我使用traefik auth forward来做一些授权,这是中间件配置的样子:
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: jwt-token-auth
namespace: reddwarf-pro
spec:
forwardAuth:
address: >-
http://dolphin-post-service.reddwarf-pro.svc.cluster.local:11014/post/auth/access_token/verify
一切正常,但现在我发现auth forward没有转发查询参数,因为当我连接WebSocket时,我把token放在查询参数中。sse连接也是如此(sse https://developer.mozilla.org/en-US/docs/Web/API/Server-sent_events/Using_server-sent_events不支持自定义头来放置访问令牌)。但我无法从验证函数中的参数获取访问令牌。这就是我如何定义验证函数:
@GetMapping("/access_token/verify")
ResponseEntity verifyAccessToken(@RequestParam(value = "access_token",required = false) String accessToken, @RequestHeader(value = "Authorization",required = false) String authorizationHeader);
我应该怎么做才能让traefik auth转发来传递访问令牌?有什么建议吗?这是我在url中传递访问令牌的方式:
curl https://tex.demo.top/tex/project/compile/log/stream\?project_id\=287ea73d1c78463298e9e5b267cab87f\&file_name\=main.tex\&version_no\=c880ee90933b46d19b16bef9f7736658\&qid\=350\&access_token\=eyJhbGciOiJIUzUxMiJ9.eyJ1c2VySWQiOjEwMywiZGV2aWNlSWQiOiiuwIyOTQ1ZGUwN2NkM2I1N2FkNmNkNTk4YjdhZTFjZTlmdoMCIsImFwcElkIjoibjI5UGEyOVdTMSIsImx0IjoxLCJldCI6MCwicGlkIjoxMywiZXhwIjoxNjk1Mzc2Mzkyf.WA8_XuKDd9927_j8bgjKNem7Z0WuS323DTz0DPlX_TurkZm4m7CKaerFAfN8jyM5t86MMHdtXp9N8P4ChmpQ
1条答案
按热度按时间6pp0gazn1#
第一步在traefik(2.10.x)中间件中启用trustForwardHeader:
然后像这样获取服务器端的uri验证方法(Java Sping Boot ):