要求:我想访问驻留在云应用程序中的资源。
此云应用程序向我提供了通过 OAuth 1.0 身份验证访问资源的以下详细信息。
OAuth 凭据
- 消费者 key
- 消费者 secret
OAuth 请求 URL
1. Request Token URL
2. Authorise URL
3. Access Token URL
4. API Endpoint URL
我编写了以下java代码来获取请求 token 和请求 token secret 。我将请求 token 和 secret 存储在属性文件中以检索访问 token 。
OAuthAccessor accessor = createOAuthAccessor();
OAuthClient client = new OAuthClient(new HttpClient4());
client.getRequestToken(accessor);
props.setProperty("requestToken", accessor.requestToken);
props.setProperty("tokenSecret", accessor.tokenSecret);
private OAuthAccessor createOAuthAccessor(){
String consumerKey = props.getProperty("consumerKey");
String callbackUrl = null;
String consumerSecret = props.getProperty("consumerSecret");
String reqUrl = props.getProperty("requestUrl");
String authzUrl = props.getProperty("authorizationUrl");
String accessUrl = props.getProperty("accessUrl");
OAuthServiceProvider provider
= new OAuthServiceProvider(reqUrl, authzUrl, accessUrl);
OAuthConsumer consumer
= new OAuthConsumer(callbackUrl, consumerKey,
consumerSecret, provider);
return new OAuthAccessor(consumer);
}
属性文件详细信息:
requestToken= generated by service provider
authorizationUrl= Authorise URL provided by cloud application
consumerSecret= Consumer Secret provided by cloud application
accessUrl=Access Token URL provided by cloud application
tokenSecret= generated by service provider
requestUrl= Request Token URL provided by cloud application
consumerKey= Consumer Secret provided by cloud application
appName= API Endpoint URL provided by cloud application
我可以使用云应用程序提供的请求 token URL 从服务提供商检索请求 token 和请求 token secret 。
然后我使用生成的请求 token 和请求 token secret 来通过以下代码获取访问 token
OAuthAccessor accessor = createOAuthAccessor();
accessor.tokenSecret = props.getProperty("tokenSecret");
OAuthClient client = new OAuthClient(new HttpClient4());
return client.invoke(accessor, "GET", url, params);
执行上述检索访问 token 的代码后,我遇到了以下异常
如果我在上面的代码中将 API Endpoint URL/Resource 作为 URL 参数的值传递给 client.invoke(),那么我将收到以下异常
> <<<<<<<< HTTP response: HTTP/1.1 401 Unauthorized Cache-Control:
> private Content-Type: text/html; charset=utf-8 WWW-Authenticate: OAuth
> Realm="115.248.52.162" X-S: 445759-O1VMAP02 Strict-Transport-Security:
> max-age=31536000 Date: Tue, 18 Jun 2013 06:59:28 GMT Content-Length:
> 142
>
> Exception in thread "main" net.oauth.OAuthProblemException:
> token_rejected oauth_problem_advice: Token RZXHZYCCUMNMZA88032WJFB
> does not match an expected ACCESS token
如果我将访问 token URL 作为 client.invoke() 中 URL 参数的值传递,那么我会收到以下异常
> <<<<<<<< HTTP response: HTTP/1.1 401 Unauthorized Cache-Control:
> private Content-Type: text/html; charset=utf-8 WWW-Authenticate: OAuth
> Realm="49.248.38.202" X-S: 445758-O1VMAP01 Strict-Transport-Security:
> max-age=31536000 Date: Tue, 18 Jun 2013 05:47:30 GMT Content-Length:
> 115
>
> oauth_problem=permission_denied&oauth_problem_advice=The%20consumer%20was%20denied%20access%20to%20this%20resource.
问题:
- 我应该使用哪个 URL 来获取访问 token ?
- 我是否缺少任何检索访问 token 的步骤或设置?
提前致谢。
最佳答案
这里是生成访问 token 的java代码。我已使用 OAuth 身份验证将通用应用程序集成到 Jira。这是使用 OAuth 身份验证访问的 java 代码。请在您的应用程序中包含rest-oauth-client-1.0.one-jar jar。
public static String getAccessToken(){
final String baseURI = "http://bmh1060149:8080";
final String consumerKey = "hardcoded-consumer";
