SpringCloud consul microservice (problem registering to hostname) - the pit encountered in SpringSecurityOAuth2 authorization_code mode

At present, when the project uses consul for service registration and discovery, and does the authorization_code mode of Spring Security OAuth2 authorization authentication, it finds an abnormal problem.

This is the starting service registration code block bootstrap.yml:

spring:
  cloud:
    consul:
      port: 8500
      host: localhost
      discovery:
        serviceName: auth
        locator:
          lower-case-service-id: true
          enabled: true
        register: true

This is the health check after registration

He will register your host address. There may be no problem in normal use, but when the authorization_code mode of OAuth2 is used for authentication, there will be cross-domain exceptions as follows:

Here is the request path:

http://localhost:8001/auth/oauth/authorize?response_type=code&client_id=client_name&redirect_uri=http://localhost:8001/auth/callback&scope=auth

Jump to the default login interface after visiting:

Looking closely, the url location access address has become the previously registered host name, and as a result, click the login interface and the following image will appear:

No permission returns 401. The problem is that jumping back to the hostname causes cross-domain issues.

The solution to this problem is to modify the starting bootstrap.yml file:

spring:
  cloud:
    consul:
      port: 8500
      host: localhost
      discovery:
        serviceName: auth
        locator:
          lower-case-service-id: true
          enabled: true
        register: true
        prefer-ip-address: true #这个必须配
        tags: version=1.0
        instance-id: ${spring.application.name}:${spring.cloud.client.ip-address}
        healthCheckInterval: 15s
        health-check-url: http://${spring.cloud.client.ip-address}:${server.port}/actuator/health

Consul registration increases the mandatory limit prefer-ip-address: true to force the way to obtain ip to register to consul.

2019.07.09

Since there is no configuration

spring.cloud.consul.discovery.prefer-ip-address=true

The microservice will register the host name of the host/container where it is registered to consul. However, we will find that sometimes the registered IP to consul host name is obtained by calling the Java API. Sometimes the Java API cannot obtain the host name, so it will be The IP address is sent to consul + as long as you configure the environment variable HOST_NAME, you can register the environment variable you configured

spring.cloud.gateway.discovery.instance.hostname=${HOST_NAME}

Relevant code to get the hostname:

https://github.com/spring-cloud/spring-cloud-commons/blob/master/spring-cloud-commons/src/main/java/org/springframework/cloud/commons/util/InetUtils.java

Related Issues

https://github.com/spring-cloud/spring-cloud-netflix/issues/2084

Jumping from ip back to hostname causes cross-domain permission exception.

{{o.name}}

{{m.name}}