gitadmin
/
tuoheng_gateway_move_20240715
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Merge branch 'release' of gitadmin/tuoheng_gateway into master

gitadmin-patch-1
gitadmin 1 year ago
parent
16f2faf6d7 a760ebe11d
commit
7a72b5ed20
16 changed files with 568 additions and 60 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +26
    -0
      src/main/java/com/tuoheng/gateway/commons/CommonsConfig.java
  2. +32
    -44
      src/main/java/com/tuoheng/gateway/config/GatewayFilterConfig.java
  3. +5
    -1
      src/main/java/com/tuoheng/gateway/config/WebSecurityConfig.java
  4. +6
    -6
      src/main/java/com/tuoheng/gateway/constants/AuthorityConstant.java
  5. +34
    -0
      src/main/java/com/tuoheng/gateway/constants/PermitPathConstant.java
  6. +14
    -0
      src/main/java/com/tuoheng/gateway/request/GetPermissionRoleIdListByApiUrlDto.java
  7. +20
    -0
      src/main/java/com/tuoheng/gateway/ustil/GatewayUrlPathUtil.java
  8. +1
    -1
      src/main/java/com/tuoheng/gateway/utils/EncryptUtil.java
  9. +71
    -0
      src/main/java/com/tuoheng/gateway/utils/GatewayUrlPathUtil.java
  10. +99
    -0
      src/main/java/com/tuoheng/gateway/utils/JsonResult.java
  11. +27
    -0
      src/main/java/com/tuoheng/gateway/utils/ServiceException.java
  12. +40
    -1
      src/main/resources/application-dev.yml
  13. +40
    -1
      src/main/resources/application-local.yml
  14. +40
    -1
      src/main/resources/application-prod.yml
  15. +44
    -5
      src/main/resources/application-test.yml
  16. +69
    -0
      src/main/resources/logback.xml

+ 26
- 0
src/main/java/com/tuoheng/gateway/commons/CommonsConfig.java View File

@@ -0,0 +1,26 @@
package com.tuoheng.gateway.commons;

import lombok.Data;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;

/**
* @author chenjiandong
* @description: TODO
* @date 2022/11/17 14:55
*/
@Configuration
@Data
public class CommonsConfig {

/**
* 图片域名
*/
public static String hhzPermissionUrl;

@Value("${tuoheng.hhz-admin-perUrl}")
public void setPermissionUrl(String url) {
hhzPermissionUrl = url;
}

}

+ 32
- 44
src/main/java/com/tuoheng/gateway/config/GatewayFilterConfig.java View File

@@ -1,12 +1,15 @@
package com.tuoheng.gateway.config;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.tuoheng.gateway.model.ClientUserRoleDto;
import com.tuoheng.gateway.ustil.EncryptUtil;
import com.tuoheng.gateway.utils.EncryptUtil;
import com.tuoheng.gateway.utils.GatewayUrlPathUtil;
import io.micrometer.core.instrument.util.StringUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.context.annotation.Configuration;
@@ -16,7 +19,6 @@ import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

@@ -25,6 +27,7 @@ import java.util.*;


@Configuration
@Slf4j
public class GatewayFilterConfig implements GlobalFilter, Ordered {

private static final String USERNAME = "username";
@@ -40,16 +43,6 @@ public class GatewayFilterConfig implements GlobalFilter, Ordered {

