Auth SpringBoot User Guide
This document lists out the instructions on how to use the AuthAdapter in a Spring Boot application.
- Step 1: Inject required libraries
- Step 2: Attach annotations to authorize endpoints
- Step 3: Use restTemplate for Http calls
Inject required libraries
- Add the AuthAdapter module to your project as a maven dependency
<dependency> <groupId>io.mosip.kernel</groupId> <artifactId>kernel-auth-adapter</artifactId> <version>Kernel Parent Version</version> </dependency>
- Add ComponentScan annotation as shown below to your project. This is to create auth adapter bean.
@SpringBootApplication @ComponentScan(basePackages = "io.mosip.*")
Attach annotations to authorize endpoints
To restrict access to your endpoints, you need to add the @PreAuthorize annotation. Look at the below example for reference.
@PreAuthorize("hasAnyRole('DIVISION_ADMIN', 'SUPERVISOR', 'AGENT')") @RequestMapping(value = "/api/reference", method = RequestMethod.GET)
There are few more methods available apart from hasAnyRole like hasRole. Look in to the @PreAuthorize documentation for more details.
Note: Now we support ony hasRole and hasAnyRole methods.
Use restTemplate for Http calls
To make any kind of HTTP or HTTPS calls to a mosip's micro service that also injected the AuthAdapter, use the standard RestTemplate capabilities as shown below.
- Intially autowire the RestTemplate in the class where you are going to make an API call.
@Autowired private RestTemplate restTemplate;
- Now make the call using the autowired restTemplate as shown in the sample below:
final String uri = "http://localhost:3001/api/location"; LocationDao response = restTemplate.getForObject(uri, LocationDao.class);
Note: Do not create a new instance of the RestTemplate instead use the autowired one.