Android 如何在安卓系统中通过改造实现访问和刷新令牌的身份验证?
我正在尝试使用access和refresh token实现基于令牌的身份验证。访问令牌在一段有限的时间后过期。然后使用刷新令牌,它需要再次更新。我也在关注这个和这个。由于我是android新手,我不知道如何实现这些概念 这是我使用刷新令牌获取访问令牌的接口Android 如何在安卓系统中通过改造实现访问和刷新令牌的身份验证?,android,retrofit,retrofit2,okhttp3,Android,Retrofit,Retrofit2,Okhttp3,我正在尝试使用access和refresh token实现基于令牌的身份验证。访问令牌在一段有限的时间后过期。然后使用刷新令牌,它需要再次更新。我也在关注这个和这个。由于我是android新手,我不知道如何实现这些概念 这是我使用刷新令牌获取访问令牌的接口 //get access Token with Refresh Token @POST("/api/token") Call<ResponseBody> getAccessToken(@Body JSONObj
//get access Token with Refresh Token
@POST("/api/token")
Call<ResponseBody> getAccessToken(@Body JSONObject jsonObject);
我不知道在哪里以及如何实现那些
服务生成器
和验证器
。我必须在每个API URL的标题中通过“Authentication”=>ACCESSTOKEN
。请使用以下代码创建您的服务:
public <S> S createService(Class<S> serviceClass, AuthToken authToken) {
final String token = "Bearer" + " " + authToken.getAceessToken();
Log.d("ServiceGenerator", "Token::::::: " + token);
httpClient.addInterceptor(chain -> {
Request original = chain.request();
// Request customization: add request headers
Request.Builder requestBuilder = original.newBuilder()
.header(KEY_AUTH_HEADER, token).header("Content-Type", "application/json");
Request request = requestBuilder.build();
return chain.proceed(request);
});
Retrofit retrofit = builder.client(httpClient.build()).build();
return retrofit.create(serviceClass);
}
public的createService(类serviceClass,AuthToken AuthToken){
最终字符串token=“Bearer”+“”+authToken.getAceessToken();
Log.d(“ServiceGenerator”,“Token::::”+Token);
httpClient.addInterceptor(链->{
Request original=chain.Request();
//请求自定义:添加请求头
Request.Builder requestBuilder=original.newBuilder()
.header(KEY_AUTH_header,token).header(“内容类型”,“应用程序/json”);
Request=requestBuilder.build();
返回链。继续(请求);
});
改装改装=builder.client(httpClient.build()).build();
返回改装。创建(serviceClass);
}
将以下行添加到调用方法:
ApiService service = serviceGenerator.createService(ApiService.class, token);
Call<ResponseBody> call = service.getMovielist(id);
ApiService service=serviceGenerator.createService(ApiService.class,令牌);
Call Call=service.getMovielist(id);
serviceGenerator是我定义的创建服务方法的类。您可以随时声明。请使用以下代码创建您的服务:
public <S> S createService(Class<S> serviceClass, AuthToken authToken) {
final String token = "Bearer" + " " + authToken.getAceessToken();
Log.d("ServiceGenerator", "Token::::::: " + token);
httpClient.addInterceptor(chain -> {
Request original = chain.request();
// Request customization: add request headers
Request.Builder requestBuilder = original.newBuilder()
.header(KEY_AUTH_HEADER, token).header("Content-Type", "application/json");
Request request = requestBuilder.build();
return chain.proceed(request);
});
Retrofit retrofit = builder.client(httpClient.build()).build();
return retrofit.create(serviceClass);
}
public class ApiClient {
public static final String BASE_URL = "https://lit-cove-70675.herokuapp.com";
public <Service> Service buildApi(Class<Service> service, String accessToken) {
return new Retrofit.Builder()
.baseUrl(BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.client(getOkkHttpClient(accessToken))
.build()
.create(service);
}
private OkHttpClient getOkkHttpClient(String accessToken) {
OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
httpClient.addInterceptor(new Interceptor() {
@Override
public Response intercept(@NonNull Interceptor.Chain chain) throws IOException {
Request original = chain.request();
