自定义sign插件检验算法

说明

  • 用户可以自定义签名认证算法来实现验证。

扩展

  • 默认的实现为 org.apache.shenyu.plugin.sign.service.ComposableSignService

    1. @Bean
    2. @ConditionalOnMissingBean(value = SignService.class, search = SearchStrategy.ALL)
    3. public SignService signService() {
    4. return new ComposableSignService(new DefaultExtractor(), new DefaultSignProvider());
    5. }
  • 新增一个类 CustomSignService 实现 org.apache.shenyu.plugin.sign.api.SignService

  1. public interface SignService {
  2. /**
  3. * Gets verifyResult.
  4. * @param exchange exchange
  5. * @param requestBody requestBody
  6. * @return result
  7. */
  8. VerifyResult signatureVerify(ServerWebExchange exchange, String requestBody);
  9. /**
  10. * Gets verifyResult.
  11. * @param exchange exchange
  12. * @return result
  13. */
  14. VerifyResult signatureVerify(ServerWebExchange exchange);
  15. }
  • VerifyResultisSuccess()返回true,表示验证通过,为false的时候,会把getReason()中的信息输出到前端。

  • 把新增的实现类注册成为Springbean,如下

  1. @Bean
  2. public SignService customSignService() {
  3. return new CustomSignService();
  4. }