Lab 3: Call another Microservice
Last updated
Last updated
In the first lab we extended an existing Microservice to an OAuth 2.0 and OpenID Connect 1.0 compliant Resource Server. Target of this lab is to add another Microservice from the Microservice we extended in lab 1.
As already seen in the architecture introduction, there ia also a further Microservice in the picture that is called by the already existing Microservice of lab 1.
In this lab we will add functionality to call another Microservice (resource server) with propagating the JWT.
In this lab you will learn how to:
How to call other Microservices using the WebClient.
How to authenticate at the other Microservice by propagating the existing JWT.
In the folder of lab 2 you find 2 applications:
initial: This is the application we will use as starting point for this lab
final: This application is the completed reference for this lab
other: This application is the other Microservice to be called from the ToDo Microservice with the propagated access token.
In this lab we will implement:
Calling another JWT protected Microservice by propagating the original JWT access token the ToDo application has got.
Please start this lab with project located in lab3/initial.
As you can see the call to the other Microservice (to suggest ToDo's) is already implemented in the ToDoService and there is already a corresponding api endpoint provided for this (/api/todos/suggest). What's missing is the corresponding token, so currently the ToDo Microservice would report an 401 http status if you try to call the endpoint /api/todos/suggest.
Here is the provided ToDoService with the call to the other Microservice
To enable propagating the already available access token to the other Microservice Spring please extend the bean definition of the WebClient with the servlet filter org.springframework.security.oauth2.server.resource.web.reactive.function.client.ServletBearerExchangeFilterFunction. This filter gets the existing access token from the current authentication context and adds it to the WebClient request.
So to enable the WebClient for token propagation add the filter to the already existing class com.example.todo.config.WebClientConfiguration. After changing this your final code should look like this:
No it is time to test again and check if the additional endpoint /api/suggest now is getting random suggestions from the other microservice. For this start the Microservice located in the other folder and your adapted version of the Microservice in the initial folder or just use the provided solution in the final folder.
To trigger the request please use postman (the request is already part of the provided postman collection), curl or httpie.
This is the end of this lab and of the workshop.
Please don't hesitate to provide feedback to this workshop or just send me a notice if you find error or typos.