@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
//todo:header里封装 Client-Id 信息
/*String clientId = getClientId(exchange);
if(StringUtils.isEmpty(clientId)){
return invalidClientIdMono(exchange);
}
String requestUrl = exchange.getRequest().getPath().value();
//todo:获取当前系统、当前接口 可以访问的角色集合 start
Map<String, List<Integer>> permissionMap = getPermissionByClientId(clientId);
List<Integer> roleIds = permissionMap.get(requestUrl);*/
//todo:获取当前系统、当前接口 可以访问的角色集合 end
String token = getToken(exchange);
String username = null;
Long oUserId = null;
@@ -61,25 +54,36 @@ public class GatewayFilterConfig implements GlobalFilter, Ordered {
username = decodedJWT.getClaim(USERNAME).asString();
oUserId = decodedJWT.getClaim(OUSERID).asLong();
authorityList = decodedJWT.getClaim(SCOPE).asList(String.class);
clientUserRoleDtoList = decodedJWT.getClaim(CLIENTROLELIST).asList(ClientUserRoleDto.class);
String str = decodedJWT.getClaim(CLIENTROLELIST).asString();
clientUserRoleDtoList = JSONArray.parseArray(str, ClientUserRoleDto.class);;
}
/*if(roleIds != null){
//说明这个url 需要一定的角色才可以访问
//在不是admin权限的情况下进行校验
if(!authorityList.contains(ADMIN)){
//获取用户 client_id 对应的 roleId
ClientUserRoleDto clientUserRoleDto = clientUserRoleDtoList.stream().filter(dto -> dto.getClientId().equals(clientId))
.findFirst().orElse(null);
if(Objects.isNull(clientUserRoleDto)){
return forbiddenTokenMono(exchange);
}
Integer roleId = clientUserRoleDto.getRoleId();
if(!roleIds.contains(roleId)){
return forbiddenTokenMono(exchange);
//header里封装 Client-Id 信息
String clientId = getClientId(exchange);
if(!StringUtils.isEmpty(clientId)){
log.info("clientId is :{}", clientId);
String requestUrl = exchange.getRequest().getPath().value();
//去除gateway path 前缀
String apiUrl = requestUrl.replace(GatewayUrlPathUtil.getPathByClientId(clientId),"");
List<Integer> roleIds = GatewayUrlPathUtil.getRoleIdByApiUrlPermission(clientId, apiUrl, token);
log.info("roleIds is :{}", roleIds);
//return invalidClientIdMono(exchange);
if(roleIds.size() > 0){
//说明这个url 需要一定的角色才可以访问
//在不是admin权限的情况下进行校验
if(!authorityList.contains(ADMIN)){
//获取用户 client_id 对应的 roleId
ClientUserRoleDto clientUserRoleDto = clientUserRoleDtoList.stream().filter(dto -> dto.getClientId().equals(clientId))
.findFirst().orElse(null);
if(Objects.isNull(clientUserRoleDto)){
return forbiddenTokenMono(exchange);
}
Integer roleId = clientUserRoleDto.getRoleId();
if(!roleIds.contains(roleId)){
return forbiddenTokenMono(exchange);
}
}
}
}*/

}
if (!StringUtils.isBlank(token)) {
JSONObject jsonObject = new JSONObject();
jsonObject.put(USERNAME, username);
@@ -187,22 +191,6 @@ public class GatewayFilterConfig implements GlobalFilter, Ordered {
return response.writeWith(Mono.just(buffer));
}

/**
* 根据 clientId 从业务系统获取 permission - role 数据
* @return
*/
private Map<String, List<Integer>> getPermissionByClientId(String clientId){
// permissionUrl - roleIdList
Map<String, List<Integer>> map = new HashMap<>();
if(clientId.equals("tuoheng-oidc-admin")){
List<Integer> roleIds = new ArrayList<>();
roleIds.add(1001);
roleIds.add(1002);
map.put("/oidc/admin/user/create", roleIds);
}
return map;
}

@Override
public int getOrder() {
return 0;

+ 5
- 1
src/main/java/com/tuoheng/gateway/config/WebSecurityConfig.java View File

@@ -1,6 +1,7 @@
package com.tuoheng.gateway.config;

