SpringSecurity------WebSecurityConfigurerAdapter配置适配器类

最新推荐文章于 2024-01-16 09:29:06 发布
最新推荐文章于 2024-01-16 09:29:06 发布
阅读量1k 收藏 2
点赞数
分类专栏: SpringSecurity
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/sanjun333/article/details/111397756
版权

SpringSecurity------WebSecurityConfigurerAdapter配置适配器

一、属性

WebSecurityConfigurerAdapter属性

二、构造器

1、开启默认配置构建WebSecurityConfigurerAdapter

该种方式构建出来的配置不启用默认配置

protected WebSecurityConfigurerAdapter() {
	this(false);
}

2、指定是否开启默认配置构建WebSecurityConfigurerAdapter

protected WebSecurityConfigurerAdapter(boolean disableDefaults) {
	this.disableDefaults = disableDefaults;
}

三、WebSecurityConfigurerAdapter主要做了什么

四、几个内部类

1、UserDetailsServiceDelegator

使用此代理类的主要作用是保证UserDetailsService被成功创建后再调用他的loadUserByUsername()方法

通过以下程序逻辑保证在调用loadUserByUsername()方法时,UserDetailsService已被成功创建:
(1)构造这个类时需要传入一组AuthenticationManagerBuilder,设置到delegateBuilders属性
(2)在loadUserByUsername()方法中遍历delegateBuilders属性值,获取UserDetails的一个实例(第一个构建成功的UserDetails会被立即设置到delegate字段,然后结束遍历)
(3)调用delegate自身的loadUserByUsername()方法

static final class UserDetailsServiceDelegator implements UserDetailsService {
    //AuthenticationManager建造器
	private List<AuthenticationManagerBuilder> delegateBuilders;
    //实际执行loadUserByUsername()方法获取UserDetails的类
	private UserDetailsService delegate;
    //一个锁对象,用于控制同步方法
	private final Object delegateMonitor = new Object();
    
	UserDetailsServiceDelegator(List<AuthenticationManagerBuilder> delegateBuilders) {
		Assert.isTrue(!delegateBuilders.contains(null),
				() -> "delegateBuilders cannot contain null values. Got " + delegateBuilders);
		this.delegateBuilders = delegateBuilders;
	}

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		if (this.delegate != null) {
			return this.delegate.loadUserByUsername(username);
		}
		synchronized (this.delegateMonitor) {
			if (this.delegate == null) {
				for (AuthenticationManagerBuilder delegateBuilder : this.delegateBuilders) {
					this.delegate = delegateBuilder.getDefaultUserDetailsService();
					if (this.delegate != null) {
						break;
					}
				}
				if (this.delegate == null) {
					throw new IllegalStateException("UserDetailsService is required.");
				}
				this.delegateBuilders = null;
			}
		}
		return this.delegate.loadUserByUsername(username);
	}
}

2、AuthenticationManagerDelegator

类似UserDetailsServiceDelegator的作用,保证通过AuthenticationManager获取Authentication时,AuthenticationManager是已经被创建成功的

static final class AuthenticationManagerDelegator implements AuthenticationManager {

	private AuthenticationManagerBuilder delegateBuilder;

	private AuthenticationManager delegate;

	private final Object delegateMonitor = new Object();

	private Set<String> beanNames;

	AuthenticationManagerDelegator(AuthenticationManagerBuilder delegateBuilder, ApplicationContext context) {
		Assert.notNull(delegateBuilder, "delegateBuilder cannot be null");
		Field parentAuthMgrField = ReflectionUtils.findField(AuthenticationManagerBuilder.class,
				"parentAuthenticationManager");
		ReflectionUtils.makeAccessible(parentAuthMgrField);
		this.beanNames = getAuthenticationManagerBeanNames(context);
		validateBeanCycle(ReflectionUtils.getField(parentAuthMgrField, delegateBuilder), this.beanNames);
		this.delegateBuilder = delegateBuilder;
	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		if (this.delegate != null) {
			return this.delegate.authenticate(authentication);
		}
		synchronized (this.delegateMonitor) {
			if (this.delegate == null) {
				this.delegate = this.delegateBuilder.getObject();
				this.delegateBuilder = null;
			}
		}
		return this.delegate.authenticate(authentication);
	}

