Merge branch 'refs/heads/dev' into test

# Conflicts: # yd-auth-core/src/main/java/com/yd/auth/core/config/SecurityConfig.java

Merge branch 'refs/heads/dev' into test
# Conflicts: # yd-auth-core/src/main/java/com/yd/auth/core/config/SecurityConfig.java
bb65fa15 · jianan · f488bc2e · 7302fd93 · bb65fa15 · bb65fa15
Commit bb65fa15 authored Sep 08, 2025 by jianan
Showing with 43 additions and 2 deletions

yd-auth-core/src/main/java/com/yd/auth/core/config/SecurityConfig.java
+7 -1

yd-gateway/pom.xml
+7 -0

yd-gateway/src/main/java/com/yd/gateway/config/GatewayJwtAuthFilterConfig.java
+29 -1

No files found.
--- a/yd-auth-core/src/main/java/com/yd/auth/core/config/SecurityConfig.java
+++ b/yd-auth-core/src/main/java/com/yd/auth/core/config/SecurityConfig.java
@@ -68,7 +68,13 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                        "/swagger-ui/**",
                        "/v3/api-docs/**",
                        "/sysUser/body/detail",
-                        "/scrm/test"
+                        "/scrm/test",
+                        "/doc.html",
+                        "/webjars/**",
+                        "/favicon.ico",
+                        "/user/api/v3/api-docs",
+                        "/insurance/base/api/v3/api-docs",
+                        "/csf/api/v3/api-docs"
                ).permitAll()
                .anyRequest().authenticated()
                .and()

--- a/yd-gateway/pom.xml
+++ b/yd-gateway/pom.xml
@@ -14,6 +14,13 @@
    <description>网关模块</description>

    <dependencies>
+        <!-- knife4j 网关依赖 -->
+        <dependency>
+            <groupId>com.github.xiaoymin</groupId>
+            <artifactId>knife4j-gateway-spring-boot-starter</artifactId>
+            <version>4.3.0</version>
+        </dependency>
+
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-gateway</artifactId>

--- a/yd-gateway/src/main/java/com/yd/gateway/config/GatewayJwtAuthFilterConfig.java
+++ b/yd-gateway/src/main/java/com/yd/gateway/config/GatewayJwtAuthFilterConfig.java
@@ -2,6 +2,7 @@ package com.yd.gateway.config;

 import com.yd.gateway.exception.JwtAuthException;
 import com.yd.gateway.utils.JwtTokenUtil;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.context.annotation.Bean;
@@ -9,6 +10,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpStatus;
+import org.springframework.util.AntPathMatcher;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;

@@ -16,11 +18,27 @@ import reactor.core.publisher.Mono;
 * 网关JWT认证过滤器：只做轻量校验（验证token有效性），不查询业务数据
 */
 @Configuration
+@Slf4j
 public class GatewayJwtAuthFilterConfig {

    @Autowired
    private JwtTokenUtil jwtTokenUtil;

+    private AntPathMatcher matcher = new AntPathMatcher();
+
+    private static final String[] KNIFE4J_WHITELIST = {
+            "/doc.html",
+            "/webjars/**",
+            "/v3/api-docs/*",
+            "/swagger-resources/*",
+            "/swagger-ui/*",
+            "/auth/v2/api-docs/*",
+            "/favicon.ico",
+            "/user/api/v3/api-docs/**",
+            "/insurance/base/api/v3/api-docs/**",
+            "/csf/api/v3/api-docs/**"
+    };
+
    /**
     * 注册全局过滤器，优先级高于路由过滤器（确保先校验再路由）
     */
@@ -65,6 +83,15 @@ public class GatewayJwtAuthFilterConfig {
        return null;
    }

+    private boolean isKnife4jWhitelist(String requestPath) {
+        for (String pattern : KNIFE4J_WHITELIST) {
+            if (matcher.match(pattern, requestPath)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
    /**
     * 判断路径是否在白名单中（无需认证）
     */
@@ -72,7 +99,8 @@ public class GatewayJwtAuthFilterConfig {
        // 白名单路径：与SecurityWebFilterChain中的配置保持一致
        return path.startsWith("/auth/")
                || path.startsWith("/swagger-ui/")
-                || path.startsWith("/v3/api-docs/");
+                || path.startsWith("/v3/api-docs/")
+                || isKnife4jWhitelist(path);
    }

    /**