如何使用 Mule 中的盒子连接器获得 refresh_token
How to get refresh_token with the Box Connector in Mule
我正在使用 Box 连接器的 3.0.0.201609092037 版本(最新版本),因为我没有找到任何文档或示例代码来获取刷新令牌,我自己写了流程来搞定。
我实现了使用连接器执行授权操作,然后我的意图是将请求发送到 Box API 到此 url: https://api.box.com/oauth2/token in order to get an access_token and also a refresh_token (I got the API info from here https://docs.box.com/reference#token).
问题是,一旦我的流程获得授权并且我得到 access_code,我用它发送到 Box 我总是收到这个:
{
"error": "invalid_grant",
"error_description": "The authorization code has expired"
}
我检查了所有的信息,我认为是好的,我期待的回复是:
{
"access_token": "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl",
"expires_in": 3600,
"restricted_to": [],
"token_type": "bearer",
"refresh_token": "J7rxTiWOHMoSC1isKZKBZWizoRXjkQzig5C6jFgCVJ9bUnsUfGMinKBDLZWP9BgR"
}
所以我将能够存储这些属性并在需要时刷新令牌。
我的流程如下:
这是我的 XML 定义:
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:dw="http://www.mulesoft.org/schema/mule/ee/dw" xmlns:scripting="http://www.mulesoft.org/schema/mule/scripting" xmlns:tls="http://www.mulesoft.org/schema/mule/tls" xmlns:json="http://www.mulesoft.org/schema/mule/json" xmlns:objectstore="http://www.mulesoft.org/schema/mule/objectstore" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:tracking="http://www.mulesoft.org/schema/mule/ee/tracking" xmlns:box="http://www.mulesoft.org/schema/mule/box" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/box http://www.mulesoft.org/schema/mule/box/current/mule-box.xsd
http://www.mulesoft.org/schema/mule/ee/tracking http://www.mulesoft.org/schema/mule/ee/tracking/current/mule-tracking-ee.xsd
http://www.mulesoft.org/schema/mule/objectstore http://www.mulesoft.org/schema/mule/objectstore/current/mule-objectstore.xsd
http://www.mulesoft.org/schema/mule/json http://www.mulesoft.org/schema/mule/json/current/mule-json.xsd
http://www.mulesoft.org/schema/mule/ee/dw http://www.mulesoft.org/schema/mule/ee/dw/current/dw.xsd
http://www.mulesoft.org/schema/mule/scripting http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd
http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd">
<http:listener-config name="HTTP_Listener_Configuration" host="0.0.0.0" port="8081" doc:name="HTTP Listener Configuration" protocol="HTTPS">
<tls:context>
<tls:key-store type="jks" path="OBKeytore.jks" keyPassword="password" password="password"/>
</tls:context>
</http:listener-config>
<box:config-with-oauth name="Box__OAuth_2_0" clientId="my_client_id" clientSecret="My_secret" doc:name="Box: OAuth 2.0">
<box:oauth-callback-config domain="localhost" localPort="8081" remotePort="8081" path="callback" connector-ref="HTTP_Listener_Configuration"/>
<box:oauth-store-config objectStore-ref="_defaultInMemoryObjectStore"/>
</box:config-with-oauth>
<objectstore:config name="ObjectStore__Connector" partition="BoxAccessToken" persistent="true" doc:name="ObjectStore: Connector"/>
<http:request-config name="HTTP_Request_Configuration" host="api.box.com" port="443" basePath="/oauth2/" doc:name="HTTP Request Configuration" protocol="HTTPS"/>
<tls:context name="TLS_Context" doc:name="TLS Context">
<tls:trust-store path="OBKeytore.jks" password="password" type="jks"/>
