@Setter
@Getter
public class PermitProperties {
/**
* 监控中心和swagger需要访问的url
*/
private static final String[] ENDPOINTS = {
"/oauth/**",
"/actuator/**",
"/*/v2/api-docs",
"/swagger/api-docs",
"/swagger-ui.html",
"/doc.html",
"/swagger-resources/**",
"/webjars/**",
"/druid/**"
};
/**
* 设置不用认证的url
*/
private String[] httpUrls = {};
public String[] getUrls() {
if (httpUrls == null || httpUrls.length == 0) {
return ENDPOINTS;
}
List<String> list = new ArrayList<>();
for (String url : ENDPOINTS) {
list.add(url);
}
for (String url : httpUrls) {
list.add(url);
}
return list.toArray(new String[list.size()]);
}
}
再配置一个总的security properties:
@Setter
@Getter
@ConfigurationProperties(prefix = "zlt.security")
@RefreshScope
public class SecurityProperties {
private PermitProperties ignore = new PermitProperties();
private ValidateCodeProperties code = new ValidateCodeProperties();
}
自定义一个ServerWebExchangeMatcher类:
public class CustomServerWebExchangeMatchers implements ServerWebExchangeMatcher {
private final SecurityProperties securityProperties;
private final AntPathMatcher antPathMatcher = new AntPathMatcher();
public CustomServerWebExchangeMatchers(SecurityProperties securityProperties) {
this.securityProperties = securityProperties;
}
@Override
public Mono<MatchResult> matches(ServerWebExchange exchange) {
for (String url : securityProperties.getIgnore().getUrls()) {
if (antPathMatcher.match(url, exchange.getRequest().getURI().getPath())) {
return MatchResult.notMatch();
}
}
return MatchResult.match();
}
}
因篇幅问题不能全部显示,请点此查看更多更全内容