Java HttpClient中的授权承载令牌?
我正在尝试使用Java中的oauth2授权令牌访问API 这是客户端代码Java HttpClient中的授权承载令牌?,java,authentication,curl,httpclient,bearer-token,Java,Authentication,Curl,Httpclient,Bearer Token,我正在尝试使用Java中的oauth2授权令牌访问API 这是客户端代码 DefaultHttpClient httpclient = new DefaultHttpClient(); HttpPost post = new HttpPost(http://res-api"); post.setHeader("Content-Type","application/json"); post.setHeader("Authorization", "Bearer " + finalToken);
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpPost post = new HttpPost(http://res-api");
post.setHeader("Content-Type","application/json");
post.setHeader("Authorization", "Bearer " + finalToken);
JSONObject json = new JSONObject();
// json.put ...
// Send it as request body in the post request
StringEntity params = new StringEntity(json.toString());
post.setEntity(params);
HttpResponse response = httpclient.execute(post);
httpclient.getConnectionManager().shutdown();
这将返回一个401
等效的curl命令使用相同的令牌不会出现任何问题:
curl -H "Content-Type:application/json" -H "Authorization:Bearer randomToken" -X POST -d @example.json http://rest-api
我尝试注销请求,看起来授权设置正确
DEBUG [2016-06-28 20:51:13,655] org.apache.http.headers: >> Authorization: Bearer authRandomToKen; Path=/; Domain=oauth2-server; Expires=Wed, 29 Jun 2016 20:51:13 UTC
我通过复制粘贴相同的标记来尝试curl命令,t工作正常
虽然我也看到这条线
DEBUG [2016-06-28 20:51:13,658] org.apache.http.impl.client.DefaultHttpClient: Response contains no authentication challenges
我也遇到过类似的情况,我是通过下面的方法做到的,我希望这能帮助别人
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
public class HttpURLConnectionExample {
public static void main(String[] args) throws Exception {
// Sending get request
URL url = new URL("http://example-url");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestProperty("Authorization","Bearer "+" Actual bearer token issued by provider.");
//e.g. bearer token= eyJhbGciOiXXXzUxMiJ9.eyJzdWIiOiPyc2hhcm1hQHBsdW1zbGljZS5jb206OjE6OjkwIiwiZXhwIjoxNTM3MzQyNTIxLCJpYXQiOjE1MzY3Mzc3MjF9.O33zP2l_0eDNfcqSQz29jUGJC-_THYsXllrmkFnk85dNRbAw66dyEKBP5dVcFUuNTA8zhA83kk3Y41_qZYx43T
conn.setRequestProperty("Content-Type","application/json");
conn.setRequestMethod("GET");
BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String output;
StringBuffer response = new StringBuffer();
while ((output = in.readLine()) != null) {
response.append(output);
}
in.close();
// printing result from response
System.out.println("Response:-" + response.toString());
}
}
我试图用HttpClient做一些类似的事情,我做了一个小改动,如下所示
post.setHeader(HttpHeaders.CONTENT_TYPE,"application/json");
post.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + finalToken);
尝试使用wireshark之类的工具验证网络调用,CURL和Java看起来应该是一样的。很可能未发送授权标头。努力用CURL中的一个编码。谢谢你的指点,我用建议编辑了这个问题?请求标头似乎尚未识别。响应标头是否也应包含身份验证令牌?我只是试着把它记录下来,看起来好像没有设置任何头文件,上面的代码工作得很好。但是Eclipse想让我尝试一下。