从 Spring 批次访问 API 安全的 OAuth
Accessing OAuth secured API from Spring Batch
我的公司有一个 OAuth 2 安全 API,我需要从 Spring 批处理或计划进程访问它。我可以使用以下代码从我们的 Web 应用程序访问此 API:
首先我创建了一个 WebClient bean
@Configuration
public class ScimOAuthConfiguration
{
/**
* This class creates and returns a WebClient
* that has been built to authenticate with
* SCIM using OAuth2
*
* @param clientRegistrationRepository
* @param authorizedClientRepository
* @return WebClient
*/
@Bean
WebClient scimWebClient(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository)
{
//Creates a Servlet OAuth2 Authorized Client Exchange Filter
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth =
new ServletOAuth2AuthorizedClientExchangeFilterFunction(
clientRegistrationRepository, authorizedClientRepository);
//Returns WebClient with OAuth2 filter applied to it
return WebClient.builder().apply(oauth.oauth2Configuration()).build();
}
}
下面的 userSearch() 方法只是向终点发出请求,并将结果转换为我创建的一些 类。
@Component
@Slf4j
public class UserSearchService {
private final UserUtil userUtil;
private final WebClient webClient;
public UserSearchService(UserUtil userUtil, WebClient webClient) {
this.userUtil = userUtil;
this.webClient = webClient;
}
/**
* This method will query the SCIM API and return the results.
*/
public Schema<User> userSearch(UserSearchForm form) {
if (form.getCwsId().isEmpty() && form.getLastName().isEmpty() && form.getFirstName().isEmpty() && form.getEmail().isEmpty()) {
return null;
}
//generate the request URI
String uri = userUtil.generateSearchURL(form);
//Creates a User Schema object to contain the results of the web request
Schema<User> users = null;
try {
users = this.webClient.get()
.uri(uri)
.attributes(ServletOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId("scim"))
.retrieve()
.bodyToMono(new ParameterizedTypeReference<Schema<User>>() {
})
.block();
} catch (WebClientResponseException ex) {
log.error(ex.getMessage(), ex);
}
return users;
}
}
当我在控制器或 rest 端点中调用此函数时,一切正常。示例:
@RestController
@Slf4j
public class UserSearchController {
@Autowired
UserSearchService service;
@PostMapping(value="/userSearch")
public Schema<User> userSearch(@RequestBody UserSearchForm form) {
return service.userSearch(form);
}
}
目前没有问题...
我接到了一项任务,要求我创建一个 Spring 批处理作业,每晚 运行 午夜。此批处理作业的一部分将要求我通过安全 API 收集用户信息。我更愿意将此批处理作业放入我的 Web 应用程序项目中。目标是让这个 Web 应用程序 运行 在服务器上运行,并且每天晚上午夜开始这个批处理作业,它只是发送一些自动提醒电子邮件。如果一切都独立并在一个存储库中,那就太好了。这是我尝试访问受保护 API 的批处理作业的简化示例:
@Configuration
@Slf4j
public class ReminderEmailJob {
@Autowired
JobBuilderFactory jobBuilderFactory;
@Autowired
StepBuilderFactory stepBuilderFactory;
@Autowired
UserSearchService userSearchService;
@Bean
public Job job() {
return this.jobBuilderFactory.get("basicJob")
.start(step1())
.build();
}
@Bean
public Step step1() {
return this.stepBuilderFactory.get("step1").tasklet((contribution, chunkContext) -> {
UserSearchForm form = new UserSearchForm("", "", "userNameHere", "");
Schema<User> user = userSearchService.userSearch(form);
System.out.println(user);
log.info("Hello, world!");
return RepeatStatus.FINISHED;
}).build();
}
}
这是一个 @Scheduled 方法,它会在每晚午夜 运行 这个批处理作业:
@Service
@Configuration
@EnableScheduling
@Slf4j
public class EmailScheduler {
@Autowired
ReminderEmailJob job;
@Autowired
JobLauncher jobLauncher;
@Scheduled(cron = "0 0 0 * * *")
public void runAutomatedEmailBatchJob() throws JobParametersInvalidException, JobExecutionAlreadyRunningException, JobRestartException, JobInstanceAlreadyCompleteException {
jobLauncher.run(job.job(), new JobParametersBuilder().addDate("launchDate", new Date()).toJobParameters());
}
}
当我尝试 运行 批处理作业时,出现以下错误:
2020-02-19 10:21:38,347 ERROR [scheduling-1] org.springframework.batch.core.step.AbstractStep: Encountered an error executing step step1 in job basicJob
java.lang.IllegalArgumentException: request cannot be null
at org.springframework.util.Assert.notNull(Assert.java:198)
at org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository.loadAuthorizedClient(HttpSessionOAuth2AuthorizedClientRepository.java:47)
at org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository.loadAuthorizedClient(AuthenticatedPrincipalOAuth2AuthorizedClientRepository.java:75)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.populateDefaultOAuth2AuthorizedClient(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:321)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.lambda$null(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:187)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.attributes(DefaultWebClient.java:234)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.attributes(DefaultWebClient.java:153)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.lambda$defaultRequest(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:184)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.initRequestBuilder(DefaultWebClient.java:324)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.exchange(DefaultWebClient.java:318)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.retrieve(DefaultWebClient.java:368)
at com.cat.reman.springbootvuejs.dao.service.cgds.UserSearchService.userSearch(UserSearchService.java:53)
at com.cat.reman.springbootvuejs.batch.ReminderEmailJob.lambda$step1[=17=](ReminderEmailJob.java:47)
at org.springframework.batch.core.step.tasklet.TaskletStep$ChunkTransactionCallback.doInTransaction(TaskletStep.java:407)
at org.springframework.batch.core.step.tasklet.TaskletStep$ChunkTransactionCallback.doInTransaction(TaskletStep.java:331)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140)
at org.springframework.batch.core.step.tasklet.TaskletStep.doInChunkContext(TaskletStep.java:273)
at org.springframework.batch.core.scope.context.StepContextRepeatCallback.doInIteration(StepContextRepeatCallback.java:82)
at org.springframework.batch.repeat.support.RepeatTemplate.getNextResult(RepeatTemplate.java:375)
at org.springframework.batch.repeat.support.RepeatTemplate.executeInternal(RepeatTemplate.java:215)
at org.springframework.batch.repeat.support.RepeatTemplate.iterate(RepeatTemplate.java:145)
at org.springframework.batch.core.step.tasklet.TaskletStep.doExecute(TaskletStep.java:258)
at org.springframework.batch.core.step.AbstractStep.execute(AbstractStep.java:203)
at org.springframework.batch.core.job.SimpleStepHandler.handleStep(SimpleStepHandler.java:148)
at org.springframework.batch.core.job.AbstractJob.handleStep(AbstractJob.java:399)
at org.springframework.batch.core.job.SimpleJob.doExecute(SimpleJob.java:135)
at org.springframework.batch.core.job.AbstractJob.execute(AbstractJob.java:313)
at org.springframework.batch.core.launch.support.SimpleJobLauncher.run(SimpleJobLauncher.java:144)
at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:50)
at org.springframework.batch.core.launch.support.SimpleJobLauncher.run(SimpleJobLauncher.java:137)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.batch.core.configuration.annotation.SimpleBatchConfiguration$PassthruAdvice.invoke(SimpleBatchConfiguration.java:127)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy131.run(Unknown Source)
at com.cat.reman.springbootvuejs.dao.service.emailService.EmailScheduler.jakeTest(EmailScheduler.java:162)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:514)
at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:300)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.base/java.lang.Thread.run(Thread.java:844)
这让我相信,在 Web 应用程序的上下文中,我们可以访问创建的 WebClient bean。当谈到批处理作业时,情况就不同了。我发现这两个实例将 运行 在不同的线程上,并且不会共享相同的信息或上下文。
我的问题是如何使用 Spring Batch 以类似的方式访问受保护的 API?我有可用的 OAuth 令牌客户端 ID、客户端密码等。谢谢你。
My question is how do I access a secured API in a similar fashion using Spring Batch? I have the OAuth token client id, client secret, etc. available
您可以创建一个基于 OAuth2RestTemplate to access the secured API. I found this example 的自定义 ItemReader 以供使用。只需确保以分页方式读取数据,以避免一次将所有项目加载到内存中。
也就是说,我认为没有必要 运行 在 Web 应用程序中完成这项工作。 运行 你的 EmailScheduler 作为一个独立的 spring 启动应用程序在我看来已经足够了。
我的公司有一个 OAuth 2 安全 API,我需要从 Spring 批处理或计划进程访问它。我可以使用以下代码从我们的 Web 应用程序访问此 API:
首先我创建了一个 WebClient bean
@Configuration
public class ScimOAuthConfiguration
{
/**
* This class creates and returns a WebClient
* that has been built to authenticate with
* SCIM using OAuth2
*
* @param clientRegistrationRepository
* @param authorizedClientRepository
* @return WebClient
*/
@Bean
WebClient scimWebClient(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository)
{
//Creates a Servlet OAuth2 Authorized Client Exchange Filter
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth =
new ServletOAuth2AuthorizedClientExchangeFilterFunction(
clientRegistrationRepository, authorizedClientRepository);
//Returns WebClient with OAuth2 filter applied to it
return WebClient.builder().apply(oauth.oauth2Configuration()).build();
}
}
下面的 userSearch() 方法只是向终点发出请求,并将结果转换为我创建的一些 类。
@Component
@Slf4j
public class UserSearchService {
private final UserUtil userUtil;
private final WebClient webClient;
public UserSearchService(UserUtil userUtil, WebClient webClient) {
this.userUtil = userUtil;
this.webClient = webClient;
}
/**
* This method will query the SCIM API and return the results.
