我使用 FeignClient 进行 Rest API 调用,这是用例,如下所述。
我有 2 个不同的服务,它们通过基本身份验证进行授权,并且具有不同的身份验证。
Service-1(SpringBoot微服务)使用以下配置运行
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {
@Autowired
private BasicAuthenticationPoint basicAuthenticationPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
.anyRequest().authenticated();
http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("XYZ").password("PQR").roles("USER");
}
}
Service-2(SpringBoot微服务)使用以下配置运行
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
@EnableWebSecurity
public class ApplicationConfig extends WebSecurityConfigurerAdapter {
@Autowired
private BasicAuthenticationPoint basicAuthenticationPoint;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests().antMatchers("/", "/api/**").permitAll()
.anyRequest().authenticated();
http.httpBasic().authenticationEntryPoint(basicAuthenticationPoint);
}
@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("abc").password("123").roles("USER");
}
}
从第三个微服务中,我尝试将每个微服务与以下代码库连接,
FeignClientConfiguration1
import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import javax.servlet.ServletRequestListener;
@Configuration
public class FeignClientConfiguration1 {
@Autowired
private Environment env;
@Bean
public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
System.out.println("Config-1");
return new BasicAuthRequestInterceptor("XYZ", "PQR");
}
@Bean
public RequestInterceptor bearerTokenRequestInterceptor() {
return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
}
@Bean
Logger.Level feignLoggerLevel() {
return Logger.Level.FULL;
}
}
FeignClientConfiguration2
import feign.Logger;
import feign.RequestInterceptor;
import feign.RequestTemplate;
import feign.auth.BasicAuthRequestInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import javax.servlet.ServletRequestListener;
@Configuration
public class FeignClientConfiguration2 {
@Autowired
private Environment env;
@Bean
public BasicAuthRequestInterceptor basicAuthRequestInterceptor() {
System.out.println("Config-2");
return new BasicAuthRequestInterceptor("abc", "123");
}
@Bean
public RequestInterceptor bearerTokenRequestInterceptor() {
return (RequestTemplate template) -> template.header(HttpHeaders.ACCEPT, String.format(MediaType.APPLICATION_JSON_VALUE));
}
}
我的 Feign 客户如下
FeignClient1
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import com.config.FeignClientConfiguration1;
@FeignClient( url = "http://localhost:8081", name = "FeignClient1", configuration = FeignClientConfiguration1.class)
public interface FeignClient1 {
@GetMapping("/api/hello/{name}")
ResponseEntity<Object> greetingMessage(@PathVariable String name);
}
FeignClient1
import org.springframework.cloud.openfeign.FeignClient;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import com.config.FeignClientConfiguration1;
@FeignClient( url = "http://localhost:8082", name = "FeignClient2", configuration = FeignClientConfiguration2.class)
public interface FeignClient2 {
@GetMapping("/api/hello/{name}")
ResponseEntity<Object> greetingMessage(@PathVariable String name);
}
在从我的 Controller 调用任何方法期间,即
@RestController
@RequestMapping(TEST_SERVICE_CONTROLLER_URL)
public class UtilityTestController {
@Autowired
private FeignClient1 client1;
@Autowired
private FeignClient2 client2;
@GetMapping(value = "/check1", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> test() {
return new ResponseEntity<>(client1.greetingMessage("TestV1"), null, HttpStatus.OK);
}
@GetMapping(value = "/check2", produces = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity<?> test2() {
return new ResponseEntity<>(client2.greetingMessage("TestV2"), null, HttpStatus.OK);
}
}
我的记录器是
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] ---> GET http://localhost:8081/api/hello/TestV1 HTTP/1.1
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Accept: application/json
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmEyOmNoYW5kYW5hMg==
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] Authorization: Basic Y2hhbmRhbmE6Y2hhbmRhbmE=
2022-01-05 23:06:09.961 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] ---> END HTTP (0-byte body)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] <--- HTTP/1.1 200 (12ms)
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] cache-control: no-cache, no-store, max-age=0, must-revalidate
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] content-type: application/json;charset=UTF-8
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] date: Wed, 05 Jan 2022 17:36:09 GMT
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] expires: 0
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] pragma: no-cache
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] set-cookie: JSESSIONID=2E037D8263A9DAC3D1F8E3957A3C4C54; Path=/; HttpOnly
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] transfer-encoding: chunked
2022-01-05 23:06:09.974 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-content-type-options: nosniff
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-frame-options: DENY
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] x-xss-protection: 1; mode=block
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage]
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] {"player":"TestV1","message":"Hello V2TestV1"}
2022-01-05 23:06:09.975 DEBUG 19552 --- [nio-8080-exec-3] c.m.e.o.test.gateways.FeignClient1 : [FeignClient1#greetingMessage] <--- END HTTP (46-byte body)
在这两种情况下,日志中都会记录两次授权部分。所以,在这里我有点困惑它是否拾取了正确的拦截器。
我的困惑是
- 为什么它在记录器中显示两次,它是否通过不同配置的每个拦截器?
- 这可以让不相关的拦截器静音吗?
- Feign 客户端是否会遍历每个配置类中注册的所有拦截器?
注意:虽然我得到了有效的响应,但这意味着它正在通过正确配置的 BasicAuth 破解。每种方法。
最佳答案
由于您使用 @Configuration 注释标记 FeignClientConfiguration1 和 FeignClientConfiguration2 类,因此 Spring 将“全局”拾取它们context 本质上意味着那些与 Feign 相关的 beans 将应用于所有 Feign 客户端。
我看到您在 @FeignClient 注释上指定了 configuration 属性,但这不会“撤消”全局配置。
解决方法是从 FeignClientConfiguration1 和 FeignClientConfiguration2 中删除 @Configuration 注解并使用 @FeignClient 仅配置属性。
关于spring-boot - FeignClient 日志打印两个已配置的拦截器调用,这会混淆运行时识别哪个拦截器是实际的,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/70597310/