import com.tuoheng.gateway.constants.AuthorityConstant;
import com.tuoheng.gateway.constants.PermitPathConstant;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
@@ -63,12 +64,15 @@ public class WebSecurityConfig {
@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity httpSecurity){
String[] OAUTH_PATH = oauthUrlStr.split(",");
String[] PERMIT_PATH = permitUrlStr.split(",");
String[] HhzPermitPath = PermitPathConstant.hhzPermitUrlStr;
httpSecurity
.authorizeExchange()
.pathMatchers(OAUTH_PATH).hasAnyAuthority(AuthorityConstant.SCOPE_ADMIN, AuthorityConstant.SCOPE_TUOHNEG_DSP_MP, AuthorityConstant.SCOPE_TUOHNEG_DSP_WEB)
.pathMatchers(HhzPermitPath).permitAll()
.pathMatchers("/pilot/miniprogram/**").hasAnyAuthority(AuthorityConstant.SCOPE_ADMIN, AuthorityConstant.SCOPE_TUOHNEG_PILOT_MP)
.pathMatchers("/pilot/admin/**").hasAnyAuthority(AuthorityConstant.SCOPE_ADMIN, AuthorityConstant.SCOPE_TUOHNEG_PILOT_ADMIN)
.pathMatchers("/hhz/admin/**").hasAnyAuthority(AuthorityConstant.SCOPE_ADMIN, AuthorityConstant.SCOPE_TUOHNEG_HHZ_ADMIN)
.pathMatchers("/hhz/api/**").hasAnyAuthority(AuthorityConstant.SCOPE_ADMIN, AuthorityConstant.SCOPE_TUOHNEG_HHZ_MP)
.pathMatchers("/oidc/admin/**").authenticated()
//.pathMatchers(PERMIT_PATH).permitAll()
.anyExchange().permitAll()

+ 6
- 6
src/main/java/com/tuoheng/gateway/constants/AuthorityConstant.java View File

@@ -15,22 +15,22 @@ public class AuthorityConstant {
*/
public static final String SCOPE_TUOHNEG_DSP_MP = "SCOPE_tuoheng-dsp-mp";

/**
* dsp 用户权限
*/
public static final String SCOPE_TUOHNEG_DSP_WEB = "SCOPE_tuoheng-dsp-web";

public static final String SCOPE_TUOHNEG_PILOT_ADMIN = "SCOPE_tuoheng-pilot-admin";

public static final String SCOPE_TUOHNEG_PILOT_MP = "SCOPE_tuoheng-pilot-mp";

/**
* oidc admin 用户权限
*/
public static final String SCOPE_TUOHNEG_OIDC_ADMIN = "SCOPE_tuoheng-oidc-admin";

/**
* 河湖长用户权限
* HHZ 用户权限
*/
public static final String SCOPE_HHZ = "SCOPE_HHZ";

public static final String SCOPE_TUOHNEG_HHZ_ADMIN = "SCOPE_tuoheng-hhz-admin";

public static final String SCOPE_TUOHNEG_HHZ_MP = "SCOPE_tuoheng-hhz-mp";

}

+ 34
- 0
src/main/java/com/tuoheng/gateway/constants/PermitPathConstant.java View File

@@ -0,0 +1,34 @@
package com.tuoheng.gateway.constants;

/**
* @author chenjiandong
* @description: TODO
* @date 2022/12/1 8:49
*/
public class PermitPathConstant {

public static String hhzPermitUrlStr[] = {
"/hhz/admin/analyse/**",
"/hhz/admin/websocket/**",
"/hhz/admin/login/**",
"/hhz/admin/meeting/updatePeopleStatus/**",
"/hhz/admin/download/workUserExcel/**",
"/hhz/admin/inspection/track/**",
"/hhz/admin/inspection/uploadFlightUrl/**",
"/hhz/admin/inspection/updateTaskByCode/**",
"/hhz/admin/inspection/status/**",
"/hhz/admin/taskFile/**",
"/hhz/admin/flightdata/**",
"/hhz/admin/tenant/**",
"/hhz/admin/dsp/**",
"/hhz/admin/common/**",
"/hhz/api/tenant/**",
"/hhz/api/dsp/**",
"/hhz/api/meeting/updatePeopleStatus/**",
"/hhz/api/common/**",
"/hhz/api/common/**",
"/hhz/api/apiConfig/getConfigInfo/**",
"/hhz/api/tencentCloudRtc/genUserSig/**"
};

}

+ 14
- 0
src/main/java/com/tuoheng/gateway/request/GetPermissionRoleIdListByApiUrlDto.java View File

@@ -0,0 +1,14 @@
package com.tuoheng.gateway.request;

import lombok.Data;
import lombok.experimental.Accessors;

@Data
@Accessors(chain = true)
public class GetPermissionRoleIdListByApiUrlDto {

private String apiUrl;

private String method;

}

+ 20
- 0
src/main/java/com/tuoheng/gateway/ustil/GatewayUrlPathUtil.java View File

