Skip to content

yangxiujun / paidan_demo

Go to a project
Commit 137699f2 by chamberone
Options

feat: 测试网关block问题

1 parent e9cd3989
Inline Side-by-side
Showing with 8 additions and 3 deletions
project-gateway/src/main/java/com/dituhui/pea/gateway/config/AuthFilter.java
...@@ -9,6 +9,9 @@ import org.springframework.cloud.gateway.filter.GlobalFilter; ...@@ -9,6 +9,9 @@ import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered; import org.springframework.core.Ordered;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.ServerWebExchange;
...@@ -44,14 +47,14 @@ public class AuthFilter implements GlobalFilter, Ordered { ...@@ -44,14 +47,14 @@ public class AuthFilter implements GlobalFilter, Ordered {
// 下面的代码从Http Header的Authorization中获取token,也可以从其他header,cookie等中获取,看客户端怎么传递token // 下面的代码从Http Header的Authorization中获取token,也可以从其他header,cookie等中获取,看客户端怎么传递token
HttpHeaders headers = exchange.getRequest().getHeaders(); HttpHeaders headers = exchange.getRequest().getHeaders();
String requestHeader = headers.getFirst("Authorization"); String authHeader = headers.getFirst(HttpHeaders.AUTHORIZATION);
// W3C的HTTP1.0规范: Authorization : <type> <authorization-parameters> // W3C的HTTP1.0规范: Authorization : <type> <authorization-parameters>
// Basic用于http-basic 认证; // Basic用于http-basic 认证;
// Bearer 常见于OAuth和JWT授权; // Bearer 常见于OAuth和JWT授权;
// AwS4-HMAC - SHA256 AwS授权 // AwS4-HMAC - SHA256 AwS授权
String authToken = null; String authToken = null;
if (requestHeader != null && requestHeader.startsWith("Bearer ")) { if (authHeader != null && authHeader.startsWith("Bearer ")) {
authToken = requestHeader.substring(7); authToken = authHeader.substring(7);
} }
if (StringUtils.isEmpty(authToken)) { if (StringUtils.isEmpty(authToken)) {
authToken = exchange.getRequest().getQueryParams().getFirst("token"); authToken = exchange.getRequest().getQueryParams().getFirst("token");
...@@ -78,6 +81,8 @@ public class AuthFilter implements GlobalFilter, Ordered { ...@@ -78,6 +81,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
// builder.header("userId", userDTO.getId()); // builder.header("userId", userDTO.getId());
// // 向下游传递 // // 向下游传递
// return chain.filter(exchange.mutate().request(builder.build()).build()); // return chain.filter(exchange.mutate().request(builder.build()).build());
Authentication authentication = new UsernamePasswordAuthenticationToken(userDTO.getAccount(), null, null);
SecurityContextHolder.getContext().setAuthentication(authentication);
} }
return chain.filter(exchange); return chain.filter(exchange);
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!