下面列出了org.springframework.util.AntPathMatcher#match ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Override
public Mono<Resource> transform(ServerWebExchange serverWebExchange, Resource resource, ResourceTransformerChain resourceTransformerChain) {
final AntPathMatcher antPathMatcher = new AntPathMatcher();
try {
boolean isIndexFound = antPathMatcher.match("**/swagger-ui/**/index.html", resource.getURL().toString());
if (isIndexFound && hasDefaultTransformations()) {
String html = defaultTransformations(resource.getInputStream());
return Mono.just(new TransformedResource(resource, html.getBytes()));
}
else {
return Mono.just(resource);
}
}
catch (Exception e) {
throw new SpringDocUIException("Failed to transform Index", e);
}
}
@Override
public Resource transform(HttpServletRequest request, Resource resource,
ResourceTransformerChain transformerChain) throws IOException {
final AntPathMatcher antPathMatcher = new AntPathMatcher();
boolean isIndexFound = antPathMatcher.match("**/swagger-ui/**/index.html", resource.getURL().toString());
if (isIndexFound && hasDefaultTransformations()) {
String html = defaultTransformations(resource.getInputStream());
return new TransformedResource(resource, html.getBytes());
}
else
return resource;
}
private boolean hasGroupIdPermission(String token, String groupId, String targetGroupId, String url, String method) {
if (Strings.isNullOrEmpty(groupId)) {
return false;
}
String adminAppids = configs.get("restapi.admin.appids");
if (!Strings.isNullOrEmpty(adminAppids) && adminAppids.contains(groupId)) {//拥有超级权限,可以修改其他任何appid配置,不需要token
return true;
}
checkToken(groupId, targetGroupId, token);//checktoken
if (groupId.equalsIgnoreCase(targetGroupId)) {
return true;
}
List<ApiPermission> apiPermissionList = apiPermissionService.queryByGroupIdAndTargetGroupId(groupId, targetGroupId);
if (apiPermissionList == null || apiPermissionList.size() == 0) {
return false;
}
AntPathMatcher antPathMatcher = new AntPathMatcher();
for (ApiPermission apiPermission : apiPermissionList) {
if (apiPermission.getMethod() != null
&& apiPermission.getMethod().equalsIgnoreCase(method)
&& antPathMatcher.match(apiPermission.getUrl(), url)) {
return true;
}
}
return false;
}
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
/**
* 过滤非认证URL
* <p>和Spring Security的白名单类似</p>
*
* @param request req
* @return 返回结果
*/
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
/**
* 过滤非认证URL
* <p>和Spring Security的白名单类似</p>
*
* @param request req
* @return 返回结果
*/
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
private boolean isExclusives(HttpServletRequest request) {
List<String> exclusivePath = CHERRY.SPRING_CONTEXT.getBean(AdamProperties.class).getSecurity().getExclusivePath();
AntPathMatcher antPathMatcher = new AntPathMatcher();
String requestURI = request.getRequestURI();
for (String exclusive : exclusivePath) {
if (antPathMatcher.match(exclusive, requestURI)) {
return true;
}
}
return false;
}
@Test
public void testAntMatcher(){
AntPathMatcher path = new AntPathMatcher();
boolean rs = path.match("/user.*", "/user.json?aaa=bbb&cc=ddd");
Assert.assertTrue(rs);
//后缀的点号变成可选的写法?
