修改积木报表相关访问配置
parent
5b1e6c0d91
commit
d00a88a75d
|
@ -37,34 +37,13 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
private final OAuth2TokenApi oauth2TokenApi;
|
private final OAuth2TokenApi oauth2TokenApi;
|
||||||
|
|
||||||
/**
|
|
||||||
* 积木报表内部请求获取token
|
|
||||||
*
|
|
||||||
* @param request
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private static String getToken(HttpServletRequest request) {
|
|
||||||
String token = request.getParameter("token");
|
|
||||||
if (token == null) {
|
|
||||||
token = request.getHeader("X-Access-Token");
|
|
||||||
}
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@SuppressWarnings("NullableProblems")
|
@SuppressWarnings("NullableProblems")
|
||||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||||
throws ServletException, IOException {
|
throws ServletException, IOException {
|
||||||
String token;
|
String token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
|
||||||
Integer userType;
|
|
||||||
if (request.getRequestURI().startsWith("/jmreport/")) {
|
|
||||||
token = getToken(request);
|
|
||||||
userType = 2;
|
|
||||||
} else {
|
|
||||||
token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
|
|
||||||
userType = WebFrameworkUtils.getLoginUserType(request);
|
|
||||||
}
|
|
||||||
if (StrUtil.isNotEmpty(token)) {
|
if (StrUtil.isNotEmpty(token)) {
|
||||||
|
Integer userType = WebFrameworkUtils.getLoginUserType(request);
|
||||||
try {
|
try {
|
||||||
// 1.1 基于 token 构建登录用户
|
// 1.1 基于 token 构建登录用户
|
||||||
LoginUser loginUser = buildLoginUserByToken(token, userType);
|
LoginUser loginUser = buildLoginUserByToken(token, userType);
|
||||||
|
@ -109,7 +88,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 模拟登录用户,方便日常开发调试
|
* 模拟登录用户,方便日常开发调试
|
||||||
* <p>
|
*
|
||||||
* 注意,在线上环境下,一定要关闭该功能!!!
|
* 注意,在线上环境下,一定要关闭该功能!!!
|
||||||
*
|
*
|
||||||
* @param request 请求
|
* @param request 请求
|
||||||
|
|
|
@ -24,20 +24,6 @@ public class SecurityFrameworkUtils {
|
||||||
|
|
||||||
private SecurityFrameworkUtils() {}
|
private SecurityFrameworkUtils() {}
|
||||||
|
|
||||||
/**
|
|
||||||
* 积木报表内部请求获取token
|
|
||||||
*
|
|
||||||
* @param request
|
|
||||||
* @return
|
|
||||||
*/
|
|
||||||
private static String getToken(HttpServletRequest request) {
|
|
||||||
String token = request.getParameter("token");
|
|
||||||
if (token == null) {
|
|
||||||
token = request.getHeader("X-Access-Token");
|
|
||||||
}
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 从请求中,获得认证 Token
|
* 从请求中,获得认证 Token
|
||||||
*
|
*
|
||||||
|
@ -46,9 +32,6 @@ public class SecurityFrameworkUtils {
|
||||||
* @return 认证 Token
|
* @return 认证 Token
|
||||||
*/
|
*/
|
||||||
public static String obtainAuthorization(HttpServletRequest request, String header) {
|
public static String obtainAuthorization(HttpServletRequest request, String header) {
|
||||||
if (request.getRequestURI().startsWith("/jmreport/")) {
|
|
||||||
return getToken(request);
|
|
||||||
}
|
|
||||||
String authorization = request.getHeader(header);
|
String authorization = request.getHeader(header);
|
||||||
if (!StringUtils.hasText(authorization)) {
|
if (!StringUtils.hasText(authorization)) {
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -27,6 +27,8 @@ public class SecurityConfiguration {
|
||||||
.antMatchers("/swagger-resources/**").anonymous()
|
.antMatchers("/swagger-resources/**").anonymous()
|
||||||
.antMatchers("/webjars/**").anonymous()
|
.antMatchers("/webjars/**").anonymous()
|
||||||
.antMatchers("/*/api-docs").anonymous();
|
.antMatchers("/*/api-docs").anonymous();
|
||||||
|
//积木报表
|
||||||
|
registry.antMatchers("/jmreport/**").permitAll();
|
||||||
// Spring Boot Actuator 的安全配置
|
// Spring Boot Actuator 的安全配置
|
||||||
registry.antMatchers("/actuator").anonymous()
|
registry.antMatchers("/actuator").anonymous()
