mec/mec-web/src/main/java/com/ym/mec/web/config/ResourceServerConfig.java

package com.ym.mec.web.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

import com.ym.mec.common.security.BaseAccessDeniedHandler;
import com.ym.mec.common.security.BaseAuthenticationEntryPoint;

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Autowired
    private BaseAccessDeniedHandler baseAccessDeniedHandler;

    @Autowired
    private BaseAuthenticationEntryPoint baseAuthenticationEntryPoint;

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.csrf()
                .disable()
                .exceptionHandling()
                .accessDeniedHandler(baseAccessDeniedHandler)
                .authenticationEntryPoint(baseAuthenticationEntryPoint)
                .and()
                .authorizeRequests()
                .antMatchers("/task/**")
                .hasIpAddress("0.0.0.0/0")
                .antMatchers("/v2/api-docs", "/classGroup/highClassGroups", "/code/*", "/api/*", "/appVersionInfo/queryByPlatform", "/eduDegree/*",
                        "/uploadFile", "/eduContracts/queryProduceContract", "/activity/doubleEleven2020Statis", "/replacementInstrument/queryPage",
                        "/replacementInstrumentActivity/queryReplacementsStat", "/eduStudentRegistration/queryPreApplyList",
                        "/eduSubject/findSubSubjects", "/eduFinancialExpenditure/batchAdd", "/eduSendNotice/*",
                        "/oaContracts/*", "/eduStudent/organStudentOverView", "/activity/countCloudTeacherActive",
                        "/activity/organDoubleEleven2021Statis", "/activity/doubleEleven2021Statis", "/questionnaireTopic/getDetail", "/questionnaireUserResult/add",
                        "/tenantInfo/info/*","/tenantInfo/pay/*","/tenantInfo/notify"
                )
                .permitAll().anyRequest().authenticated().and().httpBasic();
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.authenticationEntryPoint(baseAuthenticationEntryPoint).accessDeniedHandler(baseAccessDeniedHandler);
    }

}