我很困惑为什么在从 NodeJs node-rest-client 调用 Spring Security OAuth2 时收到“缺少授权类型”错误。
我通过“嗅探器”检查,我可以看到我发布了完全相同的标题和正文。好吧,我注意到的唯一区别是“Content-Type:application/x-www-form-urlencoded”在从 NodeJs 调用时没有设置,但据我所知,node-rest-client 不允许这样做。我不希望这会产生影响,因为我可以看到“grant_type=password&username=a&password=a”的格式与使用 curl 的格式完全相同。
据我了解,在 curl 中,“-u greencard-trusted-client:greencard-secret”意味着我将它传递给抛出标题和“-d”grant_type=password&username=a&password=a“”作为正文,所以,我明白了我使用 node-rest-client 的方式与使用 curl 波纹管的方式相同。
任何建议将不胜感激。
curl 直接到 Spring OAuth2 服务
curl -u myapp-trusted-client:myapp-secret -k -d "grant_type=password&username=a&password=a" -H "Content-Type:application/x-www-form-urlencoded" http://localhost:9080/我的客户端/oauth/令牌
>sudo ngrep -Wbyline -d lo port 9080
interface: lo (127.0.0.0/255.0.0.0)
filter: (ip or ip6) and ( port 9080 )
####
T 127.0.0.1:38606 -> 127.0.0.1:9080 [AP]
POST /myclient/oauth/token HTTP/1.1.
Host: localhost:9080.
Authorization: Basic Z3JlZW5jYXJkLXRydXN0ZWQtY2xpZW50OmdyZWVuY2FyZC1zZWNyZXQ=.
User-Agent: curl/7.47.0.
Accept: */*.
Content-Type:application/x-www-form-urlencoded.
Content-Length: 41.
.
grant_type=password&username=a&password=a
##
T 127.0.0.1:9080 -> 127.0.0.1:38606 [AP]
HTTP/1.1 200 OK.
X-Powered-By: Servlet/3.1.
Cache-Control: no-store.
Pragma: no-cache.
Content-Type: application/xml;charset=UTF-8.
X-Content-Type-Options: nosniff.
X-XSS-Protection: 1; mode=block.
X-Frame-Options: DENY.
Content-Language: en-US.
Transfer-Encoding: chunked.
Date: Thu, 09 Mar 2017 20:10:54 GMT.
.
105.
<OAuth2AccessToken><access_token>78048b70-f84c-476c-ba4f-6eecca1c5f77</access_token><token_type>bearer</token_type><refresh_token>78410631-e3a3-4c75-b8f5-7373bbcd4fd1</refresh_token><expires_in>119</expires_in><scope>read write trust</scope></OAuth2AccessToken>.
##
T 127.0.0.1:9080 -> 127.0.0.1:38606 [AP]
node-rest-client 使用的服务完全相同
ngrep -Wbyline -d lo port 9080
interface: lo (127.0.0.0/255.0.0.0)
filter: (ip or ip6) and ( port 9080 )
####
T 127.0.0.1:38750 -> 127.0.0.1:9080 [AP]
POST /myclient/oauth/token HTTP/1.1.
Authorization: Basic Z3JlZW5jYXJkLXRydXN0ZWQtY2xpZW50OmdyZWVuY2FyZC1zZWNyZXQ=.
Content-Length: 41.
Host: 127.0.0.1:9080.
Connection: close.
.
grant_type=password&username=a&password=a
##
T 127.0.0.1:9080 -> 127.0.0.1:38750 [AP]
HTTP/1.1 400 Bad Request.
X-Powered-By: Servlet/3.1.
Cache-Control: no-store.
Pragma: no-cache.
Content-Type: application/xml;charset=UTF-8.
X-Content-Type-Options: nosniff.
X-XSS-Protection: 1; mode=block.
X-Frame-Options: DENY.
Content-Language: en-US.
Transfer-Encoding: chunked.
Connection: Close.
Date: Thu, 09 Mar 2017 20:15:09 GMT.
.
7a.
<OAuth2Exception><error>invalid_request</error><error_description>Missing grant type</error_description></OAuth2Exception>.
##
T 127.0.0.1:9080 -> 127.0.0.1:38750 [AP]
0.
nodejs 调用 Spring OAuth2 Rest Service
var express = require('express');
var bodyParser = require('body-parser');
var Client = require('node-rest-client').Client;
var client = new Client();
client.registerMethod("postMethod", "http://127.0.0.1:9080/myclient/oauth/token", "POST");
var app = express();
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({
extended: true
}));
var port = process.env.PORT || 3000;
var router = express.Router();
var tokenRoute = router.route('/token');
tokenRoute.post(function (req, res) {
var username = 'myapp-trusted-client';
var password = 'myapp-secret';
var auth = 'Basic ' + new Buffer(username + ':' + password).toString('base64');
var args = {
//data: req.body,
data: 'grant_type=password&username=a&password=a',
headers: {'Authorization': auth }
//headers: { "Content-Type": "application/json" }
};
client.methods.postMethod(args, function (data, response) {
res.writeHead(200, { "Content-Type": "application/json" });
var json = JSON.stringify({
tokenBackEnd: data
});
res.end(json);
});
});
app.use('/myclient', router);
app.listen(port);