Skip to content

Commit f05bb87

Browse files
zlt2000zlt2000
committed
优化网关认证信息传递逻辑,适配oauth2的客户端模式
1 parent 0ed68b9 commit f05bb87

File tree

2 files changed

+21
-15
lines changed

2 files changed

+21
-15
lines changed

zlt-gateway/sc-gateway/src/main/java/com/central/gateway/auth/Oauth2AuthSuccessHandler.java

+13-7
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,8 @@
88
import org.springframework.security.oauth2.provider.OAuth2Authentication;
99
import org.springframework.security.web.server.WebFilterExchange;
1010
import org.springframework.security.web.server.authentication.ServerAuthenticationSuccessHandler;
11+
import org.springframework.util.LinkedMultiValueMap;
12+
import org.springframework.util.MultiValueMap;
1113
import org.springframework.web.server.ServerWebExchange;
1214
import reactor.core.publisher.Mono;
1315

@@ -23,19 +25,23 @@
2325
public class Oauth2AuthSuccessHandler implements ServerAuthenticationSuccessHandler {
2426
@Override
2527
public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) {
26-
SysUser user = (SysUser)authentication.getPrincipal();
27-
Long userId = user.getId();
28-
String username = user.getUsername();
28+
MultiValueMap<String, String> headerValues = new LinkedMultiValueMap(4);
29+
Object principal = authentication.getPrincipal();
30+
//客户端模式只返回一个clientId
31+
if (principal instanceof SysUser) {
32+
SysUser user = (SysUser)authentication.getPrincipal();
33+
headerValues.add(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId()));
34+
headerValues.add(SecurityConstants.USER_HEADER, user.getUsername());
35+
}
2936
OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
3037
String clientId = oauth2Authentication.getOAuth2Request().getClientId();
38+
headerValues.add(SecurityConstants.TENANT_HEADER, clientId);
39+
headerValues.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
3140

3241
ServerWebExchange exchange = webFilterExchange.getExchange();
3342
ServerHttpRequest serverHttpRequest = exchange.getRequest().mutate()
3443
.headers(h -> {
35-
h.add(SecurityConstants.USER_ID_HEADER, String.valueOf(userId));
36-
h.add(SecurityConstants.USER_HEADER, username);
37-
h.add(SecurityConstants.TENANT_HEADER, clientId);
38-
h.add(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
44+
h.addAll(headerValues);
3945
})
4046
.build();
4147

zlt-gateway/zuul-gateway/src/main/java/com/central/gateway/filter/pre/UserInfoHeaderFilter.java

+8-8
Original file line numberDiff line numberDiff line change
@@ -41,16 +41,16 @@ public boolean shouldFilter() {
4141
public Object run() {
4242
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
4343
if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
44-
SysUser user = (SysUser)authentication.getPrincipal();
45-
Long userId = user.getId();
46-
String username = user.getUsername();
47-
44+
Object principal = authentication.getPrincipal();
45+
RequestContext ctx = RequestContext.getCurrentContext();
46+
//客户端模式只返回一个clientId
47+
if (principal instanceof SysUser) {
48+
SysUser user = (SysUser)authentication.getPrincipal();
49+
ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(user.getId()));
50+
ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, user.getUsername());
51+
}
4852
OAuth2Authentication oauth2Authentication = (OAuth2Authentication)authentication;
4953
String clientId = oauth2Authentication.getOAuth2Request().getClientId();
50-
51-
RequestContext ctx = RequestContext.getCurrentContext();
52-
ctx.addZuulRequestHeader(SecurityConstants.USER_ID_HEADER, String.valueOf(userId));
53-
ctx.addZuulRequestHeader(SecurityConstants.USER_HEADER, username);
5454
ctx.addZuulRequestHeader(SecurityConstants.TENANT_HEADER, clientId);
5555
ctx.addZuulRequestHeader(SecurityConstants.ROLE_HEADER, CollectionUtil.join(authentication.getAuthorities(), ","));
5656
}

0 commit comments

Comments
 (0)