Spring 云网关匹配路由与路径变量和自定义过滤器
[英]Spring Cloud Gateway Matching Routes with Path Variables and Custom Filter
问题描述
I am trying to use the Sprign-Cloud-Gateway to implement role-based-authentication for an application with multiple microservices.
我正在尝试使用 Sprign-Cloud-Gateway 为具有多个微服务的应用程序实现基于角色的身份验证。 I have 3 roles in the application: Customer, Deliverer and Dispatcher and I have a service called customer-authentication-service for creating & managing the JWTs and roles.我在应用程序中有 3 个角色:客户、交付者和调度员,我有一个名为 customer-authentication-service 的服务,用于创建和管理 JWT 和角色。
This is what I need to do, but could not do:这是我需要做的,但做不到:
- Create a Map of paths that maps the request method and url pattern to the list of roles that can access this url, such as:创建一个 Map 路径,将请求方法和 url 模式映射到可以访问此 url 的角色列表,例如:
private final Map<Request, ImmutableList<String>> PERMISSIONED_ENDPOINTS = new HashMap<>(){{
put(new Request(HttpMethod.PUT, "/*/collected/deliverer/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.PUT, "/*/deposited/deliverer/*/box/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.PUT, "/user/*/delivered/box/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.GET, "/customer/{customerId}/status/delivered"), ImmutableList.of("DISPATCHER", "CUSTOMER")); // Only the customer with that id
put(new Request(HttpMethod.GET, "/customer/{customerId}/status/active"), ImmutableList.of("DISPATCHER", "CUSTOMER")); // Only the customer with that id
put(new Request(HttpMethod.POST, "/boxes"), ImmutableList.of("DISPATCHER", "CUSTOMER));
put(new Request(HttpMethod.PUT, "/boxes/{boxId}"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.DELETE, "/boxes/{boxId}"), ImmutableList.of("DISPATCHER"));
}};
- Match an incoming request that contains path variables with one of these patterns.将包含路径变量的传入请求与这些模式之一匹配。 I need to match complex paths such as: /{deliveryId}/deposited/deliverer/{delivererId}/box/{boxId}我需要匹配复杂的路径,例如:/{deliveryId}/deposited/deliverer/{delivererId}/box/{boxId}
I couldn't understand how to match these.我无法理解如何匹配这些。
- Send a request to the customer-authentication-service to post the JWT and get the role so that I can check if it is allowed to see the url.向 customer-authentication-service 发送请求以发布 JWT 并获取角色,以便我可以检查是否允许查看 url。
My question:我的问题:
How should I implement the URL matching and applying custom logic (sending requests to get the role and checking it) with the complex urls that contain path variables.我应该如何使用包含路径变量的复杂 url 实现 URL 匹配和应用自定义逻辑(发送请求以获取角色并检查它)。 Should I store Pattern objects and compare the incoming request with these, using regexes?我应该使用正则表达式存储 Pattern 对象并将传入的请求与这些对象进行比较吗?
I also checked Predicates and gone through all the docs but couldn't figure out how to implement it exactly.我还检查了 Predicates 并浏览了所有文档,但无法弄清楚如何准确地实现它。 Please provide me with a minimal working example for one of the complex urls and I will figure out the rest.请为我提供一个复杂 url 的最小工作示例,我将找出 rest。
Something like antMatchers in Spring Security would do the job but I am not sure if adding Spring Security is what I need in this case. Spring Security 中的 antMatchers 之类的东西可以完成这项工作,但我不确定在这种情况下是否需要添加 Spring Security。
Thanks in advance.提前致谢。
1 个解决方案
解决方案1
0 2022-02-05 06:16:07
Sorry, I did not understand your question fully.对不起,我没有完全理解你的问题。 I'll try to answer on the basic of whatever I understand.我会尽量回答我所理解的基本问题。
What I think is you are looking of HTTP Request Interceptor, which will intercept your every request and then you can check if that URL matches to your desired URL.我认为您正在寻找 HTTP 请求拦截器,它将拦截您的每个请求,然后您可以检查 URL 是否与您想要的 ZE6B391A8D2C4D45902A23A8B6585703 匹配。
Here is link to docs of HandlerInterceptor Interface. 这是 HandlerInterceptor 接口文档的链接。 You can implement HandlerInterceptor and use preHandle() method where you will get access to incoming request.您可以实现 HandlerInterceptor 并使用 preHandle() 方法,您将可以访问传入的请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.