First I wanted to authenticate my java application using OkHttp and then after authentication the response returns a session ID(key) that I wanted to use in subsequent API calls. below is the code that I am using to achieve this.
String url = "my application url";
String username = "xxx";
String password = "zzz";
String userpass = username + ":" + password;
String basicAuth = "Basic :" + new String(Base64.getEncoder().encode(userpass.getBytes()));
OkHttpClient client = new OkHttpClient();
Response response ;
Request request = new Request.Builder()
.url(url)
.addHeader("Authorization", basicAuth)
.build();
response = client.newCall(request).execute();
if (!response.isSuccessful()) throw new IOException("Unexpected code " + response);
System.out.println(response.body().string());
but its throwing an error saying
{"responseStatus":"FAILURE","responseMessage":"Request method 'GET' not supported","errorCodes":null,"errors":[{"type":"METHOD_NOT_SUPPORTED","message":"Request method 'GET' not supported"}],"errorType":"GENERAL"}
can someone please help me to solve this. or if any have any other idea to authenticate a java application using okhttp then please suggest...
You should use the helper classes to avoid most of the logic for username and password.
https://github.com/square/okhttp/blob/master/samples/guide/src/main/java/okhttp3/recipes/Authenticate.java
String credential = Credentials.basic("jesse", "password1");
return response.request().newBuilder()
.header("Authorization", credential)
.build();
Assuming this API is POST and not GET also follow
https://github.com/square/okhttp/blob/master/samples/guide/src/main/java/okhttp3/recipes/PostString.java
Request request = new Request.Builder()
.url("https://api.github.com/markdown/raw")
.post(RequestBody.create(postBody, MEDIA_TYPE_MARKDOWN))
.build();
You had it all right already. Just a small fix needed:
String basicAuth = "Basic " + new String(Base64.getEncoder().encode(userpass.getBytes()));
i.e you just need to remove extra ':' as it's already taken care of in .addHeader("Authorization", basicAuth) part.
Related
I tried this with openid-connect, and it is working. I want same thing for SAML. FYI, I'm doing demo with Keycloak. So I already changed protocol from openid-connet to SAML inside Keycloak console/dashboard.
Code:
#Override
protected Boolean doInBackground(String... params) {
try {
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
/*For openid-connect*/
//RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test#123&grant_type=password&client_secret=c89b1eed-136d-445f-bfb0-e7e2bdac89ee");
/*For SAML*/
RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test#123&grant_type=password");
/*URL is changing manually accoridng to protocol*/
Request request = new Request.Builder()
.url("http://10.0.2.2:8080/auth/realms/Lifetrenz/protocol/saml/token")
.method("POST", body)
.addHeader("Content-Type", "application/x-www-form-urlencoded")
.build();
Response response = client.newCall(request).execute();
data = "CODE: " + response.code() + "\n" + "MESSAGE: " + response.message() + "\n" + "BODY: " + response.body().string();
return true;
} catch (Exception ex) {
ex.printStackTrace();
return false;
}
}
Please guide me. And please answer in Java instead of Kotlin.
You can't just change the protocol to SAML and then send OpenID Connect parameters.
Here's an example of a SAML request. The parameters are completely different.
And you can't use REST API. SAML uses browser redirects.
Not a Keycloak expert but your application needs a client-side SAML stack.
I am unable to get MIME for a message using $value like specified in the documentation. How to get MIME?
OkHttpClient client = new OkHttpClient();
Request request = new Request.Builder()
.header("Authorization", "Bearer " + accessToken)
.url("https://graph.microsoft.com/v1.0/me/messages/k4ZDQ5LTgzMTYtNGZhYS04ZTU3LWZhMjFmZmUzNmE1YwBGAAAAAABzUENX1K4kR6h6KAAA7ENoUb5BySZFX6KemUxNwAAAv_a5nAAA=/?value")
.build();
Response response = null;
String body;
try {
response = client.newCall(request).execute();
body = response.body().string();
Your URLs are incorrect, they're using /?value but should be using /$value ($ not ?). The $value is part of the path, not a query param:
https://graph.microsoft.com/v1.0/me/messages/4aade2547798441eab5188a7a2436bc1/$value
I'm making a request to a website. However, I keep getting a returned JSON of {"error":"invalid_client"}. Additionally, when I navigate to the URL I'm making the request to through a web browser it shows HTTP ERROR 405.
From what I read on those errors that might mean that my request isn't structured correctly.
