主要實(shí)現(xiàn)對(duì)在白名單中的service級(jí)別或者api級(jí)別的網(wǎng)關(guān)路由。

創(chuàng)新互聯(lián)公司主營(yíng)永和網(wǎng)站建設(shè)的網(wǎng)絡(luò)公司,主營(yíng)網(wǎng)站建設(shè)方案,成都app開(kāi)發(fā),永和h5小程序制作搭建,永和網(wǎng)站營(yíng)銷(xiāo)推廣歡迎永和等地區(qū)企業(yè)咨詢(xún)

一.service和api級(jí)別的路由

1.service級(jí)別的網(wǎng)關(guān)路由

public class ServiceIdWhiteTableRouteLocator extends DiscoveryClientRouteLocator {
    ...
    //主要重寫(xiě)該方法，在調(diào)用完super的locateRoutes后再與白名單列表比較，提取出交集
    @Override
    protected LinkedHashMap locateRoutes() {

        LinkedHashMap routeMaps = super.locateRoutes();
        LinkedHashMap whiteRouteMaps = new LinkedHashMap<>();
        routeMaps.forEach((k, v) -> {
            if (PatternMatchUtils.simpleMatch(whites, v.getServiceId())) {

                whiteRouteMaps.put(k, v);
            }

        });

        for (ZuulProperties.ZuulRoute route : this.properties.getRoutes().values()) {
            whiteRouteMaps.put(route.getPath(), route);
        }
        return whiteRouteMaps;
    }

    ...
}

2.api級(jí)別的網(wǎng)關(guān)路由

public class PathWhiteTableHandleMapping extends ZuulHandlerMapping {
   ...
   //主要重寫(xiě)該方法，在原有的ZuulHandlerMapping基礎(chǔ)上添加判斷是否在白名單的邏輯
    @Override
    protected Object lookupHandler(String urlPath, HttpServletRequest request) throws Exception {
        if (this.errorController != null && urlPath.equals(this.errorController.getErrorPath())) {
            return null;
        }
        if (isIgnoredPath(urlPath, this.routeLocator.getIgnoredPaths())) return null;
        /**
         * 檢查是否在白名單中，不在白名單中的不路由
         */
        if (!isInPathWhiteTables(urlPath, this.pathWhites)) return null;

        RequestContext ctx = RequestContext.getCurrentContext();
        if (ctx.containsKey("forward.to")) {
            return null;
        }
        if (this.dirty) {
            synchronized (this) {
                if (this.dirty) {
                    registerHandlers();
                    this.dirty = false;
                }
            }
        }
        return super.lookupHandler(urlPath, request);
    }

      private boolean isInPathWhiteTables(String urlPath, Collection pathWhites) {
        for (String whitePath : pathWhites) {
            if (this.pathMatcher.match(whitePath, urlPath)) {
                return true;
            }
        }
        return false;
    }

     public void setPathWhiteTables(Collection whites) {
        this.pathWhites = whites;
    }
   ...
}

二.config配置

1.首先卸載zuul自帶的auto config.

@SpringBootApplication(exclude = ZuulProxyAutoConfiguration.class)


2.需要全量copy三個(gè)類(lèi)

org.springframework.cloud.netflix.zuul.RibbonCommandFactoryConfiguration

org.springframework.cloud.netflix.zuul.ZuulProxyAutoConfiguration

org.springframework.cloud.netflix.zuul.ZuulServerAutoConfiguration

然后修改ZuulServerAutoConfiguration中的zuulHandlerMapping的bean注冊(cè):

   @Bean(value = "discoveryRouteLocator")
    public DiscoveryClientRouteLocator discoveryClientRouteLocator(ServerProperties server, DiscoveryClient discovery) {
        //service白名單注入點(diǎn)
        return new ServiceIdWhiteTableRouteLocator(server.getServlet().getServletPrefix(), discovery, this.zuulProperties, whiteRouteProperties.getWhiteServices());
    }

    @Bean(value = "zuulHandlerMapping")
    public ZuulHandlerMapping zuulHandlerMapping(RouteLocator routes) {
        PathWhiteTableHandleMapping mapping = new PathWhiteTableHandleMapping(routes, zuulController());
        mapping.setErrorController(this.errorController);
        //路徑白名單注入點(diǎn)
        mapping.setPathWhiteTables(whiteRouteProperties.getWhitePaths());
        return mapping;
    }

其中WhiteRouteProperties是一個(gè)裝載配置屬性的屬性類(lèi)，自己定義即可。ZuulProxyAutoConfiguration需要修改其父類(lèi)為上述的ZuulServerAutoConfigurationn。

三. 配置文件配置

主要是在application.yaml文件中增加:

zuul:
  #控制service級(jí)別白名單(list)
  white-services:
        - 'hello-server'
  #控制api級(jí)別白名單(list)
  white-paths:
        - '/hello/world'
  routes:
    - url: hello-server
      path: /hello/**
  #默認(rèn)全部不路由
  ignored-services: '*'

上述配置可以實(shí)現(xiàn)將/hello/**該pattern請(qǐng)求路由到hello-server上，由于默認(rèn)設(shè)置全部不路由，通過(guò)zuul.routes加進(jìn)去(看源碼實(shí)現(xiàn))，然后由于設(shè)置了白名單功能，需要在white-services上加上hello-server,而white-paths主要是控制白名單中的某個(gè)service中具體的哪個(gè)api可以被路由,如上可知是僅有/hello/world可以被路由處理。

這樣就實(shí)現(xiàn)了多維度的白名單路由處理。

如有不足，請(qǐng)不吝賜教。