fizzgate/fizz-gateway-node
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Optimize route auth msg

Browse Source
This commit is contained in:
hongqiaowei
2021-08-18 17:23:27 +08:00
parent 034e55adeb
commit 71b92def56
2 changed files with 14 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
fizz-core/src/main/java/we/plugin/auth/ApiConfigService.java
View File

@@ -255,17 +255,18 @@ public class ApiConfigService {
if (ac.checkApp) {
if (apiConifg2appsService.contains(ac.id, app)) {
matchPathPatterns.add(ac.path);
} /*else {
if (app == null) {
ThreadContext.set(ApiConfigService.AUTH_MSG, "request not carry app message");
} else {
ThreadContext.set(ApiConfigService.AUTH_MSG, app + " can't access " + service + ' ' + method + ' ' + path);
}
}*/
}
} else {
matchPathPatterns.add(ac.path);
}
}
if (matchPathPatterns.isEmpty()) {
if (app == null) {
ThreadContext.set(ApiConfigService.AUTH_MSG, "no app msg in req");
} else {
ThreadContext.set(ApiConfigService.AUTH_MSG, app + " not in app whitelist of routes which match " + gatewayGroup + ' ' + service + ' ' + method + ' ' + path);
}
}
if (!matchPathPatterns.isEmpty()) {
if (matchPathPatterns.size() > 1) {
Collections.sort(matchPathPatterns, UrlTransformUtils.ANT_PATH_MATCHER.getPatternComparator(path));

12
fizz-core/src/main/java/we/plugin/auth/ServiceConfig.java
View File

@@ -146,19 +146,19 @@ public class ServiceConfig {
for (int i = 0; i < matchGatewayGroup2apiConfigs.size(); i++) {
GatewayGroup2apiConfig gatewayGroup2apiConfig = matchGatewayGroup2apiConfigs.get(i);
Set<ApiConfig> apiConfigs = gatewayGroup2apiConfig.get(gatewayGroup);
if (apiConfigs != null) {
if (apiConfigs == null) {
ThreadContext.set(ApiConfigService.AUTH_MSG, "route which match " + id + ' ' + method + ' ' + path + " is not exposed to " + gatewayGroup);
} else {
for (ApiConfig ac : apiConfigs) {
if (ac.access == ApiConfig.ALLOW) {
lst.add(ac);
}
}
if (lst.isEmpty()) {
ThreadContext.set(ApiConfigService.AUTH_MSG, "route which match " + id + ' ' + method + ' ' + path + " not allow access");
}
}
}
// if (lst.isEmpty()) {
// ThreadContext.set(
// ApiConfigService.AUTH_MSG,
// "route which match " + id + ' ' + method + ' ' + path + " is not exposed to " + gatewayGroup + " gateway group or allow access");
// }
return lst;
}
}