通过后台Java(春季)应用程序对Dynamics CRM WebAPI进行OAuth2.0身份验证 [英] OAuth2.0 authentication of Dynamics CRM WebAPIs from a background Java (Spring) application

问题描述

我需要从后台Java应用程序针对OAuth2.0 Microsoft Dynamics CRM进行身份验证；背景，因为它是客户的ERP及其Dynamics在线实例之间的集成应用程序.

I need to authenticate against OAuth2.0 Microsoft Dynamics CRM from a background Java application; background because it's an integration app between the ERP of the customer and its Dynamics online instance.

我尝试使用spring-security-oauth2类获取高级资源来处理身份验证，但是我无法检索初始令牌，但是如果我尝试手动"构建http会很成功.需要的请求.

I tried to use spring-security-oauth2 classes to get an high level set of resource to handle authentication, but i can't retrieve the initial token, while I'm successful if I try with building "manually" the http requests needed.

我编写了一个简单的Java应用程序来测试身份验证，并且使这段代码正常工作，其内容是访问令牌JSon的String表示形式:

I wrote a simple Java application to test the authentication and I had this piece of code working, with content that is the String representation of the access token JSon:

    String accessTokenURL = "https://login.microsoftonline.com/common/oauth2/token";
    CloseableHttpClient client = HttpClients.createDefault();
    HttpPost requestToken = new HttpPost(accessTokenURL);

    requestToken.addHeader("Cache-Control", "no-cache");
    requestToken.addHeader("Content-Type", "application/x-www-form-urlencoded");

    List<NameValuePair> params = new ArrayList<NameValuePair>();
    params.add(new BasicNameValuePair("grant_type", "password"));
    params.add(new BasicNameValuePair("client_id", clientId));
    params.add(new BasicNameValuePair("resource", resource));
    params.add(new BasicNameValuePair("username", username));
    params.add(new BasicNameValuePair("password", password));
    params.add(new BasicNameValuePair("client_secret", clientSecret));
    requestToken.setEntity(new UrlEncodedFormEntity(params));

    CloseableHttpResponse response = client.execute(requestToken);
    InputStream is = response.getEntity().getContent();
    String content = IOUtils.toString(is);
    System.out.println(content);
    client.close();

资源是客户的Dynamics在线实例.

resource is the Dynamics online instance of the customer.

我使用Spring Security OAuth2客户端类尝试了类似的操作，但是我总是得到"401未经授权":

I tried something similar using Spring Security OAuth2 client classes but I always get "401 Unauthorized":

    ResourceOwnerPasswordResourceDetails resourceObj = new ResourceOwnerPasswordResourceDetails();
    resourceObj.setClientId(clientId);
    resourceObj.setClientSecret(clientSecret);
    resourceObj.setGrantType("password");
    resourceObj.setAccessTokenUri(accessTokenURLWithResource);
    // resourceObj.setId(resource);
    resourceObj.setTokenName("bearer_token");
    resourceObj.setUsername(username);
    resourceObj.setPassword(password);

    AccessTokenRequest atr = new DefaultAccessTokenRequest();
    Map<String, List<String>> headersMap = new HashMap<String, List<String>>();
    headersMap.put("Cache-Control", Arrays.asList("no-cache"));
    headersMap.put("Content-Type", Arrays.asList("application/x-www-form-urlencoded"));
    atr.add("client_id", clientId);
    atr.add("resource", resource);
    atr.add("client_secret", clientSecret);
    atr.add("username", username);
    atr.add("password", password);
    OAuth2ClientContext context = new DefaultOAuth2ClientContext(atr);
    OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceObj, context);
    OAuth2AccessToken token = restTemplate.getAccessToken();
    System.out.println(new Gson().toJson(token));

我尝试使用不同的方式传递访问令牌URL和资源，但结果始终相同.

I tried using different ways to pass the access token URL and resource but the result is always the same.

对于在这种情况下要使用的其他高级库的任何帮助或任何其他建议，我们深表感谢.

Any help or any other advice about other high level library to be used in this case are appreciated, thanks.

推荐答案

由于@fateddy的一些提示，我来了一个解决方案.这段代码有效，现在我将尝试将其集成到我的应用程序中

Thanks to some hints of @fateddy I came to a solution. This piece of code works, now I'll try to integrate in my application

    ResourceOwnerPasswordResourceDetails resourceObj = new ResourceOwnerPasswordResourceDetails();
    // resourceObj.setClientId(clientId);
    // resourceObj.setClientSecret(clientSecret);
    resourceObj.setGrantType("password");
    resourceObj.setAccessTokenUri(accessTokenURLWithResource);
    // resourceObj.setId(resource);
    resourceObj.setTokenName("bearer_token");
    // resourceObj.setUsername(username);
    // resourceObj.setPassword(password);

    AccessTokenRequest atr = new DefaultAccessTokenRequest();
    Map<String, List<String>> headersMap = new HashMap<String, List<String>>();
    headersMap.put("Cache-Control", Arrays.asList("no-cache"));
    headersMap.put("Content-Type", Arrays.asList("application/x-www-form-urlencoded"));
    atr.add("client_id", clientId);
    atr.add("resource", resource);
    atr.add("client_secret", clientSecret);
    atr.add("username", username);
    atr.add("password", password);
    OAuth2ClientContext context = new DefaultOAuth2ClientContext(atr);
    OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceObj, context);
    OAuth2AccessToken token = restTemplate.getAccessToken();
    System.out.println(new Gson().toJson(token));

这篇关于通过后台Java(春季)应用程序对Dynamics CRM WebAPI进行OAuth2.0身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！