Javascript 应用程序无法从 WSO2 网关生成访问令牌 URL
[英]Javascript application is unable to generate access token from WSO2 gateway URL
问题描述
We have on premise WSO2 stack for managing the api subscription where there are client applications created in the wso2 store URL for generating access tokens.
我们有用于管理 api 订阅的本地 WSO2 堆栈,其中在 wso2 存储 URL 中创建了客户端应用程序以生成访问令牌。 One of the development team in our organization is trying to generate the access token from the client id and secret by the means of javascript. The tokens are not getting generated and resulting into CORS issue.我们组织中的一个开发团队正在尝试通过 javascript 从客户端 ID 和密码生成访问令牌。令牌未生成并导致 CORS 问题。 I have checked the documentations for similar issues and I have made change in the TokenAPI .xml file located under the <API_M>/repository/deployment/server/synapse-configs/default/api directory by adding the outsequence property.我检查了类似问题的文档,并通过添加 outsequence 属性对位于 <API_M>/repository/deployment/server/synapse-configs/default/api 目录下的TokenAPI .xml 文件进行了更改。 Unfortunately this did not solve the issue.不幸的是,这并没有解决问题。 I have read a few documentations and verified the cors configuration in the api manager.xml file it looked fine to me.我已经阅读了一些文档并验证了 cors 配置在 api manager.xml 文件中,它看起来不错。
const token =
"Base64(consumer-key:consumer-secret)";
const url = "https://<gateway_Url>/token";
const res = axios({
method: "post",
url: url,
data: "grant_type=client_credentials",
headers: {
"Authorization": `Basic ${token}`,
"Content-Type": "application/x-www-form-urlencoded",
Accept: "application/json"
},
});
cat /data/wso2/wso2am-2.6.0/repository/deployment/server/synapse-configs/default/api/_TokenAPI_.xml
<api xmlns="http://ws.apache.org/ns/synapse" name="_WSO2AMTokenAPI_" context="/token">
<resource methods="POST" url-mapping="/*" faultSequence="_token_fault_">
<inSequence>
<property name="uri.var.portnum" expression="get-property('keyManager.port')"/>
<property name="uri.var.hostname" expression="get-property('keyManager.hostname')"/>
<send>
<endpoint>
<http uri-template="https://{uri.var.hostname}:{uri.var.portnum}/oauth2/token">
<timeout>
<duration>60000</duration>
<responseAction>fault</responseAction>
</timeout>
</http>
</endpoint>
</send>
</inSequence>
<outSequence>
<property name="Access-Control-Allow-Headers" scope="transport" value="authorization,Access-Control-Allow-Origin,Content-Type,Action"></property>
<send/>
</outSequence>
</resource>
<handlers>
<handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerCacheExtensionHandler"/>
<handler class="org.wso2.carbon.apimgt.gateway.handlers.common.SynapsePropertiesHandler"/>
</handlers>
</api>
Error - Access to XMLHttpRequest at 'https://api-uat.ucl.ac.uk/token' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
1 个解决方案
解决方案1
0 2022-09-29 08:58:50
You might have to add the CORS handler to the token API under handlers.您可能必须将 CORS 处理程序添加到处理程序下的令牌 API。
<handler class= "org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
<property name="apiImplementationType" value="ENDPOINT"/>
</handler>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.