英文:
Java Get access token using Client Credentials grant and store the token
问题
我在这里有点迷茫,需要一些直接的指导。我对Java还很陌生,这是我尝试编写的第一个程序,显然已经挣扎了一个月左右。
目前,我们使用Postman来输入客户端ID/密钥,以从第三方API获取访问令牌,然后我们可以使用该令牌从第三方的另一个端点请求资源。
我尝试参考多个资源,比如这个Spring Security的示例:
https://github.com/spring-projects/spring-security/blob/master/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java
以及这个Baeldung的示例:
https://www.baeldung.com/spring-webclient-oauth2#5-security-web-filter-chain
还有这个Stack Overflow上的一些资源,但是当我尝试为自己重新创建这些示例时,它们不起作用,我失败了,实际上有点放弃了...
在Application.yml文件中,这是我的配置:
spring:
security:
oauth2:
client:
authorization-grant-type: client_credentials
client-id:
client-secret:
token-uri: "在这里输入URL"
请问有人可以指导我如何创建Java/Spring代码来获取这个令牌吗?凭据将需要放在HTTP请求的标头中。
英文:
I am bit lost here and need some direct please. I am new to Java and this is the first program that i am trying to write and obviously struggling with it for a month or so.
So currently we use postman to input client ID/secret to get access token from a 3rd party API, using which we can request resources from another end point of this 3rd party.
I am trying reference multiple resources like this spring security example
https://github.com/spring-projects/spring-security/blob/master/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.java
https://www.baeldung.com/spring-webclient-oauth2#5-security-web-filter-chain
https://mkyong.com/java/how-to-send-http-request-getpost-in-java/
and few more in stackoverflow as well.. but when i try and recreate those examples for me, it doesn't work and i am failing and kind off gave up actually...
in the Application.yml file, this is the configuration that i have.
spring:
security:
oauth2:
client:
authorization-grant-type: client_credentials
client-id:
client-secret:
token-uri: "url here"
Please can someone give me some directions on how i can create a Java/spring code to get this token. the credentials will have to go in the header of http request.
答案1
得分: 2
我会推荐使用Connect2ID库,因为它们有非常完善的文档,由专家实现,并且对开发者友好:
如果你在使用Intellij,只需在你的maven pom.xml文件中引用类似以下的库,maven会为你下载这个库:
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>8.4</version>
</dependency>
在这个流程中,通常会按照以下方式管理令牌存储:
- 只需将访问令牌存储在内存中
- 最终访问令牌将会过期,你将会收到401响应
- 当发生这种情况时,只需重新进行身份验证以获取新的令牌...
- ...然后使用新的访问令牌重试API调用。
英文:
I'd recommend the Connect2ID libraries, since they are very well documented, implemented by experts and developer friendly:
If you're using Intellij you just need to reference libraries like this in your maven pom.xml file and maven will download the library for you:
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
<version>8.4</version>
</dependency>
It is usual to manage token storage as follows in this flow:
- Just store the access token in memory
- Eventually the access token will expire and you will get a 401 response
- When this happens, just authenticate again to get a new token ...
- ... and retry the API call with the new access token
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论