| | |
|---|
| | | @Value("${security.sign}") |
|---|
| | | private boolean parameter_signature; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private IgnoreWhiteProperties ignoreWhite; |
|---|
| | | |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { |
|---|
| | |
|---|
| | | if(method != HttpMethod.POST){ |
|---|
| | | return chain.filter(exchange.mutate().request(mutate.build()).build()); |
|---|
| | | } |
|---|
| | | // 跳过不需要验证的路径 |
|---|
| | | String url = request.getURI().getPath(); |
|---|
| | | if (StringUtils.matches(url, ignoreWhite.getWhites())) { |
|---|
| | | return chain.filter(exchange); |
|---|
| | | } |
|---|
| | | String sign = request.getHeaders().getFirst(TokenConstants.SIGN); |
|---|
| | | String nonce_str = request.getHeaders().getFirst(TokenConstants.NONCE_STR); |
|---|
| | | if (parameter_signature && StringUtils.isEmpty(sign)) { |
|---|
