软防火墙提取成springboot starter插件

opsli-plugins/opsli-plugins-waf/pom.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>opsli-plugins</artifactId>
+        <groupId>org.opsliframework.boot</groupId>
+        <version>1.0.0</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>opsli-plugins-waf</artifactId>
+    <version>${project.parent.version}</version>
+
+    <properties>
+        <maven.compiler.source>8</maven.compiler.source>
+        <maven.compiler.target>8</maven.compiler.target>
+    </properties>
+
+</project>

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/conf/WafConfig.java

@@ -13,12 +13,13 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.opsli.core.autoconfigure.conf;
+package org.opsli.plugins.waf.conf;
 
 import cn.hutool.core.convert.Convert;
-import org.opsli.core.autoconfigure.properties.GlobalProperties;
+import org.opsli.plugins.waf.filter.WafFilter;
-import org.opsli.core.waf.filter.WafFilter;
+import org.opsli.plugins.waf.properties.WafProperties;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -34,27 +35,27 @@ import javax.servlet.DispatcherType;
  * @date 2020-10-09
  */
 @Configuration
+@EnableConfigurationProperties(WafProperties.class)
+@ConditionalOnProperty(prefix = WafProperties.PROP_PREFIX, name = "enable", havingValue = "true")
 public class WafConfig {
 
 	@Resource
-	private GlobalProperties globalProperties;
+	private WafProperties wafProperties;
 
 	@Bean
-	@ConditionalOnProperty(prefix = GlobalProperties.PROP_PREFIX +".waf", name = "enable", havingValue = "true", matchIfMissing = false)
 	public FilterRegistrationBean<WafFilter> wafFilterRegistration() {
 		WafFilter wafFilter = new WafFilter();
-		wafFilter.setUrlExclusion(globalProperties.getWaf().getUrlExclusion());
+		wafFilter.setUrlExclusion(wafProperties.getUrlExclusion());
-		wafFilter.setEnableSqlFilter(globalProperties.getWaf().isSqlFilter());
+		wafFilter.setEnableSqlFilter(wafProperties.isSqlFilter());
-		wafFilter.setEnableXssFilter(globalProperties.getWaf().isXssFilter());
+		wafFilter.setEnableXssFilter(wafProperties.isXssFilter());
 
 		FilterRegistrationBean<WafFilter> registration = new FilterRegistrationBean<>();
 		registration.setDispatcherTypes(DispatcherType.REQUEST);
 		registration.setFilter(wafFilter);
-		registration.addUrlPatterns(Convert.toStrArray(globalProperties.getWaf().getUrlPatterns()));
+		registration.addUrlPatterns(Convert.toStrArray(wafProperties.getUrlPatterns()));
 		registration.setName(WafFilter.class.getSimpleName());
-		registration.setOrder(globalProperties.getWaf().getOrder());
+		registration.setOrder(wafProperties.getOrder());
 		return registration;
 	}
 
-
 }

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/filter/WafFilter.java

@@ -13,15 +13,15 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.opsli.core.waf.filter;
+package org.opsli.plugins.waf.filter;
 
 
-import org.opsli.core.waf.servlet.WafHttpServletRequestWrapper;
+
+import org.opsli.plugins.waf.servlet.WafHttpServletRequestWrapper;
 
 import javax.servlet.*;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
-import java.util.List;
 import java.util.Set;
 
 /**

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/msg/WafMsg.java

@@ -0,0 +1,55 @@
+/**
+ * Copyright 2020 OPSLI 快速开发平台 https://www.opsli.com
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.opsli.plugins.waf.msg;
+
+import org.opsli.common.base.msg.BaseMsg;
+
+/**
+ * @BelongsProject: opsli-boot
+ * @BelongsPackage: org.opsli.plugins.mail.msg
+ * @Author: Parker
+ * @CreateTime: 2020-09-13 19:54
+ * @Description: Excel 消息
+ */
+public enum WafMsg implements BaseMsg {
+
+    /**
+     * 防火墙
+     */
+    WAF_EXCEPTION_XSS(10500, "包含非法字符！"),
+    WAF_EXCEPTION_SQL(10501, "包含非法字符！"),
+
+    ;
+
+
+    private final int code;
+    private final String message;
+
+    WafMsg(int code, String message){
+        this.code = code;
+        this.message = message;
+    }
+
+    @Override
+    public Integer getCode() {
+        return this.code;
+    }
+
+    @Override
+    public String getMessage() {
+        return this.message;
+    }
+}

