blade-tool/blade-core-secure/src/main/java/org/springblade/core/secure/config/SecureConfiguration.java

/**
 * Copyright (c) 2018-2028, Chill Zhuang 庄骞 (smallchill@163.com).
 * <p>
 * Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0;
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * <p>
 * http://www.gnu.org/licenses/lgpl.html
 * <p>
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springblade.core.secure.config;


import lombok.AllArgsConstructor;
import org.springblade.core.secure.aspect.AuthAspect;
import org.springblade.core.secure.interceptor.ClientInterceptor;
import org.springblade.core.secure.interceptor.SecureInterceptor;
import org.springblade.core.secure.props.BladeSecureProperties;
import org.springblade.core.secure.provider.ClientDetailsServiceImpl;
import org.springblade.core.secure.provider.IClientDetailsService;
import org.springblade.core.secure.registry.SecureRegistry;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * 安全配置类
 *
 * @author Chill
 */
@Order
@AutoConfiguration
@AllArgsConstructor
@EnableConfigurationProperties({BladeSecureProperties.class})
public class SecureConfiguration implements WebMvcConfigurer {

	private final SecureRegistry secureRegistry;

	private final BladeSecureProperties secureProperties;

	private final JdbcTemplate jdbcTemplate;

	@Override
	public void addInterceptors(InterceptorRegistry registry) {
		secureProperties.getClient().forEach(cs -> registry.addInterceptor(new ClientInterceptor(cs.getClientId())).addPathPatterns(cs.getPathPatterns()));

		if (secureRegistry.isEnabled()) {
			registry.addInterceptor(new SecureInterceptor())
				.excludePathPatterns(secureRegistry.getExcludePatterns())
				.excludePathPatterns(secureRegistry.getDefaultExcludePatterns())
				.excludePathPatterns(secureProperties.getSkipUrl());
		}
	}

	@Bean
	public AuthAspect authAspect() {
		return new AuthAspect();
	}

	@Bean
	@ConditionalOnMissingBean(IClientDetailsService.class)
	public IClientDetailsService clientDetailsService() {
		return new ClientDetailsServiceImpl(jdbcTemplate);
	}

}
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`/**`
			`* Copyright (c) 2018-2028, Chill Zhuang 庄骞 (smallchill@163.com).`
			`* <p>`
:zap: 更新license说明 2018-12-29 18:46:01 +08:00			`* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0;`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`* <p>`
			`* http://www.gnu.org/licenses/lgpl.html`
			`* <p>`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`
			`package org.springblade.core.secure.config;`


			`import lombok.AllArgsConstructor;`
			`import org.springblade.core.secure.aspect.AuthAspect;`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`import org.springblade.core.secure.interceptor.ClientInterceptor;`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`import org.springblade.core.secure.interceptor.SecureInterceptor;`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`import org.springblade.core.secure.props.BladeSecureProperties;`
			`import org.springblade.core.secure.provider.ClientDetailsServiceImpl;`
			`import org.springblade.core.secure.provider.IClientDetailsService;`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`import org.springblade.core.secure.registry.SecureRegistry;`
:tada: 3.4.0.RELEASE 升级适配springboot2.7.1 新增灰度服务功能 2022-07-12 01:58:20 +08:00			`import org.springframework.boot.autoconfigure.AutoConfiguration;`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;`
			`import org.springframework.boot.context.properties.EnableConfigurationProperties;`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`import org.springframework.context.annotation.Bean;`
			`import org.springframework.core.annotation.Order;`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`import org.springframework.jdbc.core.JdbcTemplate;`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`import org.springframework.web.servlet.config.annotation.InterceptorRegistry;`
			`import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;`

:zap: 根据P3C优化代码 2018-12-27 13:29:11 +08:00			`/**`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`* 安全配置类`
:zap: 根据P3C优化代码 2018-12-27 13:29:11 +08:00			`*`
:zap: 更新author 2018-12-29 18:43:11 +08:00			`* @author Chill`
:zap: 根据P3C优化代码 2018-12-27 13:29:11 +08:00			`*/`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`@Order`
:tada: 3.4.0.RELEASE 升级适配springboot2.7.1 新增灰度服务功能 2022-07-12 01:58:20 +08:00			`@AutoConfiguration`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`@AllArgsConstructor`
:zap: 优化secure，增加skip-url配置 2020-04-17 21:46:45 +08:00			`@EnableConfigurationProperties({BladeSecureProperties.class})`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`public class SecureConfiguration implements WebMvcConfigurer {`

			`private final SecureRegistry secureRegistry;`

:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`private final BladeSecureProperties secureProperties;`

			`private final JdbcTemplate jdbcTemplate;`

:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`@Override`
			`public void addInterceptors(InterceptorRegistry registry) {`
:zap: 优化secure，增加skip-url配置 2020-04-17 21:46:45 +08:00			`secureProperties.getClient().forEach(cs -> registry.addInterceptor(new ClientInterceptor(cs.getClientId())).addPathPatterns(cs.getPathPatterns()));`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00
:zap: enable配置关键字统一改为enabled 2020-04-17 21:09:31 +08:00			`if (secureRegistry.isEnabled()) {`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`registry.addInterceptor(new SecureInterceptor())`
			`.excludePathPatterns(secureRegistry.getExcludePatterns())`
:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`.excludePathPatterns(secureRegistry.getDefaultExcludePatterns())`
:zap: 优化secure，增加skip-url配置 2020-04-17 21:46:45 +08:00			`.excludePathPatterns(secureProperties.getSkipUrl());`
:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`}`
			`}`

			`@Bean`
			`public AuthAspect authAspect() {`
			`return new AuthAspect();`
			`}`

:tada: 2.2.0.RELEASE 2019-03-31 22:18:59 +08:00			`@Bean`
			`@ConditionalOnMissingBean(IClientDetailsService.class)`
			`public IClientDetailsService clientDetailsService() {`
			`return new ClientDetailsServiceImpl(jdbcTemplate);`
			`}`

:tada: Initial commit. 2018-12-24 11:58:45 +08:00			`}`