将 /api/common/version 开放

author Tang Cheng <cheng.tang@supwisdom.com>

Wed, 3 Jul 2019 05:26:34 +0000 (13:26 +0800)

committer Tang Cheng <cheng.tang@supwisdom.com>

Wed, 10 Jul 2019 02:17:14 +0000 (10:17 +0800)
author Tang Cheng <cheng.tang@supwisdom.com>
Wed, 3 Jul 2019 05:26:34 +0000 (13:26 +0800)
committer Tang Cheng <cheng.tang@supwisdom.com>
Wed, 10 Jul 2019 02:17:14 +0000 (10:17 +0800)
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt

index dfe454a..ed682ed 100644 (file)
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -86,7 +86,7 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() {
              url = url.replace(context, "")
          }
          logger.info(url)
-        if(!url.startsWith("/api/")&&!url.startsWith("/mobileapi/v1/")){
+        if (!url.startsWith("/api/") && !url.startsWith("/mobileapi/v1/")) {
              filterChain.doFilter(request, response)
              return
          }
@@ -103,7 +103,7 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() {
                      return
                  }
                  val claims = getUtil().verifyToken(jwt)
-                if(url.equals("/mobileapi/v1/logout")){
+                if (url.equals("/mobileapi/v1/logout")) {
                      SecurityContextHolder.clearContext()
                      apiJwtRepository.deleteById(claims[ReservedClaimNames.JWT_ID].toString())
                      throw JoseException("JWT has not been register")
@@ -120,11 +120,11 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() {
                  }
                  val tenantId = request.getHeader(Constants.HEADER_TETANTID)
                  if (tenantId == null) {
-                    response.status=HttpStatus.UNAUTHORIZED.value()
+                    response.status = HttpStatus.UNAUTHORIZED.value()
                      return
                  }
                  if (claims[Constants.JWT_CLAIM_TENANTID] != tenantId) {
-                    response.status=HttpStatus.UNAUTHORIZED.value()
+                    response.status = HttpStatus.UNAUTHORIZED.value()
                      return
                  }
                  val auth = UsernamePasswordAuthenticationToken(claims[Constants.JWT_CLAIM_UID], null,
@@ -137,12 +137,12 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() {
                      // jwt 过期后返回 401
                      apiJwtRepository.deleteById(e.jwtContext.jwtClaims.jwtId)
                  }
-                response.status=HttpStatus.UNAUTHORIZED.value()
+                response.status = HttpStatus.UNAUTHORIZED.value()
                  return
              } catch (e: JoseException) {
                  SecurityContextHolder.clearContext()
                  // jwt 失效后返回 401
-                response.status=HttpStatus.UNAUTHORIZED.value()
+                response.status = HttpStatus.UNAUTHORIZED.value()
                  response.contentType = "application/json;charset=UTF-8"
                  return
              } catch (e:Exception){
@@ -179,6 +179,7 @@ class WebSecurityConfig {
                          .authorizeRequests()
                          .antMatchers("/api/auth/**").permitAll()
                          .antMatchers("/api/notify/**").permitAll()
+                        .antMatchers("/api/common/version").permitAll()
                          .antMatchers("/api/userinfor").hasAnyRole("ADMIN", "THIRD_ADMIN")
                          .antMatchers("/api/common/**").hasAnyRole("THIRD_COMMON", "THIRD_ADMIN")
                          .antMatchers("/api/consume/**").hasRole("THIRD_CONSUME")
@@ -195,6 +196,7 @@ class WebSecurityConfig {
                  return super.authenticationManagerBean()
              }
          }
+
          @Configuration
          @Order(2)
          class MobileApiSecurityConfigurationAdapter : WebSecurityConfigurerAdapter() {
@@ -214,6 +216,7 @@ class WebSecurityConfig {
              override fun configure(auth: AuthenticationManagerBuilder) {
                  auth.authenticationProvider(userProvider())
              }
+
              @Bean
              fun userProvider(): DaoAuthenticationProvider {
                  return DaoAuthenticationProvider().apply {
@@ -312,7 +315,7 @@ class WebSecurityConfig {
                  http.apply(validateCodeSecurityConfig)
                          .and()
                          .authorizeRequests()
-                        .antMatchers("/login", "/login/form","/mobileapi/**").permitAll()
+                        .antMatchers("/login", "/login/form", "/mobileapi/**").permitAll()
                          .antMatchers("/static/**").permitAll()
                          .antMatchers("/code/image").permitAll()
                          .antMatchers("/**").hasAnyRole("USER", "ADMIN")
author	Tang Cheng <cheng.tang@supwisdom.com>
	Wed, 3 Jul 2019 05:26:34 +0000 (13:26 +0800)
committer	Tang Cheng <cheng.tang@supwisdom.com>
	Wed, 10 Jul 2019 02:17:14 +0000 (10:17 +0800)