This blog post is a simple example of how to generate an IBM Cloud access token using the IBM Cloud IAM REST API and Spring Boot.
If you need to authenticate in your Spring Boot application to an IBM Cloud service, you need, in many situations, first an IBM Cloud IAM access token to invoke the REST endpoint of an IBM Cloud service later.
Example for an implementation of a Java RestClient to get the IBM Cloud access token
The starting point for the example implementation was the following curl command, which is an extract of the IBM Cloud documentation:
curl -X POST "https://iam.cloud.ibm.com/identity/token" \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Accept: application/json' \
--data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \
--data-urlencode 'apikey=<API_KEY>'
We use the Web Client RestTemplate, for the implementation in the Spring Boot application. These are the steps implemented in the code below.
- Building the header
- Building the payload
- Building the REST request
- Invoke the REST endpoint
package example.external_endpoints;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.client.RestTemplate;
// REST Client
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.http.ResponseEntity;
// Logger
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class IBMCloudTokenEndpoint {
private static final Logger log = LoggerFactory.getLogger(IBMCloudTokenEndpoint.class);
private static final String url = "SEE IN THE IBM CLOUD DOCUMENTATION";
private static final String apikey = "YOU IBM CLOUD API KEY";
@Autowired
RestTemplate restTemplate;
public static String getIamToken(){
//System.out.println("**Log: getToken");
String responseString = null;
// 1. Building the header
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
// 2. Building the payload
MultiValueMap<String, String> map= new LinkedMultiValueMap<>();
map.add("grant_type", "urn:ibm:params:oauth:grant-type:apikey");
map.add("apikey", apikey);
// 3. Building the REST request
HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(map, headers);
// 4. Invoke the REST endpoint
RestTemplate restTemplate = new RestTemplate();
try {
log.info("Log: getIamToken");
ResponseEntity<String> response = restTemplate.postForEntity(url, request,String.class);
if( response.getStatusCode().value() == 200 ){
responseString = response.getBody();
log.info("Log getIamToken: " + responseString.toString());
return responseString.toString();
} else {
String error = "Error getIamToken: " + e.getMessage();
log.info(error);
return null;
}
} catch (Exception e){
String error = "Error getIamToken: " + e.getMessage();
log.info(error);
return null;
}
}
}
- Invocation of the RestClient in a REST endpoint of an example application.
package example.controllers;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import demo.external_endpoints.IBMCloudTokenEndpoint;
@RestController
public class IBMCloudTokenController {
private static final Logger log = LoggerFactory.getLogger(IBMCloudTokenController.class);
@GetMapping("/getToken")
public String getToken(){
log.info("Log: called /getToken");
String response = IBMCloudTokenEndpoint.getIamToken();
if ( response == null ){
return "Error can't generate IAM Access Token
} else {
return response;
}
}
}
I hope this was useful to you and let’s see what’s next?
Greetings,
Thomas
#ibmcloud, #springboot, #java, #restclient, #iam, #accesstoken
Thomas Suedbroecker's Blog 