如何使用Postman身份验证助手调用JHipster（春季）OAuth2 Rest服务器 [英] How to call JHipster (Spring) OAuth2 Rest server using Postman Authentication helpers

问题描述

邮递员有

对于授权URL 我已经尝试过：

• 
  
  

  我不知道为什么会这样。也许我设置的回调URL不正确？我需要在服务器或客户端（AngularJS）中执行此操作吗？

  
  
  

  有人知道错在哪里吗？感谢您的帮助。

  解决方案

  JHipster当前已设置为使用密码 oauth2授予​​类型。帮助程序oauth2帮助程序似乎仅适用于授权代码和客户端凭据授予类型。

  
  
  

  您要做的是首先调用应用程序的令牌端点直接与angular app在
  src / main / webapp / scripts / components / auth / provider / auth.oauth2.service.js

  中所做的一样

    POST http：// localhost：8080 / oauth / token？username = MY_USERNAME& password = MY_PASSWORD& grant_type = password& scope = read％20write 
    

  其中您的用户名和密码可以分别是 user和 user，并且设置了一个标头：

   授权：基本AAAAAA 
    

  其中AAAAAA是您的（clientId +： + clientSecret）-全部以base64编码。您可以使用 https://www.base64encode.org/ 。例如，如果您的clientId是 jhipsterapp，而您的clientSecret是 mySecretOAuthSecret，则将AAAAAA替换为 amhpcHN0ZXJhcHA6bXlTZWNyZXRPQXV0aFNlY3JldA ==，因为这是 jhipsterapp：mySecretOAuthS $ b 那应该给你一个access_token。现在，通过在您的标头中的密码请求中使用access_token调用它们来访问API端点。

   授权：不记名access_token_from_earlier_token_request 
    

  更新：如果您使用的是微服务和UAA，请参阅Niel的回答https://stackoverflow.com/a/45549789/1098564

  
  

  Postman has Authentication helpers to help with authenticated calls and I'm trying to use the OAuth 2.0 helper to call a REST server created by JHipster using Spring (Security, Social, etc).

  I've tried a lot of configurations, this is the screen (client ID and Secret were masked):

  For the Authorization URL I've tried:

  • http://127.0.0.1:8080/oauth/authorize
  • http://127.0.0.1:8080/#/login (the app's login route)

  The closer I get from receiving a token back to Postman is:

  I don't know why it's erring like this. Maybe I'm setting the Callback URL incorrectly? Do I need to do this in the server or in the client (AngularJS)?

  Does anyone have any idea of what's wrong? I appreciate your help.

  解决方案

  JHipster is currently setup to use the "password" oauth2 grant type. The helper oauth2 helper only seems to work with "authorization code" and "client credentials" grant types.

  What you'll want to do is first call your app's token endpoint directly as the angular app does in src/main/webapp/scripts/components/auth/provider/auth.oauth2.service.js

  POST http://localhost:8080/oauth/token?username=MY_USERNAME&password=MY_PASSWORD&grant_type=password&scope=read%20write
  

  where your username and password can be "user" and "user" respectively, for example and with one header set:

  Authorization: Basic AAAAAA
  

  where AAAAAA is your (clientId + ":" + clientSecret)--all base64-encoded. You can use https://www.base64encode.org/. For example if your clientId is "jhipsterapp" and your clientSecret is "mySecretOAuthSecret", replace AAAAAA with "amhpcHN0ZXJhcHA6bXlTZWNyZXRPQXV0aFNlY3JldA==" since that is "jhipsterapp:mySecretOAuthSecret" base64-encoded.

  That should return you an access_token. Now hit your API endpoints by calling them with the access_token from your password request in your header like this.

  Authorization: Bearer access_token_from_earlier_token_request
  

  Update: if you're using microservices and UAA, then see Niel's answer https://stackoverflow.com/a/45549789/1098564

  这篇关于如何使用Postman身份验证助手调用JHipster（春季）OAuth2 Rest服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！