token relay

[imaxkhan]

hi im using ur sample but requestInterceptor not being called to relay token

[mraible]

This is a really old example. It uses JHipster 5.4.2, whereas 7.9.3 is the latest version. I recently created an example that uses JHipster 8 with Spring Boot 3. While JHipster 8 is not released yet, I used the main branch, which will eventually become JHipster 8.

https://github.com/oktadev/auth0-java-microservices-examples/blob/main/reactive-jhipster/demo.adoc

[imaxkhan]

i cant move to new jhipster already. but did u have same problem? token is in my session and i have access to it but when i add it manually not working again..but i believe this interceptor should work..its two weeks im working on it

[mraible]

I'm not sure I understand your issue. Can you please provide the steps to reproduce your problem using this example?

I didn't experience any issues when I created this example 5 years ago.

[imaxkhan]

yes right now im connecting ur gateway to spring authorization server. i added one route to gateway such as /product now after successful login i wanna call product service with gateway . now i can see that access token is present in defaultOauth2Context... but TokenRelayRequestInterceptor class never being called to relay the token to product service.. so i face 401 unauthorized from product service which expect bearer access token from gateway

[imaxkhan]

also @Bean public FilterRegistrationBean saveLoginOriginFilter() { OncePerRequestFilter filter = new OncePerRequestFilter() { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { if (request.getRemoteUser() == null && request.getRequestURI().endsWith("/login")) { String referrer = request.getHeader("referer"); if (!StringUtils.isBlank(referrer) && request.getSession().getAttribute(SAVED_LOGIN_ORIGIN_URI) == null) { log.debug("Saving login origin URI: {}", referrer); request.getSession().setAttribute(SAVED_LOGIN_ORIGIN_URI, referrer); } } MutableHttpServletRequest mutableHttpServletRequest=new MutableHttpServletRequest(request); if (request.getSession() != null && Objects.nonNull(request.getSession().getAttribute("scopedTarget.oauth2ClientContext"))) { DefaultOAuth2ClientContext defaultOAuth2ClientContext = (DefaultOAuth2ClientContext) request.getSession().getAttribute("scopedTarget.oauth2ClientContext"); if (Objects.nonNull(defaultOAuth2ClientContext.getAccessToken())) { OAuth2AccessToken accessToken = defaultOAuth2ClientContext.getAccessToken(); String accessTokenValue = accessToken.getValue(); response.setHeader("Authorization", "Bearer " + accessTokenValue); mutableHttpServletRequest.putHeader("Authorization", "Bearer " + accessTokenValue); mutableHttpServletRequest.putHeader("xyzzzz","iman"); } } filterChain.doFilter(mutableHttpServletRequest, response); } }; FilterRegistrationBean bean = new FilterRegistrationBean<>(filter); bean.setOrder(Ordered.HIGHEST_PRECEDENCE); return bean; }

not working

[mraible]

When you say Spring Authorization Server, are you saying this project? If so, I find it strange that you can use a new thing like Spring Authorization Server, but are stuck on an old version of JHipster.

Since you're not using this example with Okta, I'd recommend posting your question on Stack Overflow. That way, more people will see it, including Spring Authorization Server experts.

[imaxkhan]

well its federated authorization server which is connected to azure b2c and we have one front-end which is written by jhipster gateway... by the way yes u are right tnx for ur time...

[mraible]

You're welcome. I'll close this issue now.