带有签名请求的Swift Alamofire文件上传：如何发送授权标头？

Question

场景：

• iPhone iOS 8+应用程序
• 登录的用户将上传个人资料图片

该应用程序已经使用Alamofire向后端API发出签名请求。 真的很简单：该应用程序发送三个特定的HTTP标头（ Authorization ， X-Api-Key和timestamp ）以对请求进行签名。 调用Alamofire.request可以很容易地将headers作为参数发送，因此可以正常工作。

现在，用户需要能够上传其个人资料图片。 由于用户已经登录到应用程序，因此后端API将通过签名请求知道哪个用户正在发送图片-这是我在过去几个小时中一直在努力的棘手部分。 Alamofire.upload接受与.request完全不同的参数，因此我不知道在上传文件时如何发送标头。

尝试了旧的Alamofire.Manager.session.configuration.HTTPAdditionalHeaders ，但不再受支持 。 找到文件上传的吨代码示例，没有人考虑发送自定义标头。

使用Alamofire.upload方法时如何发送自定义标头？

typealias requestDataType = [String:AnyObject]
private func signRequest(data: requestDataType) -> [String:String] {
    var headers = [String:String]()

    var authString = ""
    var signatureHeaders = ""

    // Iterates over SORTED data dictionary to build headers
    for (k,v) in (data.sort{$0.0 < $1.0}) {
        if !authString.isEmpty {
            authString += "\n"
            signatureHeaders += " "
        }
        authString += "\(k): \(v)"
        signatureHeaders += "\(k)"
        headers[k] = "\(v)"
    }

    let userApiKey = _loggedInUser!["api_key"].string!
    let signature = authString.sha256(_loggedInUser!["api_secret"].string!)

    headers["X-Api-Key"] = userApiKey
    headers["Authorization"] = "Signature headers=\"\(signatureHeaders)\",keyId=\"\(userApiKey)\",algorithm=\"hmac-sha256\",signature=\"\(signature)\""

    return headers
}

func uploadProfilePicture(photo: UIImage, callback: apiCallback){
    guard let userId = _loggedInUser?["pk"].int else {
        callback(Response(success: false, responseMessage: "User not logged in"))
        return
    }

    let requestData: requestDataType = ["timestamp": "\(Int(NSDate().timeIntervalSince1970))"]

    let aManager = Manager.sharedInstance
    print(self.signRequest(requestData)) // Prints correct headers (Authorization, X-Api-Key, timestamp)
    aManager.session.configuration.HTTPAdditionalHeaders = self.signRequest(requestData)
    print(aManager.session.configuration.HTTPAdditionalHeaders) // Prints default headers, completely ignoring my custom headers

    aManager.upload(.POST, "\(_apiBaseUrl)profiles/\(userId)/photo/", multipartFormData: { multipartFormData in
        if let imageData = UIImageJPEGRepresentation(photo, 0.8) {
            multipartFormData.appendBodyPart(data: imageData, name: "upload", fileName: "userphoto.jpg", mimeType: "image/jpeg")
        }

        for (key, value) in requestData {
            multipartFormData.appendBodyPart(data: value.dataUsingEncoding(NSUTF8StringEncoding)!, name: key)
        }

        }, encodingCompletion: {
            encodingResult in

            debugPrint(encodingResult)
    })
}

请求通过。 在后端日志中，我可以看到请求返回了HTTP 403未经授权，因为无法对请求进行签名。 打印请求标头，服务器未收到任何自定义身份验证标头。

Answer 1

在初始化之前，我想共享一个在这种类型的工作中非常有用的免费工具（chrome应用程序）： DHC Rest Client ：使用此工具，您可以验证您的参数，标头和上载文件是否符合您想要的请求类型对服务器进行。

因此，可以与Swift 2.x和Alamofire 3.x一起使用 ：

首先准备标题：

let headers = [
                "Content-Type": "application/zip",
                "X-Api-Key": userApiKey,
                ...whatever you need on headers..
            ]

因此，假设您必须发送一个zip文件，并且响应将是TEXT / HTML响应类型（带有SUCCESS或ERROR的简单字符串）：

let filePath: String! = "/Users/admin.../Documents/myZipFile.zip"
var zipData: NSData! = NSData()
do {
    zipData = try NSData(contentsOfFile: filePath, options: NSDataReadingOptions.DataReadingMappedIfSafe)
} catch {
    print("- error during get nsdata from zip file\(error)")
}
let url :String! = String(format:"...myUrl?key1=%@&key2=%@",value1,value2)
Alamofire.upload(.POST, url, headers: headers, data: zipData)
                .responseString { response in
            if response.result.isSuccess {
                  let responseValue = response.result.value
                  print("Response value is: \(responseValue)")
            } else {
               var statusCode = 0
               if (response.response != nil) {
                  statusCode = (response.response?.statusCode)!
               }
               print("Error: \(response.result.error!) with statusCode: \(statusCode)")
            }

仅此而已，但是如果您想使用multipartformdata，则可以通过以下方式通过标头字典传递标头：

.upload（<＃T ##方法：方法## Method＃>，<＃T ## URLString：URLStringConvertible ## URLStringConvertible＃>，标头：<#T ## [String：String]？＃>，multipartFormData：< ＃T ## MultipartFormData->无效＃ >

Answer 2

使用@ alessandro-ornano的答案，我能够使用multipartFormData进行上传签名的请求：

func uploadProfilePicture(photo: UIImage, callback: apiCallback){
    guard let userId = _loggedInUser?["pk"].int else {
        callback(Response(success: false, responseMessage: "User not logged in"))
        return
    }

    let requestData: requestDataType = ["timestamp": "\(Int(NSDate().timeIntervalSince1970))"]
    let headers = self.signRequest(requestData)

    _alamofireManager
        .upload(.POST, "\(_apiBaseUrl)profiles/\(userId)/photo/", headers: headers, multipartFormData: { formData in
            if let imageData = UIImageJPEGRepresentation(photo, 1){
                formData.appendBodyPart(data: imageData, name: "upload", fileName: "userphoto.jpg", mimeType: "image/jpg")
            }
            for (k, v) in requestData {
                formData.appendBodyPart(data: v.dataUsingEncoding(NSUTF8StringEncoding)!, name: k)
            }
        }, encodingCompletion: { encodingResult in
            switch encodingResult {
            case .Success(let upload, _, _):
                upload.responseJSON { response in
                    self.responseHandler(response, callback: callback) // Class' private method
                }
            case .Failure(let encodingError):
                print(encodingError)
                self.dispatch_callback(callback, response: Response(success: false, responseMessage: "Unable to encode files for upload")) // Class' private method
            }
        })
}