@Configuration
public class GatewayConfig {

    /**
     * 配置全局解决cors跨域问题
     * 
     * @return
     */
    @Bean
    public CorsFilter corsFilter() {
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        final CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.setAllowCredentials(true);
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedMethod("*");
        // ↓核心代码
        corsConfiguration.addExposedHeader("Authorization");
        corsConfiguration.addExposedHeader("WWW-Authenticate");
        source.registerCorsConfiguration("/**", corsConfiguration);
        return new CorsFilter(source);
    }
}

注意：如果网关中配置了以上代码，其他业务服务就不能再配置了，否则就会报错！！！！