From b574da0a7cf4e8c10fc36d72dbf737ca36147727 Mon Sep 17 00:00:00 2001 From: kangwenjing <1138819403@qq.com> Date: Sun, 29 Mar 2026 13:34:27 +0800 Subject: [PATCH] =?UTF-8?q?=E8=B7=B3=E8=BD=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../crm/config/WecomSsoSecurityConfig.java | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 backend/src/main/java/com/unis/crm/config/WecomSsoSecurityConfig.java diff --git a/backend/src/main/java/com/unis/crm/config/WecomSsoSecurityConfig.java b/backend/src/main/java/com/unis/crm/config/WecomSsoSecurityConfig.java new file mode 100644 index 00000000..c66dc4b3 --- /dev/null +++ b/backend/src/main/java/com/unis/crm/config/WecomSsoSecurityConfig.java @@ -0,0 +1,30 @@ +package com.unis.crm.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.web.SecurityFilterChain; + +@Configuration +public class WecomSsoSecurityConfig { + + @Bean + public WebSecurityCustomizer wecomSsoWebSecurityCustomizer() { + return web -> web.ignoring().requestMatchers("/api/wecom/sso/**"); + } + + @Bean + @Order(0) + public SecurityFilterChain wecomSsoSecurityFilterChain(HttpSecurity http) throws Exception { + http.securityMatcher("/api/wecom/sso/**") + .csrf(csrf -> csrf.disable()) + .cors(Customizer.withDefaults()) + .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests(auth -> auth.anyRequest().permitAll()); + return http.build(); + } +}