spring-cloud-gateway | Gateway built on Spring Framework 5.x and Spring Boot 2 | REST library

by spring-cloud Java Version: Current License: Apache-2.0

Download this library from

kandi X-RAY | spring-cloud-gateway Summary

spring-cloud-gateway is a Java library typically used in Web Services, REST, Spring Boot, Spring, Swagger applications. spring-cloud-gateway has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has high support. You can download it from GitHub, Maven.

This project provides an API Gateway built on top of the Spring Ecosystem, including: Spring 6, Spring Boot 3 and Project Reactor. Spring Cloud Gateway aims to provide a simple, yet effective way to route to APIs and provide cross cutting concerns to them such as: security, monitoring/metrics, and resiliency.

Support

Quality

Security

License

Reuse

kandi-support Support

spring-cloud-gateway has a highly active ecosystem.
It has 3382 star(s) with 2588 fork(s). There are 224 watchers for this library.
It had no major release in the last 12 months.
There are 275 open issues and 1695 have been closed. On average issues are closed in 178 days. There are 28 open pull requests and 0 closed requests.
It has a negative sentiment in the developer community.
The latest version of spring-cloud-gateway is current.

spring-cloud-gateway Support

Best in #REST

Average in #REST

spring-cloud-gateway Support

Best in #REST

Average in #REST

quality kandi Quality

spring-cloud-gateway has 0 bugs and 0 code smells.

spring-cloud-gateway Quality

Best in #REST

Average in #REST

spring-cloud-gateway Quality

Best in #REST

Average in #REST

security Security

spring-cloud-gateway has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
spring-cloud-gateway code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.

spring-cloud-gateway Security

Best in #REST

Average in #REST

spring-cloud-gateway Security

Best in #REST

Average in #REST

license License

spring-cloud-gateway is licensed under the Apache-2.0 License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.

spring-cloud-gateway License

Best in #REST

Average in #REST

spring-cloud-gateway License

Best in #REST

Average in #REST

build Reuse

spring-cloud-gateway releases are not available. You will need to build from source code and install.
Deployable package is available in Maven.
Build file is available. You can build the component from source.
Installation instructions, examples and code snippets are available.
It has 29007 lines of code, 2760 functions and 398 files.
It has medium code complexity. Code complexity directly impacts maintainability of the code.

spring-cloud-gateway Reuse

Best in #REST

Average in #REST

spring-cloud-gateway Reuse

Best in #REST

Average in #REST

Top functions reviewed by kandi - BETA

kandi has reviewed spring-cloud-gateway and discovered the below as its top functions. This is intended to give you an instant insight into spring-cloud-gateway implemented functionality, and help decide if they suit your requirements.

Custom custom routes .
Determines if the route is allowed for the given route id
Add a weight configuration
Creates HttpClient instance .
Helper method to lookup routes .
Returns headers filters .
Creates custom headers for the exchange .
Helper method to exchange a request entity .
Gets the input stream .
Returns the routes .

spring-cloud-gateway Key Features

Java 17

Spring Framework 6

Spring Boot 3

Dynamic routing

Route matching built into Spring Handler Mapping

Route matching on HTTP Request (Path, Method, Header, Host, etc…)

Filters scoped to Matching Route

Filters can modify downstream HTTP Request and HTTP Response (Add/Remove Headers, Add/Remove Parameters, Rewrite Path, Set Path, Hystrix, etc…)

API or configuration driven

Supports Spring Cloud DiscoveryClient for configuring Routes

spring-cloud-gateway Examples and Code Snippets

See all related Code Snippets

Basic Compile and Test

Copy

Download

$ ./mvnw install

Working with the code

Copy

Download

$ ./mvnw eclipse:eclipse

Checkstyle

Copy

Download

(3)

IDE setup

Copy

Download

(3)

Duplicate Finder

Copy

Download

&lt;build&gt;
    &lt;plugins&gt;
        &lt;plugin&gt;
            &lt;groupId&gt;org.basepom.maven&lt;/groupId&gt;
            &lt;artifactId&gt;duplicate-finder-maven-plugin&lt;/artifactId&gt;
        &lt;/plugin&gt;
    &lt;/plugins&gt;
&lt;/build&gt;

spring cloud gateway only forwards to base path of url

Copy

Download

private final URI routingTargetWithPath = URI.create("http://hapi.fhir.org/baseR4");

  @Bean
  public RouteLocator routeLocator(RouteLocatorBuilder builder) {
    return builder.routes()
        .route("patient", r -> r
            .path("/Patient", "/Patient/*")
            .and()
            .method(GET)
            .filters(f -> f.prefixPath(routingTargetWithPath.getPath()))
            .uri(routingTargetWithPath)
        )
        .build();
  }

implementation of Gateway Global filter in Kotlin to Java implementation

Copy

Download

@Component
public class AddCredentialsGlobalFilter implements GlobalFilter {

    private final String usernameHeader = "logged-in-user";
    private final String rolesHeader = "logged-in-user-roles";

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        return exchange.getPrincipal().flatMap(p -> {
            List<GrantedAuthority> authorities = (List<GrantedAuthority>) ((Authentication)p).getAuthorities();
            String rolesString = authorities != null 
                    ? authorities.stream().map(Object::toString).collect(Collectors.joining(";"))
                    : "";
            ServerHttpRequest request = exchange.getRequest().mutate()
                    .header(usernameHeader, p.getName())
                    .header(rolesHeader, rolesString)
                    .build();
            return chain.filter(exchange.mutate().request(request).build());
        });
    }
}

Disable OPTIONS request before POST in React

Copy

Download

module.exports = {
  devServer: {
    proxy: 'http://1.1.1.1:8080',
  },

## macOS
open -na Google\ Chrome --args --user-data-dir=/tmp/temporary-chrome-profile-dir --disable-web-security --disable-site-isolation-trials

