Spring Security原理与应用

最新推荐文章于 2022-06-02 21:05:49 发布
最新推荐文章于 2022-06-02 21:05:49 发布
阅读量227 收藏 1
点赞数
分类专栏: SpringBoot
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qixiang_chen/article/details/106407907
版权

Spring Security是Spring提供登录认证,鉴权的组件,使用起来很方便,所以越来越多的系统使用Spring Security完成登录校验功能,Spring Security使用Filter过滤器检查客户端连接是否完成登录校验,使用Cookie记录登录状态,下面例程演示Spring Securiy登录和授权。

1、创建Maven工程,引入Spring Securiy依赖


  <parent>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-parent</artifactId>
      <version>2.0.0.RELEASE</version>
      <relativePath/>
  </parent>
  
  <dependencies>
		<dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>3.8.1</version>
      <scope>test</scope>
    </dependency>
  </dependencies>

2、创建配置文件,/src/main/resources/application.yml

server:
  port: 6060

3、编写启动类

package com.hk.sec;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
public class StartApp {
	public static void main(String[] args)
	{
		SpringApplication.run(StartApp.class, args);
	}
}

4、测试Spring Security
对Spring Security没有做更多配置,默认登录用户是user,密码在启动控制台上有显示
在这里插入图片描述
通过浏览器登录系统http://localhost:6060
在这里插入图片描述
登录成功后出现
在这里插入图片描述
5、以上是最简化地使用了Spring Security,在实际项目中需要对登录和授权做更细致的控制,比如用户和密码放在DB,LDAP或者第三方平台登录(qq,微信),授权控制需要通过角色来控制权限。
6、集成数据库用户和密码校验,实现接口UserDetailsService,接口UserDetailsService是Spring Security中定义的接口,Spring Security使用UserDetailsService获取用户对象

package com.hk.sec;

import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

@Component
public class UserService implements UserDetailsService{

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		System.out.println("loadUserByUsername username==="+username);
		if("user".equals(username))
		{
			UserInfo u = new UserInfo("user","123");
			u.addRole("ROLE_ORG");
			u.addRole("ROLE_USER");
			return u;
		}
		
		return null;
	}

}

在类UserService 可以连接数据库将用户名和密码加载出来。
7、配置如何使用自定义类UserService获取用户数据
定义WebSecurityConfigurerAdapter子类,并实现configure方式,通过 定义类UserService获取用户信息

@Configuration
public class CustomSecurityConfig extends WebSecurityConfigurerAdapter{
	@Autowired
	UserDetailsService uds;
	
    @Bean
    PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    	auth.userDetailsService(uds);
    	
    	
		//auth.inMemoryAuthentication()
		//.withUser("orguser").password("123").roles("ORG","USER")
		//.and()
		//.withUser("user").password("123").roles("USER")
		//.and()
		//.withUser("roleuser").password("123").roles("ROLE");
    }
}

这样就可以使用数据库中的用户和密码进行系统校验。

8、如何使用角色控制资源的访问
编写三个Controller,分别对应三个访问权限

@RestController
public class OrgCtrl {
	@GetMapping("/org")
    public String hello() {
        return "Org";
    }
}

@RestController
public class RoleCtrl {
	@GetMapping("/role")
    public String hello() {
        return "Role";
    }
}

@RestController
public class UserCtrl {
	@GetMapping("/user")
    public String hello() {
        return "User";
    }
}

9、配置WebSecurityConfigurerAdapter子类中的configure方法

package com.hk.sec;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import com.fasterxml.jackson.databind.ObjectMapper;

@Configuration
public class CustomSecurityConfig extends WebSecurityConfigurerAdapter{
	@Autowired
	UserDetailsService uds;
	
    @Bean
    PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    	auth.userDetailsService(uds);
    	
    	
		//auth.inMemoryAuthentication()
		//.withUser("orguser").password("123").roles("ORG","USER")
		//.and()
		//.withUser("user").password("123").roles("USER")
		//.and()
		//.withUser("roleuser").password("123").roles("ROLE");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        .antMatchers("/org/**")
        .hasRole("ORG")// /org资源必须具有ORG角色
        
        .antMatchers("/user/**")
        .hasRole("USER")// /user资源必须具有USER角色
               
        .antMatchers("/orguser/**")
        .access("hasRole('ORG') and hasRole('USER')") // /orguser资源必须具有USER角色并且具有ORG角色
               
