如何使用 java 代码使用 client_credentials 获取访问令牌？

Question

我有一些 API 需要访问令牌才能获得响应。在postman 中，我们使用OAuth 2.0 通过提供客户端用户名和密码来获取访问令牌。以类似的方式，我想获取新的访问令牌。

这是我目前尝试过的示例代码。

import java.io.*;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Map;
import java.lang.reflect.Type;
import javax.net.ssl.HttpsURLConnection;

// Google Gson Libraries used for Json Parsing
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;

public class AuthGoogle {

    /**
     * @param args
     * @throws IOException 
     */
    public static void main(String[] args) throws IOException {
        // TODO Auto-generated method stub
         String grantType = "client_credentials";
            String applicationID = "application";
            String username = "username";
            String password = "password";
            String url = "url_link";
            HttpsURLConnection httpConn = null;
            BufferedReader in = null;

            try {

                // Create the data to send
                StringBuilder data = new StringBuilder();
                data.append("grant_type=" + URLEncoder.encode(grantType, "UTF-8"));
                data.append("&client_id=" + URLEncoder.encode(applicationID, "UTF-8"));
                data.append("&username=" + URLEncoder.encode(username, "UTF-8"));
                data.append("&password=" + URLEncoder.encode(password, "UTF-8"));

                // Create a byte array of the data to be sent
                byte[] byteArray = data.toString().getBytes("UTF-8");

                // Setup the Request
                URL request = new URL(null, url,  new sun.net.www.protocol.https.Handler());
                httpConn = (HttpsURLConnection)request.openConnection();
                httpConn.setRequestMethod("POST");
                httpConn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
                httpConn.setRequestProperty("Content-Length", "" + byteArray.length);
                httpConn.setDoOutput(true);

                // Write data
                OutputStream postStream = httpConn.getOutputStream();
                postStream.write(byteArray, 0, byteArray.length);
                postStream.close();

                // Send Request & Get Response
                InputStreamReader reader = new InputStreamReader(httpConn.getInputStream());
                in = new BufferedReader(reader);

                // Get the Json reponse containing the Access Token
                String json = in.readLine();
                System.out.println("Json String = " + json);

                // Parse the Json response and retrieve the Access Token
                Gson gson = new Gson();
                Type mapType  = new TypeToken<Map<String,String>>(){}.getType();
                Map<String,String> ser = gson.fromJson(json, mapType);
                String accessToken = ser.get("access_token");
                System.out.println("Access Token = " + accessToken);

            } catch (java.io.IOException e) {

                // This exception will be raised if the server didn't return 200 - OK
                // Retrieve more information about the error
                System.out.println(e.getMessage());

            } finally {

                // Be sure to close out any resources or connections
                if (in != null) in.close();
                if (httpConn != null) httpConn.disconnect();
            }
        }

}

我的输出为Connection refused: connect.

我尝试过的另一个代码是：-

import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.message.types.GrantType;

import java.io.BufferedReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import org.apache.commons.codec.binary.Base64;

public class OltuJavaClient {

    public static final String TOKEN_REQUEST_URL = "url_link";
    public static final String CLIENT_ID = "client_id";
    public static final String CLIENT_SECRET = "client_pass";

    public static void main(String[] args) {
        try {
            OAuthClient client = new OAuthClient(new URLConnectionClient());

            OAuthClientRequest request =
                    OAuthClientRequest.tokenLocation(TOKEN_REQUEST_URL)
                    .setGrantType(GrantType.CLIENT_CREDENTIALS)
                    .setClientId(CLIENT_ID)
                    .setClientSecret(CLIENT_SECRET)
                    // .setScope() here if you want to set the token scope
                    .buildQueryMessage();
            request.addHeader("Accept", "application/json");
            request.addHeader("Content-Type", "application/json");
            request.addHeader("Authorization", base64EncodedBasicAuthentication());

            String token = client.accessToken(request, OAuth.HttpMethod.POST, OAuthJSONAccessTokenResponse.class).getAccessToken();
            System.out.println(token.toString());

        } catch (Exception exn) {
            exn.printStackTrace();
        }
    }

    private static String base64EncodedBasicAuthentication() {
        // TODO Auto-generated method stub
        return null;
    }
}

我收到此错误：- OAuthProblemException{error='unsupported_response_type', description='Invalid response! Response body is not application/json encoded', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}

我们可以这样做吗？任何线索将不胜感激。

Answer 1

使用 JAVA 11 java.net.http 获取访问令牌的最佳方式。

这里是示例代码：

//Cliend id and client secret
var keys = "clientid goes here:Client secret goes here";
var URL = "http://localhost:8080/api/token"

