package com.mzl.flower.config;
|
|
import lombok.AllArgsConstructor;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.data.redis.connection.RedisConnectionFactory;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
|
|
@Configuration
|
@AllArgsConstructor
|
@EnableResourceServer
|
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
|
private final SecurityAccessDeniedHandler securityAccessDeniedHandler;
|
private final ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint;
|
|
@Autowired
|
private RedisConnectionFactory redisConnectionFactory;
|
|
@Override
|
public void configure(ResourceServerSecurityConfigurer resources) {
|
RedisTokenStore tokenStore = tokenStore();
|
resources
|
.authenticationEntryPoint(resourceAuthExceptionEntryPoint)
|
.accessDeniedHandler(securityAccessDeniedHandler)
|
.tokenStore(tokenStore)
|
.tokenExtractor(new TokenExtractor(tokenStore));
|
}
|
|
@Override
|
public void configure(HttpSecurity httpSecurity) throws Exception {
|
httpSecurity
|
.authorizeRequests()
|
.antMatchers("/api/login/**").permitAll()
|
.antMatchers("/api/wx/getuserphonenumber").permitAll()
|
.antMatchers("/api/wx/jscode2session").permitAll()
|
.antMatchers("/api/wx/getExistUserByOpenId").permitAll()
|
.antMatchers("/api/pub/**").permitAll()
|
.antMatchers("/api/advertisement/**").permitAll()
|
.antMatchers("/api/ua/**").permitAll()
|
.antMatchers("/api/code/value").permitAll()
|
.antMatchers("/api/code/multiple").permitAll()
|
.antMatchers("/api/register/**").permitAll()
|
.antMatchers("/api/refresh-token").permitAll()
|
.antMatchers("/api/sms/send/code").permitAll()
|
.antMatchers("/api/customer/flower/category/tree").permitAll()
|
.antMatchers("/api/customer/flower/category/tree/view").permitAll()
|
.antMatchers("/api/customer/flower/params").permitAll()
|
.antMatchers("/api/customer/flower/list").permitAll()
|
.antMatchers("/api/customer/flower/list/view").permitAll()
|
.antMatchers("/api/customer/flower/up/stock").permitAll()
|
// .antMatchers("/api/customer/info/**").permitAll()
|
.antMatchers("api/pub/customer/home/**").permitAll()
|
.antMatchers("/api/customer/point/goods/**").permitAll()
|
.antMatchers("/api/upload/oss/file").permitAll()
|
.antMatchers("/api/flower/zone/list").permitAll()
|
.antMatchers("/api/config/content/list/view").permitAll()
|
.antMatchers("/api/v2/coupon/home/alert").permitAll()
|
.antMatchers("/api/customer/partner/name").permitAll()
|
.antMatchers("/api/v2/coupon/app/home/alert").permitAll()
|
.antMatchers("/v2/config-param/base/info").permitAll()
|
.antMatchers("/api/supplier/**").permitAll()
|
.antMatchers("/api/customer/center").permitAll()
|
.antMatchers("/api/**").authenticated();//配置访问控制,必须认证过后才可以访问
|
|
}
|
|
@Bean
|
public RedisTokenStore tokenStore() {
|
RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
|
return tokenStore;
|
}
|
}
|
