Broadleaf Microservices

Key Components

OAuth2ClientCredentialsGatewayFilterFactory

This filter factory provides support for authorizing a request using the OAuth2 client credentials flow when the request is not already authorized. This is useful for authorizing anonymous requests with read-only access to certain services.

InMemoryServerOAuth2AuthorizedClientRepository

Provides support for storing authorized clients in-memory by client registration ID. Stored entries expire when the access token is known to be expired. Note, this will store tokens irrespective of the request or user, and should not be used for tokens involving a user principal. This should be used for service-to-service communications only.

DisabledSSLWebClientReactiveClientCredentialsTokenResponseClient

This class is a temporary workaround for local development and disables SSL for service to service communication.