<tls:key-store type="jks" path="OBKeystore.jks" keyPassword="password" password="password"/>
</tls:context>
<flow name="Authorize">
<http:listener config-ref="HTTP_Listener_Configuration" path="/authorize" doc:name="HTTP"/>
<box:authorize config-ref="Box__OAuth_2_0" doc:name="Box"/>
<flow-ref name="GenerateAcessToken" doc:name="GenerateAcessToken"/>
</flow>
<flow name="GenerateAcessToken">
<logger message="Acess Token: #[flowVars['_oauthVerifier']]" level="INFO" doc:name="Logger"/>
<set-payload value="#[[
'grant_type' :'authorization_code',
'code':flowVars['_oauthVerifier'],
'client_id':'my_client_id',
'client_secret':'my_secret'
]]" doc:name="Set Payload"/>
<http:request config-ref="HTTP_Request_Configuration" path="token" method="POST" doc:name="HTTP">
<http:success-status-code-validator values="200,400"/>
</http:request>
<object-to-string-transformer doc:name="Object to String"/>
<logger message="#[payload]" level="INFO" doc:name="Logger"/>
<catch-exception-strategy doc:name="Catch Exception Strategy">
<object-to-string-transformer doc:name="Object to String"/>
<logger message="#[payload]" level="INFO" doc:name="Logger"/>
</catch-exception-strategy>
</flow>
</mule>
我不得不提一下,我已经尝试使用具有相同参数的 POSTMAN,替换代码(据我所知它的有效期为 30 秒)并获得相同的响应。
这里有更多信息:
Anypoint Studio 版本:6.1.1
服务器运行时:3.8.1 EE
听起来可能需要 HTTP 请求者的 OAuth 授权配置,正如 Mule 服务器试图访问属于 Box 用户并保存在 Box 服务器中的资源所描述的那样:https://docs.mulesoft.com/mule-user-guide/v/3.8/authentication-in-http-requests
http://mulesoft.github.io/box-connector/3.0.0/apidocs/box-apidoc.html#_oauth_2_0_server_to_server and this example of managing OAuth tokens 以 Box 为例,如果你还没有看过的话,可能值得一看。
我正在使用 Box 连接器的 3.0.0.201609092037 版本(最新版本),因为我没有找到任何文档或示例代码来获取刷新令牌,我自己写了流程来搞定。
我实现了使用连接器执行授权操作,然后我的意图是将请求发送到 Box API 到此 url: https://api.box.com/oauth2/token in order to get an access_token and also a refresh_token (I got the API info from here https://docs.box.com/reference#token).
问题是,一旦我的流程获得授权并且我得到 access_code,我用它发送到 Box 我总是收到这个:
{
"error": "invalid_grant",
"error_description": "The authorization code has expired"
}
我检查了所有的信息,我认为是好的,我期待的回复是:
{
"access_token": "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl",
"expires_in": 3600,
"restricted_to": [],
"token_type": "bearer",
"refresh_token": "J7rxTiWOHMoSC1isKZKBZWizoRXjkQzig5C6jFgCVJ9bUnsUfGMinKBDLZWP9BgR"
}
所以我将能够存储这些属性并在需要时刷新令牌。
我的流程如下:
这是我的 XML 定义:
<?xml version="1.0" encoding="UTF-8"?>
<mule xmlns:dw="http://www.mulesoft.org/schema/mule/ee/dw" xmlns:scripting="http://www.mulesoft.org/schema/mule/scripting" xmlns:tls="http://www.mulesoft.org/schema/mule/tls" xmlns:json="http://www.mulesoft.org/schema/mule/json" xmlns:objectstore="http://www.mulesoft.org/schema/mule/objectstore" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:tracking="http://www.mulesoft.org/schema/mule/ee/tracking" xmlns:box="http://www.mulesoft.org/schema/mule/box" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/box http://www.mulesoft.org/schema/mule/box/current/mule-box.xsd
http://www.mulesoft.org/schema/mule/ee/tracking http://www.mulesoft.org/schema/mule/ee/tracking/current/mule-tracking-ee.xsd
