Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
465c7fd8ec
|
|||
|
6f0af690f2
|
|||
| 0fc59eef0e |
@@ -179,7 +179,8 @@ public class AuthController {
|
||||
RequestMethod.PUT, RequestMethod.DELETE,
|
||||
RequestMethod.PATCH})
|
||||
public Mono<ResponseEntity<?>> forwardAuth(
|
||||
@RequestHeader(HttpHeaders.AUTHORIZATION) String authorizationHeader,
|
||||
@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false)
|
||||
String authorizationHeader,
|
||||
@RequestHeader(HEADER_X_FORWARDED_METHOD) String originalMethod,
|
||||
@RequestHeader(HEADER_X_FORWARDED_URI) String originalUriString
|
||||
) {
|
||||
@@ -199,6 +200,9 @@ public class AuthController {
|
||||
if (shouldPassThrough(targetServiceClientId, serviceRelativePath)) {
|
||||
return Mono.just(ResponseEntity.status(HttpStatus.NO_CONTENT).build());
|
||||
}
|
||||
if (authorizationHeader == null) {
|
||||
return Mono.just(ResponseEntity.status(HttpStatus.BAD_REQUEST).build());
|
||||
}
|
||||
// no pass-through, check permission
|
||||
final var accessToken = extractBearerToken(authorizationHeader);
|
||||
if (accessToken == null) {
|
||||
|
||||
@@ -15,7 +15,8 @@ spring:
|
||||
|
||||
# Keycloak Configuration (adjust values as needed)
|
||||
keycloak:
|
||||
server-url: ${KEYCLOAK_AUTH_SERVER_URL:http://localhost:9100} # Base URL of your Keycloak instance (NO trailing slash)
|
||||
keycloak-host: ${KEYCLOAK_AUTH_SERVER_URL:http://localhost:9100} # Base URL of your Keycloak instance (NO trailing slash)
|
||||
keycloak-admin-host: ${KEYCLOAK_AUTH_ADMIN_SERVER_URL:http://localhost:9100} # Base URL of your Keycloak instance (NO trailing slash)
|
||||
realm: ${KEYCLOAK_AUTH_REALM:clevermicro-dev} # The realm name you are using
|
||||
client-id: ${KEYCLOAK_AUTH_SERVICE_CLIENT:auth-service} # Client ID created in Keycloak for this service
|
||||
client-secret: ${KEYCLOAK_AUTH_SERVICE_SECRET:UJ1sMcWciIRREfjjAGoLHUDynLT4aYdD} # Client Secret from Keycloak (use secrets management!)
|
||||
|
||||
Reference in New Issue
Block a user