Login/Register
Is it possible to use Oauth2 authentication with the new RestClient?
Asked Answered
spring-bootspring-restcontrollerspring-authorization-server
S

2

7

With WebClient I use this code to make web client work with a Spring Resource Server endpoint.

Is it possible to make this code work with the new RestClient?

@Bean
UserClient userClient(OAuth2AuthorizedClientManager authorizedClientManager) {
        ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2 = 
                new ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
oauth2.setDefaultOAuth2AuthorizedClient(true);
        
WebClient webClient = WebClient.builder()
    .baseUrl("http://127.0.0.1:8091")
    .apply(oauth2.oauth2Configuration())
    .build();       
WebClientAdapter adapter = WebClientAdapter.create(webClient);
HttpServiceProxyFactory factory = HttpServiceProxyFactory.builderFor(adapter).build();
UserClient userClient = factory.createClient(UserClient.class);
return userClient;
}

@Bean
OAuth2AuthorizedClientManager authorizedClientManager(
      ClientRegistrationRepository clientRegistrationRepository,
      OAuth2AuthorizedClientRepository authorizedClientRepository) {

OAuth2AuthorizedClientProvider authorizedClientProvider =
      OAuth2AuthorizedClientProviderBuilder.builder()
        .clientCredentials()
        .authorizationCode()
        .refreshToken()
        .build();

DefaultOAuth2AuthorizedClientManager authorizedClientManager =
     new DefaultOAuth2AuthorizedClientManager(
       clientRegistrationRepository, authorizedClientRepository);

authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

return authorizedClientManager;
}

Is there a solution possible like the code below?

RestClient restClient = RestClient.builder()
    .baseUrl("http://127.0.0.1:8091")
    .apply( ??????? )
    .build();
Substratum answered 28/11, 2023 at 9:4 Comment(0)
L
4

There is not built-in support for RestClient in Spring Security yet. Please see #13588 to follow progress on this issue.

Lethalethal answered 29/11, 2023 at 18:50 Comment(0)
C
1

In your class you could do try something like this, since I was not sure which REST-Method you wanted to use I wrote it with .method but you could also just use .get or what ever method you want to use.

If you are not sure beforehand which REST-call to make, don't want to return anything and also don't want any ErrorHandling:

RestClient restClient = RestClient.create("http://127.0.0.1:8091");

void yourFunction() {
    restClient.method(theMethodYouWantToUse)
    .headers(httpHeaders -> {
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.setBearerAuth(yourBearerToken);
    })
    .body(body)
    .retrieve()
    .toBodilessEntity();
}

If you are not sure beforehand which REST-call to make, don't want to return anything but want to have ErrorHandling:

    RestClient restClient = RestClient.create("http://127.0.0.1:8091");

void yourFunction() {
    restClient.method(theMethodYouWantToUse)
    .headers(httpHeaders -> {
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.setBearerAuth(yourBearerToken);
    })
    .body(body)
    .retrieve()
    .onStatus(HttpStatusCode::is4xxClientError, ((request, response) -> {
                throw new yourException("something something" + response.getStatusCode() + ...);
    }))
    .onStatus(HttpStatusCode::is5xxServerError, ((request, response) -> {
                throw new yourException("something something" + response.getStatusCode() + ...);
    }))
    .toBodilessEntity();
}

If you are not sure beforehand which REST-call to make, but want to return something with ErrorHandling:

        RestClient restClient = RestClient.create("http://127.0.0.1:8091");

yourResponseType yourFunction() {
    ResponseEntity<yourResponseType> restClientResponse = restClient.method(theMethodYouWantToUse)
    .headers(httpHeaders -> {
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.setBearerAuth(yourBearerToken);
    })
    .body(body)
    .retrieve()
    .onStatus(HttpStatusCode::is4xxClientError, ((request, response) -> {
                throw new yourException("something something" + response.getStatusCode() + ...);
    }))
    .onStatus(HttpStatusCode::is5xxServerError, ((request, response) -> {
                throw new yourException("something something" + response.getStatusCode() + ...);
    }))
    .toEntity(Returntype.Class);
}
Chari answered 13/6, 2024 at 6:53 Comment(0)

© 2022 - 2025 — McMap. All rights reserved.