我正在开发一系列服务,我正在考虑使用Spring Cloud Zuul作为API网关来实施过滤,路由, balancer ,身份验证和授权 .
对于授权,我们将使用OAuth 2.0,使用GitHub作为OAuth资源服务器 . Zuul将负责验证OAuth访问令牌 .
我们做了一些研究,我发现了更多关于直接在Spring Boot REST Service中执行此任务的文档 .
对于我们的项目,我们试图做这样的事情 .
Spring Boot启动:
package com.microservice.demo.api.gateway;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@EnableOAuth2Sso
@EnableZuulProxy
@EnableDiscoveryClient
@SpringBootApplication
@EnableSwagger2
public class ApiGatewayApplication {
public static void main(String[] args) {
SpringApplication.run(ApiGatewayApplication.class, args);
}
}
Spring Boot application.yaml:
# Spring Application Configurations
spring:
application:
name: api-gateway
# OAuth
oauth2:
client:
clientId: 218a201e423999fa61af
clientSecret: 59039da2197d8c7fb617bb9d5cb495d864f2a376
accessTokenUri: https://github.com/login/oauth/access_token
userAuthorizationUri: https://github.com/login/oauth/authorize
clientAuthenticationScheme: form
resource:
userInfoUri: https://api.github.com/user
preferTokenInfo: false
# Server Configurations
server:
port: 8075
# Zuul Properties Configuration
zuul:
#Service will be mapped under the /api URI
prefix: /api
# Uncomment to disable auto-registering all services read from Eureka
# ignoredServices: '*'
routes:
prospect-service:
path: /prospect/**
serviceId: prospect-service-v1
# Eureka Client Configurations
eureka:
client:
serviceUrl:
defaultZone: http://localhost:9761/eureka/
# Security
security:
user:
name: admin
password: admin
当我试图要求我总是被禁止时 . 我在这里错过了什么吗?
整个项目在github .