获取OAUTH2令牌 [英] Getting the OAUTH2 Token

问题描述

我正在尝试从我们的IDM服务器中检索OAUTH2令牌-我尝试了几种基本示例，但所有示例均返回200状态且未包含任何代码.我可以通过邮递员使用以下标头来毫无困难地做到这一点:

I'm trying to retrieve a OAUTH2 token from our IDM server - I've tried several flavors of rudimentary examples, but all of them return a 200 status with no code included. I can do it with no trouble via postman, using a header of:

Content-Type application/x-www-form-urlencoded

...，然后发送client_id，redirect_uri和代码参数.我回来的东西看起来像这样:

... and sending the client_id, redirect_uri and code parameters. I get something back that looks like this:

{
    "access_token": "abcd...",
    "token_type": "bearer",
    "expires_in": 3600
}

这是超级基本代码，旨在做的只是看我是否可以抓住令牌(此时):

Here's the super rudimentary code intended to do no more than see if I can grab the token (at this point):

public class Service {

public String getToken() {

    String client_id = "f2e8...";
    String redirect_uri = "https://mysite/";
    String code = "AAAAAA...";

    form = new Form();
    form.param("client_id", client_id);
    form.param("code", code);
    form.param("redirect_uri", redirect_uri);
    JerseyClientBuilder jerseyClientBuilder = new JerseyClientBuilder();
    JerseyWebTarget jerseyWebTarget = 
    jerseyClientBuilder.build().target("https://token-source-site/");
    Response response = jerseyWebTarget.request().post(Entity.form(form));
    return response.toString();
  }
}

但是我得到的只是:

InboundJaxrsResponse{context=ClientResponse{method=POST, 
uri=https://token-source-site/, status=200, reason=OK}}

是否有任何关于Postman可能在做的事情的想法，认为我的代码不是?

Any thoughts on what Postman might be doing that my code isn't?

推荐答案

仅在Response上调用toString()时，它不会显示在响应正文中.您需要通过调用Response#readEntity从其中提取主体.

It's not going to show to the response body when you just call toString() on the Response. You need to extract the body from it by calling Response#readEntity.

但是即使尝试将其提取为字符串，您仍然有必须解析该字符串的问题.最好的办法是为令牌响应创建一个POJO

But even trying to extract it to a String, you have the problem of still having to parse the string. Best thing to do is to create a POJO for the token response

public class AccessTokenResponse {
    @JsonProperty("access_token")
    private String accessToken;

    @JsonProperty("token_type")
    private String tokenType;

    @JsonProperty("expires_in")
    private long expiresIn;

    // getters and setters
}

那你就可以做

Response response = jerseyWebTarget.request().post(Entity.form(form));
return response.readEntity(AccessTokenResponse.class);

使方法返回AccessTokenResponse，因此客户端也可以访问其他属性.

Make the method return AccessTokenResponse, so the client has access to the other properties also.

要使其正常工作，您将需要具有Jackson提供商的依赖项

For this to work, you will need to have the Jackson provider dependency

<dependency>
    <groupId>org.glassfish.jersey.media</groupId>
    <artifactId>jersey-media-json-jackson</artifactId>
    <version>${jersey.version}</version>
</dependency>

这篇关于获取OAUTH2令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！