春季启动Oauth2:使用Feign，Ribbon，Zull和Eureka从客户端到资源的令牌中继 [英] Spring boot Oauth2 : Token relay from a client using Feign, Ribbon, Zull and Eureka to a ressource

问题描述

我有一个oauth2客户端，该客户端成功从授权服务器获取令牌. (并非总是如此，但现在是...:))

I have an oauth2 client that get a token from an authorization server successfully. (not always has been the case but now it is... :))

客户端，zuul网关和资源服务器均已在Eureka中注册.

The client, the zuul gateway and the resource server are all registered in Eureka.

我的客户端使用代理访问名为microservice-files的远程资源服务.

My client use a Proxy to access to a remote ressource service named microservice-files.

@RestController
@FeignClient(name = "zuul-server")
@RibbonClient(name = "microservice-files")

public interface ProxyMicroserviceFiles {

    @GetMapping(value = "microservice-files/root")
    FileBean getUserRoot();

}

所以我想将令牌中继到Zull，然后再中继到资源服务器.

So I'd like to relay the token to Zull and then to the resource server.

我可以通过这种方式中继令牌来联系Zuul，显然负载平衡也得到了管理(我刚刚测试过我不知道，这很好)，zuul也可以中继令牌，但是我不是很方便d喜欢以前的方法.

I can relay the token this way to contact Zuul and apparently the load balancing is managed too (I've just test I didn't know and it's great) also zuul can relay the token, but it's not very convenient I'd prefer the previous approach.

@EnableConfigurationProperties
@SpringBootApplication
@EnableFeignClients("com.clientui")
public class ClientUiApplication {

    @Bean
    public OAuth2RestOperations restOperations(
            OAuth2ProtectedResourceDetails resource, 
            OAuth2ClientContext context) {

        return new OAuth2RestTemplate(resource, context);
    }

    public static void main(String[] args) {

        SpringApplication.run(ClientUiApplication.class, args);
    }
}

这是测试控制者

@Controller
public class ClientController {

    @Autowired
    private RestOperations restOperations;

    @RequestMapping("/root")
    public ResponseEntity userRootTest() {

       String rootUrl = "http://localhost:9004/microservice-files/root";

       return  restOperations.getForEntity(rootUrl,FileBean.class);

    }

}

推荐答案

如果我正确理解了您的问题，那么您可以使用RequestInterceptor在伪装的每个请求中添加一个令牌.为此，您可以使用下一个配置:

If I correctly understand your problem then you can use a RequestInterceptor to add a token in each request by the feign. In order to do it you can use the next configuration:

@Bean
public RequestInterceptor oauth2FeignRequestInterceptor(OAuth2ClientContext oauth2ClientContext,
                                                        OAuth2ProtectedResourceDetails resource) {
    return new OAuth2FeignRequestInterceptor(oauth2ClientContext, resource);
}

@Bean
protected OAuth2ProtectedResourceDetails resource() {
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    resource.setAccessTokenUri("http://127.0.0.1:9000/auth/login");
    resource.setUserAuthorizationUri("http://127.0.0.1:9000/auth/authorize");
    resource.setClientId("my-client");
    resource.setClientSecret("my-secret");
    return resource;
}

这篇关于春季启动Oauth2:使用Feign，Ribbon，Zull和Eureka从客户端到资源的令牌中继的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！