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/properties/WafProperties.java

@@ -0,0 +1,45 @@
+package org.opsli.plugins.waf.properties;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import lombok.NoArgsConstructor;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+import java.util.Set;
+
+/**
+ * 软防火墙
+ *
+ * @author Parker
+ * @date 2020-12-19
+ */
+@ConfigurationProperties(prefix = WafProperties.PROP_PREFIX)
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@EqualsAndHashCode(callSuper = false)
+public class WafProperties {
+
+    public static final String PROP_PREFIX = "opsli.waf";
+
+
+    /** 是否生效 */
+    private boolean enable;
+
+    /** xss 过滤  */
+    private boolean xssFilter;
+
+    /** sql 过滤 */
+    private boolean sqlFilter;
+
+    /** 过滤器需要过滤的路径 */
+    private Set<String> urlPatterns;
+
+    /** 过滤器需要排除过滤的路径 */
+    private Set<String> urlExclusion;
+
+    /** 过滤器的优先级，值越小优先级越高 */
+    private int order;
+
+}

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/servlet/WafHttpServletRequestWrapper.java

@@ -13,13 +13,13 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.opsli.core.waf.servlet;
+package org.opsli.plugins.waf.servlet;
 
 import com.google.common.collect.Lists;
 import lombok.extern.slf4j.Slf4j;
 import org.opsli.common.constants.TokenConstants;
-import org.opsli.core.waf.util.SQLFilterKit;
+import org.opsli.plugins.waf.util.SQLFilterKit;
-import org.opsli.core.waf.util.XSSFilterKit;
+import org.opsli.plugins.waf.util.XSSFilterKit;
 import org.springframework.util.StreamUtils;
 import org.springframework.util.StringUtils;
 

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/util/SQLFilterKit.java

@@ -13,10 +13,10 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.opsli.core.waf.util;
+package org.opsli.plugins.waf.util;
 
 import org.opsli.common.exception.WafException;
-import org.opsli.core.msg.CoreMsg;
+import org.opsli.plugins.waf.msg.WafMsg;
 import org.springframework.util.StringUtils;
 
 /**
@@ -51,7 +51,7 @@ public final class SQLFilterKit {
 		//判断是否包含非法字符
 		for (String keyword : keywords) {
 			if (str.contains(keyword)) {
-				throw new WafException(CoreMsg.WAF_EXCEPTION_SQL);
+				throw new WafException(WafMsg.WAF_EXCEPTION_SQL);
 			}
 		}
 		return str;

opsli-plugins/opsli-plugins-waf/src/main/java/org/opsli/plugins/waf/util/XSSFilterKit.java

@@ -13,7 +13,7 @@
  * License for the specific language governing permissions and limitations under
  * the License.
  */
-package org.opsli.core.waf.util;
+package org.opsli.plugins.waf.util;
 
 import org.apache.commons.lang3.StringUtils;
 

opsli-plugins/opsli-plugins-waf/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -0,0 +1,47 @@
+{
+  "properties": [
+    {
+      "name": "opsli.waf.enable",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.lang.Boolean",
+      "defaultValue": false,
+      "description": "软防火墙是否开启."
+    },
+    {
+      "name": "opsli.waf.xss-filter",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.lang.Boolean",
+      "defaultValue": false,
+      "description": "软防火墙 xss 过滤开启状态."
+    },
+    {
+      "name": "opsli.waf.sql-filter",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.lang.Boolean",
+      "defaultValue": false,
+      "description": "软防火墙 sql 过滤开启状态."
+    },
+    {
+      "name": "opsli.waf.url-patterns",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.util.Set<java.lang.String>",
+      "defaultValue": [
+        "/*"
+      ],
+      "description": "软防火墙 过滤器需要过滤的路径."
+    },
+    {
+      "name": "opsli.waf.url-exclusion",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.util.Set<java.lang.String>",
+      "description": "软防火墙 过滤器需要排除过滤的路径."
+    },
+    {
+      "name": "opsli.waf.order",
+      "sourceType": "org.opsli.plugins.waf.properties.WafProperties",
+      "type": "java.lang.Integer",
+      "defaultValue": 0,
+      "description": "软防火墙 过滤器的优先级，值越小优先级越高."
+    }
+  ]
+}

opsli-plugins/opsli-plugins-waf/src/main/resources/META-INF/spring.factories

@@ -0,0 +1 @@
+org.springframework.boot.autoconfigure.EnableAutoConfiguration=org.opsli.plugins.waf.conf.WafConfig