如何使用JWT令牌从android中的cookie存储发送HTTP请求
Omk*_*kar 3 authentication android httpurlconnection jwt
到目前为止我做了什么:
我正在尝试与具有自定义身份验证的Java Web应用程序进行通信.在那里,我需要首先点击一个带有请求体参数JSON类型的链接,以便在我的cookie中获取JWT auth-token.
我在Postman测试了连接,我收到了正确的JSON回复.但是当我在我的Android应用程序中尝试相同时它返回Bad Request错误.
对邮差测试:
登录和进入auth-tokencookie存储:
- 发布,网址:
http://iitjeeacademy.com/iitjeeacademy/api/v1/login - 头:
Content-Type:application/json - 请求正文(原始):
{"password":"123","type":"student","email":"shobhit@gmail.com"}
登录后获取响应使用:
- 获取,网址:
http://iitjeeacademy.com/iitjeeacademy/api/v1/student/me
存储在Postman中的cookie的屏幕截图:
存储在Chrome中的Cookie的屏幕截图
以下是我HttpURLConnection在android中的请求代码:
"Post"方法,此连接用于获取auth-token.此方法返回200 Response.
HttpURLConnection connection = null;
try {
// Created URL for connection.
URL url = new URL(link);
// Input data setup
byte[] postData = request.getBytes(StandardCharsets.UTF_8);
int postDataLength = postData.length;
// Created connection
connection = (HttpURLConnection) url.openConnection();
connection.setDoOutput(true);
connection.setInstanceFollowRedirects(false);
connection.setRequestMethod("POST");
connection.setRequestProperty("Content-Type", "application/json");
connection.setRequestProperty("charset", "utf-8");
connection.setRequestProperty("Content-Length", Integer.toString(postDataLength));
connection.setUseCaches(false);
// loaded inputs
DataOutputStream wr = new DataOutputStream(connection.getOutputStream());
wr.write(postData);
wr.flush();
wr.close();
// getting a response
int responseCode = connection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK){
// Read response
response = convertToString(connection.getInputStream());
return response;
}else{
// Read Error
String response = connection.getResponseMessage();
return response;
}
} catch (MalformedURLException e) {
e.printStackTrace();
Log.v("MalformedURL ---> ", e.getMessage());
} catch (ProtocolException p) {
p.printStackTrace();
Log.v("Connection ---> ", p.getMessage());
} catch (IOException i) {
i.printStackTrace();
Log.v("IO Exception ---> ", i.getMessage());
} finally {
connection.disconnect();
}
"获取"方法,必须auth-token在会话cookie中获得响应.此方法提供401 Unauthorized Error.
HttpURLConnection connection = null;
try{
// Created URL for connection
URL url = new URL(link);
// Created connection
connection = (HttpURLConnection) url.openConnection();
connection.setInstanceFollowRedirects(false);
connection.setRequestMethod("GET");
connection.setRequestProperty("Content-Type", "application/json");
connection.setRequestProperty("charset", "utf-8");
// getting a response
int responseCode = connection.getResponseCode();
if (responseCode == HttpURLConnection.HTTP_OK){
response = convertToString(connection.getInputStream());
return response;
}else{
// Read Error
String response = connection.getResponseMessage();
return response;
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (ProtocolException p) {
p.printStackTrace();
} catch (IOException i) {
i.printStackTrace();
} finally {
connection.disconnect();
}
问题:
如何在HttpURLConnectionandroid中使用存储的JWT Token 来获取Web服务的响应.
jay*_*eek 10
我相信你已经继续前进,但......
对于JWT auth,我将发送一个HTTP Request 标头格式为:
授权: Bearer jwtHeader.jwtPayload.jwtSignature
例:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
规范和详细信息可在以下网址获得:https://jwt.io/introduction/
| 归档时间: |
|
| 查看次数: |
25158 次 |
| 最近记录: |