update
This commit is contained in:
parent
d5dc891d30
commit
61e95da778
@ -1,9 +1,5 @@
|
||||
package com.example.demo.config;
|
||||
|
||||
import com.example.demo.exception.CustomAuthenticationEntryPoint;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@ -25,16 +21,6 @@ import java.util.*;
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig {
|
||||
@Getter
|
||||
@Setter
|
||||
private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
|
||||
|
||||
@Autowired
|
||||
public SecurityConfig(CustomAuthenticationEntryPoint customAuthenticationEntryPoint) {
|
||||
this.customAuthenticationEntryPoint = customAuthenticationEntryPoint;
|
||||
}
|
||||
|
||||
|
||||
private static final String[] WHITE_LIST = {"/swagger-ui/**", "/v3/api-docs/**", "/swagger/**"};
|
||||
|
||||
// @Value("${spring.security.oauth2.resourceserver.jwt.issuer-uri}")
|
||||
@ -47,9 +33,7 @@ public class SecurityConfig {
|
||||
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http.exceptionHandling(
|
||||
exception -> exception.authenticationEntryPoint(customAuthenticationEntryPoint))
|
||||
.authorizeHttpRequests(authorizeRequests ->
|
||||
http.authorizeHttpRequests(authorizeRequests ->
|
||||
authorizeRequests.requestMatchers(WHITE_LIST).permitAll().anyRequest().authenticated()
|
||||
)
|
||||
.sessionManagement(sessionManagement ->
|
||||
|
||||
@ -1,32 +1,23 @@
|
||||
package com.example.demo.config;
|
||||
|
||||
import io.swagger.v3.oas.models.OpenAPI;
|
||||
import io.swagger.v3.oas.models.info.Info;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import io.swagger.v3.oas.annotations.OpenAPIDefinition;
|
||||
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
|
||||
import io.swagger.v3.oas.annotations.info.Info;
|
||||
import io.swagger.v3.oas.annotations.security.OAuthFlow;
|
||||
import io.swagger.v3.oas.annotations.security.OAuthFlows;
|
||||
import io.swagger.v3.oas.annotations.security.OAuthScope;
|
||||
import io.swagger.v3.oas.annotations.security.SecurityScheme;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
@Configuration
|
||||
@OpenAPIDefinition(info = @Info(title = "Foo API",
|
||||
description = "Foo description", version = "v1"))
|
||||
@SecurityScheme(name = "security_auth", type = SecuritySchemeType.OAUTH2,
|
||||
flows = @OAuthFlows(authorizationCode = @OAuthFlow(
|
||||
authorizationUrl = "${springdoc.oAuthFlow.authorizationUrl}"
|
||||
, tokenUrl = "${springdoc.oAuthFlow.tokenUrl}", scopes = {
|
||||
@OAuthScope(name = "springdoc.read", description = "read scope"),
|
||||
@OAuthScope(name = "springdoc.write", description = "write scope") })))
|
||||
public class SpringDoc {
|
||||
@Bean
|
||||
public OpenAPI openAPI() {
|
||||
return new OpenAPI().info(new Info()
|
||||
.title("Demo API")
|
||||
);
|
||||
}
|
||||
//
|
||||
// @Bean
|
||||
// public GroupedOpenApi publicApi() {
|
||||
// return GroupedOpenApi.builder()
|
||||
// .group("api")
|
||||
// .pathsToMatch("/api/**")
|
||||
// .build();
|
||||
// }
|
||||
|
||||
// @Bean
|
||||
// public GroupedOpenApi adminApi() {
|
||||
// return GroupedOpenApi.builder()
|
||||
// .group("admin")
|
||||
// .pathsToMatch("/admin/**")
|
||||
// .build();
|
||||
// }
|
||||
}
|
||||
|
||||
@ -1,21 +0,0 @@
|
||||
package com.example.demo.exception;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
@Component
|
||||
public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint {
|
||||
@Override
|
||||
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
|
||||
response.setStatus(HttpStatus.UNAUTHORIZED.value());
|
||||
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "Bearer error=\"invalid_token\", error_description=\"" + authException.getMessage() + "\"");
|
||||
response.getWriter().write("Unauthorized: " + authException.getMessage());
|
||||
}
|
||||
}
|
||||
@ -2,6 +2,7 @@ package com.example.demo.pojo;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonProcessingException;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import lombok.Getter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.MethodParameter;
|
||||
import org.springframework.http.MediaType;
|
||||
@ -11,6 +12,7 @@ import org.springframework.http.server.ServerHttpResponse;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
|
||||
|
||||
@Getter
|
||||
@RestControllerAdvice
|
||||
public class ResponseAdvice implements ResponseBodyAdvice<Object> {
|
||||
private final ObjectMapper objectMapper;
|
||||
@ -22,27 +24,19 @@ public class ResponseAdvice implements ResponseBodyAdvice<Object> {
|
||||
|
||||
@Override
|
||||
public boolean supports(MethodParameter returnType, Class<? extends HttpMessageConverter<?>> converterType) {
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object beforeBodyWrite(Object body, MethodParameter returnType, MediaType selectedContentType, Class<? extends HttpMessageConverter<?>> selectedConverterType, ServerHttpRequest request, ServerHttpResponse response) {
|
||||
try {
|
||||
if (body instanceof String) {
|
||||
return objectMapper.writeValueAsString(ResponseMessage.success(body));
|
||||
return body;
|
||||
// return objectMapper.writeValueAsString(ResponseMessage.success(body));
|
||||
}
|
||||
if (body instanceof ResponseMessage) {
|
||||
return body;
|
||||
}
|
||||
return ResponseMessage.success(body);
|
||||
} catch (JsonProcessingException e) {
|
||||
// 如果序列化失败,直接返回原始的 body
|
||||
return body;
|
||||
}
|
||||
}
|
||||
|
||||
public ObjectMapper getObjectMapper() {
|
||||
return objectMapper;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -18,13 +18,6 @@ spring:
|
||||
flyway:
|
||||
baseline-on-migrate: false # 阻止启动时执行 flyway
|
||||
locations: classpath:migrations
|
||||
doc:
|
||||
api-docs:
|
||||
enabled: true
|
||||
path: /v3/api-docs
|
||||
swagger-ui:
|
||||
enabled: true
|
||||
path: /swagger
|
||||
shell:
|
||||
interactive:
|
||||
enabled: false
|
||||
@ -38,4 +31,16 @@ spring:
|
||||
time-zone: PRC
|
||||
server:
|
||||
port: 8088
|
||||
|
||||
springdoc:
|
||||
swagger-ui:
|
||||
# swagger-ui地址
|
||||
path: /swagger/index.html
|
||||
enabled: true
|
||||
# 配置本地访问页面(注释)
|
||||
config-url: /swagger/api-docs/swagger-config
|
||||
# 取消默认Swagger访问页面
|
||||
disable-swagger-default-url: true
|
||||
# 修复Failed to load remote configuration.
|
||||
url: /swagger/api-docs
|
||||
api-docs:
|
||||
path: /swagger/api-docs
|
||||
Loading…
Reference in New Issue
Block a user