From: Tang Cheng Date: Wed, 3 Jul 2019 05:26:34 +0000 (+0800) Subject: 将 /api/common/version 开放 X-Git-Tag: 1.0.0^2~117 X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=e70c9bc0d51a32388cc491ecacb23e6753d5d34b;p=epayment%2Ffood_payapi.git 将 /api/common/version 开放 --- diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt index dfe454a1..ed682ed6 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/security.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt @@ -86,7 +86,7 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() { url = url.replace(context, "") } logger.info(url) - if(!url.startsWith("/api/")&&!url.startsWith("/mobileapi/v1/")){ + if (!url.startsWith("/api/") && !url.startsWith("/mobileapi/v1/")) { filterChain.doFilter(request, response) return } @@ -103,7 +103,7 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() { return } val claims = getUtil().verifyToken(jwt) - if(url.equals("/mobileapi/v1/logout")){ + if (url.equals("/mobileapi/v1/logout")) { SecurityContextHolder.clearContext() apiJwtRepository.deleteById(claims[ReservedClaimNames.JWT_ID].toString()) throw JoseException("JWT has not been register") @@ -120,11 +120,11 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() { } val tenantId = request.getHeader(Constants.HEADER_TETANTID) if (tenantId == null) { - response.status=HttpStatus.UNAUTHORIZED.value() + response.status = HttpStatus.UNAUTHORIZED.value() return } if (claims[Constants.JWT_CLAIM_TENANTID] != tenantId) { - response.status=HttpStatus.UNAUTHORIZED.value() + response.status = HttpStatus.UNAUTHORIZED.value() return } val auth = UsernamePasswordAuthenticationToken(claims[Constants.JWT_CLAIM_UID], null, @@ -137,12 +137,12 @@ class ApiJwtAuthenticationFilter : OncePerRequestFilter() { // jwt 过期后返回 401 apiJwtRepository.deleteById(e.jwtContext.jwtClaims.jwtId) } - response.status=HttpStatus.UNAUTHORIZED.value() + response.status = HttpStatus.UNAUTHORIZED.value() return } catch (e: JoseException) { SecurityContextHolder.clearContext() // jwt 失效后返回 401 - response.status=HttpStatus.UNAUTHORIZED.value() + response.status = HttpStatus.UNAUTHORIZED.value() response.contentType = "application/json;charset=UTF-8" return } catch (e:Exception){ @@ -179,6 +179,7 @@ class WebSecurityConfig { .authorizeRequests() .antMatchers("/api/auth/**").permitAll() .antMatchers("/api/notify/**").permitAll() + .antMatchers("/api/common/version").permitAll() .antMatchers("/api/userinfor").hasAnyRole("ADMIN", "THIRD_ADMIN") .antMatchers("/api/common/**").hasAnyRole("THIRD_COMMON", "THIRD_ADMIN") .antMatchers("/api/consume/**").hasRole("THIRD_CONSUME") @@ -195,6 +196,7 @@ class WebSecurityConfig { return super.authenticationManagerBean() } } + @Configuration @Order(2) class MobileApiSecurityConfigurationAdapter : WebSecurityConfigurerAdapter() { @@ -214,6 +216,7 @@ class WebSecurityConfig { override fun configure(auth: AuthenticationManagerBuilder) { auth.authenticationProvider(userProvider()) } + @Bean fun userProvider(): DaoAuthenticationProvider { return DaoAuthenticationProvider().apply { @@ -312,7 +315,7 @@ class WebSecurityConfig { http.apply(validateCodeSecurityConfig) .and() .authorizeRequests() - .antMatchers("/login", "/login/form","/mobileapi/**").permitAll() + .antMatchers("/login", "/login/form", "/mobileapi/**").permitAll() .antMatchers("/static/**").permitAll() .antMatchers("/code/image").permitAll() .antMatchers("/**").hasAnyRole("USER", "ADMIN")