*/
public Schema<User> userSearch(UserSearchForm form) {
if (form.getCwsId().isEmpty() && form.getLastName().isEmpty() && form.getFirstName().isEmpty() && form.getEmail().isEmpty()) {
return null;
}
//generate the request URI
String uri = userUtil.generateSearchURL(form);
//Creates a User Schema object to contain the results of the web request
Schema<User> users = null;
try {
users = this.webClient.get()
.uri(uri)
.attributes(ServletOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId("scim"))
.retrieve()
.bodyToMono(new ParameterizedTypeReference<Schema<User>>() {
})
.block();
} catch (WebClientResponseException ex) {
log.error(ex.getMessage(), ex);
}
return users;
}
}
当我在控制器或 rest 端点中调用此函数时,一切正常。示例:
@RestController
@Slf4j
public class UserSearchController {
@Autowired
UserSearchService service;
@PostMapping(value="/userSearch")
public Schema<User> userSearch(@RequestBody UserSearchForm form) {
return service.userSearch(form);
}
}
目前没有问题...
我接到了一项任务,要求我创建一个 Spring 批处理作业,每晚 运行 午夜。此批处理作业的一部分将要求我通过安全 API 收集用户信息。我更愿意将此批处理作业放入我的 Web 应用程序项目中。目标是让这个 Web 应用程序 运行 在服务器上运行,并且每天晚上午夜开始这个批处理作业,它只是发送一些自动提醒电子邮件。如果一切都独立并在一个存储库中,那就太好了。这是我尝试访问受保护 API 的批处理作业的简化示例:
@Configuration
@Slf4j
public class ReminderEmailJob {
@Autowired
JobBuilderFactory jobBuilderFactory;
@Autowired
StepBuilderFactory stepBuilderFactory;
@Autowired
UserSearchService userSearchService;
@Bean
public Job job() {
return this.jobBuilderFactory.get("basicJob")
.start(step1())
.build();
}
@Bean
public Step step1() {
return this.stepBuilderFactory.get("step1").tasklet((contribution, chunkContext) -> {
UserSearchForm form = new UserSearchForm("", "", "userNameHere", "");
Schema<User> user = userSearchService.userSearch(form);
System.out.println(user);
log.info("Hello, world!");
return RepeatStatus.FINISHED;
}).build();
}
}
这是一个 @Scheduled 方法,它会在每晚午夜 运行 这个批处理作业:
@Service
@Configuration
@EnableScheduling
@Slf4j
public class EmailScheduler {
@Autowired
ReminderEmailJob job;
@Autowired
JobLauncher jobLauncher;
@Scheduled(cron = "0 0 0 * * *")
public void runAutomatedEmailBatchJob() throws JobParametersInvalidException, JobExecutionAlreadyRunningException, JobRestartException, JobInstanceAlreadyCompleteException {
jobLauncher.run(job.job(), new JobParametersBuilder().addDate("launchDate", new Date()).toJobParameters());
}
}
当我尝试 运行 批处理作业时,出现以下错误:
2020-02-19 10:21:38,347 ERROR [scheduling-1] org.springframework.batch.core.step.AbstractStep: Encountered an error executing step step1 in job basicJob
java.lang.IllegalArgumentException: request cannot be null
at org.springframework.util.Assert.notNull(Assert.java:198)
at org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository.loadAuthorizedClient(HttpSessionOAuth2AuthorizedClientRepository.java:47)
at org.springframework.security.oauth2.client.web.AuthenticatedPrincipalOAuth2AuthorizedClientRepository.loadAuthorizedClient(AuthenticatedPrincipalOAuth2AuthorizedClientRepository.java:75)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.populateDefaultOAuth2AuthorizedClient(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:321)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.lambda$null(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:187)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.attributes(DefaultWebClient.java:234)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.attributes(DefaultWebClient.java:153)
