0

我正在尝试使用 Apache Amber 接收 Stripe Connect 的身份验证令牌。这里有一个如何用 OAuth 代码交换访问令牌的示例

但是,Stripe 需要额外的“Authorization: Bearer”标头:

  curl -X POST https://connect.stripe.com/oauth/token \
      -H "Authorization: Bearer xxxxxxxxxxxxxx" \
      -d code=AUTHORIZATION_CODE \
      -d grant_type=authorization_code

我尝试了以下方法:

            OAuthAuthzResponse oar = OAuthAuthzResponse.oauthCodeAuthzResponse(request);
            String error = oar.getParam("error");
            String errorDescription = oar.getParam("error_description");
            String code = oar.getCode();


            if (null != error && !error.isEmpty()){
                System.err.println ("Authentication failed: " + errorDescription);
                System.exit(1);
            }

            OAuthClientRequest exchangeRequest = OAuthClientRequest
            .tokenLocation("https://connect.stripe.com/oauth/token")
            .setGrantType(GrantType.AUTHORIZATION_CODE)
            .setClientId("my-client-id")
            .setCode(code)
            .buildBodyMessage();

            Map<String,String> headers =new HashMap<String, String>();
            headers.put("Authorization", "Bearer xxxxxxxxxxxxxx");

            exchangeRequest.setHeaders(headers);

           //create OAuth client that uses custom http client under the hood
           OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());


           GitHubTokenResponse oAuthResponse = oAuthClient.accessToken(exchangeRequest, GitHubTokenResponse.class);

           String accessToken = oAuthResponse.getAccessToken();

但它崩溃了:

服务器返回 HTTP 响应代码:401 用于 URL: https ://connect.stripe.com/oauth/token

关于如何添加不记名标头的任何想法?谢谢!

4

4 回答 4

0

只要我可以看到您将不记名令牌提前一步传递...您确实仍处于令牌端点阶段

于 2013-01-06T16:32:32.113 回答
0

可能最简单的事情是去掉上面代码片段中的承载部分,一旦你有了访问令牌

String accessToken = oAuthResponse.getAccessToken();

使用

GET /resource?access_token=mF_9.B5f-4.1JqM HTTP/1.1

至于https://www.rfc-editor.org/rfc/rfc6750#section-2.3

于 2013-01-10T09:08:33.600 回答
0

您还可以关注https://issues.apache.org/jira/browse/AMBER-70

于 2013-01-10T16:41:13.553 回答
0

Pinak Shah 在这里提供了答案:https: //support.stripe.com/questions/how-can-i-use-the-java-bindings-with-oauth 

  OAuthClientRequest oAuthRequest = OAuthClientRequest
                .tokenLocation(
                        paymnetInfoMsgs
                                .getMessage("stripe.website.token.url"))
                .setGrantType(GrantType.AUTHORIZATION_CODE)
                .setClientId(paymnetInfoMsgs.getMessage("stripe.clientID"))
                .setParameter("Authorization",
                        paymnetInfoMsgs.getMessage("stripe.aouthorization"))
                .setCode(code).buildBodyMessage();

        Map<String, String> headers = new HashMap<String, String>();
        headers.put("Authorization", paymnetInfoMsgs
                .getMessage("stripe.aouthorization"));
        headers.put("Content-Type", "application/x-www-form-urlencoded");

        // create OAuth client that uses custom http client under the hood
        URLConnectionClient urlConnectionClient = new URLConnectionClient();
        oAuthResponse = urlConnectionClient.execute(oAuthRequest, headers,
                "POST", OAuthJSONAccessTokenResponse.class);

谢谢,皮纳克!

于 2013-02-07T22:01:23.087 回答