diff --git a/yudao-gateway/pom.xml b/yudao-gateway/pom.xml
index 6df6ba494..8d2386954 100644
--- a/yudao-gateway/pom.xml
+++ b/yudao-gateway/pom.xml
@@ -16,6 +16,13 @@
https://github.com/YunaiV/yudao-cloud
+
+
+ cn.iocoder.cloud
+ yudao-module-system-api
+ ${revision}
+
+
org.springframework.cloud
@@ -28,6 +35,11 @@
spring-cloud-starter-loadbalancer
+
+ org.springframework.cloud
+ spring-cloud-starter-openfeign
+
+
com.alibaba.cloud
diff --git a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java
index d5904db49..ff4b97f09 100644
--- a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/GatewayServerApplication.java
@@ -1,9 +1,14 @@
package cn.iocoder.yudao.gateway;
+import cn.iocoder.yudao.module.system.api.auth.OAuth2TokenApi;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.openfeign.EnableFeignClients;
@SpringBootApplication
+@EnableFeignClients(clients = {
+ OAuth2TokenApi.class
+}) // TODO 芋艿:需要改下
public class GatewayServerApplication {
public static void main(String[] args) {
diff --git a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/filter/TokenAuthenticationFilter.java b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/filter/TokenAuthenticationFilter.java
new file mode 100644
index 000000000..3b9642317
--- /dev/null
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/filter/TokenAuthenticationFilter.java
@@ -0,0 +1,45 @@
+package cn.iocoder.yudao.gateway.filter;
+
+import cn.iocoder.yudao.module.system.api.auth.OAuth2TokenApi;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.core.Ordered;
+import org.springframework.http.HttpHeaders;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+import javax.annotation.Resource;
+import java.util.function.Consumer;
+
+/**
+ * Token 过滤器,验证 token 的有效性
+ * 1. 验证通过时,将 userId、userType、tenantId 通过 Header 转发给服务
+ * 2. 验证不通过,还是会转发给服务。因为,接口是否需要登录的校验,还是交给服务自身处理
+ *
+ * @author 芋道源码
+ */
+@Component // TODO 芋艿:要改成 configuration
+public class TokenAuthenticationFilter implements GlobalFilter, Ordered {
+
+ @Resource
+ private OAuth2TokenApi oauth2TokenApi;
+
+ @Override
+ public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+ exchange = exchange.mutate().request(r -> r.headers(new Consumer() {
+ @Override
+ public void accept(HttpHeaders headers) {
+ headers.set("user-id", "1");
+ }
+ })).build();
+ return chain.filter(exchange);
+ }
+
+ @Override
+ public int getOrder() {
+ return -100; // 和 Spring Security Filter 的顺序对齐
+ }
+
+}
diff --git a/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/util/SecurityFrameworkUtils.java b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/util/SecurityFrameworkUtils.java
new file mode 100644
index 000000000..1ce8af64d
--- /dev/null
+++ b/yudao-gateway/src/main/java/cn/iocoder/yudao/gateway/util/SecurityFrameworkUtils.java
@@ -0,0 +1,39 @@
+package cn.iocoder.yudao.gateway.util;
+
+import org.springframework.util.StringUtils;
+import org.springframework.web.server.ServerWebExchange;
+
+/**
+ * 安全服务工具类
+ *
+ * copy from yudao-spring-boot-starter-security 的 SecurityFrameworkUtils 类
+ *
+ * @author 芋道源码
+ */
+public class SecurityFrameworkUtils {
+
+ public static final String AUTHORIZATION_HEADER = "Authorization";
+
+ public static final String AUTHORIZATION_BEARER = "Bearer";
+
+ private SecurityFrameworkUtils() {}
+
+ /**
+ * 从请求中,获得认证 Token
+ *
+ * @param exchange 请求
+ * @return 认证 Token
+ */
+ public static String obtainAuthorization(ServerWebExchange exchange) {
