From cb5f05b4212f23721b227de7ca50e6fbd368193b Mon Sep 17 00:00:00 2001
From: YunaiV <zhijiantianya@gmail.com>
Date: Sun, 31 Aug 2025 16:06:37 +0800
Subject: [PATCH] =?UTF-8?q?fix=EF=BC=9A=E3=80=90ai=20=E5=A4=A7=E6=A8=A1?=
 =?UTF-8?q?=E5=9E=8B=E3=80=91=E5=85=BC=E5=AE=B9=20mcp=20server=20=E5=85=B3?=
 =?UTF-8?q?=E9=97=AD=E7=9A=84=E6=83=85=E5=86=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../security/config/SecurityConfiguration.java         | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/yudao-module-ai/yudao-module-ai-server/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java b/yudao-module-ai/yudao-module-ai-server/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java
index a2c1eeee3..0e7a8ad45 100644
--- a/yudao-module-ai/yudao-module-ai-server/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java
+++ b/yudao-module-ai/yudao-module-ai-server/src/main/java/cn/iocoder/yudao/module/ai/framework/security/config/SecurityConfiguration.java
@@ -9,6 +9,8 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer;
 
+import java.util.Optional;
+
 /**
  * AI 模块的 Security 配置
  */
@@ -16,7 +18,7 @@ import org.springframework.security.config.annotation.web.configurers.AuthorizeH
 public class SecurityConfiguration {
 
     @Resource
-    private McpServerProperties serverProperties;
+    private Optional<McpServerProperties> serverProperties;
 
     @Bean("aiAuthorizeRequestsCustomizer")
     public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() {
@@ -40,8 +42,10 @@ public class SecurityConfiguration {
                 registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll();
 
                 // MCP Server
-                registry.requestMatchers(serverProperties.getSseEndpoint()).permitAll();
-                registry.requestMatchers(serverProperties.getSseMessageEndpoint()).permitAll();
+                serverProperties.ifPresent(properties -> {
+                    registry.requestMatchers(properties.getSseEndpoint()).permitAll();
+                    registry.requestMatchers(properties.getSseMessageEndpoint()).permitAll();
+                });
             }
 
         };