Skip to content

Commit

Permalink
Task 43 : Revise CustomBearerTokenAuthenticationFilter in product ser…
Browse files Browse the repository at this point in the history 
…vice
  • Loading branch information
@Rapter1990
Rapter1990 committed Jul 18, 2024
1 parent d993580 commit b871186
Showing 1 changed file with 26 additions and 32 deletions.
58 changes: 26 additions & 32 deletions .../springbootmicroservices/productservice/filter/CustomBearerTokenAuthenticationFilter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,10 @@
import lombok.extern.slf4j.Slf4j;
import org.apache.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;

import java.io.IOException;

Expand All @@ -38,36 +38,30 @@ protected void doFilterInternal(@NonNull final HttpServletRequest httpServletReq
if (Token.isBearerToken(authorizationHeader)) {
final String jwt = Token.getJwt(authorizationHeader);

// Use Mono.fromCallable for async processing
Mono.fromCallable(() -> {
userServiceClient.validateToken(jwt);
log.debug("Token validation succeeded for request: {}", httpServletRequest.getRequestURI());
return true;
})
.subscribeOn(Schedulers.boundedElastic())
.flatMap(valid -> {
try {
filterChain.doFilter(httpServletRequest, httpServletResponse);
} catch (IOException | ServletException e) {
throw new RuntimeException(e);
}
return Mono.empty();
})
.onErrorResume(e -> {
log.error("Token validation failed for request: {}", httpServletRequest.getRequestURI(), e);
try {
if (e instanceof FeignException.Unauthorized || e instanceof FeignException.Forbidden) {
httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
} else {
httpServletResponse.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
}
httpServletResponse.getWriter().write(e.getMessage());
} catch (IOException ex) {
log.error("Error writing response", ex);
}
return Mono.empty();
})
.block();
try {
// Validate the token synchronously
userServiceClient.validateToken(jwt);
log.debug("Token validation succeeded for request: {}", httpServletRequest.getRequestURI());

// Get the authentication object
final UsernamePasswordAuthenticationToken authentication = userServiceClient.getAuthentication(jwt);

// Set authentication to SecurityContextHolder
SecurityContextHolder.getContext().setAuthentication(authentication);

// Proceed with the filter chain
filterChain.doFilter(httpServletRequest, httpServletResponse);
} catch (FeignException e) {
log.error("Token validation failed for request: {}", httpServletRequest.getRequestURI(), e);

// Handle the error response
if (e instanceof FeignException.Unauthorized || e instanceof FeignException.Forbidden) {
httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
} else {
httpServletResponse.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
}
httpServletResponse.getWriter().write(e.getMessage());
}
} else {
log.warn("Missing or invalid Authorization header for request: {}", httpServletRequest.getRequestURI());
filterChain.doFilter(httpServletRequest, httpServletResponse);
Expand Down

0 comments on commit b871186

Please sign in to comment.