如何在javascript的REST API调用中进行http身份验证
[英]How to make http authentication in REST API call from javascript
问题描述
I need to call OpenMRS REST API from Java script to get data from OpenMRS. 
我需要从Java脚本调用OpenMRS REST API来从OpenMRS获取数据。 Below is my java script code: 以下是我的Java脚本代码:
function myfunction(){
var xhr = new XMLHttpRequest();
xhr.open("GET", "http://localhost:8081/openmrs-standalone/ws/rest/v1/person?q=John", false);
xhr.setRequestHeader("Authorization: Basic YWRtaW46QWRtaW4xMjM");
xhr.send("");
alert(xhr.status);
}
Where YWRtaW46QWRtaW4xMjM is my base64 coded username:password as explained here . 凡YWRtaW46QWRtaW4xMjM是我的base64编码的用户名:密码作为解释在这里 。 If I do not put the authorization line in the code and check the web app using Firebug, it returns 401 unauthorized status that is expected. 如果我未在代码中放置授权行,并使用Firebug检查Web应用程序,则它将返回401预期的未授权状态。 But if I put the authorization, nothing is returned and in firebug I do not see any response as well. 但是,如果我放置了授权,则不会返回任何内容,并且在Firebug中我也看不到任何响应。 If I check the URL directly on browser, the page asks for username and password and after giving correct credential, it returns the data normaly. 如果我直接在浏览器上检查URL,则页面会要求输入用户名和密码,并在提供正确的凭据后正常返回数据。 So I am getting some problem of providing the http authentication right from the java script of the app. 因此,我在从应用程序的Java脚本提供http身份验证时遇到了一些问题。 I have also considered the methods explained here but no luck. 我也考虑过这里介绍的方法,但是没有运气。 Can anyone please help me to authorize the http request right from the javascript? 任何人都可以帮助我直接从JavaScript授权http请求吗?
1 个解决方案
解决方案1
2 2016-08-08 15:20:46
Here is another similar but different example of how to set the header for authorization purposes, but instead using JQuery and AJAX. 这是另一个类似但不同的示例,该示例说明如何设置标题以用于授权目的,而是使用JQuery和AJAX。
var token = "xyz"
var url = "http://localhost:8081/openmrs-standalone/ws/rest/v1/person?q=John"
$.ajax({
url: url,
beforeSend: function(xhr) {
xhr.setRequestHeader("Authorization", "Bearer " + token)
},
})
.done(function (data) {
$.each(data, function (key, value) {
// Do Something
})
})
.fail(function (jqXHR, textStatus) {
alert("Error: " + textStatus);
})
Below is also an example of how you might get an access token using xhr instead of AJAX. 下面也是一个示例,说明如何使用xhr而不是AJAX获取访问令牌。
var data = "grant_type=password&username=myusername@website.com&password=MyPassword";
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === 4) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://somewebsite.net/token");
xhr.setRequestHeader("cache-control", "no-cache");
xhr.setRequestHeader("client_id", "4444-4444-44de-4444");
xhr.send(data);
Beware of cross-site domain requests(if you're requesting a token that's not on localhost or within the domain that you are currently working in), as you'll need CORS for that. 当心跨站点域请求(如果您请求的令牌不在本地主机上或不在您当前正在使用的域内),因为这需要CORS。 If you do run into a cross-domain issue, see this tutorial for help , and be sure you have enabled CORS requests from the API as well. 如果确实遇到跨域问题, 请参见本教程以获取帮助 ,并确保您还启用了来自API的CORS请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.