Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
zhangjian1949
microservices-platform
提交
f05bb874
microservices-platform
项目概览
zhangjian1949
/
microservices-platform
与 Fork 源项目一致
Fork自
zlt2000 / microservices-platform
通知
6
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
microservices-platform
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
f05bb874
编写于
11月 19, 2019
作者:
zlt2000
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
优化网关认证信息传递逻辑,适配oauth2的客户端模式
上级
0ed68b9f
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
21 addition
and
15 deletion
+21
-15
zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java
...va/com/central/gateway/auth/Oauth2AuthSuccessHandler.java
+13
-7
zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java
.../com/central/gateway/filter/pre/UserInfoHeaderFilter.java
+8
-8
未找到文件。
zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java
浏览文件 @
f05bb874
...
...
@@ -8,6 +8,8 @@ import org.springframework.security.core.Authentication;
import
org.springframework.security.oauth2.provider.OAuth2Authentication
;
import
org.springframework.security.web.server.WebFilterExchange
;
import
org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler
;
import
org.springframework.util.LinkedMultiValueMap
;
import
org.springframework.util.MultiValueMap
;
import
org.springframework.web.server.ServerWebExchange
;
import
reactor.core.publisher.Mono
;
...
...
@@ -23,19 +25,23 @@ import reactor.core.publisher.Mono;
public
class
Oauth2AuthSuccessHandler
implements
ServerAuthenticationSuccessHandler
{
@Override
public
Mono
<
Void
>
onAuthenticationSuccess
(
WebFilterExchange
webFilterExchange
,
Authentication
authentication
)
{
SysUser
user
=
(
SysUser
)
authentication
.
getPrincipal
();
Long
userId
=
user
.
getId
();
String
username
=
user
.
getUsername
();
MultiValueMap
<
String
,
String
>
headerValues
=
new
LinkedMultiValueMap
(
4
);
Object
principal
=
authentication
.
getPrincipal
();
//客户端模式只返回一个clientId
if
(
principal
instanceof
SysUser
)
{
SysUser
user
=
(
SysUser
)
authentication
.
getPrincipal
();
headerValues
.
add
(
SecurityConstants
.
USER_ID_HEADER
,
String
.
valueOf
(
user
.
getId
()));
headerValues
.
add
(
SecurityConstants
.
USER_HEADER
,
user
.
getUsername
());
}
OAuth2Authentication
oauth2Authentication
=
(
OAuth2Authentication
)
authentication
;
String
clientId
=
oauth2Authentication
.
getOAuth2Request
().
getClientId
();
headerValues
.
add
(
SecurityConstants
.
TENANT_HEADER
,
clientId
);
headerValues
.
add
(
SecurityConstants
.
ROLE_HEADER
,
CollectionUtil
.
join
(
authentication
.
getAuthorities
(),
","
));
ServerWebExchange
exchange
=
webFilterExchange
.
getExchange
();
ServerHttpRequest
serverHttpRequest
=
exchange
.
getRequest
().
mutate
()
.
headers
(
h
->
{
h
.
add
(
SecurityConstants
.
USER_ID_HEADER
,
String
.
valueOf
(
userId
));
h
.
add
(
SecurityConstants
.
USER_HEADER
,
username
);
h
.
add
(
SecurityConstants
.
TENANT_HEADER
,
clientId
);
h
.
add
(
SecurityConstants
.
ROLE_HEADER
,
CollectionUtil
.
join
(
authentication
.
getAuthorities
(),
","
));
h
.
addAll
(
headerValues
);
})
.
build
();
...
...
zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java
浏览文件 @
f05bb874
...
...
@@ -41,16 +41,16 @@ public class UserInfoHeaderFilter extends ZuulFilter {
public
Object
run
()
{
Authentication
authentication
=
SecurityContextHolder
.
getContext
().
getAuthentication
();
if
(
authentication
!=
null
&&
!(
authentication
instanceof
AnonymousAuthenticationToken
))
{
SysUser
user
=
(
SysUser
)
authentication
.
getPrincipal
();
Long
userId
=
user
.
getId
();
String
username
=
user
.
getUsername
();
Object
principal
=
authentication
.
getPrincipal
();
RequestContext
ctx
=
RequestContext
.
getCurrentContext
();
//客户端模式只返回一个clientId
if
(
principal
instanceof
SysUser
)
{
SysUser
user
=
(
SysUser
)
authentication
.
getPrincipal
();
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
USER_ID_HEADER
,
String
.
valueOf
(
user
.
getId
()));
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
USER_HEADER
,
user
.
getUsername
());
}
OAuth2Authentication
oauth2Authentication
=
(
OAuth2Authentication
)
authentication
;
String
clientId
=
oauth2Authentication
.
getOAuth2Request
().
getClientId
();
RequestContext
ctx
=
RequestContext
.
getCurrentContext
();
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
USER_ID_HEADER
,
String
.
valueOf
(
userId
));
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
USER_HEADER
,
username
);
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
TENANT_HEADER
,
clientId
);
ctx
.
addZuulRequestHeader
(
SecurityConstants
.
ROLE_HEADER
,
CollectionUtil
.
join
(
authentication
.
getAuthorities
(),
","
));
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录