## windows
chrome.exe --disable-web-security

## linux
google-chrome --disable-web-security

-----------------------

module.exports = {
  devServer: {
    proxy: 'http://1.1.1.1:8080',
  },

## macOS
open -na Google\ Chrome --args --user-data-dir=/tmp/temporary-chrome-profile-dir --disable-web-security --disable-site-isolation-trials

## windows
chrome.exe --disable-web-security

## linux
google-chrome --disable-web-security

-----------------------

module.exports = {
  devServer: {
    proxy: 'http://1.1.1.1:8080',
  },

## macOS
open -na Google\ Chrome --args --user-data-dir=/tmp/temporary-chrome-profile-dir --disable-web-security --disable-site-isolation-trials

## windows
chrome.exe --disable-web-security

## linux
google-chrome --disable-web-security

-----------------------

module.exports = {
  devServer: {
    proxy: 'http://1.1.1.1:8080',
  },

## macOS
open -na Google\ Chrome --args --user-data-dir=/tmp/temporary-chrome-profile-dir --disable-web-security --disable-site-isolation-trials

## windows
chrome.exe --disable-web-security

## linux
google-chrome --disable-web-security

500 Internal Server Error in redirect-uri request Webflux + OAuth2.0

Copy

Download

@Configuration(proxyBeanMethods = false)
    @EnableWebFluxSecurity
    @EnableReactiveMethodSecurity
    public class WebFluxSecurityConfig {
    
        @Bean
        public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, AuthenticationManager authenticationManager) {
    
            return http
                    .httpBasic().disable()
                    .csrf().disable()
                    .authorizeExchange(exchanges -> exchanges
                            .pathMatchers(HttpMethod.GET, "/oauth2/authorization/**",
                                    "/actuator",
                                    "/actuator/**",
                                    "/auth/login",
                                    "/login/**")
                            .permitAll()
                            .anyExchange()
                                    .authenticated()
                    .oauth2Login()
                    .authenticationManager(authenticationManager)
                    .and()
                    .build();
    
        }
}

Disable OPTIONS request before POST and DELETE requests

Copy

Download

"proxy": "your-backend-base-url"

-----------------------

 npm install http-proxy-middleware --save

const { createProxyMiddleware } = require('http-proxy-middleware');


module.exports = function(app) {
  app.use(
    '/api',
    createProxyMiddleware({
      target: 'http://localhost:3080',
      changeOrigin: true,
    })
  );
};

devServer: {
   historyApiFallBack: true,
   contentBase: path.resolve(__dirname, 'public'),
   proxy: {
      '/v1/**': {
         target: 'http://url',
         secure: false,
         changeOrigin: true
      }
   }
},

-----------------------

 npm install http-proxy-middleware --save

const { createProxyMiddleware } = require('http-proxy-middleware');


module.exports = function(app) {
  app.use(
    '/api',
    createProxyMiddleware({
      target: 'http://localhost:3080',
      changeOrigin: true,
    })
  );
};

devServer: {
   historyApiFallBack: true,
   contentBase: path.resolve(__dirname, 'public'),
   proxy: {
      '/v1/**': {
         target: 'http://url',
         secure: false,
         changeOrigin: true
      }
   }
},

-----------------------

 npm install http-proxy-middleware --save

const { createProxyMiddleware } = require('http-proxy-middleware');


module.exports = function(app) {
  app.use(
    '/api',
    createProxyMiddleware({
      target: 'http://localhost:3080',
      changeOrigin: true,
    })
  );
};

devServer: {
   historyApiFallBack: true,
   contentBase: path.resolve(__dirname, 'public'),
   proxy: {
      '/v1/**': {
         target: 'http://url',
         secure: false,
         changeOrigin: true
      }
   }
},

How to load balance requests to all application pods when using Spring Cloud Gateway

Copy

Download

implementation("org.springframework.cloud:spring-cloud-loadbalancer")
implementation("org.springframework.cloud:spring-cloud-starter-kubernetes-fabric8")

Spring cloud gateway 2.5 with eureka return 404

Copy

Download

spring:
  application:
    name: api-gateway
  cloud:
    gateway:
      discovery:
        locator:
          lower-case-service-id: true
          enabled: false
      routes:
        - id: my-service
          uri: lb://my-service
          predicates:
            - Path=/service/**
          filters:
            - RewritePath=/service(?<segment>/?.*), /${segment}

java.lang.IllegalArgumentException: Unable to find GatewayFilterFactory with name JwtAuthenticationFilterGatewayFilterFactory

Copy

Download

@Bean
public RouteLocator myRoutes(RouteLocatorBuilder builder) {
    return builder.routes()
        .route(p -> p
            .path("/get")
            .filters(f -> f.addRequestHeader("Hello", "World"))
            .uri("http://httpbin.org:80"))
        .build();
}

Spring Cloud Gateway Pass Client Certificate Information

Copy

Download

public class ClientSSLToHeaderFilter implements GlobalFilter, Ordered {

@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { 
    ServerHttpRequest req = exchange.getRequest();
    SslInfo info = req.getSslInfo();
    if(info != null) {
        X509Certificate[] certs = info.getPeerCertificates();
        if(certs != null && certs.length > 0) {

            ServerHttpRequest request = exchange.getRequest().mutate()
                    .headers(httpHeaders -> {
                        try {
                            certs[0].checkValidity();
                            String encodedCert = new String(Base64.getEncoder().encode(certs[0].getEncoded())); 
                            httpHeaders.add("SSL_CLIENT_CERT", encodedCert); 
                            httpHeaders.add("SSL_CLIENT_VERIFY", "success");
                        } catch(CertificateEncodingException | CertificateExpiredException
                                | CertificateNotYetValidException e) {
                            // TODO Auto-generated catch block
                            log.log(Level.ERROR, e, e);
                        }

                    }).build();
            return chain.filter(exchange.mutate().request(request).build());
        }

    }
    return chain.filter(exchange);
}

@Override
public int getOrder() {
    return -1;
}

Spring Cloud Gateway Preflight Cors Error with Angular

Copy

Download

http.cors();

