⬆️ Upgrading dependencies. 是配置 springboot 3.1.2

2024-12-31 08:14:18 +08:00 · 2023-07-21 22:22:42 +08:00 · 2023-07-21 22:22:42 +08:00 · ae5405bbf6
commit ae5405bbf6
parent 58d09be7ab
2 changed files with 13 additions and 4 deletions
--- a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java
+++ b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/AuthorizationServerConfiguration.java
@ -44,6 +44,7 @@ import org.springframework.security.oauth2.server.authorization.web.authenticati
 import org.springframework.security.web.DefaultSecurityFilterChain;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.AuthenticationConverter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

 import java.util.Arrays;

@ -73,9 +74,13 @@ public class AuthorizationServerConfiguration {
 			.authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint// 授权码端点个性化confirm页面
 				.consentPage(SecurityConstants.CUSTOM_CONSENT_PAGE_URI)));

+		AntPathRequestMatcher[] requestMatchers = new AntPathRequestMatcher[] {
+				AntPathRequestMatcher.antMatcher("/token/**"), AntPathRequestMatcher.antMatcher("/actuator/**"),
+				AntPathRequestMatcher.antMatcher("/css/**"), AntPathRequestMatcher.antMatcher("/error") };
+
 		http.authorizeHttpRequests(authorizeRequests -> {
 			// 自定义接口、端点暴露
-			authorizeRequests.requestMatchers("/token/**", "/actuator/**", "/css/**", "/error").permitAll();
+			authorizeRequests.requestMatchers(requestMatchers).permitAll();
 			authorizeRequests.anyRequest().authenticated();
 		})
 			.apply(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
--- a/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigResourceServerConfiguration.java
+++ b/pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/component/PigResourceServerConfiguration.java
@ -16,7 +16,6 @@

 package com.pig4cloud.pig.common.security.component;

-import cn.hutool.core.util.ArrayUtil;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.context.annotation.Bean;
@ -29,6 +28,7 @@ import org.springframework.security.config.annotation.web.configurers.AbstractHt
 import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
 import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

 /**
 * @author lengleng
@ -53,9 +53,13 @@ public class PigResourceServerConfiguration {
 	@Bean
 	@Order(Ordered.HIGHEST_PRECEDENCE)
 	SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+		AntPathRequestMatcher[] requestMatchers = permitAllUrl.getUrls()
+			.stream()
+			.map(AntPathRequestMatcher::new)
+			.toList()
+			.toArray(new AntPathRequestMatcher[] {});

-		http.authorizeHttpRequests(authorizeRequests -> authorizeRequests
-			.requestMatchers(ArrayUtil.toArray(permitAllUrl.getUrls(), String.class))
+		http.authorizeHttpRequests(authorizeRequests -> authorizeRequests.requestMatchers(requestMatchers)
 			.permitAll()
 			.anyRequest()
 			.authenticated())