spring cloud gateway (五)

Gateway简介

Spring Cloud Gateway是Spring公司基于Spring 5.0,Spring Boot 2.0 和 Project Reactor 等技术开发的网关,它旨在为微服务架构提供一种简单有效的统一的 API 路由管理方式。它的目标是替代Netflix Zuul,其不仅提供统一的路由方式,并且基于 Filter 链的方式提供了网关基本的功能,例如:安
全,监控和限流。
优点:
1 性能强劲:是第一代网关Zuul的1.6倍
2 功能强大:内置了很多实用的功能,例如转发、监控、限流等
3 设计优雅,容易扩展
缺点:
1 其实现依赖Netty与WebFlux,不是传统的Servlet编程模型,学习成本高
2 不能将其部署在Tomcat、Jetty等Servlet容器里,只能打成jar包执行
3 需要Spring Boot 2.0及以上的版本,才支持
spring cloud gateway (五)_第1张图片

Gateway

 		<!-- SpringCloud Alibaba Sentinel Gateway -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-alibaba-sentinel-gateway</artifactId>
        </dependency>
spring:
  redis:
    host: localhost
    port: 6379
    password:
  cloud:
    gateway:
      discovery:
        locator:
          lowerCaseServiceId: true
          enabled: true # 让gateway可以发现nacos中的微服务
      routes:# 路由数组[路由 就是指定当请求满足什么条件的时候转到哪个微服务
        # 认证中心
        - id: com-xzx-auth # 当前路由的标识, 要求唯一
          #lb指的是从nacos中按照名称获取微服务,并遵循负载均衡策略
          uri: lb://com-xzx-auth  # 请求要转发到的地址
          predicates: # 断言(就是路由转发要满足的条件)
            - Path=/service-auth/** # 当请求路径满足Path指定的规则时,才进行路由转发
          filters: # 当请求路径满足Path指定的规则时,才进行路由转发
            - StripPrefix=1 # 转发之前去掉1层路径

        # 商品中心
        - id: com-xzx-shop
          uri: lb://com-xzx-shop 
          predicates:
            - Path=/service-shop/**
          filters:
            - StripPrefix=1
        # 工单
        - id: com-xzx-order
          uri: lb://com-xzx-order
          predicates:
            - Path=/service-order/**
          filters:
            - StripPrefix=1
        # 用户中心
        - id: com-xzx-user
          uri: lb://com-xzx-user
          predicates:
            - Path=/service-user/**
          filters:
            - LogGatewayFilterFactory=true,true
            - StripPrefix=1
# 安全配置
security:
  # 不校验白名单
  ignore:
    whites:
      - /service-auth/auth/logout
      - /service-auth/auth/login
      - /service-auth/auth/login/test
      - /service-auth/auth/register

Gateway 内置有许多的路由断言

基于Datetime类型的断言工厂

此类型的断言根据时间做判断,主要有三个:
AfterRoutePredicateFactory: 接收一个日期参数,判断请求日期是否晚于指定日期
BeforeRoutePredicateFactory: 接收一个日期参数,判断请求日期是否早于指定日期
BetweenRoutePredicateFactory: 接收两个日期参数,判断请求日期是否在指定时间段内
-After=2019-12-31T23:59:59.789+08:00[Asia/Shanghai]

基于远程地址的断言工厂 RemoteAddrRoutePredicateFactory:接收一个IP地址段,判断请求主机地址是否在地址段中

-RemoteAddr=192.168.1.1/24

基于Cookie的断言工厂

CookieRoutePredicateFactory:接收两个参数,cookie 名字和一个正则表达式。 判断请求
cookie是否具有给定名称且值与正则表达式匹配。
-Cookie=chocolate, ch.

基于Header的断言工厂

HeaderRoutePredicateFactory:接收两个参数,标题名称和正则表达式。 判断请求Header是否
具有给定名称且值与正则表达式匹配。
-Header=X-Request-Id, \d+

基于Host的断言工厂

HostRoutePredicateFactory:接收一个参数,主机名模式。判断请求的Host是否满足匹配规则。
-Host=**.testhost.org

基于Method请求方法的断言工厂

MethodRoutePredicateFactory:接收一个参数,判断请求类型是否跟指定的类型匹配。
-Method=GET

基于Path请求路径的断言工厂

PathRoutePredicateFactory:接收一个参数,判断请求的URI部分是否满足路径规则。
-Path=/foo/{segment}

基于Query请求参数的断言工厂

QueryRoutePredicateFactory :接收两个参数,请求param和正则表达式, 判断请求参数是否具
有给定名称且值与正则表达式匹配。
-Query=baz, ba.

