;
|
||||||
|
|
||||||
import com.pig4cloud.pig.common.security.component.PigResourceServerAutoConfiguration;
|
import com.pig4cloud.pig.common.security.component.PigResourceServerAutoConfiguration;
|
||||||
|
import com.pig4cloud.pig.common.security.component.PigResourceServerTokenRelayAutoConfiguration;
|
||||||
import com.pig4cloud.pig.common.security.component.PigSecurityBeanDefinitionRegistrar;
|
import com.pig4cloud.pig.common.security.component.PigSecurityBeanDefinitionRegistrar;
|
||||||
|
import com.pig4cloud.pig.common.security.feign.PigFeignClientConfiguration;
|
||||||
import org.springframework.context.annotation.Import;
|
import org.springframework.context.annotation.Import;
|
||||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||||
|
|
@ -36,7 +38,8 @@ import java.lang.annotation.*;
|
||||||
@Target({ ElementType.TYPE })
|
@Target({ ElementType.TYPE })
|
||||||
@Retention(RetentionPolicy.RUNTIME)
|
@Retention(RetentionPolicy.RUNTIME)
|
||||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||||
@Import({ PigResourceServerAutoConfiguration.class, PigSecurityBeanDefinitionRegistrar.class })
|
@Import({ PigResourceServerAutoConfiguration.class, PigSecurityBeanDefinitionRegistrar.class,
|
||||||
|
PigResourceServerTokenRelayAutoConfiguration.class, PigFeignClientConfiguration.class })
|
||||||
public @interface EnablePigResourceServer {
|
public @interface EnablePigResourceServer {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -17,11 +17,9 @@
|
||||||
package com.pig4cloud.pig.common.security.component;
|
package com.pig4cloud.pig.common.security.component;
|
||||||
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
import org.springframework.util.PatternMatchUtils;
|
import org.springframework.util.PatternMatchUtils;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
|
|
@ -31,8 +29,6 @@ import java.util.Collection;
|
||||||
* @author lengleng
|
* @author lengleng
|
||||||
* @date 2019/2/1 接口权限判断工具
|
* @date 2019/2/1 接口权限判断工具
|
||||||
*/
|
*/
|
||||||
@Slf4j
|
|
||||||
@Component("pms")
|
|
||||||
public class PermissionService {
|
public class PermissionService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,6 @@ import org.springframework.beans.factory.InitializingBean;
|
||||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
import org.springframework.context.ApplicationContext;
|
import org.springframework.context.ApplicationContext;
|
||||||
import org.springframework.context.ApplicationContextAware;
|
import org.springframework.context.ApplicationContextAware;
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.core.annotation.AnnotationUtils;
|
import org.springframework.core.annotation.AnnotationUtils;
|
||||||
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.method.HandlerMethod;
|
||||||
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
||||||
|
|
@ -46,7 +45,6 @@ import java.util.regex.Pattern;
|
||||||
* 资源服务器对外直接暴露URL,如果设置contex-path 要特殊处理
|
* 资源服务器对外直接暴露URL,如果设置contex-path 要特殊处理
|
||||||
*/
|
*/
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@ConfigurationProperties(prefix = "security.oauth2.ignore")
|
@ConfigurationProperties(prefix = "security.oauth2.ignore")
|
||||||
public class PermitAllUrlProperties implements InitializingBean, ApplicationContextAware {
|
public class PermitAllUrlProperties implements InitializingBean, ApplicationContextAware {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,6 @@ import com.pig4cloud.pig.common.core.util.R;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.access.AccessDeniedException;
|
import org.springframework.security.access.AccessDeniedException;
|
||||||
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
|
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
|
||||||
|
|
||||||
|
|
@ -41,7 +40,6 @@ import java.io.PrintWriter;
|
||||||
* @author lengleng 授权拒绝处理器,覆盖默认的OAuth2AccessDeniedHandler 包装失败信息到PigDeniedException
|
* @author lengleng 授权拒绝处理器,覆盖默认的OAuth2AccessDeniedHandler 包装失败信息到PigDeniedException
|
||||||
*/
|
*/
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
public class PigAccessDeniedHandler extends OAuth2AccessDeniedHandler {
|
public class PigAccessDeniedHandler extends OAuth2AccessDeniedHandler {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -16,8 +16,6 @@
|
||||||
|
|
||||||
package com.pig4cloud.pig.common.security.component;
|
package com.pig4cloud.pig.common.security.component;
|
||||||
|
|
||||||
import lombok.RequiredArgsConstructor;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor;
|
import org.springframework.security.oauth2.provider.authentication.BearerTokenExtractor;
|
||||||
import org.springframework.util.AntPathMatcher;
|
import org.springframework.util.AntPathMatcher;
|
||||||
|
|
@ -31,14 +29,17 @@ import javax.servlet.http.HttpServletRequest;
|
||||||
* @author caiqy
|
* @author caiqy
|
||||||
* @date 2020.05.15
|
* @date 2020.05.15
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@RequiredArgsConstructor
|
|
||||||
public class PigBearerTokenExtractor extends BearerTokenExtractor {
|
public class PigBearerTokenExtractor extends BearerTokenExtractor {
|
||||||
|
|
||||||
private final PathMatcher pathMatcher = new AntPathMatcher();
|
private final PathMatcher pathMatcher;
|
||||||
|
|
||||||
private final PermitAllUrlProperties urlProperties;
|
private final PermitAllUrlProperties urlProperties;
|
||||||
|
|
||||||
|
public PigBearerTokenExtractor(PermitAllUrlProperties urlProperties) {
