• Search by APIs
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

• Auth-service-master
  • src
    • main
      • resources
        • application.yml
        • db
          • V1.0__Base_version.sql
        • mybatis
          • config.xml
          • mapper
            • ClientSecretMapper.xml
            • RolePermissionMapper.xml
            • PermissionMapper.xml
            • UserRoleMapper.xml
            • UserAccessMapper.xml
            • RoleMapper.xml
        • bootstrap.yml
        • conf
          • generatorConfig.xml
      • java
        • com
          • blueskykong
            • auth
              • security
                • CustomAuthorizationTokenServices.java
                • CustomAuthenticationProvider.java
                • CustomTokenEnhancer.java
                • CustomCheckPermission.java
                • CustomRedisTokenStore.java
                • CustomAuthenticationToken.java
                • CodeAuthenticationProvider.java
                • CustomUserDetails.java
                • filter
                  • CustomSecurityFilter.java
                  • SecurityAccessDecisionManager.java
                  • CustomLogoutHandler.java
                  • SecureResourceFilterInvocationDefinitionSource.java
              • dto
                • ApiClientDTO.java
                • RolePermissionDTO.java
                • UserRoleDTO.java
                • DefaultRoles.java
                • DefaultRole.java
              • dao
                • impl
                  • MybatisPermissionDAO.java
                  • MybatisClientSecretDAO.java
                  • MybatisURoleDAO.java
                  • MybatisRoleDAO.java
                  • MybatisUserAccessDAO.java
                  • MybatisRolePermissionDAO.java
                • typehandler
                  • UuidTypeHandler.java
                • RolePermissionDAO.java
                • ClientSecretDAO.java
                • RoleDAO.java
                • UserAccessDAO.java
                • PermissionDAO.java
                • UserRoleDAO.java
                • mapper
                  • RoleMapper.java
                  • PermissionMapper.java
                  • UserAccessMapper.java
                  • ClientSecretMapper.java
                  • RolePermissionMapper.java
                  • UserRoleMapper.java
              • utils
                • JsonUtil.java
                • TimestampAdapter.java
              • entity
                • RolePermission.java
                • UserRole.java
                • ClientSecret.java
                • Role.java
                • Permission.java
                • ClientSecretStatus.java
                • UserAccess.java
                • BaseEntity.java
              • properties
                • RedisProperties.java
              • config
                • ServiceConfig.java
                • JerseyConfig.java
                • oauth
                  • ResourceServerConfig.java
                  • OAuth2Config.java
                  • WebSecurityConfig.java
              • service
                • ClientSecretService.java
                • SecurityService.java
              • exception
                • GenericErrorCodes.java
                • CustomWebResponseExceptionTranslator.java
                • AbstractException.java
                • ErrorCodes.java
                • ErrorCode.java
              • AuthApplication.java
              • rest
                • ClientSecretResource.java
                • UserRoleResource.java
                • SecurityResource.java
    • test
      • resources
        • application-test.yml
      • java
        • com
          • blueskykong
            • auth
              • config
                • CustomContextInitializer.java
                • BaseServiceTest.java
                • TestJdbcConfig.java
              • AuthApplicationTest.java
  • pom.xml
  • LICENSE
  • .travis.yml
  • README.md
  • .gitignore
  • docker-compose.yml

package com.blueskykong.auth.security.filter;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

import java.util.*;

/**
 * @author keets
 */
@Component
public class SecureResourceFilterInvocationDefinitionSource implements FilterInvocationSecurityMetadataSource, InitializingBean {
    private Logger logger = LoggerFactory.getLogger(SecureResourceFilterInvocationDefinitionSource.class);

    private PathMatcher matcher;

    private static Map<String, Collection<ConfigAttribute>> map = new HashMap<>();

    @Override
    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
        logger.info("getAttributes");
        //应该做instanceof
        FilterInvocation filterInvocation = (FilterInvocation) o;
        //String method = filterInvocation.getHttpRequest().getMethod();
        String requestURI = filterInvocation.getRequestUrl();
        //循环资源路径，当访问的Url和资源路径url匹配时，返回该Url所需要的权限
        for (Iterator<Map.Entry<String, Collection<ConfigAttribute>>> iter = map.entrySet().iterator(); iter.hasNext(); ) {
            Map.Entry<String, Collection<ConfigAttribute>> entry = iter.next();
            String url = entry.getKey();

            if (matcher.match(url, requestURI)) {
                return map.get(requestURI);
            }
        }
        return null;
    }

    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }

    @Override
    public void afterPropertiesSet() throws Exception {
        logger.info("afterPropertiesSet");
        //用来匹配访问资源路径
        this.matcher = new AntPathMatcher();
        //可以有多个权限
        Collection<ConfigAttribute> atts = new ArrayList<>();
        ConfigAttribute c1 = new SecurityConfig("ROLE_USER");
        atts.add(c1);
        map.put("/api/permission/apiPermissions", atts);
    }
}