[英]Ember oauth2 Authentication issues
嘗試將ember應用程序連接到oauth2身份驗證服務時,獲取[error =“ unauthorized”,error_description =“需要完全身份驗證才能訪問此資源”]。 任何建議將不勝感激。 我花了幾天的時間試圖解決此問題,但無濟於事。
這是app.js中的代碼
Ember.Application.initializer({
name: 'authentication',
initialize: function(container, application) {
Ember.SimpleAuth.Authenticators.OAuth2.reopen({
makeRequest: function(credentials) {
credentials.client_id= 'rsweb-client';
credentials.client_secret= '123456';
credentials.scope='read';
return Ember.$.ajax({
type: "POST",
url: 'http://127.0.0.1
:8080/api/oauth/token',
async: false,
data:credentials,
success: function (data, textStatus, xhr){
Ember.run(function(){
resolve({username: data['pl-usr-nickname']});
});
},
error: function (xhr, status, error){
Ember.run(function(){
console.log(xhr.responseText);
});
}
});
}
});
Ember.SimpleAuth.setup(container, application, { // @todo at version 0.1.2 of Ember-simple-auth, add container
crossOriginWhitelist: ['http://127.0.0.1
:8080'], // @todo remove when live
// store: Ember.SimpleAuth.Stores.LocalStorage,
authenticationRoute: 'login'
});
}
});
Here is the # The OAuth-secured REST Endpoint
This uses the simple OAuth Resource Owner Password flow.
Here is an example of how to acquired an access_token
, and then use that access_token
to update an application.
```
curl --noproxy localhost -X POST -vu rsweb-client:123456 http://127.0.0.1
:8080/api/oauth/token -H "Accept: application/json" -d "password=password&username=user&grant_type=password&scope=read&client_secret=123456&client_id=rsweb-client"
This returns an token when i access from the command line tool. But not from the ember app.
Here is the request payload:
Content-Type application/x-www-form-urlencoded; charset=UTF-8
Accept */*
Parameters application/x-www-form-urlencoded
client_id rsweb-client
client_secret 123456
grant_type password
password password
scope read
username user
看起來您的身份驗證服務器希望將client_id和client_secret作為HTTP基本身份驗證憑據,而您的身份驗證器會在有效負載中發送它們。 您必須在如以下定義的makeRequest
方法中添加Authorization
標頭,例如: http ://tools.ietf.org/html/rfc2617,它是“ rsweb-client:123456”的base64編碼。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.