This document lists out the instructions on how to use the AuthAdapter in a Spring Boot application.
- Step 1: Inject required libraries
- Step 2: Attach annotations to authorize endpoints
- Step 3: Use restTemplate for Http calls
- Add the AuthAdapter module to your project as a maven dependency
<dependency>
<groupId>io.mosip.kernel</groupId>
<artifactId>kernel-auth-adapter</artifactId>
<version>Kernel Parent Version</version>
</dependency>- Add ComponentScan annotation as shown below to your project. This is to create auth adapter bean.
@SpringBootApplication
@ComponentScan(basePackages = "io.mosip.*")To restrict access to your endpoints, you need to add the @PreAuthorize annotation. Look at the below example for reference.
@PreAuthorize("hasAnyRole('DIVISION_ADMIN', 'SUPERVISOR', 'AGENT')")
@RequestMapping(value = "/api/reference", method = RequestMethod.GET)There are few more methods available apart from hasAnyRole like hasRole. Look in to the @PreAuthorize documentation for more details.
Note: Now we support only hasRole and hasAnyRole methods.
To make any kind of HTTP or HTTPS calls to a mosip's micro service that also injected the AuthAdapter, use the standard RestTemplate capabilities as shown below.
- Intially autowire the RestTemplate in the class where you are going to make an API call.
@Autowired
private RestTemplate restTemplate;- Now make the call using the autowired restTemplate as shown in the sample below:
final String uri = "http://localhost:3001/api/location";
LocationDao response = restTemplate.getForObject(uri, LocationDao.class);Note: Do not create a new instance of the RestTemplate instead use the autowired one.