	private static Set<String> getAuthenticationManagerBeanNames(ApplicationContext applicationContext) {
		String[] beanNamesForType = BeanFactoryUtils.beanNamesForTypeIncludingAncestors(applicationContext,
				AuthenticationManager.class);
		return new HashSet<>(Arrays.asList(beanNamesForType));
	}

	private static void validateBeanCycle(Object auth, Set<String> beanNames) {
		if (auth == null || beanNames.isEmpty() || !(auth instanceof Advised)) {
			return;
		}
		TargetSource targetSource = ((Advised) auth).getTargetSource();
		if (!(targetSource instanceof LazyInitTargetSource)) {
			return;
		}
		LazyInitTargetSource lits = (LazyInitTargetSource) targetSource;
		if (beanNames.contains(lits.getTargetBeanName())) {
			throw new FatalBeanException(
					"A dependency cycle was detected when trying to resolve the AuthenticationManager. "
							+ "Please ensure you have configured authentication.");
		}
	}
}

3、DefaultPasswordEncoderAuthenticationManagerBuilder

作用:拥有默认密码编码器的AuthenticationManager建造器

static class DefaultPasswordEncoderAuthenticationManagerBuilder extends AuthenticationManagerBuilder {

	private PasswordEncoder defaultPasswordEncoder;

		/**
		 * Creates a new instance
		 * @param objectPostProcessor the {@link ObjectPostProcessor} instance to use.
		 */
	DefaultPasswordEncoderAuthenticationManagerBuilder(ObjectPostProcessor<Object> objectPostProcessor,
			PasswordEncoder defaultPasswordEncoder) {
		super(objectPostProcessor);
		this.defaultPasswordEncoder = defaultPasswordEncoder;
	}

	@Override
	public InMemoryUserDetailsManagerConfigurer<AuthenticationManagerBuilder> inMemoryAuthentication()
			throws Exception {
		return super.inMemoryAuthentication().passwordEncoder(this.defaultPasswordEncoder);
	}

	@Override
	public JdbcUserDetailsManagerConfigurer<AuthenticationManagerBuilder> jdbcAuthentication() throws Exception {
		return super.jdbcAuthentication().passwordEncoder(this.defaultPasswordEncoder);
	}

	@Override
	public <T extends UserDetailsService> DaoAuthenticationConfigurer<AuthenticationManagerBuilder, T> userDetailsService(
			T userDetailsService) throws Exception {
		return super.userDetailsService(userDetailsService).passwordEncoder(this.defaultPasswordEncoder);
	}
}

4、LazyPasswordEncoder

作用:懒加载的密码编码器

该类的核心逻辑在getPasswordEncoder()方法,他首先会从容器中获取PasswordEncoder,如果没有获取到,则使用PasswordEncoderFactories创建一个PasswordEncoder(DelegatingPasswordEncoder)

static class LazyPasswordEncoder implements PasswordEncoder {

	private ApplicationContext applicationContext;

	private PasswordEncoder passwordEncoder;

	LazyPasswordEncoder(ApplicationContext applicationContext) {
		this.applicationContext = applicationContext;
	}

	@Override
	public String encode(CharSequence rawPassword) {
		return getPasswordEncoder().encode(rawPassword);
	}

	@Override
	public boolean matches(CharSequence rawPassword, String encodedPassword) {
		return getPasswordEncoder().matches(rawPassword, encodedPassword);
	}

	@Override
	public boolean upgradeEncoding(String encodedPassword) {
		return getPasswordEncoder().upgradeEncoding(encodedPassword);
	}
	
	private PasswordEncoder getPasswordEncoder() {
		if (this.passwordEncoder != null) {
			return this.passwordEncoder;
		}
		PasswordEncoder passwordEncoder = getBeanOrNull(PasswordEncoder.class);
		if (passwordEncoder == null) {
			passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
		}
		this.passwordEncoder = passwordEncoder;
		return passwordEncoder;
	}
    //从ApplicationContext中获取PasswordEncoder的实现,没有获取到就返回空
	private <T> T getBeanOrNull(Class<T> type) {
		try {
			return this.applicationContext.getBean(type);
		}
		catch (NoSuchBeanDefinitionException ex) {
			return null;
		}
	}

