Spring Boot Reactive WebFlux应用程序重用入站调用的JWT用于出站调用。

huangapple go评论57阅读模式
英文:

Spring Boot Reactive WebFlux application reuse inbout call's JWT to outbound calls

问题

我有一个Spring Boot响应式应用程序,使用JwtIssuerReactiveAuthenticationManagerResolver(多个发行者)验证入站调用 - 这部分正常工作。但接下来我必须通过WebClient调用其他已配置了不同身份验证的OAuth2注册服务(通过application.properties)来检索结果。但出站调用重用入站JWT令牌进行这些调用。

出站端点通过openapi-generator-maven-plugin导入到我的项目中(使用配置:生成器java,库webclient)。

我曾尝试搜索正确的WebClient配置来初始化ApiClient,但没有一个有效。

英文:

I have spring boot reactive application that validate inbound calls with JwtIssuerReactiveAuthenticationManagerResolver (multiple issuer) - this part working fine. But than I have to call other services via WebClient with already configured OAuth2 registrations (via application.properties) with different authentications to retrieve results. But outbound calls reuse inbound JWT token to this calls.

Outbound endpoints are imported to my project via openapi-generator-maven-plugin (with configuration: generator java, library webclient)

I had try to search for correct configuration for WebClient to initialize ApiClient but non of them works.

答案1

得分: 0

以下是翻译好的部分:

"An option is to retrieve the Bearer string from the authentication in the security context and manually setting an Authorization header to WebClient requests (provided that the configured Authentication implementation stores the original token string, of course).

If you have configured a JwtIssuerReactiveAuthenticationManagerResolver, you most probably have a JwtAuthenticationToken in the security context of authorized requests.

@RestController
@RequiredArgsConstructor
public class SampleController {
	private final WebClient otherResourceServer;

	@GetMapping("/something")
	@PreAuthorize("isAuthenticated()")
	public Mono<Object> getSomething(JwtAuthenticationToken auth) throws URISyntaxException {
		return otherResourceServer
				.get()
				.uri("https://some.host/getSomethingElse")
				.header(HttpHeaders.AUTHORIZATION, "Bearer %s".formatted(auth.getToken().getTokenValue()))
				.exchangeToMono(resp -> resp.bodyToMono(Object.class));
	}
}
英文:

An option is to retrieve the Bearer string from the authentication in the security context and manually setting an Authorization header to WebClient requests (provided that the configured Authentication implementation stores the original token string, of course).

If you have configured a JwtIssuerReactiveAuthenticationManagerResolver, you most probably have a JwtAuthenticationToken in the security context of authorized requests.

@RestController
@RequiredArgsConstructor
public class SampleController {
	private final WebClient otherResourceServer;

	@GetMapping(&quot;/something&quot;)
	@PreAuthorize(&quot;isAuthenticated()&quot;)
	public Mono&lt;Object&gt; getSomething(JwtAuthenticationToken auth) throws URISyntaxException {
		return otherResourceServer
				.get()
				.uri(&quot;https://some.host/getSomethingElse&quot;)
				.header(HttpHeaders.AUTHORIZATION, &quot;Bearer %s&quot;.formatted(auth.getToken().getTokenValue()))
				.exchangeToMono(resp -&gt; resp.bodyToMono(Object.class));
	}
}

huangapple
  • 本文由 发表于 2023年5月26日 15:15:36
  • 转载请务必保留本文链接:https://go.coder-hub.com/76338459.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定