[英]how can i use spring social rest template exchange method ignore OAuth2RequestInterceptor
.....
Authorization: KakaoAK {token}
.....
class AdminKeyHeaderOAuth2RequestInterceptor implements ClientHttpRequestInterceptor {
@Override
public ClientHttpResponse intercept(final HttpRequest request, final byte[] body, ClientHttpRequestExecution execution) throws IOException {
return execution.execute(protectedResourceRequest, body);
}
}
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.setAccept(Arrays.asList(new MediaType[]{MediaType.ALL}));
headers.set("Authorization", "KakaoAK " + adminKey); //admin key를 header에 셋팅해야함
MultiValueMap<String, String> param = new LinkedMultiValueMap<String, String>();
param.set("limit", limit);
param.set("fromId", fromId);
param.set("order", order);
restTemplate.setInterceptors(Arrays.asList(new ClientHttpRequestInterceptor[]{new AdminKeyHeaderOAuth2RequestInterceptor()}));
ResponseEntity<KakaoIds> response = restTemplate.exchange(buildApiUri("/v1/user/ids", param).toString(), HttpMethod.GET, new HttpEntity<Object>(headers), KakaoIds.class);
但是請求過程轉到“org.springframework.social.oauth2.OAuth2RequestInterceptor”類的“intercep”方法並覆蓋http標頭。 (在我的自定義請求攔截器之后)
HttpRequest protectedResourceRequest = new HttpRequestDecorator(request);
protectedResourceRequest.getHeaders().set("Authorization", oauth2Version.getAuthorizationHeaderValue(accessToken));
return execution.execute(protectedResourceRequest, body);
....
Authorization: Bearer {token}
....
我該如何解決這個問題?
https://progressivecoder.com/avoid-ssl-validation-spring-boot-resttemplate/
我在progressivecoder中發現了這個bolg,試試
@Bean
public RestTemplate restTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
.loadTrustMaterial(null, acceptingTrustStrategy)
.build();
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
CloseableHttpClient httpClient = HttpClients.custom()
.setSSLSocketFactory(csf)
.build();
HttpComponentsClientHttpRequestFactory requestFactory =
new HttpComponentsClientHttpRequestFactory();
requestFactory.setHttpClient(httpClient);
RestTemplate restTemplate = new RestTemplate(requestFactory);
return restTemplate;
}
使用這個 RestTemplate 方法你不需要創建一個標題,它會跳過驗證
try {
RestTemplate restTemplate = restTemplate();
HttpHeaders headers = new HttpHeaders();
HttpEntity<String> httpEntity = new HttpEntity<>(headers);
ResponseEntity<String> entity = restTemplate.exchange(harborHealthCheck.toString(), HttpMethod.GET, httpEntity, new ParameterizedTypeReference<String>(){});
if(PaasConst.SUCCESS == entity.getStatusCodeValue()){
return entity.getBody();
}else {
throw new BusinessException(ExceptionType.ERROR_IO_EXCEPTION);
}
}catch (Exception e){
throw new BusinessException(ExceptionType.ERROE_NETWORK_REQUEST, e);
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.