Auth0 NodeJS Authentification使用npm请求拒绝
[英]Auth0 NodeJS Authentification Refused using npm request
问题描述
I'm facing a problem, I tried to connect to Auth0 API to enable a strong identification on my WebApp. 
我遇到了问题,我尝试连接到Auth0 API以在我的WebApp上启用强识别功能。
For context : 对于上下文:
Front-End : I'm using an angularJS front, and there I implemented the Lock Library to manage the Auth0 popup by following this webapp-specific tutorial .
前端:我正在使用angularJS前端,在那里我通过遵循这个特定于webapp的教程实现了Lock Library来管理Auth0弹出窗口。 Back-End : NodeJS & Express server, in order to verify the user's authentification, I use the npm lib "request" to call the Auth0 API.
后端:NodeJS和Express服务器,为了验证用户的身份验证,我使用npm lib“request”来调用Auth0 API。
If i understand well, a click on the auth0 widget sends a request to the specified endpoint URL, and it's received by the back-end: 如果我理解的话,单击auth0小部件会向指定的端点URL发送请求,并且后端会收到它:
app.get('/auth0CallbackURL', function (req, res) {
console.log(req.query.code);
var auth0code = req.query.code;
var client_secret = PROCESS.ENV.SERCRETID;
var domain = PROCESS.ENV.DOMAIN;
var client_id = PROCESS.ENV.CLIENTID;
var redirectUrl = PROCESS.ENV.REDIRECTURL;
var request = require('request'); // request-promise
var requestParams = {
url: 'https://mycompanydomain.auth0.com/oauth/token?client_id='+client_id+'&redirect_uri='+redirectUrl+'&client_secret='+client_secret+'&code='+auth0code+'&grant_type=authorization_code',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
}
And then I call request() to get back the access_token and verify the authentification. 然后我调用request()来获取access_token并验证身份验证。
request(requestParams, function(err, data) {
if (err) {
console.log('Err:', err);
} else {
console.log('response body: ', data.body)
}
But the only result I get is : 但我得到的唯一结果是:
{
"error": "access_denied"
"error_description": "Unauthorized"
}
At the begining i thougt it was my Auth0 configuration that's didn't allow my authentification, but it seems that there are OK. 在开始时,我认为我的Auth0配置不允许我的身份验证,但似乎没有问题。
Thanks in advance for your replies. 提前感谢您的回复。
1 个解决方案
解决方案1
0 已采纳 2016-11-07 17:40:07
As per the page you linked, you need to pass the following information: 根据您链接的页面,您需要传递以下信息:
client_id=YOUR_CLIENT_ID
&redirect_uri=https://YOUR_APP/callback
&client_secret=YOUR_CLIENT_SECRET
&code=AUTHORIZATION_CODE
&grant_type=authorization_code
in the request body and with a content type of application/x-www-form-urlencoded . 在请求正文中 ,内容类型为application/x-www-form-urlencoded 。
You're setting the content type correctly, but then are passing the data in the URL query component and instead you need to pass it the POST request body . 您正在正确设置内容类型,但随后在URL查询组件中传递数据, 而您需要将其传递给POST请求正文 。
Using request package you should do the following: 使用请求包,您应该执行以下操作:
var requestParams = {
url: 'https://mycompanydomain.auth0.com/oauth/token',
method: 'POST',
body: 'client_id=' + client_id +
'&redirect_uri=' + redirectUrl +
'&client_secret=' + client_secret +
'&code=' + auth0code +
'&grant_type=authorization_code',
headers: {
'Content-Type': 'application/x-www-form-urlencoded'
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.