| | |
|---|
| | | /** |
|---|
| | | * Copyright (C) 2018-2020 |
|---|
| | | * All rights reserved, Designed By www.yixiang.co |
|---|
| | | * 注意: |
|---|
| | | * 本软件为www.yixiang.co开发研制 |
|---|
| | | */ |
|---|
| | | package com.sandu.common.security.config; |
|---|
| | | |
|---|
| | | import com.sandu.common.security.JwtAccessDeniedHandler; |
|---|
| | | import com.sandu.common.security.JwtAuthenticationEntryPoint; |
|---|
| | | import com.sandu.common.security.TokenFilter; |
|---|
| | | import com.sandu.common.security.annotation.AnonymousAccess; |
|---|
| | | import com.sandu.common.security.jwt.JwtTokenProvider; |
|---|
| | | import com.sandu.common.security.token.TokenProvider; |
|---|
| | | import lombok.AllArgsConstructor; |
|---|
| | | import org.springframework.context.ApplicationContext; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | |
|---|
| | | @Configuration |
|---|
| | | @EnableGlobalMethodSecurity(prePostEnabled = true) |
|---|
| | | @EnableWebSecurity |
|---|
| | | @AllArgsConstructor |
|---|
| | | public class SecurityConfig extends WebSecurityConfigurerAdapter { |
|---|
| | | |
|---|
| | | private final JwtTokenProvider tokenProvider; |
|---|
| | | private final TokenProvider tokenProvider; |
|---|
| | | private final CorsFilter corsFilter; |
|---|
| | | private final SecurityProperties properties; |
|---|
| | | private final JwtAuthenticationEntryPoint authenticationErrorHandler; |
|---|
| | | private final JwtAccessDeniedHandler jwtAccessDeniedHandler; |
|---|
| | | private final ApplicationContext applicationContext; |
|---|
| | | |
|---|
| | | public SecurityConfig(JwtTokenProvider tokenProvider, CorsFilter corsFilter, |
|---|
| | | JwtAuthenticationEntryPoint authenticationErrorHandler, |
|---|
| | | JwtAccessDeniedHandler jwtAccessDeniedHandler, |
|---|
| | | ApplicationContext applicationContext) { |
|---|
| | | this.tokenProvider = tokenProvider; |
|---|
| | | this.corsFilter = corsFilter; |
|---|
| | | this.authenticationErrorHandler = authenticationErrorHandler; |
|---|
| | | this.jwtAccessDeniedHandler = jwtAccessDeniedHandler; |
|---|
| | | this.applicationContext = applicationContext; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | @Bean |
|---|
| | | GrantedAuthorityDefaults grantedAuthorityDefaults() { |
|---|
| | |
|---|
| | | .antMatchers("/webjars/**").permitAll() |
|---|
| | | .antMatchers("/*/api-docs").permitAll() |
|---|
| | | .antMatchers("/v2/api-docs-ext").permitAll() |
|---|
| | | .antMatchers("/serv/vnnox/screenshot").permitAll() |
|---|
| | | .antMatchers("/serv/vnnox/progress").permitAll() |
|---|
| | | //.antMatchers("/api/wxmp/**").permitAll() |
|---|
| | | |
|---|
| | | // 文件 |
|---|
| | |
|---|
| | | |
|---|
| | | @Bean |
|---|
| | | public TokenFilter jwtAuthenticationTokenFilter() { |
|---|
| | | TokenFilter customFilter = new TokenFilter(tokenProvider); |
|---|
| | | return customFilter; |
|---|
| | | return new TokenFilter(tokenProvider, properties); |
|---|
| | | } |
|---|
| | | } |
|---|
