我在规范文档中找不到易于理解的答案。除了简单的答案,我很高兴能参考描述这一点的规范。
此问题是Authorization header in null 将其值设置为 Encrypted SAML 2 token 时的后续问题。
问问题
5290 次
3 回答
9
Authorization = "Authorization" ":" credentials
"credentials"本规范采用[RFC 2617]中 [..] 的定义。
credentials = auth-scheme #auth-param
auth-scheme = token
auth-param = token "=" ( token | quoted-string )
For Basic, the framework above is utilized as follows:
credentials = "Basic" basic-credentials
所以在固定Authorization:部分之后,你可以使用:
token,在使用 Digest 或任何其他未指定的身份验证方案时,后跟一个可选的"=" (token | quoted-string)(参见RFC 2616 的第 16 页),或者"Basic" basic-credentials使用基本身份验证时,根据 RFC 2045basic-credentials进行base64 编码的位置。
我想尽管您实际上是在尝试提出不同的问题。您在实施特定授权机制方面是否有任何问题?你试图用什么语言来实现它,你目前有什么代码,问题是什么?
于 2013-10-22T08:13:54.310 回答
2
不要担心即将过时的规格,请看这里: http: //greenbytes.de/tech/webdav/draft-ietf-httpbis-p7-auth-24.html##challenge.and.response
于 2013-10-23T08:32:24.873 回答
2
授权令牌中的有效字符
规范真的很难阅读,但据我了解,令牌可以包含以下任何 ASCII 字符:
Char Dec Col/Row Oct Hex Name and Description
(!) 33 02/01 41 21 EXCLAMATION MARK
(#) 35 02/03 43 23 NUMBER SIGN
($) 36 02/04 44 24 DOLLAR SIGN
(%) 37 02/05 45 25 PERCENT SIGN
(&) 38 02/06 46 26 AMPERSAND
(') 39 02/07 47 27 APOSTROPHE
(*) 42 02/10 52 2A ASTERISK
(+) 43 02/11 53 2B PLUS SIGN
(-) 45 02/13 55 2D HYPHEN, MINUS SIGN
(.) 46 02/14 56 2E PERIOD, FULL STOP
(0) 48 03/00 60 30 DIGIT ZERO
(1) 49 03/01 61 31 DIGIT ONE
(2) 50 03/02 62 32 DIGIT TWO
(3) 51 03/03 63 33 DIGIT THREE
(4) 52 03/04 64 34 DIGIT FOUR
(5) 53 03/05 65 35 DIGIT FIVE
(6) 54 03/06 66 36 DIGIT SIX
(7) 55 03/07 67 37 DIGIT SEVEN
(8) 56 03/08 70 38 DIGIT EIGHT
(9) 57 03/09 71 39 DIGIT NINE
(A) 65 04/01 101 41 CAPITAL LETTER A
(B) 66 04/02 102 42 CAPITAL LETTER B
(C) 67 04/03 103 43 CAPITAL LETTER C
(D) 68 04/04 104 44 CAPITAL LETTER D
(E) 69 04/05 105 45 CAPITAL LETTER E
(F) 70 04/06 106 46 CAPITAL LETTER F
(G) 71 04/07 107 47 CAPITAL LETTER G
(H) 72 04/08 110 48 CAPITAL LETTER H
(I) 73 04/09 111 49 CAPITAL LETTER I
(J) 74 04/10 112 4A CAPITAL LETTER J
(K) 75 04/11 113 4B CAPITAL LETTER K
(L) 76 04/12 114 4C CAPITAL LETTER L
(M) 77 04/13 115 4D CAPITAL LETTER M
(N) 78 04/14 116 4E CAPITAL LETTER N
(O) 79 04/15 117 4F CAPITAL LETTER O
(P) 80 05/00 120 50 CAPITAL LETTER P
(Q) 81 05/01 121 51 CAPITAL LETTER Q
(R) 82 05/02 122 52 CAPITAL LETTER R
(S) 83 05/03 123 53 CAPITAL LETTER S
(T) 84 05/04 124 54 CAPITAL LETTER T
(U) 85 05/05 125 55 CAPITAL LETTER U
(V) 86 05/06 126 56 CAPITAL LETTER V
(W) 87 05/07 127 57 CAPITAL LETTER W
(X) 88 05/08 130 58 CAPITAL LETTER X
