75 lines
3.0 KiB
Java
75 lines
3.0 KiB
Java
|
package com.cf.file.api.config;
|
|||
|
|
|||
|
import org.springframework.context.annotation.Bean;
|
|||
|
import org.springframework.context.annotation.Configuration;
|
|||
|
import org.springframework.core.io.ClassPathResource;
|
|||
|
import org.springframework.core.io.Resource;
|
|||
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
|||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
|||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
|||
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
|||
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
|||
|
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
|||
|
|
|||
|
import java.io.BufferedReader;
|
|||
|
import java.io.IOException;
|
|||
|
import java.io.InputStreamReader;
|
|||
|
import java.util.stream.Collectors;
|
|||
|
|
|||
|
/**
|
|||
|
* @author Administrator
|
|||
|
* @version 1.0
|
|||
|
**/
|
|||
|
@Configuration
|
|||
|
@EnableResourceServer
|
|||
|
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)//激活方法上的PreAuthorize注解
|
|||
|
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
|||
|
|
|||
|
//公钥
|
|||
|
private static final String PUBLIC_KEY = "publickey.txt";
|
|||
|
|
|||
|
//定义JwtTokenStore,使用jwt令牌
|
|||
|
@Bean
|
|||
|
public TokenStore tokenStore(JwtAccessTokenConverter jwtAccessTokenConverter) {
|
|||
|
return new JwtTokenStore(jwtAccessTokenConverter);
|
|||
|
}
|
|||
|
|
|||
|
//定义JJwtAccessTokenConverter,使用jwt令牌
|
|||
|
@Bean
|
|||
|
public JwtAccessTokenConverter jwtAccessTokenConverter() {
|
|||
|
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
|||
|
converter.setVerifierKey(getPubKey());
|
|||
|
return converter;
|
|||
|
}
|
|||
|
/**
|
|||
|
* 获取非对称加密公钥 Key
|
|||
|
* @return 公钥 Key
|
|||
|
*/
|
|||
|
private String getPubKey() {
|
|||
|
Resource resource = new ClassPathResource(PUBLIC_KEY);
|
|||
|
try {
|
|||
|
InputStreamReader inputStreamReader = new InputStreamReader(resource.getInputStream());
|
|||
|
BufferedReader br = new BufferedReader(inputStreamReader);
|
|||
|
return br.lines().collect(Collectors.joining("\n"));
|
|||
|
} catch (IOException ioe) {
|
|||
|
return null;
|
|||
|
}
|
|||
|
}
|
|||
|
//Http安全配置,对每个到达系统的http请求链接进行校验
|
|||
|
@Override
|
|||
|
public void configure(HttpSecurity http) throws Exception {
|
|||
|
//所有请求必须认证通过
|
|||
|
http.authorizeRequests()
|
|||
|
//下边的路径放行
|
|||
|
.antMatchers("/v2/api-docs", "/swagger-resources/configuration/ui",
|
|||
|
"/swagger-resources","/swagger-resources/configuration/security",
|
|||
|
"/swagger-ui.html", "/webjars/**", "/file/upload").permitAll()
|
|||
|
.anyRequest().authenticated().and()
|
|||
|
.cors()
|
|||
|
.and()
|
|||
|
.csrf().disable()
|
|||
|
;
|
|||
|
}
|
|||
|
}
|