From bd706ecfd8ad0112d3bd95f8d4b2c4c0116ca542 Mon Sep 17 00:00:00 2001 From: "1351515658@qq.com" <1351515658@qq.com> Date: Thu, 8 Aug 2024 15:42:43 +0800 Subject: [PATCH] =?UTF-8?q?optimize=20oauth2TokenApi\permissionApi?= =?UTF-8?q?=E5=B0=BD=E9=87=8F=E7=94=A8=E6=9C=AC=E5=9C=B0=E5=AE=9E=E7=8E=B0?= =?UTF-8?q?=E7=B1=BB=EF=BC=8C=E6=8F=90=E5=8D=87=E6=89=A7=E8=A1=8C=E6=95=88?= =?UTF-8?q?=E7=8E=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../YudaoSecurityAutoConfiguration.java | 22 ++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoSecurityAutoConfiguration.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoSecurityAutoConfiguration.java index a24999176..c3d44a278 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoSecurityAutoConfiguration.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoSecurityAutoConfiguration.java @@ -1,5 +1,6 @@ package cn.iocoder.yudao.framework.security.config; +import cn.hutool.extra.spring.SpringUtil; import cn.iocoder.yudao.framework.security.core.aop.PreAuthenticatedAspect; import cn.iocoder.yudao.framework.security.core.context.TransmittableThreadLocalSecurityContextHolderStrategy; import cn.iocoder.yudao.framework.security.core.filter.TokenAuthenticationFilter; @@ -10,6 +11,7 @@ import cn.iocoder.yudao.framework.security.core.service.SecurityFrameworkService import cn.iocoder.yudao.framework.web.core.handler.GlobalExceptionHandler; import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi; import cn.iocoder.yudao.module.system.api.permission.PermissionApi; +import jakarta.annotation.Resource; import org.springframework.beans.factory.config.MethodInvokingFactoryBean; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.AutoConfigureOrder; @@ -21,11 +23,9 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.access.AccessDeniedHandler; -import jakarta.annotation.Resource; - /** * Spring Security 自动配置类,主要用于相关组件的配置 - * + *

* 注意,不能和 {@link YudaoWebSecurityConfigurerAdapter} 用一个,原因是会导致初始化报错。 * 参见 https://stackoverflow.com/questions/53847050/spring-boot-delegatebuilder-cannot-be-null-on-autowiring-authenticationmanager 文档。 * @@ -80,11 +80,27 @@ public class YudaoSecurityAutoConfiguration { @Bean public TokenAuthenticationFilter authenticationTokenFilter(GlobalExceptionHandler globalExceptionHandler, OAuth2TokenApi oauth2TokenApi) { + // Cloud 专属逻辑:优先使用本地的 oauth2TokenApi 实现类,而不是 Feign 调用 + try { + OAuth2TokenApi oAuth2TokenApiImpl = SpringUtil.getBean("OAuth2TokenApiImpl", OAuth2TokenApi.class); + if (oAuth2TokenApiImpl != null) { + oauth2TokenApi = oAuth2TokenApiImpl; + } + } catch (Exception ignored) { + } return new TokenAuthenticationFilter(securityProperties, globalExceptionHandler, oauth2TokenApi); } @Bean("ss") // 使用 Spring Security 的缩写,方便使用 public SecurityFrameworkService securityFrameworkService(PermissionApi permissionApi) { + // Cloud 专属逻辑:优先使用本地的 permissionApi 实现类,而不是 Feign 调用 + try { + PermissionApi permissionApiImpl = SpringUtil.getBean("permissionApiImpl", PermissionApi.class); + if (permissionApiImpl != null) { + permissionApi = permissionApiImpl; + } + } catch (Exception ignored) { + } return new SecurityFrameworkServiceImpl(permissionApi); }