These are chat archives for spring-cloud/spring-cloud

11th
Jan 2015
William Gorder
@wgorder
Jan 11 2015 00:16
@dsyer I was reading through your blog the jwt example says "instead of using the /user endpoint" however the /user endpoint is still there. Also it does not show how to extract user information from the token, although I am not sure if you were just referring to the framework extracting that info for the authentication bit.
Dave Syer
@dsyer
Jan 11 2015 07:25
The /user endpoint is still needed by the UI (proxied through to angular). But the resource server doesn't need it. Should be clearer in the text now.
Decoding the JWT is just following the spec. It's a Spring Oauth feature.
The JWT sample doesn't get more than a mention in the blog. Maybe it needs its own article?
William Gorder
@wgorder
Jan 11 2015 12:53
yes I have it working in mine now. I think the JWT thing is really cool so maybe its own article would be nice.
The next hiccup I ran into is the principle does not seem to contain the custom UserDetails. When you send the user back to the application you will want their 'profile information'
I don't know if the difference there is that I have my /user endpoint on the auth server. I tried to put it on the gateway but since the gateway has a zuul proxy of /** routing to the UI app it seems like it ignores any other request mapping that may exist
I was going to open an issue on that to check any local request mappings before trying zuul endpoints
Dave Syer
@dsyer
Jan 11 2015 13:18
The implementation of the /user endpoint is entirely up to you. The one I sketched just returns the Principal (the content of which are also up to you if you customize the user details service on the auth server)
William Gorder
@wgorder
Jan 11 2015 13:24
I do customize them on the auth server but they are not present on the principal. Must be missing something
I'll look some more at it this afternoon