API 게이트웨이를 통과한 요청의 JWT는 유지되며, API 게이트웨이는 요청 헤더에 기본 인증 정보를 추가합니다. FeignClient를 통해 호출되는 모든 내부 API 요청에도 Authorization, X-User-Id, X-Username 등 동일한 인증 및 사용자 식별 헤더를 전달해야 합니다.
package org.spartahub.hubservice.infrastructure.feignclient;
import feign.RequestInterceptor;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.cloud.openfeign.EnableFeignClients;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import java.util.List;
@Configuration
@EnableFeignClients("org.spartahub.hubservice")
public class FeighConfig {
private static final String HEADER_USER_ID = "X-User-Id";
private static final String HEADER_USERNAME = "X-Username";
private static final String HEADER_ROLES = "X-User-Roles";
private static final String HEADER_EMAIL = "X-User-Email";
private static final String HEADER_USER_NAME = "X-User-Name";
@Bean
public RequestInterceptor requestInterceptor() {
return tpl -> {
ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
if (attrs == null) return;
HttpServletRequest req = attrs.getRequest();
// Authorization 헤더 전파
String auth = req.getHeader("Authorization");
if (StringUtils.hasText(auth)) tpl.header("Authorization", auth);
// Gateway로부터 넘어온 사용자 정보 헤더들 전파
List<String> userHeaders = List.of(
HEADER_USER_ID, HEADER_USERNAME, HEADER_USER_NAME, HEADER_EMAIL, HEADER_ROLES
);
for (String headerName : userHeaders) {
String value = req.getHeader(headerName);
if (StringUtils.hasText(value)) {
tpl.header(headerName, value);
}
}
};
}
}