|
||||||
|
this.urlProperties = urlProperties;
|
||||||
|
this.pathMatcher = new AntPathMatcher();
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Authentication extract(HttpServletRequest request) {
|
public Authentication extract(HttpServletRequest request) {
|
||||||
boolean match = urlProperties.getUrls().stream()
|
boolean match = urlProperties.getUrls().stream()
|
||||||
|
|
|
||||||
|
|
@ -16,11 +16,11 @@
|
||||||
|
|
||||||
package com.pig4cloud.pig.common.security.component;
|
package com.pig4cloud.pig.common.security.component;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
|
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||||
import org.springframework.cloud.client.loadbalancer.LoadBalanced;
|
import org.springframework.cloud.client.loadbalancer.LoadBalanced;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.ComponentScan;
|
|
||||||
import org.springframework.context.annotation.Primary;
|
import org.springframework.context.annotation.Primary;
|
||||||
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpHeaders;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
|
|
@ -35,10 +35,29 @@ import java.util.Collections;
|
||||||
* @author lengleng
|
* @author lengleng
|
||||||
* @date 2020-06-23
|
* @date 2020-06-23
|
||||||
*/
|
*/
|
||||||
@ConfigurationPropertiesScan
|
@EnableConfigurationProperties(PermitAllUrlProperties.class)
|
||||||
@ComponentScan("com.pig4cloud.pig.common.security")
|
|
||||||
public class PigResourceServerAutoConfiguration {
|
public class PigResourceServerAutoConfiguration {
|
||||||
|
|
||||||
|
@Bean("pms")
|
||||||
|
public PermissionService permissionService() {
|
||||||
|
return new PermissionService();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public PigAccessDeniedHandler pigAccessDeniedHandler(ObjectMapper objectMapper) {
|
||||||
|
return new PigAccessDeniedHandler(objectMapper);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public PigBearerTokenExtractor pigBearerTokenExtractor(PermitAllUrlProperties urlProperties) {
|
||||||
|
return new PigBearerTokenExtractor(urlProperties);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint(ObjectMapper objectMapper) {
|
||||||
|
return new ResourceAuthExceptionEntryPoint(objectMapper);
|
||||||
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
@Primary
|
@Primary
|
||||||
@LoadBalanced
|
@LoadBalanced
|
||||||
|
|
|
||||||
|
|
@ -25,7 +25,6 @@ import org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfigur
|
||||||
import org.springframework.cloud.commons.security.AccessTokenContextRelay;
|
import org.springframework.cloud.commons.security.AccessTokenContextRelay;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Conditional;
|
import org.springframework.context.annotation.Conditional;
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration;
|
||||||
|
|
@ -36,7 +35,6 @@ import java.lang.annotation.*;
|
||||||
* @author lengleng
|
* @author lengleng
|
||||||
* @date 2019/2/1 注入AccessTokenContextRelay 解决feign 传递token 为空问题
|
* @date 2019/2/1 注入AccessTokenContextRelay 解决feign 传递token 为空问题
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@AutoConfigureAfter(OAuth2AutoConfiguration.class)
|
@AutoConfigureAfter(OAuth2AutoConfiguration.class)
|
||||||
@ConditionalOnWebApplication
|
@ConditionalOnWebApplication
|
||||||
@ConditionalOnProperty("security.oauth2.client.client-id")
|
@ConditionalOnProperty("security.oauth2.client.client-id")
|
||||||
|
|
|
||||||
|
|
@ -22,8 +22,6 @@ import com.pig4cloud.pig.common.core.constant.CommonConstants;
|
||||||
import com.pig4cloud.pig.common.core.util.R;
|
import com.pig4cloud.pig.common.core.util.R;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.AuthenticationException;
|
||||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||||
|
|
||||||
|
|
@ -35,8 +33,6 @@ import java.io.PrintWriter;
|
||||||
* @author lengleng
|
* @author lengleng
|
||||||
* @date 2019/2/1 客户端异常处理 1. 可以根据 AuthenticationException 不同细化异常处理
|
* @date 2019/2/1 客户端异常处理 1. 可以根据 AuthenticationException 不同细化异常处理
|
||||||
*/
|
*/
|
||||||
@Slf4j
|
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
public class ResourceAuthExceptionEntryPoint implements AuthenticationEntryPoint {
|
public class ResourceAuthExceptionEntryPoint implements AuthenticationEntryPoint {
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -20,7 +20,6 @@ import feign.RequestInterceptor;
|
||||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
|
||||||
import org.springframework.cloud.commons.security.AccessTokenContextRelay;
|
import org.springframework.cloud.commons.security.AccessTokenContextRelay;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
||||||
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
|
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
|
||||||
|
|
||||||
|
|
@ -28,7 +27,6 @@ import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResour
|
||||||
* @author lengleng
|
* @author lengleng
|
||||||
* @date 2019/2/1 feign 拦截器传递 header 中oauth token, 使用hystrix 的信号量模式
|
* @date 2019/2/1 feign 拦截器传递 header 中oauth token, 使用hystrix 的信号量模式
|
||||||
*/
|
*/
|
||||||
@Configuration(proxyBeanMethods = false)
|
|
||||||
@ConditionalOnProperty("security.oauth2.client.client-id")
|
@ConditionalOnProperty("security.oauth2.client.client-id")
|
||||||
public class PigFeignClientConfiguration {
|
public class PigFeignClientConfiguration {
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue