如何识别刷新令牌 API 的完整响应体？

如何解决如何识别刷新令牌 API 的完整响应体？

这些是为移动应用开发的身份验证和刷新令牌 API。任何人都可以根据此代码帮助识别刷新令牌 API 的响应正文吗？我不知何故对完整的响应主体感到困惑。我相信最终的回应是：

{
"success":true,"message":"Refresh Token generated"
}

但在那之前的完整回应是什么？

@ApiOperation(value = "Authenticate",tags = {})
    @ApiResponses(value = {
            @ApiResponse(code = HttpServletResponse.SC_OK,message = "The response body contains a boolean value and a message.",response = ResponseBase.class),@ApiResponse(code = HttpServletResponse.SC_BAD_REQUEST,message = "Bad Request.",@ApiResponse(code = HttpServletResponse.SC_UNAUTHORIZED,message = "Login failed.",@ApiResponse(code = HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE,message = "Make sure specify 'application/json' as the media type.",@ApiResponse(code = HttpServletResponse.SC_INTERNAL_SERVER_ERROR,message = "Internal Server Error",response = ResponseBase.class)
    })
    @RequestMapping(value = Constants.REST_API_AUTH,method = RequestMethod.POST)
    public ResponseEntity<Object> createAuthenticationToken(@RequestBody @Valid AuthenticationRequest request) throws Exception {

        String msg = null;

        try {
            authenticationManager.authenticate(
                    new UsernamePasswordAuthenticationToken(request.getUsername(),request.getUsername())
            );
        } catch (BadCredentialsException e) {
            msg = "Incorrect username or password";
        } catch (AccountStatusException e) {
            msg = e.getMessage();
        }
        if (null != msg) {
            msg = "Login failed: " + msg;
            String detail = request.toString();
            log.info(msg);
            throw new RestApiException(HttpStatus.UNAUTHORIZED,false,msg,detail);
        }

        if (smsUtil.isSGNumber(request.getUsername())) {
            String result = otpService.checkOtp(request.getUsername(),request.getPassword());
            msg = "Login failed: OTP " + result;
            if (Constants.OTP_STATUS_EXP.equals(result) || Constants.OTP_STATUS_MIS.equals(result)) {
                throw new RestApiException(HttpStatus.UNAUTHORIZED,msg);
            }
        }

        final UserDetail userDetail = new UserDetail(request.getUsername(),"");

        final String token = jwtTokenUtil.generateToken(userDetail);

        ResponseBase body = new ResponseBase();
        msg = "Login successful";
        log.info("{} : {}",request);
        body.setSuccess(true);
        body.setMessage(msg);
        return httpUtil.createResponseEntityJson(HttpStatus.OK,httpUtil.createSecTokenHeader(token),body);
    }


    @GetMapping(value = Constants.REST_API_REFRESH_TOKEN)
    public ResponseEntity<Object> getRefreshToken(@RequestHeader(Constants.HTTP_AUTH_HEADER) String authHeader,HttpServletRequest request) {
        log.info("Generate refresh token");
        String token = httpUtil.extractSecurityToken(authHeader);
        ResponseBase body = new ResponseBase();
        body.setSuccess(true);
        body.setMessage("Refresh Token generated");

        String refreshToken;
        DefaultClaims claims = (io.jsonwebtoken.impl.DefaultClaims) request.getAttribute("claims");
        if(null == claims) {
            refreshToken = jwtTokenUtil.renewToken(token);
        } else {
            refreshToken = jwtTokenUtil.renewToken(claims);
        }
        return httpUtil.createResponseEntityJson(HttpStatus.OK,httpUtil.createSecTokenHeader(refreshToken),body);
    }
}

从最后一行 return httpUtil.createResponseEntityJson(HttpStatus.OK,body); 开始，createSecTokenHeader 将调用：

public HttpHeaders createSecTokenHeader(String token) {
        HttpHeaders headers = new HttpHeaders();
        headers.set(Constants.HTTP_AUTH_HEADER,Constants.HTTP_AUTH_HEADER_BEARER + token);
        return headers;
    }

解决方法

{
   "success":true,"message":"Refresh Token generated"
}

return httpUtil.createResponseEntityJson(HttpStatus.OK,httpUtil.createSecTokenHeader(refreshToken),body);

httpUtil.createSecTokenHeader(refreshToken)

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。