From dbf345c90bc8d48f600d1b8e429cd4e9332f906b Mon Sep 17 00:00:00 2001
From: liyanqi <15181887205@163.com>
Date: 星期六, 10 九月 2022 01:21:55 +0800
Subject: [PATCH] 解决因spring security导致的无法跨域问题
---
/dev/null | 35 -----------------
ycl-common/src/main/java/com/ycl/utils/auth/UserAuthUtil.java | 10 ++++-
ycl-common/src/main/java/com/ycl/config/WebSecurityCorsFilter.java | 41 ++++++++++++++++++++
ycl-common/src/main/java/com/ycl/api/BasePageVO.java | 2
ycl-platform/src/main/java/com/ycl/component/JwtAuthenticationTokenFilter.java | 12 +++++-
ycl-platform/src/main/java/com/ycl/config/SecurityConfig.java | 8 +++
ycl-platform/src/main/resources/application.yml | 2
ycl-common/src/main/java/com/ycl/utils/JwtTokenUtil.java | 2
8 files changed, 69 insertions(+), 43 deletions(-)
diff --git a/ycl-common/src/main/java/com/ycl/api/BasePageVO.java b/ycl-common/src/main/java/com/ycl/api/BasePageVO.java
index 2a15972..2001586 100644
--- a/ycl-common/src/main/java/com/ycl/api/BasePageVO.java
+++ b/ycl-common/src/main/java/com/ycl/api/BasePageVO.java
@@ -16,7 +16,7 @@
@Min(value = 1, message = "鏈�灏忛〉鏁�1")
private int current = 1;
- @ApiModelProperty(value = "鏉℃暟",example = "1~100")
+ @ApiModelProperty(value = "鏉℃暟",example = "1")
@Min(value = 1, message = "鏈�灏忔潯鏁�1")
@Max(value = 100, message = "鏈�澶ф潯鏁�100")
private int pageSize = 20;
diff --git a/ycl-common/src/main/java/com/ycl/config/GlobalCorsConfig.java b/ycl-common/src/main/java/com/ycl/config/GlobalCorsConfig.java
deleted file mode 100644
index 5fea058..0000000
--- a/ycl-common/src/main/java/com/ycl/config/GlobalCorsConfig.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package com.ycl.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-import org.springframework.web.filter.CorsFilter;
-
-/**
- * 鍏ㄥ眬璺ㄥ煙閰嶇疆
- */
-@Configuration
-public class GlobalCorsConfig {
-
- /**
- * 鍏佽璺ㄥ煙璋冪敤鐨勮繃婊ゅ櫒
- */
- @Bean
- public CorsFilter corsFilter() {
- CorsConfiguration config = new CorsConfiguration();
- //鍏佽鎵�鏈夊煙鍚嶈繘琛岃法鍩熻皟鐢�
- config.addAllowedOriginPattern("*");
- //璇ョ敤娉曞湪SpringBoot 2.7.0涓凡涓嶅啀鏀寔
- //config.addAllowedOrigin("*");
- //鍏佽璺ㄨ秺鍙戦�乧ookie
- config.setAllowCredentials(true);
- //鏀捐鍏ㄩ儴鍘熷澶翠俊鎭�
- config.addAllowedHeader("*");
- //鍏佽鎵�鏈夎姹傛柟娉曡法鍩熻皟鐢�
- config.addAllowedMethod("*");
- UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
- source.registerCorsConfiguration("/**", config);
- return new CorsFilter(source);
- }
-}
diff --git a/ycl-common/src/main/java/com/ycl/config/WebSecurityCorsFilter.java b/ycl-common/src/main/java/com/ycl/config/WebSecurityCorsFilter.java
new file mode 100644
index 0000000..00189ec
--- /dev/null
+++ b/ycl-common/src/main/java/com/ycl/config/WebSecurityCorsFilter.java
@@ -0,0 +1,41 @@
+package com.ycl.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Collections;
+
+/**
+ * @author Lyq
+ * @version 1.0
+ * @date 2022/9/10 1:04
+ */
+public class WebSecurityCorsFilter implements Filter {
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+
+ }
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ HttpServletResponse res = (HttpServletResponse) response;
+ res.setHeader("Access-Control-Allow-Origin", "*");
+ res.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
+ res.setHeader("Access-Control-Max-Age", "3600");
+ res.setHeader("Access-Control-Allow-Headers", "Authorization, Content-Type, Accept, x-requested-with, Cache-Control, os, version, source");
+ chain.doFilter(request, res);
+ }
+
+ @Override
+ public void destroy() {
+
+ }
+}
diff --git a/ycl-common/src/main/java/com/ycl/utils/JwtTokenUtil.java b/ycl-common/src/main/java/com/ycl/utils/JwtTokenUtil.java
index 1ebaabf..d64c7df 100644
--- a/ycl-common/src/main/java/com/ycl/utils/JwtTokenUtil.java
+++ b/ycl-common/src/main/java/com/ycl/utils/JwtTokenUtil.java
@@ -96,7 +96,7 @@
* @param userDetails 浠庢暟鎹簱涓煡璇㈠嚭鏉ョ殑鐢ㄦ埛淇℃伅
*/
public boolean validateToken(String token, UserDetails userDetails) {
- String username = getUserNameFromToken(token);
+ String username = parseToken(token).getUsername();
return username.equals(userDetails.getUsername()) && !isTokenExpired(token);
}
diff --git a/ycl-common/src/main/java/com/ycl/utils/auth/UserAuthUtil.java b/ycl-common/src/main/java/com/ycl/utils/auth/UserAuthUtil.java
index 72c083d..1384468 100644
--- a/ycl-common/src/main/java/com/ycl/utils/auth/UserAuthUtil.java
+++ b/ycl-common/src/main/java/com/ycl/utils/auth/UserAuthUtil.java
