OAuth 2.0访问令牌和客户端证书

huangapple go评论64阅读模式
英文:

OAuth 2.0 Access Tokens and Client Certificate

问题

public void TokenRequest() {
    ResponseEntity<String> response = null;
    RestTemplate restTemplate = new RestTemplate();

    String credentials = String.format("%s:%s", consumerKey, consumerSecret);
    String encodedCredentials = new String(Base64.getEncoder().encodeToString(credentials.getBytes()));

    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
    headers.add("Authorization", "Basic " + encodedCredentials);

    MultiValueMap<String, String> map= new LinkedMultiValueMap<>();
    map.add("grant_type", "client_cert");

    HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);

    response = restTemplate.exchange(tokenUrl, HttpMethod.POST, request, String.class);
}

Please note that the code provided is a translation of the given Java code block. Make sure to adapt it to your specific Spring Boot application environment and integrate it properly with the rest of your codebase.

英文:

So I'm currently developing a Spring boot MS that needs to connect to an external API which has OAuth 2.0 implemented.

The API Store uses a custom version of a grant type called a Client Certificate.

This grant type uses a combination of Mutual SSL and Application level credentials.

It requires two identity factors:

  • Identity Factor 1 – Mutual SSL: Certificate created by me signed by the API store owner
  • Identity Factor 2 – Application Level Credentials: {consumerKey:consumerSecret}

The curl command for obtaining this token is:

curl -k -d &quot;grant_type=client_cert&quot; --basic -u &quot;{consumer key}:{consumer secret}&quot; -H &quot;Content-Type: application/x-www-form-urlencoded&quot; --cert {Certificate Pem} https://api.examplestore.com/token

How can I translate this to my Spring boot application?

I've currently written this piece of code, but I think I'm far off.

public void TokenRequest() {
    ResponseEntity&lt;String&gt; response = null;
    RestTemplate restTemplate = new RestTemplate();

    String credentials = String.format(&quot;%s:%s&quot;, consumerKey, consumerSecret);
    String encodedCredentials = new String(Base64.getEncoder().encodeToString(credentials.getBytes()));


    HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);

    //headers.setCertificate??

    headers.add(&quot;Authorization&quot;, &quot;Basic &quot; + encodedCredentials);

    HttpEntity&lt;String&gt; request = new HttpEntity&lt;String&gt;(headers);

    response = restTemplate.exchange(tokenUrl, HttpMethod.POST, request, String.class);

}

Any help is welcome. Thank you OAuth 2.0访问令牌和客户端证书

答案1

得分: 1

我认为你离目标并不远。

你绝对需要包含请求体部分:
```java
HttpEntity<String> request = new HttpEntity<>("grant_type=client_cert", headers);

另外你还需要包含证书,可能像这样:

SSLContext sslContext = SSLContextBuilder.create()
    .loadTrustMaterial(new URL("/path/to/your/cert"), "certpassword".toCharArray())    
    .setProtocol("yourProtocol")
    .build();
 
final HttpClient httpClient = HttpClientBuilder.create()
        .setSSLContext(sslContext)
        .build();

final ClientHttpRequestFactory requestFactory =
    new HttpComponentsClientHttpRequestFactory(httpClient);

RestTemplate restTemplate = new RestTemplate(requestFactory);

...

<details>
<summary>英文:</summary>

I think you are not that far off.

You defenitely need to include the body:

HttpEntity<String> request = new HttpEntity<String>("grant_type=client_cert", headers);

Also you need to include the certificate, maybe like this:

SSLContext sslContext = SSLContextBuilder.create()
.loadTrustMaterial(new URL("/path/to/your/cert"), "certpassword".toCharArray())
.setProtocol("yourProtocol")
.build();

final HttpClient httpClient = HttpClientBuilder.create()
.setSSLContext(sslContext)
.build();

final ClientHttpRequestFactory requestFactory =
    new HttpComponentsClientHttpRequestFactory(httpClient);

RestTemplate restTemplate = new RestTemplate(requestFactory);

...


</details>



huangapple
  • 本文由 发表于 2020年10月9日 18:59:50
  • 转载请务必保留本文链接:https://go.coder-hub.com/64278709.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定