Spring Boot从请求中获取承载令牌并调用另一个微服务
[英]spring boot get bearer token from request and call another microservice
问题描述
I have a spring boot microservice that is acting as a gateway and needs to get the authorization header from request, attach it to a new request and pass the request to another microservice. 
我有一个充当网关的spring boot微服务,需要从请求中获取授权标头,将其附加到新请求,然后将请求传递给另一个微服务。 I am currently doing the following and it works, but wondering if there is a better way to do it. 我目前正在执行以下操作,并且可以正常工作,但是想知道是否有更好的方法可以执行此操作。
@GetMapping
public List<Task> getTasks(HttpServletRequest request, HttpServletResponse httpresponse) {
String bearerToken = request.getHeader("Authorization");
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.set("Authorization", bearerToken);
HttpEntity<String> httpEntity = new HttpEntity <String> (httpHeaders);
String getTasksURL = "http://localhost:8082/tasks";
ResponseEntity<List<Task>> response = restTemplate.exchange(
getTasksURL,
HttpMethod.GET,
httpEntity,
new ParameterizedTypeReference<List<Task>>(){});
List<Task> taskslist = response.getBody();
return taskslist;
}
If there are code samples around using jwt please provide links. 如果有使用jwt的代码示例,请提供链接。 Most code samples show only the configuration of jwt within a single microservice, but have not seen a project that ends up calling another microservice, passing the tokens back and forth 大多数代码示例仅显示单个微服务中jwt的配置,但没有看到最终调用另一个微服务并来回传递令牌的项目
3 个解决方案
解决方案1
1 2019-02-08 03:07:43
I don't see anything wrong with the way you are doing it. 我认为您的操作方式没有任何问题。 However if you're implementing a gateway that's just passing the requests through (perhaps with some rate limiting or security, but not really business logic), I'd recommend checking out http://spring.io/projects/spring-cloud-netflix - the Zuul proxy portion. 但是,如果您实现的网关只是传递请求(可能具有一定的速率限制或安全性,但实际上不是业务逻辑),则建议您查看http://spring.io/projects/spring-cloud- netflix -Zuul代理部分。 You can have a fully working API Gateway up in just a few classes and a total of < 200 lines of code including configuration. 您仅需几个类就可以拥有一个完全正常运行的API网关,包括配置在内的总共<200行代码。 Its pretty nice! 真不错!
解决方案2
1 2019-02-08 16:37:08
May be it's better to encapsulate the code dealing with the authorization in a separate Interceptor. 将处理授权的代码封装在单独的Interceptor中可能更好。 This way your code becomes simpler and clearer. 这样,您的代码将变得更加简单清晰。
A such Interceptor may look like: 这样的拦截器可能看起来像:
class RestTemplateHeaderModifierInterceptor implements ClientHttpRequestInterceptor {
@Override
public ClientHttpResponse intercept(
HttpRequest request,
byte[] body,
ClientHttpRequestExecution execution) throws IOException {
// Set your new Header here...
// ...
ClientHttpResponse response = execution.execute(request, body);
return response;
}}
Now you have to add this interceptor to your restTemplate during its creation 现在,您必须在其创建过程中将此拦截器添加到restTemplate中
@Bean
public RestTemplate restTemplate() {
RestTemplate restTemplate = new RestTemplate(clientHttpRequestFactory());
restTemplate.setInterceptors(Collections.singletonList(new RestTemplateHeaderModifierInterceptor()));
return restTemplate;
}
解决方案3
0 已采纳 2019-02-08 05:19:22
Its better to use zuul proxy as your gateway. 最好使用zuul代理作为网关。 But keep in mind it does not forward your authorization header by default to external service. 但是请记住,默认情况下它不会将您的授权标头转发给外部服务。 And if you want to do it then it can be simply done by just one line configuration. 而且,如果您要这样做,则只需通过一个线路配置即可完成。 You can look How to get username from JWT token while requesting for another service after authentication? 您可以查看在身份验证后请求其他服务时如何从JWT令牌获取用户名?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.