	@Override
	public String toString() {
		return getPasswordEncoder().toString();
	}
}

五、依赖注入的方法(Spring构建过程中会触发这些方法执行)

1、引入ApplicationContext

这个方法是当前配置适配器的核心方法,从依赖注入的ApplicationContext对象中获取所需的实例对象,然后创建了两个AuthenticationManagerBuilder赋值给当前配置类的两个属性字段。

@Autowired
public void setApplicationContext(ApplicationContext context) {
    //注入ApplicationContext 
	this.context = context;
	//获取容器中唯一的一个ObjectPostProcessor实例:AutowireBeanFactoryObjectPostProcessor
	ObjectPostProcessor<Object> objectPostProcessor = context.getBean(ObjectPostProcessor.class);
	//创建一个懒加载的LazyPasswordEncoder实例,这个类是本类的一个内部类
	LazyPasswordEncoder passwordEncoder = new LazyPasswordEncoder(context);
	//创建一个默认的AuthenticationManagerBuilder,这个类是当前配置类的一个内部类
	this.authenticationBuilder = new DefaultPasswordEncoderAuthenticationManagerBuilder(objectPostProcessor,
			passwordEncoder);
	//创建一个本地配置的AuthenticationManagerBuilder,重写了eraseCredentials()和authenticationEventPublisher()方法
	//使用当前配置类中的authenticationBuilder擦除认证凭证和发布事件
	this.localConfigureAuthenticationBldr = new DefaultPasswordEncoderAuthenticationManagerBuilder(
			objectPostProcessor, passwordEncoder) {

		@Override
		public AuthenticationManagerBuilder eraseCredentials(boolean eraseCredentials) {
			WebSecurityConfigurerAdapter.this.authenticationBuilder.eraseCredentials(eraseCredentials);
			return super.eraseCredentials(eraseCredentials);
		}

		@Override
		public AuthenticationManagerBuilder authenticationEventPublisher(
				AuthenticationEventPublisher eventPublisher) {
			WebSecurityConfigurerAdapter.this.authenticationBuilder.authenticationEventPublisher(eventPublisher);
			return super.authenticationEventPublisher(eventPublisher);
		}
	};
}

2、引入AuthenticationConfigurationObjectPostProcessor

@Autowired
public void setObjectPostProcessor(ObjectPostProcessor<Object> objectPostProcessor) {
	this.objectPostProcessor = objectPostProcessor;
}

@Autowired
public void setAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
	this.authenticationConfiguration = authenticationConfiguration;
}

3、引入ContentNegotiationStrategy和AuthenticationTrustResolver

@Autowired(required = false)
public void setContentNegotationStrategy(ContentNegotiationStrategy contentNegotiationStrategy) {
	this.contentNegotiationStrategy = contentNegotiationStrategy;
}

@Autowired(required = false)
public void setTrustResolver(AuthenticationTrustResolver trustResolver) {
	this.trustResolver = trustResolver;
}

六、初始化方法

在这个方法中,首先获取HttpSecurity,这个对象包含了用户的自定义配置信息,然后将这个HttpSecurity对象存入WebSecurity中,然后创建一个Runnable线程,这个线程用来初始化WebSecurity的FilterSecurityInterceptor

@Override
public void init(WebSecurity web) throws Exception {
	HttpSecurity http = getHttp();
	web.addSecurityFilterChainBuilder(http).postBuildAction(() -> {
		FilterSecurityInterceptor securityInterceptor = http.getSharedObject(FilterSecurityInterceptor.class);
		web.securityInterceptor(securityInterceptor);
	});
}

这个方法是用来获取HttpSecurity实例的,同时给localConfigureAuthenticationBldr添加一个事件发布器,给authenticationBuilder添加一个父级AuthenticationManager