@@ -0,0 +1,20 @@
package com.tuoheng.gateway.ustil;

/**
* @author chenjiandong
* @description: 根据client-id获取路由path
* @date 2022/11/17 9:38
*/
public class GatewayUrlPathUtil {

public static String getPathByClientId(String clientId) {
String apiPath = "";
switch (clientId){
case "tuoheng-hhz-admin":
apiPath = "/hhz/admin";
break;
}
return apiPath;
}

}

src/main/java/com/tuoheng/gateway/ustil/EncryptUtil.java → src/main/java/com/tuoheng/gateway/utils/EncryptUtil.java View File

@@ -1,4 +1,4 @@
package com.tuoheng.gateway.ustil;
package com.tuoheng.gateway.utils;


import org.slf4j.Logger;

+ 71
- 0
src/main/java/com/tuoheng/gateway/utils/GatewayUrlPathUtil.java View File

@@ -0,0 +1,71 @@
package com.tuoheng.gateway.utils;

import com.alibaba.fastjson.JSONObject;
import com.tuoheng.gateway.commons.CommonsConfig;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.web.client.RestTemplate;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;

/**
* @author chenjiandong
* @description: 根据client-id获取路由path
* @date 2022/11/17 9:38
*/
@Slf4j
public class GatewayUrlPathUtil {

@Autowired
private static RestTemplate restTemplate;

private static final String HHZ_ADMIN = "tuoheng-hhz-admin";

private static final String HHZ_MP = "tuoheng-hhz-mp";

/**
* 获取 gateway 路由前缀,匹配url
* @param clientId
* @return
*/
public static String getPathByClientId(String clientId) {
String apiPath = "";
switch (clientId){
case HHZ_ADMIN:
apiPath = "/hhz/admin";
break;
case HHZ_MP:
apiPath = "/hhz/api";
break;
}
return apiPath;
}

/**
* 根据 clientId 从业务系统获取 permission - role 数据
* @return
*/
public static List<Integer> getRoleIdByApiUrlPermission(String clientId, String apiUrl, String token){
List<Integer> resList = new ArrayList<>();
if(clientId.equals(HHZ_ADMIN) || clientId.equals(HHZ_MP)){
String url = CommonsConfig.hhzPermissionUrl;
HttpHeaders resultRequestHeader = new HttpHeaders();
resultRequestHeader.add("Authorization", "Bearer " + token);
JSONObject json = new JSONObject();
json.put("apiUrl", apiUrl);
HttpEntity<JSONObject> entity = new HttpEntity<>(json, resultRequestHeader);
String result = new RestTemplate().postForObject(url, entity, String.class);
JSONObject jsonObject = JSONObject.parseObject(result);
Object obj = jsonObject.get("data");
if(!Objects.isNull(obj)){
for (Object o : (List<?>) obj) {
resList.add(Integer.class.cast(o));
}
}
}
return resList;
}

}

+ 99
- 0
src/main/java/com/tuoheng/gateway/utils/JsonResult.java View File

@@ -0,0 +1,99 @@
package com.tuoheng.gateway.utils;

import java.io.Serializable;

/**
* JSON回应类
*
* @author 牧羊人
* @date 2019/11/28
*/
public class JsonResult<T> implements Serializable {

private static final long serialVersionUID = 1L;

/**
* 成功
*/
public static final int SUCCESS = 0;

/**
* 失败
*/
public static final int ERROR = -1;

private int code;

private String msg;

private T data;

public static <T> JsonResult<T> success() {
return jsonResult(null, SUCCESS, "操作成功");
}

public static <T> JsonResult<T> success(String msg) {
return jsonResult(null, SUCCESS, msg);
}

public static <T> JsonResult<T> success(T data) {
return jsonResult(data, SUCCESS, "操作成功");
}

public static <T> JsonResult<T> success(T data, String msg) {
return jsonResult(data, SUCCESS, msg);
}

public static <T> JsonResult<T> error() {
return jsonResult(null, ERROR, "操作失败");
}

public static <T> JsonResult<T> error(String msg) {
return jsonResult(null, ERROR, msg);
}

public static <T> JsonResult<T> error(T data) {
return jsonResult(data, ERROR, "操作失败");
}

