从WSO2 RESTClient获取不正确的访问令牌类型
[英]Getting Incorrect Access Token Type from WSO2 RESTClient
问题描述
I'm evaluating WSO2 API Manager 1.3.0 and have it deployed on a Linux server. 
我正在评估WSO2 API Manager 1.3.0,并将其部署在Linux服务器上。 I've published an API, then as a client user, I've subscribed to that API and also generated production keys for it. 我已经发布了一个API,然后作为客户端用户,我已经订阅了该API并为其生成了生产密钥。
Access Token EnhC3kxAf6hL68pqMSr2gYwK950a
Consumer Key TyEqcYa4hytVPhpiQqRWVNiVIZ0a
Consumer Secret 7VC9z347ZIzf_K_15rjsGyXcRIYa
When I try to access the API through RESTClient and pass in the Access Token for authentication as per http://docs.wso2.org/wiki/display/AM130/Subscribing+to+an+API and http://docs.wso2.org/wiki/display/AM120/Testing+an+API : 当我尝试通过RESTClient访问API并按照http://docs.wso2.org/wiki/display/AM130/Subscribing+to+an+API和http://docs.wso2传递访问令牌进行身份验证时.org / wiki / display / AM120 / Testing + an + API :
Authorization:Bearer EnhC3kxAf6hL68pqMSr2gYwK950a
I get an error 我得到一个错误
<ams:fault xmlns:ams="http://wso2.org/apimanager/security">
<ams:code>900905</ams:code>
<ams:message>Incorrect Access Token Type is provided</ams:message>
<ams:description>Access failure for API: /test, version: 1 with key: EnhC3kxAf6hL68pqMSr2gYwK950a</ams:description>
</ams:fault>
What am I missing? 我想念什么?
2 个解决方案
解决方案1
0 2013-01-10 11:42:53
When creating the API from publisher app,the last input field section is to enter 'API Resources' details.There you can set different three types of authorization levels for each resource verb per url pattern as; 从发布商应用创建API时,最后一个输入字段部分是输入“ API资源”详细信息。您可以为每个url模式的每个资源动词设置三种不同的授权级别:
1.None- No authorization header required to invoke particular API 1.无-无需授权标头即可调用特定的API
2.Application-Application Access Token[The access token generated per application in Store app] required to invoke the API 2.Application-Application Access Token [应用商店中每个应用生成的访问令牌]
3.Application User -End user access token[which can be generated from loginAPI by using generated consumer key/secret per application in Store] required to invoke the API 3.Application User-最终用户访问令牌(可以通过调用API所需的最终用户访问令牌(可以通过使用应用商店中每个应用程序生成的使用者密钥/秘密从loginAPI生成)
If you are going to try to invoke a particular API resource url,first you need to make sure you are trying with the correct authorization scheme.For example if you set your accessing API resource verb authorization scheme as 'Application User' and if you try invoking that resource verb with Application Access Token,similar error which you have get will be thrown. 如果您要尝试调用特定的API资源网址,则首先需要确保尝试使用正确的授权方案。例如,如果将访问API资源动词授权方案设置为“ Application User”,并且尝试使用Application Access Token调用该资源动词,将会抛出类似的错误。
As per your given info,you have tried with the API with Application Access Token. 根据您提供的信息,您已尝试使用带有Application Access Token的API。 Can you double check,by going to Publisher app->Browse the related API->Navigate to edit API page ,whether you have set the authentication scheme for your accessing resource url method as 'Application'. 是否可以通过进入Publisher app->浏览相关API->导航以编辑API页面来进行仔细检查,是否已将访问资源url方法的身份验证方案设置为“应用程序”。 ? ?
Thanks; 谢谢;
/Lalaji /拉拉吉
解决方案2
0 2013-06-10 04:47:05
I have faced this issue - the production url was configured like http://xxx.xxx.xx.xx/services/rest/entity.json/search with a context /search, URL prefix as search/1.0.0 and URL pattern as /*. 我已经遇到了这个问题-生产网址的配置类似于http://xxx.xxx.xx.xx/services/rest/entity.json/search ,上下文为/ search,URL前缀为search / 1.0.0,URL模式作为/ *。 - on executing /search/1.0.0/abc on the REST client, I have got the same error. -在REST客户端上执行/search/1.0.0/abc时,出现了相同的错误。
The error was fixed on setting the production url as http://xxx.xxx.xx.xx/services/rest with a context as /search. 该错误已修复,将生产URL设置为http://xxx.xxx.xx.xx/services/rest ,上下文设置为/ search。 While adding the API resources, set URL prefix as /search/1.0.0 and URL pattern as /entity.json/search/*. 添加API资源时,将URL前缀设置为/search/1.0.0,将URL模式设置为/entity.json/search/*。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.