I have two separate micro-services: Authentication server and service with resources. What I need is to obtain token from Authentication server and use this token to make request to resources service (and validate it and exchange it for username). At this moment I got following implementation which doesn't work properly.
application.yml
spring:
security:
oauth2:
client:
registration:
custom:
client-id: SampleClientId
client-secret: secret
scopes: USER
authorization-grant-type: authorization_code
redirect-uri-template: http://localhost:8082/ui/login
provider:
custom:
authorization-uri: http://localhost:8081/auth/oauth/authorize
token-uri: http://localhost:8081/auth/oauth/token
user-info-uri: http://localhost:8081/auth/authenticate
Where http://localhost:8081/auth/authenticate returns Principal object in Authorization server.
SecurityConfig.class
@EnableWebFluxSecurity
public class SecurityConfig {
@Bean
public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
return http.authorizeExchange()
.pathMatchers("/health").permitAll()
.anyExchange().authenticated()
.and().oauth2Login()
.and().build();
}
}
And simple endpoint to retrive username in Resources server
@GetMapping("/username")
public Mono<String> getHesalth(@RegisteredOAuth2AuthorizedClient("custom") OAuth2AuthorizedClient authorizedClient){
return Mono.just(authorizedClient.getPrincipalName());
}
When I made request with token header:
curl -X GET \
http://localhost:8605/username \
-H 'Authorization: Bearer {token-from-auth-server}' \
-H 'Content-Type: application/json'
Resource server returns nothing and logs:
2019-10-20 21:44:38.641 DEBUG 29768 --- [or-http-epoll-3] o.s.w.s.adapter.HttpWebHandlerAdapter : [edd1881d] HTTP GET "/username"
2019-10-20 21:44:38.704 DEBUG 29768 --- [or-http-epoll-3] .s.u.m.MediaTypeServerWebExchangeMatcher : httpRequestMediaTypes=[*/*]
2019-10-20 21:44:38.705 DEBUG 29768 --- [or-http-epoll-3] .s.u.m.MediaTypeServerWebExchangeMatcher : Processing */*
2019-10-20 21:44:38.705 DEBUG 29768 --- [or-http-epoll-3] .s.u.m.MediaTypeServerWebExchangeMatcher : Ignoring
2019-10-20 21:44:38.705 DEBUG 29768 --- [or-http-epoll-3] .s.u.m.MediaTypeServerWebExchangeMatcher : Did not match any media types
2019-10-20 21:44:38.705 DEBUG 29768 --- [or-http-epoll-3] o.s.w.s.adapter.HttpWebHandlerAdapter : [edd1881d] Completed 302 FOUND
2019-10-20 21:44:38.711 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Last HTTP response frame
2019-10-20 21:44:38.711 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] No sendHeaders() called before complete, sending zero-length header
2019-10-20 21:44:38.714 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Decreasing pending responses, now 0
2019-10-20 21:44:38.715 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Last HTTP packet was sent, terminating the channel
2019-10-20 21:44:38.715 DEBUG 29768 --- [or-http-epoll-3] r.n.channel.ChannelOperationsHandler : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] No ChannelOperation attached. Dropping: EmptyLastHttpContent
2019-10-20 21:44:38.717 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Increasing pending responses, now 1
2019-10-20 21:44:38.717 DEBUG 29768 --- [or-http-epoll-3] reactor.netty.http.server.HttpServer : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Handler is being applied: org.springframework.http.server.reactive.ReactorHttpHandlerAdapter@3ec155e2
2019-10-20 21:44:38.717 DEBUG 29768 --- [or-http-epoll-3] o.s.w.s.adapter.HttpWebHandlerAdapter : [edd1881d] HTTP GET "/oauth2/authorization/custom"
2019-10-20 21:44:38.732 DEBUG 29768 --- [or-http-epoll-3] o.s.w.s.adapter.HttpWebHandlerAdapter : [edd1881d] Completed 302 FOUND
2019-10-20 21:44:38.734 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Last HTTP response frame
2019-10-20 21:44:38.735 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] No sendHeaders() called before complete, sending zero-length header
2019-10-20 21:44:38.735 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Decreasing pending responses, now 0
2019-10-20 21:44:38.735 DEBUG 29768 --- [or-http-epoll-3] r.n.http.server.HttpServerOperations : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] Last HTTP packet was sent, terminating the channel
2019-10-20 21:44:38.735 DEBUG 29768 --- [or-http-epoll-3] r.n.channel.ChannelOperationsHandler : [id: 0xedd1881d, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33452] No ChannelOperation attached. Dropping: EmptyLastHttpContent
2019-10-20 21:44:38.738 DEBUG 29768 --- [or-http-epoll-4] r.n.http.server.HttpServerOperations : [id: 0x93302880, L:/0:0:0:0:0:0:0:1%0:8605 - R:/0:0:0:0:0:0:0:1%0:33454] New http connection, requesting read
It looks like resource server doesn't see token and redirect. Does someone has a correct configuration for this case? Or where I made mistake?
