自定义sign插件检验算法

说明

  • 用户可以自定义签名认证算法来实现验证。

扩展

  • 默认的实现为 org.apache.shenyu.plugin.sign.service.ComposableSignService

    1. @Bean
    2. @ConditionalOnMissingBean(value = SignService.class, search = SearchStrategy.ALL)
    3. public SignService signService() {
    4.     return new ComposableSignService(new DefaultExtractor(), new DefaultSignProvider());
    5. }

  • 新增一个类 CustomSignService 实现 org.apache.shenyu.plugin.sign.api.SignService

  1. public interface SignService {
  4.     /**
  5.      * Gets verifyResult.
  6.      * @param exchange exchange
  7.      * @param requestBody requestBody
  8.      * @return result
  9.      */
  10.     VerifyResult signatureVerify(ServerWebExchange exchange, String requestBody);
  13.     /**
  14.      * Gets verifyResult.
  15.      * @param exchange exchange
  16.      * @return result
  17.      */
  18.     VerifyResult signatureVerify(ServerWebExchange exchange);
  19. }

  • VerifyResultisSuccess()返回true,表示验证通过,为false的时候,会把getReason()中的信息输出到前端。

  • 把新增的实现类注册成为Springbean,如下

  1. @Bean
  2. public SignService customSignService() {
  3.     return new CustomSignService();
  4. }