fix:网关启动问题

This commit is contained in:
haoxr 2021-07-07 21:14:38 +08:00
parent 2af3e2f493
commit 2f1d7be32b
4 changed files with 23 additions and 26 deletions

View File

@ -108,12 +108,8 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx}) routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx})
routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx}) routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx})
routeVO.setRedirect(menu.getRedirect());
if (SystemConstants.ROOT_MENU_ID.equals(parentId)) { routeVO.setComponent(menu.getComponent());
routeVO.setComponent("Layout");
} else {
routeVO.setComponent(menu.getComponent());
}
routeVO.setRedirect(menu.getRedirect()); routeVO.setRedirect(menu.getRedirect());
routeVO.setMeta(routeVO.new Meta( routeVO.setMeta(routeVO.new Meta(
menu.getName(), menu.getName(),

View File

@ -93,7 +93,6 @@ public class ResourceServerConfig {
} }
/** /**
* @return
* @link https://blog.csdn.net/qq_24230139/article/details/105091273 * @link https://blog.csdn.net/qq_24230139/article/details/105091273
* ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication * ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
* 需要把jwt的Claim中的authorities加入 * 需要把jwt的Claim中的authorities加入

View File

@ -3,13 +3,10 @@ package com.youlai.gateway.security;
import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert; import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import cn.hutool.json.JSON;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import com.youlai.common.constant.AuthConstants; import com.youlai.common.constant.AuthConstants;
import com.youlai.common.constant.GlobalConstants; import com.youlai.common.constant.GlobalConstants;
import com.youlai.gateway.component.AdminRoleLocalCache; import com.youlai.gateway.component.AdminRoleLocalCache;
import lombok.AllArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.RedisTemplate;
@ -36,16 +33,17 @@ import java.util.Set;
* @date 2020-05-01 * @date 2020-05-01
*/ */
@Component @Component
@AllArgsConstructor @RequiredArgsConstructor
@Slf4j @Slf4j
public class ResourceServerManager implements ReactiveAuthorizationManager<AuthorizationContext> { public class ResourceServerManager implements ReactiveAuthorizationManager<AuthorizationContext> {
private RedisTemplate redisTemplate; private final RedisTemplate redisTemplate;
private AdminRoleLocalCache adminRoleLocalCache; private final AdminRoleLocalCache adminRoleLocalCache;
// 是否演示环境 // 是否演示环境
@Value("${demo}") @Value("${demo}")
private Boolean isDemoEnv; private Boolean isDemoEnv;
@Override @Override
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) { public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
ServerHttpRequest request = authorizationContext.getExchange().getRequest(); ServerHttpRequest request = authorizationContext.getExchange().getRequest();
@ -72,11 +70,11 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
String restfulPath = request.getMethodValue() + ":" + path; String restfulPath = request.getMethodValue() + ":" + path;
log.info("请求方法:RESTFul请求路径{}", restfulPath); log.info("请求方法:RESTFul请求路径{}", restfulPath);
Map<String, Object> permRolesRules = (Map<String, Object>) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY); Map<String, Object> permRolesRules = (Map<String, Object>) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY);
if (isDemoEnv){ if (isDemoEnv) {
// 缓存取URL权限标识->角色集合权限规则 // 缓存取URL权限标识->角色集合权限规则
if(null==permRolesRules){ if (null == permRolesRules) {
permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY); permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY);
adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY,permRolesRules); adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY, permRolesRules);
} }
} }
@ -84,16 +82,19 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
Set<String> hasPermissionRoles = CollectionUtil.newHashSet(); // 声明定义有权限的角色集合 Set<String> hasPermissionRoles = CollectionUtil.newHashSet(); // 声明定义有权限的角色集合
boolean needToCheck = false; // 声明定义是否需要被拦截检查的请求如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配默认不需要被鉴权 boolean needToCheck = false; // 声明定义是否需要被拦截检查的请求如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配默认不需要被鉴权
for (Map.Entry<String, Object> permRoles : permRolesRules.entrySet()) { if (CollectionUtil.isNotEmpty(permRolesRules)) {
String perm = permRoles.getKey(); // 缓存权限规则的键URL权限标识 for (Map.Entry<String, Object> ruleEntry : permRolesRules.entrySet()) {
if (pathMatcher.match(perm, restfulPath)) { String perm = ruleEntry.getKey(); // 缓存权限规则的键URL权限标识
List<String> roles = Convert.toList(String.class, permRoles.getValue()); // 缓存权限规则的值有请求路径访问权限的角色集合 if (pathMatcher.match(perm, restfulPath)) {
hasPermissionRoles.addAll(Convert.toList(String.class, roles)); List<String> roles = Convert.toList(String.class, ruleEntry.getValue()); // 缓存权限规则的值有请求路径访问权限的角色集合
if (needToCheck == false) { hasPermissionRoles.addAll(Convert.toList(String.class, roles));
needToCheck = true; if (needToCheck == false) {
needToCheck = true;
}
} }
} }
} }
log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString()); log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString());
// 没有设置权限规则放行如果默认想拦截所有的请求请移除needToCheck变量逻辑即可根据需求定制 // 没有设置权限规则放行如果默认想拦截所有的请求请移除needToCheck变量逻辑即可根据需求定制
if (needToCheck == false) { if (needToCheck == false) {

View File

@ -7,6 +7,7 @@ import com.nimbusds.jose.JWSObject;
import com.youlai.common.constant.AuthConstants; import com.youlai.common.constant.AuthConstants;
import com.youlai.common.result.ResultCode; import com.youlai.common.result.ResultCode;
import com.youlai.gateway.util.ResponseUtils; import com.youlai.gateway.util.ResponseUtils;
import lombok.RequiredArgsConstructor;
import lombok.SneakyThrows; import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.logging.log4j.util.Strings; import org.apache.logging.log4j.util.Strings;
@ -30,11 +31,11 @@ import reactor.core.publisher.Mono;
* @date 2020-06-12 * @date 2020-06-12
*/ */
@Component @Component
@RequiredArgsConstructor
@Slf4j @Slf4j
public class SecurityGlobalFilter implements GlobalFilter, Ordered { public class SecurityGlobalFilter implements GlobalFilter, Ordered {
@Autowired private final RedisTemplate redisTemplate;
private RedisTemplate redisTemplate;
// 是否演示环境 // 是否演示环境
@Value("${demo}") @Value("${demo}")