@SuppressWarnings({ "rawtypes", "unchecked" })
protected final HttpSecurity getHttp() throws Exception {
	if (this.http != null) {
		return this.http;
	}
	AuthenticationEventPublisher eventPublisher = getAuthenticationEventPublisher();
	this.localConfigureAuthenticationBldr.authenticationEventPublisher(eventPublisher);
	AuthenticationManager authenticationManager = authenticationManager();
	this.authenticationBuilder.parentAuthenticationManager(authenticationManager);
	Map<Class<?>, Object> sharedObjects = createSharedObjects();
	this.http = new HttpSecurity(this.objectPostProcessor, this.authenticationBuilder, sharedObjects);
	if (!this.disableDefaults) {
		applyDefaultConfiguration(this.http);
		ClassLoader classLoader = this.context.getClassLoader();
		List<AbstractHttpConfigurer> defaultHttpConfigurers = SpringFactoriesLoader
				.loadFactories(AbstractHttpConfigurer.class, classLoader);
		for (AbstractHttpConfigurer configurer : defaultHttpConfigurers) {
			this.http.apply(configurer);
		}
	}
	//这是一个可供子类实现的钩子方法,子类重写这个方法提供自定义配置
	configure(this.http);
	return this.http;
}

获取一个事件发布器

private AuthenticationEventPublisher getAuthenticationEventPublisher() {
	if (this.context.getBeanNamesForType(AuthenticationEventPublisher.class).length > 0) {
		return this.context.getBean(AuthenticationEventPublisher.class);
	}
	return this.objectPostProcessor.postProcess(new DefaultAuthenticationEventPublisher());
}

获取一个AuthenticationManager

protected AuthenticationManager authenticationManager() throws Exception {
	if (!this.authenticationManagerInitialized) {
		configure(this.localConfigureAuthenticationBldr);
		if (this.disableLocalConfigureAuthenticationBldr) {
			this.authenticationManager = this.authenticationConfiguration.getAuthenticationManager();
		}
		else {
			this.authenticationManager = this.localConfigureAuthenticationBldr.build();
		}
		this.authenticationManagerInitialized = true;
	}
	return this.authenticationManager;
}

创建一些共享对象

private Map<Class<?>, Object> createSharedObjects() {
	Map<Class<?>, Object> sharedObjects = new HashMap<>();
	sharedObjects.putAll(this.localConfigureAuthenticationBldr.getSharedObjects());
	sharedObjects.put(UserDetailsService.class, userDetailsService());
	sharedObjects.put(ApplicationContext.class, this.context);
	sharedObjects.put(ContentNegotiationStrategy.class, this.contentNegotiationStrategy);
	sharedObjects.put(AuthenticationTrustResolver.class, this.trustResolver);
	return sharedObjects;
}

默认的配置

private void applyDefaultConfiguration(HttpSecurity http) throws Exception {
	http.csrf();
	http.addFilter(new WebAsyncManagerIntegrationFilter());
	http.exceptionHandling();
	http.headers();
	http.sessionManagement();
	http.securityContext();
	http.requestCache();
	http.anonymous();
	http.servletApi();
	http.apply(new DefaultLoginPageConfigurer<>());
	http.logout();
}

七、配置入口方法

这是一个模板方法,可以由子类实现,然后提供自定义的配置

protected void configure(HttpSecurity http) throws Exception {
	this.logger.debug("Using default configure(HttpSecurity). "
			+ "If subclassed this will potentially override subclass configure(HttpSecurity).");
	http.authorizeRequests((requests) -> requests.anyRequest().authenticated());
	http.formLogin();
	http.httpBasic();
}

这是一个钩子方法,使用该配置类的实例会调用该方法,所以这里我们可以自定义修改一些WebSecurity配置

@Override
public void configure(WebSecurity web) throws Exception {
}

这是一个模板方法,可以由子类实现,然后提供自定义的配置

protected void configure(AuthenticationManagerBuilder auth) throws Exception {
	this.disableLocalConfigureAuthenticationBldr = true;
}