public static <T> JsonResult<T> error(T data, String msg) {
return jsonResult(data, ERROR, msg);
}

public static <T> JsonResult<T> error(int code, String msg) {
return jsonResult(null, code, msg);
}

private static <T> JsonResult<T> jsonResult(T data, int code, String msg) {
JsonResult<T> result = new JsonResult<>();
result.setCode(code);
result.setData(data);
result.setMsg(msg);
return result;
}

public int getCode() {
return code;
}

public void setCode(int code) {
this.code = code;
}

public String getMsg() {
return msg;
}

public void setMsg(String msg) {
this.msg = msg;
}

public T getData() {
return data;
}

public void setData(T data) {
this.data = data;
}

}

+ 27
- 0
src/main/java/com/tuoheng/gateway/utils/ServiceException.java View File

@@ -0,0 +1,27 @@
package com.tuoheng.gateway.utils;

/**
* 业务异常类(业务处理时手动抛出异常)
*/
public class ServiceException extends RuntimeException {

public int code;

private String msg;


/**
* 构造器
*
* @param code
* @param msg
*/
public ServiceException(int code, String msg) {
super(msg);
this.msg = msg;
this.code = code;
}


}


+ 40
- 1
src/main/resources/application-dev.yml View File

@@ -123,6 +123,27 @@ spring:
- Path=/pilot/web/**
filters:
- StripPrefix=2
# freeway后台管理
- id: tuoheng-freeway-admin
uri: lb://tuoheng-freeway-admin
predicates:
- Path=/freeway/admin/**
filters:
- StripPrefix=2
# freeway小程序服务
- id: tuoheng-freeway-miniprogram
uri: lb://tuoheng-freeway-miniprogram
predicates:
- Path=/freeway/miniprogram/**
filters:
- StripPrefix=2
# freeway api服务
- id: tuoheng-freeway-api
uri: lb://tuoheng-freeway-api
predicates:
- Path=/freeway/web/**
filters:
- StripPrefix=2
# oidc admin服务
- id: tuoheng-oidc-admin
uri: lb://tuoheng-oidc-admin
@@ -130,6 +151,20 @@ spring:
- Path=/oidc/admin/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: lb://tuoheng-hhz-admin
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: lb://tuoheng-hhz-api
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
@@ -154,4 +189,8 @@ spring:
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList

# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://192.168.11.11:9055/permission/getRoleIdList

+ 40
- 1
src/main/resources/application-local.yml View File

@@ -122,6 +122,27 @@ spring:
- Path=/pilot/web/**
filters:
- StripPrefix=2
# freeway后台管理
- id: tuoheng-freeway-admin
uri: lb://tuoheng-freeway-admin
predicates:
- Path=/freeway/admin/**
filters:
- StripPrefix=2
# freeway小程序服务
- id: tuoheng-freeway-miniprogram
uri: lb://tuoheng-freeway-miniprogram
predicates:
- Path=/freeway/miniprogram/**
filters:
- StripPrefix=2
# freeway api服务
- id: tuoheng-freeway-api
uri: lb://tuoheng-freeway-api
predicates:
- Path=/freeway/web/**
filters:
- StripPrefix=2
# oidc admin服务
- id: tuoheng-oidc-admin
uri: lb://tuoheng-oidc-admin
@@ -129,6 +150,20 @@ spring:
- Path=/oidc/admin/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: lb://tuoheng-hhz-admin
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: lb://tuoheng-hhz-api
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
@@ -153,4 +188,8 @@ spring:
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList

# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://127.0.0.1:9055/api/permission/getRoleIdList

