7.4 HTTP Client Filters

Often, you need to include the same HTTP headers or URL parameters in a set of requests against a third-party API or when calling another Microservice.

To simplify this, Micronaut includes the ability to define HttpClientFilter classes that are applied to all matching HTTP client requests.

As an example say you want to build a client to communicate with the Bintray REST API. It would be terribly tedious to have to specify authentication for every single HTTP call.

To resolve this burden you can define a filter. The following is an example BintrayService:

  1. class BintrayApi {
  2.     public static final String URL = 'https://api.bintray.com'
  3. }
  5. @Singleton
  6. class BintrayService {
  7.     final RxHttpClient client;
  8.     final String org;
  10.     BintrayService(
  11.             @Client(BintrayApi.URL) RxHttpClient client,           (1)
  12.             @Value("${bintray.organization}") String org ) {
  13.         this.client = client;
  14.         this.org = org;
  15.     }
  17.     Flowable<HttpResponse<String>> fetchRepositories() {
  18.         return client.exchange(HttpRequest.GET("/repos/" + org), String.class); (2)
  19.     }
  21.     Flowable<HttpResponse<String>> fetchPackages(String repo) {
  22.         return client.exchange(HttpRequest.GET("/repos/" + org + "/" + repo + "/packages"), String.class); (2)
  23.     }
  24. }
  1. class BintrayApi {
  2.     public static final String URL = 'https://api.bintray.com'
  3. }
  5. @Singleton
  6. class BintrayService {
  7.     final RxHttpClient client
  8.     final String org
  10.     BintrayService(
  11.             @Client(BintrayApi.URL) RxHttpClient client,           (1)
  12.             @Value('${bintray.organization}') String org ) {
  13.         this.client = client
  14.         this.org = org
  15.     }
  17.     Flowable<HttpResponse<String>> fetchRepositories() {
  18.         return client.exchange(HttpRequest.GET("/repos/$org"), String) (2)
  19.     }
  21.     Flowable<HttpResponse<String>> fetchPackages(String repo) {
  22.         return client.exchange(HttpRequest.GET("/repos/${org}/${repo}/packages"), String) (2)
  23.     }
  24. }
  1. class BintrayApi {
  2.     public static final String URL = 'https://api.bintray.com'
  3. }
  5. @Singleton
  6. internal class BintrayService(
  7.         @param:Client(BintrayApi.URL) val client: RxHttpClient, (1)
  8.         @param:Value("\${bintray.organization}") val org: String) {
  10.     fun fetchRepositories(): Flowable<HttpResponse<String>> {
  11.         return client.exchange(HttpRequest.GET<Any>("/repos/$org"), String::class.java) (2)
  12.     }
  14.     fun fetchPackages(repo: String): Flowable<HttpResponse<String>> {
  15.         return client.exchange(HttpRequest.GET<Any>("/repos/$org/$repo/packages"), String::class.java) (2)
  16.     }
  17. }
1An RxHttpClient is injected for the Bintray API
2The organization is configurable via configuration

The Bintray API is secured. To authenticate you need to add an Authorization header for every request. You could modify fetchRepositories and fetchPackages methods to include the necessary HTTP Header for each request. Using a filter is much simpler though:

  1. @Filter("/repos/**") (1)
  2. class BintrayFilter implements HttpClientFilter {
  4.     final String username;
  5.     final String token;
  7.     BintrayFilter(
  8.             @Value("${bintray.username}") String username, (2)
  9.             @Value("${bintray.token}") String token ) { (2)
  10.         this.username = username;
  11.         this.token = token;
  12.     }
  14.     @Override
  15.     public Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  16.         return chain.proceed(
  17.                 request.basicAuth(username, token) (3)
  18.         );
  19.     }
  20. }
  1. @Filter('/repos/**') (1)
  2. class BintrayFilter implements HttpClientFilter {
  5.     final String username
  6.     final String token
  8.     BintrayFilter(
  9.             @Value('${bintray.username}') String username, (2)
  10.             @Value('${bintray.token}') String token ) { (2)
  11.         this.username = username
  12.         this.token = token
  13.     }
  15.     @Override
  16.     Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  17.         return chain.proceed(
  18.                 request.basicAuth(username, token) (3)
  19.         )
  20.     }
  21. }
  1. @Filter("/repos/**") (1)
  2. internal class BintrayFilter(
  3.         @param:Value("\${bintray.username}") val username: String, (2)
  4.         @param:Value("\${bintray.token}") val token: String)(2)
  5.     : HttpClientFilter {
  7.     override fun doFilter(request: MutableHttpRequest<*>, chain: ClientFilterChain): Publisher<out HttpResponse<*>> {
  8.         return chain.proceed(
  9.                 request.basicAuth(username, token) (3)
  10.         )
  11.     }
  12. }
1You can match only a subset of paths with a Client filter.
2The username and token are injected via configuration
3The basicAuth method is used include the HTTP BASIC credentials

Now, whenever you invoke the bintrayService.fetchRepositories() method, the Authorization HTTP header is included in the request.

Injecting Another Client into a HttpClientFilter

It should be noted that in order to create a RxHttpClient Micronaut needs to resolve all of the HttpClientFilter instances which creates a circular dependency in the case where you need to inject another RxHttpClient or a @Client bean into an instance of a HttpClientFilter.

To resolve this issue you should use the javax.inject.Provider interface to inject another RxHttpClient or a @Client bean into an instance of HttpClientFilter.

The following example which implements a filter that allows authentication between services on Google Cloud Run demonstrates how to use Provider to inject another client:

