How to call a secure microservice endpoint through zuul or any api gateway
Question
I have a springboot application. The endpoints are secured, they need jwt token authorization inorder to be accessed. There is an endpoint in the application, which accepts username and password and returns a jwt token. Now this token can be set in the authorization header and the other secure api's can be accessed.
I have another springboot application which is acting as zuul api gateway. How do I call my secure api through this zuul application. I am new to microservices architecture. Please advise.
1 answers
solution1
0 2019-10-28 15:16:33
My suggestion is you should have authentication only at the gateway(Zuul) level.
You shouldn't be having authentication during inter-microservice call.
Your micro-services will all be accessible via the gateway and hence will be protected.
In case if you still want to use the JWT token mechanism for inter micro-service calling, use the below example-
Assume I have a service called search-service as micro-service.
Create an service to call login end-point and fetch the token and pass that token in Authorization header ex: "Bearer "<>
@FeignClient(name = "search-service")
public interface SearchService
{
@RequestMapping(method = RequestMethod.POST , value = "/api-search/user/v2/search" , consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
List<Map<String, List<Map<String, Object>>>> search(@RequestHeader("Authorization")String token, String query);
@RequestMapping(method = RequestMethod.POST , value = "/api-search/auth/login", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public AuthResponseDto login(@RequestBody AuthRequestDto authRequestDto);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.