spring-rest-service-oauth icon indicating copy to clipboard operation
spring-rest-service-oauth copied to clipboard

Published 20 hours ago verified publisher icon royclarkson

Oauth2RestTemplate example

Open cjstehno opened this issue 10 years ago • 5 comments

This is a great example project, but it would be nice to have an example using the OAuth2RestTemplate along with the provided curl example.

cjstehno avatar Jan 13 '15 13:01 cjstehno

I was able to get this figured out and have created a Gist of what I did - it's basically just an integration test as example. You are welcome to use it, or I can fork your project and provide a pull request if you'd like me to.

cjstehno avatar Jan 13 '15 14:01 cjstehno

cjstenho In your example unless you're authorized on the client side I thing that connection would throw an exception for not being authorized, and It wont work for non browser clients or when you try to fully automate the process here I created an example of what I mean https://github.com/mariubog/oauth-client-sample

It works with Roy Clarkson's example

mariubog avatar Jan 13 '15 15:01 mariubog

@mariubog - thanks, the integration test works; however, I see what you are saying about requiring a username and password. I will take a look at your example. I am new to OAuth so I am still trying to figure out how all the pieces come together. :-)

cjstehno avatar Jan 13 '15 21:01 cjstehno

This is good stuff. An OAuth2RestTemplate client example would be a very nice addition. Thanks for the suggestion!

royclarkson avatar Jan 14 '15 13:01 royclarkson

Very nice and simple example to understand the Oauth02 security implementation. It would be further good , if we can get a Sample Service(greeting) as a separate component to understand the necessary configuration to protect the service .

Below sample code to get the token can be used:

final String uri = "http://localhost:8080/uaa/oauth/token";

	    RestTemplate restTemplate = new RestTemplate();
	    
	    
	 // Create a multimap to hold the named parameters
	    MultiValueMap<String,String> parameters = new LinkedMultiValueMap<String,String>();
	    
	
	    String plainCreds = "clientapp:123456";
	    byte[] plainCredsBytes = plainCreds.getBytes();
	    byte[] base64CredsBytes = Base64.encode(plainCredsBytes);
	    String base64Creds = new String(base64CredsBytes);

	    HttpHeaders headers = new HttpHeaders();
	    headers.add("Authorization", "Basic " + base64Creds);
	    //parameters.add("clientapp", "123456");
	    parameters.add("password", "spring");
	    parameters.add("username", "roy");
	    parameters.add("grant_type", "password");
	    parameters.add("scope", "read write");
	    parameters.add("client_secret", "123456");
	    parameters.add("client_id", "clientapp");

	    headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));//Accept: application/json
	  
	    // Create the http entity for the request
	    HttpEntity<MultiValueMap<String,String>> entity =
	                new HttpEntity<MultiValueMap<String, String>>(parameters, headers);
	  
	    ResponseEntity<String> result = restTemplate.exchange(uri, HttpMethod.POST, entity, String.class);
	  		    System.out.println("result"+result.getBody().toString());

SayedTCS avatar Sep 12 '17 20:09 SayedTCS