actuator and /swagger-ui 安全性增强

"/actuator","/actuator/**","/swagger-ui","/swagger-ui/**"
2026-06-14 19:41:46 +08:00 · 2025-12-08 17:49:29 +08:00
parent e71e4c068f
commit c5d71fbb36
9 changed files with 129 additions and 26 deletions
--- a/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/endpoint/OnlineSessionEndpoint.java
+++ b/maxkey-protocols/maxkey-protocol-authorize/src/main/java/org/dromara/maxkey/authz/endpoint/OnlineSessionEndpoint.java
@@ -20,27 +20,25 @@ package org.dromara.maxkey.authz.endpoint;
 import org.dromara.maxkey.authn.session.Session;
 import org.dromara.maxkey.authn.session.SessionManager;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;

 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.tags.Tag;

@Tag(name = "3-1-在线ticket文档模块")
-@Controller
+@RestController
@RequestMapping(value={"/onlineticket"})
 public class OnlineSessionEndpoint {

    @Autowired
    protected SessionManager sessionManager;
    
-    @Operation(summary = "在线ticket验证接口", description = "",method="GET")
-    @ResponseBody
-    @RequestMapping(value="/validate") 
-    public String ticketValidate(
-            @RequestParam(value ="ticket",required = true) String ticket) {
+    @Operation(summary = "在线ticket验证接口", description = "")
+    @GetMapping(value="/validate") 
+    public String ticketValidate(@RequestParam(value ="ticket",required = true) String ticket) {
        Session session = sessionManager.get(ticket);
        return session == null ? "" : session.getId();
    }