how to send refreshToken to the token endpoint?
ppKrauss opened this issue · comments
Peter commented
I have installed springboot-security-jwt at my endpoint (eg. https://localhost:8080/api/user/register
) and it is working fine... return a json like this,
{
"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmFAZ2cuY29tIiwic2NvcGVzIjpbIlJPTEVfUkVGUkVTSF9UT0tFTiJdLCJpc3MiOiJodHRwOi8vaXphZ3JvLmNvbS5iciIsImp0aSI6ImRkNTgxMTA4LTNhZWEtNDAzMC04NGViLWQzNjc1MmQzMzgwZCIsImlhdCI6MTQ4MTc0Mjg2NCwiZXhwIjoxNDgxNzQ2NDY0fQ.Jj3hnQuMd6Im9AJhmmxaA7ILiERqHuTUf0BYCerWe4ziggvs2PiCfB_3J2f_Gc3hOqY1IgJWJRm_LrTs1UcxwQ",
"token": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmFAZ2cuY29tIiwic2NvcGVzIjpbIlJPTEVfQ0xJRU5UIl0sImlzcyI6Imh0dHA6Ly9pemFncm8uY29tLmJyIiwiaWF0IjoxNDgxNzQyODYzLCJleHAiOjE0ODE3NzE2NjN9.4nKdiOIzOvVJvvFrO7W_gyqyoexukGaGAG-CWgg4srJoevN7PVKOQfsQXAE3h5ySkabUb-Q-xPsEQO18KSYXWw"
}
but, how to send refreshToken to api/auth/token
endpoint?
(I not see any clues at your article)
Using postman with a POST to https://localhost:8080/api/auth/token with body
{"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhbmFAZ2cuY29tIiwic2NvcGVzIjpbIlJPTEVfUkVGUkVTSF9UT0tFTiJdLCJpc3MiOiJodHRwOi8vaXphZ3JvLmNvbS5iciIsImp0aSI6ImRkNTgxMTA4LTNhZWEtNDAzMC04NGViLWQzNjc1MmQzMzgwZCIsImlhdCI6MTQ4MTc0Mjg2NCwiZXhwIjoxNDgxNzQ2NDY0fQ.Jj3hnQuMd6Im9AJhmmxaA7ILiERqHuTUf0BYCerWe4ziggvs2PiCfB_3J2f_Gc3hOqY1IgJWJRm_LrTs1UcxwQ",
}
I have response
{
"errorCode": 10,
"message": "Authentication failed",
"status": 401,
"timestamp": 1481753363749
}
Vladimir Stanković commented
You'll receive Refresh and Access Tokens upon login:
{
"token": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJzdmxhZGFAZ21haWwuY29tIiwic2NvcGVzIjpbIlJPTEVfQURNSU4iLCJST0xFX1BSRU1JVU1fTUVNQkVSIl0sImlzcyI6Imh0dHA6Ly9zdmxhZGEuY29tIiwiaWF0IjoxNDgyODYzNjkzLCJleHAiOjE0ODI4NjQ1OTN9.S5ni__Bp3jGHx1eT17TFSYAMCMUgHGwoeiTzYGdd9H4kGUXlnDEl7OlSEhp21PT-UabnrlVbLQZUupAOCVS3TQ",
"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJzdmxhZGFAZ21haWwuY29tIiwic2NvcGVzIjpbIlJPTEVfUkVGUkVTSF9UT0tFTiJdLCJpc3MiOiJodHRwOi8vc3ZsYWRhLmNvbSIsImp0aSI6ImViZmRlZTczLTJhOTYtNDA4MC05OGE4LTMzYzI3YjRmZGU3OCIsImlhdCI6MTQ4Mjg2MzY5MywiZXhwIjoxNDgyODY3MjkzfQ.lshyy1SsBORYZrp3BIiH8Wn7uVM4OLAsDt0UGnHAJ3ngX_J_aLP7kudw0RPSHszDvhd9KLdjIGUI5lv0RtXtgw"
}
Than you can use Refresh Token to acquire new Access Token. Please find example below:
curl -X GET -H "X-Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJzdmxhZGFAZ21haWwuY29tIiwic2NvcGVzIjpbIlJPTEVfUkVGUkVTSF9UT0tFTiJdLCJpc3MiOiJodHRwOi8vc3ZsYWRhLmNvbSIsImp0aSI6ImViZmRlZTczLTJhOTYtNDA4MC05OGE4LTMzYzI3YjRmZGU3OCIsImlhdCI6MTQ4Mjg2MzY5MywiZXhwIjoxNDgyODY3MjkzfQ.lshyy1SsBORYZrp3BIiH8Wn7uVM4OLAsDt0UGnHAJ3ngX_J_aLP7kudw0RPSHszDvhd9KLdjIGUI5lv0RtXtgw" -H "Cache-Control: no-cache" "http://localhost:9966/api/auth/token"