  1. import io.micronaut.context.annotation.Requires;
  2. import io.micronaut.context.env.Environment;
  3. import io.micronaut.http.*;
  4. import io.micronaut.http.annotation.Filter;
  5. import io.micronaut.http.client.RxHttpClient;
  6. import io.micronaut.http.filter.ClientFilterChain;
  7. import io.micronaut.http.filter.HttpClientFilter;
  8. import io.reactivex.Flowable;
  9. import org.reactivestreams.Publisher;
  10. import javax.inject.Provider;
  11. import java.io.UnsupportedEncodingException;
  12. import java.net.URI;
  13. import java.net.URLEncoder;
  15. @Requires(env = Environment.GOOGLE_COMPUTE)
  16. @Filter(patterns = "/google-auth/api/**")
  17. public class GoogleAuthFilter implements HttpClientFilter {
  18.     private final Provider<RxHttpClient> authClientProvider;
  20.     public GoogleAuthFilter(Provider<RxHttpClient> httpClientProvider) { (1)
  21.         this.authClientProvider = httpClientProvider;
  22.     }
  24.     @Override
  25.     public Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  26.         Flowable<String> token = Flowable.fromCallable(() -> encodeURI(request))
  27.                 .flatMap(authURI -> authClientProvider.get().retrieve(HttpRequest.GET(authURI).header( (2)
  28.                         "Metadata-Flavor", "Google"
  29.                 )));
  31.         return token.flatMap(t -> chain.proceed(request.bearerAuth(t)));
  32.     }
  34.     private String encodeURI(MutableHttpRequest<?> request) throws UnsupportedEncodingException {
  35.         URI fullURI = request.getUri();
  36.         String receivingURI = fullURI.getScheme() + "://" + fullURI.getHost();
  37.         return "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience=" +
  38.                 URLEncoder.encode(receivingURI, "UTF-8");
  39.     }
  40. }
  1. import io.micronaut.context.annotation.Requires
  2. import io.micronaut.context.env.Environment
  3. import io.micronaut.http.HttpRequest
  4. import io.micronaut.http.HttpResponse
  5. import io.micronaut.http.MutableHttpRequest
  6. import io.micronaut.http.annotation.Filter
  7. import io.micronaut.http.client.RxHttpClient
  8. import io.micronaut.http.filter.ClientFilterChain
  9. import io.micronaut.http.filter.HttpClientFilter
  10. import io.reactivex.Flowable
  11. import org.reactivestreams.Publisher
  13. import javax.inject.Provider
  15. @Requires(env = Environment.GOOGLE_COMPUTE)
  16. @Filter(patterns = "/google-auth/api/**")
  17. class GoogleAuthFilter implements HttpClientFilter {
  18.     private final Provider<RxHttpClient> authClientProvider
  20.     GoogleAuthFilter(Provider<RxHttpClient> httpClientProvider) { (1)
  21.         this.authClientProvider = httpClientProvider
  22.     }
  24.     @Override
  25.     Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  26.         Flowable<String> token = Flowable.fromCallable(() -> encodeURI(request))
  27.                 .flatMap(authURI -> authClientProvider.get().retrieve(HttpRequest.GET(authURI).header( (2)
  28.                         "Metadata-Flavor", "Google"
  29.                 )))
  31.         return token.flatMap(t -> chain.proceed(request.bearerAuth(t)))
  32.     }
  34.     private static String encodeURI(MutableHttpRequest<?> request) {
  35.         String receivingURI = "$request.uri.scheme://$request.uri.host"
  36.         return "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience=" +
  37.                 URLEncoder.encode(receivingURI, "UTF-8")
  38.     }
  39. }
  1. import io.micronaut.context.annotation.Requires
  2. import io.micronaut.context.env.Environment
  3. import io.micronaut.http.HttpRequest
  4. import io.micronaut.http.HttpResponse
  5. import io.micronaut.http.MutableHttpRequest
  6. import io.micronaut.http.annotation.Filter
  7. import io.micronaut.http.client.RxHttpClient
  8. import io.micronaut.http.filter.ClientFilterChain
  9. import io.micronaut.http.filter.HttpClientFilter
  10. import io.reactivex.Flowable
  11. import org.reactivestreams.Publisher
  12. import java.net.URLEncoder
  13. import javax.inject.Provider
  15. @Requires(env = [Environment.GOOGLE_COMPUTE])
  16. @Filter(patterns = ["/google-auth/api/**"])
  17. class GoogleAuthFilter (
  18.         private val authClientProvider: Provider<RxHttpClient>) : HttpClientFilter { (1)
  19.     override fun doFilter(request: MutableHttpRequest<*>, chain: ClientFilterChain): Publisher<out HttpResponse<*>?> {
  20.         val token = Flowable.fromCallable { encodeURI(request) }
  21.                 .flatMap { authURI: String ->
  22.                     authClientProvider.get().retrieve(HttpRequest.GET<Any>(authURI).header( (2)
  23.                             "Metadata-Flavor", "Google"
  24.                     ))
  25.                 }
  26.         return token.flatMap { t -> chain.proceed(request.bearerAuth(t)) }
  27.     }
  29.     private fun encodeURI(request: MutableHttpRequest<*>): String {
  30.         val receivingURI = "${request.uri.scheme}://${request.uri.host}"
  31.         return "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience=" +
  32.                 URLEncoder.encode(receivingURI, "UTF-8")
  33.     }
  35. }
1The javax.inject.Provider interface is used to inject another client, avoiding a circular reference
2The get() method of the Provider interface is used to obtain the client instance.

