I am trying to develop a web application as per below micro-service architecture with Spring Cloud, Spring Boot, OAuth2 Spring Security:
Github repo: https://github.com/vedrm/ms_arch-spring_cloud_gateway-springboot_services-oauth2
Here, I am able to establish Browser client (desktop) to Gateway (using TokenRelayGatewayFilterFactory for oauth2) to project API service flow (authorization code flow in OAuth2 terms) and get the json response.
Similarly for UI service (a thymeleaf app), I am able to get html response for the API requests but not for the static resource requests which are triggered after loading of former returned html in browser. Though, sometimes only one or two static resources (png/js) load. Below are the points:
In Gateway, I have configured a route to check "/**" path and forward to UI service url.
Oauth2 flow is getting triggered for each static resource request, which ultimately ends up in "/" or "/login?error" request but results in cancelled status. First, how to solve this? Second, is there a way to suppress oauth2 flow for these static resources here (in Gateway)? (similar to the way we ignore security for the static resources by customizing
WebSecurityby overridingWebSecurityConfigurerAdapterin a regular thymeleaf app??)Is this a valid approach - keeping UI service behind a Gateway like this? Also, considering this would later be replaced by a React App.
Another challenge I am facing is to call Project service from Front-end via Gateway using client credentials flow. I have kept the code tried out so far, commented in the repo. The Front-end app always failed to start with below message:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'navController': Unsatisfied dependency expressed through field 'webClient'; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'webClient' defined in class path resource [com/sample/portal/config/WebClientConfig.class]: Unsatisfied dependency expressed through method 'webClient' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'authorizedClientManager' defined in class path resource [com/sample/portal/config/WebClientConfig.class]: Unsatisfied dependency expressed through method 'authorizedClientManager' parameter 0; nested exception is org.springframework.beans.factory.NoSuchBeanDefinitionException: No qualifying bean of type 'org.springframework.security.oauth2.client.registration.ClientRegistrationRepository' available: expected at least 1 bean which qualifies as autowire candidate.
I have not been able to resolve this by going through various articles/posts over SO/web yet and requiring help here. Also, is client credentials a right choice for this flow or should be something else?