8

我正在尝试使用 Angular5HttpInterceptor在所有 HTTP 请求中注入 Authorization 标头来实现。

我依赖第三方库(ADAL,这里称为AuthService),它公开了一种acquireToken()方法来获取用于承载授权的令牌。

问题是aquireToken()返回一个可观察的,我必须订阅才能获得我需要的真实字符串。

因此,我的代码从不注入标头,我想是因为在返回任何值next.handle()之前执行。acquireToken()

如何确保仅在检索到令牌后才调用下一个处理程序?

import { Injectable, Injector } from '@angular/core';
import { HttpEvent, HttpInterceptor, HttpHandler, HttpRequest, HttpHeaders } from '@angular/common/http';
import { Observable } from 'rxjs/Observable';
import 'rxjs/add/operator/map';

import {AuthService} from 'mylibrary';

@Injectable()
export class MyInterceptor implements HttpInterceptor {

    constructor(private auth: AuthService) { }

    intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {

        let headers = req.headers || new HttpHeaders();

        this.auth.acquireToken(req.url)
            .subscribe((token: string) => {
                headers = headers.append('Authorization', 'Bearer ' + token);
            });

        return next.handle(req.clone({ headers: headers }));
    }
}
4

2 回答 2

14

这段代码可以完成这项工作,诀窍是使用mergeMap

import { Injectable, Injector } from '@angular/core';
import { HttpEvent, HttpInterceptor, HttpHandler, HttpRequest, HttpHeaders } from '@angular/common/http';
import { Observable } from 'rxjs/Observable';
import { AdalService } from './adal.service';
import 'rxjs/add/operator/mergeMap';

@Injectable()
export class AdalInterceptor implements HttpInterceptor {

    constructor(private adal: AdalService) { }

    intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {

        // if the endpoint is not registered then pass
        // the request as it is to the next handler
        const resource = this.adal.GetResourceForEndpoint(req.url);
        if (!resource) {
            return next.handle(req.clone());
        }

        // if the endpoint is registered then acquire and inject token
        let headers = req.headers || new HttpHeaders();
        return this.adal.acquireToken(resource)
            .mergeMap((token: string) => {
                // if the user is not authenticated then drop the request
                if (!this.adal.userInfo.authenticated) {
                    throw new Error('Cannot send request to registered endpoint if the user is not authenticated.');
                }

                // inject the header
                headers = headers.append('Authorization', 'Bearer ' + token);
                return next.handle(req.clone({ headers: headers }));
            }
        );
    }
}
于 2018-03-17T11:03:44.960 回答
-3

可能的问题在这里

 constructor(private auth: AuthService) { }

提供程序在拦截器内不可用

解决方案

使用Injector注入你的服务

// 1. import the injector
import { Injectable, Injector } from '@angular/core';
// 2. create a constant of your service
private auth: AuthService;
// 3. add injector into contsructor; remove authService from constructor
constructor(private injector: Injector) { }
// 4. now create instance of your service inside intercept()
intercept() {
const auth = this.injector.get(AuthService);
// 5. now call method on this auth object
于 2018-03-16T07:23:42.330 回答