使用spring rest模板在服务上传播HTTP标头(JWT Token)

Question

使用spring rest模板在服务上传播HTTP标头(JWT Token)

dra*_*aro 6 java rest spring jwt

我有一个微服务架构,它们都是由弹簧安全和JWT令牌组成的.

因此,当我调用我的第一个微服务时,我想使用JWT令牌并使用这些凭据向另一个服务发送请求.

如何检索令牌并再次发送到其他服务？

Answer 1

pad*_*_89 9

基本上,您的令牌应位于请求的标头中,例如:授权:承载.要获取它,您可以通过控制器中的@RequestHeader()检索任何标头值:

@GetMapping("/someMapping")
public String someMethod(@RequestHeader("Authorization") String token) {

}

Run Code Online (Sandbox Code Playgroud)

现在,您可以将令牌放在标头中,以用于以下请求:

HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", token);

HttpEntity<RestRequest> entityReq = new HttpEntity<RestRequest>(request, headers);

Run Code Online (Sandbox Code Playgroud)

现在您可以将HttpEntity传递给您的其余模板:

template.exchange("RestSvcUrl", HttpMethod.POST, entityReq, SomeResponse.class);

Run Code Online (Sandbox Code Playgroud)

希望我能提供帮助

Answer 2

dra*_*aro 7

我已经完成了任务，创建了一个自定义过滤器

public class RequestFilter implements Filter{



    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        HttpServletRequest httpServletRequest = (HttpServletRequest) request;
        String token = httpServletRequest.getHeader(RequestContext.REQUEST_HEADER_NAME);

        if (token == null || "".equals(token)) {
            throw new IllegalArgumentException("Can't retrieve JWT Token");
        }

        RequestContext.getContext().setToken(token);
        chain.doFilter(request, response);

    }

    @Override
    public void destroy() { }

    @Override
    public void init(FilterConfig arg0) throws ServletException {}


}

Run Code Online (Sandbox Code Playgroud)

然后，在我的配置中进行设置

    @Bean
public FilterRegistrationBean getPeticionFilter() {

    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(new RequestFilter());
    registration.addUrlPatterns("/*");
    registration.setName("requestFilter");

    return registration;
}

Run Code Online (Sandbox Code Playgroud)

考虑到这一点，我创建了另一个带有ThreadLocal变量的类，以将JWT令牌从Controller传递到Rest Templace拦截器

public class RequestContext {

public static final String REQUEST_HEADER_NAME = "Authorization";

private static final ThreadLocal<RequestContext> CONTEXT = new ThreadLocal<>();

private String token;

public static RequestContext getContext() {
    RequestContext result = CONTEXT.get();

    if (result == null) {
        result = new RequestContext();
        CONTEXT.set(result);
    }

    return result;
}

public String getToken() {
    return token;
}

public void setToken(String token) {
    this.token = token;
}

Run Code Online (Sandbox Code Playgroud)

}

public class RestTemplateInterceptor implements ClientHttpRequestInterceptor{

@Override
public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException {

    String token = RequestContext.getContext().getToken();

    request.getHeaders().add(RequestContext.REQUEST_HEADER_NAME, token);

    return execution.execute(request, body);

}

}

Run Code Online (Sandbox Code Playgroud)

将拦截器添加到配置

  @PostConstruct
public void addInterceptors() {
    List<ClientHttpRequestInterceptor> interceptors = restTemplate.getInterceptors();
    interceptors.add(new RestTemplateInterceptor());
    restTemplate.setInterceptors(interceptors);
}

Run Code Online (Sandbox Code Playgroud)

归档时间：	8 年前
查看次数：	9997 次
最近记录：	6 年，4 月前