/** * Copyright (c) 2016-2019 人人开源 All rights reserved. * * https://www.renren.io * * 版权所有,侵权必究! */ package com.peanut.config; import com.peanut.modules.sys.oauth2.OAuth2Filter; import com.peanut.modules.sys.oauth2.OAuth2Realm; import org.apache.shiro.mgt.SecurityManager; import org.apache.shiro.spring.LifecycleBeanPostProcessor; import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor; import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.web.mgt.DefaultWebSecurityManager; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import javax.servlet.Filter; import java.util.HashMap; import java.util.LinkedHashMap; import java.util.Map; /** * Shiro配置 * * @author Mark sunlightcs@gmail.com */ @Configuration public class ShiroConfig { @Bean("securityManager") public SecurityManager securityManager(OAuth2Realm oAuth2Realm) { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setRealm(oAuth2Realm); securityManager.setRememberMeManager(null); return securityManager; } @Bean("shiroFilter") public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean(); shiroFilter.setSecurityManager(securityManager); //oauth过滤 Map filters = new HashMap<>(); filters.put("oauth2", new OAuth2Filter()); shiroFilter.setFilters(filters); Map filterMap = new LinkedHashMap<>(); filterMap.put("/common/user/sms/sendcode","anon");//发送手机验证码 filterMap.put("/common/user/getMailCaptcha","anon");//发送邮箱验证码 filterMap.put("/common/user/registerOrLogin","anon");//发送邮箱验证码 filterMap.put("/common/user/login","anon");//验证码注册或登录 filterMap.put("/common/user/setPasswordByCode","anon");//忘记密码 filterMap.put("/common/apkConfig/getApkUrl","anon");//获取apk下载地址 filterMap.put("/common/sysFeedback/addSysFeedback","anon");//问题反馈-密码问题 filterMap.put("/oss/**","anon"); filterMap.put("/image/**","anon"); filterMap.put("/book/book/listForWebsite","anon"); // 网站接口 filterMap.put("/book/shopproduct/forWebList","anon"); // 网站接口 filterMap.put("forum/articles/desccreatelist","anon"); // 网站接口 filterMap.put("book/task/list","anon"); // 网站接口 filterMap.put("/pay/aliPay/notify","anon"); // 支付宝回调接口 filterMap.put("/pay/payNotify","anon"); // 微信回调接口 filterMap.put("/pay/refundNotify","anon"); // 微信退款回调接口 filterMap.put("/weChat/**","anon"); filterMap.put("/book/baseArea/getAllBaseArea","anon");//登录前获取全部区域 // filterMap.put("/book/bookchaptercontent/**","anon"); filterMap.put("/book/user/**","anon"); filterMap.put("/sys/vodAli/vodAliVideoRe","anon"); filterMap.put("/sys/vodAli/getTokenForYLJK","anon"); filterMap.put("/sys/vodAli/uploadCallback","anon"); filterMap.put("/webjars/**", "anon"); filterMap.put("/druid/**", "anon"); filterMap.put("/app/**", "anon"); filterMap.put("/sys/login", "anon"); filterMap.put("/swagger/**", "anon"); filterMap.put("/v2/api-docs", "anon"); filterMap.put("/sys/agreement/getPrivacyDetail","anon"); filterMap.put("/sys/agreement/getUserDetail","anon"); filterMap.put("/sys/agreement/getAgreement","anon"); filterMap.put("/swagger-ui.html", "anon"); filterMap.put("/swagger-resources/**", "anon"); filterMap.put("/captcha.jpg", "anon"); filterMap.put("/aaa.txt", "anon"); filterMap.put("/visitor/**","anon");//游客访问接口 filterMap.put("/**", "oauth2"); filterMap.put("/cent/**","anon"); //todo 过滤 用户隐私协议未生效 // filterMap.put("sys/agreement/list","anon"); shiroFilter.setFilterChainDefinitionMap(filterMap); return shiroFilter; } @Bean("lifecycleBeanPostProcessor") public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() { return new LifecycleBeanPostProcessor(); } @Bean public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) { AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor(); advisor.setSecurityManager(securityManager); return advisor; } }