八、配置入口方法

protected UserDetailsService userDetailsService() {
	AuthenticationManagerBuilder globalAuthBuilder = this.context.getBean(AuthenticationManagerBuilder.class);
	return new UserDetailsServiceDelegator(Arrays.asList(this.localConfigureAuthenticationBldr, globalAuthBuilder));
}

public UserDetailsService userDetailsServiceBean() throws Exception {
	AuthenticationManagerBuilder globalAuthBuilder = this.context.getBean(AuthenticationManagerBuilder.class);
	return new UserDetailsServiceDelegator(Arrays.asList(this.localConfigureAuthenticationBldr, globalAuthBuilder));
}

public AuthenticationManager authenticationManagerBean() throws Exception {
	return new AuthenticationManagerDelegator(this.authenticationBuilder, this.context);
}

protected final ApplicationContext getApplicationContext() {
	return this.context;
}
豢龙先生
关注
  • 0
    点赞
  • 2
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 2
    评论
专栏目录
spring-security-oauth2文档
03-26
spring-security-oauth2-boot-reference-2.6.8 是最后一版的官方文档
NameError: name ‘logging‘ is not defined解决办法
weixin_55511645的博客
10-14 3370
NameError: name 'logging' is not defined解决办法
Syntax error, insert "}" to complete ClassBody
热门推荐
weixin_37629807的博客
03-04 1万+
“语法错误,插入&amp;quot;}&amp;quot;以完成体” 今天使用连接ES的时候一直报这个错 说我缺 } 但是我明明就是不缺的 快气疯了 百度出来也都是说我却} 在我用尽所有办法,濒临崩溃的边缘, 我终于发现了,不是少了花括号,是多了花括号; mmp火大, 所以,不能直接相信它报的错的直译!! ...
在.NET Core中遭遇循环依赖问题"A circular dependency was detected"
weixin_33965305的博客
12-28 2790
今天在将一个项目迁移至ASP.NET Core的过程中遭遇一个循环依赖问题,错误信息如下: A circular dependency was detected for the service of type 'CNBlogs.Application.Interfaces.ITagService' 一开始以为是项目之间的引用关系引起的,在project.json中找来找去,一无所获。 ...
Invalid file name: must contain only [a-z0-9_.]
rbyyy(Create produce different)
12-29 1391
在android的资源图片命名中使用了大写字母之后,出现了“Invalid file name: must contain only [a-z0-9_.]”的错误。经查询后得出,原来[a-z0-9_.] 是个正则表达式,就是说在文件命名时必须包含且仅包含字母a-z、数字0-9和符合"_"与"."。所以在用用大写字母命名时才会出现错误。
UE4,虚幻引擎,build编译时error错误Circular dependency detected for filename(检测到文件名的循环依赖关系)解决方法
qq_39934403的博客
03-11 5005
在build编译或者rebuild重新编译时,VS检测到错误Circular dependency detected for filename(检测到文件名的循环依赖关系)。 找了一些文档,没有找到答案,自己推测了一些原因,报了两个错误。在.h中引用了两个外部的actor ,声明外部的class时,在Actor名前声明class,就不用了在#include包含头文件了,在build时会报错,但是不会编译失败,rebuild编译时,就会直接编译失败。报错信息如下图所示。 注释掉引用的Ac
maven 项目循环依赖 A cycle was detected in the build path of project
大龙成
05-29 2043
在使用maven进行项目管理时,如果组件之间有了循环依赖,eclipse中就会报A cycle was detected in the build path of project XX     产生这个错误时,是检查级别过高造成的,可以如下解决:后面才是重点虽然这样做了调整之后,项目不报这个错了,项目也可以正常启动和运行了,但是有一点,如果你需要将这个项目打war包进行部署发布时,任然会出现上面那...
【自定义UserDetailsService后启动springboot报错】Please ensure you have configured authentication.或者authen.....
