如何使用android中的改造实现访问和刷新令牌的身份验证?

时间:2017-11-15 07:17:34

标签: android retrofit retrofit2 okhttp3

我正在尝试使用访问和刷新令牌实现基于令牌的身份验证。访问令牌在一段有限的时间后到期。然后使用刷新令牌,它需要再次更新。我正在关注此reference和此answer。由于我是android的新手,我不知道如何实现这些概念。

这是我使用刷新令牌获取访问令牌的界面。

  //get access Token with Refresh Token
    @POST("/api/token")
    Call<ResponseBody> getAccessToken(@Body JSONObject jsonObject);
  

这是我的Retrofit客户:

public class ApiClient {
        public static final String BASE_URL = "https://lit-cove-70675.herokuapp.com";
        private static Retrofit retrofit = null;
          public static Retrofit getClient() {
            if (retrofit == null) {
                retrofit = new Retrofit.Builder()
                        .baseUrl(BASE_URL)
                        .addConverterFactory(GsonConverterFactory.create())
                        .build();
            }
            return retrofit;
        }
    }

我不知道在哪里以及如何实施Service GeneratorsAuthenticator。我必须在每个API网址的标头中传递"Authentication"=>ACCESSTOKEN

2 个答案:

答案 0 :(得分:3)

public class ApiClient {
    public static final String BASE_URL = "https://lit-cove-70675.herokuapp.com";

    public <Service> Service buildApi(Class<Service> service, String accessToken) {

        return new Retrofit.Builder()
                .baseUrl(BASE_URL)
                .addConverterFactory(GsonConverterFactory.create())
                .client(getOkkHttpClient(accessToken))
                .build()
                .create(service);
    }

    private OkHttpClient getOkkHttpClient(String accessToken) {

        OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
        httpClient.addInterceptor(new Interceptor() {
            @Override
            public Response intercept(@NonNull Interceptor.Chain chain) throws IOException {
                Request original = chain.request();
                Request.Builder requestBuilder = original.newBuilder();

                // ============= Your access token will go here ============
                if(accessToken != null) {
                   requestBuilder.header("Access token key", accessToken);
                }

                return chain.proceed(requestBuilder.build());
            }
        });
        return httpClient.build();
    }
}

答案 1 :(得分:0)

请使用以下代码创建您的服务:

public <S> S createService(Class<S> serviceClass, AuthToken authToken) {

            final String token = "Bearer" + " " + authToken.getAceessToken();
            Log.d("ServiceGenerator", "Token:::::::  " + token);

            httpClient.addInterceptor(chain -> {
                Request original = chain.request();

                // Request customization: add request headers
                Request.Builder requestBuilder = original.newBuilder()
                        .header(KEY_AUTH_HEADER, token).header("Content-Type", "application/json");

                Request request = requestBuilder.build();
                return chain.proceed(request);
            });

            Retrofit retrofit = builder.client(httpClient.build()).build();
            return retrofit.create(serviceClass);
        }

将以下行添加到调用方法:

 ApiService service = serviceGenerator.createService(ApiService.class, token);
        Call<ResponseBody> call = service.getMovielist(id);

serviceGenerator是我定义了创建服务方法的类。您可以随时声明。

相关问题
最新问题