|
||||||
.antMatchers("/actuator/**").anonymous();
|
.antMatchers("/actuator/**").anonymous();
|
||||||
|
|
|
@ -23,6 +23,12 @@
|
||||||
<version>${revision}</version>
|
<version>${revision}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>cn.iocoder.boot</groupId>
|
||||||
|
<artifactId>yudao-module-system-biz</artifactId>
|
||||||
|
<version>${revision}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- 业务组件 -->
|
<!-- 业务组件 -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>cn.iocoder.boot</groupId>
|
<groupId>cn.iocoder.boot</groupId>
|
||||||
|
@ -57,5 +63,6 @@
|
||||||
<groupId>org.jeecgframework.jimureport</groupId>
|
<groupId>org.jeecgframework.jimureport</groupId>
|
||||||
<artifactId>jimureport-spring-boot-starter</artifactId>
|
<artifactId>jimureport-spring-boot-starter</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</project>
|
</project>
|
|
@ -0,0 +1,44 @@
|
||||||
|
package cn.iocoder.yudao.module.visualization.config;
|
||||||
|
|
||||||
|
import cn.hutool.core.util.StrUtil;
|
||||||
|
import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
|
||||||
|
import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenCheckRespDTO;
|
||||||
|
import cn.iocoder.yudao.module.system.dal.dataobject.user.AdminUserDO;
|
||||||
|
import cn.iocoder.yudao.module.system.service.user.AdminUserService;
|
||||||
|
import org.jeecg.modules.jmreport.api.JmReportTokenServiceI;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
@Component
|
||||||
|
public class JimuReportTokenService implements JmReportTokenServiceI {
|
||||||
|
@Autowired
|
||||||
|
private OAuth2TokenApi oauth2TokenApi;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AdminUserService adminUserService;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getUsername(String token) {
|
||||||
|
if (StrUtil.isNotEmpty(token)) {
|
||||||
|
OAuth2AccessTokenCheckRespDTO accessToken = oauth2TokenApi.checkAccessToken(token);
|
||||||
|
if (accessToken != null) {
|
||||||
|
Long userId = accessToken.getUserId();
|
||||||
|
System.out.println(userId);
|
||||||
|
AdminUserDO user = adminUserService.getUser(userId);
|
||||||
|
if (user != null) {
|
||||||
|
return user.getUsername();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Boolean verifyToken(String token) {
|
||||||
|
if (StrUtil.isNotEmpty(token)) {
|
||||||
|
OAuth2AccessTokenCheckRespDTO accessToken = oauth2TokenApi.checkAccessToken(token);
|
||||||
|
return accessToken != null;
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,26 +0,0 @@
|
||||||
package cn.iocoder.yudao.module.visualization.framework.security.config;
|
|
||||||
|
|
||||||
import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
|
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.http.HttpMethod;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* visualization 模块的 Security 配置
|
|
||||||
*/
|
|
||||||
@Configuration("visualizationSecurityConfiguration")
|
|
||||||
public class SecurityConfiguration {
|
|
||||||
|
|
||||||
@Bean("visualizationAuthorizeRequestsCustomizer")
|
|
||||||
public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
|
|
||||||
return new AuthorizeRequestsCustomizer() {
|
|
||||||
@Override
|
|
||||||
public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
|
|
||||||
registry.antMatchers(HttpMethod.GET, "/jmreport/**").permitAll();
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -69,7 +69,6 @@ yudao:
|
||||||
security:
|
security:
|
||||||
permit-all_urls:
|
permit-all_urls:
|
||||||
- /admin-ui/** # /resources/admin-ui 目录下的静态资源
|
- /admin-ui/** # /resources/admin-ui 目录下的静态资源
|
||||||
- /jmreport/**
|
|
||||||
swagger:
|
swagger:
|
||||||
title: 管理后台
|
title: 管理后台
|
||||||
description: 提供管理员管理的所有功能
|
description: 提供管理员管理的所有功能
|
||||||
|
|
Loading…
Reference in New Issue