I have this request for twitter using javax.ws.rs
WebTarget target = new WebTargetBuilder(client, OAUTH_API_ENDPOINT).build();
Builder request = target
.request(MediaType.APPLICATION_JSON)
.header("Authorization", "Basic " + encodedCredentials)
.header("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
Response postResponse = request
.post(Entity.entity("grant_type=client_credentials", MediaType.TEXT_PLAIN));
System.out.println(postResponse.readEntity(String.class));
encodedCredentials are my consumer secret and consumer key encoded in base 64.
The request I'm trying to do is:
POST /oauth2/token HTTP/1.1
Host: api.twitter.com
User-Agent: My Twitter App v1.0.23
Authorization: Basic eHZ6MWV2RlM0d0VFUFRHRUZQSEJvZzpMOHFxOVBaeVJn
NmllS0dFS2hab2xHQzB2SldMdzhpRUo4OERSZHlPZw==Content-Type: application/x-www- form-urlencoded;charset=UTF-8
Content-Length: 29
Accept-Encoding: gzip
grant_type=client_credentials
I keep getting 403 Forbidden: {"errors":[{"code":170,"message":"Missing required parameter: grant_type","label":"forbidden_missing_parameter"}]}
It seems that the post body isn't set correctly, anyone know how to set it?
What you could try is to change the content type of the POST request body/entity like this:
.post(Entity.entity("grant_type=client_credentials", MediaType.APPLICATION_FORM_URLENCODED)
I have used same in PHP and i think you missed required parameters like oauth_signature
So the final code to obtain the bearer token from Twitter having the consumer key and consumer secret looks like this:
private static final String OAUTH_API_ENDPOINT = "https://api.twitter.com/oauth2/token";
private String consumerKey = "your consumer key";
private String consumerSecret = "your consumer secret";
// Constructs the request for requesting a bearer token and returns that
// token as a string
public String requestBearerToken() throws IOException, InterruptedException, ExecutionException {
String encodedCredentials = encodeCredentials();
Client client = ClientBuilder.newClient();
WebTarget target = new WebTargetBuilder(client, OAUTH_API_ENDPOINT).build();
Response postResponse = target
.request(MediaType.APPLICATION_JSON)
.header("Authorization", "Basic " + encodedCredentials + "Content-Type: application/x-www-form-urlencoded;charset=UTF-8")
.post(Entity.entity("grant_type=client_credentials", MediaType.APPLICATION_FORM_URLENCODED));
return postResponse.toString();
}
// Encodes the consumer key and secret to create the basic authorization key
public String encodeCredentials() {
try {
String encodedConsumerKey = URLEncoder.encode(consumerKey, "UTF-8");
String encodedConsumerSecret = URLEncoder.encode(consumerSecret,
"UTF-8");
String fullKey = encodedConsumerKey + ":" + encodedConsumerSecret;
byte[] encodedBytes = Base64.encodeBase64(fullKey.getBytes());
return new String(encodedBytes);
} catch (UnsupportedEncodingException e) {
return new String();
}
}
Related
I tried this with openid-connect, and it is working. I want same thing for SAML. FYI, I'm doing demo with Keycloak. So I already changed protocol from openid-connet to SAML inside Keycloak console/dashboard.
Code:
#Override
protected Boolean doInBackground(String... params) {
try {
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
/*For openid-connect*/
//RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test#123&grant_type=password&client_secret=c89b1eed-136d-445f-bfb0-e7e2bdac89ee");
/*For SAML*/
RequestBody body = RequestBody.create(mediaType, "client_id=lifetrenz-client-1&username=test&password=test#123&grant_type=password");
/*URL is changing manually accoridng to protocol*/
Request request = new Request.Builder()
.url("http://10.0.2.2:8080/auth/realms/Lifetrenz/protocol/saml/token")
.method("POST", body)
.addHeader("Content-Type", "application/x-www-form-urlencoded")
.build();
Response response = client.newCall(request).execute();
data = "CODE: " + response.code() + "\n" + "MESSAGE: " + response.message() + "\n" + "BODY: " + response.body().string();
return true;
} catch (Exception ex) {
ex.printStackTrace();
return false;
}
}
Please guide me. And please answer in Java instead of Kotlin.
You can't just change the protocol to SAML and then send OpenID Connect parameters.
Here's an example of a SAML request. The parameters are completely different.
And you can't use REST API. SAML uses browser redirects.
Not a Keycloak expert but your application needs a client-side SAML stack.
I am unable to get MIME for a message using $value like specified in the documentation. How to get MIME?
