diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/web/WebUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/web/WebUtils.java
new file mode 100644
index 00000000..fe8085a0
--- /dev/null
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/web/WebUtils.java
@@ -0,0 +1,184 @@
+package com.ruoyi.common.core.utils.web;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.common.core.exception.CheckedException;
+import org.bouncycastle.util.encoders.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.method.HandlerMethod;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.StandardCharsets;
+
+public class WebUtils extends org.springframework.web.util.WebUtils
+{
+ private final Logger logger = LoggerFactory.getLogger(WebUtils.class);
+
+ private static final String BASIC_ = "Basic ";
+
+// /**
+// * 判断是否ajax请求 spring ajax 返回含有 ResponseBody 或者 RestController注解
+// *
+// * @param handlerMethod HandlerMethod
+// * @return 是否ajax请求
+// */
+// public boolean isBody(HandlerMethod handlerMethod)
+// {
+// ResponseBody responseBody = ClassUtils.getAnnotation(handlerMethod, ResponseBody.class);
+// return responseBody != null;
+// }
+
+ /**
+ * 读取cookie
+ *
+ * @param name cookie name
+ * @return cookie value
+ */
+ public String getCookieVal(String name)
+ {
+ HttpServletRequest request = WebUtils.getRequest();
+ Assert.notNull(request, "request from RequestContextHolder is null");
+ return getCookieVal(request, name);
+ }
+
+ /**
+ * 读取cookie
+ *
+ * @param request HttpServletRequest
+ * @param name cookie name
+ * @return cookie value
+ */
+ public String getCookieVal(HttpServletRequest request, String name)
+ {
+ Cookie cookie = getCookie(request, name);
+ return cookie != null ? cookie.getValue() : null;
+ }
+
+ /**
+ * 清除 某个指定的cookie
+ *
+ * @param response HttpServletResponse
+ * @param key cookie key
+ */
+ public void removeCookie(HttpServletResponse response, String key)
+ {
+ setCookie(response, key, null, 0);
+ }
+
+ /**
+ * 设置cookie
+ *
+ * @param response HttpServletResponse
+ * @param name cookie name
+ * @param value cookie value
+ * @param maxAgeInSeconds maxage
+ */
+ public void setCookie(HttpServletResponse response, String name, String value, int maxAgeInSeconds)
+ {
+ Cookie cookie = new Cookie(name, value);
+ cookie.setPath("/");
+ cookie.setMaxAge(maxAgeInSeconds);
+ cookie.setHttpOnly(true);
+ response.addCookie(cookie);
+ }
+
+ /**
+ * 获取 HttpServletRequest
+ *
+ * @return {HttpServletRequest}
+ */
+ public static HttpServletRequest getRequest()
+ {
+ return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+ }
+
+ /**
+ * 获取 HttpServletResponse
+ *
+ * @return {HttpServletResponse}
+ */
+ public HttpServletResponse getResponse()
+ {
+ return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
+ }
+
+ /**
+ * 返回json
+ *
+ * @param response HttpServletResponse
+ * @param result 结果对象
+ */
+ public void renderJson(HttpServletResponse response, Object result)
+ {
+ renderJson(response, result, MediaType.APPLICATION_JSON_VALUE);
+ }
+
+ /**
+ * 返回json
+ *
+ * @param response HttpServletResponse
+ * @param result 结果对象
+ * @param contentType contentType
+ */
+ public void renderJson(HttpServletResponse response, Object result, String contentType)
+ {
+ response.setCharacterEncoding("UTF-8");
+ response.setContentType(contentType);
+ try (PrintWriter out = response.getWriter())
+ {
+ out.append(JSON.toJSONString(result));
+ }
+ catch (IOException e)
+ {
+ logger.error(e.getMessage(), e);
+ }
+ }
+
+ /**
+ * 从request 获取CLIENT_ID
+ *
+ * @return
+ * @throws UnsupportedEncodingException
+ */
+ public static String[] getClientId(ServerHttpRequest request) throws UnsupportedEncodingException
+ {
+ String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
+
+ if (header == null || !header.startsWith(BASIC_))
+ {
+ throw new CheckedException("请求头中client信息为空");
+ }
+ byte[] base64Token = header.substring(6).getBytes("UTF-8");
+ byte[] decoded;
+ try
+ {
+ decoded = Base64.decode(base64Token);
+ }
+ catch (IllegalArgumentException e)
+ {
+ throw new CheckedException("Failed to decode basic authentication token");
+ }
+
+ String token = new String(decoded, StandardCharsets.UTF_8);
+
+ int delim = token.indexOf(":");
+
+ if (delim == -1)
+ {
+ throw new CheckedException("Invalid basic authentication token");
+ }
+ return new String[] { token.substring(0, delim), token.substring(delim + 1) };
+ }
+}
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
index 8d6a8a56..767d9d32 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java
@@ -1,5 +1,7 @@
package com.ruoyi.gateway.filter;
+import com.ruoyi.common.core.utils.web.WebUtils;
+import com.ruoyi.gateway.config.properties.IgnoreClientProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
@@ -25,6 +27,9 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
@Autowired
private ValidateCodeService validateCodeService;
+ @Autowired
+ private IgnoreClientProperties ignoreClient;
+
@Override
public GatewayFilter apply(Object config)
{
@@ -38,6 +43,13 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
}
try
{
+ // swagger的oauth2.0验证码放行操作
+ String[] clientInfos = WebUtils.getClientId(request);
+ if (ignoreClient.getClients().contains(clientInfos[0]))
+ {
+ return chain.filter(exchange);
+ }
+
validateCodeService.checkCapcha(request.getQueryParams().getFirst("code"),
request.getQueryParams().getFirst("uuid"));
}