How to add a custom header in Spring WebFilter?

Question

I'm trying to add a custom filter before I invoke my REST Service. In this below class, I'm trying to add the custom filter in the HttpRequest but I'm getting error :-

java.lang.UnsupportedOperationException: null at java.util.Collections$UnmodifiableMap.computeIfAbsent(Collections.java:1535) ~[na:1.8.0_171] at org.springframework.util.CollectionUtils$MultiValueMapAdapter.add(CollectionUtils.java:459) ~[spring-core-5.0.7.RELEASE.jar:5.0.7.RELEASE]

public class AuthenticationWebFilter implements WebFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticationWebFilter.class);

    @Autowired
    private TokenServiceRequest tokenServiceRequest;

    @Autowired
    private AuthenticationProvider authenticationProvider;

    public AuthenticationWebFilter(TokenServiceRequest tokenServiceRequest, AuthenticationProvider authenticationProvider) {
        super();
        this.tokenServiceRequest = tokenServiceRequest;
        this.authenticationProvider = authenticationProvider;
    }

    @Override
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        HttpHeaders requestHeaders = serverWebExchange.getRequest().getHeaders();
        HttpHeaders responseHeaders = serverWebExchange.getResponse().getHeaders();
        LOGGER.info("Response HEADERS: "+responseHeaders);
        LOGGER.info("Request HEADERS: "+serverWebExchange.getRequest().getHeaders());

        tokenServiceRequest.setUsername(serverWebExchange.getRequest().getHeaders().getFirst(CommerceConnectorConstants.USERNAME));
        tokenServiceRequest.setPassword(serverWebExchange.getRequest().getHeaders().getFirst(CommerceConnectorConstants.PASSWORD));
        tokenServiceRequest.setClientId(serverWebExchange.getRequest().getHeaders().getFirst(CommerceConnectorConstants.CLIENT_ID));
        tokenServiceRequest.setSecretClient(serverWebExchange.getRequest().getHeaders().getFirst(CommerceConnectorConstants.SECRET_CLIENT));
        LOGGER.info("Token Received: " + authenticationProvider.getUserAccessToken(tokenServiceRequest).getTokenId());

        //responseHeaders.set(CommerceConnectorConstants.X_AUTH_TOKEN, authenticationProvider.getUserAccessToken(tokenServiceRequest).getTokenId());
        //responseHeaders.add(CommerceConnectorConstants.X_AUTH_TOKEN, authenticationProvider.getUserAccessToken(tokenServiceRequest).getTokenId());

        //This below code is not working
        serverWebExchange.getRequest().getQueryParams().add("test", "value");

        //This below code is not working
        //serverWebExchange.getRequest().getHeaders().add(CommerceConnectorConstants.X_AUTH_TOKEN, authenticationProvider.getUserAccessToken(tokenServiceRequest).getTokenId());
        LOGGER.info("Exiting filter@AuthenticationWebFilter");
        return webFilterChain.filter(serverWebExchange);
    }
    }

In HTTPResponse, I can set the custom headers but my requirement is to add the custom header in the HTTPRequest. Please advise.

Answer 1

I'm having the same problem because headers already have the same key; My solution is to set the key in the header, first check whether the key exists;

@Configuration
public class AuthGatewayFilter implements GlobalFilter, Ordered {
    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        Consumer<HttpHeaders> httpHeaders = httpHeader -> {
            // check exists
            if(StringUtils.isBlank(httpHeader.getFirst("xxx"))){
                httpHeader.add("xxx", "xxx");
            }
        };
        ServerHttpRequest serverHttpRequest = exchange.getRequest().mutate().headers(httpHeaders).build();
        exchange = exchange.mutate().request(serverHttpRequest).build();

        return chain.filter(exchange);
    }

}

Answer 2

    public class CustomTokenFilter implements WebFilter {

    @Override
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        ServerHttpRequest mutateRequest = serverWebExchange.getRequest().mutate()
                .header("token", "test")
                .build();
        ServerWebExchange mutateServerWebExchange = serverWebExchange.mutate().request(mutateRequest).build();
        return webFilterChain.filter(mutateServerWebExchange);
    }
}

Answer 3

If you're in spring cloud gateway, request header could be modified by implements GlobalFilter or GatewayFilter.

    @Component 
    public class LogFilter implements GlobalFilter, Ordered {

    private Logger LOG = LoggerFactory.getLogger(LogFilter.class);

    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {

        return chain.filter(
                exchange.mutate().request(
                        exchange.getRequest().mutate()
                                .header("customer-header", "customer-header-value")
                                .build())
                        .build());
    }

    @Override
    public int getOrder() {
        return 0;
    } }

If you're in ZuulFilter, addZuulRequestHeader could modified the request header.

    RequestContext.getCurrentContext().addZuulRequestHeader("customer-header", "customer-header-value");

Hope it's helpful.

Answer 4

I think the exception is thrown because of security reasons. It would be nasty if a filter could add/modify the HTTP request headers. Of course, you can accomplish this by creating a series of decorators:

import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.ServerWebExchangeDecorator;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;

    public class CustomFilter implements WebFilter {

    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {

            ServerWebExchangeDecorator decorator = new ServerWebExchangeDecoratorImpl(serverWebExchange);

            //do your stuff using decorator 

            return webFilterChain.filter(decorator);
        }
    }


    class ServerWebExchangeDecoratorImpl extends ServerWebExchangeDecorator {

        private ServerHttpRequestDecorator requestDecorator;

        public ServerWebExchangeDecoratorImpl(ServerWebExchange delegate) {
            super(delegate);
            this.requestDecorator = new ServerHttpRequestDecoratorImpl(delegate.getRequest());
        }

        @Override
        public ServerHttpRequest getRequest() {
            return requestDecorator;
        }

    }

    class ServerHttpRequestDecoratorImpl extends  ServerHttpRequestDecorator {

        // your own query params implementation
        private MultiValueMap queryParams;

        public ServerHttpRequestDecoratorImpl(ServerHttpRequest request) {
            super(request);
            this.queryParams = new HttpHeaders();
            this.queryParams.addAll(request.getQueryParams());
        }

        @Override
        public MultiValueMap<String, String> getQueryParams() {
            return queryParams;
        }

        //override other methods if you want to modify the behavior
    }