春季启动Oauth2:使用Feign,Ribbon,Zull和Eureka从客户端到资源的令牌中继 [英] Spring boot Oauth2 : Token relay from a client using Feign, Ribbon, Zull and Eureka to a ressource
问题描述
我有一个oauth2客户端,该客户端成功从授权服务器获取令牌. (并非总是如此,但现在是...:))
I have an oauth2 client that get a token from an authorization server successfully. (not always has been the case but now it is... :))
客户端,zuul网关和资源服务器均已在Eureka中注册.
The client, the zuul gateway and the resource server are all registered in Eureka.
我的客户端使用代理访问名为microservice-files的远程资源服务.
My client use a Proxy to access to a remote ressource service named microservice-files.
@RestController
@FeignClient(name = "zuul-server")
@RibbonClient(name = "microservice-files")
public interface ProxyMicroserviceFiles {
@GetMapping(value = "microservice-files/root")
FileBean getUserRoot();
}
所以我想将令牌中继到Zull,然后再中继到资源服务器.
So I'd like to relay the token to Zull and then to the resource server.
我可以通过这种方式中继令牌来联系Zuul,显然负载平衡也得到了管理(我刚刚测试过我不知道,这很好),zuul也可以中继令牌,但是我不是很方便d喜欢以前的方法.
I can relay the token this way to contact Zuul and apparently the load balancing is managed too (I've just test I didn't know and it's great) also zuul can relay the token, but it's not very convenient I'd prefer the previous approach.
@EnableConfigurationProperties
@SpringBootApplication
@EnableFeignClients("com.clientui")
public class ClientUiApplication {
@Bean
public OAuth2RestOperations restOperations(
OAuth2ProtectedResourceDetails resource,
OAuth2ClientContext context) {
return new OAuth2RestTemplate(resource, context);
}
public static void main(String[] args) {
SpringApplication.run(ClientUiApplication.class, args);
}
}
这是测试控制者
@Controller
public class ClientController {
@Autowired
private RestOperations restOperations;
@RequestMapping("/root")
public ResponseEntity userRootTest() {
String rootUrl = "http://localhost:9004/microservice-files/root";
return restOperations.getForEntity(rootUrl,FileBean.class);
}
}
推荐答案
如果我正确理解了您的问题,那么您可以使用RequestInterceptor在伪装的每个请求中添加一个令牌.为此,您可以使用下一个配置:
If I correctly understand your problem then you can use a RequestInterceptor to add a token in each request by the feign. In order to do it you can use the next configuration:
@Bean
public RequestInterceptor oauth2FeignRequestInterceptor(OAuth2ClientContext oauth2ClientContext,
OAuth2ProtectedResourceDetails resource) {
return new OAuth2FeignRequestInterceptor(oauth2ClientContext, resource);
}
@Bean
protected OAuth2ProtectedResourceDetails resource() {
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setAccessTokenUri("http://127.0.0.1:9000/auth/login");
resource.setUserAuthorizationUri("http://127.0.0.1:9000/auth/authorize");
resource.setClientId("my-client");
resource.setClientSecret("my-secret");
return resource;
}
这篇关于春季启动Oauth2:使用Feign,Ribbon,Zull和Eureka从客户端到资源的令牌中继的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!