        .antMatchers("/role/**")
        .access("hasAnyRole('ORG') and  hasRole('ROLE')")
        .anyRequest()
        .authenticated()
        .and()
        .csrf()
        .disable();
   }
}

10、自定义登录页面

package com.hk.sec;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import com.fasterxml.jackson.databind.ObjectMapper;

@Configuration
public class CustomSecurityConfig extends WebSecurityConfigurerAdapter{
	@Autowired
	UserDetailsService uds;
	
    @Bean
    PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    	auth.userDetailsService(uds);
    	
    	
		//auth.inMemoryAuthentication()
		//.withUser("orguser").password("123").roles("ORG","USER")
		//.and()
		//.withUser("user").password("123").roles("USER")
		//.and()
		//.withUser("roleuser").password("123").roles("ROLE");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        .antMatchers("/org/**")
        .hasRole("ORG")
        
        .antMatchers("/user/**")
        .hasRole("USER")
               
        .antMatchers("/orguser/**")
        .access("hasRole('ORG') and hasRole('USER')")
               
        .antMatchers("/role/**")
        .access("hasAnyRole('ORG') and  hasRole('ROLE')")
        .anyRequest()
        .authenticated()
        .and()
        .formLogin()
        .loginPage("/loginpage") //自定义登录页面
        .loginProcessingUrl("/logindone")
        .permitAll()
        .and()
        .csrf()
        .disable();
     }
}

11、对前后端分离的登录认证支持,前后端分离登录返回JSON对象,不能跳转页面,所以需要定义返回信息

package com.hk.sec;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import com.fasterxml.jackson.databind.ObjectMapper;

@Configuration
public class CustomSecurityConfig extends WebSecurityConfigurerAdapter{
	@Autowired
	UserDetailsService uds;
	
    @Bean
    PasswordEncoder passwordEncoder(){
        return NoOpPasswordEncoder.getInstance();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    	auth.userDetailsService(uds);
    	
    	
		//auth.inMemoryAuthentication()
		//.withUser("orguser").password("123").roles("ORG","USER")
		//.and()
		//.withUser("user").password("123").roles("USER")
		//.and()
		//.withUser("roleuser").password("123").roles("ROLE");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        .antMatchers("/org/**")
        .hasRole("ORG")
        
        .antMatchers("/user/**")
        .hasRole("USER")
               
        .antMatchers("/orguser/**")
        .access("hasRole('ORG') and hasRole('USER')")
               
        .antMatchers("/role/**")
        .access("hasAnyRole('ORG') and  hasRole('ROLE')")

              
        .anyRequest()
        .authenticated()
        .and()
              
        .formLogin()
        .loginProcessingUrl("/logindone")
        .successHandler(new AuthenticationSuccessHandler() {            //登陆成功后
            @Override
            public void onAuthenticationSuccess(HttpServletRequest req,
                                                HttpServletResponse resp,
                                                Authentication auth)    //当前用户登陆信息
                    throws IOException {
                Object principal = auth.getPrincipal();
                resp.setContentType("application/json;charset=utf-8");
                PrintWriter out = resp.getWriter();
                resp.setStatus(200);
                Map<String, Object> map = new HashMap<>();
                map.put("status", 200);
                map.put("msg", principal);
                ObjectMapper om = new ObjectMapper();
                out.write(om.writeValueAsString(map));
                out.flush();
                out.close();
            }
        })
        .failureHandler(new AuthenticationFailureHandler() {         //登陆失败后
            @Override
            public void onAuthenticationFailure(HttpServletRequest req,
                                                HttpServletResponse resp,
                                                AuthenticationException e)  //获取登陆失败原因
                    throws IOException {
            	e.printStackTrace();
                resp.setContentType("application/json;charset=utf-8");
                PrintWriter out = resp.getWriter();
                resp.setStatus(401);
                Map<String, Object> map = new HashMap<>();
                map.put("status", 401);
                if (e instanceof LockedException) {
                    map.put("msg", "账户被锁定,登录失败!");
                } else if (e instanceof BadCredentialsException) {
                    map.put("msg", "账户名或密码输入错误,登录失败!");
                } else if (e instanceof DisabledException) {
                    map.put("msg", "账户被禁用,登录失败!");
                } else if (e instanceof AccountExpiredException) {
                    map.put("msg", "账户已过期,登录失败!");
                } else if (e instanceof CredentialsExpiredException) {
                    map.put("msg", "密码已过期,登录失败!");
                } else {
                    map.put("msg", "登录失败!");
                }
                ObjectMapper om = new ObjectMapper();
                out.write(om.writeValueAsString(map));
                out.flush();
                out.close();
            }
        })
        .permitAll()
        .and()
        .logout()//开启注销登陆
        .logoutUrl("/logout")//注销登陆请求url
        .clearAuthentication(true)//清除身份信息
        .invalidateHttpSession(true)//session失效
        .addLogoutHandler(new LogoutHandler() {//注销处理
            @Override
            public void logout(HttpServletRequest req,
                               HttpServletResponse resp,
                               Authentication auth) {

