I have a microservice that is protected using oAuth2 called country-service. When I directly send a request to this service including my JWT bearer token everything works:
server:
port: 8081
spring:
database:
driverClassName: org.postgresql.Driver
datasource:
url: jdbc:postgresql://localhost:5432/vue-boot-country
username: postgres
password: postgres
jpa:
hibernate:
ddl-auto: validate
database-platform: org.hibernate.dialect.PostgreSQLDialect
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
I also have an api-gateway (Zuul proxy):
@SpringBootApplication
@EnableEurekaClient
@EnableZuulProxy
public class VueBootApiGatewayApplication {
public static void main(String[] args) {
SpringApplication.run(VueBootApiGatewayApplication.class, args);
}
}
No other files than these two
server:
port: 8765
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8761/eureka/
zuul:
routes:
vue-boot-country-service: /api/country/**
add-proxy-headers: true
I am unable to send successful request to the proxy, I keep getting an "Unauthorized" error:
NOTE: When I remove the oAuth2 security from the resource server the Zuul proxy seems to work.
Does someone know what I am doing wrong here?
This has to do with zuuls so called "sensitive" headers, like "Authorization". These are filtered for all request passed to the inside...
I don't know, if setting up headers is already working just with this configuration:
zuul:
ignoredHeaders:
- authorization
if not, you can define a Zuul filter bean to manage this manually:
@Component
public class RelayTokenFilter extends ZuulFilter{
@Override
public String filterType() {
return "pre";
}
@Override
public int filterOrder() {
return 10000;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public Object run() {
RequestContext context = RequestContext.getCurrentContext();
@SuppressWarnings("unchecked") Set<String> ignoredHeaders = (Set<String>) context.get("ignoredHeaders");
ignoredHeaders.remove("authorization");
return null;
}
}
I had the same sort of problem. where the token doesn't pass to the microservice through Zuul. So I added
zuul:
sensitiveHeaders: Cookie,Set-Cookie
hope it may found useful to someone
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With