@Configuration
@EnableWebMvc
public class RestServiceCorsApplication implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**");
    }
}

-----------------------

http.cors();

@Configuration
@EnableWebMvc
public class RestServiceCorsApplication implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**");
    }
}

-----------------------

allowedMethods:
        - GET
        - POST
        - DELETE
        - PUT
        - OPTIONS

spring.cloud.gateway.routes[0].predicates[1] = Method=GET,POST,OPTIONS

-----------------------

allowedMethods:
        - GET
        - POST
        - DELETE
        - PUT
        - OPTIONS

spring.cloud.gateway.routes[0].predicates[1] = Method=GET,POST,OPTIONS

See all related Code Snippets

Community Discussions

Trending Discussions on spring-cloud-gateway

spring cloud gateway only forwards to base path of url
implementation of Gateway Global filter in Kotlin to Java implementation
Disable OPTIONS request before POST in React
500 Internal Server Error in redirect-uri request Webflux + OAuth2.0
Disable OPTIONS request before POST and DELETE requests
How to load balance requests to all application pods when using Spring Cloud Gateway
How to prevent springboot gateway to forward to last element in the chain
Spring cloud gateway 2.5 with eureka return 404
java.lang.IllegalArgumentException: Unable to find GatewayFilterFactory with name JwtAuthenticationFilterGatewayFilterFactory
Spring Cloud Gateway Pass Client Certificate Information

Trending Discussions on spring-cloud-gateway

QUESTION

spring cloud gateway only forwards to base path of url

Asked 2022-Mar-20 at 18:59

I'm trying to build a simple api-gateway using spring-cloud-gateway. So far I understood the basic principle but I'm running in a specific Problem:

The target url which I'm forwarding my request potentially contains zero, one or multiple path segments. Unfortunately, these path segments are ignored.


private final String routingTargetWithPath = "http://hapi.fhir.org/baseR4";

  @Bean
  public RouteLocator routeLocator(RouteLocatorBuilder builder) {
    return builder.routes()
        .route("patient", r -> r
            .path("/Patient", "/Patient/*")
            .and()
            .method(GET)
            .uri(routingTargetWithPath)
        )
        .build();
  }

Using curl sending the request to my api-gateway:

curl http://localhost:8080/Patient
  and accordingly
curl http://localhost:8080/Patient/2069748

I would assume the requests would be routed to:

http://hapi.fhir.org/baseR4/Patient
  and accordingly
http://hapi.fhir.org/baseR4/Patient/2069748

But instead they are being routed to:

http://hapi.fhir.org/Patient
  and accordingly
http://hapi.fhir.org/Patient/2069748

So, the path of the configured routing url is ignored. Unfortunately, I can't do a manual rewrite here, since in production the "routingTarget" will be configured and I don't know, if and how many path segments it will contain.

How can I achieve to route to the complete configured routing target?

ANSWER

Answered 2022-Mar-20 at 18:59

Ok, I found the answer: According to here it is intentional, that the path of the uri is ignored. So in my case, the set path filter would fix the problem:

private final URI routingTargetWithPath = URI.create("http://hapi.fhir.org/baseR4");

  @Bean
  public RouteLocator routeLocator(RouteLocatorBuilder builder) {
    return builder.routes()
        .route("patient", r -> r
            .path("/Patient", "/Patient/*")
            .and()
            .method(GET)
            .filters(f -> f.prefixPath(routingTargetWithPath.getPath()))
            .uri(routingTargetWithPath)
        )
        .build();
  }

Source https://stackoverflow.com/questions/71545944

QUESTION

implementation of Gateway Global filter in Kotlin to Java implementation

Asked 2022-Mar-04 at 09:36

I have a scenario that I have some microservices, cloud gateway and eureka server. All microservices and cloud gateway registered on the eureka server. Cloud gateway will securing all the downstream services. When any user want to access the service first it will fill out the username and password for authentication on the cloud gateway. If the user will be authentic then it will access the service by the gateway route that is already set in application.properties file but I want when the user will authentic and access the service then I can also get user authentic credential in downstream services or microservices that are behind the cloud gateway. In other word I want to getting principle values that is set on the gateway in downstream service. So, After searching many days I got a Global Filter Implementation link but this filter code in Kotlin and I am not familiar with Kotlin, So unable to understand of this. I want to implement this in Java. Basically this filter for adding username and user roles to headers of downstream services request. How can I convert this filter into java.

Here is the Workflow

Here is the cloud gateway configuration

@Configuration
@EnableWebFluxSecurity
public class GatewaySecurityConfig{

     @Bean
        public MapReactiveUserDetailsService userDetailsService() {
            UserDetails user = User.builder()
                    .username("user")
                    .password(passwordEncoder().encode("password"))
                    .roles("USER")
                    .build();
            UserDetails admin = User.builder()
                    .username("admin")
                    .password(passwordEncoder().encode("password"))
                    .roles("USER","ADMIN")
                    .build();
            return new MapReactiveUserDetailsService(user, admin);
        }
     
        @Bean
        public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
            http
                .authorizeExchange()
                .anyExchange().authenticated()
                .and()
                .httpBasic(withDefaults())
                .formLogin();
            return http.build();
        }
        
        
        @Bean
        public PasswordEncoder passwordEncoder() {
            return new BCryptPasswordEncoder(8);
        }
        
}

Global Filter Implementation in Kotlin and I want code of this in Java8

@Component
class AddCredentialsGlobalFilter : GlobalFilter {

    private val usernameHeader = "logged-in-user"
    private val rolesHeader = "logged-in-user-roles"

    override fun filter(exchange: ServerWebExchange, chain: GatewayFilterChain) = exchange.getPrincipal<Principal>()
            .flatMap { p ->
                val request = exchange.request.mutate()
                        .header(usernameHeader, p.name)
                        .header(rolesHeader, (p as Authentication).authorities?.joinToString(";") ?: "")
                        .build()
                chain.filter(exchange.mutate().request(request).build())
            }
}