(Y) 89 05/09 131 59 CAPITAL LETTER Y
(Z) 90 05/10 132 5A CAPITAL LETTER Z
(^) 94 05/14 136 5E CIRCUMFLEX ACCENT
(_) 95 05/15 137 5F LOW LINE, UNDERLINE
(`) 96 06/00 140 60 GRAVE ACCENT
(a) 97 06/01 141 61 SMALL LETTER a
(b) 98 06/02 142 62 SMALL LETTER b
(c) 99 06/03 143 63 SMALL LETTER c
(d) 100 06/04 144 64 SMALL LETTER d
(e) 101 06/05 145 65 SMALL LETTER e
(f) 102 06/06 146 66 SMALL LETTER f
(g) 103 06/07 147 67 SMALL LETTER g
(h) 104 06/08 150 68 SMALL LETTER h
(i) 105 06/09 151 69 SMALL LETTER i
(j) 106 06/10 152 6A SMALL LETTER j
(k) 107 06/11 153 6B SMALL LETTER k
(l) 108 06/12 154 6C SMALL LETTER l
(m) 109 06/13 155 6D SMALL LETTER m
(n) 110 06/14 156 6E SMALL LETTER n
(o) 111 06/15 157 6F SMALL LETTER o
(p) 112 07/00 160 70 SMALL LETTER p
(q) 113 07/01 161 71 SMALL LETTER q
(r) 114 07/02 162 72 SMALL LETTER r
(s) 115 07/03 163 73 SMALL LETTER s
(t) 116 07/04 164 74 SMALL LETTER t
(u) 117 07/05 165 75 SMALL LETTER u
(v) 118 07/06 166 76 SMALL LETTER v
(w) 119 07/07 167 77 SMALL LETTER w
(x) 120 07/08 170 78 SMALL LETTER x
(y) 121 07/09 171 79 SMALL LETTER y
(z) 122 07/10 172 7A SMALL LETTER z
(|) 124 07/12 174 7C VERTICAL LINE, VERTICAL BAR
(~) 126 07/14 176 7E TILDE
也可以包括以下内容,但它们必须在带引号的字符串中:
Char Dec Col/Row Oct Hex Name and Description
9 00/09 11 09 HT (Ctrl-I) HORIZONTAL TAB
10 00/10 12 0A LF (Ctrl-J) LINE FEED
13 00/13 15 0D CR (Ctrl-M) CARRIAGE RETURN
( ) 32 02/00 40 20 SPACE
(") 34 02/02 42 22 QUOTATION MARK
(() 40 02/08 50 28 LEFT PARENTHESIS
()) 41 02/09 51 29 RIGHT PARENTHESIS
(,) 44 02/12 54 2C COMMA
(/) 47 02/15 57 2F SOLIDUS, SLASH
(:) 58 03/10 72 3A COLON
(;) 59 03/11 73 3B SEMICOLON
(<) 60 03/12 74 3C LESS-THAN SIGN, LEFT ANGLE BRACKET
(=) 61 03/13 75 3D EQUALS SIGN
(>) 62 03/14 76 3E GREATER-THAN SIGN, RIGHT ANGLE BRACKET
(?) 63 03/15 77 3F QUESTION MARK
(@) 64 04/00 100 40 COMMERCIAL AT SIGN
([) 91 05/11 133 5B LEFT SQUARE BRACKET
(\) 92 05/12 134 5C REVERSE SOLIDUS (BACKSLASH)
(]) 93 05/13 135 5D RIGHT SQUARE BRACKET
({) 123 07/11 173 7B LEFT CURLY BRACKET, LEFT BRACE
(}) 125 07/13 175 7D RIGHT CURLY BRACKET, RIGHT BRACE
列和格式取自这里。
眼镜
这是文档:
许多 HTTP/1.1 标头字段值由 LWS [回车、换行、空格、水平制表符] 或特殊字符分隔的单词组成。这些特殊字符必须在一个带引号的字符串中,以便在参数值中使用(如第 3.6 节中所定义)。
token = 1*<any CHAR except CTLs or separators> separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <"> | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT
笔记
- Base64 和 Base64Url 是上述字符集的子集,因此如果有疑问,您始终可以使用其中之一对 Authentication 标头进行编码。
- 感谢@CodeCaster为我指明了正确的方向。
于 2019-05-20T16:46:11.227 回答