Spring Cloud - 20. Users Microservice AuthorizationHeaderFilter 추가

목차

Users Microservice AuthorizationHeaderFilter 추가

@Component
@Slf4j
public class AuthorizationHeaderFilter extends AbstractGatewayFilterFactory<AuthorizationHeaderFilter.Config> {
private Environment env;

public AuthorizationHeaderFilter(Environment env){
super(Config.class);
this.env = env;
}

// login -> token -> users (with token) -> header(include token)
@Override
public GatewayFilter apply(Config config) {
return ((exchange, chain) -> {
ServerHttpRequest request = exchange.getRequest();

if(!request.getHeaders().containsKey(HttpHeaders.AUTHORIZATION)){
return onError(exchange, "No Authorization Header", HttpStatus.UNAUTHORIZED);
}

String authorizationHeader = request.getHeaders().get(HttpHeaders.AUTHORIZATION).get(0);
String jwt = authorizationHeader.replace("Bearer ", "");

if(!isJwtValid(jwt)){
return onError(exchange, "JWT token is not valid", HttpStatus.UNAUTHORIZED);
}

return chain.filter(exchange);
});
}

private boolean isJwtValid(String jwt){
boolean returnValue = true;

String subject = null;
String key = env.getProperty("token.secret");

try {
subject = Jwts.parser()
.setSigningKey(env.getProperty("token.secret"))
.parseClaimsJws(jwt).getBody()
.getSubject();
} catch (Exception ex){
returnValue = false;
}

if(subject == null || subject.isEmpty()){
returnValue = false;
}

return returnValue;
}

private Mono<Void> onError(ServerWebExchange exchange, String error, HttpStatus httpStatus) {
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(httpStatus);

log.error(error);
return response.setComplete();
}

public static class Config{

}
}
// https://mvnrepository.com/artifact/javax.xml.bind/jaxb-api
implementation group: 'javax.xml.bind', name: 'jaxb-api', version: '2.3.1'
server:
port: 8080

eureka:
client:
register-with-eureka: true
fetch-registry: true
service-url:
defaultZone: http://localhost:8761/eureka

spring:
application:
name: apigateway-service
cloud:
gateway:
default-filters:
- name: GlobalFilter
args:
baseMessage: Spring Cloud Gateway Global Filter
preLogger: true
postLogger: true

routes:
# - id: user-service
# uri: lb://USER-SERVICE
# predicates:
# - Path=/user-service/**
# filters:
# - CustomFilter
- id: user-service
uri: lb://USER-SERVICE
predicates:
- Path=/user-service/login
- Method=POST
filters:
- RemoveRequestHeader=Cookie
- RewritePath=/user-service/(?<segment>.*), /$\{segment}

- id: user-service
uri: lb://USER-SERVICE
predicates:
- Path=/user-service/users
- Method=POST
filters:
- RemoveRequestHeader=Cookie
- RewritePath=/user-service/(?<segment>.*), /$\{segment}

- id: user-service
uri: lb://USER-SERVICE
predicates:
- Path=/user-service/**
- Method=GET
filters:
- RemoveRequestHeader=Cookie
- RewritePath=/user-service/(?<segment>.*), /$\{segment}
- AuthorizationHeaderFilter

- id: catalog-service
uri: lb://CATALOG-SERVICE
predicates:
- Path=/catalog-service/**
filters:
- CustomFilter

- id: order-service
uri: lb://ORDER-SERVICE
predicates:
- Path=/order-service/**
filters:
- CustomFilter

token:
secret: user_token
Share