Application.properties Configuration

server:
  port: 8080
 
eureka:
  client:
    serviceUrl:
      defaultZone: http://localhost:8083/eureka 

spring:
  main:
    allow-bean-definition-overriding: true
  application:
    name: gateway
  cloud:
    gateway:
      routes:
      - id: userModule
        uri: lb://user
        predicates:
        - Path=/user/**

ANSWER

Answered 2022-Mar-04 at 09:36

I believe it's something like following

@Component
public class AddCredentialsGlobalFilter implements GlobalFilter {

    private final String usernameHeader = "logged-in-user";
    private final String rolesHeader = "logged-in-user-roles";

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        return exchange.getPrincipal().flatMap(p -> {
            List<GrantedAuthority> authorities = (List<GrantedAuthority>) ((Authentication)p).getAuthorities();
            String rolesString = authorities != null 
                    ? authorities.stream().map(Object::toString).collect(Collectors.joining(";"))
                    : "";
            ServerHttpRequest request = exchange.getRequest().mutate()
                    .header(usernameHeader, p.getName())
                    .header(rolesHeader, rolesString)
                    .build();
            return chain.filter(exchange.mutate().request(request).build());
        });
    }
}

Source https://stackoverflow.com/questions/71347278

QUESTION

Disable OPTIONS request before POST in React

Asked 2022-Feb-02 at 23:03

I have a React application based on Typescript which is hosted on my PC. I use Spring gateway to forward requests to another microservice. GET requests are working fine but for POST requests I get:

Access to XMLHttpRequest at 'http://1.1.1.1:8080/api/support/tickets/create' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I'm hitting this Spring Cloud Gateway issue: https://github.com/spring-cloud/spring-cloud-gateway/issues/229

Spring cloud configuration:

@Bean
public RouteLocator routes(RouteLocatorBuilder builder, LoggingGatewayFilterFactory loggingFactory) {
    return builder.routes()
            .route("route_id",
                    route -> route
                            .path("/api/support/tickets/**")
                            .filters(f -> f.rewritePath("/api/support/tickets/(?<RID>.*)", "/support/tickets/${RID}"))
                            .uri("lb://merchant-hub-admin-service")
            )
            .build();
}

React code:

export async function getTicket(id: string) {
  return await axios.get(`${baseUrl}/support/tickets/ticket/${id}`);
}

export async function postTicket(
  data: TicketFullDTO
): Promise<AxiosResponse<TicketFullDTO>> {
  return await axios.post<TicketFullDTO>(
    `${baseUrl}/support/tickets/create`, data);
}

This is caused by buy-in Spring Cloud Gateway: https://github.com/spring-cloud/spring-cloud-gateway/issues/2472

I tried to implement this workaround:

@Bean
public RoutePredicateHandlerMapping tusRoutePredicateHandlerMapping(FilteringWebHandler webHandler,
                                                                    RouteLocator routeLocator,
                                                                    GlobalCorsProperties globalCorsProperties,
                                                                    Environment environment) {
    RoutePredicateHandlerMapping routePredicateHandlerMapping = new RoutePredicateHandlerMapping(webHandler,
            routeLocator, globalCorsProperties, environment);
    routePredicateHandlerMapping.setCorsProcessor(new CrackCorsProcessor());
    return routePredicateHandlerMapping;
}

import org.springframework.lang.Nullable;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.reactive.DefaultCorsProcessor;
import org.springframework.web.server.ServerWebExchange;

public class CrackCorsProcessor extends DefaultCorsProcessor {
    @Override
    public boolean process(@Nullable CorsConfiguration config, ServerWebExchange exchange) {
        return false;
    }
}

But it's not working. Do you know how I can solve this issue?

ANSWER

Answered 2022-Jan-31 at 06:44

It seems that your issue is about local development only.

Create react app solves precisely this by supporting the dev server to serve as a proxy to your API endpoint.

Just add the API domain in the proxy key in package.json. More on this here

For production you should either host them both under the same domain (using a reverse proxy to route static content vs api request based on the URL path), or find a permanent cors friendly solution on your backend.

Cors is a browser feature and cannot be disabled. Though, when not using the POST method you can get around the preflight but you still can't access the response body without the proper headers set

Source https://stackoverflow.com/questions/70637808

QUESTION

500 Internal Server Error in redirect-uri request Webflux + OAuth2.0

Asked 2022-Jan-27 at 11:29

I'm trying to set up security for Webflux with OAuth2 to use it as a gateway. On the other hand I have my own Authorization Server. We can say that this is the structure I want to achieve:

The configuration is as follows:

WebFluxSecurityConfig.java

    @Configuration(proxyBeanMethods = false)
    @EnableWebFluxSecurity
    @EnableReactiveMethodSecurity
    public class WebFluxSecurityConfig {
    
        @Bean
        public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
    
            return http
                    .httpBasic().disable()
                    .csrf().disable()
                    .authorizeExchange(exchanges -> exchanges
                            .pathMatchers(HttpMethod.GET, "/oauth2/authorization/**",
                                    "/actuator",
                                    "/actuator/**",
                                    "/auth/login",
                                    "/login/**")
                            .permitAll()
                            .anyExchange()
                                    .authenticated()
                    .oauth2Login()
                    .and()
                    .build();
    
        }
}

SpringGatewayApplication.java

@SpringBootApplication
public class SpringGatewayApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringGatewayApplication.class, args);
    }

}

application.yml:

spring:
  application:
    name: spring-boot-gateway
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: http://localhost/auth/oauth/token
      client:
        registration:
          oauth:
            client-name: oauth
            client-id: first-client
            client-secret: xxxx
            provider: adp-auth-provider
            authorization-grant-type: authorization_code
            redirect-uri: '{baseUrl}/login/oauth2/code/{registrationId}'
            scope: read
        provider:
          adp-auth-provider:
            authorization-uri: http://localhost/auth/oauth/authorize
            token-uri: http://localhost/auth/oauth/token
            user-info-uri: http://localhost/auth/me
            user-name-attribute: sub