According to the API's documentation, this is an example of the request type I'm trying to do:
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "client_secret={your_client_secret}&client_id={your_client_id}&code={your_authorization_code}&grant_type=authorization_code&redirect_uri={your_redirect_uri}");
Request request = new Request.Builder()
.url("https://api.website.com/v2/oauth2/token")
.post(body)
.addHeader("content-type", "application/x-www-form-urlencoded")
.addHeader("cache-control", "no-cache")
.build();
Response response = client.newCall(request).execute();
From what I can tell mine should be doing the same thing, just a little differently.
Here is a Pastebin of my doInBackground method (I'm using AsynchTask). Here is the more applicable part:
OkHttpClient client = new OkHttpClient();
// A section here gets strings from a JSON file storing values such as client_id
RequestBody bodyBuilder = new FormBody.Builder()
.add("client_secret", CLIENT_SECRET)
.add("client_id", CLIENT_ID)
.add("code", AUTHORIZATION_CODE)
.add("grant_type", GRANT_TYPE)
.add("redirect_uri", REDIRECT_URI)
.build();
System.out.println("Built body: " + bodyBuilder.toString());
String mediaTypeString = "application/x-www-form-urlencoded";
MediaType mediaType = MediaType.parse(mediaTypeString);
RequestBody body = RequestBody.create(mediaType, requestbodyToString(bodyBuilder)); // See Edit 1
Request request = new Request.Builder()
.url(TARGET_URL)
.post(body)
.addHeader("content-type", mediaTypeString)
.addHeader("cache-control", "no-cache")
.build();
try {
System.out.println("Starting request.");
Response response = client.newCall(request).execute();
String targetUrl = request.url().toString() + bodyToString(request);
System.out.println("request: " + targetUrl);
String responseBodyString = response.body().string();
System.out.println("response: " + responseBodyString);
return responseBodyString;
} catch (IOException ex) {
System.out.println(ex);
}
Like I said, I keep getting a returned JSON of {"error":"invalid_client"}, and when I navigate to the URL I'm making the request to through a web browser it shows HTTP ERROR 405.
I'd love to provide as much additional information as you need. Thanks!
Edit 1: The second parameter of this used to be "bodyBuilder.toString()", but I changed it because I realized it wasn't actually sending the body. The result is still the same - {"error":"invalid_client"}. The method now used comes from here.
I figured out what it was - I hadn't actually been writing the authentication_code to the file, only adding it to another JSONObject. Oops. :)
I'm trying to access a PluginService on Content Navigator from my Java Application (Event Action Handler in FileNet P8). The application uses the JAXRS logon service to receive the security_token from the Content Navigator server. However, if I try to call the PluginService I get a response that my login has expired.
I'm able to get the security token, as described in this code block:
URL logonUrl = new URL("http://icn-host:9081/jaxrs/logon"
+ "?userid=user"
+ "&password=password"
+ "&desktop=admin"
+ "&contextPath=%2Fnavigator");
HttpURLConnection logonConnection = (HttpURLConnection)logonUrl.openConnection();
logonConnection.setRequestMethod("POST");
logonConnection.setRequestProperty("Content-Type",
"application/x-www-form-urlencoded");
logonConnection.setDoOutput(true);
InputStream logonResponse = logonConnection.getInputStream();
String responseText = IOUtils.toString(logonResponse, "UTF-8")
.replaceFirst("^\\{}&&", "");
JSONObject responseJson = JSONObject.parse(responseText);
return (String)responseJson.get("security_token");
But when I try to make another request, I get an error response:
URL requestUrl = new URL("http://icn-host:9081/plugin.do"
+ "?plugin=myPlugin&action=myPluginService&myRequestProps=foobar");
HttpURLConnection requestConnection =
(HttpURLConnection)requestUrl.openConnection();
requestConnection.setRequestMethod("GET");
String securityToken = getSecurityToken(); // calls above code
requestConnection.setRequestProperty("security_token", securityToken);
equestConnection.setDoOutput(true);
InputStream responseStream = requestConnection.getInputStream();
String responseText = IOUtils.toString(responseStream, "UTF-8")
.replaceFirst("^\\{}&&", "");
log.info("response was: " + responseText);
I always get the following response:
{
"messagesEncoded":true,
"errors": [
{
"adminResponse":null,
"moreInformation":null,
"explanation":"Your session expired because of inactivity.",
"number":"1003",
"userResponse":"Log in again.",
"text":"Your session expired."
}
]
}
I've also tried to set the cookies, but no success.
java.net.CookieManager cookieManager = new java.net.CookieManager();
Map<String, List<String>> headerFields = logonConnection.getHeaderFields();
List<String> cookiesHeader = headerFields.get("Set-Cookie");
if (cookiesHeader != null) {
for (String cookie : cookiesHeader) {
cookieManager.getCookieStore().add(null, HttpCookie.parse(cookie).get(0));
}
}
// ...
StringBuilder cookieHeader = new StringBuilder();
List<HttpCookie> cookies = cookieManager.getCookieStore().getCookies();
for (int i = 0; i < cookies.size(); i++) {
if (i > 0) {
cookieHeader.append(";");
}
HttpCookie cookie = cookies.get(i);
log.info("Cookie " + i + ": " + cookie.toString());
cookieHeader.append(cookie.toString());
}
requestConnection.setRequestProperty("Cookie", cookieHeader.toString());
I tried to replicate the request using XMLHttpRequest in a Content Navigator window and it works as expected:
var xhr = new XMLHttpRequest();
xhr.open("GET", "plugin.do" +
"?plugin=myPlugin" +
"&action=myPluginService" +
"&myRequestProps=foobar");
xhr.setRequestHeader("security_token", ecm.model.Request._security_token);
xhr.send();
I had a similar challenge for a client a few months ago where i had to automate the process of installing plugins and applying configuration for CI purposes.
I discovered it is key to obtain the desktop as the first api call after login for the session to become 'valid'.
So first jaxrs/logon, then jaxrs/getDesktop, then your service invoke.
A little sidenote: If you plan on having container managed authentication later on, the process will be different. The jaxrs/logon won't work, and instead the jaxrs/getDesktop will deliver the security_token.
A little remark though: wouldn't it be a better solution to have a shared library that you'd be able to use both from your Event Action as the ICN service?
Using shared libraries (see Ivo's answer) is definitely the best approach, calling jaxrs/getDesktop didn't work for me. Instead I just used the Maven Assembly Plugin to include a newer version of the org.apache.httpcomponents dependency and call the requests with an HttpClient.
My final code looks something like this:
CloseableHttpClient httpClient = HttpClients.custom()
.setDefaultCookieStore(cookieStore)
.setDefaultRequestConfig(requestConfig)
.build();
HttpUriRequest logonRequest = RequestBuilder.post()
.setUri("http://icn-host:9081/navigator/jarxrs/logon")
.addParameter("desktop", "admin")
.addParameter("contextPath", "/navigator")
.addParameter("userid", "icnadmin")
.addParameter("password", "password")
.build();
CloseableHttpResponse logonResponse = httpClient.execute(logonRequest);
HttpEntity responseEntity = logonResponse.getEntity();
String responseText = EntityUtils.toString(responseEntity)
.replaceFirst("^\\{}&&", "");
JSONObject responseJson = JSONObject.parse(responseText);
String securityToken = (String) responseJson.get("security_token");
HttpUriRequest request = RequestBuilder.get()
.setUri("http://icn-host:9081/navigator/plugin.do")
.addParameter("plugin", "myPlugin")
.addParameter("action", "myPluginService")
.addParameter("myRequestProps", "foobar")
.addHeader("security_token", securityToken)
.build();
HttpClientContext context = HttpClientContext.create();
CookieStore cookieStore = new BasicCookieStore();
context.setCookieStore(cookieStore);
CloseableHttpResponse response = httpClient.execute(request, context);
I am trying to use Java Jersey instead of Google client libraries to access the Google File API, but I keep getting returned a response status of "401 Unauthorized". Prior to invoking the call, I have obtained an access token from Google, using Oauth:
public static String getGoogleFileResource(final String fileId,
final String accessToken) {
//projection
ClientConfig cc = new DefaultClientConfig();
cc.getProperties().put(ClientConfig.PROPERTY_FOLLOW_REDIRECTS, true);
Client client = Client.create(cc);
String url = String
.format("https://www.googleapis.com/drive/v2/files/%s?fields=downloadUrl&key=%s",
fileId, GoogleClientConstants.GOOGLE_api_key);
WebResource webResource = client.resource(url);
String response = webResource
.accept(MediaType.APPLICATION_JSON_TYPE,
MediaType.APPLICATION_XML_TYPE)
.header("Authorization", "Bearer " + accessToken)
.get(String.class);
logger.info("Authorization - " + "Bearer " + accessToken);
logger.info(" reponse " + response);
return response;
}
What am I doing wrong ?
Turns out you need to add your access token to the http request header.
In the Google developer's guide: "uploading a file"
https://developers.google.com/drive/manage-uploads
You need to send a post request like this:
POST /upload/drive/v2/files?uploadType=media HTTP/1.1
Host: www.googleapis.com
Content-Type: image/jpeg
Content-Length: number_of_bytes_in_JPEG_file
Authorization: your_auth_token
JPEG data
note that in the header you need to put a your_auth_token