春季启动OAuth2RestOperations中的刷新OAuth令牌

问题描述 投票:0回答:1

我正在使用Spring Boot Cloud OAuth客户端与Salesforce restapi连接。但是我收到Session expired or invalid错误。无论如何,是否有刷新令牌的想法,我当时假设Spring Boot是在后台自动处理这个问题的,但事实并非如此。这是相关的代码。

@Configuration
public class SalesforceConfiguration {

    @Value("${salesforce.tokenUrl}")
    private String tokenUrl;

    @Value("${salesforce.clientId}")
    private String clientId;

    @Value("${salesforce.clientSecret}")
    private String clientSecret;

    @Value("${salesforce.username}")
    private String username;

    @Value("${salesforce.password}")
    private String password;

    @Bean
    protected OAuth2ProtectedResourceDetails resource() {

        ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();

        resource.setAccessTokenUri(tokenUrl);
        resource.setClientId(clientId);
        resource.setClientSecret(clientSecret);
        resource.setClientAuthenticationScheme(AuthenticationScheme.form);
        resource.setUsername(username);
        resource.setPassword(password);

        return resource;
    }

    @Bean
    public OAuth2RestOperations restTemplate() {

        OAuth2RestTemplate operations = new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(new DefaultAccessTokenRequest()));
        operations.getMessageConverters().add(new MappingJackson2HttpMessageConverter());
        operations.getMessageConverters().add(new StringHttpMessageConverter());

        return operations;
    }
}

这就是我在服务中使用它的方式。

@Component
public class QueryExecutor extends AbstractExecutor implements SalesforceExecutor {

    private OAuth2RestOperations restOperations;

    public QueryExecutor(OAuth2RestOperations restOperations) {

        this.restOperations = restOperations;
    }

    @Override
    public Response process(Request request) throws Exception {

        JsonNode jsonNode = restOperations.getForObject(buildUrl(request), JsonNode.class);

        return new Response<>(ResponseCode.SUCCESS_GET.getCode(), jsonNode, request.getResponseHandler());
    }

    private String buildUrl(Request request) {

        return new StringBuilder().append(getServiceUrl(restOperations))
                                  .append("/services/data/v41.0/query/?q=")
                                  .append(request.getPayload().get("query"))
                                  .toString();
    }
}

如果出现会话过期错误,是否仍然可以使用这种方法无缝刷新令牌?

spring-boot salesforce spring-cloud spring-security-oauth2 spring-oauth2
1个回答
1
投票

使用Spring Boot,您不需要整个SalesforceConfiguration配置类。

您可以使用以下依赖项:

<dependency>
    <groupId>org.springframework.security.oauth.boot</groupId>
    <artifactId>spring-security-oauth2-autoconfigure</artifactId>
     <version>${look-for-the-latest}</version>
</dependency>

<dependency>
    <groupId>org.springframework.security</groupId>
    <artifactId>spring-security-oauth2-client</artifactId>
</dependency>

将配置属性添加到application.yml

security:
  oauth2:
    client:
      username: the-username
      password: the-password
      client-id: the-client-id
      client-secret: the-client-secret
      grant-type: password,refresh_token
      scope: read
      access-token-uri: http://sales-force-domain/oauth/token

然后您可以像这样定义OAuth2RestTemplate

    @Bean
    public OAuth2RestTemplate oAuth2RestTemplate(final OAuth2ProtectedResourceDetails details) {
        return new OAuth2RestTemplate(details);
    }

要使用它,只需按照已做的方式进行操作,请将OAuth2RestTemplate注入QueryExecutor。一旦在grant-type中将其定义为application.yml,刷新令牌将由Spring处理。

In this repo,我有此配置的有效版本,请耐心等待,因为它还演示了如何手动创建此配置。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.