I've spring boot applications secured by oAuth2, I am able to access applications from spring boot admin only when actuator endpoints are not secured. I've checked the security samples on github even there /health endpoint was not secured. Is there any way to access, spring boot applications with actuator endpoints secured by oAuth2, from spring boot admin.
Based on WIPU answer I've created simple update
public class BearerAuthHeaderProvider implements HttpHeadersProvider {
private final OAuth2RestTemplate template;
public BearerAuthHeaderProvider(OAuth2RestTemplate template) {
this.template = template;
}
public HttpHeaders getHeaders(Instance ignored) {
HttpHeaders headers = new HttpHeaders();
headers.set("Authorization", template.getAccessToken().getTokenType() + " " + template.getAccessToken().getValue());
return headers;
}
}
and
@Configuration
public class AdminServerConfiguration extends AdminServerAutoConfiguration {
public AdminServerConfiguration(AdminServerProperties adminServerProperties) {
super(adminServerProperties);
}
@Bean
public OAuth2ProtectedResourceDetails clientCredentialsResourceDetails() {
ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
//set you details here: id, clientid, secret, tokenendpoint
details.setClientId("actuator");
details.setClientSecret("actuator_password");
details.setAccessTokenUri("http://localhost:8081/auth-server/oauth/token");
details.setGrantType("client_credentials");
return details;
}
@Bean
@Order(0)
@ConditionalOnMissingBean
public BearerAuthHeaderProvider bearerAuthHeaderProvider(){
// couldn't inject differently restTemplate
OAuth2ProtectedResourceDetails resourceDetails = this.clientCredentialsResourceDetails();
OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(resourceDetails);
return new BearerAuthHeaderProvider(oAuth2RestTemplate);
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With