Dependencies:


    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-webflux</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-gateway</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-oauth2-client</artifactId>
        </dependency>
    </dependencies>

However I am getting the following error:

2022-01-18 12:12:15.852 ERROR 2836 --- [ctor-http-nio-6] a.w.r.e.AbstractErrorWebExceptionHandler : [477242e5-1]  500 Server Error for HTTP GET "/login/oauth2/code/oauth?code=nTCRNi&state=Ub8jQjbp1baxhgsxcpNULMMHoV8z42bQsp62iL2jNV8%3D"

java.lang.IllegalStateException: No provider found for class org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken
    at org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda$authenticate$6(AuthenticationWebFilter.java:123) ~[spring-security-web-5.6.0.jar:5.6.0]
    Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException: 
Error has been observed at the following site(s):
    *__checkpoint ⇢ org.springframework.security.oauth2.client.web.server.authentication.OAuth2LoginAuthenticationWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.security.web.server.context.ReactorContextWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.security.web.server.header.HttpHeaderWriterWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.security.config.web.server.ServerHttpSecurity$ServerWebExchangeReactorContextWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.security.web.server.WebFilterChainProxy [DefaultWebFilterChain]
    *__checkpoint ⇢ org.springframework.boot.actuate.metrics.web.reactive.server.MetricsWebFilter [DefaultWebFilterChain]
    *__checkpoint ⇢ HTTP GET "/login/oauth2/code/oauth?code=nTCRNi&state=Ub8jQjbp1baxhgsxcpNULMMHoV8z42bQsp62iL2jNV8%3D" [ExceptionHandlingWebHandler]
Original Stack Trace:
        at org.springframework.security.web.server.authentication.AuthenticationWebFilter.lambda$authenticate$6(AuthenticationWebFilter.java:123) ~[spring-security-web-5.6.0.jar:5.6.0]
        at reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:44) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.Mono.subscribe(Mono.java:4400) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:82) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxHide$SuppressFuseableSubscriber.onComplete(FluxHide.java:147) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoNext$NextSubscriber.onComplete(MonoNext.java:102) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxConcatMap$ConcatMapImmediate.drain(FluxConcatMap.java:367) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxConcatMap$ConcatMapImmediate.innerComplete(FluxConcatMap.java:296) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxConcatMap$ConcatMapInner.onComplete(FluxConcatMap.java:885) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoFlatMap$FlatMapMain.secondComplete(MonoFlatMap.java:196) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoFlatMap$FlatMapInner.onComplete(MonoFlatMap.java:268) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:142) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.onComplete(Operators.java:2058) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.onComplete(Operators.java:2058) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onComplete(FluxMapFuseable.java:150) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoFlatMap$FlatMapMain.secondComplete(MonoFlatMap.java:196) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoFlatMap$FlatMapInner.onComplete(MonoFlatMap.java:268) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.onComplete(Operators.java:2058) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.MonoNext$NextSubscriber.onComplete(MonoNext.java:102) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:142) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:142) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxPeek$PeekSubscriber.onComplete(FluxPeek.java:260) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:142) ~[reactor-core-3.4.12.jar:3.4.12]
        at reactor.netty.channel.FluxReceive.onInboundComplete(FluxReceive.java:400) ~[reactor-netty-core-1.0.13.jar:1.0.13]
        at reactor.netty.channel.ChannelOperations.onInboundComplete(ChannelOperations.java:419) ~[reactor-netty-core-1.0.13.jar:1.0.13]
        at reactor.netty.channel.ChannelOperations.terminate(ChannelOperations.java:473) ~[reactor-netty-core-1.0.13.jar:1.0.13]
        at reactor.netty.http.client.HttpClientOperations.onInboundNext(HttpClientOperations.java:702) ~[reactor-netty-http-1.0.13.jar:1.0.13]
        at reactor.netty.channel.ChannelOperationsHandler.channelRead(ChannelOperationsHandler.java:93) ~[reactor-netty-core-1.0.13.jar:1.0.13]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:103) ~[netty-codec-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:324) ~[netty-codec-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:296) ~[netty-codec-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:251) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) ~[netty-transport-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986) ~[netty-common-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[netty-common-4.1.70.Final.jar:4.1.70.Final]
        at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[netty-common-4.1.70.Final.jar:4.1.70.Final]
        at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]

Dependency tree:

[INFO] --- maven-dependency-plugin:3.2.0:tree (default-cli) @ springflux ---
[INFO] es._3xs.adp:springflux:jar:0.0.1-SNAPSHOT
[INFO] +- org.springframework.boot:spring-boot-starter-webflux:jar:2.6.1:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter:jar:2.6.1:compile
[INFO] |  |  +- org.springframework.boot:spring-boot:jar:2.6.1:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-autoconfigure:jar:2.6.1:compile
[INFO] |  |  +- org.springframework.boot:spring-boot-starter-logging:jar:2.6.1:compile
[INFO] |  |  |  +- ch.qos.logback:logback-classic:jar:1.2.7:compile
[INFO] |  |  |  |  +- ch.qos.logback:logback-core:jar:1.2.7:compile
[INFO] |  |  |  |  \- org.slf4j:slf4j-api:jar:1.7.32:compile
[INFO] |  |  |  +- org.apache.logging.log4j:log4j-to-slf4j:jar:2.14.1:compile
[INFO] |  |  |  |  \- org.apache.logging.log4j:log4j-api:jar:2.14.1:compile
[INFO] |  |  |  \- org.slf4j:jul-to-slf4j:jar:1.7.32:compile
[INFO] |  |  +- jakarta.annotation:jakarta.annotation-api:jar:1.3.5:compile
[INFO] |  |  \- org.yaml:snakeyaml:jar:1.29:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter-json:jar:2.6.1:compile
[INFO] |  |  +- com.fasterxml.jackson.core:jackson-databind:jar:2.13.0:compile
[INFO] |  |  |  +- com.fasterxml.jackson.core:jackson-annotations:jar:2.13.0:compile
[INFO] |  |  |  \- com.fasterxml.jackson.core:jackson-core:jar:2.13.0:compile
[INFO] |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jdk8:jar:2.13.0:compile
[INFO] |  |  +- com.fasterxml.jackson.datatype:jackson-datatype-jsr310:jar:2.13.0:compile
[INFO] |  |  \- com.fasterxml.jackson.module:jackson-module-parameter-names:jar:2.13.0:compile
[INFO] |  +- org.springframework.boot:spring-boot-starter-reactor-netty:jar:2.6.1:compile
[INFO] |  |  \- io.projectreactor.netty:reactor-netty-http:jar:1.0.13:compile
[INFO] |  |     +- io.netty:netty-codec-http:jar:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-common:jar:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-buffer:jar:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-transport:jar:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-codec:jar:4.1.70.Final:compile
[INFO] |  |     |  \- io.netty:netty-handler:jar:4.1.70.Final:compile
[INFO] |  |     +- io.netty:netty-codec-http2:jar:4.1.70.Final:compile
[INFO] |  |     +- io.netty:netty-resolver-dns:jar:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-resolver:jar:4.1.70.Final:compile
[INFO] |  |     |  \- io.netty:netty-codec-dns:jar:4.1.70.Final:compile
[INFO] |  |     +- io.netty:netty-resolver-dns-native-macos:jar:osx-x86_64:4.1.70.Final:compile
[INFO] |  |     |  \- io.netty:netty-resolver-dns-classes-macos:jar:4.1.70.Final:compile
[INFO] |  |     +- io.netty:netty-transport-native-epoll:jar:linux-x86_64:4.1.70.Final:compile
[INFO] |  |     |  +- io.netty:netty-transport-native-unix-common:jar:4.1.70.Final:compile
[INFO] |  |     |  \- io.netty:netty-transport-classes-epoll:jar:4.1.70.Final:compile
[INFO] |  |     \- io.projectreactor.netty:reactor-netty-core:jar:1.0.13:compile
[INFO] |  |        \- io.netty:netty-handler-proxy:jar:4.1.70.Final:compile
[INFO] |  |           \- io.netty:netty-codec-socks:jar:4.1.70.Final:compile
[INFO] |  +- org.springframework:spring-web:jar:5.3.13:compile
[INFO] |  |  \- org.springframework:spring-beans:jar:5.3.13:compile
[INFO] |  \- org.springframework:spring-webflux:jar:5.3.13:compile
[INFO] |     \- io.projectreactor:reactor-core:jar:3.4.12:compile
[INFO] |        \- org.reactivestreams:reactive-streams:jar:1.0.3:compile
[INFO] +- org.springframework.cloud:spring-cloud-starter-gateway:jar:3.1.0:compile
[INFO] |  +- org.springframework.cloud:spring-cloud-starter:jar:3.1.0:compile
[INFO] |  |  +- org.springframework.cloud:spring-cloud-context:jar:3.1.0:compile
[INFO] |  |  +- org.springframework.cloud:spring-cloud-commons:jar:3.1.0:compile
[INFO] |  |  \- org.springframework.security:spring-security-rsa:jar:1.0.10.RELEASE:compile
[INFO] |  |     \- org.bouncycastle:bcpkix-jdk15on:jar:1.68:compile
[INFO] |  |        \- org.bouncycastle:bcprov-jdk15on:jar:1.68:compile
[INFO] |  \- org.springframework.cloud:spring-cloud-gateway-server:jar:3.1.0:compile
[INFO] |     +- org.springframework.boot:spring-boot-starter-validation:jar:2.6.1:compile
[INFO] |     |  +- org.apache.tomcat.embed:tomcat-embed-el:jar:9.0.55:compile
[INFO] |     |  \- org.hibernate.validator:hibernate-validator:jar:6.2.0.Final:compile
[INFO] |     |     +- jakarta.validation:jakarta.validation-api:jar:2.0.2:compile
[INFO] |     |     +- org.jboss.logging:jboss-logging:jar:3.4.2.Final:compile
[INFO] |     |     \- com.fasterxml:classmate:jar:1.5.1:compile
[INFO] |     \- io.projectreactor.addons:reactor-extra:jar:3.4.5:compile
[INFO] +- org.springframework.boot:spring-boot-starter-security:jar:2.6.1:compile
[INFO] |  +- org.springframework:spring-aop:jar:5.3.13:compile
[INFO] |  +- org.springframework.security:spring-security-config:jar:5.6.0:compile
[INFO] |  |  \- org.springframework:spring-context:jar:5.3.13:compile
[INFO] |  \- org.springframework.security:spring-security-web:jar:5.6.0:compile
[INFO] |     \- org.springframework:spring-expression:jar:5.3.13:compile
[INFO] \- org.springframework.security:spring-security-oauth2-client:jar:5.6.0:compile
[INFO]    +- org.springframework.security:spring-security-core:jar:5.6.0:compile
[INFO]    |  \- org.springframework.security:spring-security-crypto:jar:5.6.0:compile
[INFO]    +- org.springframework.security:spring-security-oauth2-core:jar:5.6.0:compile
[INFO]    +- org.springframework:spring-core:jar:5.3.13:compile
[INFO]    |  \- org.springframework:spring-jcl:jar:5.3.13:compile
[INFO]    \- com.nimbusds:oauth2-oidc-sdk:jar:9.19:compile
[INFO]       +- com.github.stephenc.jcip:jcip-annotations:jar:1.0-1:compile
[INFO]       +- com.nimbusds:content-type:jar:2.1:compile
[INFO]       +- net.minidev:json-smart:jar:2.4.7:compile
[INFO]       |  \- net.minidev:accessors-smart:jar:2.4.7:compile
[INFO]       |     \- org.ow2.asm:asm:jar:9.1:compile
[INFO]       +- com.nimbusds:lang-tag:jar:1.5:compile
[INFO]       \- com.nimbusds:nimbus-jose-jwt:jar:9.14:compile
[INFO]
[INFO] -----------------------< es._3xs.adp:springflux >-----------------------

Does anyone know why this might be happening?

ANSWER

Answered 2022-Jan-27 at 11:29

The problem was occurring because the default authentication manager wasn't working for me, I had to implement one specifically for my problem.

@Configuration(proxyBeanMethods = false)
    @EnableWebFluxSecurity
    @EnableReactiveMethodSecurity
    public class WebFluxSecurityConfig {
    
        @Bean
        public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http, AuthenticationManager authenticationManager) {
    
            return http
                    .httpBasic().disable()
                    .csrf().disable()
                    .authorizeExchange(exchanges -> exchanges
                            .pathMatchers(HttpMethod.GET, "/oauth2/authorization/**",
                                    "/actuator",
                                    "/actuator/**",
                                    "/auth/login",
                                    "/login/**")
                            .permitAll()
                            .anyExchange()
                                    .authenticated()
                    .oauth2Login()
                    .authenticationManager(authenticationManager)
                    .and()
                    .build();
    
        }
}

Source https://stackoverflow.com/questions/70758560

QUESTION

How to load balance requests to all application pods when using Spring Cloud Gateway

Asked 2022-Jan-07 at 11:10

I've deployed an application in Kubernetes with two pods. If I directly invoke its Kubernetes service (http://app:8080) it will balance the requests between those two pods using round robin.

The actual runtime contains a Spring Cloud Gateway pod in front of the application, configured this way:

    @Bean
    fun customRouteLocator(builder: RouteLocatorBuilder): RouteLocator {
        logger.info("Gateway configuration: {}", gatewayConfigurationProperties)
        var routes = builder.routes()
        gatewayConfigurationProperties.routes.forEach { service ->
            routes = routes.route(service.key) { r ->
                r.path("${service.value.contextPath}/**")
                    .filters { filters ->
                        filters.requestRateLimiter { rateLimiterConfig ->
                            rateLimiterConfig.rateLimiter = RedisRateLimiter(1000, 1000)
                        }
                    }                  
                    .uri(service.value.uri)
            }
        }
        return routes.build()
    }

gateway:
  routes:
    app:
      uri: http://app:8080
      context-path: /app

I was expecting the gateway to distribute the load between the two pods, however it sticks with one of them

    -----------------------                 ------------ 
--->| spring-cloud-gateway |---calls-----> | app-pod-1 |
    -----------------------           X     ------------
                                      |
                                      |     ------------
                                      ---> | app-pod-2 |
                                            ------------

How can I make the gateway balance the requests using round robin?

I tried prefixing the service url with lb:// (uri: lb://app:8080) but I get a 503 error.

ANSWER

Answered 2022-Jan-07 at 11:10

In order to make Spring Cloud Gateway distribute the load and not stick to one pod I had to:

Use lb:// instead of http:// in the gateway URIs.
Add the following dependencies:

implementation("org.springframework.cloud:spring-cloud-loadbalancer")
implementation("org.springframework.cloud:spring-cloud-starter-kubernetes-fabric8")

With this, SCG will apply a round robin load balance.

Source https://stackoverflow.com/questions/70590120

QUESTION

java.lang.IllegalArgumentException: Unable to find GatewayFilterFactory with name JwtAuthenticationFilterGatewayFilterFactory

Asked 2021-Sep-21 at 09:57

I am using spring gateway implementation "org.springframework.cloud:spring-cloud-starter-gateway" as my project gateway, define the filter in application.properties like this:

spring.cloud.gateway.default-filters=JwtAuthenticationFilterGatewayFilterFactory

And my gateway filter code look like this:

@Component
public class JwtAuthenticationFilterGatewayFilterFactory implements GatewayFilter {

    @Value("${dolphin.gateway.jwt.verify:true}")
    private boolean jwtVerfiy;

    final static List<String> apiEndpoints = List.of("/register", "/login");

    final static Predicate<ServerHttpRequest> isApiSecured = r -> apiEndpoints.stream()
            .noneMatch(uri -> r.getURI().getPath().contains(uri));

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        return chain.filter(exchange);
    }
}

when I start the project, the log output shows error like this:

   021-09-19 22:51:42.480 ERROR 1 --- [oundedElastic-7] r.c.s.Schedulers                         : Scheduler worker in group main failed with an uncaught exception

reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: Unable to find GatewayFilterFactory with name JwtAuthenticationFilterGatewayFilterFactory
Caused by: java.lang.IllegalArgumentException: Unable to find GatewayFilterFactory with name JwtAuthenticationFilterGatewayFilterFactory
    at org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator.loadGatewayFilters(RouteDefinitionRouteLocator.java:187) ~[spring-cloud-gateway-server-2.2.8.RELEASE.jar!/:2.2.8.RELEASE]
    at org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator.getFilters(RouteDefinitionRouteLocator.java:228) ~[spring-cloud-gateway-server-2.2.8.RELEASE.jar!/:2.2.8.RELEASE]
    at org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator.convertToRoute(RouteDefinitionRouteLocator.java:170) ~[spring-cloud-gateway-server-2.2.8.RELEASE.jar!/:2.2.8.RELEASE]
    at org.springframework.cloud.gateway.route.RouteDefinitionRouteLocator$$Lambda$924/0x0000000069f16e40.apply(Unknown Source) ~[?:?]
    at reactor.core.publisher.FluxMap$MapSubscriber.onNext(FluxMap.java:100) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxFlatMap$FlatMapMain.tryEmitScalar(FluxFlatMap.java:481) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxFlatMap$FlatMapMain.onNext(FluxFlatMap.java:414) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxMergeSequential$MergeSequentialMain.drain(FluxMergeSequential.java:425) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxMergeSequential$MergeSequentialMain.innerNext(FluxMergeSequential.java:297) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxMergeSequential$MergeSequentialInner.onNext(FluxMergeSequential.java:563) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxMap$MapSubscriber.onNext(FluxMap.java:114) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxFilter$FilterSubscriber.onNext(FluxFilter.java:107) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]
    at reactor.core.publisher.FluxMap$MapConditionalSubscriber.onNext(FluxMap.java:213) ~[reactor-core-3.3.16.RELEASE.jar!/:3.3.16.RELEASE]

I have tried to tweak the filter name with JwtAuthenticationFilterGatewayFilterFactory and JwtAuthenticationFilter, both throw the same error. where am I going wrong? what should I do to fix this problem?

