Распространение информации о пользователях OIDC

Question

У меня есть микросервисная архитектура, обе они защищены Spring Security и токенами JWT. Я использую Okta в качестве поставщика услуг аутентификации. Когда я передаю токен в качестве заголовка, я всегда получаю несанкционированный доступ. По отдельности я могу использовать оба API.

Зарегистрированный веб-клиент, как указано ниже и с использованием

@Bean
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations,
                                 ServerOAuth2AuthorizedClientRepository authorizedClients) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =
            new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients);

    oauth.setDefaultOAuth2AuthorizedClient(true);
    return WebClient.builder()
            .filter(oauth)
            .build();
}

// Вызов API из класса

        List block = webClient.get().uri("URL String")
            .retrieve()
            .bodyToMono(List.class)
            .block();

// Сообщение об ошибке org.springframework.web.reactive.function.client.WebClientResponseException $ Несанкционированный: 401 Несанкционированный at org.springframework.web.reactive.function.client.WebClientResponseException.create (WebClientResponseException.java:176) ~ [spring-webflux-5.1.5.RELEASE.jar: 5.1.5.RELEASE] в org.springframework.web.reactive.function.client.DefaultWebClient $ DefaultResponseSpec.lambda $ createResponseException $ 13 (DefaultWebClient.java:495) ~ [spring-webflux-5.1.5.RELEASE.jar: 5.1.5.RELEASE] at processor.core.publisher.FluxMapFuseable $ MapFuseableSubscriber.onNext (FluxMapFuseable.java:107) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onNext (FluxOnAssembly.java:353) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.Operators $ MonoSubscriber.complete (Operators.java:1505) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxDefaultIfEmpty $ DefaultIfEmptySubscriber.onComplete (FluxDefaultIfEmpty.java:100) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxMapFuseable $ MapFuseableSubscriber.onComplete (FluxMapFuseable.java:144) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxContextStart $ ContextStartSubscriber.onComplete (FluxContextStart.java:122) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxMapFuseable $ MapFuseableConditionalSubscriber.onComplete (FluxMapFuseable.java:336) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxFilterFuseable $ FilterFuseableConditionalSubscriber.onComplete (FluxFilterFuseable.java:385) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.Operators $ MonoSubscriber.complete (Operators.java:1508) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.MonoCollectList $ MonoBufferAllSubscriber.onComplete (MonoCollectList.java:118) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxMapFuseable $ MapFuseableSubscriber.onComplete (FluxMapFuseable.java:144) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxPeekFuseable $ PeekFuseableSubscriber.onComplete (FluxPeekFuseable.java:271) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] at processor.core.publisher.FluxPeek $ PeekSubscriber.onComplete (FluxPeek.java:252) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE]at реактор.core.publisher.FluxOnAssembly $ OnAssemblySubscriber.onComplete (FluxOnAssembly.java:363) ~ [реактор-core-3.2.6.RELEASE.jar: 3.2.6.RELEASE] в реактор.core.publisher.FluxMap $ MapSubcribs.onComplete (FluxMap.java:136) ~ [реактор-ядро-3.2.6.RELEASE.jar: 3.2.6.RELEASE] в реакторе.netty.channel.FluxReceive.terminateReceiver (FluxReceive.java:372) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в реакторе.netty.channel.FluxReceive.drainReceiver (FluxReceive.java:196) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в реакторе.netty.channel.FluxReceive.onInboundComplete (FluxReceive.java:337) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в реакторе.netty.channel.ChannelOperations.onInboundComplete (ChannelOperations.java:334) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в реакторе.netty.channel.ChannelOperations.terminate (ChannelOperations.java:381) ~ [реактор-нетто-0,8.5.RELEASE.jar: 0.8.5.RELEASE] at processor.netty.http.client.HttpClientOperations.onInboundNext (HttpClientOperations.java: 522) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в реакторе.netty.channel.ChannelOperationsHandler.channelRead (ChannelOperationsHandler.java:141) ~ [реактор-нетто-0.8.5.RELEASE.jar: 0.8.5.RELEASE] в io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:362) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.340) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.handler.codec.MessageToMessageDecoder.channelRead (MessageToMessageDecoder.java:102) ~ [netty-codec-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:362) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:348) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.AbstractChannelHandlerContext.fireChannelRead (AbstractChannelHandava3Contain)-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.CombinedChannelDuplexHandler $ DelegatingChannelHandlerContext.fireChannelRead (CombinedChannelDuplexHandler.java:438) ~ [netty-transport-4.1.33.Final.jar:4.1.33.Final] на io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead (ByteToMessageDecoder.java:323) ~ [netty-codec-4.1.33.Final.jar: 4.1.33.Final] на io.netty.handler.codec.ByteToMessageDecoder.channelRead (ByteToMessageDecoder.java:297) ~ [netty-codec-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.CombinedChannelDuplexHandler.channelRead (CombinedChanler25Hane) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] на io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:362) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] на io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:348) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] на io.netty.channel.AbstractChannelHandlerContext.fireChannelRead (AbstractChannelHandlerContext.java:340) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] на io.netty.channel.DefaultChannelPipeline$ HeadContext.channelRead (DefaultChannelPipeline.java:1408) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:362)netty-transport-4.1.33.Final.jar: 4.1.33.Final] на io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead (AbstractChannelHandlerContext.java:348) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final]в io.netty.channel.DefaultChannelPipeline.fireChannelRead (DefaultChannelPipeline.java:930) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.nio.AbstractNioByteChannel $ NioByteUnsafe.read (AbstractNioByteChannel.java:163) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.nio.NioEventLoop.processSelectedKey (NioEventLoop.java:677) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized (NioEventLoop.java:612) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.nio.NioEventLoop.processSelectedKeys (NioEventLoop.java:529) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.channel.nio.NioEventLoop.run (NioEventLoop.java:491) ~ [netty-transport-4.1.33.Final.jar: 4.1.33.Final] в io.netty.util.concurrent.SingleThreadEventExecutor $ 5.run (SingleThreadEventExecutor.java:905) ~ [netty-common-4.1.33.Final.jar: 4.1.33.Final] at java.lang.Thread.run (Thread.java:745) ~ [na: 1.8.0_73] Подавлено: processor.core.publisher.FluxOnAssembly $ OnAssemblyException: Трассировка сборки от производителя [реактор. reactor.core.publisher.Mono.flatMap (Mono.java:2490) org.springframework.web.reactive.function.client.DefaultWebClient $ DefaultResponseSpec.lambda $ Null $ 1 (DefaultWebClient.java:430) Произошла ошибка следующих операторов: | _ Mono.flatMap⇢ org.springframework.web.reactive.function.client.DefaultWebClient $ DefaultResponseSpec.lambda $ null $ 1 (DefaultWebClient.java:430) | _ Mono.flatMap⇢ org.springframework.web.reactive.function.client.DefaultWebClient $ DefaultResponseSpec.bodyToMono (DefaultWebClient.java:429) | _ Mono.flatMap ⇢ org.springframework.web.reactive.result.method.InvocableHandlerMethod.invoke (InvocableHandlerMethod.java:135) | _ Mono.defer ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handle (RequestMappingHandlerAdapter.java:199) | _ Mono.then ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handle (RequestMappingHandlerAdapter.java:199) | _ Mono.doOnNext ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handle (RequestMappingHandlerAdapter.java:200) | _ Mono.doOnNext ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handle (RequestMappingHandlerAdapter.java:201) | _ Mono.error ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handleException (RequestMappingHandlerAdapter.java:234) | _ Mono.onErrorResume ⇢ org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerAdapter.handle (RequestMappingHandlerAdapter.java:202) | _ Mono.flatMap ⇢ org.springframework.web.reactive.DispatcherHandler.handle (DispatcherHandler.java:151) | _ Mono.flatMap ⇢ org.springframework.web.reactive.DispatcherHandler.handle (DispatcherHandler.java:152) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.flatMap® org.springframework.boot.actuate.web.trace.reactive.HttpTraceWebFilter.filter (HttpTraceWebFilter.java:78) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.switchIfEmpty⇢ org.springframework.security.web.server.authorization.AuthorizationWebFilter.filter (AuthorizationWebFilter.java:46) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ MonoNext $ NextSubscriber.onNext ⇢ io.lettuce.core.RedisPublisher $ ImmediateSubscriber.onNext (RedisPublisher.java:900) | _ Mono.onErrorResume ⇢ org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter.filter (ExceptionTranslationWebFilter.java:43) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then ⇢ org.springframework.security.web.server.authentication.logout.LogoutWebFilter.filter (LogoutWebFilter.java:56) | _ Mono.switchIfEmpty ⇢ org.springframework.security.web.server.authentication.logout.LogoutWebFilter.filter (LogoutWebFilter.java:56) | _ Mono.map ⇢ org.springframework.security.web.server.authentication.logout.LogoutWebFilter.filter (LogoutWebFilter.java:57) | _ Mono.flatMap⇢ org.springframework.security.web.server.authentication.logout.LogoutWebFilter.filter (LogoutWebFilter.java:58) | _ Mono.flatMap⇢ org.springframework.security.web.server.authentication.logout.LogoutWebFilter.filter (LogoutWebFilter.java:59) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.flatMap⇢ org.springframework.security.web.server.savedrequest.ServerRequestCacheWebFilter.filter (ServerRequestCacheWebFilter.java:39) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then ⇢ org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter.filter (LogoutPageGeneratingWebFilter.java:49) | _ Mono.switchIfEmpty⇢ org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter.filter (LogoutPageGeneratingWebFilter.java:49) | _ Mono.flatMap® org.springframework.security.web.server.ui.LogoutPageGeneratingWebFilter.filter (LogoutPageGeneratingWebFilter.java:50) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then ⇢ org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter.filter (LoginPageGeneratingWebFilter.java:69) | _ Mono.switchIfEmpty® org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter.filter (LoginPageGeneratingWebFilter.java:69) | _ Mono.flatMap ⇢ org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter.filter (LoginPageGeneratingWebFilter.java:70) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then ⇢ org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:91) | _ Mono.switchIfEmpty⇢ org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:91) | _ Mono.flatMap® org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:92) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then ⇢ org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:91) | _ Mono.switchIfEmpty⇢ org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:91) | _ Mono.flatMap® org.springframework.security.web.server.authentication.AuthenticationWebFilter.filter (AuthenticationWebFilter.java:92) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.then | _ Mono.switchIfEmpty ⇢ org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter.filter (OAuth2AuthorizationRequestRedirectWebFilter.java:104) | _ MonoNext $ NextSubscriber.onNextonErrorResume ⇢ org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter.filter (OAuth2AuthorizationRequestRedirectWebFilter.java:105) | _ Mono.flatMapOAuth2AuthorizationRequestRedirectWebFilter.java:106) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.deferf.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.security.web.server.csrf.CsrfWebFilter.continueFilterChain (CsrfWebFilter.java:115) | _ Mono.then ⇢ org.ingframework.security.web.server.csrf.CsrfWebFilter.filter (CsrfWebFilter.java:94) | _ Mono.switchIfEmpty ⇢ org.springframework.security.web.server.csrf.CsrfWebFilter.WaF_94: CIFMonoNext $ NextSubscriber.onNext ⇢ io.lettuce.core.RedisPublisher $ ImmediateSubscriber.onNext (RedisPublisher.java:900) | _ Mono.onErrorResume ⇢ org.springframework.security.werf.Ff.FerF.F95) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterC DefaultJava: 119) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefhainFilterDefaultWebFilterChain.java:119) | _ Mono.flatMap ⇢ org.springframework.security.web.server.WebFilterChainProxy.filter (WebFilterChainProxy.java:58) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119) | _ Mono.defer ⇢ org.springframework.web.serhaW.filter (DefaultWebFilterChain.java:119) | _ Mono.doOnSuccess ⇢ org.springframework.boot.actuate.metrics.web.reactive.server.MetricsWebFilter.filter (MetricsWebFilter.java:84) | _ Mono.doOngboot.actuate.metrics.web.reactive.server.MetricsWebFilter.filter (MetricsWebFilter.java:84) | _ Mono.compose ⇢ org.springframework.boot.actuate.metrics.web.reactive.server.MetricsWebFilter.filter (MetricsWebFJava: 76) | _ Mono.defer ⇢ org.springframework.web.server.handler.DefaultWebFilterChain.filter (DefaultWebFilterChain.java:119)

Suppressed: java.lang.Exception: #block terminated with an error
    at reactor.core.publisher.BlockingSingleSubscriber.blockingGet(BlockingSingleSubscriber.java:93) ~[reactor-core-3.2.6.RELEASE.jar:3.2.6.RELEASE]
    at reactor.core.publisher.Mono.block(Mono.java:1494) ~[reactor-core-3.2.6.RELEASE.jar:3.2.6.RELEASE]