• Home
• com.faasadmin
• faas-ma
• 1.0.7
• source code
• MagicApiAccessDecisionManager.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.faasadmin.framework.property.config.MagicApiAccessDecisionManager Maven / Gradle / Ivy

/*
 * Copyright (c) 2021-Now http://faasadmin.com All rights reserved.
 * No deletion without permission, or be held responsible to law.
 */

package com.faasadmin.framework.property.config;

import com.faasadmin.framework.common.utils.ToolUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import org.ssssssss.magicapi.core.web.RequestHandler;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;

/**
 * @version: V1.0
 * @author: faasadmin.
 * @description: 访问决策管理器对magic-api放行
 * @data: 2022-02-07 18:01
 **/
@Slf4j
public class MagicApiAccessDecisionManager implements AccessDecisionManager {

    private final RequestMappingHandlerMapping requestMappingHandlerMapping;

    public MagicApiAccessDecisionManager(RequestMappingHandlerMapping requestMappingHandlerMapping) {
        this.requestMappingHandlerMapping = requestMappingHandlerMapping;
    }

    @Override
    public void decide(Authentication authentication, Object object,
                       Collection configAttributes)
            throws AccessDeniedException, InsufficientAuthenticationException {
        FilterInvocation invocation = (FilterInvocation) object;
        HttpServletRequest request = invocation.getHttpRequest();
        Object handler = null;
        try {
            handler = requestMappingHandlerMapping.getHandler(request).getHandler();
        } catch (Exception ignored) {
        }
        if (handler != null && handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            // 提取处理类，判断是否是`magic-api`的处理器
            if (RequestHandler.class == handlerMethod.getBean().getClass()) {
                return;
            }
        }
        String token = request.getHeader("Authorization");
        if (ToolUtils.isNotBlank(token)) {
            return;
        }
        List collect = configAttributes.stream()
                .map(Object::toString).collect(Collectors.toList());
        for (String s : collect) {
            System.out.println(s);
        }
        log.info("请求地址：{},权限：{}",request.getRequestURI(),collect);
        if (configAttributes.stream()
                .map(Object::toString)
                .anyMatch(it -> it.equals("permitAll") || it.equals("anonymous"))) {
            return;
        }
        throw new AccessDeniedException("Access is denied.");
    }

    @Override
    public boolean supports(ConfigAttribute attribute) {
        return true;
    }

    @Override
    public boolean supports(Class clazz) {
        return true;
    }

}