我想使用Oauth2 包向 REST API 验证我的颤振应用程序,但 REST API 在请求中询问 CSRF 令牌。这是我的代码,有人知道我可以如何以及在哪里添加这个 Token 吗?
我试图修改 Oauth2 Flutter 库提供的代码示例,但它不起作用。
void Login() async {
final authorizationEndpoint = Uri.parse(
"http://ipadress:8000/oauth2/authorization/");
final username = "user";
final password = "pass";
final identifier = "DG9GSrfae8gCzWDJU0jbxQC6DAUsTl8dSBMxwPEz";
final secret = await getCsrftoken();
var client = await oauth2.resourceOwnerPasswordGrant(
authorizationEndpoint, username, password,
identifier: identifier, secret: secret,);
var result = await client.read("http://ipadress/api/users/me/");
print(result);
new File("~/.myapp/credentials.json")
.writeAsString(client.credentials.toJson());
}
Future<String> getCsrftoken() async {
var response =
await http.get(Uri.encodeFull('http://ipadress:8000/login/'));
var csrftoken =
response.headers.remove('set-cookie').substring(10, 74); //csrf 64 chars
return csrftoken;
}
$ Forbidden (CSRF cookie not set.): /oauth2/authorization/
$ "POST /oauth2/authorization/HTTP/1.1" 403 2990