In this short post we will see how to setup Basic Authentication in Spring WebClient while invoking external APIs.
Overview
WebClient is a non-blocking HTTP client with fluent functional style API. It is part of Spring Webflux module that was introduced in Spring 5. WebClient replaces the RestTemplate to invoke external APIs with non-blocking.
WebClient provides different ways of injecting HTTP headers, query params etc while making external call. In this example we will check how to specify Basic Authentication in Webclient.
Basic Authentication in WebClient
Until Spring 5.1, basic authentication was setup using a custom ExchangeFilterFunction. This way of setting up Basic auth was only available while creating WebClient since it relies on WebClient filters.
private WebClient client = WebClient.builder()
.filter(ExchangeFilterFunctions
.basicAuthentication(username, token))
.build();Code language: Java (java)Alternatively if we want to provide the Basic auth while calling the API, we have to set the Authorization header manually which is not great!
webClient.get()
.uri("/customers")
.header("Authorization", "Basic " + Base64Utils
.encodeToString((username + ":" + token).getBytes(UTF_8)))
.retrieve()
.bodyToFlux(String.class);Code language: Java (java)Thankfully, Spring provided some helper methods to make this easy and consistent in Spring 5.1.
Basic Authentication in Spring 5.1 and above
The above way of setting Basic authentication using custom ExchangeFilterFunction is deprecated in Spring 5.1. A new method setBasicAuth is introduced in HttpHeaders class that can be used to set basic authentication.
Below we set use defaultHeaders in WebClient builder to setup Basic auth while creating WebClient instance:
private WebClient client = WebClient.builder()
.defaultHeaders(header -> header.setBasicAuth(userName, password))
.build();Code language: Java (java)Alternately the basic auth can also be setup while calling any API:
Mono<String> response = client.get()
.url("/customers")
.headers(headers -> headers.setBasicAuth(userName, password))
.retrieve()
.bodyToFlux(String.class);Code language: Java (java)Two variants of setBasicAuth methods are available in HttpHeaders.
void setBasicAuth(String username, String password)
//Set the value of the Authorization header to Basic Authentication based on the given username and password.
void setBasicAuth(String username, String password, Charset charset)
//Set the value of the Authorization header to Basic Authentication based on the given username and password.Code language: Java (java)Bonus tip – Setting Bearer Token in WebClient
Similar to Basic Auth, we can also setup the Bearer token in WebClient using new method setBearerAuth in HttpHeaders class:
void setBearerAuth(String token)
//Set the value of the Authorization header to the given Bearer token.Code language: Java (java)The process would be exactly similar to setting up the Basic Auth.
Conclusion
The setBasicAuth method in HttpHeaders class makes it easy setting up basic authentication in WebClient Spring WebFlux. The Basic Auth can be setup while building the WebClient or alternatively during invoking APIs using get(), post() etc.
