refactor: 抽取 Security 配置项到 SecurityProperties

cadecode · cadecode · commit 5d292917e40f · 2023-06-25T09:39:59.000+08:00
diff --git a/framework/src/main/java/com/github/cadecode/uniboot/framework/config/SecurityConfig.java b/framework/src/main/java/com/github/cadecode/uniboot/framework/config/SecurityConfig.java
@@ -2,6 +2,7 @@
 
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ArrayUtil;
+import com.github.cadecode.uniboot.framework.config.SecurityConfig.SecurityProperties;
 import com.github.cadecode.uniboot.framework.enums.AuthModelEnum;
 import com.github.cadecode.uniboot.framework.security.LoginSuccessHandler;
 import com.github.cadecode.uniboot.framework.security.TokenAuthFilter;
@@ -14,6 +15,7 @@
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -46,25 +48,10 @@
 @RequiredArgsConstructor
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true)
+@EnableConfigurationProperties(SecurityProperties.class)
 @Configuration
-@ConfigurationProperties("uni-boot.security")
 public class SecurityConfig {
 
-    /**
-     * 鉴权模式
-     */
-    private AuthModelEnum authModel;
-
-    /**
-     * 忽略鉴权的 url
-     */
-    private List<String> ignoreUrls;
-
-    /**
-     * JWT Token 配置
-     */
-    private TokenConfig token;
-
     /**
      * 登录路径
      */
@@ -81,6 +68,11 @@ public class SecurityConfig {
      */
     public static final String LOGOUT_URL = "/logout";
 
+    /**
+     * 配置项
+     */
+    private final SecurityProperties properties;
+
     /**
      * 注入各种处理器
      */
@@ -159,7 +151,7 @@ protected void configure(HttpSecurity http) throws Exception {
                         .failureHandler(loginFailureHandler);
                 // 配置 Token 校验过滤器
                 http.addFilterBefore(tokenAuthFilter, UsernamePasswordAuthenticationFilter.class);
-                log.info("Config Security over，AuthModel:{}", authModel);
+                log.info("Config Security over，AuthModel:{}", properties.getAuthModel());
             }
 
             @Override
@@ -171,6 +163,7 @@ public void configure(WebSecurity web) {
                 // 放行其他框架
                 ignoring.antMatchers("/error", "/druid/**", "/actuator/**");
                 // 设置忽略的路径
+                List<String> ignoreUrls = properties.getIgnoreUrls();
                 if (CollUtil.isNotEmpty(ignoreUrls)) {
                     log.info("Config Security ignore urls:{}", ignoreUrls);
                     ignoring.antMatchers(ArrayUtil.toArray(ignoreUrls, String.class));
@@ -179,6 +172,30 @@ public void configure(WebSecurity web) {
         };
     }
 
+    /**
+     * Security 配置
+     */
+    @Data
+    @ConfigurationProperties("uni-boot.security")
+    public static class SecurityProperties {
+
+        /**
+         * 鉴权模式
+         */
+        private AuthModelEnum authModel;
+
+        /**
+         * 忽略鉴权的 url
+         */
+        private List<String> ignoreUrls;
+
+        /**
+         * JWT Token 配置
+         */
+        private TokenConfig token;
+
+    }
+
     /**
      * JWT 配置类
      */
diff --git a/framework/src/main/java/com/github/cadecode/uniboot/framework/security/handler/SignOutSuccessHandler.java b/framework/src/main/java/com/github/cadecode/uniboot/framework/security/handler/SignOutSuccessHandler.java
@@ -9,10 +9,10 @@
 import com.github.cadecode.uniboot.common.plugin.cache.util.KeyGeneUtil;
 import com.github.cadecode.uniboot.common.plugin.cache.util.RedisUtil;
 import com.github.cadecode.uniboot.framework.config.SecurityConfig;
+import com.github.cadecode.uniboot.framework.config.SecurityConfig.SecurityProperties;
 import com.github.cadecode.uniboot.framework.consts.KeyPrefix;
 import com.github.cadecode.uniboot.framework.enums.AuthErrorEnum;
-import com.github.cadecode.uniboot.framework.security.TokenAuthFilter;
-import com.github.cadecode.uniboot.framework.security.filter.RedisTokenAuthFilter;
+import com.github.cadecode.uniboot.framework.enums.AuthModelEnum;
 import com.github.cadecode.uniboot.framework.util.SecurityUtil;
 import lombok.RequiredArgsConstructor;
 import org.springframework.security.core.Authentication;
@@ -32,14 +32,14 @@
 @Component
 public class SignOutSuccessHandler implements LogoutSuccessHandler {
 
-    private final TokenAuthFilter tokenAuthFilter;
+    private final SecurityProperties properties;
 
     @Override
     public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
                                 Authentication authentication) {
         // 删除保存登录信息的 redis key
         String uuidToken = request.getHeader(SecurityUtil.getHeader());
-        if (StrUtil.isNotEmpty(uuidToken) && tokenAuthFilter instanceof RedisTokenAuthFilter) {
+        if (StrUtil.isNotEmpty(uuidToken) && properties.getAuthModel() == AuthModelEnum.REDIS) {
             String loginUserKey = KeyGeneUtil.key(KeyPrefix.LOGIN_USER, uuidToken);
             RedisUtil.del(loginUserKey);
         }
diff --git a/framework/src/main/java/com/github/cadecode/uniboot/framework/util/SecurityUtil.java b/framework/src/main/java/com/github/cadecode/uniboot/framework/util/SecurityUtil.java
@@ -3,7 +3,7 @@
 import cn.hutool.core.lang.UUID;
 import cn.hutool.core.util.ObjectUtil;
 import com.github.cadecode.uniboot.framework.bean.dto.SysUserDto.SysUserDetailsDto;
-import com.github.cadecode.uniboot.framework.config.SecurityConfig;
+import com.github.cadecode.uniboot.framework.config.SecurityConfig.SecurityProperties;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.core.Authentication;
@@ -25,22 +25,22 @@
 @Component
 public class SecurityUtil implements InitializingBean {
 
-    private static SecurityConfig SECURITY_CONFIG;
+    private static SecurityProperties PROPERTIES;
 
-    private final SecurityConfig securityConfig;
+    private final SecurityProperties properties;
 
     // 从 SecurityConfig 获取 token 配置
 
     public static String getHeader() {
-        return SECURITY_CONFIG.getToken().getHeader();
+        return PROPERTIES.getToken().getHeader();
     }
 
     public static Long getExpiration() {
-        return SECURITY_CONFIG.getToken().getExpiration();
+        return PROPERTIES.getToken().getExpiration();
     }
 
     public static String getSecret() {
-        return SECURITY_CONFIG.getToken().getSecret();
+        return PROPERTIES.getToken().getSecret();
     }
 
     /**
@@ -114,6 +114,6 @@ public static String getUsername() {
 
     @Override
     public void afterPropertiesSet() {
-        SECURITY_CONFIG = securityConfig;
+        PROPERTIES = properties;
     }
 }
