search

JavatoDev-com / internet-banking-concept-microservices

Internet Banking Concept Microservices
https://javatodev.com/building-microservices-with-spring-boot-free-course-with-practical-project/
MIT License
301 stars 173 forks source link

Permit all doesnt work #10

Closed juanros13 closed 2 years ago

juanros13 commented 2 years ago

When i try the code http://localhost:8090/user/api/v1/user-bank/register just send 200 ok response but un blank, others endpoints works fine

i think the problema is in SecurityConfiguration

some configuration is missing but i dont know where.

@Bean
public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
        http
                .authorizeExchange()
                //ALLOWING REGISTER API FOR DIRECT ACCESS
                .pathMatchers("/user/api/v1/user/register").permitAll()
                //ALL OTHER APIS ARE AUTHENTICATED
                .anyExchange().authenticated()
                .and()
                .csrf().disable()
                .oauth2Login()
                .and()
                .oauth2ResourceServer()
                .jwt();
    return http.build();

image

javatodev commented 2 years ago

Issue has fixed with following changes on GatewayConfiguration in api-gateway sub project


    public GlobalFilter customGlobalFilter() {
        return (exchange, chain) -> exchange.getPrincipal().map(Principal::getName).defaultIfEmpty(UNAUTHORIZED_USER_NAME).map(principal -> {
            // adds header to proxied request
            exchange.getRequest().mutate()
                    .header(HTTP_HEADER_AUTH_USER_ID, principal)
                    .build();
            return exchange;
        }).flatMap(chain::filter).then(Mono.fromRunnable(() -> {

        }));
    }```