gateway 引入 webclient，实现对 oauth2 接口的调用

2026-03-22 05:07:16 +08:00 · 2022-06-04 10:06:09 +08:00
parent 6d9195ac83
commit e5fed46ae1
7 changed files with 105 additions and 26 deletions
--- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/oauth2/OAuth2TokenApi.java
+++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/oauth2/OAuth2TokenApi.java
@@ -14,27 +14,33 @@ import org.springframework.web.bind.annotation.*;

 import javax.validation.Valid;

-@FeignClient(name = "system-server") // TODO 芋艿：fallbackFactory =
+@FeignClient(name = ApiConstants.NAME) // TODO 芋艿：fallbackFactory =
@Api(tags = "RPC 服务 - OAuth2.0 令牌")
 public interface OAuth2TokenApi {

-    String API_PREFIX = ApiConstants.API_PREFIX + "/oauth2/token";
+    String PREFIX = ApiConstants.PREFIX + "/oauth2/token";

-    @PostMapping(API_PREFIX + "/create")
+    /**
+     * 校验 Token 的 URL 地址，主要是提供给 Gateway 使用
+     */
+    @SuppressWarnings("HttpUrlsUsage")
+    String URL_CHECK = "http://" + ApiConstants.NAME + PREFIX + "/check";
+
+    @PostMapping(PREFIX + "/create")
    @ApiOperation("创建访问令牌")
    CommonResult<OAuth2AccessTokenRespDTO> createAccessToken(@Valid @RequestBody OAuth2AccessTokenCreateReqDTO reqDTO);

-    @GetMapping(API_PREFIX + "/check")
+    @GetMapping(PREFIX + "/check")
    @ApiOperation("校验访问令牌")
    @ApiImplicitParam(name = "accessToken", value = "访问令牌", required = true, dataTypeClass = String.class, example = "tudou")
    CommonResult<OAuth2AccessTokenCheckRespDTO> checkAccessToken(@RequestParam("accessToken") String accessToken);

-    @DeleteMapping(API_PREFIX + "/remove")
+    @DeleteMapping(PREFIX + "/remove")
    @ApiOperation("移除访问令牌")
    @ApiImplicitParam(name = "accessToken", value = "访问令牌", required = true, dataTypeClass = String.class, example = "tudou")
    CommonResult<OAuth2AccessTokenRespDTO> removeAccessToken(@RequestParam("accessToken") String accessToken);

-    @PutMapping(API_PREFIX + "/refresh")
+    @PutMapping(PREFIX + "/refresh")
    @ApiOperation("刷新访问令牌")
    @ApiImplicitParams({
        @ApiImplicitParam(name = "refreshToken", value = "刷新令牌", required = true, dataTypeClass = String.class, example = "haha"),
--- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/enums/ApiConstants.java
+++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/enums/ApiConstants.java
@@ -7,8 +7,15 @@ package cn.iocoder.yudao.module.system.enums;
 */
 public class ApiConstants {

-    public static final String API_PREFIX = "/rpc-api/system";
+    /**
+     * 服务名
+     *
+     * 注意，需要保证和 spring.application.name 保持一致
+     */
+    public static final String NAME = "system-server";

-    public static final String API_VERSION = "1.0.0";
+    public static final String PREFIX = "/rpc-api/system";
+
+    public static final String VERSION = "1.0.0";

 }
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/oauth2/OAuth2TokenApiImpl.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/oauth2/OAuth2TokenApiImpl.java
@@ -7,20 +7,18 @@ import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenRespDTO;
 import cn.iocoder.yudao.module.system.convert.auth.OAuth2TokenConvert;
 import cn.iocoder.yudao.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
 import cn.iocoder.yudao.module.system.service.oauth2.OAuth2TokenService;
-import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.dubbo.config.annotation.DubboService;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;

 import javax.annotation.Resource;

 import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success;
-import static cn.iocoder.yudao.module.system.enums.ApiConstants.API_VERSION;
+import static cn.iocoder.yudao.module.system.enums.ApiConstants.VERSION;

@RestController // 提供 RESTful API 接口，给 Feign 调用
-@DubboService(version = API_VERSION) // 提供 Dubbo RPC 接口，给 Dubbo Consumer 调用
+@DubboService(version = VERSION) // 提供 Dubbo RPC 接口，给 Dubbo Consumer 调用
@Validated
 public class OAuth2TokenApiImpl implements OAuth2TokenApi {

--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/AuthController.http
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/controller/admin/auth/AuthController.http
@@ -26,7 +26,7 @@ Authorization: Bearer {{token}}
 tenant-id: {{adminTenentId}}

 ### 请求 /list-menus 接口 => 成功
-GET {{systemBaseUrl}}/system/list-menus
-Authorization: Bearer {{token}}
-#Authorization: Bearer a6aa7714a2e44c95aaa8a2c5adc2a67a
+GET {{systemBaseUrl}}/system/auth/list-menus
+#Authorization: Bearer {{token}}
+Authorization: Bearer 81e64ecd759a410ca54d3f00bdeb4574
 tenant-id: {{adminTenentId}}
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SecurityConfiguration.java
@@ -50,7 +50,7 @@ public class SecurityConfiguration {
                registry.antMatchers("/actuator").anonymous()
                        .antMatchers("/actuator/**").anonymous();
                // RPC 服务的安全配置
-                registry.antMatchers(ApiConstants.API_PREFIX + "/**").anonymous();
+                registry.antMatchers(ApiConstants.PREFIX + "/**").permitAll();
            }

        };