/* * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * Neither the name of the dreamlu.net developer nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * Author: Chill 庄骞 (smallchill@163.com) */ package org.springblade.core.secure.registry; import lombok.Data; import org.springblade.core.secure.props.AuthSecure; import org.springblade.core.secure.props.BasicSecure; import org.springblade.core.secure.props.SignSecure; import org.springblade.core.secure.provider.HttpMethod; import java.util.ArrayList; import java.util.Arrays; import java.util.List; /** * 安全框架统一配置 * * @author Chill */ @Data public class SecureRegistry { /** * 是否开启鉴权 */ private boolean enabled = false; /** * 是否开启授权 */ private boolean authEnabled = true; /** * 是否开启基础认证 */ private boolean basicEnabled = true; /** * 是否开启签名认证 */ private boolean signEnabled = true; /** * 是否开启客户端认证 */ private boolean clientEnabled = true; /** * 默认放行规则 */ private final List defaultExcludePatterns = new ArrayList<>(); /** * 自定义放行规则 */ private final List excludePatterns = new ArrayList<>(); /** * 自定义授权集合 */ private final List authSecures = new ArrayList<>(); /** * 基础认证集合 */ private final List basicSecures = new ArrayList<>(); /** * 签名认证集合 */ private final List signSecures = new ArrayList<>(); public SecureRegistry() { this.defaultExcludePatterns.add("/actuator/health/**"); this.defaultExcludePatterns.add("/v2/api-docs/**"); this.defaultExcludePatterns.add("/auth/**"); this.defaultExcludePatterns.add("/token/**"); this.defaultExcludePatterns.add("/log/**"); this.defaultExcludePatterns.add("/menu/routes"); this.defaultExcludePatterns.add("/menu/auth-routes"); this.defaultExcludePatterns.add("/menu/top-menu"); this.defaultExcludePatterns.add("/process/resource-view"); this.defaultExcludePatterns.add("/process/diagram-view"); this.defaultExcludePatterns.add("/manager/check-upload"); this.defaultExcludePatterns.add("/error/**"); this.defaultExcludePatterns.add("/assets/**"); } /** * 设置单个放行api */ public SecureRegistry excludePathPattern(String pattern) { this.excludePatterns.add(pattern); return this; } /** * 设置放行api集合 */ public SecureRegistry excludePathPatterns(String... patterns) { this.excludePatterns.addAll(Arrays.asList(patterns)); return this; } /** * 设置放行api集合 */ public SecureRegistry excludePathPatterns(List patterns) { this.excludePatterns.addAll(patterns); return this; } /** * 设置单个自定义授权 */ public SecureRegistry addAuthPattern(HttpMethod method, String pattern, String expression) { this.authSecures.add(new AuthSecure(method, pattern, expression)); return this; } /** * 设置自定义授权集合 */ public SecureRegistry addAuthPatterns(List authSecures) { this.authSecures.addAll(authSecures); return this; } /** * 返回自定义授权集合 */ public List getAuthSecures() { return this.authSecures; } /** * 设置基础认证 */ public SecureRegistry addBasicPattern(HttpMethod method, String pattern, String username, String password) { this.basicSecures.add(new BasicSecure(method, pattern, username, password)); return this; } /** * 设置基础认证集合 */ public SecureRegistry addBasicPatterns(List basicSecures) { this.basicSecures.addAll(basicSecures); return this; } /** * 返回基础认证集合 */ public List getBasicSecures() { return this.basicSecures; } /** * 设置签名认证 */ public SecureRegistry addSignPattern(HttpMethod method, String pattern, String crypto) { this.signSecures.add(new SignSecure(method, pattern, crypto)); return this; } /** * 设置签名认证集合 */ public SecureRegistry addSignPatterns(List signSecures) { this.signSecures.addAll(signSecures); return this; } /** * 返回签名认证集合 */ public List getSignSecures() { return this.signSecures; } }