I have a feign client
#FeignClient(name = "client1")
public interface Client1 {
#GetMapping("/hello")
HelloResponse hello();
}
How can I get the name client1 within RequestInterceptor?
public class HelloInterceptor implements RequestInterceptor {
#Override
public void apply(RequestTemplate requestTemplate) {
// how to get "client1" here?
}
}
requestTemplate.feignTarget().name()
This will give the client name
Related
I have created a client with Spring Security. As Authorization Server I use Keycloak.
Now I want to gain access to the access token, using the parameter annotation #RegisteredOAuth2AuthorizedClient(registrationId = "keycloak")
I get access to the token, but when I go through the OAuth2AuthorizedClientService I only get back NULL, and I don't understand why.
Here is my implementation:
application.properties:
spring.security.oauth2.client.registration.keycloak.client-id=test-client
spring.security.oauth2.client.registration.keycloak.client-secret=b466bd4e-8dec-4af2-b90a-ab3fc06009b6
spring.security.oauth2.client.registration.keycloak.authorization-grant-type=client_credentials
spring.security.oauth2.client.provider.keycloak.issuer-uri=http://localhost:8081/auth/realms/master
SecurityConfiguration.class
#Configuration
public class SecurityConfiguration extends WebSecurityConfigurerAdapter
{
#Override
public void configure(HttpSecurity http) throws Exception
{
http.oauth2Client();
}
}
RestController:
#RestController
#RequestMapping("client")
public class ExampleRestController
{
#Autowired
private OAuth2AuthorizedClientService authorizedClientService;
#GetMapping("resource")
public void runSecure(#RegisteredOAuth2AuthorizedClient(registrationId = "keycloak") OAuth2AuthorizedClient client)
{
var serviceClient = authorizedClientService.loadAuthorizedClient("keycloak", "anonymousUser");
System.out.println(serviceClient.getAccessToken()); // NULL
System.out.println((client.getAccessToken())); // NOT NULL
}
}
Hope for help, thanks :)
EDIT:
Here is my solution to get a flexible access to the access-token using a service:
application.properties:
spring.security.oauth2.client.registration.keycloak.client-id=test-client
spring.security.oauth2.client.registration.keycloak.client-secret=b466bd4e-8dec-4af2-b90a-ab3fc06009b6
spring.security.oauth2.client.provider.keycloak.token-uri=http://localhost:8081/auth/realms/master/protocol/openid-connect/token
Client registration:
#Configuration
public class ClientRegistrationConfiguration
{
private static final String KEYCLOAK = "keycloak";
#Bean
public ClientRegistration clientRegistration(OAuth2ClientProperties properties)
{
return withRegistrationId(KEYCLOAK)
.tokenUri(properties.getProvider().get(KEYCLOAK).getTokenUri())
.clientId(properties.getRegistration().get(KEYCLOAK).getClientId())
.clientSecret(properties.getRegistration().get(KEYCLOAK).getClientSecret())
.authorizationGrantType(CLIENT_CREDENTIALS)
.build();
}
#Bean
public ClientRegistrationRepository clientRegistrationRepository(ClientRegistration clientRegistration)
{
return new InMemoryClientRegistrationRepository(clientRegistration);
}
#Bean
public OAuth2AuthorizedClientService oAuth2AuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository)
{
return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
}
#Bean
public AuthorizedClientServiceOAuth2AuthorizedClientManager authorizedClientServiceOAuth2AuthorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService)
{
var authorizedClientProvider = builder().clientCredentials().build();
var authorizedClientManager = new AuthorizedClientServiceOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientService);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
return authorizedClientManager;
}
}
My custom token service:
#Service
public class DefaultTokenService implements TokenService
{
#Autowired
private AuthorizedClientServiceOAuth2AuthorizedClientManager clientManager;
#Override
public OAuth2AccessToken getOAuth2AccessToken()
{
return Objects.requireNonNull(clientManager.authorize(withClientRegistrationId("keycloak").principal("Keycloak").build())).getAccessToken();
}
}
You need to autowire OAuth2AuthorizedClientManager bean and explicitly send a token request:
authorizedClientManager.authorize(request)
See https://docs.spring.io/spring-security/reference/servlet/oauth2/client/authorization-grants.html
I'm working on making a custom properties provider to load the contents of a Spring cloud config server at startup. I need to make a single call at the initialization of the provider to fetch these properties, and would like to use the Mule HttpService in order to make the http client for this call, instead of creating my own. Unfortunately, whenever I try this, it seems the HttpService hasn't been created yet and so throws an NPE once it's referenced.
CustomConfigurationPropertiesProviderFactory.java
public class CustomConfigurationPropertiesProviderFactory implements ConfigurationPropertiesProviderFactory {
public static final String EXTENSION_NAMESPACE = "custom-properties";
public static final String CONFIGURATION_PROPERTIES_ELEMENT = "config";
public static final ComponentIdentifier CUSTOM_CONFIGURATION_PROPERTIES =
builder().namespace(EXTENSION_NAMESPACE).name(CONFIGURATION_PROPERTIES_ELEMENT).build();
#Inject
HttpService httpService;
#Override
public ComponentIdentifier getSupportedComponentIdentifier() {
return CUSTOM_CONFIGURATION_PROPERTIES;
}
#Override
public ConfigurationPropertiesProvider createProvider(ConfigurationParameters parameters,
ResourceProvider externalResourceProvider) {
String url = parameters.getStringParameter("url");
return new CustomConfigurationPropertiesProvider(url, httpService);
}
}
CustomConfigurationPropertiesProvider.java
public class CustomConfigurationPropertiesProvider implements ConfigurationPropertiesProvider {
private final static String PREFIX = "custom::";
private Properties properties = null;
public CustomConfigurationPropertiesProvider(String url, HttpService httpService) {
HttpClientConfiguration.Builder builder = new HttpClientConfiguration.Builder();
builder.setName("customProperties");
HttpClient client = httpService.getClientFactory().create(builder.build()); //NPE here
client.start();
// proceed to create and execute request, then load into properties
}
#Override
public Optional<ConfigurationProperty> getConfigurationProperty(String configurationAttributeKey) {
if (configurationAttributeKey.startsWith(PREFIX)) {
String effectiveKey = configurationAttributeKey.substring(PREFIX.length());
if (properties != null && !properties.isEmpty()) {
return Optional.of(new ConfigurationProperty() {
#Override
public Object getSource() {...}
#Override
public Object getRawValue() { return properties.getProperty(effectiveKey); }
#Override
public String getKey() { return effectiveKey; }
});
}
}
return Optional.empty();
}
}
What do I need to change to properly inject this service?
I've been following the advice from these two bits of documentation, for reference:
https://docs.mulesoft.com/mule-runtime/4.2/custom-configuration-properties-provider
https://docs.mulesoft.com/mule-sdk/1.1/mule-service-injection
I've got a legacy app in java that can't use spring cloud. It uses a feign client to access a microservice throug the gateway.
Gateway and service are generated by jhipster 5.7.2 with OAuth2/OIDC option.
In my client, the a RequestInterceptor calls keycloak in order to get a token (direct access grant) and injects it int he header.
It's ok when I make a GET request, but I receive a 403 after POST or PUT request.
CORS is enabled on the gateway (but isn't used because the request isn't a cors request). I run it in dev mode.
Zuul routes seem to be ok.
I didn't change the config neither on the gateway nor on the service.
Does anybody have an idea ?
Below my feign client :
public interface SmartDocumentClient {
#RequestLine("GET /api/ebox/test")
//#Headers("Content-Type: application/json")
public ResponseEntity<HasEboxResponse> test();
#RequestLine("POST /api/ebox/test")
#Headers("Content-Type: application/json")
public ResponseEntity<HasEboxResponse> testPost(HasEboxRequest request);
#RequestLine("PUT /api/ebox/test")
#Headers("Content-Type: application/json")
public ResponseEntity<HasEboxResponse> testPut(HasEboxRequest request); }
My client config :
T client = Feign.builder()
.contract(new feign.Contract.Default()) //annotation openfeign pour éviter bug d'upload avec SpringMvc
.client(new OkHttpClient())
.encoder(new FormEncoder(new GsonEncoder())) //pour gérer le formData
.decoder(new ResponseEntityDecoder(new ResponseEntityDecoder(new CustomFileDecoder(new CustomGsonDecoder()))))
.requestInterceptor(interceptor)
.options(new Request.Options(timeout, timeout))
.target(SmartDocumentClient, url);
The interceptor :
public class GedRequestInterceptor implements RequestInterceptor {
public static final String AUTHORIZATION = "Authorization";
public static final String BEARER = "Bearer";
private String authUrl;
private String user;
private String password;
private String clientId;
private String clientSecret;
private RestTemplate restTemplate;
private CustomOAuth2ClientContext oAuth2ClientContext;
public GedRequestInterceptor(String authUrl, String user, String password, String clientId, String clientSecret) {
super();
this.authUrl = authUrl;
this.user = user;
this.password = password;
this.clientId = clientId;
this.clientSecret = clientSecret;
restTemplate = new RestTemplate();
//oAuth2ClientContext = new DefaultOAuth2ClientContext();
}
#Override
public void apply(RequestTemplate template) {
// demander un token à keycloak et le joindre à la request
Optional<String> token = getToken();
if (token.isPresent()) {
template.header(HttpHeaders.ORIGIN, "localhost");
template.header(AUTHORIZATION, String.format("%s %s", BEARER, token.get()));
}
}
private Optional<String> getToken() {
if (oAuth2ClientContext.getAccessToken() == null || oAuth2ClientContext.getAccessToken().isExpired()) {
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("client_id", this.clientId);
map.add("client_secret", this.clientSecret);
map.add("grant_type", "password"); // client_credentials //password
map.add("username", this.user);
map.add("password", this.password);
oAuth2ClientContext.setAccessToken(askToken(map));
}
if (oAuth2ClientContext.getAccessToken() != null){
return Optional.ofNullable(oAuth2ClientContext.getAccessToken().getValue());
} else {
return Optional.empty();
}
}
private CustomOAuth2AccessToken askToken( MultiValueMap<String, String> map) {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
ResponseEntity<CustomOAuth2AccessToken> response = restTemplate.postForEntity(
this.authUrl, request, CustomOAuth2AccessToken.class);
if (response != null && response.hasBody()) {
return response.getBody();
} else {
return null;
}
}
}
And finally the ressource :
#RestController
#RequestMapping("/api")
public class DocumentResource {
private static String TMP_FILE_PREFIX = "smartdoc_tmp";
public DocumentResource() {
}
#GetMapping("/ebox/test")
public ResponseEntity<HasEboxResponse> test() {
return ResponseEntity.ok(new HasEboxResponse());
}
#PostMapping("/ebox/test")
public ResponseEntity<HasEboxResponse> testPost(#RequestBody HasEboxRequest request) {
return ResponseEntity.ok(new HasEboxResponse());
}
#PutMapping("/ebox/test")
public ResponseEntity<HasEboxResponse> testPut(#RequestBody HasEboxRequest request) {
return ResponseEntity.ok(new HasEboxResponse());
}
}
Thanks !
The problem was in the spring security config. WebSecurity didn't allow to call urls like "[SERVICE_NAME]/api" without authentication. I added a rule to allow acces to some urls. If an access token is in the header, it will be forward to the service by zuul.
#Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/ext/*/api/**") // allow calls to services, redirect by zuul
.antMatchers(HttpMethod.OPTIONS, "/**")
.antMatchers("/app/**/*.{js,html}")
.antMatchers("/i18n/**")
.antMatchers("/content/**")
.antMatchers("/swagger-ui/index.html")
.antMatchers("/test/**");
}
In order to call others services by UI and let inject access token by the gateway, I defined two groups of routes in my zuul config,
routes:
myservice:
path: /myservice/**
serviceId: myservice
myservice_ext:
path: /ext/myservice/**
serviceId: myservice
/ext/myService... : referencing services and don't and ignore by spring secu
/myService... : referencing services but handled by spring secu
We are trying to write custom POST route filter for ZUUL. We are using Spring Cloud Zuul. This is what we are trying to do -
There are more than one instance of same service (ServiceA) registered with Eureka. We make a rest API request in ServiceA via ZUUL and the API is serviced by any one of the instances registered with Eureka. What we want to know is the hostip of the instance which services that particulare request.
We implemented a POST filter but the RequestContext.getCurrentContext().getRouteHost is empty; is there any other way to get the hostip??
It works for me:
#Component
public class PostFilter extends ZuulFilter {
#Override
public String filterType() {
return "post";
}
#Override
public int filterOrder() {
return 1;
}
#Override
public boolean shouldFilter() {
return true;
}
#Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
ctx.getResponseBody();
((IResponse) ctx.get("ribbonResponse")).getRequestedURI();
return null;
}
}
I would like to create custom image component .So I followed step by step from Integrating with Server-side. For basic or first-step , I created for the test Server to Client RPC call as following steps.
MyComponentWidget.java
public class MyComponentWidget extends HTML {
public MyComponentWidget() {
getElement().setAttribute("class", "thumbnail");
}
public final void createCustomImage(final String url) {
getElement().setInnerHTML("<div class='delete-block'></div><img src=" + url + " />");
}
}
MyComponentState.java
public class MyComponentState extends AbstractComponentState {
private String url;
private String html;
public final String getUrl() {
return url;
}
public final void setUrl(final String url) {
this.url = url;
}
public final String getHtml() {
return html;
}
public final void setHtml(final String html) {
this.html = html;
}
}
MyComponentConnector.java
public class MyComponentConnector extends AbstractComponentConnector {
public MyComponentConnector() {
registerRpc(MyComponentClientRpc.class, new MyComponentClientRpc() {
#Override
public void getMessage() {
// never reach to this place
System.err.println("Reach Here !");
getState().setHtml(getWidget().getHTML());
}
});
}
#Override
public final MyComponentWidget getWidget() {
return (MyComponentWidget) super.getWidget();
}
#Override
public final MyComponentState getState() {
return (MyComponentState) super.getState();
}
#OnStateChange("url")
final void updateText() {
getWidget().createCustomImage(getState().getUrl());
}
}
MyComponentClientRpc.java
import com.vaadin.shared.communication.ClientRpc;
public interface MyComponentClientRpc extends ClientRpc {
void getMessage();
}
MyComponent.java
public class MyComponent extends AbstractComponent {
public MyComponent(final String url) {
getState().setUrl(url);
}
public final MyComponentState getState() {
return (MyComponentState) super.getState();
}
public final String getHTML() {
getRpcProxy(MyComponentClientRpc.class).getMessage();
return getState().getHtml();
}
}
and call as
MyComponent image = new MyComponent("myImageUrl");
System.out.println(image.getHTML());
My problem is why I always get null value at my console ? I can see the image at browser but System.out.println(image.getHTML()); produces null. What am I missing ?
To make a rpc call from client to server, you must extend the ServerRpc interface, for example:
package com.example.client.MyServerRpc
public interface MyServerRpc extends com.vaadin.shared.communication.ServerRpc {
void sendHTML(String html);
}
In your connector your register the rpc:
private MyServerRpc rpc = RpcProxy.create(MyServerRpc.class, this);
And then you can send a value by using the registered rpc in your connector:
rpc.sendHTML(html);
To receive the value on your component's or extension's server-side class, you must create an instance of the rpc interface:
private MyServerRpc rpc = new MyServerRpc() {
#Override
public void sendHTML(String html) {
// this method will be called!
}
};
and register that in the constructor:
registerRpc(rpc);
After these steps RPC from client to server should work.