Spring cloud microservices Zuul cross domain issues

At present, the project structure is VUE as the front-end, and the back-end uses the micro service architecture. When developing, the front-end needs to cross domain request data, and the simple cross domain request needs are solved through ZuulFilter configuration. However, when the token information needs to be added to the header of the request, the request fails, and the browser and the background both display OPTIONS type request related prompts.

 

 

Failed to load http://192.168.1.149:8000/server/addressbook/delete: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'http://192.168.1.242:5500, http://192.168.1.242:5500', but only one is allowed. Origin 'http://192.168.1.242:5500' is therefore not allowed access.

In fact, it's clear here that the header contains multiple values and only one value is allowed. Then let's look at the request information

 

Why is that? In fact, we get the RequestContext when we use ZuulFilter, which brings us access control allow origin and access control allow credentials, so we don't need to add them in the program

import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.zuul.mgzuul.util.JwtHelperUtil;
import com.zuul.mgzuul.util.RedisUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * @Author Tang Yin
 * @Description //TODO
 * @Date 2018-01-03 14:20
 * @ClassName MyFilter
 * @ClassNotes
 **/
@Slf4j
@Component
public class MyFilter extends ZuulFilter {

    @Resource
    private RedisUtil redisUtil;

    @Autowired
    private JwtHelperUtil jwtHelperUtil;

    @Override
    public String filterType() {
        /*
        pre: Can be called before the request is routed.
        route: Called when routing a request
        post: Called after route and error filters
        error: Called when an error occurs while processing a request
        * */
        // Prefilter
        return FilterConstants.PRE_TYPE;

    }

    @Override
    public int filterOrder() {

        //// Priority is 0, the larger the number, the lower the priority
        return 0;
    }

    @Override
    public boolean shouldFilter() {
//        RequestContext ctx = RequestContext.getCurrentContext();
//        HttpServletRequest request = ctx.getRequest();
//        //Filter all kinds of POST request
//        if(request.getMethod().equals(RequestMethod.OPTIONS.name())){
//            return true;
//        }
        return true;

    }

    @Override
    public Object run() {

        System.out.println("*****************PostFilter run start*****************");
        RequestContext ctx = RequestContext.getCurrentContext();
        HttpServletResponse response = ctx.getResponse();
        HttpServletRequest request = ctx.getRequest();
        //response.setHeader("Access-Control-Allow-Origin",request.getHeader("Origin")); //Note out here
        //response.setHeader("Access-Control-Allow-Credentials","true"); //Note out here
        response.setHeader("Access-Control-Expose-Headers","X-forwared-port, X-forwarded-host,Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,Authorization,Token,accessToken");
        response.setHeader("Vary","Origin,Access-Control-Request-Method,Access-Control-Request-Headers");
        String accessToken = request.getHeader("accessToken");
        //Cross domain request for release
        if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
            ctx.setSendZuulResponse(true);
            ctx.setResponseStatusCode(200);
            System.out.println("*****************PostFilter run end*****************");
            return null;
        }

        String url = request.getRequestURI();
        if(url.indexOf("/login")!=-1){
            ctx.setSendZuulResponse(true);
            ctx.setResponseStatusCode(200);
            System.out.println("*****************PostFilter run end*****************");
            return null;
        }

        //Verification token
        //String accessToken = request.getHeader("accessToken");
        /*String accessToken = request.getParameter("accessToken");
        if(StringUtils.isBlank(accessToken)){
            log.debug("accessToken Non-existent! "";
            ctx.setSendZuulResponse(false);
            ctx.setResponseStatusCode(401);// Return error code
            ctx.setResponseBody("{\"result\":\"token \ "}") does not exist; / / error content returned
            ctx.set("isSuccess", false);
            return null;
        }
        Object token_ob = redisUtil.get(accessToken);
        if(token_ob == null){
            log.debug("accessToken Expired ');
            ctx.setSendZuulResponse(false);
            ctx.setResponseStatusCode(401);// Return error code
            ctx.setResponseBody("{\"result\":\"token Expired \ "}"); / / error returned
            ctx.set("isSuccess", false);
            return null;
        }else {
            Claims claims = jwtHelperUtil.parseJWT(accessToken);
            if(claims == null){
                log.debug("accessToken Error "";
                ctx.setSendZuulResponse(false);
                ctx.setResponseStatusCode(401);// Return error code
                ctx.setResponseBody("{\"result\":\"token Error \ "}"); / / error content returned
                ctx.set("isSuccess", false);
                return null;
            }
        }
        //Update login expiration time after passing
        redisUtil.set(accessToken,accessToken, 259200);*/
        //Allow routing to continue
        ctx.setSendZuulResponse(true);
        ctx.setResponseStatusCode(200);
        System.out.println("*****************PostFilter run end*****************");
        return null;
    }
}

 

After commenting out, ok has successfully solved the problem (note that after zuul has made cross domain settings, it is not necessary to do it again in each service, otherwise this problem will occur)

 

QQ group: 216868740

Tags: Java Vue Lombok

Posted on Mon, 02 Dec 2019 16:49:10 -0500 by gudushen