+ 40
- 1
src/main/resources/application-prod.yml View File

@@ -115,6 +115,27 @@ spring:
- Path=/pilot/web/**
filters:
- StripPrefix=2
# freeway后台管理
- id: tuoheng-freeway-admin
uri: lb://tuoheng-freeway-admin
predicates:
- Path=/freeway/admin/**
filters:
- StripPrefix=2
# freeway小程序服务
- id: tuoheng-freeway-miniprogram
uri: lb://tuoheng-freeway-miniprogram
predicates:
- Path=/freeway/miniprogram/**
filters:
- StripPrefix=2
# freeway api服务
- id: tuoheng-freeway-api
uri: lb://tuoheng-freeway-api
predicates:
- Path=/freeway/web/**
filters:
- StripPrefix=2
# oidc admin服务
- id: tuoheng-oidc-admin
uri: lb://tuoheng-oidc-admin
@@ -122,6 +143,20 @@ spring:
- Path=/oidc/admin/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: lb://tuoheng-hhz-admin
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: lb://tuoheng-hhz-api
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
@@ -146,4 +181,8 @@ spring:
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/portal/serviceInst/*/getServiceInstParam/*,/api/portal/serviceInst/*/getServiceInstCaseUrl/*,/api/portal/serviceInst/*/*/application,/api/portal/serviceInst/*/*/questionList,/api/miniprogram/serviceInst/*/getServiceInstParam/*,/api/miniprogram/serviceInst/*/getServiceInstCaseUrl/*,/api/miniprogram/serviceInst/*/*/application,/api/miniprogram/serviceInst/*/*/questionList
oauthUrls: /api/system/demo/hello,/api/portal/serviceInst/*/getServiceInstParam/*,/api/portal/serviceInst/*/getServiceInstCaseUrl/*,/api/portal/serviceInst/*/*/application,/api/portal/serviceInst/*/*/questionList,/api/miniprogram/serviceInst/*/getServiceInstParam/*,/api/miniprogram/serviceInst/*/getServiceInstCaseUrl/*,/api/miniprogram/serviceInst/*/*/application,/api/miniprogram/serviceInst/*/*/questionList

# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://192.168.11.22:9055/api/permission/getRoleIdList

+ 44
- 5
src/main/resources/application-test.yml View File

@@ -4,17 +4,17 @@ spring:
resource-server:
jwt:
#issuer-uri: http://192.168.11.241:8090
issuer-uri: https://oidc.test.t-aaron.com
issuer-uri: https://login-test.t-aaron.com
cloud:
consul:
host: 192.168.11.242 # consul 所在服务地址
host: 172.15.1.11 # consul 所在服务地址
port: 8500 # consul 服务端口
discovery:
enabled: true #默认true。Consul Discovery Client是否注册到注册中心。和register同时设置成false,就不需要起consul服务。
register: true #是否将服务注册到Consul集群中心.。这个参数和上面的enabled参数同时设置成false,应用才不会注册注册中心,才可以不起consul服务!
deregister: true #默认true,服务停止时注销服务,即从服务列表中删除。设置成false的话,???
## consul ip地址
hostname: 192.168.11.242
hostname: 172.15.1.11
# 注册到consul的服务名称
service-name: ${spring.application.name} # 服务提供者名称,注册在consul上面的名字,在consul的调用中,是通过此名字调用的。默认服务名,不要改
instance-id: ${spring.application.name}:${spring.cloud.client.ip-address}:${server.port} #实例ID
@@ -116,6 +116,27 @@ spring:
- Path=/pilot/web/**
filters:
- StripPrefix=2
# freeway后台管理
- id: tuoheng-freeway-admin
uri: lb://tuoheng-freeway-admin
predicates:
- Path=/freeway/admin/**
filters:
- StripPrefix=2
# freeway小程序服务
- id: tuoheng-freeway-miniprogram
uri: lb://tuoheng-freeway-miniprogram
predicates:
- Path=/freeway/miniprogram/**
filters:
- StripPrefix=2
# freeway api服务
- id: tuoheng-freeway-api
uri: lb://tuoheng-freeway-api
predicates:
- Path=/freeway/web/**
filters:
- StripPrefix=2
# oidc admin服务
- id: tuoheng-oidc-admin
uri: lb://tuoheng-oidc-admin
@@ -123,12 +144,26 @@ spring:
- Path=/oidc/admin/**
filters:
- StripPrefix=2
# hhz admin服务
- id: tuoheng-hhz-admin
uri: lb://tuoheng-hhz-admin
predicates:
- Path=/hhz/admin/**
filters:
- StripPrefix=2
# hhz 小程序服务
- id: tuoheng-hhz-api
uri: lb://tuoheng-hhz-api
predicates:
- Path=/hhz/api/**
filters:
- StripPrefix=2
# Redis数据源
redis:
# 缓存库默认索引0
database: 0
# Redis服务器地址
host: 192.168.11.242
host: r-uf6cdzjifj20jszykr.redis.rds.aliyuncs.com
# Redis服务器连接端口
port: 6379
# Redis服务器连接密码(默认为空)
@@ -147,4 +182,8 @@ spring:
security:
ignore:
permitUrls: /api/system/demo/msg
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList
oauthUrls: /api/system/demo/hello,/api/*/serviceInst/*/getServiceInstParam/*,/api/*/serviceInst/*/getServiceInstCaseUrl/*,/api/*/serviceInst/*/*/application,/api/*/serviceInst/*/*/questionList

