How to configure “Zuul Gateway” call the “Auth server” for token validation

0
votes

I'm using "Zuul" as an api gateway for my spring boot based api microservices. I have also implemented a standalone "Auth Server" for JWT token creation and validation.

What I'm trying to achieve is "Zuul" calling the "Auth Server" for token validation before allowing the requests to go to any service.

So basic flow will be like on below

  1. Zuul will be serving as only Gateway purposes
  2. When it comes to JWT validation "Zuul" will ask to "Auth Server" if token is valid or not
  3. If it is valid then "Downstream Routing" will be proceeded by Zuul. If not than request will be rejected as usual

Due to speed, latency concerns I'm looking for a smart way of doing this. There is bunch of examples based on "Zuul Pre Filtering before Downstream Microservice routing". And it is hard to figure out which one is the better approach for my case. Apart from custom approaches is there any standart way of doing this?

Below is the best example I have found so far. Due to my lack of experience, I really don't know if this architecture is a good option to continue.

https://github.com/spring-cloud/spring-cloud-netflix/issues/1392#issuecomment-253267241

1
spring-bootjwtnetflix-zuulapi-gateway

1 Answers

0
votes

The thing is to know how to setup Authorisation server, for that start with this https://www.baeldung.com/spring-security-zuul-oauth-jwt.

https://docs.spring.io/spring-security-oauth2-boot/docs/current/reference/html/boot-features-security-oauth2-authorization-server.html

After you setup it correctly, configuration in zuul is not that complicated, in aplication.yaml you should set it like:

security:
  oauth2:
    client:
      clientId: your_clientId
      clientSecret: your_clientSecret
      accessTokenUri: your_accessTokenUri
      userAuthorizationUri: your_userAuthorizationUri
    resource:
      userInfoUri: your_userInfoUri
      preferTokenInfo: true/false