基于路由权重的断言工厂

WeightRoutePredicateFactory:接收一个[组名,权重], 然后对于同一个组内的路由按照权重转发
routes:
-id: weight_route1 uri: host1 predicates:
-Path=/product/**
-Weight=group3, 1
-id: weight_route2 uri: host2 predicates:
-Path=/product/**
-Weight= group3, 9

spring cloud gateway (五)_第2张图片

gateway自定义断言

//泛型 用于接收一个配置类,配置类用于接收中配置文件中的配置
    @Component
    public class AgeRoutePredicateFactory extends AbstractRoutePredicateFactory<AgeRoutePredicateFactory.Config> {
        public AgeRoutePredicateFactory() {
            super(AgeRoutePredicateFactory.Config.class);
        }
        //用于从配置文件中获取参数值赋值到配置类中的属性上
        @Override
        public List<String> shortcutFieldOrder() {
            //这里的顺序要跟配置文件中的参数顺序一致
            return Arrays.asList("minAge", "maxAge");
        }
        //断言
        @Override
        public Predicate<ServerWebExchange> apply(AgeRoutePredicateFactory.Config
                                                          config) {
            return new Predicate<ServerWebExchange>() {
                @Override
                public boolean test(ServerWebExchange serverWebExchange) {
                    String ageStr =
                            serverWebExchange.getRequest().getQueryParams().getFirst("age");
                    if (StringUtils.isNotEmpty(ageStr)) {
                        int age = Integer.parseInt(ageStr);
                        return age > config.getMinAge() && age < config.getMaxAge();
                    }
                    return true;
                }
            };
        }
    }
    //自定义一个配置类, 用于接收配置文件中的参数
    @Data
    class Config {
        private int minAge;
        private int maxAge;
    }
# 自定义断言使用
routes:
- id: product-route
uri: lb://service-product
predicates:
- Path=/product-serv/**
- Age=18,60  # 限制年龄只有在18到60岁之间的人能访问
filters:
- StripPrefix=1

gateway 过滤器

gateway 过滤器分局部过滤器和全局过滤器,局部过滤要配置在具体的路由下,全局过滤器则对所有路由生效 全局过滤器可用来进行网关鉴权

/**
	全局过滤器
 * 网关鉴权
 */
@Component
public class AuthGlobalFilter implements GlobalFilter, Ordered {

    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
	//网关放行白名单
    private IgnoreWhiteProperties whiteProperties;
    private RedisService redisService;

    @Autowired
    public AuthGlobalFilter(RedisService redisService,IgnoreWhiteProperties whiteProperties){
        this.redisService = redisService;
        this.whiteProperties = whiteProperties;
    }


    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        ServerHttpRequest serverHttpRequest = exchange.getRequest();
        ServerHttpRequest.Builder mutate = serverHttpRequest.mutate();

        String url = serverHttpRequest.getURI().getPath();
        //跳过不需要验证的路径
        if (match(url,whiteProperties.getWhites())){
            return chain.filter(exchange);
        }
        String token = getToken(serverHttpRequest);
        if (StringUtils.isEmpty(token)){
            return unauthorizedResponse(exchange,"令牌不能为空");
        }
        Claims claims = JWTUtils.parseToken(token);
        if (Objects.isNull(claims)){
            return unauthorizedResponse(exchange,"令牌过期或者不正确");
        }
        String userKey = JWTUtils.getUserKey(claims);
        Boolean isLogin = redisService.hasKey(getTokenKey(userKey));
        if (!isLogin){
            return unauthorizedResponse(exchange,"登陆状态已过期");
        }
        String userId = JWTUtils.getUserId(claims);
        String username = JWTUtils.getUsername(claims);
        if (StringUtils.isEmpty(userId) || StringUtils.isEmpty(username)){
            return unauthorizedResponse(exchange,"令牌验证失败");
        }
        addHeader(mutate,"user_key",userKey);
        addHeader(mutate,"user_id",userId);
        addHeader(mutate,"username",username);

