(使用 node.js、express、passport-http)
我有一个 POST 路由进行摘要身份验证,尝试应用程序 json 内容类型。
我可以毫无问题地使用摘要访问 GET 路由,并且可以毫无问题地使用基本身份验证访问 POST 路由,但是当我尝试使用摘要身份验证进行 POST 时,我收到 400 - 错误请求。看起来 curl 将内容类型放在初始摘要请求上(内容长度为 0,因此它知道在初始摘要身份验证请求中不发送 json 正文),而我这边(快递)失败了无效的 json(空体):
$ curl -v --digest -X POST --data @body.json --user org2user2:lameduck -H "content-type: application/json" http://127.0.0.1:3002/user
* About to connect() to 127.0.0.1 port 3002 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 3002 (#0)
* Server auth using Digest with user 'org2user2'
> POST /user HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: 127.0.0.1:3002
> Accept: */*
> content-type: application/json
> Content-Length: 0
>
< HTTP/1.1 400 Bad Request
< X-Powered-By: Express
< Content-Type: text/plain
< Date: Thu, 21 Mar 2013 15:33:10 GMT
< Connection: keep-alive
< Transfer-Encoding: chunked
如果没有这个,我似乎无法弄清楚发送摘要初始数据包的 curl 魔法,只在随后的实际数据请求中添加内容类型。
作为参考,虽然我认为它没有帮助,但这里是相同调用的 BASIC 成绩单:
$ curl -v --basic -X POST --data @body.json --user org2user2:lameduck -H "content-type: application/json" http://127.0.0.1:3002/user
* About to connect() to 127.0.0.1 port 3002 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 3002 (#0)
* Server auth using Basic with user 'org2user2'
> POST /user HTTP/1.1
> Authorization: Basic b3JnMnVzZXIyOmxhbWVkdWNr
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: 127.0.0.1:3002
> Accept: */*
> content-type: application/json
> Content-Length: 48
>
* upload completely sent off: 48 out of 48 bytes
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Content-Type: application/json; charset=utf-8
< Content-Length: 51
< Date: Thu, 21 Mar 2013 15:43:48 GMT
< Connection: keep-alive
<
{
"this": "is working",
"that": "is annoying"
* Connection #0 to host 127.0.0.1 left intact
}* Closing connection #0
任何帮助都是极好的。