OkHttpClient client = new OkHttpClient();
Request request = new Request.Builder()
.header("Authorization", "Bearer " + accessToken)
.url("https://graph.microsoft.com/v1.0/me/messages/k4ZDQ5LTgzMTYtNGZhYS04ZTU3LWZhMjFmZmUzNmE1YwBGAAAAAABzUENX1K4kR6h6KAAA7ENoUb5BySZFX6KemUxNwAAAv_a5nAAA=/?value")
.build();
Response response = null;
String body;
try {
response = client.newCall(request).execute();
body = response.body().string();
Your URLs are incorrect, they're using /?value but should be using /$value ($ not ?). The $value is part of the path, not a query param:
https://graph.microsoft.com/v1.0/me/messages/4aade2547798441eab5188a7a2436bc1/$value
I have this, code which does a post request from an xml (soap) file
public static SoapEnv doRequest(String url, String requestPath) throws IOException, InterruptedException {
String requestBody = inputStreamToString(new FileInputStream(new File(requestPath)));
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(url))
.POST(HttpRequest.BodyPublishers.ofString(requestBody))
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
XmlMapper xmlMapper = new XmlMapper();
SoapEnv value = xmlMapper.readValue(response.body(), SoapEnv.class);
return value;
}
and it works.
But now I need to add basic authentication. I have login and password.
How can I do this programmatically?
You just need to add a header with the Base64 encoded authentication credentials separated by a colon ":".
Something like this;
String auth = "username:password";
String base64Creds = Base64.getEncoder().encodeToString(auth.getBytes(StandardCharsets.UTF_8));
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(url))
.header("Authorization", "Basic " + base64Creds)
.POST(HttpRequest.BodyPublishers.ofString(requestBody))
.build();
I am trying to consume a web service to get a token. It is a POST service and I must send data using x-www-form-urlencoded, but I am not sure how to do it. I have the following code, but an error "400 Bad Request" returns. I'm using jersey.api.client and gson. The service returns a JSON object.
public VOToken getToken() {
String uri = "https://login.mypurecloud.com/oauth/token";
VOToken voToken = null;
ClientConfig clientConfig = new DefaultClientConfig();
clientConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
System.out.println(getAuthorizationHeaderString());
Client client = Client.create(clientConfig);
WebResource webResource = client.resource(uri);
Form form = new Form();
form.add("grant_type", "client_credentials");
WebResource.Builder builder = webResource.accept(MediaType.APPLICATION_FORM_URLENCODED_TYPE);
builder.header("Authorization", getAuthorizationHeaderString());
builder.entity(form);
//Response
ClientResponse clientResponse = builder.type(MediaType.APPLICATION_JSON).post(ClientResponse.class);
clientResponse.bufferEntity();
String jsonString = clientResponse.getEntity(String.class);
if(clientResponse.getStatus() == 200 ) {
voToken = new Gson().fromJson(jsonString, VOToken.class);
System.out.println(">> Access_token: "+ voToken.getAccess_token());
}
return voToken;
}
public String getAuthorizationHeaderString() {
String clientId = "32ef8d9c-######################";
String clientSecret = "6-M5A8Y06##################";
String authorizationHeaderString = "";
try {
String encodedData = DatatypeConverter.printBase64Binary((clientId + ":" + clientSecret).getBytes("UTF-8"));
authorizationHeaderString = "Basic " + encodedData;
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return authorizationHeaderString;
}
I believe it is APPLICATION_FORM_URLENCODED and not APPLICATION_FORM_URLENCODED_TYPE.
Also in your ClientResponse change the media type to APPLICATION_FORM_URLENCODED
I am trying to use Java Jersey instead of Google client libraries to access the Google File API, but I keep getting returned a response status of "401 Unauthorized". Prior to invoking the call, I have obtained an access token from Google, using Oauth:
public static String getGoogleFileResource(final String fileId,
final String accessToken) {
//projection
ClientConfig cc = new DefaultClientConfig();
cc.getProperties().put(ClientConfig.PROPERTY_FOLLOW_REDIRECTS, true);
Client client = Client.create(cc);
String url = String
.format("https://www.googleapis.com/drive/v2/files/%s?fields=downloadUrl&key=%s",
fileId, GoogleClientConstants.GOOGLE_api_key);
WebResource webResource = client.resource(url);
String response = webResource
.accept(MediaType.APPLICATION_JSON_TYPE,
MediaType.APPLICATION_XML_TYPE)
.header("Authorization", "Bearer " + accessToken)
.get(String.class);
logger.info("Authorization - " + "Bearer " + accessToken);
logger.info(" reponse " + response);
return response;
}
What am I doing wrong ?
Turns out you need to add your access token to the http request header.
In the Google developer's guide: "uploading a file"
https://developers.google.com/drive/manage-uploads
You need to send a post request like this:
POST /upload/drive/v2/files?uploadType=media HTTP/1.1
Host: www.googleapis.com
Content-Type: image/jpeg
Content-Length: number_of_bytes_in_JPEG_file
Authorization: your_auth_token
JPEG data
note that in the header you need to put a your_auth_token