我正在研究CAS SSO实现,我能够对用户进行身份验证并获取其属性。 我现在正在尝试获取访问令牌和刷新令牌? 根据CAS文档,我们应该点击以下URL来获取访问令牌:
/cas/oauth2.0/authorize?response_type=token&client_id=ID&redirect_uri=CALLBACK
但是当我试图点击网址时,我的回复率低于此。
<302 Found,{X-Application-Context=[localhost:native:8443], Set-Cookie=[JSESSIONID=96369B02EB5F81B5BEC099D3D7168EE9;path=/cas;Secure;HttpOnly], Location=[localhost:8443/cas/login?service=localhost%3A8443%2Fcas%2Foauth2.0%2FcallbackAuthorize%3Fclient_name%3DCasOAuthClient], Content-Length=[0], Date=[Thu, 18 May 2017 04:10:39 GMT]}>
我编写的代码来点击cas URL是
OauthAuthCodeVO abcVO = new OauthAuthCodeVO("token", "clientId", "https://localhost:443/index.html");
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<OauthAuthCodeVO> entity = new HttpEntity<>(abcVO, headers);
ResponseEntity<Map<String, Object>> resp = restTemplate.exchange("https://localhost:8443/cas/oauth2.0/authorize", HttpMethod.GET, entity, new ParameterizedTypeReference<Map<String, Object>>() {
});
if (resp != null) {
System.out.println(resp.getBody());
}
请帮忙。
答案 0 :(得分:0)
请阅读OAuth2 Doco:https://oauth.net/2/
一般来说,您需要三项服务:
/authorize ==> Redirects to login page (if required) and returns auth token
/token ==> Use auth token to get access and refresh token
/refresh ==> use refresh token to get new token (when present one has expired)