@@ -8,6 +8,7 @@
import com.ycl.utils.JwtTokenUtil;
import com.ycl.utils.common.LiveTimeMillisecond;
import com.ycl.utils.common.NetworkUtil;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
@@ -25,6 +26,8 @@
@Resource
private RedisService redisService;
+ @Value("${jwt.tokenHead}")
+ private String tokenHead;
public void saveUser(Long userId, String token, String redisKey) {
redisService.set(redisKey.concat(userId.toString()), token, LiveTimeMillisecond.s2592000.time);
@@ -41,7 +44,8 @@
if (StrUtil.isBlank(accessToken)) {
throw new ApiException(ResultCode.NOT_LOGGED);
}
- AuthInfo authInfo = jwtTokenUtil.parseToken(accessToken);
+ String authToken = accessToken.substring(this.tokenHead.length());// The part after "Bearer "
+ AuthInfo authInfo = jwtTokenUtil.parseToken(authToken);
return authInfo.getUserId();
}
@@ -56,7 +60,9 @@
if (StrUtil.isBlank(accessToken)) {
throw new ApiException(ResultCode.NOT_LOGGED);
}
- AuthInfo authInfo = jwtTokenUtil.parseToken(accessToken);
+ String authToken = accessToken.substring(this.tokenHead.length());// The part after "Bearer "
+ AuthInfo authInfo = jwtTokenUtil.parseToken(authToken);
+// AuthInfo authInfo = jwtTokenUtil.parseToken(accessToken);
return authInfo.getUsername();
}
}
diff --git a/ycl-platform/src/main/java/com/ycl/component/JwtAuthenticationTokenFilter.java b/ycl-platform/src/main/java/com/ycl/component/JwtAuthenticationTokenFilter.java
index a74258d..d7680a8 100644
--- a/ycl-platform/src/main/java/com/ycl/component/JwtAuthenticationTokenFilter.java
+++ b/ycl-platform/src/main/java/com/ycl/component/JwtAuthenticationTokenFilter.java
@@ -1,5 +1,6 @@
package com.ycl.component;
+import com.ycl.entity.auth.AuthInfo;
import com.ycl.utils.JwtTokenUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -17,6 +18,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
+import java.util.Enumeration;
/**
* JWT鐧诲綍鎺堟潈杩囨护鍣�
@@ -36,13 +38,19 @@
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response,
FilterChain chain) throws ServletException, IOException {
+ System.out.println(request);
+// Enumeration<String> headerNames = request.getHeaderNames();
+// while (headerNames.hasMoreElements()){
+// System.out.println(headerNames.nextElement());
+// }
String authHeader = request.getHeader(this.tokenHeader);
if (authHeader != null && authHeader.startsWith(this.tokenHead)) {
String authToken = authHeader.substring(this.tokenHead.length());// The part after "Bearer "
- String username = jwtTokenUtil.getUserNameFromToken(authToken);
+ AuthInfo authInfo = jwtTokenUtil.parseToken(authToken);
+ String username = authInfo.getUsername();
LOGGER.info("checking username:{}", username);
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
- UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);
+ UserDetails userDetails = this.userDetailsService.loadUserByUsername(authInfo.getUsername());
if (jwtTokenUtil.validateToken(authToken, userDetails)) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
diff --git a/ycl-platform/src/main/java/com/ycl/config/SecurityConfig.java b/ycl-platform/src/main/java/com/ycl/config/SecurityConfig.java
index 8fc0ec4..cc1eab8 100644
--- a/ycl-platform/src/main/java/com/ycl/config/SecurityConfig.java
+++ b/ycl-platform/src/main/java/com/ycl/config/SecurityConfig.java
@@ -63,11 +63,17 @@
.authenticationEntryPoint(restAuthenticationEntryPoint)
// 鑷畾涔夋潈闄愭嫤鎴櫒JWT杩囨护鍣�
.and()
+ .addFilterBefore(webSecurityCorsFilter(), UsernamePasswordAuthenticationFilter.class)
.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
//鏈夊姩鎬佹潈闄愰厤缃椂娣诲姞鍔ㄦ�佹潈闄愭牎楠岃繃婊ゅ櫒
- if(dynamicSecurityService!=null){
+ if (dynamicSecurityService != null) {
registry.and().addFilterBefore(dynamicSecurityFilter, FilterSecurityInterceptor.class);
}
return httpSecurity.build();
}
+
+ @Bean
+ public WebSecurityCorsFilter webSecurityCorsFilter() {
+ return new WebSecurityCorsFilter();
+ }
}
diff --git a/ycl-platform/src/main/resources/application.yml b/ycl-platform/src/main/resources/application.yml
index 8753f26..28e200b 100644
--- a/ycl-platform/src/main/resources/application.yml
+++ b/ycl-platform/src/main/resources/application.yml
@@ -28,7 +28,7 @@
jwt:
tokenHeader: Authorization #JWT瀛樺偍鐨勮姹傚ご
- secret: luozi-admin-secret #JWT鍔犺В瀵嗕娇鐢ㄧ殑瀵嗛挜
+ secret: platform-secret #JWT鍔犺В瀵嗕娇鐢ㄧ殑瀵嗛挜
expiration: 604800 #JWT鐨勮秴鏈熼檺鏃堕棿(60*60*24*7)
tokenHead: 'Bearer ' #JWT璐熻浇涓嬁鍒板紑澶�
--
Gitblit v1.8.0