我需要使用OAuth2协议从Google获取访问令牌。 为了做到这一点,我有一个刷新令牌和一个java程序。 在程序中(见下文),一些(谷歌)java库启动一个码头服务器以获取令牌 (参见java代码中的LocalServerReceiver:它将启动一个jetty服务器,更具体地说是在端口58911)。
稍后我将使用此访问令牌访问webservice(另一个程序)。
在本地计算机(PC)上一切正常。
但是,当我部署我的应用程序进行测试时,在测试服务器下验证失败,因为出于安全考虑,我无法启动Jetty服务器... 该测试机器归Oracle所有,我无法轻易更改安全策略。
有人知道我们是否可以在不启动Jetty服务器的情况下从Google服务器获取此令牌?
以下是本地计算机上的工作代码(异常名称刚刚更改):
public static String getAccessToken() throws ***Exception {
HttpTransport httpTransport = null ;
InputStream inputStreamClientSecret = null;
String accessToken = "";
Credential credential = null;
GoogleAuthorizationCodeFlow authCodeflow = null;
List<String> scope = new ArrayList<String>();
log.debug("Entree dans getAccessToken()");
try {
httpTransport = GoogleNetHttpTransport.newTrustedTransport();
} catch (Exception e) {
throw new AramisException("impossible de créer un httpTransport", e.getMessage());
}
scope.add(DriveScopes.DRIVE);
try {
inputStreamClientSecret = new FileInputStream( getPathSecret() );
} catch (FileNotFoundException e) {
throw new AramisException("Fichier secret " + getPathSecret() + " non trouvé !", e.getMessage());
}
InputStreamReader readerClientSecret = new InputStreamReader(inputStreamClientSecret);
log.debug("reader cree");
try {
clientSecrets = GoogleClientSecrets.load(JSON_FACTORY,readerClientSecret);
log.debug("cs1");
dataStoreFactory = new FileDataStoreFactory(new File( getPathDataStore() ));
log.debug("ds1");
authCodeflow = new GoogleAuthorizationCodeFlow.Builder(
httpTransport
, JSON_FACTORY
,clientSecrets
, scope)
.setAccessType("offline")
.setDataStoreFactory(dataStoreFactory)
.setApprovalPrompt("force")
.build();
log.debug("flow");
//Another port number than 58911 same result
LocalServerReceiver localReceiver = new LocalServerReceiver.Builder().setPort(58911).build();
AuthorizationCodeInstalledApp authCodeInstApp ;
authCodeInstApp = new AuthorizationCodeInstalledApp(authCodeflow , localReceiver) ;
log.debug("auth1");
//This line is blocking
credential = authCodeInstApp.authorize("user");
log.debug("auth2");
credential.refreshToken() ;
log.debug("refreshToken");
} catch (IOException e) {
throw new ***Exception("impossible de créer le credential", e.getMessage());
}
log.debug("RefreshToken=" + credential.getRefreshToken());
accessToken = credential.getAccessToken() ;
return accessToken ;
}
这是最后一个日志:
提取:
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG dtea.oracle.apps.fnd.utils.ws.WebServiceGoogleUtils - local server fait...
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG dtea.oracle.apps.fnd.utils.ws.WebServiceGoogleUtils - auth1
[AJPRequestHandler-HTTPThreadGroup-4] INFO org.mortbay.log - Logging to org.slf4j.impl.SimpleLogger(org.mortbay.log) via org.mortbay.log.Slf4jLog
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - Container Server@f03e98 + SocketConnector@0.0.0.0:58911 as connector
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - Container Server@f03e98 + LocalServerReceiver$CallbackHandler@f2e1df as handler
[AJPRequestHandler-HTTPThreadGroup-4] INFO org.mortbay.log - jetty-6.1.26
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - Container Server@f03e98 + org.mortbay.thread.QueuedThreadPool@1c1dd5c as threadpool
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - started org.mortbay.thread.QueuedThreadPool@1c1dd5c
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - starting LocalServerReceiver$CallbackHandler@f2e1df
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - started LocalServerReceiver$CallbackHandler@f2e1df
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - starting Server@f03e98
[AJPRequestHandler-HTTPThreadGroup-4] INFO org.mortbay.log - Started SocketConnector@localhost:58911
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - started SocketConnector@localhost:58911
[AJPRequestHandler-HTTPThreadGroup-4] DEBUG org.mortbay.log - started Server@f03e98
以下是HTTP错误消息
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, ***@oracleoutsourcing.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
答案 0 :(得分:0)
最后我可以解决这个问题,这是答案,因为它可能对那里的人有用:
这很容易,因为webservice用户将始终是相同的(通用用户)。 所以只需要将2个文件放在服务器上: 秘密文件 + StoredCredential
当我通过浏览器授权google librairies与jetty连接时,StoredCredential在我的本地PC(而不是服务器)上生成。
服务器不需要再次生成StoredCredential,也不会启动jetty会话。