All Downloads are FREE. Search and download functionalities are using the official Maven repository.

live.lingting.component.security.web.aspectj.SecurityWebResourceAspectj Maven / Gradle / Ivy

Go to download 

package live.lingting.component.security.web.aspectj;

import live.lingting.component.security.authorize.SecurityAuthorize;
import live.lingting.component.security.constant.SecurityConstants;
import live.lingting.component.security.annotation.Authorize;
import live.lingting.component.security.web.properties.SecurityWebProperties;
import live.lingting.component.core.util.AspectUtils;
import live.lingting.component.core.util.CollectionUtils;
import live.lingting.component.web.filter.WebScope;
import lombok.RequiredArgsConstructor;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.core.annotation.Order;
import org.springframework.util.AntPathMatcher;

import java.util.Set;

/**
 * @author lingting 2023-03-30 14:04
 */
@Aspect
@RequiredArgsConstructor
@Order(SecurityConstants.ORDER_RESOURCE_ASPECTJ)
public class SecurityWebResourceAspectj {

	private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();

	private final SecurityWebProperties properties;

	private final SecurityAuthorize securityAuthorize;

	@Pointcut("(@within(org.springframework.web.bind.annotation.RestController) || @within(org.springframework.stereotype.Controller) ) "
			+ "&& execution(@(@org.springframework.web.bind.annotation.RequestMapping *) * *(..))")
	public void pointCut() {
		//
	}

	@Around("pointCut()")
	public Object around(ProceedingJoinPoint point) throws Throwable {
		// 不是忽略鉴权的uri. 走鉴权流程
		if (!isIgnoreUri()) {
			Authorize authorize = AspectUtils.getAnnotation(point, Authorize.class);
			securityAuthorize.valid(authorize);
		}
		return point.proceed();
	}

	protected boolean isIgnoreUri() {
		Set ignoreAntPatterns = properties.getIgnoreAntPatterns();
		if (CollectionUtils.isEmpty(ignoreAntPatterns)) {
			return false;
		}
		String uri = WebScope.uri();

		for (String antPattern : ignoreAntPatterns) {
			if (ANT_PATH_MATCHER.match(antPattern, uri)) {
				return true;
			}
		}

		return false;
	}

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy