@Configuration
public class GatewayConfig {
@Bean
public RouteLocator routes(RouteLocatorBuilder builder, JwtTokenValidationAndRouteFilter authenticationCheckAndRouteFilter, AuthServerFilter authServerFilter) {
return builder.routes()
.route("auth-routes", r -> r.path("/myapp/api/v1/auth/**")
.filters(f -> f.filter(authServerFilter)).uri("lb://auth-server"))
.route("evoke-endpoints", r -> r.path("/myapp/services/v1/request")
.filters(f -> f.filter(authenticationCheckAndRouteFilter)).uri("lb://cloud-gateway"))
.build();
}
}
@Component
@Slf4j
public class JwtTokenValidationAndRouteFilter implements GatewayFilter {
@Autowired
private ObjectMapper objectMapper;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
final List<String> apiEndpoints = Arrays.asList("/myapp/services/v1/request/**");
ServerHttpRequest request = exchange.getRequest();
Predicate<ServerHttpRequest> isApiSecured = r -> apiEndpoints.stream().noneMatch(uri -> r.getURI().getPath().contains(uri));
Claims claims = null;
String errorMessage = null;
if (isApiSecured.test(request)) {
if (!request.getHeaders().containsKey("Authorization")) {
errorMessage = "Authorization token not present in request headers, please check.";
return onError(exchange, HttpStatus.UNAUTHORIZED, errorMessage, request.getPath().pathWithinApplication().toString());
}
final String token = request.getHeaders().getOrEmpty("Authorization").get(0);
if (token == null || token.isEmpty() || !token.startsWith("Bearer ")) {
errorMessage = "Authorization token should start with Bearer, please check.";
return onError(exchange, HttpStatus.UNAUTHORIZED, errorMessage, request.getPath().pathWithinApplication().toString());
}
try {
final String jwt = token.substring(7);
JwtUtils.isTokenValid(jwt);
claims = JwtUtils.extractAllClaims(jwt);
} catch (ExpiredJwtException e) {
log.error("ExpiredJwtException occurred.. please check..");
errorMessage = e.getLocalizedMessage();
} catch (MalformedJwtException e) {
log.error("MalformedJwtException occurred.. please check..");
errorMessage = e.getLocalizedMessage();
} catch (Exception e) {
errorMessage = e.getLocalizedMessage();
log.error("Unknown Exception occurred while validating the token..", e);
}
if (errorMessage != null && !errorMessage.isEmpty()) {
return onError(exchange, HttpStatus.UNAUTHORIZED, errorMessage, request.getPath().pathWithinApplication().toString());
}
exchange.getRequest().mutate().header("id", String.valueOf(claims.get("id"))).build();
}
return chain.filter(exchange);
}
@RestController
@RequestMapping({"/services/v1/request"})
public class EvokeController {
@PostMapping(value = "/handle-evoke-request", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> processRequest(@RequestBody String request) {
return ResponseEntity.ok(request);
}
@GetMapping(value = "/health", consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> checkHealth() {
return null;
}
如果我调用 http://localhost:8080/myapp/services/v1/request,它不会执行我的过滤器“JwtTokenValidationAndRouteFilter”。它直接调用端点并给出响应。
所有这些课程都出现在同一个项目中。
我的应用程序应该首先执行过滤器,然后它必须调用控制器。
尝试了多种方法,但找不到任何东西。