0
- 400錯誤的請求的代碼似乎並沒有任何錯誤。
- 這是一個測試應用程序,所有的ID都可用。
- 在函數爲gettoken()一個可替代疏通線呼叫爲 getScopes(),並進一步嘗試。
- 我有一個按鈕的index.jsp。
- 在按下按鈕「oauthorize」被激活以生成代碼和id_token。
- 我能夠登錄,生成的代碼和id_token。
- 這些值顯示在其上有一個按鈕一個「authtoken.jsp」。
- 按鈕按職位,/common/oauth2/v2.0/token。
- 在這個階段,400頁的錯誤請求會顯示在Microsoft頁面上。
我不知道是怎麼回事錯誤:的訪問令牌的Outlook API返回的Java春
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.util.UriComponentsBuilder;
@Controller
public class IndexController {
//all oauth2 urls
private static final String authority = "https://login.microsoftonline.com";
private static final String authorizeUrl = authority + "/common/oauth2/v2.0/authorize";
private static final String tokenUrl = authority + "/common/oauth2/v2.0/token";
private static final String redirectUrl = "http://localhost:8080/OutlookProfiles/authtoken";
private static final String reTokenUrl = "http://localhost:8080/OutlookProfiles/showToken";
//credentials
private static final String appId = "7414b3a3-26f1-4928-9d0b-7060d01dd41c";
private static final String appPassword = "cQg9F0EaxuaErNp2YEgYaz8";
private static final String[] scopes = {
"openid",
"offline_access",
"profile",
"User.Read",
"Contacts.Read",
"Mail.Read"
};
@RequestMapping(value = "/index", method = RequestMethod.GET)
public String index(Model model, HttpServletRequest request, HttpServletResponse response){
UUID state = UUID.randomUUID();
UUID nonce = UUID.randomUUID();
// Save the state and nonce in the session so we can
// verify after the auth process redirects back
HttpSession session = request.getSession();
session.setAttribute("expected_state", state);
session.setAttribute("expected_nonce", nonce);
return "index";
}
@RequestMapping(value = "/oauthorize", method = RequestMethod.POST)
public void oauthorize(Model model, HttpServletRequest servletRequest, HttpServletResponse servletResponse) {
try{
UUID state = UUID.randomUUID();
UUID nonce = UUID.randomUUID();
HttpSession session = servletRequest.getSession();
session.setAttribute("expected_state", state);
session.setAttribute("expected_nonce", nonce);
session.setAttribute("error", null);
UriComponentsBuilder urlBuilder = UriComponentsBuilder.fromHttpUrl(authorizeUrl);
urlBuilder.queryParam("client_id", appId);
urlBuilder.queryParam("redirect_uri", redirectUrl);
urlBuilder.queryParam("response_type", "code id_token");
urlBuilder.queryParam("scope", getScopes());
urlBuilder.queryParam("state", state);
urlBuilder.queryParam("nonce", nonce);
urlBuilder.queryParam("response_mode", "form_post");
String locationUri = urlBuilder.toUriString();
System.out.println(locationUri);
servletResponse.sendRedirect(locationUri);
}catch(Exception e){
e.printStackTrace();
}
}
@RequestMapping(value = "/authtoken", method = RequestMethod.POST)
public String authorize(
@RequestParam("code") String code,
@RequestParam("id_token") String idToken,
@RequestParam("state") UUID state,
HttpServletRequest servletRequest,
HttpServletResponse servletResponse) {
// Get the expected state value from the session
HttpSession session = servletRequest.getSession();
UUID expectedState = (UUID) session.getAttribute("expected_state");
UUID expectedNonce = (UUID) session.getAttribute("expected_nonce");
String strState = state.toString().trim().toLowerCase();
String strExState = expectedState.toString().trim().toLowerCase();
// Make sure that the state query parameter returned matches
// the expected state
if (strState.equals(strExState)){
session.setAttribute("authCode", code);
session.setAttribute("idToken", idToken);
System.out.println("Expectedstate : NO Error");
}else {
session.setAttribute("error", "Unexpected state returned from authority.");
System.out.println("\n\nUnexpected state returned from authority.");
}
return "authtoken";
}
@RequestMapping(value = "/getToken", method = RequestMethod.POST)
public void getToken(
HttpServletRequest servletRequest,
HttpServletResponse servletResponse) {
try{
HttpSession session = servletRequest.getSession();
String strCode = (String) session.getAttribute("authCode");
UriComponentsBuilder urlBuilder = UriComponentsBuilder.fromHttpUrl(tokenUrl);
urlBuilder.queryParam("client_id", appId);
urlBuilder.queryParam("client_secret", appPassword);
urlBuilder.queryParam("code", strCode);
urlBuilder.queryParam("redirect_uri", redirectUrl);
urlBuilder.queryParam("grant_type", "authorization_code");
urlBuilder.queryParam("scope", getScopes());
String locationUri = urlBuilder.toUriString();
System.out.println("getToken : " + locationUri);
servletResponse.setHeader("Content-Type", "application/x-www-form-urlencoded");
servletResponse.sendRedirect(locationUri);
}catch(Exception e){
e.printStackTrace();
}
}
@RequestMapping(value = "/showToken", method = RequestMethod.POST)
public String showToken(
@RequestParam("token_type") String code,
@RequestParam("expires_in") String idToken,
@RequestParam("access_token") String accessToken,
//@RequestParam("scope") String paramScope,
HttpServletRequest servletRequest,
HttpServletResponse servletResponse) {
return "getToken";
}
@RequestMapping("/logout")
public String logout(HttpServletRequest request) {
HttpSession session = request.getSession();
session.invalidate();
return "index";
}
private static String getScopes() {
StringBuilder sb = new StringBuilder();
for (String scope: scopes) {
sb.append(scope + " ");
}
String strscope = sb.toString().trim();
System.out.println(strscope);
return strscope;
}
}
400錯誤是我的頭無故搞亂。
我沒有看到鞦韆的任何使用在你的代碼。你是說春天嗎? – pcarter
謝謝卡特。我修正了從Swing到Spring的錯字。 –