Filter Matching By Annotation

For cases where a filter should be applied to a client, regardless of the URL, filters can be matched by the presence of an annotation applied to both the filter and the client. Given the following client:

  1. import io.micronaut.http.annotation.Get;
  2. import io.micronaut.http.client.annotation.Client;
  4. @BasicAuth (1)
  5. @Client("/message")
  6. public interface BasicAuthClient {
  8.     @Get
  9.     String getMessage();
  10. }
  1. import io.micronaut.http.annotation.Get
  2. import io.micronaut.http.client.annotation.Client
  4. @BasicAuth (1)
  5. @Client("/message")
  6. interface BasicAuthClient {
  8.     @Get
  9.     String getMessage()
  10. }
  1. import io.micronaut.http.annotation.Get
  2. import io.micronaut.http.client.annotation.Client
  4. @BasicAuth (1)
  5. @Client("/message")
  6. interface BasicAuthClient {
  8.     @Get
  9.     fun getMessage(): String
  10. }
1The @BasicAuth annotation is applied to the client

The following filter will filter the client requests:

  1. import io.micronaut.http.HttpResponse;
  2. import io.micronaut.http.MutableHttpRequest;
  3. import io.micronaut.http.filter.ClientFilterChain;
  4. import io.micronaut.http.filter.HttpClientFilter;
  5. import org.reactivestreams.Publisher;
  7. import javax.inject.Singleton;
  9. @BasicAuth (1)
  10. @Singleton (2)
  11. public class BasicAuthClientFilter implements HttpClientFilter {
  13.     @Override
  14.     public Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  15.         return chain.proceed(request.basicAuth("user", "pass"));
  16.     }
  17. }
  1. import io.micronaut.http.HttpResponse
  2. import io.micronaut.http.MutableHttpRequest
  3. import io.micronaut.http.filter.ClientFilterChain
  4. import io.micronaut.http.filter.HttpClientFilter
  5. import org.reactivestreams.Publisher
  7. import javax.inject.Singleton
  9. @BasicAuth (1)
  10. @Singleton (2)
  11. class BasicAuthClientFilter implements HttpClientFilter {
  13.     @Override
  14.     Publisher<? extends HttpResponse<?>> doFilter(MutableHttpRequest<?> request, ClientFilterChain chain) {
  15.         chain.proceed(request.basicAuth("user", "pass"))
  16.     }
  17. }
  1. import io.micronaut.http.HttpResponse
  2. import io.micronaut.http.MutableHttpRequest
  3. import io.micronaut.http.filter.ClientFilterChain
  4. import io.micronaut.http.filter.HttpClientFilter
  5. import org.reactivestreams.Publisher
  7. import javax.inject.Singleton
  9. @BasicAuth (1)
  10. @Singleton (2)
  11. class BasicAuthClientFilter : HttpClientFilter {
  13.     override fun doFilter(request: MutableHttpRequest<*>, chain: ClientFilterChain): Publisher<out HttpResponse<*>> {
  14.         return chain.proceed(request.basicAuth("user", "pass"))
  15.     }
  16. }
1The same annotation, @BasicAuth, is applied to the filter
2Normally the @Filter annotation makes filters singletons by default. Because the @Filter annotation is not used, the desired scope must be applied

The @BasicAuth annotation is just an example and can be replaced with your own custom annotation.

  1. import io.micronaut.http.annotation.FilterMatcher;
  3. import java.lang.annotation.*;
  5. @FilterMatcher (1)
  6. @Documented
  7. @Retention(RetentionPolicy.RUNTIME)
  8. @Target({ElementType.TYPE, ElementType.PARAMETER})
  9. public @interface BasicAuth {
  10. }
  1. import io.micronaut.http.annotation.FilterMatcher
  3. import java.lang.annotation.*
  5. @FilterMatcher (1)
  6. @Documented
  7. @Retention(RetentionPolicy.RUNTIME)
  8. @Target([ElementType.TYPE, ElementType.PARAMETER])
  9. @interface BasicAuth {
  10. }
  1. import io.micronaut.http.annotation.FilterMatcher
  3. @FilterMatcher (1)
  4. @MustBeDocumented
  5. @Retention(AnnotationRetention.RUNTIME)
  6. @Target(AnnotationTarget.CLASS, AnnotationTarget.VALUE_PARAMETER)
  7. annotation class BasicAuth
1The only requirement for custom annotations is that the @HttpFilterStereotype annotation must be present