final String consumerPrivatekey = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDFkPMZQaTqsSXI+bSI65rSVaDzic6WFA3WCZMVMi7lYXJAUdkXo4DgdfvEBO21Bno3bXIoxqS411G8S53I39yhSp7z2vcB76uQQifi0LEaklZfbTnFUXcKCyfwgKPp0tQVA+JZei6hnscbSw8qEItdc69ReZ6SK+3LHhvFUUP1nLhJDsgdPHRXSllgZzqvWAXQupGYZVANpBJuK+KAfiaVXCgA71N9xx/5XTSFi5K+e1T4HVnKAzDasAUt7Mmad+1PE+56Gpa73FLk1Ww+xaAEvss6LehjyWHM5iNswoNYzrNS2k6ZYkDnZxUlbrPDELETbz/n3YgBHGUlyrXi2PBjAgMBAAECggEAAtMctqq6meRofuQbEa4Uq5cv0uuQeZLV086VPMNX6k2nXYYODYl36T2mmNndMC5khvBYpn6Ykk/5yjBmlB2nQOMZPLFPwMZVdJ2Nhm+naJLZC0o7fje49PrN2mFsdoZeI+LHVLIrgoILpLdBAz/zTiW+RvLvMnXQU4wdp4eO6i8J/Jwh0AY8rWsAGkk1mdZDwklPZZiwR3z+DDsDwPxFs8z6cE5rWJd2c/fhAQrHwOXyrQPsGyLHTOqS3BkjtEZrKRUlfdgV76VlThwrE5pAWuO0GPyfK/XCklwcNS1a5XxCOq3uUogWRhCsqUX6pYfAVS6xzX56MGDndQVlp7U5uQKBgQDyTDwhsNTWlmr++FyYrc6liSF9NEMBNDubrfLJH1kaOp590bE8fu3BG0UlkVcueUr05e33Kx1DMSFW72lR4dht1jruWsbFp6LlT3SUtyW2kcSet3fC8gySs2r6NncsZ2XFPoxTkalKpQ1atGoBe3XIKeT8RDZtgoLztQy7/7yANQKBgQDQvSHEKS5SttoFFf4YkUh2QmNX5m7XaDlTLB/3xjnlz8NWOweK1aVysb4t2Tct/SR4ZZ/qZDBlaaj4X9h9nlxxIMoXEyX6Ilc4tyCWBXxn6HFMSa/Rrq662Vzz228cPvW2XGOQWdj7IqwKO9cXgJkI5W84YtMtYrTPLDSjhfpxNwKBgGVCoPq/iSOpN0wZhbE1KiCaP8mwlrQhHSxBtS6CkF1a1DPm97g9n6VNfUdnB1Vf0YipsxrSBOe416MaaRyUUzwMBRLqExo1pelJnIIuTG+RWeeu6zkoqUKCAxpQuttu1uRo8IJYZLTSZ9NZhNfbveyKPa2D4G9B1PJ+3rSO+ztlAoGAZNRHQEMILkpHLBfAgsuC7iUJacdUmVauAiAZXQ1yoDDo0Xl4HjcvUSTMkccQIXXbLREh2w4EVqhgR4G8yIk7bCYDmHvWZ2o5KZtD8VO7EVI1kD0z4Zx4qKcggGbp2AINnMYqDetopX7NDbB0KNUklyiEvf72tUCtyDk5QBgSrqcCgYEAnlg3ByRd/qTFz/darZi9ehT68Cq0CS7/B9YvfnF7YKTAv6J2Hd/i9jGKcc27x6IMi0vf7zrqCyTMq56omiLdu941oWfsOnwffWRBInvrUWTj6yGHOYUtg2z4xESUoFYDeWwe/vX6TugL3oXSX3Sy3KWGlJhn/OmsN2fgajHRip0=";
AtlassianOAuthClient jiraoAuthClient = new AtlassianOAuthClient(consumerKey, consumerPrivatekey, baseURI, "");
TokenSecretVerifierHolder requestToken = jiraoAuthClient.getRequestToken();
String authorizeUrl = jiraoAuthClient.getAuthorizeUrlForToken(requestToken.token);
String token = requestToken.token;
String tokenSecret = requestToken.secret;
System.out.println("Token is " + requestToken.token);
System.out.println("Token secret is " + requestToken.secret);
System.out.println("Retrieved request token. go to " + authorizeUrl);
上面的代码将为您提供 token、tokenSecret 和authorizeUrl。获取authorizeUrl后,将URL粘贴到浏览器中,它会询问允许和拒绝选项。让它生成验证码。当 URL 被授权后,可以通过下面的代码生成访问 token 。
URI uri=null;
try {
uri = new URI(authorizeUrl);
} catch (URISyntaxException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if(Desktop.isDesktopSupported()){
Desktop desktop = Desktop.getDesktop();
try {
desktop.browse(uri);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
String verifier = requestToken.verifier;
String accessToken = jiraoAuthClient.swapRequestTokenForAccessToken(token, tokenSecret, verifier);
System.out.println("Access token is : " + accessToken);
return accessToken;
}
如果您也有兴趣通过命令提示符访问 OAuth,您也可以通过那里访问它。以下是通过命令提示符访问它的步骤。
首先创建一个应用程序链接。您可以引用https://developer.atlassian.com/jiradev/jira-apis/jira-rest-apis/jira-rest-api-tutorials/jira-rest-api-example-oauth-authentication
下载rest-oauth-client-1.0.one-jar.jar和rest-oauth-client-1.0-sources.jar并粘贴到本地驱动器中。从那里访问以下命令。
D:\OAuth Jars>java -jar rest-oauth-client-1.0.one-jar.jar requestToken "Your Jira base url"
执行上述命令后,您将获得 token 、 token secret 和检索的请求 token 。
Token is iJKs7Sq4nI3tK0bTqBYSNNOt9rkwrKK9
Token secret is qimK5FibcAKD5ACbF2aKEPpiBWltgwET
Retrieved request token. go to http://bmh1060149:8080/plugins/servlet/oauth/authorize?oauth_token=iJKs7Sq4nI3tK0bTqBYSNNOt9rkwrKK9
然后您必须通过浏览器调用Retrieved request token url来获取验证码。它会要求您允许或拒绝。如果您点击允许,它会给您验证码。
D:\OAuth Jars>java -jar rest-oauth-client-1.0.one-jar.jar accessToken "Your Jira base url" "iJKs7Sq4nI3tK0bTqBYSNNOt9rkwrKK9" "qimK5FibcAKD5ACbF2aKEPpiBWltgwET" "toYvZB"
这将为您提供访问 token
Access token is : zGBqUzmwobyS0GFXrJMIs18lsAUd51Wb
获得访问 token 后,您可以从传递给它的任何 URL 获取数据。
D:\OAuth Jars>java -jar rest-oauth-client-1.0.one-jar.jar request "zGBqUzmwobyS0GFXrJMIs18lsAUd51Wb" "Your Jira base url/rest/api/2/issue/NWFM-4"
希望这有帮助
关于java - 如何使用 OAuth 1.0 在 java 中获取访问 token ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17162937/