            }
        })
        .logoutSuccessHandler(new LogoutSuccessHandler() {     //注销成功处理
            @Override
            public void onLogoutSuccess(HttpServletRequest req,
                                        HttpServletResponse resp,
                                        Authentication auth)
                    throws IOException {
                resp.sendRedirect("/login_page");              //跳转到自定义登陆页面
            }
        })
        .and()
        .csrf()
        .disable();

    }

}

12、对应用户密码错误、用户失效、用户被锁等场景,Spring Secruity都提供解决方案

        .failureHandler(new AuthenticationFailureHandler() {         //登陆失败后
            @Override
            public void onAuthenticationFailure(HttpServletRequest req,
                                                HttpServletResponse resp,
                                                AuthenticationException e)  //获取登陆失败原因
                    throws IOException {
            	e.printStackTrace();
                resp.setContentType("application/json;charset=utf-8");
                PrintWriter out = resp.getWriter();
                resp.setStatus(401);
                Map<String, Object> map = new HashMap<>();
                map.put("status", 401);
                if (e instanceof LockedException) {
                    map.put("msg", "账户被锁定,登录失败!");
                } else if (e instanceof BadCredentialsException) {
                    map.put("msg", "账户名或密码输入错误,登录失败!");
                } else if (e instanceof DisabledException) {
                    map.put("msg", "账户被禁用,登录失败!");
                } else if (e instanceof AccountExpiredException) {
                    map.put("msg", "账户已过期,登录失败!");
                } else if (e instanceof CredentialsExpiredException) {
                    map.put("msg", "密码已过期,登录失败!");
                } else {
                    map.put("msg", "登录失败!");
                }
                ObjectMapper om = new ObjectMapper();
                out.write(om.writeValueAsString(map));
                out.flush();
                out.close();
            }
        })

