在 Spring Boot 和 OAUTH2 SalesForce 会话期间刷新令牌
[英]Refresh token during Spring Boot and OAUTH2 SalesForce session
问题描述
I am connecting to SalesForce rest API and with Spring's oauth2template it works really well.
我正在连接到 SalesForce rest API,并且使用 Spring 的 oauth2template 它工作得非常好。 I am using Spring Boot, so it is basically just autowiring the Oauth2RestTemplate and configuring the oauth2 properties, but there is a challenge and I am not sure if it is a bug or something I haven't configured properly.我正在使用 Spring Boot,所以它基本上只是自动装配 Oauth2RestTemplate 并配置 oauth2 属性,但是有一个挑战,我不确定这是一个错误还是我没有正确配置的东西。 The case is when the token expires on the SalesForce side.这种情况是当令牌在 SalesForce 端过期时。 I still have the old token in the oauth2 context, so if I want the framework to acquire a new token, I manually have to nullify the accesstoken and set it as null in the context in order for getAccesstoken to call acquireAccessToken in the OAuth2RestTemplate class.我在 oauth2 上下文中仍然有旧令牌,所以如果我希望框架获取新令牌,我必须手动取消访问令牌并将其设置为空,以便 getAccesstoken 在 OAuth2RestTemplate 类中调用acquireAccessToken。 I know this is wrong, but I suspect it is because I receive missing token information when I first acquire the token from SalesForce.我知道这是错误的,但我怀疑这是因为我第一次从 SalesForce 获取令牌时收到了丢失的令牌信息。 This is the response when I acquire the token the first time这是我第一次获取令牌时的响应
{
"access_token": "<LONG_VALUE>",
"instance_url": "<SALESFORCE_SERVER>",
"id": "<ID_URL>",
"token_type": "Bearer",
"issued_at": "1538640612182",
"signature": "<SIGNATURE_ID>"
}
I cannot get the refresh_token value from SalesForce.我无法从 SalesForce 获取 refresh_token 值。 I think this is why my OAuth2AccessToken does not have an expiration Date.我认为这就是为什么我的 OAuth2AccessToken 没有到期日期。 When I call getExpiration to see the Date, it is null.当我调用 getExpiration 查看日期时,它为空。
So what could I do here?那我能在这里做什么? Is there any other configuration I am missing here?我在这里缺少任何其他配置吗? I don't like to continue with hacking the framework when it is supposed to handle everything for me, especially acquiring a new token when it expires.当框架应该为我处理所有事情时,我不喜欢继续破解框架,尤其是在它到期时获取新令牌。
1 个解决方案
解决方案1
0 2020-03-20 12:38:48
My first question was deleted since no one were able to answer the question, however I would like to propose a solution myself.我的第一个问题被删除了,因为没有人能够回答这个问题,但是我想自己提出一个解决方案。 I think the world needs to know, but I would also love to get some feedback to the solution.我认为全世界都需要知道,但我也很想得到一些对解决方案的反馈。
Apparently SalesForce can be set up with a refreshtoken response when you retrieve the token, but in my case I didn't get the refreshtoken.显然,当您检索令牌时,可以使用 refreshtoken 响应设置 SalesForce,但在我的情况下,我没有获得 refreshtoken。 So anyway.所以无论如何。 In order to work with something that kind of resembles a refreshtoken strategy I created a Date as a bean in my Spring app:为了使用类似于 refreshtoken 策略的东西,我在 Spring 应用程序中创建了一个 Date 作为 bean:
@Bean
public Date expiryDate() {
... Date configuration here ....
The date would be sometime in the future日期将在未来的某个时间
And then whenever you have to check for expiry, you just check whether today's date exceeds the date from the expiryDate bean.然后每当您必须检查到期日时,您只需检查今天的日期是否超过了 expiryDate bean 中的日期。 That's how you could avoid Spring's OAUTH2 framework to acquire a new accesstoken from the server everytime.这就是您可以避免 Spring 的 OAUTH2 框架每次从服务器获取新访问令牌的方法。 It is a kind of a hacked solution (I know), but it is a way of saving too many calls.这是一种黑客解决方案(我知道),但它是一种节省太多电话的方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.