您如何向Cisco Contact Center Express身份服务进行身份验证？

Question

我正在构建第3方应用程序以通过Contact Center Express进行身份验证。该文档是必需的，但不足以完成此操作。例如，

https://developer.cisco.com/docs/contact-center-express/#!cisco-identity-service-client-sdk-guide/during-agent-login

// Get Access Token for the received Authorization Code
String redirectURI = config.getRedirectUri();
AccessToken token = client.getAccessToken(authCode, redirectURI);

您何时何地将用户重定向到联系中心进行身份验证？我观察到Finesse会将用户重定向到

  

https://contactcenter.example.com:8553/ids/v1/oauth/authorize?redirect_uri=https%3A%2F%2Ffinesse.example.com%3A443%2Fdesktop%2Fsso%2Fauthcode&client_id=8a75xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&state=aHR0cHM6Ly92bS1mLWZpbi1hLmRldi5pbi5zcGluc2NpLmNvbS9kZXNrdG9wL2pfaWRlbnRpdHlfY2hlY2s%2FZXJyb3I9dHJ1ZQlhcHBsb2dpbg%3D%3D&response_type=code

但是在哪里指定使用身份服务（IDS）路径/ids/v1/oauth/authorize？状态是必填参数吗？ IDS SDK是否处理回调路径/desktop/sso/authcode？我想不是，但是要发送给它的参数是什么？我正在使用Spring框架。

我是否要对整个过程进行逆向工程，或者我缺少其他文档？

即使我收到OAuth令牌后，如何使用它对其他Cisco产品进行其他REST调用？ Finesse REST API仅提及HTTP基本身份验证。没有提到“授权：不记名”令牌的标题。

https://developer.cisco.com/docs/finesse/#!sign-in-to-finesse/sign-in-to-finesse

Answer 1

我必须在所有重定向之后对其进行反向工程。

@Controller
public class SSOController {

    @Autowired
    private IdSClientConfigurationImpl config;

    @Autowired 
    private IdSClient client;

    @PostMapping("/login")
    public String login(@RequestParam(name="user", required=true) String user) {
        // redirect the user to the Cisco Contact Center Express Identity Service
        String redirectURI = config.getRedirectUri();
        String clientId = config.getClientId();

        URI uri = UriComponentsBuilder
                .fromUriString("https://contact-center-express:8553/ids/v1/oauth/authorize")
                .queryParam("redirect_uri", "{redirect_uri}")
                .queryParam("client_id", "{client_id}")
//              .queryParam("state", "{state}") // base64 encoded
                .queryParam("response_type", "code")
                .build(redirectURI, clientId);
        return "redirect:"+uri.toString();
    }

    @GetMapping("/idscallback")
    public String idscallback(
            @RequestParam(name="code", required=true) String code, 
            @RequestParam(name="state", required=false) String state,
            HttpSession session) throws IdSClientException {

        // Get Access Token for the received Authorization Code
        String redirectURI = config.getRedirectUri();
        AccessToken token = client.getAccessToken(code, redirectURI); // why do I need redirectURI when it's already redirected?
        String accessTokenString = token.getAccess_token();
        session.setAttribute("token", accessTokenString);
//      model.addAttribute("token", accessTokenString);     
        return "redirect:/";
    }

在远处的豆子里……

    @Bean
    public IdSClientConfigurationImpl config() throws IOException, IdSClientException {
        ClassPathResource idsclientResource = new ClassPathResource("idsclient.properties");
        IdSClientConfigurationImpl config = new IdSClientConfigurationImpl(idsclientResource.getFile().getPath());
//      IdSClientConfigurationImpl config = new IdSClientConfigurationImpl("src/main/resources/idsclient.properties");
        config.load();
        return config;
    }

    @Bean
    public IdSClient setupIdsClient() throws IOException, IdSClientException {
        IdSClient client = IdSClientFactory.getIdSClient();
        client.setTLSContext(createSSLTrustManager(), createHostnameVerifier());
//      client.setTLSContext(arg0, arg1) // use secure trust manager and hostname verifier in production
        client.init(config);
        return client;
    }

    private X509TrustManager createSSLTrustManager() {
        X509TrustManager tm = new TrustAllX509TrustManager();
        return tm;  
    }

    private HostnameVerifier createHostnameVerifier() {
        HostnameVerifier hv = new SkipAllHostNameVerifier();
        return hv;
    }