Add files via upload

dreamstar-enterprises · Aug 18, 2024 · 0a7d40c · 0a7d40c
1 parent c5619c4
commit 0a7d40c
Showing 1 changed file with 25 additions and 3 deletions.
diff --git a/Spring BFF/bff/routing/RoutingConfig.kt b/Spring BFF/bff/routing/RoutingConfig.kt
@@ -1,6 +1,8 @@
 package com.example.bff.routing
 
+import com.example.bff.auth.BffSecurityIgnoreConfig
 import com.example.bff.props.ServerProperties
+import org.springframework.cloud.gateway.filter.factory.TokenRelayGatewayFilterFactory
 import org.springframework.cloud.gateway.route.RouteLocator
 import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder
 import org.springframework.context.annotation.Bean
@@ -13,20 +15,39 @@ import org.springframework.context.annotation.Configuration
 @Configuration
 internal class RoutingConfig(
     private val serverProperties: ServerProperties,
+    private val uriEndPointFilter: BffSecurityIgnoreConfig
 ) {
 
     @Bean
-    fun routeLocator(builder: RouteLocatorBuilder): RouteLocator {
+    fun routeLocator(
+        builder: RouteLocatorBuilder,
+        tokenRelayGatewayFilterFactory: TokenRelayGatewayFilterFactory
+    ): RouteLocator {
         return builder.routes()
+
+            // routing for skipping security context
+            .route("static-resources") { r ->
+                r.path("/api${serverProperties.resourceServerPrefix}/**").and().predicate { exchange ->
+                    val requestPath = exchange.request.uri.path
+                    uriEndPointFilter.shouldSkipStaticResources(requestPath)
+                }
+                    .filters { f ->
+                        f.filter { exchange, chain ->
+                            println("Handling resource: ${exchange.request.uri.path}")
+                            chain.filter(exchange)
+                        }
+                    }
+                    .uri(serverProperties.reverseProxyUri)
+            }
+
             // routing for Resource Server
             .route("resource-server") { r ->
                 r.path("/api${serverProperties.resourceServerPrefix}/**")
                     .filters { f ->
                         f.filter { exchange, chain ->
-                            println("Request Headers: ${exchange.request.headers}")
-                            // add custom filter logic here if needed
                             chain.filter(exchange)
                         }
+                        f.filter(tokenRelayGatewayFilterFactory.apply())
                             .removeRequestHeader("Cookie")
                             .dedupeResponseHeader("Access-Control-Allow-Credentials", "RETAIN_UNIQUE")
                             .dedupeResponseHeader("Access-Control-Allow-Origin", "RETAIN_UNIQUE")
@@ -35,6 +56,7 @@ internal class RoutingConfig(
             }
             .build()
     }
+
 }
 
 /**********************************************************************************************************************/