【OAuth2】【Feign】微服务调用oauth2服务器的接口

背景
本项目是oauth2的资源服务器2，同时也是客户端
所调用接口的项目是oauth2的授权服务器，同时也是资源服务器1
依赖

...
<dependency>
	<groupId>org.springframework.cloud</groupId>
	<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
	<groupId>org.springframework.boot</groupId>
	<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
	<groupId>org.springframework.security.oauth</groupId>
	<artifactId>spring-security-oauth2</artifactId>
	<version>2.3.3.RELEASE</version>
</dependency>
...

配置

security:
  oauth2:
    # 对应 OAuth2ClientProperties 类
    #客户端认证，这里配置相当于该资源服务器同时也是一个客户端，可以这里不配置在前端配置
    client:
      client-id: test_client
      client-secret: user
    #对应 ResourceServerProperties 类
    #校验访问令牌的有效性
    resource:
      user-info-uri: http:/127.0.0.1:18890/nacos-authserver/oauth/check_token
    #自定义，获取访问令牌，用于实现/login接口
    access-token-uri: http://127.0.0.1:18890/nacos-authserver/oauth/token

启动
@EnableFeignClients

package com.example.producer;

import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.cloud.openfeign.EnableFeignClients;

@SpringBootApplication
@EnableDiscoveryClient
@MapperScan(value = "com.example.producer.mapper")
public class ProducerApplication {

	public static void main(String[] args) {
		SpringApplication.run(ProducerApplication.class, args);
	}

}

接口调用

1. 自定义拦截，否则feign无法携带oauth2的token信息，会报错401未授权

   package com.example.producer.interceptor;
   
   import feign.RequestInterceptor;
   import feign.RequestTemplate;
   import org.springframework.stereotype.Component;
   import org.springframework.web.context.request.RequestAttributes;
   import org.springframework.web.context.request.RequestContextHolder;
   import org.springframework.web.context.request.ServletRequestAttributes;
   
   import javax.servlet.http.HttpServletRequest;
   
   /**
    * 自定义Feign请求拦截
    * 为Feign远程调用接口增加token信息
    */
   @Component
   public class OAuth2FeignRequestInterceptor implements RequestInterceptor {
       @Override
       public void apply(RequestTemplate requestTemplate) {
           RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
           HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
           String token = request.getHeader("Authorization");
           if(!token.isEmpty()){
               requestTemplate.header("Authorization",token);
           }
       }
   }
   
   

2. 接口，注意不要忘记配置configuration = OAuth2FeignRequestInterceptor.class)

   package com.example.producer.remote;
   
   import com.example.producer.interceptor.OAuth2FeignRequestInterceptor;
   import org.springframework.cloud.openfeign.FeignClient;
   import org.springframework.web.bind.annotation.GetMapping;
   
   @FeignClient(value = "nacos-authserver",configuration = OAuth2FeignRequestInterceptor.class)
   public interface UserRemote {
       @GetMapping("/user/userinfo")
       Object getUserInfo();
   }
   
   

3. controller

   package com.example.producer.controller;
   
   import com.example.producer.remote.UserRemote;
   import org.springframework.beans.factory.annotation.Autowired;
   import org.springframework.web.bind.annotation.GetMapping;
   import org.springframework.web.bind.annotation.RequestMapping;
   import org.springframework.web.bind.annotation.RestController;
   
   @RestController
   @RequestMapping("/user")
   public class UserController {
       @Autowired
       UserRemote userRemote;
   
       @GetMapping("userinfo")
       public Object getUserInfo(){
           return userRemote.getUserInfo();
       }
   }