feat: add whitelist filters and related resources (#22)

Author: jettcc

achobeta-infra-gateway/src/main/java/com/achobeta/www/gateway/config/WhitelistProperties.java

@@ -0,0 +1,25 @@
+package com.achobeta.www.gateway.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+import java.util.List;
+
+/**
+ * <span>
+ *     Whitelist request URL list
+ * </span>
+ * 
+ * @author jettcc in 2023/10/6
+ * @version 1.0
+ */
+
+@Getter
+@Setter
+@Component
+@ConfigurationProperties(prefix = "gateway.whitelist")
+public class WhitelistProperties {
+    List<String> urls;
+}

achobeta-infra-gateway/src/main/java/com/achobeta/www/gateway/filter/GlobalRequestInterceptor.java

@@ -14,6 +14,8 @@
 import java.text.ParseException;
 
 import static com.achobeta.www.common.util.GlobalServiceStatusCode.*;
+import static com.achobeta.www.gateway.utils.GatewayConstants.AUTHORIZATION_HEADER;
+import static com.achobeta.www.gateway.utils.GatewayConstants.BEARER_PREFIX;
 
 /**
  * <span>
@@ -29,8 +31,7 @@
  */
 @Component
 public class GlobalRequestInterceptor implements GlobalFilter {
-    private static final String AUTHORIZATION_HEADER = "Authorization";
-    private static final String BEARER_PREFIX = "Bearer ";
+
 
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {

achobeta-infra-gateway/src/main/java/com/achobeta/www/gateway/filter/WhitelistRequestFilter.java

@@ -0,0 +1,53 @@
+package com.achobeta.www.gateway.filter;
+
+import com.achobeta.www.gateway.config.WhitelistProperties;
+import lombok.NonNull;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.web.server.ServerWebExchange;
+import org.springframework.web.server.WebFilter;
+import org.springframework.web.server.WebFilterChain;
+import reactor.core.publisher.Mono;
+
+import static com.achobeta.www.gateway.utils.GatewayConstants.AUTHORIZATION_HEADER;
+import static com.achobeta.www.gateway.utils.GatewayConstants.REQUEST_TYPE_GET;
+/**
+ * <span>
+ *     Whitelist filter
+ * </span>
+ * 
+ * @author jettcc in 2023/10/6
+ * @version 1.0
+ */
+@Configuration
+@Slf4j
+public class WhitelistRequestFilter implements WebFilter {
+    private final WhitelistProperties whitelist;
+
+    public WhitelistRequestFilter(WhitelistProperties whitelist) {
+        this.whitelist = whitelist;
+    }
+
+    @NonNull
+    @Override
+    public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
+        var request = exchange.getRequest();
+        var path = request.getURI().getPath();
+        var urls = whitelist.getUrls();
+        var requestMethod = request.getMethod().name();
+        var pathMatcher = new AntPathMatcher();
+        // whitelist that only allows GET requests
+        if (!REQUEST_TYPE_GET.equalsIgnoreCase(requestMethod)) return chain.filter(exchange);
+        for (var u : urls) {
+            if (pathMatcher.match(u, path)) {
+                request = exchange.getRequest()
+                        .mutate().header(AUTHORIZATION_HEADER, "")
+                        .build();
+                return chain.filter(exchange.mutate().request(request).build());
+            }
+        }
+
+        return chain.filter(exchange);
+    }
+}

achobeta-infra-gateway/src/main/java/com/achobeta/www/gateway/utils/GatewayConstants.java

@@ -0,0 +1,18 @@
+package com.achobeta.www.gateway.utils;
+/**
+ * <span>
+ *     Define and store gateway constants
+ * </span>
+ *
+ * @author jettcc in 2023/10/6
+ * @version 1.0
+ */
+
+public class GatewayConstants {
+    public static final String AUTHORIZATION_HEADER = "Authorization";
+    public static final String BEARER_PREFIX = "Bearer ";
+
+    public static final String REQUEST_TYPE_GET = "GET";
+
+    public static final String REQUEST_TYPE_POST = "POST";
+}

achobeta-infra-gateway/src/main/resources/application.yaml

@@ -10,11 +10,16 @@ spring:
   application:
     name: achobeta-infra-gateway
 
-
-
-
-
-
+# Whitelist
+gateway:
+  whitelist:
+    urls:
+      - "/v0/**"
+      - "/auth/oauth/token"
+      - "/swagger**/**"
+      - "/webjars/**"
+      - "/doc.html"
+      - "/*/*/api-docs"
 
 
 # ---------------------------- Try not to modify the following configurations ----------------------------
@@ -47,3 +52,4 @@ logging:
       achobeta:
         www:
           gateway: debug
+