【OAuth2】【Feign】微服务调用oauth2服务器的接口

背景
本项目是oauth2的资源服务器2,同时也是客户端
所调用接口的项目是oauth2的授权服务器,同时也是资源服务器1
依赖

...
<dependency>
	<groupId>org.springframework.cloud</groupId>
	<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
	<groupId>org.springframework.security.oauth</groupId>
	<artifactId>spring-security-oauth2</artifactId>
	<version>2.3.3.RELEASE</version>
</dependency>
...

配置

security:
  oauth2:
    # 对应 OAuth2ClientProperties 类
    #客户端认证,这里配置相当于该资源服务器同时也是一个客户端,可以这里不配置在前端配置
    client:
      client-id: test_client
      client-secret: user
    #对应 ResourceServerProperties 类
    #校验访问令牌的有效性
    resource:
      user-info-uri: http:/127.0.0.1:18890/nacos-authserver/oauth/check_token
    #自定义,获取访问令牌,用于实现/login接口
    access-token-uri: http://127.0.0.1:18890/nacos-authserver/oauth/token

启动
@EnableFeignClients

package com.example.producer;

import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.cloud.openfeign.EnableFeignClients;

@SpringBootApplication
@EnableDiscoveryClient
@MapperScan(value = "com.example.producer.mapper")
public class ProducerApplication {

	public static void main(String[] args) {
		SpringApplication.run(ProducerApplication.class, args);
	}

}

接口调用

  1. 自定义拦截,否则feign无法携带oauth2的token信息,会报错401未授权

    package com.example.producer.interceptor;
    
    import feign.RequestInterceptor;
    import feign.RequestTemplate;
    import org.springframework.stereotype.Component;
    import org.springframework.web.context.request.RequestAttributes;
    import org.springframework.web.context.request.RequestContextHolder;
    import org.springframework.web.context.request.ServletRequestAttributes;
    
    import javax.servlet.http.HttpServletRequest;
    
    /**
     * 自定义Feign请求拦截
     * 为Feign远程调用接口增加token信息
     */
    @Component
    public class OAuth2FeignRequestInterceptor implements RequestInterceptor {
        @Override
        public void apply(RequestTemplate requestTemplate) {
            RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
            HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
            String token = request.getHeader("Authorization");
            if(!token.isEmpty()){
                requestTemplate.header("Authorization",token);
            }
        }
    }
    
    
  2. 接口,注意不要忘记配置configuration = OAuth2FeignRequestInterceptor.class)

    package com.example.producer.remote;
    
    import com.example.producer.interceptor.OAuth2FeignRequestInterceptor;
    import org.springframework.cloud.openfeign.FeignClient;
    import org.springframework.web.bind.annotation.GetMapping;
    
    @FeignClient(value = "nacos-authserver",configuration = OAuth2FeignRequestInterceptor.class)
    public interface UserRemote {
        @GetMapping("/user/userinfo")
        Object getUserInfo();
    }
    
    
  3. controller

    package com.example.producer.controller;
    
    import com.example.producer.remote.UserRemote;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.web.bind.annotation.GetMapping;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RestController;
    
    @RestController
    @RequestMapping("/user")
    public class UserController {
        @Autowired
        UserRemote userRemote;
    
        @GetMapping("userinfo")
        public Object getUserInfo(){
            return userRemote.getUserInfo();
        }
    }
    

你可能感兴趣的:(微服务)