42 lines
1.5 KiB
Java
42 lines
1.5 KiB
Java
package com.example.template;
|
|
|
|
import org.springframework.cloud.gateway.config.GlobalCorsProperties;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
|
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
|
import org.springframework.security.web.server.SecurityWebFilterChain;
|
|
import org.springframework.web.cors.reactive.CorsConfigurationSource;
|
|
import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
|
|
|
|
@Configuration
|
|
@EnableWebFluxSecurity
|
|
public class ResourceServerConfiguration {
|
|
|
|
@Bean
|
|
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
|
|
|
|
http
|
|
.cors().and()
|
|
.csrf().disable()
|
|
.authorizeExchange()
|
|
.pathMatchers("/products/**","/goods/**","/oauth/**","/login/**").permitAll()
|
|
.anyExchange().authenticated()
|
|
.and()
|
|
.oauth2ResourceServer()
|
|
.jwt()
|
|
;
|
|
|
|
return http.build();
|
|
}
|
|
|
|
@Bean
|
|
CorsConfigurationSource corsConfigurationSource(
|
|
GlobalCorsProperties globalCorsProperties) {
|
|
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
|
|
globalCorsProperties.getCorsConfigurations()
|
|
.forEach(source::registerCorsConfiguration);
|
|
return source;
|
|
}
|
|
}
|