ANSWER

Answered 2021-Sep-21 at 09:57

if implement GatewayFilter, you should register the filter like this:

@Bean
public RouteLocator myRoutes(RouteLocatorBuilder builder) {
    return builder.routes()
        .route(p -> p
            .path("/get")
            .filters(f -> f.addRequestHeader("Hello", "World"))
            .uri("http://httpbin.org:80"))
        .build();
}

you could not using application.yaml or application.properties to config the custom gateway filter. If you want to config in application.yaml or application.properties, you need to implements GatewayFilterFactory.

Source https://stackoverflow.com/questions/69244460

QUESTION

Spring Cloud Gateway Pass Client Certificate Information

Asked 2021-Aug-24 at 12:39

I am trying to forward client certificate information from Spring Cloud Gateway to microservices behind it. I modified the Netty config and it is successfully requesting a client cert from the client, but I don't see it forwarding it to the microservice behind it. In Apache we used to use +ExportCertData which populated a handful of headers with the client certificate DN, validity time, etc. Does Spring Cloud Gateway have any out of the box functionality like this?

I found these 2 questions which seem similar, but neither had very explicit answers. spring cloud gateway forward client certificate and Does anyone have a simple example of implementing x509 mutual authentication in Spring Cloud Gateway/Spring WebFlux?

ANSWER

Answered 2021-Aug-24 at 12:39

After playing with it for a while, changing something on the Netty HttpClient did not seem to be right because as far as I could tell it did not know anything about where the request came from. However I found that the filter chain had all the information I needed, so I put in a custom GlobalFilter which adds the certificate information to the header like what Apache does.

public class ClientSSLToHeaderFilter implements GlobalFilter, Ordered {

@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) { 
    ServerHttpRequest req = exchange.getRequest();
    SslInfo info = req.getSslInfo();
    if(info != null) {
        X509Certificate[] certs = info.getPeerCertificates();
        if(certs != null && certs.length > 0) {

            ServerHttpRequest request = exchange.getRequest().mutate()
                    .headers(httpHeaders -> {
                        try {
                            certs[0].checkValidity();
                            String encodedCert = new String(Base64.getEncoder().encode(certs[0].getEncoded())); 
                            httpHeaders.add("SSL_CLIENT_CERT", encodedCert); 
                            httpHeaders.add("SSL_CLIENT_VERIFY", "success");
                        } catch(CertificateEncodingException | CertificateExpiredException
                                | CertificateNotYetValidException e) {
                            // TODO Auto-generated catch block
                            log.log(Level.ERROR, e, e);
                        }

                    }).build();
            return chain.filter(exchange.mutate().request(request).build());
        }

    }
    return chain.filter(exchange);
}

@Override
public int getOrder() {
    return -1;
}

}

Source https://stackoverflow.com/questions/68865665

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install spring-cloud-gateway

In order to setup Intellij you should import our coding conventions, inspection profiles and set up the checkstyle plugin. The following files can be found in the Spring Cloud Build project. Go to File → Settings → Editor → Code style. There click on the icon next to the Scheme section. There, click on the Import Scheme value and pick the Intellij IDEA code style XML option. Import the spring-cloud-build-tools/src/main/resources/intellij/Intellij_Spring_Boot_Java_Conventions.xml file. Go to File → Settings → Editor → Inspections. There click on the icon next to the Profile section. There, click on the Import Profile and import the spring-cloud-build-tools/src/main/resources/intellij/Intellij_Project_Defaults.xml file. To have Intellij work with Checkstyle, you have to install the Checkstyle plugin. It’s advisable to also install the Assertions2Assertj to automatically convert the JUnit assertions.
Default Checkstyle rules
File header setup
Default suppression rules
Project defaults for Intellij that apply most of Checkstyle rules
Project style conventions for Intellij that apply most of Checkstyle rules
checkstyle.header.file - please point it to the Spring Cloud Build’s, spring-cloud-build-tools/src/main/resources/checkstyle-header.txt file either in your cloned repo or via the https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-build-tools/src/main/resources/checkstyle-header.txt URL.
checkstyle.suppressions.file - default suppressions. Please point it to the Spring Cloud Build’s, spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml file either in your cloned repo or via the https://raw.githubusercontent.com/spring-cloud/spring-cloud-build/master/spring-cloud-build-tools/src/checkstyle/checkstyle-suppressions.xml URL.
checkstyle.additional.suppressions.file - this variable corresponds to suppressions in your local project. E.g. you’re working on spring-cloud-contract. Then point to the project-root/src/checkstyle/checkstyle-suppressions.xml folder. Example for spring-cloud-contract would be: /home/username/spring-cloud-contract/src/checkstyle/checkstyle-suppressions.xml.

Support

The spring-cloud-build module has a "docs" profile, and if you switch that on it will try to build asciidoc sources from src/main/asciidoc. As part of that process it will look for a README.adoc and process it by loading all the includes, but not parsing or rendering it, just copying it to ${main.basedir} (defaults to ${basedir}, i.e. the root of the project). If there are any changes in the README it will then show up after a Maven build as a modified file in the correct place. Just commit it and push the change.