使用spring restTemplate的REST API的基本身份验证

Question 1

我在RestTemplate中是全新的，基本上在REST API中也是如此。我想通过Jira REST API在我的应用程序中检索一些数据，但返回401未经授权。找到了有关jira rest api文档的文章，但实际上并不知道如何将其重写为java，因为该示例使用curl的命令行方式。我将不胜感激任何建议或建议如何重写：

curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"

使用Spring Rest模板导入Java。其中ZnJlZDpmcmVk是用户名：密码的base64编码的字符串。非常感谢你。

Question 2

取自本网站的示例，我认为通过填写标头值并将标头传递给模板，这将是最自然的方法。

这是为了填写标题Authorization：

String plainCreds = "willie:p@ssword";
byte[] plainCredsBytes = plainCreds.getBytes();
byte[] base64CredsBytes = Base64.encodeBase64(plainCredsBytes);
String base64Creds = new String(base64CredsBytes);

HttpHeaders headers = new HttpHeaders();
headers.add("Authorization", "Basic " + base64Creds);

这是将标头传递给REST模板：

HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<Account> response = restTemplate.exchange(url, HttpMethod.GET, request, Account.class);
Account account = response.getBody();

Question 3

您可以使用spring-boot RestTemplateBuilder

@Bean
RestOperations rest(RestTemplateBuilder restTemplateBuilder) {
    return restTemplateBuilder.basicAuthentication("user", "password").build();
}

查看文件

（在SB 2.1.0之前是#basicAuthorization）

Question 4

（也许）是不导入spring-boot的最简单方法。

restTemplate.getInterceptors().add(new BasicAuthorizationInterceptor("user", "password"));

Question 5

从Spring 5.1开始，您可以使用 HttpHeaders.setBasicAuth

创建基本授权标头：

String username = "willie";
String password = ":p@ssword";
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth(username, password);
...other headers goes here...

将标题传递给RestTemplate：

HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<Account> response = restTemplate.exchange(url, HttpMethod.GET, request, Account.class);
Account account = response.getBody();

文档：https : //docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/http/HttpHeaders.html#setBasicAuth-java.lang.String-java.lang.String-

Question 6

参考Spring Boot的TestRestTemplate实现如下：

https://github.com/spring-projects/spring-boot/blob/v1.2.2.RELEASE/spring-boot/src/main/java/org/springframework/boot/test/TestRestTemplate.java

特别是，请参见如下的addAuthentication（）方法：

private void addAuthentication(String username, String password) {
    if (username == null) {
        return;
    }
    List<ClientHttpRequestInterceptor> interceptors = Collections
            .<ClientHttpRequestInterceptor> singletonList(new BasicAuthorizationInterceptor(
                    username, password));
    setRequestFactory(new InterceptingClientHttpRequestFactory(getRequestFactory(),
            interceptors));
}

同样，您可以RestTemplate轻松制作自己的

通过继承TestRestTemplate如下所示：

https://github.com/izeye/samples-spring-boot-branches/blob/rest-and-actuator-with-security/src/main/java/samples/springboot/util/BasicAuthRestTemplate.java

Question 7

有多种方法可以将基本的HTTP身份验证添加到 RestTemplate。

1.对于单个请求

try {
    // request url
    String url = "https://jsonplaceholder.typicode.com/posts";

    // create auth credentials
    String authStr = "username:password";
    String base64Creds = Base64.getEncoder().encodeToString(authStr.getBytes());

    // create headers
    HttpHeaders headers = new HttpHeaders();
    headers.add("Authorization", "Basic " + base64Creds);

    // create request
    HttpEntity request = new HttpEntity(headers);

    // make a request
    ResponseEntity<String> response = new RestTemplate().exchange(url, HttpMethod.GET, request, String.class);

    // get JSON response
    String json = response.getBody();

} catch (Exception ex) {
    ex.printStackTrace();
}

如果您使用的是Spring5.1或更高版本，则不再需要手动设置授权标头。使用headers.setBasicAuth()方法代替：

// create headers
HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth("username", "password");

2.对于一组请求

@Service
public class RestService {

    private final RestTemplate restTemplate;

    public RestService(RestTemplateBuilder restTemplateBuilder) {
        this.restTemplate = restTemplateBuilder
                .basicAuthentication("username", "password")
                .build();
    }

   // use `restTemplate` instance here
}

3.对于每个请求

@Bean
RestOperations restTemplateBuilder(RestTemplateBuilder restTemplateBuilder) {
    return restTemplateBuilder.basicAuthentication("username", "password").build();
}

希望对您有所帮助！

Question 8

而不是实例化如下：

TestRestTemplate restTemplate = new TestRestTemplate();

像这样做：

TestRestTemplate restTemplate = new TestRestTemplate(user, password);

它对我有用，希望对您有所帮助！

Question 9

使用setBasicAuth定义的凭据

HttpHeaders headers = new HttpHeaders();
headers.setBasicAuth("myUsername", myPassword);

然后根据自己的喜好创建请求。

例：

HttpEntity<String> request = new HttpEntity<String>(headers);
ResponseEntity<String> response = restTemplate.exchange(url, HttpMethod.GET, 
request, String.class);
String body = response.getBody();