🩹 resolve circular dependency in gateway API key authorization

Author: Adnane Miliari

feign-clients/src/main/java/dev/nano/clients/apiKeyManager/apiKey/ApiKeyManagerClient.java

@@ -8,7 +8,7 @@
 @FeignClient(name = "apiKey-manager", url = "${clients.apiKey-manager.url}")
 public interface ApiKeyManagerClient {
 
-    @GetMapping("/api/v1/apiKey-manager/api-keys/{apiKey}/applications/{applicationName}/authorization")
+    @GetMapping("{apiKey}/applications/{applicationName}/authorization")
     ApiKeyManagerResponse isKeyAuthorizedForApplication(
             @PathVariable("apiKey") String apiKey,
             @PathVariable("applicationName") String applicationName);

gateway/src/main/java/dev/nano/gateway/GatewayApplication.java

@@ -11,6 +11,7 @@
 @EnableDiscoveryClient
 @EnableFeignClients(
         basePackages = "dev.nano.clients"
+
 )
 @PropertySources({
         @PropertySource("classpath:clients-${spring.profiles.active}.properties")

gateway/src/main/java/dev/nano/gateway/GatewayConfig.java

@@ -0,0 +1,14 @@
+package dev.nano.gateway;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.codec.ServerCodecConfigurer;
+
+@Configuration
+public class GatewayConfig {
+
+    @Bean
+    public ServerCodecConfigurer serverCodecConfigurer() {
+        return ServerCodecConfigurer.create();
+    }
+}

gateway/src/main/java/dev/nano/gateway/security/ApiAuthorizationFilter.java

@@ -0,0 +1,52 @@
+package dev.nano.gateway.security;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.cloud.gateway.filter.GatewayFilterChain;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.cloud.gateway.route.Route;
+import org.springframework.cloud.gateway.support.ServerWebExchangeUtils;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.core.Ordered;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.web.server.ResponseStatusException;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Mono;
+
+import java.util.List;
+
+@Component
+public class ApiAuthorizationFilter implements GlobalFilter, Ordered {
+
+    final ApiKeyAuthorizationChecker apiKeyAuthorizationChecker;
+
+    @Autowired
+    public ApiAuthorizationFilter(
+            @Qualifier("main-checker") @Lazy ApiKeyAuthorizationChecker apiKeyAuthorizationChecker
+    ) {
+        this.apiKeyAuthorizationChecker = apiKeyAuthorizationChecker;
+    }
+
+    @Override
+    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+
+        Route route = exchange.getAttribute(ServerWebExchangeUtils.GATEWAY_ROUTE_ATTR);
+        String applicationName = route.getId();
+        List<String> apiKey = exchange.getRequest().getHeaders().get("ApiKey");
+
+        if (applicationName == null || apiKey.isEmpty()) {
+            throw new ResponseStatusException(
+                    HttpStatus.UNAUTHORIZED,
+                    "Application name is not defined, you are not authorized to access this resource"
+            );
+        }
+
+        return chain.filter(exchange);
+    }
+
+    @Override
+    public int getOrder() {
+        return Ordered.LOWEST_PRECEDENCE; // lowest priority filter
+    }
+}

gateway/src/main/java/dev/nano/gateway/security/ApiKeyAuthenticationFilter.java

@@ -23,7 +23,7 @@
  * 4. Handle service failures with circuit breaker
  */
 
-@Service("main-checker-manager")
+@Service("main-checker")
 @AllArgsConstructor
 @Slf4j
 public class ApiKeyManagerAuthorizationChecker implements ApiKeyAuthorizationChecker {

gateway/src/main/java/dev/nano/gateway/security/ApiKeyManagerAuthorizationChecker.java

@@ -6,6 +6,9 @@ server:
 spring:
   application:
     name: gateway
+  main:
+    web-application-type: reactive
+    allow-bean-definition-overriding: true
   cloud:
     gateway:
       routes: