Spring Cloud Gateway使用Token验证详解

时间:2022-11-02 16:41:34

引入依赖

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<dependencymanagement>
  <dependencies>
    <dependency>
      <groupid>org.springframework.cloud</groupid>
      <artifactid>spring-cloud-dependencies</artifactid>
      <version>${spring-cloud.version}</version>
      <type>pom</type>
      <scope>import</scope>
    </dependency>
  </dependencies>
</dependencymanagement>
 
<dependencies>
  <dependency>
    <groupid>org.springframework.cloud</groupid>
    <artifactid>spring-cloud-starter-gateway</artifactid>
  </dependency>
</dependencies>

自定义过滤器

可以继承 abstractgatewayfilterfactory 或实现 globalfilter 实现过滤请求功能

gatewayfilter

gatewayfilter 只能指定路径上应用

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
import org.springframework.cloud.gateway.filter.gatewayfilter;
import org.springframework.cloud.gateway.filter.factory.abstractgatewayfilterfactory;
import org.springframework.http.httpstatus;
import org.springframework.http.server.reactive.serverhttpresponse;
import org.springframework.stereotype.component;
 
@component
public class authgatewayfilterfactory extends abstractgatewayfilterfactory<authgatewayfilterfactory.config> {
 
  public authgatewayfilterfactory() {
    super(config.class);
  }
 
  @override
  public gatewayfilter apply(config config) {
    return (exchange, chain) -> {
      system.out.println("welcome to authfilter.");
      string token = exchange.getrequest().getheaders().getfirst("sign");
      if (config.secret.equals(token)) {
        return chain.filter(exchange);
      }
      serverhttpresponse response = exchange.getresponse();
      response.setstatuscode(httpstatus.unauthorized);
      return response.setcomplete();
    };
  }
 
  static class config {
    static string secret = "1234";
  }
}
?
1
2
3
4
5
6
7
8
9
10
11
spring:
 cloud:
  gateway:
   routes:
   - id: service2_route
    uri: http://127.0.0.1:8082
    predicates:
    - path=/s2/**
    filters:
    - stripprefix=1 # 去掉路径的 n 个前缀
    - auth=true # 输入过滤器类的名称前缀

globalfilter

globalfilter 可以在全局应用

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
import org.springframework.cloud.gateway.filter.gatewayfilterchain;
import org.springframework.cloud.gateway.filter.globalfilter;
import org.springframework.core.ordered;
import org.springframework.http.httpstatus;
import org.springframework.http.server.reactive.serverhttprequest;
import org.springframework.http.server.reactive.serverhttpresponse;
import org.springframework.stereotype.component;
import org.springframework.web.server.serverwebexchange;
import reactor.core.publisher.mono;
 
@component
public class authglobalfilter implements globalfilter, ordered {
  @override
  public mono<void> filter(serverwebexchange exchange, gatewayfilterchain chain) {
    system.out.println("welcome to authglobalfilter.");
    serverhttprequest request = exchange.getrequest();
    string sign = request.getheaders().get("sign").get(0);
    string token = "1234";
    if(token.equals(sign)) {
      return chain.filter(exchange);
    }
    serverhttpresponse response = exchange.getresponse();
    response.setstatuscode(httpstatus.unauthorized);
    return response.setcomplete();
  }
 
  @override
  public int getorder() {
    return 0;
  }
}

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。

原文链接:https://segmentfault.com/a/1190000018310098