I am trying to use the Sprign-Cloud-Gateway to implement role-based-authentication for an application with multiple microservices. I have 3 roles in the application: Customer, Deliverer and Dispatcher and I have a service called customer-authentication-service for creating & managing the JWTs and roles.
This is what I need to do, but could not do:
private final Map<Request, ImmutableList<String>> PERMISSIONED_ENDPOINTS = new HashMap<>(){{
put(new Request(HttpMethod.PUT, "/*/collected/deliverer/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.PUT, "/*/deposited/deliverer/*/box/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.PUT, "/user/*/delivered/box/*"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.GET, "/customer/{customerId}/status/delivered"), ImmutableList.of("DISPATCHER", "CUSTOMER")); // Only the customer with that id
put(new Request(HttpMethod.GET, "/customer/{customerId}/status/active"), ImmutableList.of("DISPATCHER", "CUSTOMER")); // Only the customer with that id
put(new Request(HttpMethod.POST, "/boxes"), ImmutableList.of("DISPATCHER", "CUSTOMER));
put(new Request(HttpMethod.PUT, "/boxes/{boxId}"), ImmutableList.of("DISPATCHER"));
put(new Request(HttpMethod.DELETE, "/boxes/{boxId}"), ImmutableList.of("DISPATCHER"));
}};
I couldn't understand how to match these.
My question:
How should I implement the URL matching and applying custom logic (sending requests to get the role and checking it) with the complex urls that contain path variables. Should I store Pattern objects and compare the incoming request with these, using regexes?
I also checked Predicates and gone through all the docs but couldn't figure out how to implement it exactly. Please provide me with a minimal working example for one of the complex urls and I will figure out the rest.
Something like antMatchers in Spring Security would do the job but I am not sure if adding Spring Security is what I need in this case.
Thanks in advance.
Sorry, I did not understand your question fully. I'll try to answer on the basic of whatever I understand.
What I think is you are looking of HTTP Request Interceptor, which will intercept your every request and then you can check if that URL matches to your desired URL.
Here is link to docs of HandlerInterceptor Interface. You can implement HandlerInterceptor and use preHandle() method where you will get access to incoming request.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.