Build and Test Reactive Microservices with Spring Cloud Gateway
This tutorial shows you how to build a reactive microservices architecture with Spring Cloud Gateway.
Alfredo Osorio
Thanks a lot for this great tutorial.
Rahul
Suppose a scenario I have subscribed the SSE and the sudden server goes down and the client application closes the flux.
But after a couple of minutes server got revived but the client application didn’t pick up the refreshed streaming.
How can I can handle this scenario?
Does it resilient enough to understand the outage in a client-server connection manner?
Matt Raible
You’d probably have to have some retry logic on the client to make this work. The client would need to be resilient in this case. You might be able to use RSocket instead of HTTP to accomplish this.
Bijan
Thanks for the great article!
I was wondering about adding PKCE, so I forked/copied your project and added PKCE.
At the moment Spring does not support PKCE for private clients.
This piece of code add the PKCE support:
https://github.com/BijanVan/microservicedemo/blob/master/api-gateway/src/main/java/com/example/apigateway/SecurityConfiguration.java#L35
git repository: https://github.com/BijanVan/microservicedemo
Matt Raible
Hello Bijan! I tried to click on your repos above and they don’t resolve for me. Can you try posting the links again?
Bijan
Hi Matt. I have the same problem with disqus, but you can just copy/paste the links manually in a browser.
Brian Demers
Cool Bijan!
I’ve got an open PR for Spring Security to always attempt to use PKCE for Auth Code Flows
https://github.com/spring-p…
Please comment on that issue 
I haven’t tried out your code, but it looks like cool workaround in the short term.
For other following along, Spring Security (as of 5.2 supports PKCE, but it’s only configured when you do NOT have a client-secret), this is great for a few use cases, but using a secret or a secret and PKCE is typically better option.
Thanks Bijan!
Karthik Bashyam
Hi Matt. What if i have three microservices and 3 client registrations in gateway. How can i prompt a single login.
Matt Raible
If you have a single authorization server for all your microservices, you should be able to pass the access token from your gateway to your microservice clients. If you have a separate authorization servers for each, you might have to set them up to trust each other.
Matt Raible
What do you want to read from the token?
Wim Roelens
Great article! Anyone can give me pointers on how to authenticate and get cars from a spring boot client application instead of a browser based web UI application ?
Matt Raible
I’m not sure what you mean. In this example, the gateway is a Spring Boot client. Are you saying you want to be able to get an access token without any human interaction? A client credentials flow could help with this. See @disqus_u7ZhPHjjDC’ Secure Server-to-Server Communication with Spring Boot and OAuth 2.0 blog post to see how to do that.
Wim Roelens
Thanks ! I was indeed searching for this server-to-server authorization where another spring boot application is making api requests to the api gateway. In that case the api gateway plays the role of a resource server ( and not of an oauth client … I got confused by that). The client credentials flow was the way to go, as also mentioned here https://auth0.com/docs/api-….
Andrea Damiani
Hi Matt! Loved the article.
While the Spring Cloud Gateway works perfectly for me, I’ve been stuck trying to figure out how to make the Gateway communicate with the Microservice through the WebClient.
In your example, you created the /fave-cars endpoint, how do you configure the WebClient so that it can reach the car-service?
I tried many approaches, including the usage of ServerOAuth2AuthorizedClientExchangeFilterFunction, and even setting in the headers the bearer token myself. It seems like I always get a 302 response instead of the actual json data that I’m looking for.
Do you have any suggestions?
Matt Raible
Hello Andrea,
In this example, I used Spring Cloud Gateway to proxy the requests and apply the TokenRelayGatewayFilterFactory. Is there something preventing you from using this technique? I’m sure it’s possible to do something similar WebClient, but I haven’t tried myself. This Q & A on Stack Overflow might help.
Andrea Damiani
Hi Matt, thanks for the quick reply!
Problem is, in my specific case I would have to aggregate the results of 2 microservices, so I’m not sure if it is possible to use the Spring Cloud Gateway in that manner? That’s why I was trying to use the WebClient.
Oh by the way that is me posting that Stack Overflow question you just linked! 
wiselythechosen1
Thanks Matt. This cleared up my confusion between Eureka and API Gateway. Will this setup work also for non-reactive services? or do I need to setup a different gateway for those. What if I have a mix of reactive and non-reactive microservices?
Matt Raible
Yes. Spring Cloud Gateway should work for both reactive and non-reactive services. What won’t work is using Spring Cloud’s Zuul support with reactive services. Zuul 1.x is blocking. Zuul 2.x is non-blocking, but Spring Cloud doesn’t provide support for it.
wiselythechosen1
Awesome! Wow thanks for the quick response. I will follow this tutorial instead. I saw your other version of this tutorial (https://developer.okta.com/… and wasn’t sure which one should I follow.