HashMap<String, String> parameters = new HashMap<>();
parameters.put("grant_type", "client_credentials");
String form = parameters.keySet().stream()
        .map(key -> key + "=" + URLEncoder.encode(parameters.get(key), StandardCharsets.UTF_8))
        .collect(Collectors.joining("&"));

String encoding = Base64.getEncoder().encodeToString(keys.getBytes());
HttpClient client = HttpClient.newHttpClient();

HttpRequest request = HttpRequest.newBuilder().uri(URI.create(url))
        .headers("Content-Type", "application/x-www-form-urlencoded", "Authorization", "Basic "+encoding)
        .POST(BodyPublishers.ofString(form)).build();
HttpResponse<?> response = client.send(request, BodyHandlers.ofString());
System.out.println(response.statusCode() + response.body().toString());

Answer 2

基本上，您应该改用buildBodyMessage。在内部，也可以删除所有标题，例如 Content-Type、Authorization。请注意，Content-Type 是在调用client.accessToken（例如headers.put(OAuth.HeaderType.CONTENT_TYPE, OAuth.ContentType.URL_ENCODED);）时在内部设置的，因此手动设置Content-Type 将覆盖其值，从而导致请求失败。

    try {
        OAuthClient client = new OAuthClient(new URLConnectionClient());

        OAuthClientRequest request = OAuthClientRequest.tokenLocation(TOKEN_REQUEST_URL)
                .setGrantType(GrantType.CLIENT_CREDENTIALS)
                .setClientId(CLIENT_ID)
                .setClientSecret(CLIENT_SECRET)
                .setScope(SCOPE)
                .buildBodyMessage();

        System.out.println(request.getBody());

        String token = client.accessToken(request, OAuth.HttpMethod.POST, OAuthJSONAccessTokenResponse.class).getAccessToken();
        System.out.println(token);
    } catch (Exception exn) {
        exn.printStackTrace();
    }

Answer 3

使用下面提到的代码行在请求正文中设置授权类型。它肯定会起作用

String grant_type = "client_credentials";    
String scope = "generate-ads-output";    

httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");    
StringEntity input = null;    
try {    
input = new StringEntity("grant_type=" + grant_type);     

    httpPost.setEntity(input);    
 } 
 catch (UnsupportedEncodingException e) {    
        e.printStackTrace();    
   }

Answer 4

我编写了适合我的代码。这是：

package fwutech.test;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.Reader;
import java.net.URL;
import java.net.URLConnection;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Map;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import java.lang.reflect.Type;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;

public class Main {

    public static void main(String[] args) throws IOException, NoSuchAlgorithmException, KeyManagementException {

        // Create a trust manager that does not validate certificate chains
        TrustManager[] trustAllCerts = new TrustManager[] {new X509TrustManager() {
                public java.security.cert.X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
                public void checkClientTrusted(X509Certificate[] certs, String authType) {
                }
                public void checkServerTrusted(X509Certificate[] certs, String authType) {
                }
            }
        };

        // Install the all-trusting trust manager
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new java.security.SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

        // Create all-trusting host name verifier
        HostnameVerifier allHostsValid = new HostnameVerifier() {
            public boolean verify(String hostname, SSLSession session) {
                return true;
            }
        };

        // Install the all-trusting host verifier
        HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
        StringBuilder data = new StringBuilder();
        data.append("grant_type=client_credentials");
        byte[] byteArray = data.toString().getBytes("UTF-8");
        URL url = new URL("https://192.168.15.82:8243/token");
        HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
        con.setRequestMethod("POST");
        con.setConnectTimeout(5000);
        con .setDoOutput(true);
        con.setRequestProperty("Authorization",
                "Basic WFFWWFh5dElKeHBvcGxBd3JieGFNTEZzUDQ4YTppWWZpakJTbEJJUkpGQ2Z2NndpR2VzNWdpYU1h");
        OutputStream postStream = con.getOutputStream();
        postStream.write(byteArray, 0, byteArray.length);
        postStream.close();
//      curl -k -d "grant_type=client_credentials" -H "Authorization: Basic WFFWWFh5dElKeHBvcGxBd3JieGFNTEZzUDQ4YTppWWZpakJTbEJJUkpGQ2Z2NndpR2VzNWdpYU1h" https://192.168.15.82:8243/token
        InputStreamReader reader = new InputStreamReader(con.getInputStream());
        BufferedReader in = new BufferedReader(reader);
        String json = in.readLine();
        System.out.println("Json String = " + json);

        // Parse the Json response and retrieve the Access Token
        Gson gson = new Gson();
        Type mapType  = new TypeToken<Map<String,String>>(){}.getType();
        Map<String,String> ser = gson.fromJson(json, mapType);
        String accessToken = ser.get("access_token");
        System.out.println("Access Token = " + accessToken);
        in.close();
        con.disconnect();
    }




}