Request.Builder requestBuilder = original.newBuilder();
// ============= Your access token will go here ============
if(accessToken != null) {
requestBuilder.header("Access token key", accessToken);
}
return chain.proceed(requestBuilder.build());
}
});
return httpClient.build();
}
}
public的createService(类serviceClass,AuthToken AuthToken){
最终字符串token=“Bearer”+“”+authToken.getAceessToken();
Log.d(“ServiceGenerator”,“Token::::”+Token);
httpClient.addInterceptor(链->{
Request original=chain.Request();
//请求自定义:添加请求头
Request.Builder requestBuilder=original.newBuilder()
.header(KEY_AUTH_header,token).header(“内容类型”,“应用程序/json”);
Request=requestBuilder.build();
返回链。继续(请求);
});
改装改装=builder.client(httpClient.build()).build();
返回改装。创建(serviceClass);
}
将以下行添加到调用方法:
ApiService service = serviceGenerator.createService(ApiService.class, token);
Call<ResponseBody> call = service.getMovielist(id);
ApiService service=serviceGenerator.createService(ApiService.class,令牌);
Call Call=service.getMovielist(id);
serviceGenerator是我定义的创建服务方法的类。您可以随时声明。公共类ApiClient{
public class ApiClient {
public static final String BASE_URL = "https://lit-cove-70675.herokuapp.com";
public <Service> Service buildApi(Class<Service> service, String accessToken) {
return new Retrofit.Builder()
.baseUrl(BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.client(getOkkHttpClient(accessToken))
.build()
.create(service);
}
private OkHttpClient getOkkHttpClient(String accessToken) {
OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
httpClient.addInterceptor(new Interceptor() {
@Override
public Response intercept(@NonNull Interceptor.Chain chain) throws IOException {
Request original = chain.request();
Request.Builder requestBuilder = original.newBuilder();
// ============= Your access token will go here ============
if(accessToken != null) {
requestBuilder.header("Access token key", accessToken);
}
return chain.proceed(requestBuilder.build());
}
});
return httpClient.build();
}
}
公共静态最终字符串BASE_URL=”https://lit-cove-70675.herokuapp.com";
公共服务构建API(类服务、字符串访问令牌){
返回新的改装.Builder()
.baseUrl(基本URL)
.addConverterFactory(GsonConverterFactory.create())
.client(getOkkHttpClient(accessToken))
.build()
.创造(服务);
}
私有OkHttpClient GetOKHttpClient(字符串访问令牌){
OkHttpClient.Builder httpClient=新建OkHttpClient.Builder();
httpClient.addInterceptor(新的拦截器(){
@凌驾
公共响应截获(@NonNull Interceptor.Chain Chain)引发IOException{
Request original=chain.Request();
Request.Builder requestBuilder=original.newBuilder();
//===============您的访问令牌将转到此处============
if(accessToken!=null){
标头(“访问令牌密钥”,accessToken);
}
返回链。继续(requestBuilder.build());
}
});
返回httpClient.build();
}
}
公共类ApiClient{
公共静态最终字符串BASE_URL=”https://lit-cove-70675.herokuapp.com";
公共服务构建API(类服务、字符串访问令牌){
返回新的改装.Builder()
.baseUrl(基本URL)
.addConverterFactory(GsonConverterFactory.create())
.client(getOkkHttpClient(accessToken))
.build()
.创造(服务);
}
私有OkHttpClient GetOKHttpClient(字符串访问令牌){
OkHttpClient.Builder httpClient=新建OkHttpClient.Builder();
httpClient.addInterceptor(新的拦截器(){
@凌驾
公共响应截获(@NonNull Interceptor.Chain Chain)引发IOException{
Request original=chain.Request();
Request.Builder requestBuilder=original.newBuilder();
//===============您的访问令牌将转到此处============
if(accessToken!=null){
标头(“访问令牌密钥”,accessToken);
}
返回链。继续(requestBuilder.build());
}
});
返回httpClient.build();
}
}
当令牌过期时,我应该在哪里调用api以获取访问令牌?我也有刷新令牌。当令牌过期时,我应该在哪里调用api来获取访问令牌?我也有刷新令牌。