qq_42991839的博客
11-16 294
我出现的原因是在WebSecurityConfig中。也就是继承WebSecurityConfigurerAdapter抽象SecurityProperties这个是我的配置文件,是用来过滤访问白名单的,跟本节内容无关。
springboot3.x 整合springsecurity 不需要继承WebSecurityConfigurerAdapter配置方式
最新发布
qq_27227983的博客
01-16 852
springboot3.x中spring security 的核心配置
SpringSecurity 配置与使用(含新 API 替换过时的 WebSecurityConfigurerAdapter
泡泡的博客
10-28 4789
As we all know,现今主流权限框架有 SpringSecurity、Shiro、SaToken,Shiro在前后端分离时代基本被淘汰,剩下适合大型项目的和 适合中小型项目的SaToken可以选择,SaToken 我也写了文章Springboot 使用 SaToken 进行登录认证、权限管理以及路由规则接口拦截。
SPRING SECURITY JAVA配置Web Security
飞鸟
03-02 2120
在前一篇,我已经介绍了Spring Security Java配置,也概括的介绍了一下这个项目方方面面。在这篇文章中,我们来看一看一个简单的基于web security配置的例子。之后我们再来作更多的个人定制。 Hello Web Security 在这个部分,我们对一个基于websecurity作一些基本的配置。可以分成四个部分: 更新依赖 – 我们已经在前一篇文章中用Mav
spring-Security-oauth2.zip
05-26
资源服务器和授权服务器的讲解
spring-security-demo.zip
08-10
spring-security-demo.zip
spring-security-jwt-demo.zip
11-19
spring-security-jwt-demo.zip
spring-security-oauth2详细配置demo
09-30
spring-security-oauth2详细配置demo 配套说明 https://blog.csdn.net/tiancxz/article/details/108856337
SpringSecurity------WebSecurityConfiguration配置
豢龙先生
12-24 3425
SpringSecurity------WebSecurityConfiguration配置一、WebSecurityConfiguration主要做了什么二、WebSecurityConfiguration是怎样被加载的三、WebSecurityConfiguration的源码分析1、属性字段2、关键方法setFilterChainProxySecurityConfigurer()和springSecurityFilterChain()3、注入了一些Bean4、输出了一些Bean4、重写的方法5、一个内
SpringSecurity------ Username/Password Authentication(九)
豢龙先生
06-18 2461
最常见的用户身份认证就是使用用户名密码,Spring Security为使用用户名和密码进行身份验证提供了全面的支持。 Spring Security提供了以下内置机制来从HttpServletRequest读取用户名和密码 (1)在未经过认证的情况下向/private发送了一个请求(2)FilterSecurityInterceptor通过抛出AccessDeniedException异常通知应用程序拒绝未经身份验证的请求(3)由于检测到用户没有经过身份认证,ExceptionTranslationFil
SpringSecurity------Session Management(十二)
豢龙先生
06-21 2273
有时,总是创建会话是很有价值的,我们可以通过配置ForceEagerSessionCreationFilter来完成: 二、Detecting Timeouts 可以配置Spring Security来检测无效会话ID的提交,并将用户重定向到适当的URL,这是通过会话管理(session-management)实现的: 使用上面的配置来检测会话超时,如果用户在登出之后没有关闭浏览器的情况下重新登录,可能会报告一个错误。这是因为执行了登出,会话失效时存储在浏览器的Cookie不会被清除,而且会随着后续请求重新
SpringSecurity------AuthenticationConfiguration配置
豢龙先生
12-25 2260
SpringSecurity------AuthenticationConfiguration配置一、AuthenticationConfiguration主要做了什么二、AuthenticationConfiguration是怎样被加载的三、WebSecurityConfiguration的源码分析1、属性字段2、注入了一些Bean3、输出了一些Bean4、一些内部5、关键方法6、关键注解@Import(ObjectPostProcessorConfiguration.class) 一、Authent
WebSecurityConfigurerAdapter 没有
10-10
WebSecurityConfigurerAdapterSpring Security 提供的一个适配器,用于自定义和配置 Web 安全性。这个通过继承来扩展,并且提供了一些默认的安全配置。它提供了一种方便的方式来自定义认证和授权规则,以及...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

豢龙先生

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值