I've setup a microservice architecture with one UAA, one Gateway and one service (single web application) as described here https://jhipster.github.io/using-uaa/
After a user authenticates in this webapp there are several links like this one
<a href="/zuulfitler/route?url=http://www.google.com" target="_blank"
>google</a>
When a user clicks there is a zuul "route" filter that checks if the request has the proper rights and then route to the destination url.
The problem is when the request is intercepted by zuul the user is shown as not authenticated because the Authorization http header with the bearer token has not been injected because the request has not been made by $http object.
See: https://jhipster.github.io/using-uaa/#jhipster-uaa
This bearer token is injected as authorization header into each request performed by the AngularJS $http object.
How can i inject the http header when i click on the link ?
Thank you in advance.
you just can make the token value accessible to some controler, and build links such as:
<a ng-href="/zuulfilter/route?url=http://google.com&access_token={{ctrl.accessToken}}" target="_blank">google</a>
while passing the token via url rather than header, which is recognized by spring cloud security, too.