【问题标题】:How to request Authentication Token from StreamSets Control Hub API?如何从 StreamSets Control Hub API 请求身份验证令牌?
【发布时间】:2018-05-09 09:22:50
【问题描述】:

我正在尝试构建一个 JAVA 客户端以 POST 到 RESTApi,但是,这样做时我收到错误“用户未通过身份验证”。

在浏览 API 服务文档时,我发现在调用 API 之前,我必须获取一个 Auth Token,就像它在步骤 1 中所说的那样,然后在对 API 的任何后续调用中使用该令牌。

文件是这样说的:

1)
sessionToken=$(curl -s -X POST -d '{"userName":"NAME", "password": "xxxxx"}' https://host:18641/security/public-rest/v1/authentication/login -H "Content-Type:application/json" -H "X-Requested-By:SDC" -c - | grep SSO | grep -o '\S*$')
2)
curl -X POST https://host:18641/jobrunner/rest/v1/job/681c449d-7c22-48d6-9532-2e6ef74971bc/start  --header "Content-Type:application/json" --header "X-Requested-By:SDC" --header "X-SS-REST-CALL:true" --header "X-SS-User-Auth-Token:$sessionToken" -i

现在,我无法在 JAVA 中实现同样的效果。

我正在使用 Jersey 库,这是我目前的代码,

public static String testUploadService(String httpURL, File filePath,String User,String Pass,Processing processing)  throws Exception {

  // Thread.sleep(500);

    // local variables
    ClientConfig clientConfig = null;
    Client client = null;
    WebTarget webTarget = null;
    Invocation.Builder invocationBuilder = null;
    Response response = null;
    FileDataBodyPart fileDataBodyPart = null;
    FormDataMultiPart formDataMultiPart = null;
    int responseCode;
    String responseMessageFromServer = null;
    String responseString = null;
      String name = User;
    String password = Pass;
    String authString = name + ":" + password;
    String sdc="sdc";
    byte[] encoding = Base64.getEncoder().encode(authString.getBytes());
    byte[] encoding2 = Base64.getEncoder().encode(sdc.getBytes());
    String USER_PASS = new String(encoding);
    String auth2=new String(encoding2);
    String boundary = "=-=" + System.currentTimeMillis() + "=-=";


  // Thread.sleep(500);
    try{
        // invoke service after setting necessary parameters

        ClientConfig cc = new ClientConfig();
        cc.register(MultiPartFeature.class);

        try {
        client = new JerseywithSSL().initClient(cc);
        } catch (KeyManagementException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e) { 
        e.printStackTrace();
        }
        webTarget = client.target(httpURL);
        // set file upload values
        fileDataBodyPart = new FileDataBodyPart("file", filePath, MediaType.APPLICATION_OCTET_STREAM_TYPE);
        formDataMultiPart = new FormDataMultiPart();

        formDataMultiPart.bodyPart(fileDataBodyPart);


        invocationBuilder = webTarget.request();//.header("Authorization", "Basic " + authString);
                  invocationBuilder.header("Authorization", "Basic " + USER_PASS);
                  invocationBuilder.header("X-Requested-By","SDC");
                 invocationBuilder.header("Content-type", "multipart/form-data; boundary=" + boundary);
        try{response = invocationBuilder.post(Entity.entity(formDataMultiPart, MediaType.MULTIPART_FORM_DATA));}
        catch(Exception ex){
        ex.printStackTrace();
        }

        responseCode = response.getStatus();
        System.out.println("Response code: " + responseCode);

        if (response.getStatus() != 200) {
        //    throw new RuntimeException("Failed with HTTP error code : " + responseCode);
        }
    System.out.println("Check 6");
        // get response message
        responseMessageFromServer = 
 response.getStatusInfo().getReasonPhrase();
        System.out.println("ResponseMessageFromServer: " + 
     responseMessageFromServer);
 System.out.println("Check 7");
    processing.setlabel("Finished");
   processing.setprogress(100);

        // get response string
        responseString = response.readEntity(String.class);
             processing.finished("Server Response Code - "+responseCode + "\n ResponseMessageFromServer: "+ responseString);
    }
    catch(Exception ex) {
        ex.printStackTrace();
        JOptionPane.showMessageDialog(null, "Error!! \n Make sure you are connected to Dell Internal Network");
        processing.dispose();
    }
    finally{
        // release resources, if any
        fileDataBodyPart.cleanup();
        formDataMultiPart.cleanup();
        formDataMultiPart.close();
        response.close();
        client.close();
    }
    return responseString;
}

我需要帮助来获取授权令牌,就像在第一个 Curl 命令中所做的那样,我可以创建第二个 Post 命令。

【问题讨论】:

  • 大部分基于 Token 的登录服务在 Response Header 中返回 Authentication Token。请检查文档以获取用于获取该响应标头的密钥或在身份验证后如何返回此令牌的任何信息。或者让我知道您使用的是哪个基于 Token 的系统?
  • @RohanKadu 这是文档中示例代码的链接,link我无法弄清楚,REST 新手!

标签: java json rest streamsets


【解决方案1】:

解析您的响应标头并获取身份验证令牌。查看您共享的代码的第 192 行

String userAuthToken = response.getHeaderString(SSOConstants.X_USER_AUTH_TOKEN); 

并在调用其他 Web 服务时在请求标头中使用此 userAuthToken。您可以将此 AuthToken 存储在活动会话中。检查行号 206

.header(SSOConstants.X_USER_AUTH_TOKEN, userAuthToken)

获取Auth Token的关键是

String X_USER_AUTH_TOKEN = "X-SS-User-Auth-Token";

【讨论】:

    【解决方案2】:

    关键是第一个curl 命令获取令牌,但它返回到cookies 中——因此-c - 参数告诉curl 将cookie 写入标准输出。该行的其余部分提取相关 cookie 的值。查看 Jersey 文档,了解如何在发出请求后访问 cookie。

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2016-09-26
      • 2012-12-03
      • 2016-05-30
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多