add: web client to gateway to verify token

andrecastrosousa · Sep 27, 2023 · e6fcb01 · e6fcb01
1 parent 3f3527c
commit e6fcb01
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 3 deletions.
diff --git a/gateway-service/pom.xml b/gateway-service/pom.xml
@@ -48,6 +48,10 @@
             <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
             <version>4.0.3</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webflux</artifactId>
+        </dependency>
     </dependencies>
     <dependencyManagement>
         <dependencies>

diff --git a/...service/src/main/java/academy/mindswap/gatewayservice/config/JwtAuthenticationFilter.java b/...service/src/main/java/academy/mindswap/gatewayservice/config/JwtAuthenticationFilter.java
@@ -4,9 +4,12 @@
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.http.HttpStatus;
+import org.springframework.http.HttpStatusCode;
 import org.springframework.http.server.reactive.ServerHttpResponse;
 import org.springframework.http.server.reactive.ServerHttpRequest;
 import org.springframework.stereotype.Component;
+import org.springframework.web.reactive.function.client.WebClient;
+import org.springframework.web.reactive.function.client.WebClient.ResponseSpec;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;
 
@@ -15,8 +18,14 @@
 
 @Component
 public class JwtAuthenticationFilter implements GatewayFilter {
+    private final JwtService jwtService;
+    private final WebClient webClient;
+
     @Autowired
-    private JwtService jwtService;
+    JwtAuthenticationFilter(JwtService jwtService, WebClient webClient) {
+        this.jwtService = jwtService;
+        this.webClient = webClient;
+    }
 
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
@@ -42,8 +51,19 @@ public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
                 return response.setComplete();
             }
 
-                // Claims claims = jwtService.extractClaim(token);
-                // exchange.getRequest().mutate().header("id", String.valueOf(claims.get("id"))).build();
+            return webClient.get()
+                    .uri("/token")
+                    .header("Authorization", jwt)
+                    .exchangeToMono(responseHandler -> {
+                        if(!responseHandler.statusCode().is2xxSuccessful()) {
+                            ServerHttpResponse response = exchange.getResponse();
+                            response.setStatusCode(HttpStatus.FORBIDDEN);
+
+                            return response.setComplete();
+                        }
+
+                        return chain.filter(exchange);
+                    });
         }
 
         return chain.filter(exchange);

diff --git a/gateway-service/src/main/java/academy/mindswap/gatewayservice/config/WebClientConfig.java b/gateway-service/src/main/java/academy/mindswap/gatewayservice/config/WebClientConfig.java
@@ -0,0 +1,14 @@
+package academy.mindswap.gatewayservice.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.reactive.function.client.WebClient;
+
+@Configuration
+public class WebClientConfig {
+
+    @Bean
+    public WebClient webClient() {
+        return WebClient.create("lb://auth-service");
+    }
+}