代码下载
链接:https://pan.baidu.com/s/1b4uzATldm5CeuzHrtXsnQA
提取码:3i8f

华科易迅
关注
专栏目录
spring security原理和机制 | Spring Boot 35
学Java,找哪吒
06-25 5万+
一、SpringSecurity 框架简介 Spring 是非常流行和成功的 Java 应用开发框架,Spring Security 正是 Spring 家族中的 成员。Spring Security 基于 Spring 框架,提供了一套 Web 应用安全性的完整解决方 案。 正如你可能知道的关于安全方面的两个主要区域是“认证”和“授权”(或者访问控 制),一般来说,Web 应用的安全性包括用户认证(Authentication)和用户授权 (Authorization)两个部分,这两点也是 Spring
【网络安全】Spring Security 安全框架基本原理及使用方法
最新发布
等风来
05-27 1万+
Spring Security 是一个基于 Spring 框架的安全性框架,它提供了许多针对身份验证(Authentication)和访问控制(Authorization)方面的功能,帮助开发人员保护和管理应用程序的安全性。综上所述,Spring Security 是一款强大、功能丰富的安全管理框架,为应用系统提供声明式的安全访问控制功能,减少了为企业系统安全控制编写大量重复代码的工作。
关于fastjson在parse时报错default constructor not found. class的问题
qq_36185997的博客
06-02 2997
fastjson报错default constructor not found
autoType is not support. org. springframework.security.core.authority FastJson2022年autotype漏洞修复指南
Software As Business
05-27 6535
FastJson2022年autotype漏洞修复指南漏洞说明问题1.产生问题的代码不兜圈子,直接说明升级及解决方案结语 漏洞说明 为了不浪费时间,直接官方说明 官方链接: link 问题 首先说明官方提供给的几种方式中大多是采取禁用autoType这个功能。 但是这个对于业务中使用了autotype功能且已经上线的应用非常不友好,直接使用最新版本fastjson或者开启safemode都会直接导致原有应用报错。下面介绍我司应用升级采取的修改,各位可参考 1.产生问题的代码 在使用fastjson 代理re
Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration]解决方法
nann-viiv 的博客
09-22 3426
java.lang.IllegalArgumentException: Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration] at org.springframework.util.ClassUtils.resolveClassName(ClassUtils.java:334) ~[spring-core-5.3.9.jar:5.3.9] at org.spring
解决Cannot find class [org.springframework.http.converter.json.MappingJacksonHttpMessageConverter]
一火的专栏
08-24 1959
【现象】 2021 20:49:35 ERROR org.springframework.web.servlet.DispatcherServlet - Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.springframework.web.servlet.handler.BeanNameUrlHandlerMa
Could not find class [org.springframework.boot.autoconfigure.security.Securi
Chonglin
10-25 2282
整合Activiti可能会遇到的报错Could not find class [org.springframework.boot.autoconfigure.security.Securi 解决办法: 启动类添加 @SpringBootApplication(exclude = SecurityAutoConfiguration.class)
springsecurity原理流程图.pdf
09-08
认证成功后,Spring Security会将认证信息存储在session中,并通过调用sessionStrategy.onAuthentication方法来处理与session相关的操作。 b. 最终,会执行successfulAuthentication方法,该方法可以被子类覆盖以...
Spring Security UserDetails实现原理详解
09-07
Spring Security 是一个强大的安全框架,用于管理Web应用的认证和授权。在Spring Security中,`UserDetails` 是一个核心概念,它代表了系统的用户信息。本文将深入探讨`UserDetails`的实现原理,并通过示例代码进行...
Spring Security+OAuth2 精讲,打造企业级认证与授权
10-12
学习这门课程,开发者将不仅理解Spring Security和OAuth2的基本原理,还能掌握如何在实际项目中灵活运用,从而提高企业级应用的安全性和可靠性。对于任何希望提升安全技能的Java开发者来说,这是一份不可多得的学习...
启动报错Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration]
xiaowang_lj的博客
02-12 2485
在导入了下面的依赖后,启动服务出现SecurityAutoConfiguration冲突问题,于是报错 Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration] <!-- 完善service在eureka的监控信息--> <dependency> <groupId>org.act
异常处理Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
jhl1789的博客
07-20 3856
异常处理:Could not find class [org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration] 问题描述: 在删除activiti工作流引擎后, 由于activiti相关jar包会使用到SpringSecurity, 项目无法启动, 报错信息如下: java.lang.IllegalArgumentException: Could not find class [org.springframework
fastjson解析json时报错default constructor not found. class.............
热门推荐
My'is android 历程
09-10 5万+
/*      * 对于下面的第二个例子,此空构造器必要,否则: com.alibaba.fastjson.JSONException:      * default constructor not found. class com.test.Person      */     public Person() {}
使用Spring报错:No default constructor found;
小蓝的博客
08-17 2万+
Exception in thread "main" org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'CustomerBean' defined in class path resource [Spring-Customer.xml]: Instantiation o
com.alibaba.fastjson.JSONException: default constructor not found. class
qq_46199553的博客
02-22 907
主要是通过JSON转对象的时候,Java对象没有默认构造方法,如果是用了lombok @Data注解那就要增加无参构造方法的注解@NoArgsConstructor 以及全部入参的构造方@AllArgsConstructor @Data @Builder @NoArgsConstructor public class Message { public static final String ENTER = "ENTER"; public static final String SPEAK
java: 无法访问org.springframework.security.core.userdetails.UserDetailsService
weixin_42118981的博客
01-04 6941
前段时间做一个SSM企业权限管理系统的时候,遇到了一个bug 项目没有成功编译 什么原因呢,网上找了很久也没找到答案,算了自己摸索一下吧: 看报错的字面意思就是缺少相关依赖呗,但是问题来了,service模块有SpringSecurity的依赖啊,并且web模块也导入了相关依赖,不应该存在这个问题啊!!! 算了,可能是IDEA的bug,自己手动引入下吧,然后就ok了,就这么简单。 ...
spring cloud config因jar包版本原因导致失败
qq_22368681的博客
03-11 2578
spring boot、spring cloud 框架搭建,遇到的坑,以下全文是异常日志: :: Spring Boot :: (v2.0.7.RELEASE) 03-11 17:04:41.724[INFO ][ main][c.s.c.ConfigStartup ][ 658]: The following profiles ...
深入理解Spring Security:Web应用与指纹登录实践
"本文深入探讨了Spring Security在Web应用中的实现以及指纹登录的实践,通过解析其核心组件,帮助开发者理解并掌握这一强大的安全框架。" Spring Security是Java开发者广泛使用的安全框架,它提供了全面的权限控制...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值