Skip to main content
Version: 当前版本

自定义sign插件检验算法

说明#

  • 用户可以自定义签名认证算法来实现验证。

扩展#

  • 默认的实现为 org.apache.shenyu.plugin.sign.service.ComposableSignService

    @Bean@ConditionalOnMissingBean(value = SignService.class, search = SearchStrategy.ALL)public SignService signService() {    return new ComposableSignService(new DefaultExtractor(), new DefaultSignProvider());}
  • 新增一个类 CustomSignService 实现 org.apache.shenyu.plugin.sign.api.SignService
public interface SignService {
    /**     * Gets verifyResult.     * @param exchange exchange     * @param requestBody requestBody     * @return result     */    VerifyResult signatureVerify(ServerWebExchange exchange, String requestBody);
    /**     * Gets verifyResult.     * @param exchange exchange     * @return result     */    VerifyResult signatureVerify(ServerWebExchange exchange);}
  • VerifyResultisSuccess()返回true,表示验证通过,为false的时候,会把getReason()中的信息输出到前端。

  • 把新增的实现类注册成为Springbean,如下

@Beanpublic SignService customSignService() {    return new CustomSignService();}