Spring Cloud API Gateway | JWT Security | Pass UserDetails to Microservices | JavaTechie

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi everyone welcome to Java techie in this tutorial we'll understand how can we pass logged in user details from API Gateway to other microservices in Spring Security workflow okay all right before I start this tutorial I am assuming that you guys have gone through my microservice JWT security video I was talking about this particular video here I have clearly explained how to implement JWT Security in microservice architecture with real-time example so if you didn't get a chance to look then I would strongly suggest you to check that video first then come back to this tutorial okay so without any further delay let's get started [Music] foreign [Music] so before we start implementing the code let's have a quick recap of what we have done in that microservice security workflow so if you remember we have created two different microservices Sugi services and restaurant Services then we register these two micro services in Eureka service registry fine then we have added APA gateway to route the request to corresponding microservices this is typical micro Services flow isn't it next we have implemented JWT Security in API Gateway so when any request coming to the gateway then we do call to the identity service to authenticate that user if it is a valid user then route that request to the microservices otherwise simply reject that request this is what we have implemented before but I have a question here for you since all the request intercepted and authenticated by Gateway then how can other microservices will know the user information because we are not writing single line of security logic in our microservices code for example let's say John is a activity who sent the request to sugiyap or Sugi service using APA gateway then how can my Sugi app know that John is the user who is accessing my application similarly let's say John is trying to access restaurant service then how restaurant service will know that John is the user who is trying to access my application this is very simple and this is one of the common asked interview question okay I will help you to understand how you can pass the information from APA gateway to microservices so let's quickly jump to the code and we'll demonstrate further so if I'll go to the IntelliJ IDEA you can see we have created couple of projects to design the microservice architecture we have created sugiyap restaurant Services these are my two micro Services then we have created identity service where we manage all the security related stuff then we have created a Gateway and service registry okay I am not going to repeat it again because already I explained in this particular video so I'll share the link for your reference in video description okay now fine now if you understand this particular workflow correctly who is the guy who is intercepting all the request APA Gateway right now if you go to the API Gateway code let me jump to the API Gateway and if You observe in the API Gateway we have created one filter to intercept that request then in filter we have write the logic to authenticate that token using the JWT util okay once this authentication is successful then we are returning it back so this is the guy who is doing the job and sending further request to the micro services so can't we asked to this Filter Hey when you are redirecting your request to the corresponding microservices can you please include few information as part of your header so that it will be available to other microservices so in our case we will ask this authentication filter or will ask this API Gateway please include few information while forwarding request to or while routing the request to other micro Services now how I can tell to the API Gateway very simple step okay so what we can do I'll just write it down I need to pass that information as part of header so simply I can use the exchange object let me Zoom this for you so if You observe we have this argument right exchange so just use that exchange Dot get the request okay then muted it okay next add the header what you want to add it's up to you what header you want to add or how many field you want to send to the micro Services it is up to you requirement for now let's say I just want to send logged in username okay or logged in user that's it okay now this is the key I want to send as part of the request and I need to map the value now from where I will get the value if you understand this workflow in this filter we are getting the token okay which is our JWT token so this token contains signature payload and header right so let me show you that if you will go to the JWT dot IO you can find each JWT token contains three field right header payload and verified signature you can consider these are the three section as part of your token but this payload section contains all the information right here you can add username rule um current timestamp whatever you want to add you can add as part of your payload while generating the token so from this token if I will extract the payload data which is name which is username I am good right if I will extract the name from The Token then I can happily pass as part of this header value but to extract the token we need the help of JWT utils so if you remember while explain the JWT I have covered couple of inbuilt method okay so here you need to write a method to extract the username from token so I can add it down now I need to import the statement or looks good right now if You observe here I have a method here extract username from the token give the token will get the username that's what you want to pass as part of our header right so just go to the filter and here I can call jwtu Till please extract the username from the token which user will pass okay we named it all thread.line you can rename it to the token fine now once you have