http://www.mulesoft.org/schema/mule/objectstore http://www.mulesoft.org/schema/mule/objectstore/current/mule-objectstore.xsd
http://www.mulesoft.org/schema/mule/json http://www.mulesoft.org/schema/mule/json/current/mule-json.xsd
http://www.mulesoft.org/schema/mule/ee/dw http://www.mulesoft.org/schema/mule/ee/dw/current/dw.xsd
http://www.mulesoft.org/schema/mule/scripting http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd
http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd">
<http:listener-config name="HTTP_Listener_Configuration" host="0.0.0.0" port="8081" doc:name="HTTP Listener Configuration" protocol="HTTPS">
<tls:context>
<tls:key-store type="jks" path="OBKeytore.jks" keyPassword="password" password="password"/>
</tls:context>
</http:listener-config>
<box:config-with-oauth name="Box__OAuth_2_0" clientId="my_client_id" clientSecret="My_secret" doc:name="Box: OAuth 2.0">
<box:oauth-callback-config domain="localhost" localPort="8081" remotePort="8081" path="callback" connector-ref="HTTP_Listener_Configuration"/>
<box:oauth-store-config objectStore-ref="_defaultInMemoryObjectStore"/>
</box:config-with-oauth>
<objectstore:config name="ObjectStore__Connector" partition="BoxAccessToken" persistent="true" doc:name="ObjectStore: Connector"/>
<http:request-config name="HTTP_Request_Configuration" host="api.box.com" port="443" basePath="/oauth2/" doc:name="HTTP Request Configuration" protocol="HTTPS"/>
<tls:context name="TLS_Context" doc:name="TLS Context">
<tls:trust-store path="OBKeytore.jks" password="password" type="jks"/>
<tls:key-store type="jks" path="OBKeystore.jks" keyPassword="password" password="password"/>
</tls:context>
<flow name="Authorize">
<http:listener config-ref="HTTP_Listener_Configuration" path="/authorize" doc:name="HTTP"/>
<box:authorize config-ref="Box__OAuth_2_0" doc:name="Box"/>
<flow-ref name="GenerateAcessToken" doc:name="GenerateAcessToken"/>
</flow>
<flow name="GenerateAcessToken">
<logger message="Acess Token: #[flowVars['_oauthVerifier']]" level="INFO" doc:name="Logger"/>
<set-payload value="#[[
'grant_type' :'authorization_code',
'code':flowVars['_oauthVerifier'],
'client_id':'my_client_id',
'client_secret':'my_secret'
]]" doc:name="Set Payload"/>
<http:request config-ref="HTTP_Request_Configuration" path="token" method="POST" doc:name="HTTP">
<http:success-status-code-validator values="200,400"/>
</http:request>
<object-to-string-transformer doc:name="Object to String"/>
<logger message="#[payload]" level="INFO" doc:name="Logger"/>
<catch-exception-strategy doc:name="Catch Exception Strategy">
<object-to-string-transformer doc:name="Object to String"/>
<logger message="#[payload]" level="INFO" doc:name="Logger"/>
</catch-exception-strategy>
</flow>
</mule>
我不得不提一下,我已经尝试使用具有相同参数的 POSTMAN,替换代码(据我所知它的有效期为 30 秒)并获得相同的响应。
这里有更多信息:
Anypoint Studio 版本:6.1.1 服务器运行时:3.8.1 EE
听起来可能需要 HTTP 请求者的 OAuth 授权配置,正如 Mule 服务器试图访问属于 Box 用户并保存在 Box 服务器中的资源所描述的那样:https://docs.mulesoft.com/mule-user-guide/v/3.8/authentication-in-http-requests
http://mulesoft.github.io/box-connector/3.0.0/apidocs/box-apidoc.html#_oauth_2_0_server_to_server and this example of managing OAuth tokens 以 Box 为例,如果你还没有看过的话,可能值得一看。