为什么在 Java Spring Boot 中调用我的微服务会返回 403 Forbidden?
问题描述 投票:0回答:1
我正在将
SpringBootEurekamicroserviceeureka serverspringcloud apigateway在我的
users microservice's controller@RestController
@RequestMapping("/users")
public class UsersController {
@Autowired
private Environment env;
@Autowired
UsersService usersService;
@GetMapping("/status/check")
public String status(){
System.out.println("hereeeeeeeeeee");
return "Working "+env.getProperty("local.server.port");
}
@PostMapping
public ResponseEntity<CreateUserResponseModel> createUser(@Valid @RequestBody CreateUserRequestModel userDetails) {
ModelMapper modelMapper = new ModelMapper();
modelMapper.getConfiguration().setMatchingStrategy(MatchingStrategies.STRICT);
UserDto userDto = modelMapper.map(userDetails, UserDto.class);
UserDto createdUser = usersService.createUser(userDto);
CreateUserResponseModel body = modelMapper.map(createdUser, CreateUserResponseModel.class);
return ResponseEntity.status(HttpStatus.CREATED).body(body);
}
}
现在 Get api 端点返回 403 Forbidden ,post 端点工作正常
以下是错误截图
我在
AuthorizationHeaderFilterapigatewayjwtJWT@Component
public class AuthorizationHeaderFilter extends AbstractGatewayFilterFactory<AuthorizationHeaderFilter.Config>{
@Autowired
private Environment environment;
public AuthorizationHeaderFilter(){
super(Config.class);
}
public static class Config{
}
@Override
public GatewayFilter apply(Config config) {
return (exchange,chain)->{
ServerHttpRequest request = exchange.getRequest();
if(!request.getHeaders().containsKey(HttpHeaders.AUTHORIZATION)){
return onError(exchange,"No authorization header",HttpStatus.UNAUTHORIZED);
}
String authorizationHeader = request.getHeaders().get(HttpHeaders.AUTHORIZATION).get(0);
String jwt = authorizationHeader.replace("Bearer ", ""); //Make sure you add space
if(!isJwtValid(jwt)){
return onError(exchange, "Jwt token is invalid",HttpStatus.UNAUTHORIZED);
}
return chain.filter(exchange);
};
}
private Mono<Void> onError(ServerWebExchange exchange,String err,HttpStatus httpStatus){
ServerHttpResponse response = exchange.getResponse();
response.setStatusCode(httpStatus);
return response.setComplete();
}
private boolean isJwtValid(String jwt){
System.out.println("1");
boolean isValid = false;
String subject = null;
String tokenSecret = environment.getProperty("token.secret");
System.out.println("2 "+tokenSecret);
SecretKey secretKey = Keys.hmacShaKeyFor(tokenSecret.getBytes());
JwtParser jwtParser = Jwts.parser().verifyWith(secretKey).build();
try{
// Jwt<Header,Claims> parsedToken = jwtParser.parse(jwt);
subject = jwtParser.parseSignedClaims(jwt).getPayload().get("userId").toString();
System.out.println("3 "+subject);
} catch(Exception ex){
isValid = false;
System.out.println("4 "+ex.getLocalizedMessage());
}
if(subject == null || subject.isEmpty()){
isValid = false;
} else {
isValid = true;
}
System.out.println("5 ");
return isValid;
}
}
这是我的
application.properties的
apigateway
spring.application.name=api-gateway
server.port=8082
eureka.client.service-url.defaultZone=http://localhost:8010/eureka
spring.cloud.gateway.routes[0].id=users-status-check
spring.cloud.gateway.routes[0].uri=lb://users-ws
