[英]How do you use spring-security OAuth2 behind a proxy, but only use ForwardedHeaderTransformer for the OAuth components
I am trying to merge Spring Cloud Gateway with Discovery Client with Spring Security with OAuth.我正在尝试将 Spring 云网关与发现客户端与 Spring 安全性与 OAuth 合并。 I got most of it working except that I cannot do both OAuth and Discovery Client.我得到了大部分工作,除了我不能同时做 OAuth 和发现客户端。
When I use Discovery Client it correctly resolves to the service say /v1/whoami
goes to the whoami
service requesting /
, when I enable security, I would get a 404 when it tries to request /oauth/authorization/google
as it should be /v1/oauth/authorization/google
当我使用 Discovery Client 时,它正确解析为服务说/v1/whoami
转到whoami
服务请求/
,当我启用安全性时,当它尝试请求/oauth/authorization/google
时,我会得到一个 404,因为它应该是/v1/oauth/authorization/google
To fix the above I add this为了解决上述问题,我添加了这个
@Bean
public ForwardedHeaderTransformer forwardedHeaderTransformer() {
return new ForwardedHeaderTransformer();
}
However, when I do that it will look up /v1/whoami as /v1/whoami which does not exist.但是,当我这样做时,它会将 /v1/whoami 查找为不存在的 /v1/whoami 。
I tried creating and registering this class but it does not work either我尝试创建和注册这个 class 但它也不起作用
public class ForwardedHeaderTransformerForOAuthOnly extends ForwardedHeaderTransformer {
@Override
public ServerHttpRequest apply(ServerHttpRequest request) {
System.out.println(">>>> " + request.getPath().value());
if (isOauth(request)) {
System.out.println(">>>> IS OAUTH");
return super.apply(request);
}
return request;
//return super.apply(request);
}
private boolean isOauth(ServerHttpRequest request) {
return request.getPath().value().startsWith("/oauth2/authorization/") || request.getPath().value().startsWith("/login/oauth2/code/");
}
}
I got it working adding the following to eat the prefix before the service ID.我让它工作,添加以下内容以在服务 ID 之前吃前缀。
spring:
cloud:
gateway:
discovery:
locator:
predicates:
- Path='/*/'+serviceId+'/**'
filters:
- StripPrefix=2
Combined with adding结合添加
@Bean
public ForwardedHeaderTransformer forwardedHeaderTransformer() {
return new ForwardedHeaderTransformer();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.