[英]Basic authentication for REST API using spring restTemplate
我是 RestTemplate 的新手,基本上也是 REST API 的新手。 我想通过 Jira REST API 检索我的应用程序中的一些数据,但返回 401 未经授权。 在jira rest api 文档上找到并发表了文章,但真的不知道如何将其重写为 java,因为该示例使用 curl 的命令行方式。我将不胜感激如何重写的任何建议或建议:
curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"
使用 spring rest 模板进入 java。 其中 ZnJlZDpmcmVk 是用户名:密码的 base64 编码字符串。 非常感谢你。
取自本网站上的示例,我认为这将是最自然的方法,即填写标头值并将标头传递给模板。
这是填写标题Authorization
:
String plainCreds = "willie:p@ssword";
byte[] plainCredsBytes = plainCreds.getBytes();
byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
String base64Creds = new String(base64CredsBytes);
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Creds);
这是将标头传递给 REST 模板:
HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<Account> response = restTemplate.exchange(url, HttpMethod.GET, request, Account.class);
Account account = response.getBody();
您可以使用 spring-boot RestTemplateBuilder
@Bean
RestOperations rest(RestTemplateBuilder restTemplateBuilder) {
return restTemplateBuilder.basicAuthentication("user", "password").build();
}
查看文档
(在 SB 2.1.0 之前是#basicAuthorization
)
有多种方法可以将基本 HTTP 身份验证添加到RestTemplate
。
try {
// request url
String url = "https://jsonplaceholder.typicode.com/posts";
// create auth credentials
String authStr = "username:password";
String base64Creds = Base64.getEncoder().encodeToString(authStr.getBytes());
// create headers
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Creds);
// create request
HttpEntity request = new HttpEntity(headers);
// make a request
ResponseEntity<String> response = new RestTemplate().exchange(url, HttpMethod.GET, request, String.class);
// get JSON response
String json = response.getBody();
} catch (Exception ex) {
ex.printStackTrace();
}
如果您使用的是 Spring 5.1
或更高版本,则不再需要手动设置授权标头。 改用headers.setBasicAuth()
方法:
// create headers
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth("username", "password");
@Service
public class RestService {
private final RestTemplate restTemplate;
public RestService(RestTemplateBuilder restTemplateBuilder) {
this.restTemplate = restTemplateBuilder
.basicAuthentication("username", "password")
.build();
}
// use `restTemplate` instance here
}
@Bean
RestOperations restTemplateBuilder(RestTemplateBuilder restTemplateBuilder) {
return restTemplateBuilder.basicAuthentication("username", "password").build();
}
我希望它有帮助!
从 Spring 5.1 开始,您可以使用HttpHeaders.setBasicAuth
创建基本授权标头:
String username = "willie";
String password = ":p@ssword";
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth(username, password);
...other headers goes here...
将标头传递给 RestTemplate:
HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<Account> response = restTemplate.exchange(url, HttpMethod.GET, request, Account.class);
Account account = response.getBody();
文档: https ://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/http/HttpHeaders.html#setBasicAuth-java.lang.String-java.lang.String-
(也许)不导入 spring-boot 的最简单方法。
restTemplate.getInterceptors().add(new BasicAuthorizationInterceptor("user", "password"));
参考 Spring Boot 的TestRestTemplate
实现如下:
特别是 addAuthentication() 方法如下:
private void addAuthentication(String username, String password) {
if (username == null) {
return;
}
List<ClientHttpRequestInterceptor> interceptors = Collections
.<ClientHttpRequestInterceptor> singletonList(new BasicAuthorizationInterceptor(
username, password));
setRequestFactory(new InterceptingClientHttpRequestFactory(getRequestFactory(),
interceptors));
}
同样,您可以轻松制作自己的RestTemplate
通过继承像TestRestTemplate
如下:
而不是如下实例化:
TestRestTemplate restTemplate = new TestRestTemplate();
这样做:
TestRestTemplate restTemplate = new TestRestTemplate(user, password);
它对我有用,我希望它有帮助!
使用setBasicAuth
定义凭据
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth("myUsername", myPassword);
然后根据您的喜好创建请求。
例子:
HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET,
request, String.class);
String body = response.getBody();
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth(username, password);
然后继续此处其他人提到的相同程序:
HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET,
request, String.class);
我正在为我的单元测试环境使用 spring 版本5.3.15
。 我使用withBasicAuth
进行测试:
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
public class MyTestClass {
...
@Autowired
private TestRestTemplate restTemplate;
...
@Test
@SneakyThrows
public void TestGetSettings(){
DtoClass dtoClass = this.restTemplate
.withBasicAuth(UserServices.DEFAULT_USER, UserServices.DEFAULT_PASSWORD)
.getForObject(String.format("http://localhost:%d/setting",
port), DtoClass.class);
assertThat(dtoClass.getClientAddress()).isNotEmpty();
}
...
}
如您所见,此方法仅适用于基本身份验证。 如果你看一下withBasicAuth
方法的细节,你会发现方法源会是这样的:
// TestRestTemplate.java file:
...
public class TestRestTemplate {
...
private final RestTemplateBuilder builder;
...
public TestRestTemplate withBasicAuth(String username, String password) {
TestRestTemplate template = new TestRestTemplate(this.builder, username, password, this.httpClientOptions);
...
}
}
因此,对于其他类型的身份验证,您可以使用RestTemplateBuilder
作为其他答案中提到的构建器。
循序渐进
我在 application.Properties 文件中添加了客户端凭证,如下所示...
http.basicauth.username = 你的用户名
http.basicauth.password = 你的密码
而且,然后我创建了一个 class 有两个字段因为我从 Application.Properties 文件加载这两个字段: username和password 。 确保您的 class 带有@Component注释 ..
@Value("${http.basicauth.username}")
private String username;
@Value("${http.basicauth.password}")
private String password;
然后,您需要在class以上的任何地方自动接线。
// I'm getting a username and password from application.properties file
String userCredentials = referenceClassName.getUsername()+":"+referenceClassName.getPassword();
// Encoded User Credentials and Convert it into a String
String encodedUserCredentials= Base64.getMimeEncoder().encodeToString(userCredentialsBytes.getBytes());
headers.set("Authorization", "Basic " +base64UserCredentials);
HttpEntity request = new HttpEntity(headers);
String url = "externalUrl";
// Getting a Json String body
String body = restTemplate.exchange(url,HttpMethod.GET,request,String.class).getBody();
Note :: For getting an Access Token from String Json body , That's why I converted it into a Json Object
JsonObject tokenJsonObject = new JsonParser().parse(body).getAsJsonObject();
// Getting access token as string from tokenJsonObject
String accessToken = tokenJsonObject.has("access_token") && !tokenJsonObject.get("access_token").isJsonNull() ? tokenJsonObject.get("access_token").getAsString() : "";
如果您有任何疑虑,请在评论中告诉我。希望对您有所帮助。
I have been using Spring above 5.1.x
// create headers for basic auth
var headers = new HttpHeaders();
headers.setBasicAuth("username", "password");
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.