【发布时间】:2021-03-02 20:51:10
【问题描述】:
我正在尝试找到使用 Keycloak 获取承载令牌的正确格式。
使用 Postman,我可以毫无问题地获取令牌。如果我点击code 和Java - OkHttp
我得到了这个 sn-p:
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "grant_type=client_credentials&client_id=amc-front-shop-service&client_secret=18hsudf9-0132-4r6d-804f-b134837d0d29");
Request request = new Request.Builder()
.url("https://kc.services.enderby.com/auth/realms/FE-SHOP/protocol/openid-connect/token")
.method("POST", body)
.addHeader("Content-Type", "application/x-www-form-urlencoded")
.build();
Response response = client.newCall(request).execute();
当我尝试在 Rest Assured 中为请求建模时,我收到 400 错误但不清楚原因:
private static RequestSpecification keycloakServiceRequestSpec;
private static String access_token;
private void setKeycloakServiceSpecs() {
keycloakServiceRequestSpec = new RequestSpecBuilder()
.setContentType(ContentType.URLENC)
.build();
}
@Test
public String getAccessToken() {
setKeycloakServiceSpecs();
String clientId = "18hsudf9-0132-4r6d-804f-b134837d0d29";
String clientSecret = "amc-front-shop-service";
Response response =
given()
.auth().preemptive().basic(clientId, clientSecret)
.contentType("application/x-www-form-urlencoded")
.formParam("grant_type", "client_credentials")
.formParam("scope", "openid")
.when()
.post("https://kc.services.enderby.com/auth/realms/FE-SHOP/protocol/openid-connect/token").
then().
assertThat().statusCode(200).extract().response();
String json = response.getBody().asString();
JsonPath jsonPath = new JsonPath(json);
access_token = jsonPath.getString("access_token");
logger.info("Oauth Token:" + access_token);
return access_token;
}
很明显我哪里出错了吗?我应该将键/值传递给 .body() 吗?
【问题讨论】:
-
友情提示:如果您代码中的这些客户端机密是真实的,您应该尽快停用客户端机密。现在,每个人都可以使用这些信息对您的 keycloak 进行身份验证。
-
@Sebu 谢谢;我已经事先将它们全部匿名了
标签: java rest keycloak rest-assured