at org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.lambda$defaultRequest(ServletOAuth2AuthorizedClientExchangeFilterFunction.java:184)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.initRequestBuilder(DefaultWebClient.java:324)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.exchange(DefaultWebClient.java:318)
at org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.retrieve(DefaultWebClient.java:368)
at com.cat.reman.springbootvuejs.dao.service.cgds.UserSearchService.userSearch(UserSearchService.java:53)
at com.cat.reman.springbootvuejs.batch.ReminderEmailJob.lambda$step1[=17=](ReminderEmailJob.java:47)
at org.springframework.batch.core.step.tasklet.TaskletStep$ChunkTransactionCallback.doInTransaction(TaskletStep.java:407)
at org.springframework.batch.core.step.tasklet.TaskletStep$ChunkTransactionCallback.doInTransaction(TaskletStep.java:331)
at org.springframework.transaction.support.TransactionTemplate.execute(TransactionTemplate.java:140)
at org.springframework.batch.core.step.tasklet.TaskletStep.doInChunkContext(TaskletStep.java:273)
at org.springframework.batch.core.scope.context.StepContextRepeatCallback.doInIteration(StepContextRepeatCallback.java:82)
at org.springframework.batch.repeat.support.RepeatTemplate.getNextResult(RepeatTemplate.java:375)
at org.springframework.batch.repeat.support.RepeatTemplate.executeInternal(RepeatTemplate.java:215)
at org.springframework.batch.repeat.support.RepeatTemplate.iterate(RepeatTemplate.java:145)
at org.springframework.batch.core.step.tasklet.TaskletStep.doExecute(TaskletStep.java:258)
at org.springframework.batch.core.step.AbstractStep.execute(AbstractStep.java:203)
at org.springframework.batch.core.job.SimpleStepHandler.handleStep(SimpleStepHandler.java:148)
at org.springframework.batch.core.job.AbstractJob.handleStep(AbstractJob.java:399)
at org.springframework.batch.core.job.SimpleJob.doExecute(SimpleJob.java:135)
at org.springframework.batch.core.job.AbstractJob.execute(AbstractJob.java:313)
at org.springframework.batch.core.launch.support.SimpleJobLauncher.run(SimpleJobLauncher.java:144)
at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:50)
at org.springframework.batch.core.launch.support.SimpleJobLauncher.run(SimpleJobLauncher.java:137)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.batch.core.configuration.annotation.SimpleBatchConfiguration$PassthruAdvice.invoke(SimpleBatchConfiguration.java:127)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
at com.sun.proxy.$Proxy131.run(Unknown Source)
at com.cat.reman.springbootvuejs.dao.service.emailService.EmailScheduler.jakeTest(EmailScheduler.java:162)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:514)
at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:300)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.base/java.lang.Thread.run(Thread.java:844)
这让我相信,在 Web 应用程序的上下文中,我们可以访问创建的 WebClient bean。当谈到批处理作业时,情况就不同了。我发现这两个实例将 运行 在不同的线程上,并且不会共享相同的信息或上下文。
我的问题是如何使用 Spring Batch 以类似的方式访问受保护的 API?我有可用的 OAuth 令牌客户端 ID、客户端密码等。谢谢你。
My question is how do I access a secured API in a similar fashion using Spring Batch? I have the OAuth token client id, client secret, etc. available
您可以创建一个基于 OAuth2RestTemplate to access the secured API. I found this example 的自定义 ItemReader 以供使用。只需确保以分页方式读取数据,以避免一次将所有项目加载到内存中。
也就是说,我认为没有必要 运行 在 Web 应用程序中完成这项工作。 运行 你的 EmailScheduler 作为一个独立的 spring 启动应用程序在我看来已经足够了。