Spring Cloud Zuul Doesn't Relay Access Token

Question

I am trying to use Spring Cloud Zuul as an api/authentication gateway. I have successfully implemented bearer token authorization for my service behind zuul and I successfully have Zuul forwarding to my form login and routing back to my application, but I cannot get Zuul to pass the bearer token to the service.

My Zuul configuration is as follows:

@EnableEurekaClient
@EnableZuulProxy
@SpringBootApplication
@RestController
public class Application { ... }

My service configuration is as follows:

@Profile("oauth")
@Configuration
@EnableResourceServer
@EnableWebSecurity
public static class InternalApiGatewayConfig extends ResourceServerConfigurerAdapter {

When my Angular app tries to access my service through zuul, I get

{"error":"unauthorized","error_description":"Full authentication is required to access this resource"}

I have managed to work around this issue by putting the following code in a ZuulFilter, but it doesn't seem right:

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails)authentication.getDetails();
    String tokenValue = details.getTokenValue();
    ctx.addZuulRequestHeader("Authorization", "bearer " + tokenValue);

My understanding is that Zuul should automatically send the bearer token value. What am I missing?

Answer 1

So I've figured out the answer to my own question, and it was painfully simple. My project imported spring-security-oauth2. I simply needed to add a dependency on spring-cloud-security as well. With that, I did not have to implement a ZuulFilter at all.