我使用FeegnClient的RestAPI调用,这里是用例如下所述。
我有2个不同的服务,它们通过基本身份验证进行授权,具有两种不同的身份验证。
Service-1(SpringBoot微服务)以以下配置运行
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {
@Autowired
private BasicAuthenticationPoint basicAuthenticationPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
.anyRequest().authenticated();
http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("XYZ").password("PQR").roles("USER");
}
}
Service-2(SpringBoot微服务)以以下配置运行
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {
@Autowired
private BasicAuthenticationPoint basicAuthenticationPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
.anyRequest().authenticated();
http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("abc").password("123").roles("USER");
}
}
从第三个微服务开始,我尝试将每个微服务与以下代码库连接起来,FlygnClientConfiguration1
import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import javax.servlet.ServletRequestListener;
@Configuration
public class FeignClientConfiguration1 {
@Autowired
private Environment env;
@Bean
public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
System.out.println("Config-1");
return new BasicAuthRequestInterceptor("XYZ", "PQR");
}
@Bean
public RequestInterceptor bearerTokenRequestInterceptor() {
return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
}
@Bean
Logger.Level feignLoggerLevel() {
return Logger.Level.FULL;
}
}
模拟客户端配置2
import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import javax.servlet.ServletRequestListener;
@Configuration
public class FeignClientConfiguration2 {
@Autowired
private Environment env;
@Bean
public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
System.out.println("Config-2");
return new BasicAuthRequestInterceptor("abc", "123");
}
@Bean
public RequestInterceptor bearerTokenRequestInterceptor() {
return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
}
}
我的模拟客户端如下模拟客户端1
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import com.config.FeignClientConfiguration1;
@FeignClient( url = "http://localhost:8081", name = "FeignClient1", configuration = FeignClientConfiguration1.class)
public interface FeignClient1 {
@GetMapping("/api/hello/{name}")
ResponseEntity<Object> greetingMessage(@PathVariable String name);
}
模拟客户端1
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import com.config.FeignClientConfiguration1;
@FeignClient( url = "http://localhost:8082", name = "FeignClient2", configuration = FeignClientConfiguration2.class)
public interface FeignClient2 {
@GetMapping("/api/hello/{name}")
ResponseEntity<Object> greetingMessage(@PathVariable String name);
}
在从我的控制器调用任何方法期间,即
@RestController
@RequestMapping(TEST_SERVICE_CONTROLLER_URL)
public class UtilityTestController {
@Autowired
private FeignClient1 client1;
@Autowired
private FeignClient2 client2;
@GetMapping(value = "/check1", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> test() {
return new ResponseEntity<>(client1.greetingMessage("TestV1"), null, HttpStatus.OK);
}
@GetMapping(value = "/check2", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> test2() {
return new ResponseEntity<>(client2.greetingMessage("TestV2"), null, HttpStatus.OK);
}
}
我的伐木工是
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] ---> GET http://localhost:8081/api/hello/TestV1 HTTP/1.1
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Accept: application/json
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmEyOmNoYW5kYW5hMg==
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmE6Y2hhbmRhbmE=
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] ---> END HTTP (0-byte body)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] <--- HTTP/1.1 200 (12ms)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] cache-control: no-cache, no-store, max-age=0, must-revalidate
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] content-type: application/json;charset=UTF-8
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] date: Wed, 05 Jan 2022 17:36:09 GMT
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] expires: 0
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] pragma: no-cache
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] set-cookie: JSESSIONID=2E037D8263A9DAC3D1F8E3957A3C4C54; Path=/; HttpOnly
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] transfer-encoding: chunked
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-content-type-options: nosniff
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-frame-options: DENY
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-xss-protection: 1; mode=block
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage]
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] {"player":"TestV1","message":"Hello V2TestV1"}
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] <--- END HTTP (46-byte body)
在日志中的两种情况下,都记录了两次授权部分。所以,这里我有点困惑它是否拾取了正确的拦截器。
我的困惑是
注意:虽然我得到了有效的响应,但这意味着它正在通过正确配置的BasicAuth w. r.t.破解。每个方法。
由于您使用@Configuration
注释标记了FegnClientConfiguration1
和FegnClientConfiguration2
类,因此它们将被“全局”地用于Spring上下文,这实质上意味着那些与Feign相关的bean将应用于所有Feign客户端。
我看到您在@FEGNClient
注释上指定了配置
属性,但这不会“撤消”全局配置。
要做的是从FergnClientConfiguration1
和FegnClientConfiguration2
中删除@Configuration
注释,并仅使用@FegnClient
配置属性。