使用 Okta 作为授权服务器实现 Feign 客户端
[英]Implement Feign Client with Okta as Authorization Server
问题描述
I was finally able to protect a rest api with Okta as OAuth2.0 security provider (basic with defaults).
我终于能够保护 rest api 与 Okta 作为 OAuth2.0 安全提供者(基本与默认)。 Also able to get the bearer token using curl, to call rest api via postman and get back results.还可以使用 curl 获取不记名令牌,通过 postman 调用 rest api 并取回结果。
curl --location --request POST 'https://dev-XXXXXX.okta.com/oauth2/default/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=XXXXXXXXXXXXX' \
--data-urlencode 'client_secret=XXXXXXXXXXXXXXXXXXXXXXXXXXX' \
--data-urlencode 'grant_type=client_credentials
Now i am trying to implement FeignClient (Rest client) in Spring Boot 2.X app to call the protected api, but facing difficulty in finding right documentation/samples as guide.现在我正在尝试在 Spring Boot 2.X 应用程序中实施 FeignClient(Rest 客户端)以调用受保护的 api,但在寻找正确的文档/示例作为指南时遇到困难。 Appreciate any directions/suggestions?感谢任何指示/建议?
1 个解决方案
解决方案1
1 2023-01-29 11:32:59
To collect the token with Feign you need the following:要使用 Feign 收集令牌,您需要以下内容:
import java.util.Map;
import feign.codec.Encoder;
import feign.form.spring.SpringFormEncoder;
import org.springframework.beans.factory.ObjectFactory;
import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
import org.springframework.cloud.netflix.feign.FeignClient;
import org.springframework.cloud.netflix.feign.support.SpringEncoder;
import org.springframework.context.annotation.Bean;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VALUE;
@FeignClient(name = "oauth2", url = "https://dev-XXXXXX.okta.com/oauth2/default/v1")
public interface TokenFetcher {
@PostMapping(value = "/token", consumes = APPLICATION_FORM_URLENCODED_VALUE)
String token(@RequestBody Map<String, ?> form);
class Configuration {
@Bean
Encoder feignFormEncoder(ObjectFactory<HttpMessageConverters> converters) {
return new SpringFormEncoder(new SpringEncoder(converters));
}
}
}
Use the client like this:像这样使用客户端:
@Autowired
TokenFetcher tokenFetcher;
public void test() {
Map<String, Object> form = new HashMap<>();
form.put("client_id", "xxxxxx");
form.put("client_secret", "xxxxxx");
form.put("grant_type", "client_credentials");
String jwt = tokenFetcher.token(form);
}
Dependencies are:依赖项是:
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-feign</artifactId>
<version>1.4.7.RELEASE</version>
</dependency>
<dependency>
<groupId>io.github.openfeign.form</groupId>
<artifactId>feign-form-spring</artifactId>
<version>3.8.0</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
In order to use the token you must to add it token as the 'authorization' header with a prefix of 'Bearer ' (note the space) on each call.为了使用令牌,您必须在每次调用时将其添加为“授权”header,前缀为“Bearer”(注意空格)。 The easiest way to do this is be adding a RequestInterceptor to your FeignClient as follows:最简单的方法是将 RequestInterceptor 添加到您的 FeignClient 中,如下所示:
public class FeignConfiguration {
@Bean
public RequestInterceptor requestInterceptor() {
@Override
public void apply(RequestTemplate requestTemplate) {
requestTemplate.header("Authorization", "Bearer " + jwtTokenStoredSomewhere);
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.