my authenticationfilter < /p>
Код: Выделить всё
@Component("Authenticate")
@Slf4j
public class AuthenticationFilter extends AbstractGatewayFilterFactory{
private static final Logger logger = LoggerFactory.getLogger(AuthenticationFilter.class);
@Autowired
private RouteValidator routeValidator;
@Autowired
private JwtUtil jwtUtil;
private final Auth_Manager_Service authManagerFeignClient;
public AuthenticationFilter(@Lazy Auth_Manager_Service authManagerFeignClient) {
super(Config.class);
this.authManagerFeignClient = authManagerFeignClient;
}
@PostConstruct
public void init() {
logger.info("!!!!!!!!!!!!!!!!!!!!AuthenticationFilter initialized and registered!!!!!!!!!!!!!!!!!!!!");
}
public static class Config {}
@Override
public GatewayFilter apply(Config config) {
return ((exchange, chain)->{
logger.debug("\nEnter Authentication Filter");
ServerHttpRequest httpRequest = null;
logger.debug("\n--- Authentication Filter Debug Information ---");
logger.debug("Request URL: {}", exchange.getRequest().getURI());
logger.debug("Request Headers: {}", exchange.getRequest().getHeaders());
logger.info("Processing request: {} {}", exchange.getRequest().getMethod(),exchange.getRequest().getURI().getPath());
logger.debug("\n{}",routeValidator.isSecured.test(exchange.getRequest()));
if (routeValidator.isSecured.test(exchange.getRequest())) {
//header contains token or not
if (!exchange.getRequest().getHeaders().containsKey(HttpHeaders.AUTHORIZATION)) {
logger.error("Missing or invalid authorization header");
throw new RuntimeException("Missing authorization header");
}
String authHeader = exchange.getRequest().getHeaders().get(HttpHeaders.AUTHORIZATION).get(0); //it's a token
System.out.println("Token: "+authHeader);
logger.error("Token: {}",authHeader);
if (authHeader != null && authHeader.startsWith("Bearer ")) {
authHeader = authHeader.substring(7);
}
try {
System.out.println("Checking if it even reach here?");
jwtUtil.validateToken(authHeader);
logger.debug("Auth Header: {}", authHeader);
System.out.println("authHeader: "+authHeader);
String username = jwtUtil.extractUsername(authHeader);
System.out.println("username: "+username);
List roles = authManagerFeignClient.getRolesByUsername(username);
System.out.println("roles: "+roles);
String rolesAsString = String.join(",", roles);
System.out.println("roles: "+rolesAsString);
logger.debug("Authenticated User: {}", username);
logger.debug("User Roles: {}", rolesAsString);
httpRequest = exchange.getRequest().mutate()
.header("loggedInUser", jwtUtil.extractUsername(authHeader))
.header("loggedInUserRoles", rolesAsString) // Only for now as we are taking roles as single value and not as list
.build();
logger.debug("Header Info: {}", httpRequest);
} catch (ExpiredJwtException e) {
logger.error("JWT token has expired", e);
throw new RuntimeException("JWT token has expired", e);
} catch (MalformedJwtException e) {
logger.error("JWT token is malformed", e);
throw new RuntimeException("JWT token is malformed", e);
} catch (SignatureException e) {
logger.error("JWT signature is invalid", e);
throw new RuntimeException("JWT signature is invalid", e);
} catch (Exception e) {
logger.error("Invalid access: Unauthorized access to application", e);
System.out.println("Invalid access...!");
throw new RuntimeException("!!Unauthorized access to application!!");
}
}
logger.debug("---------------------------\n");
return chain.filter(exchange.mutate().request(httpRequest).build());
});
}
}
< /code>
my gatewayconfig < /p>
@Bean
public WebClient.Builder webClientBuilder() {
return WebClient.builder();
}
@Bean
public RouteLocator customRouteLocator(RouteLocatorBuilder builder, AuthenticationFilter authFilter) {
return builder.routes()
.route("Gateway", r -> r
.path("/api/gateway/v1/user-info") // The specific path to route
.filters(f -> f.filter(authFilter.apply(new AuthenticationFilter.Config())))
.uri("http://localhost:8084"))
.build();
}
< /code>
myroutevalidator < /p>
@Component
public class RouteValidator {
private static final Logger logger = LoggerFactory.getLogger(RouteValidator.class);
public static final List openApiEndpoints = List.of(
"/api/auth/v1/register",
"/api/auth/v1/token",
"/eureka",
"/api-docs"
);
public Predicate isSecured = request -> {
String currentPath = request.getURI().getPath();
logger.info("Checking security for path: {}", currentPath);
boolean isOpen = openApiEndpoints.stream()
.anyMatch(uri -> currentPath.contains(uri));
logger.info("Path {} is {}secured", currentPath, isOpen ? "not " : "");
return !isOpen;
};
}
Подробнее здесь: https://stackoverflow.com/questions/792 ... ing-called
