org.zodiac.autoconfigure.security.http.servlet.SecurityHttpServletAutoConfiguration Maven / Gradle / Ivy
package org.zodiac.autoconfigure.security.http.servlet;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication.Type;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.zodiac.autoconfigure.security.condition.ConditionalOnSecurityHttpEnabled;
import org.zodiac.autoconfigure.security.http.SecurityHttpProperties;
import org.zodiac.autoconfigure.security.jwt.SecurityJwtProperties;
import org.zodiac.commons.util.ArrayUtil;
@Order
@SpringBootConfiguration
@ConditionalOnSecurityHttpEnabled
@ConditionalOnWebApplication(type = Type.SERVLET)
//@AutoConfigureAfter(value = {SecurityJwtAutoConfiguration.class})
@ConditionalOnClass(value = {org.zodiac.security.auth.SecurityAuthAspect.class, org.zodiac.security.jwt.config.SecurityJwtInfo.class})
public class SecurityHttpServletAutoConfiguration implements WebMvcConfigurer {
private final org.zodiac.security.registry.SecurityRegistry securityRegistry;
private final org.zodiac.security.http.servlet.ServletSecurityHandler servletSecurityHandler;
private final SecurityJwtProperties securityJwtProperties;
private final SecurityHttpProperties securityHttpProperties;
public SecurityHttpServletAutoConfiguration(org.zodiac.security.registry.SecurityRegistry securityRegistry,
org.zodiac.security.http.servlet.ServletSecurityHandler servletSecurityHandler,
SecurityJwtProperties securityJwtProperties, SecurityHttpProperties securityHttpProperties) {
this.securityRegistry = securityRegistry;
this.servletSecurityHandler = servletSecurityHandler;
this.securityJwtProperties = securityJwtProperties;
this.securityHttpProperties = securityHttpProperties;
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
/*设置请求授权*/
if (securityRegistry.isAuthEnabled() || securityHttpProperties.isAuthEnabled()) {
List authSecures =
this.securityRegistry.addAuthPatterns(securityHttpProperties.getAuth()).getAuthSecures();
if (authSecures.size() > 0) {
registry.addInterceptor(servletSecurityHandler.authInterceptor(authSecures));
/*设置路径放行*/
securityRegistry
.excludePathPatterns(authSecures.stream().map(org.zodiac.security.http.AuthSecure::getPattern).collect(Collectors.toList()));
}
}
/*设置基础认证授权*/
if (securityRegistry.isBasicEnabled() || securityHttpProperties.isBasicEnabled()) {
List basicSecures =
this.securityRegistry.addBasicPatterns(securityHttpProperties.getBasic()).getBasicSecures();
if (basicSecures.size() > 0) {
registry.addInterceptor(servletSecurityHandler.basicInterceptor(basicSecures));
/**/
securityRegistry.excludePathPatterns(
basicSecures.stream().map(org.zodiac.security.http.BasicSecure::getPattern).collect(Collectors.toList()));
}
}
/*设置签名认证授权*/
if (securityRegistry.isSignEnabled() || securityHttpProperties.isSignEnabled()) {
List signSecures =
this.securityRegistry.addSignPatterns(securityHttpProperties.getSign()).getSignSecures();
if (signSecures.size() > 0) {
registry.addInterceptor(servletSecurityHandler.signInterceptor(signSecures));
/*设置路径放行*/
securityRegistry
.excludePathPatterns(signSecures.stream().map(org.zodiac.security.http.SignSecure::getPattern).collect(Collectors.toList()));
}
}
/*设置客户端授权*/
if (securityRegistry.isClientEnabled() || securityHttpProperties.isClientEnabled()) {
securityHttpProperties.getClient().forEach(
clientSecure -> registry.addInterceptor(servletSecurityHandler.clientInterceptor(clientSecure.getClientId()))
.addPathPatterns(clientSecure.getPathPatterns()));
}
/*设置路径放行*/
if (securityRegistry.isEnabled() || securityHttpProperties.isEnabled()) {
registry.addInterceptor(servletSecurityHandler.tokenInterceptor())
.excludePathPatterns(securityRegistry.getExcludePatterns())
.excludePathPatterns(securityRegistry.getDefaultExcludePatterns())
.excludePathPatterns(securityHttpProperties.getIgnoredUrls().toArray(ArrayUtil.EMPTY_STRING_ARRAY));
}
}
@Bean
@ConditionalOnMissingBean
@ConditionalOnBean(value = {org.springframework.cache.CacheManager.class})
protected org.zodiac.security.SecurityCacheOperations securityCacheOperations(org.springframework.cache.CacheManager cacheManager) {
return new org.zodiac.security.http.servlet.ServletSecurityCacheTemplate(cacheManager);
}
@Bean
@ConditionalOnMissingBean(value = org.zodiac.security.SecurityAuthOperations.class)
protected org.zodiac.security.SecurityAuthOperations securityAuthOperations() {
return new org.zodiac.security.http.servlet.ServletSecurityAuthTemplate(securityJwtProperties);
}
@Bean
@ConditionalOnMissingBean(value = org.zodiac.security.SecurityAuthOperations2.class)
protected org.zodiac.security.SecurityAuthOperations2 securityAuthOperations2() {
return new org.zodiac.security.http.servlet.ServletSecurityAuthTemplate2(securityJwtProperties);
}
@Bean
@ConditionalOnMissingBean(value = org.zodiac.security.SecurityOperations.class)
protected org.zodiac.security.SecurityOperations securityOperations(org.zodiac.security.SecurityClientDetailsService securityClientDetailsService) {
return new org.zodiac.security.http.servlet.ServletSecurityTemplate(securityClientDetailsService, securityJwtProperties);
}
}