从 openshift 获取不记名令牌的休息端点

Question

我正在尝试在 openshift 中使用 REST 端点，例如获取 pod/部署等。为了访问这些端点，我需要不记名令牌。我正在尝试找出将返回不记名令牌的 REST 端点。

我用 curl -u un:pwd -kI 'https://myopenshift.xyz.com/oauth/authorize?clientid=openshift-challenging-client&response_type=token'

它并没有返回我的令牌。有人可以帮我吗？

Answer 1

获取不记名令牌是 openshift 中的两个步骤。

您可以像下面这样获得令牌

    public static String getUserToken(String domain, String userName, String password) {

    String userToken = "401";
    String path = ".well-known/oauth-authorization-server";

    try {
        String command = domain.trim() + "/" + path.trim();
        CloseableHttpClient client = OpenshiftSessionUtil.custom();        
        String reqType = "GET";
        HttpUriRequest request = RequestBuilder.create(reqType).setUri(command).build();
        request.addHeader("Accept", "application/json");
        HttpResponse response = client.execute(request);

        String authorization_endpoint = OpenshiftSessionUtil.getPropertyFromHttpResponse(response,
                "authorization_endpoint");

        if (authorization_endpoint != null) {
            //System.out.println(" UserTokenUtil::getUserToken " + authorization_endpoint);
            CredentialsProvider provider = new BasicCredentialsProvider();
            UsernamePasswordCredentials credentials = new UsernamePasswordCredentials(userName, password);
            provider.setCredentials(AuthScope.ANY, credentials);
             client = HttpClientBuilder.create().setDefaultCredentialsProvider(provider)
                    .setSSLContext(SSLHandler.getSSLContextToSkipVerification()).disableRedirectHandling().build();
            String tokenURL = authorization_endpoint.trim()
                    + "?client_id=openshift-challenging-client&response_type=token";
            HttpGet httpGet_Token = new HttpGet(tokenURL);
            httpGet_Token.setHeader("X-Csrf-Token", "1");
            httpGet_Token.setHeader("Content-Type", "application/json");
            httpGet_Token.setHeader("Accept", "*/*");
            HttpResponse httpGet_Token_Response = client.execute(httpGet_Token);
            if (httpGet_Token_Response.getStatusLine().getStatusCode() == 302) {
                Header[] headers = httpGet_Token_Response.getAllHeaders();
                String location_Val = null;
                for (Header header : headers) {
                    if (header.getName().trim().equals("Location")) {
                        System.out.println(" UserTokenUtil::getUserToken Location Found!");
                        location_Val = header.getValue();
                        break;
                    }
                }

                Pattern pattern = Pattern.compile("access_token=[^&]*");
                Matcher matcher = pattern.matcher(location_Val);
                if (matcher.find()) {
                    System.out.println(" UserTokenUtil::getUserToken User Token Found");
                    userToken = matcher.group().split("=")[1];
                }

            } else if (httpGet_Token_Response.getStatusLine().getStatusCode() == 401) {
                System.out.println(" UserTokenUtil::getUserToken Unauthorized");
                userToken = "401";
            }

        }

    } catch (Exception e) {
        //logger
    }
    return userToken;
}

public static CloseableHttpClient custom() {
    SSLContext sslContext = SSLHandler.getSSLContextToSkipVerification();
    SSLConnectionSocketFactory sslConSocFactory = new SSLConnectionSocketFactory(sslContext,
            SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
    HttpClientBuilder clientbuilder = HttpClients.custom();
    clientbuilder = clientbuilder.setSSLSocketFactory(sslConSocFactory);
    CloseableHttpClient client = clientbuilder.build();
    return client;
}