Can someone please help me figure out what is wrong with the code below?
I am using Spring 3.1.1 RestTemplate to try to call a REST WS on Box.com to get a new access token from a refresh token.
The code below is returning a 400 (BAD REQUEST). I am able to successfully call the same method using the FireFox POST plugin. I've compared output from the writeForm method on the FormHttpMessageConverter class and it is exactly as I am sending it from FireFox.
Does anyone have any ideas?
public static void main(String[] args) throws InterruptedException {
try {
String apiUrl = "https://www.box.com/api/oauth2/token";
String clientSecret = "[MY SECRET]";
String clientId = "[MY ID]";
String currentRefreshToken = "[MY CURRENT VALID REFRESHTOKEN]";
RestTemplate restTemplate = new RestTemplate();
List<HttpMessageConverter<?>> messageConverters = new ArrayList<HttpMessageConverter<?>>();
messageConverters.add(new FormHttpMessageConverter());
restTemplate.setMessageConverters(messageConverters);
MultiValueMap<String, String> body = new LinkedMultiValueMap<String, String>();
body.add("grant_type", "refresh_token");
body.add("refresh_token", currentRefreshToken);
body.add("client_id", clientId);
body.add("client_secret", clientSecret);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,application/json");
headers.add("Accept-Encoding", "gzip, deflate");
HttpEntity<?> entity = new HttpEntity<Object>(body, headers);
restTemplate.exchange(apiUrl, HttpMethod.POST, entity, String.class);
} catch (Exception ex) {
System.out.println("ex = " + ex.getMessage());
}
}
}
The no-arg constructor for RestTemplate uses the java.net API to make requests, which does not support gzip encoding. There is, however, a constructor that accepts a ClientHttpRequestFactory. You can use the HttpComponentsClientHttpRequestFactory implementation, which uses the Apache HttpComponents HttpClient API to make requests. This does support gzip encoding. So you can do something like the following (from the Spring Docs) when creating your RestTemplate:
HttpClient httpClient = HttpClientBuilder.create().build();
ClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
RestTemplate restTemplate = new RestTemplate(requestFactory);
In Spring Boot, adding something like this to pom.xml seems to add some magic.
<dependency>
<groupId>com.squareup.retrofit2</groupId>
<artifactId>retrofit</artifactId>
<version>2.3.0</version>
</dependency>
I'm assume that there are other, similar, solutions...
double check the HttpHeaders properly !!
Related
I implemented a KeyCloak client with the following configuration:
keycloak configuration
And I implemented my callback endpoint like that:
#GetMapping("/callback")
#ResponseBody
public String getToken(#RequestParam String code) {
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.add("Content-Type", MediaType.APPLICATION_FORM_URLENCODED.toString());
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("code", code);
map.add("client_id", "spring-login-app");
map.add("client_secret", "");
map.add("grant_type", "authorization_code");
map.add("redirect_uri", UriComponentsBuilder.fromHttpUrl("http://127.0.0.1:3002/callback").build().toString());
HttpEntity formEntity = new HttpEntity<MultiValueMap<String, String>>(map, headers);
try {
ResponseEntity<KeycloakTokenResponse> response =
restTemplate.exchange("http://127.0.0.1:8080/auth/realms/raroc/protocol/openid-connect/token",
HttpMethod.POST,
formEntity,
KeycloakTokenResponse.class);
KeycloakTokenResponse resp = response.getBody();
return resp.getAccess_token();
} catch (Exception e) {
System.out.println(e.getMessage());
}
return "nothing";
}
The problem is when I tried to get my access token from this callback endpoint, I received a 400 Bad Request error with the following message: 400 Bad Request: "{"error":"invalid_grant","error_description":"Incorrect redirect_uri"}"
When I test it through postman with the same x-www-form-url-encoded form params, it works fine, but in spring, it's impossible to do it.
I tried many scenario for the "redirect_uri" param, just a String, an UriComponentsBuilder.formHttpUrl, some other URL encoder thing but unfortunately I still have this error.
You can try to specify a: http://localhost:3002/* instead of your actual redirect URI in the KeyCloak configuration but from what I read in your settings, everything looks good.
Be careful also sometimes if you are changing the configuration of Keyloak, you need to restart it to take the changes into account.
If you want to test also a full scenario, open an incognito tab with your browser, and it should work.