# 获取 apiUrl 可访问的 roleIdList
tuoheng:
hhz-admin-perUrl: http://172.15.1.21:9055/permission/getRoleIdList

+ 69
- 0
src/main/resources/logback.xml View File

@@ -0,0 +1,69 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- 日志级别从低到高分为TRACE < DEBUG < INFO < WARN < ERROR < FATAL,如果设置为WARN,则低于WARN的信息都不会输出 -->
<!-- scan:当此属性设置为true时,配置文档如果发生改变,将会被重新加载,默认值为true -->
<!-- scanPeriod:设置监测配置文档是否有修改的时间间隔,如果没有给出时间单位,默认单位是毫秒。
当scan为true时,此属性生效。默认的时间间隔为1分钟。 -->
<!-- debug:当此属性设置为true时,将打印出logback内部日志信息,实时查看logback运行状态。默认值为false。 -->
<configuration scan="true" scanPeriod="60 seconds" debug="false">
<!--
contextName说明:
每个logger都关联到logger上下文,默认上下文名称为“default”。但可以使用设置成其他名字,
用于区分不同应用程序的记录。一旦设置,不能修改,可以通过%contextName来打印日志上下文名称。
-->
<contextName>tuoheng_gateway</contextName>

<!--定义日志变量-->
<!--<property name="logging.path" value="D:\\idealogs\\tuoheng_oidc"/>-->
<property name="logging.path" value="/data/java/logs/tuoheng_gateway"/>
<!--日志格式: [时间] [级别] [线程] [行号] [logger信息] - [日志信息]-->
<property name="logging.pattern" value="%d{yyyy-MM-dd HH:mm:ss.SSS} [%level][%thread][%L] %logger - %msg%n"/>
<property name="logging.charset" value="UTF-8"/>
<property name="logging.maxHistory" value="15"/>
<property name="logging.totalSizeCap" value="5GB"/>
<property name="logging.maxFileSize" value="40MB"/>

<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>${logging.pattern}</pattern>
<charset>${logging.charset}</charset>
</encoder>
</appender>

<appender name="LOG_FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
<File>${logging.path}/tuoheng_gateway.log</File>
<append>true</append>
<rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
<fileNamePattern>${logging.path}/tuoheng_gateway-%d-%i.log</fileNamePattern>
<!-- 最大保存天数-->
<maxHistory>${logging.maxHistory}</maxHistory>
<totalSizeCap>${logging.totalSizeCap}</totalSizeCap>
<maxFileSize>${logging.maxFileSize}</maxFileSize>
</rollingPolicy>
<!--编码器-->
<encoder>
<pattern>${logging.pattern}</pattern>
<charset>${logging.charset}</charset>
</encoder>
</appender>

<appender name="file.async" class="ch.qos.logback.classic.AsyncAppender">
<discardingThreshold>0</discardingThreshold>
<queueSize>512</queueSize>
<includeCallerData>true</includeCallerData>
<appender-ref ref="LOG_FILE" />
</appender>

<logger name="com.tuoheng" level="DEBUG" additivity="false">
<appender-ref ref="console" />
<appender-ref ref="file.async" />
</logger>
<!--log4jdbc -->
<logger name="jdbc.sqltiming" level="DEBUG" additivity="false">
<appender-ref ref="file.async" />
</logger>

<root level="INFO">
<appender-ref ref="console" />
<appender-ref ref="file.async" />
</root>
</configuration>

Write Preview
Loading…
Cancel
Save