問題描述
jhipster oauth:如何通過 CURL 獲取令牌 (jhipster oauth : How can i get the token via CURL)
I am trying to use the jhipster to create a new project with the oauth2 authentication. The project example works fine, I can login with the angularjs interface. However when I try to retrieve an access_token using CURL in the command line, I get response as :
"error":"Unauthorized","message":"Bad credentials"
Can someone help me on how to use curl to get the access_token?
參考解法
方法 1:
Here you go!
curl http://127.0.0.1:8080/oauth/token ‑‑request POST ‑‑insecure ‑‑data
"username=[xxx]&password=[yyy]&grant_type=password&scope=read%20write&
client_secret=[your app secret]&client_id=[your app id] " ‑H
"Authorization:Basic [base64 of your appid:appsecrt]"
方法 2:
uncomment cors in application.yml inside jhipster
cors: #By default CORS are not enabled. Uncomment to enable.
allowed‑origins: "*"
allowed‑methods: GET, PUT, POST, DELETE, OPTIONS
allowed‑headers: "*"
exposed‑headers:
allow‑credentials: true
max‑age: 1800
To access REST API with Oauth2 authentication in ionic you must first get the token in ionic app by
$http({
method: "post",
url: "http://192.168.0.4:8085/[Your app name]/oauth/token",
data: "username=admin&password=admin&grant_type=password&scope=read write&client_secret=my‑secret‑token‑to‑change‑in‑production&client_id=auth2Sconnectapp",
withCredentials: true,
headers: {
'Content‑Type': 'application/x‑www‑form‑urlencoded',
'Accept': 'application/json',
'Authorization': 'Basic ' + 'YXV0aDJTY29ubmVjdGFwcDpteS1zZWNyZXQtdG9rZW4tdG8tY2hhbmdlLWluLXByb2R1Y3Rpb24='
}
})
.success(function(data) {
alert("success: " + data);
})
.error(function(data, status) {
alert("ERROR: " + data);
});
here "YXV0aDJTY29ubmVjdGFwcDpteS1zZWNyZXQtdG9rZW4tdG8tY2hhbmdlLWluLXByb2R1Y3Rpb24=" is equal to (clientId + ":" + clientSecret)‑‑all base64‑encoded
you can use https://www.base64encode.org/ to verify or recreate it for yourself
the aboue $http if successful will give you this JSON which contains token and it's expiry time
{
"access_token": "2ce14f67‑e91b‑411e‑89fa‑8169e11a1c04",
"token_type": "bearer",
"refresh_token": "37baee3c‑f4fe‑4340‑8997‑8d7849821d00",
"expires_in": 525,
"scope": "read write"
}
take notice of "access_token" and "token_type" if you want to access any API this is what you have to use. We send the token with API to access data until the token expires then we either refresh it or access for a new one. for example
$http({
method: "get",
url: "http://192.168.0.4:8085/auth‑2‑sconnect/api/countries",
withCredentials: true,
headers: {
'Authorization':' [token_type] + [space] + [access_token] '
}
})
.success(function(data) {
alert("success: " + data);
})
.error(function(data, status) {
alert("ERROR: " + data);
});
方法 3:
A simple way to do it:
- Just open FireBug in Firefox browser, simulate the login process with the right credentials
- Locate the login request in the "NET" tab.
- Right‑click on it then click on "Copy as cURL"
- Paste the copied value in the terminal to see what is expected to be in your cURL request: it looks verbose but you can omit certain parameters. The required parameters are mentioned in @Rajender Saini answer up there.
All is done.
(by santosh、Rajender Saini、Abhishek Patil、Dassi Orleando)