From 88b9b129981071b7026c8f41a54643f34f2aec4a Mon Sep 17 00:00:00 2001 From: kezhijie Date: Tue, 25 Jun 2024 17:32:57 +0800 Subject: [PATCH 1/2] =?UTF-8?q?sas=E5=AE=9E=E7=8E=B0=E5=85=8D=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=B3=A8=E8=A7=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../shiro/ignore/IgnoreAuthPostProcessor.java | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java index fdfe6c3b..3af79601 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java @@ -7,10 +7,15 @@ import org.springframework.aop.framework.Advised; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationListener; import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.security.web.DefaultSecurityFilterChain; +import org.springframework.security.web.FilterChainProxy; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.stereotype.Component; import org.springframework.util.CollectionUtils; import org.springframework.web.bind.annotation.*; +import java.lang.reflect.Field; import java.lang.reflect.Method; import java.util.*; @@ -45,6 +50,9 @@ public class IgnoreAuthPostProcessor implements ApplicationListener urls){ + FilterChainProxy obj = applicationContext.getBean(FilterChainProxy.class); + if (Objects.isNull(obj)) { + return; + } + List filterChains = (List) getProperty(obj,"filterChains"); + + if (!CollectionUtils.isEmpty(filterChains)) { + for (String url : urls) { + filterChains.add(0, new DefaultSecurityFilterChain(new AntPathRequestMatcher(url, null))); + } + } + } + + private Object getProperty(Object obj, String fieldName) { + try { + Field field = obj.getClass().getDeclaredField(fieldName); + field.setAccessible(true); + return field.get(obj); + } catch (Exception e) { + return null; + } + } } From 383cbf250f00515159c9728605800802ab11c7d2 Mon Sep 17 00:00:00 2001 From: kezhijie Date: Thu, 27 Jun 2024 18:09:54 +0800 Subject: [PATCH 2/2] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dredis=E5=8F=8D=E5=BA=8F?= =?UTF-8?q?=E5=88=97=E5=8C=96=E6=97=B6=E9=97=B4=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/JeecgRedisOAuth2AuthorizationService.java | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java index d46ab3ce..4d94106d 100644 --- a/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java +++ b/jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/JeecgRedisOAuth2AuthorizationService.java @@ -43,7 +43,7 @@ public class JeecgRedisOAuth2AuthorizationService implements OAuth2Authorization if (isState(authorization)) { String token = authorization.getAttribute("state"); - redisTemplate.setValueSerializer(RedisSerializer.java()); +// redisTemplate.setValueSerializer(RedisSerializer.java()); redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.STATE, token), authorization, TIMEOUT, TimeUnit.MINUTES); } @@ -54,7 +54,7 @@ public class JeecgRedisOAuth2AuthorizationService implements OAuth2Authorization OAuth2AuthorizationCode authorizationCodeToken = authorizationCode.getToken(); long between = ChronoUnit.MINUTES.between(authorizationCodeToken.getIssuedAt(), authorizationCodeToken.getExpiresAt()); - redisTemplate.setValueSerializer(RedisSerializer.java()); +// redisTemplate.setValueSerializer(RedisSerializer.java()); redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.CODE, authorizationCodeToken.getTokenValue()), authorization, between, TimeUnit.MINUTES); } @@ -62,7 +62,7 @@ public class JeecgRedisOAuth2AuthorizationService implements OAuth2Authorization if (isRefreshToken(authorization)) { OAuth2RefreshToken refreshToken = authorization.getRefreshToken().getToken(); long between = ChronoUnit.SECONDS.between(refreshToken.getIssuedAt(), refreshToken.getExpiresAt()); - redisTemplate.setValueSerializer(RedisSerializer.java()); +// redisTemplate.setValueSerializer(RedisSerializer.java()); redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.REFRESH_TOKEN, refreshToken.getTokenValue()), authorization, between, TimeUnit.SECONDS); } @@ -70,7 +70,7 @@ public class JeecgRedisOAuth2AuthorizationService implements OAuth2Authorization if (isAccessToken(authorization)) { OAuth2AccessToken accessToken = authorization.getAccessToken().getToken(); long between = ChronoUnit.SECONDS.between(accessToken.getIssuedAt(), accessToken.getExpiresAt()); - redisTemplate.setValueSerializer(RedisSerializer.java()); +// redisTemplate.setValueSerializer(RedisSerializer.java()); redisTemplate.opsForValue().set(buildKey(OAuth2ParameterNames.ACCESS_TOKEN, accessToken.getTokenValue()), authorization, between, TimeUnit.SECONDS); @@ -125,7 +125,7 @@ public class JeecgRedisOAuth2AuthorizationService implements OAuth2Authorization public OAuth2Authorization findByToken(String token, @Nullable OAuth2TokenType tokenType) { Assert.hasText(token, "token cannot be empty"); Assert.notNull(tokenType, "tokenType cannot be empty"); - redisTemplate.setValueSerializer(RedisSerializer.java()); +// redisTemplate.setValueSerializer(RedisSerializer.java()); return (OAuth2Authorization) redisTemplate.opsForValue().get(buildKey(tokenType.getValue(), token)); }