网关验证码过滤器添加放行校验

5 years ago · 57723b9ca1
4 changed files with 26 additions and 41 deletions
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java
@ -8,6 +8,11 @@ package com.ruoyi.common.core.constant;
				@@ -8,6 +8,11 @@ package com.ruoyi.common.core.constant;
 public class SecurityConstants
 {
    /**
+     * 令牌类型
+     */
+    public static final String BEARER_TOKEN_TYPE = "Bearer";
+
+    /**
     * 授权token url
     */
    public static final String AUTH_TOKEN = "/oauth/token";
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java
@ -1,10 +1,12 @@
				@@ -1,10 +1,12 @@
 package com.ruoyi.common.security.feign;

+import org.springframework.http.HttpHeaders;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
 import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.SecurityConstants;
 import feign.RequestInterceptor;
 import feign.RequestTemplate;

@ -16,10 +18,6 @@ import feign.RequestTemplate;
				@@ -16,10 +18,6 @@ import feign.RequestTemplate;
@Component
 public class OAuth2FeignRequestInterceptor implements RequestInterceptor
 {
-    private final String AUTHORIZATION_HEADER = "Authorization";
-
-    private final String BEARER_TOKEN_TYPE = "Bearer";
-
    @Override
    public void apply(RequestTemplate requestTemplate)
    {
@ -28,8 +26,8 @@ public class OAuth2FeignRequestInterceptor implements RequestInterceptor
				@@ -28,8 +26,8 @@ public class OAuth2FeignRequestInterceptor implements RequestInterceptor
        if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails)
        {
            OAuth2AuthenticationDetails dateils = (OAuth2AuthenticationDetails) authentication.getDetails();
-            requestTemplate.header(AUTHORIZATION_HEADER,
-                    String.format("%s %s", BEARER_TOKEN_TYPE, dateils.getTokenValue()));
+            requestTemplate.header(HttpHeaders.AUTHORIZATION,
+                    String.format("%s %s", SecurityConstants.BEARER_TOKEN_TYPE, dateils.getTokenValue()));
        }
    }
 }
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreClientProperties.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/properties/IgnoreClientProperties.java
@ -1,33 +0,0 @@
				@@ -1,33 +0,0 @@
-package com.ruoyi.gateway.config.properties;
-
-import java.util.ArrayList;
-import java.util.List;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.cloud.context.config.annotation.RefreshScope;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * 放行终端配置
- * 
- * @author ruoyi
- */
-@Configuration
-@RefreshScope
-@ConfigurationProperties(prefix = "ignore")
-public class IgnoreClientProperties
-{
-    /**
-     * 放行终端配置，网关不校验此处的终端
-     */
-    private List<String> clients = new ArrayList<>();
-
-    public List<String> getClients()
-    {
-        return clients;
-    }
-
-    public void setClients(List<String> clients)
-    {
-        this.clients = clients;
-    }
-}
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
@ -3,6 +3,7 @@ package com.ruoyi.gateway.filter;
				@@ -3,6 +3,7 @@ package com.ruoyi.gateway.filter;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.http.server.reactive.ServerHttpResponse;
 import org.springframework.stereotype.Component;
@ -25,6 +26,12 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
				@@ -25,6 +26,12 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
    @Autowired
    private ValidateCodeService validateCodeService;

+    private static final String BASIC_ = "Basic ";
+
+    private static final String CODE = "code";
+
+    private static final String UUID = "uuid";
+
    @Override
    public GatewayFilter apply(Object config)
    {
@ -36,10 +43,18 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
				@@ -36,10 +43,18 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
            {
                return chain.filter(exchange);
            }
+
+            // 消息头存在内容，且不存在验证码参数，不处理
+            String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
+            if (StringUtils.isNotEmpty(header) && StringUtils.startsWith(header, BASIC_)
+                    && !request.getQueryParams().containsKey(CODE) && !request.getQueryParams().containsKey(UUID))
+            {
+                return chain.filter(exchange);
+            }
            try
            {
-                validateCodeService.checkCapcha(request.getQueryParams().getFirst("code"),
-                        request.getQueryParams().getFirst("uuid"));
+                validateCodeService.checkCapcha(request.getQueryParams().getFirst(CODE),
+                        request.getQueryParams().getFirst(UUID));
            }
            catch (Exception e)
            {