通过身份验证头部传递并添加到下一个请求中

huangapple go评论65阅读模式
英文:

Pass authentication header and add it to next request

问题

我有一个问题,可能非常简单,但我已经卡在这里一段时间了。我有一个程序用于接收请求,然后将这些请求转发到第三方应用程序的正确实例。

我一直在收到401/未经授权的错误,有人告诉我让它正常工作的方法很简单,只需“我将从客户端收到带有身份验证头的请求,我所需要做的一切就是摆脱401错误并获得200的响应,方法是将身份验证头添加到我的请求中。” 我不明白我如何首先获得这个头部,或者如何将它添加到我的请求中。

任何指针、链接或答案将不胜感激。
谢谢

@RestController
@Slf4j
@RequestMapping(Endpoints.PROVIDER.ROOT)
@PreAuthorize("@permissions.checkIfAdmin()")
public class AdminController {

    @PostMapping(Endpoints.ADMIN.ACTIONS)
    public ResponseEntity<ActionResponse> actions(@RequestBody ActionRequest actionsRequest) {
英文:

I have a question that might be really simple but I have been stuck at it for a while now. I have a program that receives requests and then forwards them in the correct instance of an third party application.

I keep on getting 401/Unauthorized and I have been told that all I need to do to make it work is that "I will get a request from the client with an authentication header and that all I need to do to get rid of the 401 response and get 200 is to add that authentication header to my request. I dont understand how I can get this header in the first place, or add it to my request.

Any pointer, link, or answer would be greatly appreciated.
Thank you

@RestController @Slf4j
@RequestMapping(Endpoints.PROVIDER.ROOT)
@PreAuthorize(&quot;@permissions.checkIfAdmin()&quot;)
public class AdminController {

@PostMapping(Endpoints.ADMIN.ACTIONS)
public ResponseEntity&lt;ActionResponse&gt; actions(@RequestBody ActionRequest actionsRequest) {

答案1

得分: 2

自动装配 HttpServletRequest

@Autowired
HttpServletRequest request;

通过方法 request.getHeader("Authorization") 获取头信息

注意 - Authorization 是我尝试获取的头信息的名称。

以下是类似问题的示例。我正在从当前请求中读取授权头信息,并将其作为头参数传递到另一个请求中。

public class UserDetailsService 
{
	@Autowired
	WebClient.Builder webClientBuilder;
	
	@Autowired
	HttpServletRequest request;
	
	@Value("${common.serverurl}")
	private String reqUrl;
	
	Logger log = LoggerFactory.getLogger(UserDetailsService.class);
    
	public UserReturnData getCurrentUser()
    {
		log.info("Making API Call to fetch current user");
		try
		{
			UserReturnData userDetails = webClientBuilder.build()
					    	.get()
					    	.uri(reqUrl+"user/me")
					    	.header("Authorization", request.getHeader("Authorization"))
					    	.retrieve()
					    	.bodyToMono(UserReturnData.class)
					    	.block();
			return userDetails;
		}
		catch(Exception e)
		{
			log.info("Error API Call to fetch current user " + e);
			return null;
		}
    }
}
英文:

Autowire HttpServletRequest

@Autowired
	HttpServletRequest request;

And fetch header through method request.getHeader("Authorization")

Note - Authorization is the name of the header I am trying to fetch.

Below is an example of similar issue. I am reading authorization header from my current request and passing it as header parameter to another request

public class UserDetailsService 
{
	@Autowired
	WebClient.Builder webClientBuilder;
	
	@Autowired
	HttpServletRequest request;
	
	@Value(&quot;${common.serverurl}&quot;)
	private String reqUrl;
	
	Logger log = LoggerFactory.getLogger(UserDetailsService.class);
    
	public UserReturnData getCurrentUser()
    {
		log.info(&quot;Making API Call to fetch current user&quot;);
		try
		{
			UserReturnData userDetails = webClientBuilder.build()
					    	.get()
					    	.uri(reqUrl+&quot;user/me&quot;)
					    	.header(&quot;Authorization&quot;, request.getHeader(&quot;Authorization&quot;))
					    	.retrieve()
					    	.bodyToMono(UserReturnData.class)
					    	.block();
			return userDetails;
		}
		catch(Exception e)
		{
			log.info(&quot;Error API Call to fetch current user &quot; + e);
			return null;
		}
    }

huangapple
  • 本文由 发表于 2020年8月29日 23:05:43
  • 转载请务必保留本文链接:https://go.coder-hub.com/63648468.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定