在Cloud SDK中使用XSTokenRequest进行令牌获取
[英]Token fetch using XSTokenRequest in Cloud SDK
问题描述
We were using xs security library to get token based on token type (client_credentials/user_token). 
我们正在使用xs安全库基于令牌类型(client_credentials / user_token)获取令牌。 I was not able to replicate the same in the security feature of Cloud SDK without using xs security library. 如果不使用xs安全性库,则无法在Cloud SDK的安全性功能中复制相同的内容。
Background: 背景:
- We wanted the token exchange to be done using the credentials of a service depending on the type of the token. 我们希望根据令牌的类型使用服务的凭据来完成令牌交换。
Using xs security dependency, we used the below code to fetch the technical token/user token using the client credentials. 使用xs安全依赖性,我们使用以下代码使用客户端凭据获取技术令牌/用户令牌。
//For client token
public String getClientCredentialToken() {
JSONObject buslogUaaCred = envar.getBuslogCredentials().getJSONObject("uaa");
XSTokenRequest xsTokenRequest = null;
try {
xsTokenRequest = new XSTokenRequestImpl(buslogUaaCred.getString("url"));
} catch (URISyntaxException e) {
e.printStackTrace();
}
xsTokenRequest.setClientId(buslogUaaCred.getString("clientid"));
xsTokenRequest.setClientSecret(buslogUaaCred.getString("clientsecret"));
xsTokenRequest.setType(XSTokenRequest.TYPE_CLIENT_CREDENTIALS_TOKEN);
String token = SecurityContext.getUserInfo().requestToken(xsTokenRequest);
return token;
}
//For named user token
public String getNamedUserToken() {
JSONObject buslogUaaCred = envar.getBuslogCredentials().getJSONObject("uaa");
XSTokenRequest xsTokenRequest = null;
try {
xsTokenRequest = new XSTokenRequestImpl(buslogUaaCred.getString("url"));
} catch (URISyntaxException e) {
e.printStackTrace();
}
xsTokenRequest.setClientId(buslogUaaCred.getString("clientid"));
xsTokenRequest.setClientSecret(buslogUaaCred.getString("clientsecret"));
xsTokenRequest.setType(XSTokenRequest.TYPE_USER_TOKEN);
String token = SecurityContext.getUserInfo().requestToken(xsTokenRequest);
return token;
}
I have used the below dependencies to try out the cloud SDK for security. 我已使用以下依赖项尝试了云SDK的安全性。
<dependency>
<groupId>com.sap.cloud.s4hana.cloudplatform</groupId>
<artifactId>security</artifactId>
<version>2.18.1</version>
</dependency>
<dependency>
<groupId>com.sap.cloud.s4hana.cloudplatform</groupId>
<artifactId>security-scp-cf</artifactId>
<version>2.18.1</version>
</dependency>
I could not find any methods to replicate the same as mentioned above. 我找不到任何复制上述方法的方法。
I could only find a method to fetch the token based on the xsuaa instance bound to the application as mentioned below: 我只能找到一种基于绑定到应用程序的xsuaa实例来获取令牌的方法,如下所述:
// Get XSUAA service token.
public String getClientToken() {
return AuthTokenAccessor.getXsuaaServiceToken().getJwt().toString();
}
Is this something supported in Cloud SDK? Cloud SDK是否支持此功能?
1 个解决方案
解决方案1
1 2019-07-03 11:15:44
The SAP Cloud SDK transparently handles the relevant OAuth flows to XSUAA depending on the underlying destination type (requiring either user propagation or not). SAP Cloud SDK会根据基础目标类型(是否需要用户传播)透明地处理到XSUAA的相关OAuth流。
We have the relevant functionality in the SDK, but it is not exposed publicly since we want to keep the freedom to change the implementation as needed. 我们在SDK中提供了相关功能,但由于希望保留根据需要更改实现的自由,因此未公开公开。
I'm a bit questioning if you really need and want to do the flows on your own. 我有点质疑您是否真的需要并且想要自己做流程。 Instead, I suggest to use the SDK's VDM (client libs) or DestinationAccessor, HttpClientAccessor, or ScpCfService classes. 相反,我建议使用SDK的VDM(客户端库)或DestinationAccessor,HttpClientAccessor或ScpCfService类。 Nevertheless, if you have a good reason to do the flows on your own, please use the XS security library as you already do. 但是,如果您有充分的理由自己进行流程,请像以前一样使用XS安全库。
Out of curiosity, why do you want to do the flows on your own? 出于好奇,您为什么要自己做流程?
(Disclaimer: I'm one of the authors of the SAP Cloud SDK for Java). (免责声明:我是SAP Cloud SDK for Java的作者之一)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.