This tutorial shows you how to build a reactive microservices architecture with Spring Cloud Gateway.
Thanks a lot for this great tutorial.
Suppose a scenario I have subscribed the SSE and the sudden server goes down and the client application closes the flux.
But after a couple of minutes server got revived but the client application didn’t pick up the refreshed streaming.
How can I can handle this scenario?
Does it resilient enough to understand the outage in a client-server connection manner?
You’d probably have to have some retry logic on the client to make this work. The client would need to be resilient in this case. You might be able to use RSocket instead of HTTP to accomplish this.
Thanks for the great article!
I was wondering about adding PKCE, so I forked/copied your project and added PKCE.
At the moment Spring does not support PKCE for private clients.
This piece of code add the PKCE support:
git repository: https://github.com/BijanVan/microservicedemo
Hello Bijan! I tried to click on your repos above and they don’t resolve for me. Can you try posting the links again?
Hi Matt. I have the same problem with disqus, but you can just copy/paste the links manually in a browser.
I’ve got an open PR for Spring Security to always attempt to use PKCE for Auth Code Flows
Please comment on that issue
I haven’t tried out your code, but it looks like cool workaround in the short term.
For other following along, Spring Security (as of 5.2 supports PKCE, but it’s only configured when you do NOT have a client-secret), this is great for a few use cases, but using a secret or a secret and PKCE is typically better option.
Hi Matt. What if i have three microservices and 3 client registrations in gateway. How can i prompt a single login.
If you have a single authorization server for all your microservices, you should be able to pass the access token from your gateway to your microservice clients. If you have a separate authorization servers for each, you might have to set them up to trust each other.
What do you want to read from the token?
Great article! Anyone can give me pointers on how to authenticate and get cars from a spring boot client application instead of a browser based web UI application ?
I’m not sure what you mean. In this example, the gateway is a Spring Boot client. Are you saying you want to be able to get an access token without any human interaction? A client credentials flow could help with this. See @disqus_u7ZhPHjjDC’ Secure Server-to-Server Communication with Spring Boot and OAuth 2.0 blog post to see how to do that.
Thanks ! I was indeed searching for this server-to-server authorization where another spring boot application is making api requests to the api gateway. In that case the api gateway plays the role of a resource server ( and not of an oauth client … I got confused by that). The client credentials flow was the way to go, as also mentioned here https://auth0.com/docs/api-….
Hi Matt! Loved the article.
While the Spring Cloud Gateway works perfectly for me, I’ve been stuck trying to figure out how to make the Gateway communicate with the Microservice through the WebClient.
In your example, you created the /fave-cars endpoint, how do you configure the WebClient so that it can reach the car-service?
I tried many approaches, including the usage of ServerOAuth2AuthorizedClientExchangeFilterFunction, and even setting in the headers the bearer token myself. It seems like I always get a 302 response instead of the actual json data that I’m looking for.
Do you have any suggestions?
In this example, I used Spring Cloud Gateway to proxy the requests and apply the
TokenRelayGatewayFilterFactory. Is there something preventing you from using this technique? I’m sure it’s possible to do something similar
WebClient, but I haven’t tried myself. This Q & A on Stack Overflow might help.
Hi Matt, thanks for the quick reply!
Problem is, in my specific case I would have to aggregate the results of 2 microservices, so I’m not sure if it is possible to use the Spring Cloud Gateway in that manner? That’s why I was trying to use the WebClient.
Oh by the way that is me posting that Stack Overflow question you just linked!
Thanks Matt. This cleared up my confusion between Eureka and API Gateway. Will this setup work also for non-reactive services? or do I need to setup a different gateway for those. What if I have a mix of reactive and non-reactive microservices?
Yes. Spring Cloud Gateway should work for both reactive and non-reactive services. What won’t work is using Spring Cloud’s Zuul support with reactive services. Zuul 1.x is blocking. Zuul 2.x is non-blocking, but Spring Cloud doesn’t provide support for it.
Awesome! Wow thanks for the quick response. I will follow this tutorial instead. I saw your other version of this tutorial (https://developer.okta.com/… and wasn’t sure which one should I follow.