I would like to retrieve a jwt token, using Spring RestTemplate, from a callback that is a redirect URL from a login URL.
I have been able to connect to the login URL, I have been able to follow the redirect link to the callback, but I have not been able to retieve the token that is stored in the reponse header of the callback.
RestTemplate restTemplate = new RestTemplate();
String url = my_login_url;
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add(my_login);
map.add(my_password);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
final HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
final HttpClient httpClient = HttpClientBuilder.create()
.setRedirectStrategy(new LaxRedirectStrategy())
.build();
factory.setHttpClient(httpClient);
restTemplate.setRequestFactory(factory);
ResponseEntity<String> response = restTemplate.exchange(url,
HttpMethod.POST,
request,
String.class);
// OUCH !! response does not contain the token I'm trying to retrieve !! The token is in the header of the callback !!
Could anybody help me understand how to access the header of the callback ?
You can use
response.getHeaders().get(HttpHeaders.SET_COOKIE);
(While the client sends the cookies it has via the "Cookie" header, the server sends cookies to set with a "Set-Cookie" header.)
This returns a list because each cookie will be in an extra header with the same name.
After some research, I was able to find a way to retrieve that token, that seems more like a hack to me than an actual solution.
The idea is that the apache HttpClient contains a cookie store with just the token I need. Unfortunately, HttpClient does not have any getters, only execute methods, and I'm already on RestTemplates.
However, it is possible to pass a Cookie Store as a parameter while building the HttpClient instance. That Cookie Store will be filled while posting the authentication request.
The final version of the code looks like that:
public void getCookies() {
RestTemplate restTemplate = new RestTemplate();
String url = my_login_url;
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("username_key", my_user);
map.add("password_key", my_password);
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
final HttpComponentsClientHttpRequestFactory factory = new
HttpComponentsClientHttpRequestFactory();
CookieStore basicCookieStore = new BasicCookieStore();
final HttpClient httpClient = HttpClientBuilder.create()
.setRedirectStrategy(new LaxRedirectStrategy())
.setDefaultCookieStore(basicCookieStore)
.build();
factory.setHttpClient(httpClient);
restTemplate.setRequestFactory(factory);
restTemplate.exchange(url,
HttpMethod.POST,
request,
String.class);
Cookie cookie = basicCookieStore.getCookies().stream()
.findFirst()
.orElseThrow(() -> new RuntimeException(url));
System.out.println(cookie.getValue());
}
Notice that I am not even interested in the response of the restTemplate.exchange query.
I'm trying to revoke google token following API ("Content-type:application/x-www-form-urlencoded", request type POST, https://accounts.google.com/o/oauth2/revoke?token={token}).
My code example is:
private static final String REVOKE_URL = "https://accounts.google.com/o/oauth2/revoke";
private static final String TOKEN = "token";
#Autowired
private RestTemplate restTemplate;
public void revokeToken(TokenDetailsDto tokenDetailsDto) {
HttpHeaders headers = new HttpHeaders();
headers.add(CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE);
HttpEntity<?> entity = new HttpEntity(headers);
Map<String, String> parameters = new HashMap<>();
parameters.put(TOKEN, tokenDetailsDto.getRefreshToken());
LOGGER.info("used parameters:\n\turl={},\n\tentity={},\n\turiParameters={}", REVOKE_URL, entity, uriParameters);
restTemplate.exchange(REVOKE_URL, HttpMethod.GET, entity, Void.class, parameters);
}
result is exception:
17:30:54,323 INFO # com.nextiva.calendar.client.google.GoogleRevokeAccessService.revokeToken used parameters:
url=https://accounts.google.com/o/oauth2/revoke,
entity=<{Content-Type=[application/x-www-form-urlencoded]}>,
uriParameters={token=1/mzMH8VPrltarCo3LOHU_tBWi4qK5e20uIM0R_Al9T34}
17:31:20,718 ERROR # com.nextiva.calendar.web.error.handling.BaseExceptionHandler.exception 400 Bad Request
org.springframework.web.client.HttpClientErrorException: 400 Bad Request
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:63)
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:700)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:653)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:621)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:540)
I try use rest client to handle request like in documentation it is ok (using rest client I tried to use POST request with specified content type).
Same error result if I use
restTemplate.postForEntity(REVOKE_URL, entity, Void.class, uriParameters);
So issue is in restTemplate using (my spring part). Is any ideas, what I've done wrong here?
