重构网关进行权限校验

horseInsect · Jun 13, 2018 · 0dc39aa · 0dc39aa
1 parent 70ce26c
commit 0dc39aa
Show file tree

Hide file tree

Showing 57 changed files with 1,832 additions and 873 deletions.
diff --git a/mss-common/.gitignore b/mss-common/.gitignore
@@ -0,0 +1,25 @@
+/target/
+!.mvn/wrapper/maven-wrapper.jar
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/build/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
diff --git a/mss-common/pom.xml b/mss-common/pom.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.microservice.skeleton.common</groupId>
+    <artifactId>mss-common</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <packaging>jar</packaging>
+
+    <name>mss-common</name>
+    <description>Demo project for Spring Boot</description>
+
+    <parent>
+        <groupId>com.microservice.skeleton</groupId>
+        <artifactId>Micro-Service-Skeleton-Parent</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+        <java.version>1.8</java.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+            <optional>true</optional>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/mss-common/src/main/java/com/microservice/skeleton/common/vo/MenuVo.java b/mss-common/src/main/java/com/microservice/skeleton/common/vo/MenuVo.java
@@ -0,0 +1,31 @@
+package com.microservice.skeleton.common.vo;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+
+import java.util.Date;
+
+/**
+ * Created with IntelliJ IDEA.
+ * Description:
+ * User: Mr.Yangxiufeng
+ * Date: 2018-06-13
+ * Time: 10:39
+ */
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class MenuVo {
+    private String id;
+    private String code;
+    private String pCode;
+    private String pId;
+    private String name;
+    private String url;
+    private Integer isMenu;
+    private Integer level;
+    private Integer sort;
+    private Integer status;
+    private String icon;
+    private Date createTime;
+    private Date updateTime;
+}
diff --git a/mss-common/src/main/java/com/microservice/skeleton/common/vo/Result.java b/mss-common/src/main/java/com/microservice/skeleton/common/vo/Result.java
@@ -0,0 +1,104 @@
+package com.microservice.skeleton.common.vo;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.fasterxml.jackson.annotation.JsonInclude;
+
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Created with IntelliJ IDEA.
+ * Description:
+ * User: Mr.Yangxiufeng
+ * Date: 2018-05-16
+ * Time: 11:04
+ */
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class Result<T> implements Serializable {
+
+    private static final String CODE = "code";
+    private static final String MSG = "msg";
+    private static final long serialVersionUID = 2633283546876721434L;
+
+    private Integer code=200;
+    private String msg="操作成功";
+    private String description;
+    private T data;
+
+    private HashMap<String,Object> exend;
+
+    public Integer getCode() {
+        return code;
+    }
+
+    public void setCode(Integer code) {
+        this.code = code;
+    }
+
+    public String getMsg() {
+        return msg;
+    }
+
+    public void setMsg(String msg) {
+        this.msg = msg;
+    }
+
+    public T getData() {
+        return data;
+    }
+
+    public Result setData(T data) {
+        this.data = data;
+        return this;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    @JsonIgnore
+    public HashMap<String, Object> getExend() {
+        return exend;
+    }
+
+    public void setExend(HashMap<String, Object> exend) {
+        this.exend = exend;
+    }
+
+    public Result() {
+        exend = new HashMap<>();
+    }
+
+    public static Result failure(int code, String msg) {
+        Result result = new Result();
+        result.setCode(code);
+        result.setMsg(msg);
+        return result;
+    }
+
+    public static Result ok(String msg) {
+        Result result = new Result();
+        result.put("msg", msg);
+        return result;
+    }
+
+    public static Result ok(Map<String, Object> map) {
+        Result result = new Result();
+        result.exend.putAll(map);
+        return result;
+    }
+
+    public static Result ok() {
+        return new Result();
+    }
+
+    public Result put(String key, Object value) {
+        exend.put(key, value);
+        return this;
+    }
+}
diff --git a/mss-common/src/main/java/com/microservice/skeleton/common/vo/RoleVo.java b/mss-common/src/main/java/com/microservice/skeleton/common/vo/RoleVo.java
@@ -1,8 +1,10 @@
 package com.microservice.skeleton.common.vo;
 
+import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.Data;
 
 import java.io.Serializable;
+import java.util.Date;
 