created the request then just build it this will be of type HTTP server request so let's see yeah server HTTP request I will just give something like user info or simply I'll name it to the request fine now once you build the request next you need to pass this request to the filter so what I'll do I will define it I mean if I'll Define it inside try then I cannot access outside right so what I will do I will just Define it here or I'll just anyway I'm just initializing it here right so you can remove these now you have the request with you you just need to tell to the filter take that request and build it so I can simply type here exchange Dot muted then take the request to what I am sending to you which is nothing our server HTTP request just build it that's it right why this is crying okay initialize it fine so we build the request as part of the header whatever the information we need we are just passing here and then we are building to the filter I mean we are just giving request object to the filter that's it now any request coming to the filter will authenticate and will add the appropriate header whatever we will write in your code and will send the request now once the request will release from the filter immediately it will goes to your micro Services right now in the micro Services let's say this is the sugiyap or Sugi microservices right so here I want to face that header so what I can do I'll name it string I'll keep the same name in any name you can provide but let's keep the same name logged in user or you can Define username it is up to you let's say username okay and I can Define here from the request get the header so annotation request header and Define the key what you are expecting from the header fine now to just show that I'll just print here is out let's say logged in user details I mean username okay so you can Define username so rather than sending only string username if you want you can pass the token from the filter I mean here if you go to the Gateway rather than extract the username here you can pass the entire token itself okay what is that author right you can pass the header and then in that case you need to write the logic in your microservices to extract the token right but why I will write in each and every micro Services why not I will just write the code in a single place so that is the reason I have choose to write it here otherwise you need to add this JWT implementation or dependence in your other microservices wherever you want to extract the name or any other field okay so that is the reason I have written here now go to the sugar that's it right I'll just add a thus fine similarly you can write for n number of microservices what you have whatever the header you want you can face from this particular annotation now all looks good let me quickly start all the application let's start the registry then I'll start all the micro services let's start sugiyap we have started all so let's put it to complete so it looks all service started correctly okay so we can verify that just go to the browser hit 8761 which is the Eureka dashboard you can see here right all the micro Services three micro Services is registered so gear restaurant service and identity service and this is our Gateway app fine so I I already shared this particular link where you can find the call command to just figure out I mean first you need to register the user then with the same credential you need to get the token then you can send the request to your APA gateway to access any of your micro Services okay so you can refer this particular call I have handed it in my Postman so what I'll do first I will register a user okay let me give a name John Let It Be password pwd1 I will change the email John that's it send the request user added to the system it will store in our DV so next with this credential we can ask to our Identity or auth service which we created he can give us a token okay we'll give him the username and password he'll return us one token so for that I will just trigger this particular endpoint this should be eight zero eight zero because we are accessing the API Gateway okay name is the John correct now let me send the request we got this token okay now if I will paste this token here in jwtio can you see here subject is John which is nothing my username and when your token will be expired that timestamp okay I mean when it issued and when it will be expired these are the default timestamp but any other field if you want like role or anything anything you want you can add as part of your payload while generating the token itself okay that's fine now let's use this token to access any of our API from the API Gateway just go to the postman I want to access the Sugi app okay because there I am extracting the username If You observe it in the Sugi app we are extracting the username right so I will try to access that go to the get call okay eight zero eight zero is nothing our APA Gateway Port soogi is my endpoint of Sugi app and this is some order ID hard coded order ID we have but I need to pass the header as part of this header I need to pass the token which we just generated with the user John okay now let me send the request we got the result now if you'll see the console of sugar can you see here we got the message logged in user details is John similarly not only username whatever field you want to pass from APA gateway to your microservices you can directly either play with the header or you can pass as a request body it is up to you as for your need okay do let me know in a comment section if you guys have any doubts that's all about this particular video guys thanks for watching this video meet you soon with A New Concept

Info

Channel: Java Techie

Views: 16,347

Rating: undefined out of 5

Keywords: spring boot, spring cloud gateway security, javatechie

Id: qODoDq5_hAM

Channel Id: undefined

Length: 15min 17sec (917 seconds)

Published: Sat Apr 29 2023