In this short post we will see how to setup Basic Authentication in Spring WebClient while invoking external APIs.
WebClient is a non-blocking HTTP client with fluent functional style API. It is part of Spring Webflux module that was introduced in Spring 5.
WebClient replaces the
RestTemplate to invoke external APIs with non-blocking.
WebClient provides different ways of injecting HTTP headers, query params etc while making external call. In this example we will check how to specify Basic Authentication in Webclient.
Basic Authentication in WebClient
Until Spring 5.1, basic authentication was setup using a custom ExchangeFilterFunction. This way of setting up Basic auth was only available while creating WebClient since it relies on WebClient filters.
private WebClient client = WebClient.builder() .filter(ExchangeFilterFunctions .basicAuthentication(username, token)) .build();
Alternatively if we want to provide the Basic auth while calling the API, we have to set the Authorization header manually which is not great!
webClient.get() .uri("/customers") .header("Authorization", "Basic " + Base64Utils .encodeToString((username + ":" + token).getBytes(UTF_8))) .retrieve() .bodyToFlux(String.class);
Thankfully, Spring provided some helper methods to make this easy and consistent in Spring 5.1.
Basic Authentication in Spring 5.1 and above
The above way of setting Basic authentication using custom ExchangeFilterFunction is deprecated in Spring 5.1. A new method
setBasicAuth is introduced in
HttpHeaders class that can be used to set basic authentication.
Below we set use
defaultHeaders in WebClient builder to setup Basic auth while creating WebClient instance:
private WebClient client = WebClient.builder() .defaultHeaders(header -> header.setBasicAuth(userName, password)) .build();
Alternately the basic auth can also be setup while calling any API:
Mono<String> response = client.get() .url("/customers") .headers(headers -> headers.setBasicAuth(userName, password)) .retrieve() .bodyToFlux(String.class);
Two variants of
setBasicAuth methods are available in HttpHeaders.
void setBasicAuth(String username, String password) //Set the value of the Authorization header to Basic Authentication based on the given username and password. void setBasicAuth(String username, String password, Charset charset) //Set the value of the Authorization header to Basic Authentication based on the given username and password.
Bonus tip – Setting Bearer Token in WebClient
Similar to Basic Auth, we can also setup the Bearer token in WebClient using new method
void setBearerAuth(String token) //Set the value of the Authorization header to the given Bearer token.
The process would be exactly similar to setting up the Basic Auth.
setBasicAuth method in HttpHeaders class makes it easy setting up basic authentication in WebClient Spring WebFlux. The Basic Auth can be setup while building the WebClient or alternatively during invoking APIs using