我有一个问题,当我使用maven测试我的测试应用程序时,它显示为400 Bad Request。我将oauth2与基本身份验证一起使用,并使用Grant_type password。如果我使用Postman之类的程序进行身份验证。有用。但是,如果我添加带有Http标头的基本身份验证,则会收到错误的请求。
我试图从HttpEntity中删除HttpHeaders()对象,然后得到401 Unauthorized。我尝试将加密的标头手动放置在HttpHeaders()对象中,但这也使我400 Bad Request。如果我使用Postman进行请求,请选择POST作为方法,选择Basic Auth作为身份验证,并将username, password, grant_type作为Body(JSON)。
这是我的测试班 @SpringBootTest 公共类TestAppApplicationTests {
private RestTemplate restTemplate = new RestTemplate();
@Test
public void testOauthToken(){
String plainCreds = "client:topsecret";
byte[] plainCredsBytes = plainCreds.getBytes();
byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
String base64Creds = new String(base64CredsBytes);
Object oauthRequest = new OauthRequest("Lukas", "test123", "password");
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic "+ base64Creds);
HttpEntity<Object> reqData = new HttpEntity<>(oauthRequest, headers);
ResponseEntity<Object> entity = restTemplate.exchange("http://localhost:8080/oauth/token", HttpMethod.POST,
reqData,
Object.class);
}
}
这是我的OauthRequest班
@Data
public class OauthRequest {
private String username;
private String password;
private String grant_type;
public OauthRequest(String username, String password, String grant_type){
this.username = username;
this.password = password;
this.grant_type = grant_type;
}
}
我想从服务器获取access_token和refresh_token。
编辑:如果您想了解有关代码的更多信息,我在这里没有可用的存储库:https://github.com/precodeeu/test-spring-oauth
编辑²:如果我在其中放入原始的json字符串,则两者均无效。
OauthRequest oauthRequest = new OauthRequest("Lukas", "test123", "password");
String json;
try {
json = mapper.writeValueAsString(oauthRequest);
HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Creds);
headers.add("Content-Type", "application/json");
HttpEntity<Object> reqData = new HttpEntity<>(json, headers);
ResponseEntity<Object> entity = restTemplate.exchange("http://localhost:8080/oauth/token", HttpMethod.POST,
reqData,
Object.class);
} catch (JsonProcessingException e) {
e.printStackTrace();
}
编辑³
我刚刚注意到,内容类型应为Application_form_urlencoded
解决方案: 我已经更新了代码并构建了一个Stringbuilder
@SpringBootTest 公共类TestAppApplicationTests {
private RestTemplate restTemplate = new RestTemplate();
private String UrlEncodedBuilder(List<String[]> list){
String returnString = "";
for(String[] param : list){
returnString+=param[0]+"="+param[1]+"&";
}
return returnString;
}
@Test
public void testOauthToken() {
String plainCreds = "client:topsecret";
byte[] plainCredsBytes = plainCreds.getBytes();
byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
String base64Creds = new String(base64CredsBytes);
List<String[]> formData = new ArrayList();
formData.add(new String[]{"username", "Lukas"});
formData.add(new String[]{"password", "test123"});
formData.add(new String[]{"grant_type", "password"});
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.add("Authorization", "Basic " + base64Creds);
HttpEntity<Object> reqData = new HttpEntity<>(UrlEncodedBuilder(formData), headers);
ResponseEntity<Object> entity = restTemplate.exchange("http://localhost:8080/oauth/token", HttpMethod.POST,
reqData,
Object.class);
}
}
答案 0 :(得分:2)
首先,调查您的请求的外观,然后将其与有效的请求进行比较。 另外,如果有400个代码,请检查响应正文,正文可能包含一些提示。