I have a scenario that I have some microservices, cloud gateway and eureka server. All microservices and cloud gateway registered on the eureka server. Cloud gateway will securing all the downstream services. When any user want to access the service first it will fill out the username and password for authentication on the cloud gateway. If the user will be authentic then it will access the service by the gateway route that is already set in application.properties file but I want when the user will authentic and access the service then I can also get user authentic credential in downstream services or microservices that are behind the cloud gateway. In other word I want to getting principle values that is set on the gateway in downstream service. So, After searching many days I got a Global Filter Implementation link but this filter code in Kotlin and I am not familiar with Kotlin, So unable to understand of this. I want to implement this in Java. Basically this filter for adding username and user roles to headers of downstream services request. How can I convert this filter into java.
Here is the Workflow
Here is the cloud gateway configuration
@Configuration@EnableWebFluxSecuritypublic class GatewaySecurityConfig{ @Bean public MapReactiveUserDetailsService userDetailsService() { UserDetails user = User.builder() .username("user") .password(passwordEncoder().encode("password")) .roles("USER") .build(); UserDetails admin = User.builder() .username("admin") .password(passwordEncoder().encode("password")) .roles("USER","ADMIN") .build(); return new MapReactiveUserDetailsService(user, admin); } @Bean public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { http .authorizeExchange() .anyExchange().authenticated() .and() .httpBasic(withDefaults()) .formLogin(); return http.build(); } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(8); } } Global Filter Implementation in Kotlin and I want code of this in Java8
@Componentclass AddCredentialsGlobalFilter : GlobalFilter { private val usernameHeader = "logged-in-user" private val rolesHeader = "logged-in-user-roles" override fun filter(exchange: ServerWebExchange, chain: GatewayFilterChain) = exchange.getPrincipal<Principal>() .flatMap { p -> val request = exchange.request.mutate() .header(usernameHeader, p.name) .header(rolesHeader, (p as Authentication).authorities?.joinToString(";") ?: "") .build() chain.filter(exchange.mutate().request(request).build()) }}Application.properties Configuration
server: port: 8080 eureka: client: serviceUrl: defaultZone: http://localhost:8083/eureka spring: main: allow-bean-definition-overriding: true application: name: gateway cloud: gateway: routes: - id: userModule uri: lb://user predicates: - Path=/user/**Advertisement
Answer
I believe it’s something like following
@Componentpublic class AddCredentialsGlobalFilter implements GlobalFilter { private final String usernameHeader = "logged-in-user"; private final String rolesHeader = "logged-in-user-roles"; @Override public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { return exchange.getPrincipal().flatMap(p -> { List<GrantedAuthority> authorities = (List<GrantedAuthority>) ((Authentication)p).getAuthorities(); String rolesString = authorities != null ? authorities.stream().map(Object::toString).collect(Collectors.joining(";")) : ""; ServerHttpRequest request = exchange.getRequest().mutate() .header(usernameHeader, p.getName()) .header(rolesHeader, rolesString) .build(); return chain.filter(exchange.mutate().request(request).build()); }); }}