0

I have rest template config to use restTemplate for calling 3rd Party Service API. That 3rd Party Service API needs only Basic Auth from security. So in general it looks like this

My local uri i.e. localhost:8082/api/caller -> restTemplate.getForEntity(exact 3rd party service API URL). The issue is that on restTemplate.getForEntity step, my headers are empty, but it's not a problem, I can set it using interceptor, like this

@Configuration
public class RestTemplateConfig {

    @NonNull
    public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException {
        HttpHeaders headers = request.getHeaders();
        headers.setContentType(MediaType.APPLICATION_JSON);
        headers.set("Authorization", "Basic c3VHaWxzNFlBaExZNEg6NWtwQTJuV1AAAA3YXVOd1FWWXVkTEdNjoRrQks0MUVjY1hNa3VRYUdSdE1VMDdyWUtpclNycDIzcGtASktuRQ==");
        return execution.execute(request, body);
    }

    @Bean
    public RestTemplate restTemplate() {
        final RestTemplate restTemplate = new RestTemplate();
        final MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
        converter.setObjectMapper(new ObjectMapper());
        restTemplate.getMessageConverters().add(converter);
        restTemplate.getInterceptors().add(this::intercept);
        return restTemplate;
    }
}

As you see, I've hardcoded value Authorization, but I need to have to get it retrieved automatically for every request. How to make it available for restTemplate too?

Celestine Babayaro
  • 361
  • 3
  • 17
  • See the [second answer](https://stackoverflow.com/a/44370474/5221149) of the duplicate, i.e. use `restTemplateBuilder.basicAuthentication("user", "password")` – Andreas Feb 12 '21 at 12:01
  • Well, that is not what I need. Here restTemplateBuilder.basicAuthentication("user", "password") has hardcoded username, password i.e. "user", "password". – Celestine Babayaro Feb 12 '21 at 18:06
  • I'm actually confused about what your problem is. *"How to make it available for restTemplate too?"* Isn't that what the Interceptor is doing? Making the `Authorization` header available for any request generated by the `RestTemplate`? – Andreas Feb 12 '21 at 19:27
  • @Andreas where is the value you want to send in the Authorization header? You need to propagate the same Authorization header you receive in your API to the 3rd Party Service API? – Santiago Medina Feb 13 '21 at 05:17
  • @SantiagoMedina Why are you asking me? I'm not the questioner. – Andreas Feb 13 '21 at 15:21
  • Sorry I took the wrong username when mentioning. – Santiago Medina Feb 13 '21 at 15:35
  • Hello @SantiagoMedina. Yes, I want to send the Authorization header from request with restTemplate to 3rdParty API – Celestine Babayaro Feb 15 '21 at 10:14
  • 1
    @MichaelKors if you are using Spring Security for your own authentication, you should be able to obtain the current headers from spring security context (Securitycontextholder.getcontext().getauthentication()). Otherwise, you can benefit of the whole process being executed in the same thread: implement a Filter to get the header and save in a ThreadLocal field of a helper class. Then in your RestTemplate interceptor get the header for that thread from the ThreadLocal. Don't forget to clean the ThreadLocal entry at the end of your filter (to avoid problems with thread re-use). – Santiago Medina Feb 15 '21 at 14:22

0 Answers0