 /**
  * Created with IntelliJ IDEA.
@@ -12,11 +14,20 @@
  * Time: 21:03
  */
 @Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
 public class RoleVo implements Serializable {
     private static final long serialVersionUID = 2179037393108205286L;
-    private Integer roleId;
+    private Integer id;
 
     private String name;
 
     private String value;
+
+    private String tips;
+
+    private Date createTime;
+
+    private Date updateTime;
+
+    private Integer status;
 }
diff --git a/mss-common/src/main/java/com/microservice/skeleton/common/vo/UserVo.java b/mss-common/src/main/java/com/microservice/skeleton/common/vo/UserVo.java
@@ -0,0 +1,46 @@
+package com.microservice.skeleton.common.vo;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.Date;
+
+/**
+ * Created with IntelliJ IDEA.
+ * Description:
+ * User: Mr.Yangxiufeng
+ * Date: 2018-05-10
+ * Time: 21:00
+ */
+@Data
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class UserVo implements Serializable {
+    private static final long serialVersionUID = 3881610071550902762L;
+
+    private Integer id;
+
+    private String avatar;
+
+    private String username;
+
+    private String password;
+
+    private String salt;
+
+    private String name;
+
+    private Date birthday;
+
+    private Integer sex;
+
+    private String email;
+
+    private String phone;
+
+    private Integer status;
+
+    private Date createTime;
+
+    private Date updateTime;
+}
diff --git a/mss-gateway/src/main/java/com/microservice/skeleton/gateway/GatewayApplication.java b/mss-gateway/src/main/java/com/microservice/skeleton/gateway/GatewayApplication.java
@@ -2,6 +2,7 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
 import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;

diff --git a/mss-gateway/src/main/java/com/microservice/skeleton/gateway/config/SecurityConfig.java b/mss-gateway/src/main/java/com/microservice/skeleton/gateway/config/SecurityConfig.java
@@ -1,24 +1,62 @@
 package com.microservice.skeleton.gateway.config;
 
-import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
 
 /**
  * Created by Mr.Yangxiufeng on 2017/12/29.
  * Time:10:08
  * ProjectName:Mirco-Service-Skeleton
  */
 @Configuration
-//@EnableOAuth2Sso
-//@EnableResourceServer
-public class SecurityConfig extends WebSecurityConfigurerAdapter{
+@EnableResourceServer
+public class SecurityConfig extends ResourceServerConfigurerAdapter {
 
+    @Autowired
+    private OAuth2WebSecurityExpressionHandler expressionHandler;
+
+    private static final String[] AUTH_WHITELIST = {
+            "/**/v2/api-docs",
+            "/swagger-resources",
+            "/swagger-resources/**",
+            "/configuration/ui",
+            "/configuration/security",
+            "/swagger-ui.html",
+            "swagger-resources/configuration/ui",
+            "/doc.html",
+            "/webjars/**"
+    };
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().antMatchers("/v2/api-docs","/uaa/**").permitAll();
+
+        ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = http
+                .authorizeRequests();
+        for (String au:AUTH_WHITELIST
+             ) {
+            http.authorizeRequests().antMatchers(au).permitAll();
+        }
+        http.authorizeRequests().anyRequest().authenticated();
+        registry.anyRequest()
+                .access("@permissionService.hasPermission(request,authentication)");
+    }
     @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests().mvcMatchers("/v2/api-docs ").permitAll();
-        http.csrf().disable();
+    public void configure(ResourceServerSecurityConfigurer resources) {
+        resources.expressionHandler(expressionHandler);
+    }
+    @Bean
+    public OAuth2WebSecurityExpressionHandler oAuth2WebSecurityExpressionHandler(ApplicationContext applicationContext) {
+        OAuth2WebSecurityExpressionHandler expressionHandler = new OAuth2WebSecurityExpressionHandler();
+        expressionHandler.setApplicationContext(applicationContext);
+        return expressionHandler;
     }
 }
diff --git a/mss-gateway/src/main/java/com/microservice/skeleton/gateway/service/PermissionService.java b/mss-gateway/src/main/java/com/microservice/skeleton/gateway/service/PermissionService.java
@@ -0,0 +1,16 @@
+package com.microservice.skeleton.gateway.service;
+
+import org.springframework.security.core.Authentication;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Created with IntelliJ IDEA.
+ * Description:
+ * User: Mr.Yangxiufeng
+ * Date: 2018-05-14
+ * Time: 16:01
+ */
+public interface PermissionService {
+    boolean hasPermission(HttpServletRequest request, Authentication authentication);
+}