        //内部请求来源参数清除
        removerHeader(mutate,"from-source");
        return chain.filter(exchange.mutate().request(mutate.build()).build());
    }

    private void removerHeader(ServerHttpRequest.Builder mutate, String name) {
        mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
    }

    private void addHeader(ServerHttpRequest.Builder mutate, String key, Object value) {
        if (Objects.isNull(value)){
            return;
        }
        String valueString = value.toString();
        String valueEncode = ServletUtils.urlEncode(valueString);
        mutate.header(key,valueEncode);
    }

    private String getTokenKey(String userKey) {
        return "login_tokens:" + userKey;
    }

    private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
        log.error("[鉴权异常处理]请求路径{}",exchange.getRequest().getPath());
        return ServletUtils.webFluxResponseWriter(exchange.getResponse(),msg,401);
    }

    private String getToken(ServerHttpRequest serverHttpRequest) {
        String token = serverHttpRequest.getHeaders().getFirst("Authorization");
        if (StringUtils.isNotEmpty(token) && token.startsWith("Bearer")){
            token = token.replaceFirst("Bearer","");
        }
        return token;
    }

    @Override
    public int getOrder() {
        return 0;
    }


    private Boolean match(String url,List<String> whiteList){
        if (StringUtils.isEmpty(url) || CollectionUtils.isEmpty(whiteList)){
            return false;
        }
        for (String whiteUrl : whiteList) {
            if (isMatch(url,whiteUrl)){
                return true;
            }
        }
        return false;
    }

    private Boolean isMatch(String url,String whiteUrl){
        AntPathMatcher matcher = new AntPathMatcher();
        return matcher.match(url,whiteUrl);
    }
}

局部过滤器

@Component
public class LogGatewayFilterFactory extends AbstractGatewayFilterFactory<LogGatewayFilterFactory.Config> {

    @Override
    public String name() {
    	//重写name方法 这里就是配置中的名字,如果不重写 配置中就写Gateway前的 也就是log
        return "LogGatewayFilterFactory";
    }

    public LogGatewayFilterFactory(){
        super(LogGatewayFilterFactory.Config.class);
    }

    /**
     * 读取配置文件中的参数 赋值到 配置类中
     * @return
     */
    @Override
    public List<String> shortcutFieldOrder() {
    	// 会把配置中的值赋值到 Config中
        return Arrays.asList("consoleLog","cacheLog");
    }

    @Override
    public GatewayFilter apply(LogGatewayFilterFactory.Config config) {
        return (exchange, chain) -> {
            if (config.isCacheLog()){
                System.out.println("缓存日志开启");
            }
            if (config.isConsoleLog()){
                System.out.println("控制台日志开启");
            }
            return chain.filter(exchange);
        };
    }

	//接收配置中的参数
    public static class Config{
        private boolean consoleLog;
        private boolean cacheLog;

        public boolean isConsoleLog() {
            return consoleLog;
        }

        public void setConsoleLog(boolean consoleLog) {
            this.consoleLog = consoleLog;
        }

        public boolean isCacheLog() {
            return cacheLog;
        }

        public void setCacheLog(boolean cacheLog) {
            this.cacheLog = cacheLog;
        }
    }
}
## 配置
filters:
  - LogGatewayFilterFactory=true,true
  - StripPrefix=1

gateway 统一异常处理

/**
 * 网关统一异常处理
 */
@Configuration
@Order(-1)
public class GatewayExceptionHandle implements ErrorWebExceptionHandler {

    private static final Logger log = LoggerFactory.getLogger(GatewayExceptionHandle.class);

    @Override
    public Mono<Void> handle(ServerWebExchange exchange, Throwable ex) {
        ServerHttpResponse response = exchange.getResponse();
        if (exchange.getResponse().isCommitted()){
            //响应已经提交到客户端
            return Mono.error(ex);
        }
        String msg;
        if (ex instanceof NotFoundException){
            msg = "服务未找到";
        }else if (ex instanceof ResponseStatusException){
            ResponseStatusException responseStatusException = (ResponseStatusException) ex;
            msg = responseStatusException.getMessage();
        }else {
            msg = "内部服务器错误";
        }
        log.error("[网关异常处理]请求路径:{},异常信息:{}",exchange.getRequest().getPath(),ex.getMessage());
        return ServletUtils.webFluxResponseWriter(response,msg);
    }
}

gateway依赖WebFlux所以要学习下WebFlux
WebFlux

你可能感兴趣的:(spring,cloud,alibaba,微服务,java,开发语言)