spring.cloud.gateway.routes[0].predicates[0]=Path=/users-ws/users/status/check
spring.cloud.gateway.routes[0].predicates[1]=Method=GET
spring.cloud.gateway.routes[0].predicates[2]=Header=Authorization, Bearer (.*)
spring.cloud.gateway.routes[0].filters[0]=RemoveRequestHeader=Cookie
spring.cloud.gateway.routes[0].filters[1]=RewritePath=/users-ws/(?<segment>.*), /$\{segment}
spring.cloud.gateway.routes[0].filters[2]=AuthorizationHeaderFilter
spring.cloud.gateway.routes[1].id=users-ws
spring.cloud.gateway.routes[1].uri=lb://users-ws
spring.cloud.gateway.routes[1].predicates[0]=Path=/users-ws/users
spring.cloud.gateway.routes[1].predicates[1]=Method=POST
spring.cloud.gateway.routes[1].filters[0]=RemoveRequestHeader=Cookie
spring.cloud.gateway.routes[1].filters[1]=RewritePath=/users-ws/(?<segment>.*), /$\{segment}
spring.cloud.gateway.routes[2].id=users-ws-h2-console
spring.cloud.gateway.routes[2].uri=lb://users-ws
spring.cloud.gateway.routes[2].predicates[0]=Path=/users-ws/h2-console
spring.cloud.gateway.routes[2].predicates[1]=Method=GET
spring.cloud.gateway.routes[2].filters[0]=RemoveRequestHeader=Cookie
spring.cloud.gateway.routes[2].filters[1]=RewritePath=/users-ws/(?<segment>.*), /$\{segment}
spring.cloud.gateway.routes[3].id=users-ws-login
spring.cloud.gateway.routes[3].uri=lb://users-ws
spring.cloud.gateway.routes[3].predicates[0]=Path=/users-ws/users/login
spring.cloud.gateway.routes[3].predicates[1]=Method=POST
spring.cloud.gateway.routes[3].filters[0]=RemoveRequestHeader=Cookie
spring.cloud.gateway.routes[3].filters[1]=RewritePath=/users-ws/(?<segment>.*), /$\{segment}
spring.cloud.gateway.routes[4].id=users-ws-get-update-delete
spring.cloud.gateway.routes[4].uri=lb://users-ws
spring.cloud.gateway.routes[4].predicates[0]=Path=/users-ws/users/**
spring.cloud.gateway.routes[4].predicates[1]=Method=GET,PUT,DELETE
spring.cloud.gateway.routes[4].predicates[2]=Header=Authorization, Bearer (.*)
spring.cloud.gateway.routes[4].filters[0]=RemoveRequestHeader=Cookie
spring.cloud.gateway.routes[4].filters[1]=AuthorizationHeaderFilter
spring.cloud.gateway.routes[4].filters[2]=RewritePath=/users-ws/(?<segment>.*), /$\{segment}
token.secret=1aBcD3eF4gH5iJ6kL7mN8oP9qRsTuVwXyZ0A1bCdEfG2hI3jK4lM5nO6pQ7rStU8vW9xYz
1个回答
0
投票
投票
使用@ResponseBody注释控制器中的方法。
@GetMapping("/status/check")
@ResponseBody
public String status()
{
System.out.println("hereeeeeeeeeee");
return "Working "+env.getProperty("local.server.port");
}
最新问题
- nginx docker compose 未启动并运行
- 如何使用电容器最小化离子中的应用程序
- 如何选择除特定元素内的元素之外的所有输入元素
- 嵌套的Python类可以从其封闭类继承吗
- “acks”配置是否适用于 KafkaProducer 客户端的“sender”线程?
- 我们需要一个`offload_dir`来根据这个`device_map`来调度这个模型
- Android Studio:以编程方式添加 XML 表行
- Spring MVC 安全性在允许的 URL 上给出 403
- 如何返回二维数组中包含偶数的数组?
- 将 USB 设备中的所有文件复制到 Raspberry Pi
- 找到最长的回文子串
- Vue 路由器不反映路由,停留在主页上
- 背景图像上的JS css样式不会改变并显示相同的渐变颜色,而它应该在两个渐变之间交替
- 使用 Spark/Python Glue 作业将数据提取到 hudi 表时出现无法解释的 s3 速度下降
- 我必须编写 SQL 查询来迭代日期,直到日期大于 sysdate
- 文件大小超过配置的限制(2560000),代码洞察功能不可用
- Nan 到数组求和
- Pip 安装 Django Windows 10
- Marshmallow-sqlalchemy AttributeError:“DummySession”对象在 schema.load() 上没有属性“get”
- “WSO2 API Manager”与“WSO2 数据分析服务器”和“WSO2 应用服务器”到底有什么区别?
© www.soinside.com 2019 - 2024. All rights reserved.