Solution is:
HttpHeaders headers = new HttpHeaders();
headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE);
HttpEntity<?> entity = new HttpEntity(headers);
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(REVOKE_URL)
.queryParam("token", tokenDetailsDto.getRefreshToken());
LOGGER.info("used parameters:\n\turl={},\n\tentity={},\n\turiParameters={}", REVOKE_URL, entity);
restTemplate.postForObject(builder.build().encode().toUri(), entity, Void.class);
Small explanation: service expect urlParameters, but parameters was not urlParameters, its request parameters. So I used UriComponentsBuilder to build correct request.
I've the following request with curl that talks to Microsoft Azure services without a problem.
curl --request POST https://login.microsoftonline.com/common/oauth2/v2.0/token --data 'client_id=fe37...06-566f5c762ab2&grant_type=authorization_code&client_secret=tPv..dQfqomaG&scope=mail.read&code=OAQABAAIA...gAA'
Here is the java code that is throwing Bad Request exception:
public String getToken(String authCode){
try {
HttpHeaders headers = new HttpHeaders();
String url = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(url);
headers.add("client_id", "fe3..b2");
headers.add("client_secret", "tP..aG");
headers.add("grant_type", "authorization_code");
headers.add("code", authCode);
headers.add("scope", "mail.read");
HttpEntity<?> entity = new HttpEntity<>(headers);
RestTemplate restTemplate = new RestTemplate();
HttpEntity<String> response = restTemplate.exchange(builder.build().toUri(), HttpMethod.POST, entity, String.class);
}
catch (Exception e){
e.printStackTrace();
}
return null;
}
I've also tried adding the --data section in to parameters object and I receive the same problem. I am using RestTemplate but I am open for other suggestions.
I appericiate your help.
I suppose that problem is that in curl example you pass these parameters inside POST body, while in your java code you use headers instead. Try change it to usage of body params of entity object:
MultiValueMap<String, String> body = new LinkedMultiValueMap<String, String>();
body.add("client_id", "fe3..b2");
// ... rest params
// Note the body object as first parameter!
HttpEntity<?> entity = new HttpEntity<Object>(body, new HttpHeaders());
You need to send these parameters in the request entity formatted as form url encoded and also set the content-type to application/x-www-form-urlencoded.
Your body can be a string (according to your example):
String data = "client_id=fe37...06-566f5c762ab2&grant_type=authorization_code&client_secret=tPv..dQfqomaG&scope=mail.read&code=OAQABAAIA...gAA";
HttpEntity<String> entity = new HttpEntity<>(data);
Set a content type header:
headers.add("Content-Type", "application/x-www-form-urlencoded");
(Actual implementation depends on the library you use)
I'm using Google Translate API with Spring RestTemplate in my application and it works fine until I use GET http request. However if I heve large piece of data the service will return 414 error (Request-URI Too Large).
So I decided to use POST (according to the note).
And here is my code:
String content = "q=Hello";
HttpHeaders headers = new HttpHeaders();
headers.set("X-HTTP-Method-Override", "GET");
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
HttpEntity<String> request = new HttpEntity<String>(content, headers);
String response = new RestTemplate.postForObject(
"https://www.googleapis.com/language/translate/" +
"v2?key=<my_key>&source=en&target=ru", request, String.class);
The service returns error 400 bad request and I have no idea why. I have successfully created similar code using jQuery so I know this way should work.
Please help me to fix the problem.
I think the way you form URI is incorrect and thats why you get 400. Looking at the google translate API documentation, it looks like they expect 'q' as URI query parameter. Also you seem to be doing a POST request for a GET. From google translate API docs
GET https://www.googleapis.com/language/translate/v2?key=INSERT-YOUR-KEY&source=en&target=de&q=Hello%20world
Try this,
Map<String, String> queryParameters = new HashMap<String, String>();
queryParameters.put("key","my_key_here");
queryParameters.put("source","en");
queryParameters.put("target","ru");
queryParameters.put("q","Hello World");
String url = "https://www.googleapis.com/language/translate/" +
"v2?key={key}&source={source}&target={target}&q={q}";
HttpHeaders headers = new HttpHeaders();
headers.set("X-HTTP-Method-Override", "GET");
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
HttpEntity<String> request = new HttpEntity<String>(null, headers);
RestTemplate restclient = new RestTemplate();
String response=restclient.getForObject(url,request,String.class,queryParameters);