提问者:小点点

FeegnClient日志打印两个配置的Interceptor调用,这是在运行时识别哪一个是实际的混淆


我使用FeegnClient的RestAPI调用,这里是用例如下所述。

我有2个不同的服务,它们通过基本身份验证进行授权,具有两种不同的身份验证。

Service-1(SpringBoot微服务)以以下配置运行

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private BasicAuthenticationPoint basicAuthenticationPoint;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
        .anyRequest().authenticated();
        http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("XYZ").password("PQR").roles("USER");
    }
}

Service-2(SpringBoot微服务)以以下配置运行

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;

@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private BasicAuthenticationPoint basicAuthenticationPoint;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
        .anyRequest().authenticated();
        http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("abc").password("123").roles("USER");
    }
}

从第三个微服务开始,我尝试将每个微服务与以下代码库连接起来,FlygnClientConfiguration1


import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;

import javax.servlet.ServletRequestListener;

@Configuration
public class FeignClientConfiguration1 {

    @Autowired
    private Environment env;

    @Bean
    public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
        System.out.println("Config-1");
        return new BasicAuthRequestInterceptor("XYZ", "PQR");
    }

    @Bean
    public RequestInterceptor bearerTokenRequestInterceptor() {
        return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
    }

    @Bean
    Logger.Level feignLoggerLevel() {
        return Logger.Level.FULL;
    }
}

模拟客户端配置2


import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;

import javax.servlet.ServletRequestListener;

@Configuration
public class FeignClientConfiguration2 {

    @Autowired
    private Environment env;

    @Bean
    public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
        System.out.println("Config-2");
        return new BasicAuthRequestInterceptor("abc", "123");
    }

    @Bean
    public RequestInterceptor bearerTokenRequestInterceptor() {
        return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
    }    
}

我的模拟客户端如下模拟客户端1


import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;

import com.config.FeignClientConfiguration1;

@FeignClient( url = "http://localhost:8081", name = "FeignClient1", configuration = FeignClientConfiguration1.class)
public interface FeignClient1 {

    @GetMapping("/api/hello/{name}")
    ResponseEntity<Object> greetingMessage(@PathVariable String name);

}

模拟客户端1


import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;

import com.config.FeignClientConfiguration1;

@FeignClient( url = "http://localhost:8082", name = "FeignClient2", configuration = FeignClientConfiguration2.class)
public interface FeignClient2 {

    @GetMapping("/api/hello/{name}")
    ResponseEntity<Object> greetingMessage(@PathVariable String name);

}

在从我的控制器调用任何方法期间,即

@RestController
@RequestMapping(TEST_SERVICE_CONTROLLER_URL)
public class UtilityTestController {
    
    @Autowired
    private FeignClient1 client1;
    
    @Autowired
    private FeignClient2 client2;
    
    
    @GetMapping(value = "/check1", produces = MediaType.APPLICATION_JSON_VALUE)
    public ResponseEntity<?> test() {
        return new ResponseEntity<>(client1.greetingMessage("TestV1"), null, HttpStatus.OK);
    }

    @GetMapping(value = "/check2", produces = MediaType.APPLICATION_JSON_VALUE)
    public ResponseEntity<?> test2() {
        return new ResponseEntity<>(client2.greetingMessage("TestV2"), null, HttpStatus.OK);
    }
}

我的伐木工是

2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] ---> GET http://localhost:8081/api/hello/TestV1 HTTP/1.1
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] Accept: application/json
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmEyOmNoYW5kYW5hMg==
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmE6Y2hhbmRhbmE=
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] ---> END HTTP (0-byte body)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] <--- HTTP/1.1 200 (12ms)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] cache-control: no-cache, no-store, max-age=0, must-revalidate
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] content-type: application/json;charset=UTF-8
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] date: Wed, 05 Jan 2022 17:36:09 GMT
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] expires: 0
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] pragma: no-cache
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] set-cookie: JSESSIONID=2E037D8263A9DAC3D1F8E3957A3C4C54; Path=/; HttpOnly
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] transfer-encoding: chunked
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] x-content-type-options: nosniff
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] x-frame-options: DENY
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] x-xss-protection: 1; mode=block
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] 
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] {"player":"TestV1","message":"Hello V2TestV1"}
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1       : [FeignClient1#greetingMessage] <--- END HTTP (46-byte body)

在日志中的两种情况下,都记录了两次授权部分。所以,这里我有点困惑它是否拾取了正确的拦截器。

我的困惑是

  1. 为什么它在记录器中显示两次,它会通过不同配置的每个拦截器吗?
  2. 这是否可能使相关的拦截器沉默?
  3. 模拟客户端是否会遍历在每个配置类中注册的所有拦截器?

注意:虽然我得到了有效的响应,但这意味着它正在通过正确配置的BasicAuth w. r.t.破解。每个方法。


共1个答案

匿名用户

由于您使用@Configuration注释标记了FegnClientConfiguration1FegnClientConfiguration2类,因此它们将被“全局”地用于Spring上下文,这实质上意味着那些与Feign相关的bean将应用于所有Feign客户端。

我看到您在@FEGNClient注释上指定了配置属性,但这不会“撤消”全局配置。

要做的是从FergnClientConfiguration1FegnClientConfiguration2中删除@Configuration注释,并仅使用@FegnClient配置属性。