3

我正在尝试将一些自定义标头参数添加到 HTTP 303(重定向)响应中。但是,新标头似乎已从响应中剥离。

此代码用于接收请求并返回 HTTP 303 响应:

@POST
@Path("/authorize")
@Produces("application/x-www-form-urlencoded")
public Response getOAuthGrant(@HeaderParam(OAuth2.AUTHORIZATION)    @DefaultValue("") String authorization,
                              @HeaderParam(OAuth2.CLIENT_ID)        @DefaultValue("") String clientId,
                              @HeaderParam(OAuth2.CLIENT_SECRET)    @DefaultValue("") String clientSecret,
                              @HeaderParam(OAuth2.GRANT_TYPE)       @DefaultValue("") String grantType) throws InternalServerException, UnauthorizedException {

        OAuth2.validateGrantRequest(clientId, clientSecret, authorization, grantType);

        ApiTokenV2 apiTokenV2 = new ApiTokenV2();

        try {
            apiTokenV2 = TokenManager.getApiToken(clientId);

            if (apiTokenV2 != null) {
                apiTokenV2.generateAccessGrant(clientId);
            } else {
                logger.error("Error in TokenEndpoint. Retrieved token is null.");
                throw new InternalServerException("A server error occurred while trying to authorize the requester. Could not find 'generateAccessGrant' method");
            } 
        } catch (NamingException e) {
            throw new InternalServerException("A server error occurred while trying to authorize grant request. Could not find 'generateAccessGrant' method.", e);
        }

        return Response.status(Response.Status.SEE_OTHER)
                       .type(MediaType.APPLICATION_FORM_URLENCODED_TYPE)
                       .header("Location", "/api/token")
                       .header("Authorization", "OAuth")
                       .header("Access-Grant", apiTokenV2.getAccessGrant())
                       .build();
}

我在这里做错了什么?我应该@Context改用吗?

4

1 回答 1

9

您正在尝试做的事情应该有效。

@POST
@Path("/authorize")
public Response authorize() {
    return Response.status(Response.Status.SEE_OTHER)
            .header(HttpHeaders.LOCATION, "/api/token")
            .header("X-Foo", "bar")
            .build();
}

执行它curl

% curl -v -X POST http://localhost:8080/WebApplication1/rest/console/authorize
* About to connect() to localhost port 8080 (#0)
*   Trying ::1... connected
> POST /WebApplication1/rest/console/authorize HTTP/1.1
> User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
> Host: localhost:8080
> Accept: */*
> 
< HTTP/1.1 303 See Other
< X-Powered-By: Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 3.1.2.2 Java/Oracle Corporation/1.7)
< Server: GlassFish Server Open Source Edition 3.1.2.2
< Location: /api/token
< X-Foo: bar
< Content-Length: 0
< Date: Wed, 07 Nov 2012 08:20:24 GMT
< 
* Connection #0 to host localhost left intact
* Closing connection #0

如您所见,响应代码是

303 See Other

并设置了有趣的标题:

Location: /api/token
X-Foo: bar
于 2012-11-07T08:22:44.617 回答