+ String authorization = exchange.getRequest().getHeaders().getFirst(AUTHORIZATION_HEADER);
+ if (!StringUtils.hasText(authorization)) {
+ return null;
+ }
+ int index = authorization.indexOf(AUTHORIZATION_BEARER + " ");
+ if (index == -1) { // 未找到
+ return null;
+ }
+ return authorization.substring(index + 7).trim();
+ }
+
+}
diff --git a/yudao-module-system/yudao-module-system-api/pom.xml b/yudao-module-system/yudao-module-system-api/pom.xml
index a9054a152..1c1215f06 100644
--- a/yudao-module-system/yudao-module-system-api/pom.xml
+++ b/yudao-module-system/yudao-module-system-api/pom.xml
@@ -29,6 +29,13 @@
true
+
+
+ org.springframework.cloud
+ spring-cloud-starter-openfeign
+ true
+
+
diff --git a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java
index 5d0201565..a769a431f 100644
--- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java
+++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApi.java
@@ -3,6 +3,9 @@ package cn.iocoder.yudao.module.system.api.auth;
import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenCheckRespDTO;
import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenCreateReqDTO;
import cn.iocoder.yudao.module.system.api.auth.dto.OAuth2AccessTokenRespDTO;
+import org.springframework.cloud.openfeign.FeignClient;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestParam;
import javax.validation.Valid;
@@ -11,6 +14,7 @@ import javax.validation.Valid;
*
* @author 芋道源码
*/
+@FeignClient(name = "system-server") // TODO 芋艿:fallbackFactory =
public interface OAuth2TokenApi {
/**
@@ -19,6 +23,7 @@ public interface OAuth2TokenApi {
* @param reqDTO 访问令牌的创建信息
* @return 访问令牌的信息
*/
+ @GetMapping("/tmp")
OAuth2AccessTokenRespDTO createAccessToken(@Valid OAuth2AccessTokenCreateReqDTO reqDTO);
/**
@@ -27,7 +32,8 @@ public interface OAuth2TokenApi {
* @param accessToken 访问令牌
* @return 访问令牌的信息
*/
- OAuth2AccessTokenCheckRespDTO checkAccessToken(String accessToken);
+ @GetMapping("/app-api/check")
+ OAuth2AccessTokenCheckRespDTO checkAccessToken(@RequestParam("accessToken") String accessToken);
/**
* 移除访问令牌
@@ -35,6 +41,7 @@ public interface OAuth2TokenApi {
* @param accessToken 访问令牌
* @return 访问令牌的信息
*/
+ @GetMapping("/tmp2")
OAuth2AccessTokenRespDTO removeAccessToken(String accessToken);
/**
@@ -44,6 +51,8 @@ public interface OAuth2TokenApi {
* @param clientId 客户端编号
* @return 访问令牌的信息
*/
- OAuth2AccessTokenRespDTO refreshAccessToken(String refreshToken, String clientId);
+ @GetMapping("/tmp3")
+ OAuth2AccessTokenRespDTO refreshAccessToken(@RequestParam("refreshToken") String refreshToken,
+ @RequestParam("clientId") String clientId);
}
diff --git a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java
index 438cf9463..3eec3fc11 100644
--- a/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java
+++ b/yudao-module-system/yudao-module-system-biz/src/main/java/cn/iocoder/yudao/module/system/api/auth/OAuth2TokenApiImpl.java
@@ -7,6 +7,7 @@ import cn.iocoder.yudao.module.system.convert.auth.OAuth2TokenConvert;
import cn.iocoder.yudao.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
import cn.iocoder.yudao.module.system.service.oauth2.OAuth2TokenService;
import org.springframework.stereotype.Service;
+import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
@@ -15,7 +16,7 @@ import javax.annotation.Resource;
*
* @author 芋道源码
*/
-@Service
+@RestController
public class OAuth2TokenApiImpl implements OAuth2TokenApi {
@Resource