BAEL-5300: add openfeign config
This commit is contained in:
sharifi
parent
e459737a66
commit
10dd6acd33
|
|
@ -0,0 +1,85 @@
|
||||||
|
package com.baeldung.cloud.openfeign.oauthfeign;
|
||||||
|
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.security.core.Authentication;
|
||||||
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest;
|
||||||
|
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
|
||||||
|
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager;
|
||||||
|
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.Collections;
|
||||||
|
|
||||||
|
import static java.util.Objects.isNull;
|
||||||
|
|
||||||
|
public class OAuthClientCredentialsFeignManager {
|
||||||
|
|
||||||
|
private static final Logger logger = LoggerFactory.getLogger(OAuthClientCredentialsFeignManager.class);
|
||||||
|
|
||||||
|
private final OAuth2AuthorizedClientManager manager;
|
||||||
|
private final Authentication principal;
|
||||||
|
private final ClientRegistration clientRegistration;
|
||||||
|
|
||||||
|
public OAuthClientCredentialsFeignManager(OAuth2AuthorizedClientManager manager, ClientRegistration clientRegistration) {
|
||||||
|
this.manager = manager;
|
||||||
|
this.clientRegistration = clientRegistration;
|
||||||
|
this.principal = createPrincipal();
|
||||||
|
}
|
||||||
|
|
||||||
|
private Authentication createPrincipal() {
|
||||||
|
return new Authentication() {
|
||||||
|
@Override
|
||||||
|
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||||
|
return Collections.emptySet();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Object getCredentials() {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Object getDetails() {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public Object getPrincipal() {
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public boolean isAuthenticated() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public String getName() {
|
||||||
|
return clientRegistration.getClientId();
|
||||||
|
}
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
public String getAccessToken() {
|
||||||
|
try {
|
||||||
|
OAuth2AuthorizeRequest oAuth2AuthorizeRequest = OAuth2AuthorizeRequest
|
||||||
|
.withClientRegistrationId(clientRegistration.getRegistrationId())
|
||||||
|
.principal(principal)
|
||||||
|
.build();
|
||||||
|
OAuth2AuthorizedClient client = manager.authorize(oAuth2AuthorizeRequest);
|
||||||
|
if (isNull(client)) {
|
||||||
|
throw new IllegalStateException("client credentials flow on " + clientRegistration.getRegistrationId() + " failed, client is null");
|
||||||
|
}
|
||||||
|
return client.getAccessToken().getTokenValue();
|
||||||
|
} catch (Exception exp) {
|
||||||
|
logger.error("client credentials error " + exp.getMessage());
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,46 @@
|
||||||
|
package com.baeldung.cloud.openfeign.oauthfeign;
|
||||||
|
|
||||||
|
import feign.RequestInterceptor;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.oauth2.client.*;
|
||||||
|
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||||
|
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
public class OAuthFeignConfig {
|
||||||
|
|
||||||
|
public static final String CLIENT_REGISTRATION_ID = "keycloak";
|
||||||
|
|
||||||
|
private final OAuth2AuthorizedClientService oAuth2AuthorizedClientService;
|
||||||
|
private final ClientRegistrationRepository clientRegistrationRepository;
|
||||||
|
|
||||||
|
public OAuthFeignConfig(OAuth2AuthorizedClientService oAuth2AuthorizedClientService,
|
||||||
|
ClientRegistrationRepository clientRegistrationRepository) {
|
||||||
|
this.oAuth2AuthorizedClientService = oAuth2AuthorizedClientService;
|
||||||
|
this.clientRegistrationRepository = clientRegistrationRepository;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public RequestInterceptor requestInterceptor() {
|
||||||
|
ClientRegistration clientRegistration = clientRegistrationRepository.findByRegistrationId(CLIENT_REGISTRATION_ID);
|
||||||
|
OAuthClientCredentialsFeignManager clientCredentialsFeignManager =
|
||||||
|
new OAuthClientCredentialsFeignManager(authorizedClientManager(), clientRegistration);
|
||||||
|
return requestTemplate -> {
|
||||||
|
requestTemplate.header("Authorization", "Bearer " + clientCredentialsFeignManager.getAccessToken());
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
OAuth2AuthorizedClientManager authorizedClientManager() {
|
||||||
|
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder()
|
||||||
|
.clientCredentials()
|
||||||
|
.build();
|
||||||
|
|
||||||
|
AuthorizedClientServiceOAuth2AuthorizedClientManager authorizedClientManager =
|
||||||
|
new AuthorizedClientServiceOAuth2AuthorizedClientManager(clientRegistrationRepository, oAuth2AuthorizedClientService);
|
||||||
|
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
|
||||||
|
return authorizedClientManager;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue