SpringBoot 获取 HttpSecurity 中放行的所有 URL 和 Method

可以通过以下代码获取 authorizeHttpRequests 中放行的所有 URL 和 Method：

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
    @Autowired
    private HttpSecurity httpSecurity;
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests()
                .antMatchers("/public/**").permitAll()
                .antMatchers("/admin/**").hasRole("ADMIN")
                .anyRequest().authenticated();
    }
    
    @PostConstruct
    public void init() {
        Map<RequestMatcher, Collection<ConfigAttribute>> requestMap = httpSecurity.getSharedObject(RequestMatcher.class);
        for (Map.Entry<RequestMatcher, Collection<ConfigAttribute>> entry : requestMap.entrySet()) {
            RequestMatcher requestMatcher = entry.getKey();
            Collection<ConfigAttribute> configAttributes = entry.getValue();
            System.out.println(requestMatcher.toString());
            for (ConfigAttribute configAttribute : configAttributes) {
                System.out.println(configAttribute.toString());
            }
        }
    }
}

这里通过 httpSecurity.getSharedObject(RequestMatcher.class) 获取所有的 RequestMatcher 和对应的 ConfigAttribute 集合，然后遍历输出即可。