安全

基于spring-security-web-5.1.10

SpringBoot Oauth2文档

官方整合gateway和oauth2的demo

oauth2文档

oauth2开发指南

SpringCloudSecurity中文文档

SpringCloudSecurity官方文档

Token Relay

gateway作为Oauth2的Token Relay，使用TokenRelayGatewayFilterFactory实现

App.java

@Autowired
private TokenRelayGatewayFilterFactory filterFactory;

@Bean
public RouteLocator customRouteLocator(RouteLocatorBuilder builder) {
    return builder.routes()
            .route("resource", r -> r.path("/resource")
                    .filters(f -> f.filter(filterFactory.apply()))
                    .uri("http://localhost:9000"))
            .build();
}

或

application.yaml

spring:
  cloud:
    gateway:
      routes:
      - id: resource
        uri: http://localhost:9000
        predicates:
        - Path=/resource
        filters:
        - TokenRelay=

执行过程

org.springframework.security.web.FilterChainProxy包含以下过滤器

FilterChainProxy

• WebAsyncManagerIntegrationFilter

通过使用SecurityContextCallableProcessingInterceptor.beforeConcurrentHandling（org.springframework.web.context.request.NativeWebRequest，Callable）将SecurityContext填充在Callable上，从而在SecurityContext和Spring Web的WebAsyncManager之间提供集成

TokenEndpoint

AuthorizationEndpoint