rs = path.match("/user.*", "/user");
Assert.assertFalse(rs);
}
private boolean isBranchNotExcluded(String branchName) {
AntPathMatcher matcher = new AntPathMatcher();
for (String excludePattern : excludedBranches) {
if (matcher.match(excludePattern, branchName)) {
return false;
}
}
return true;
}
private boolean isBranchIncluded(String branchName) {
AntPathMatcher matcher = new AntPathMatcher();
for (String includePattern : includedBranches) {
if (matcher.match(includePattern, branchName)) {
return true;
}
}
return includedBranches.isEmpty();
}
public static void main(String[] args) {
AntPathMatcher matcher = new AntPathMatcher();
matcher.match("{a:[a-z]}{b:[1-9]}", "a3");
SpringApplication.run(WxMenuTestApp.class, args);
}
@Test
public void testAntMatcher(){
AntPathMatcher req = new AntPathMatcher();
boolean res = req.match("/user.*", "/user.json");
Assert.assertTrue(res);
res = req.match("/**/api/**", "/service/api/user");
res = req.match("/**/api/**", "/api/user");
res = req.match("/**/api/**", "/api/user/1");
res = req.match("/**/api/**", "/api/user/1?aa=bb&cc=dd");
Assert.assertTrue(res);
res = req.match("*zh.*", "user_zh.html");
Assert.assertTrue(res);
res = req.match("*zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("**zh.*", "user_zh.html");
Assert.assertTrue(res);
res = req.match("**zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("**/*zh.*", "/user_zh.html");
Assert.assertFalse(res);
res = req.match("/*zh.*", "/user_zh.html");
Assert.assertTrue(res);
res = req.match("/user*", "/user");
Assert.assertTrue(res);
res = req.match("/user*", "/user.json");
Assert.assertTrue(res);
res = req.match("/user*", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*", "/user/1");
Assert.assertFalse(res);
res = req.match("/user**", "/user");
Assert.assertTrue(res);
res = req.match("/user**", "/user.json");
Assert.assertTrue(res);
res = req.match("/user**", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*/**", "/userInfo");
Assert.assertTrue(res);
res = req.match("/user*/**", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/1");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/*", "/user/aaa/1.json");
Assert.assertFalse(res);
res = req.match("/user/**", "/user/1.json");
Assert.assertTrue(res);
res = req.match("/user/**", "/user/aaa/1.json");
Assert.assertTrue(res);
res = req.match("/service/swagger**", "/service/swagger-resources");
Assert.assertTrue(res);
res = req.match("/service/swagger**/**", "/service/swagger-resources/configuration");
Assert.assertTrue(res);
res = req.match("/service/swagger**/**", "/service/swagger-resources");
Assert.assertTrue(res);
res = req.match("/service/swagger**", "/service/swagger-resources/configuration/ui");
Assert.assertFalse(res);
res = req.match("/service/webjars/**/**", "/service/webjars/springfox-swagger-ui/css/typography.css");
Assert.assertTrue(res);
}
/**
* Validate an internal redirect URL to avoid internal open redirect. (Use this function only if the use of internal url redirect keys is not possible. For
* external url redirection control, use the plugin plugin-verifybackurl)
*
* the url should : - not be blank (null or empty string or spaces) - not start with "http://" or "https://" or "//" OR match the base URL or any URL in the
* pattern list
*
* example with a base url "https://lutece.fr/ : - valid : myapp/jsp/site/Portal.jsp , Another.jsp , https://lutece.fr/myapp/jsp/site/Portal.jsp - invalid :
* http://anothersite.com , https://anothersite.com , //anothersite.com , file://my.txt , ...
*
*
* @param strUrl
* the Url to validate
* @param request
* the current request (containing the baseUrl)
* @param strAntPathMatcherPatterns
* a comma separated list of AntPathMatcher patterns, as "http://**.lutece.com,https://**.lutece.com"
* @return true if valid
*/
public static boolean isInternalRedirectUrlSafe( String strUrl, HttpServletRequest request, String strAntPathMatcherPatterns )
{
if ( StringUtils.isBlank( strUrl ) )
{
return true; // this is not a valid redirect Url, but it is not unsafe
}
// filter schemes
boolean [ ] conditions = new boolean [ ] {
!strUrl.startsWith( "//" ), !strUrl.startsWith( "http:" ), !strUrl.startsWith( "https:" ), !strUrl.contains( "://" ),
!strUrl.startsWith( "javascript:" )
};
if ( BooleanUtils.and( conditions ) )
{
return true; // should be a relative path
}
// compare with current baseUrl
if ( strUrl.startsWith( AppPathService.getBaseUrl( request ) ) )
{
return true;
}
// compare with allowed url patterns
if ( !StringUtils.isBlank( strAntPathMatcherPatterns ) )
{
AntPathMatcher pathMatcher = new AntPathMatcher( );
String [ ] strAntPathMatcherPatternsTab = strAntPathMatcherPatterns.split( CONSTANT_COMMA );
for ( String pattern : strAntPathMatcherPatternsTab )
{
if ( pattern != null && pathMatcher.match( pattern, strUrl ) )
{
return true;
}
}
}
// the Url does not match the allowed patterns
Logger logger = Logger.getLogger( LOGGER_NAME );
logger.warn( "SECURITY WARNING : OPEN_REDIRECT DETECTED : " + dumpRequest( request ) );
return false;
}
/**
* 匹配路径
*
* @param request 请求
* @param path 路径
* @return 是否匹配
*/
private boolean matchPath(HttpServletRequest request, String path) {
AntPathMatcher matcher = new AntPathMatcher();
return matcher.match(path, request.getServletPath());
}