我在规范文档中找不到一个易于理解的答案。除了简单的答案,我很乐意参考描述这个的规范。
这个问题是对Authorization header in null when setting its value to an Encrypted SAML 2 token的跟进。
答案 0 :(得分:8)
Authorization = "Authorization" ":" credentials
RFC 2616, 11 Access Authentication:
此 规范采用[..]
"credentials"
的定义 来自[RFC 2617]。RFC 2617, 1.2 1.2 Access Authentication Framework:
credentials = auth-scheme #auth-param auth-scheme = token auth-param = token "=" ( token | quoted-string )
RFC 2617, 2 Basic Authentication Scheme
For Basic, the framework above is utilized as follows: credentials = "Basic" basic-credentials
因此,在修复Authorization:
部分后,您可以使用:
token
,在使用摘要或任何其他未指定的身份验证方案时,后跟可选的"=" (token | quoted-string)
(请参阅page 16 of RFC 2616),或"Basic" basic-credentials
使用基本身份验证时basic-credentials
为base64-encoded according to RFC 2045。我猜你实际上是在尝试提出另一个问题。您是否在实施特定授权机制方面遇到任何问题?你试图用什么语言实现它,你现在有什么代码,问题是什么?
答案 1 :(得分:2)
不要担心即将淘汰的规格,请点击此处:http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p7-auth-24.html##challenge.and.response
答案 2 :(得分:1)
specifications确实很难阅读,但据我所知,令牌可以包含以下任何ASCII字符:
Char Dec Col/Row Oct Hex Name and Description
(!) 33 02/01 41 21 EXCLAMATION MARK
(#) 35 02/03 43 23 NUMBER SIGN
($) 36 02/04 44 24 DOLLAR SIGN
(%) 37 02/05 45 25 PERCENT SIGN
(&) 38 02/06 46 26 AMPERSAND
(') 39 02/07 47 27 APOSTROPHE
(*) 42 02/10 52 2A ASTERISK
(+) 43 02/11 53 2B PLUS SIGN
(-) 45 02/13 55 2D HYPHEN, MINUS SIGN
(.) 46 02/14 56 2E PERIOD, FULL STOP
(0) 48 03/00 60 30 DIGIT ZERO
(1) 49 03/01 61 31 DIGIT ONE
(2) 50 03/02 62 32 DIGIT TWO
(3) 51 03/03 63 33 DIGIT THREE
(4) 52 03/04 64 34 DIGIT FOUR
(5) 53 03/05 65 35 DIGIT FIVE
(6) 54 03/06 66 36 DIGIT SIX
(7) 55 03/07 67 37 DIGIT SEVEN
(8) 56 03/08 70 38 DIGIT EIGHT
(9) 57 03/09 71 39 DIGIT NINE
(A) 65 04/01 101 41 CAPITAL LETTER A
(B) 66 04/02 102 42 CAPITAL LETTER B
(C) 67 04/03 103 43 CAPITAL LETTER C
(D) 68 04/04 104 44 CAPITAL LETTER D
(E) 69 04/05 105 45 CAPITAL LETTER E
(F) 70 04/06 106 46 CAPITAL LETTER F
(G) 71 04/07 107 47 CAPITAL LETTER G
(H) 72 04/08 110 48 CAPITAL LETTER H
(I) 73 04/09 111 49 CAPITAL LETTER I
(J) 74 04/10 112 4A CAPITAL LETTER J
(K) 75 04/11 113 4B CAPITAL LETTER K
(L) 76 04/12 114 4C CAPITAL LETTER L
(M) 77 04/13 115 4D CAPITAL LETTER M
(N) 78 04/14 116 4E CAPITAL LETTER N
(O) 79 04/15 117 4F CAPITAL LETTER O
(P) 80 05/00 120 50 CAPITAL LETTER P
(Q) 81 05/01 121 51 CAPITAL LETTER Q
(R) 82 05/02 122 52 CAPITAL LETTER R
(S) 83 05/03 123 53 CAPITAL LETTER S
(T) 84 05/04 124 54 CAPITAL LETTER T
(U) 85 05/05 125 55 CAPITAL LETTER U
(V) 86 05/06 126 56 CAPITAL LETTER V
(W) 87 05/07 127 57 CAPITAL LETTER W
(X) 88 05/08 130 58 CAPITAL LETTER X
(Y) 89 05/09 131 59 CAPITAL LETTER Y
(Z) 90 05/10 132 5A CAPITAL LETTER Z
(^) 94 05/14 136 5E CIRCUMFLEX ACCENT
(_) 95 05/15 137 5F LOW LINE, UNDERLINE
(`) 96 06/00 140 60 GRAVE ACCENT
(a) 97 06/01 141 61 SMALL LETTER a
(b) 98 06/02 142 62 SMALL LETTER b
(c) 99 06/03 143 63 SMALL LETTER c
(d) 100 06/04 144 64 SMALL LETTER d
(e) 101 06/05 145 65 SMALL LETTER e
(f) 102 06/06 146 66 SMALL LETTER f
(g) 103 06/07 147 67 SMALL LETTER g
(h) 104 06/08 150 68 SMALL LETTER h
(i) 105 06/09 151 69 SMALL LETTER i
(j) 106 06/10 152 6A SMALL LETTER j
(k) 107 06/11 153 6B SMALL LETTER k
(l) 108 06/12 154 6C SMALL LETTER l
(m) 109 06/13 155 6D SMALL LETTER m
(n) 110 06/14 156 6E SMALL LETTER n
(o) 111 06/15 157 6F SMALL LETTER o
(p) 112 07/00 160 70 SMALL LETTER p
(q) 113 07/01 161 71 SMALL LETTER q
(r) 114 07/02 162 72 SMALL LETTER r
(s) 115 07/03 163 73 SMALL LETTER s
(t) 116 07/04 164 74 SMALL LETTER t
(u) 117 07/05 165 75 SMALL LETTER u
(v) 118 07/06 166 76 SMALL LETTER v
(w) 119 07/07 167 77 SMALL LETTER w
(x) 120 07/08 170 78 SMALL LETTER x
(y) 121 07/09 171 79 SMALL LETTER y
(z) 122 07/10 172 7A SMALL LETTER z
(|) 124 07/12 174 7C VERTICAL LINE, VERTICAL BAR
(~) 126 07/14 176 7E TILDE
以下内容也可以包括在内,但必须用引号引起来:
Char Dec Col/Row Oct Hex Name and Description
9 00/09 11 09 HT (Ctrl-I) HORIZONTAL TAB
10 00/10 12 0A LF (Ctrl-J) LINE FEED
13 00/13 15 0D CR (Ctrl-M) CARRIAGE RETURN
( ) 32 02/00 40 20 SPACE
(") 34 02/02 42 22 QUOTATION MARK
(() 40 02/08 50 28 LEFT PARENTHESIS
()) 41 02/09 51 29 RIGHT PARENTHESIS
(,) 44 02/12 54 2C COMMA
(/) 47 02/15 57 2F SOLIDUS, SLASH
(:) 58 03/10 72 3A COLON
(;) 59 03/11 73 3B SEMICOLON
(<) 60 03/12 74 3C LESS-THAN SIGN, LEFT ANGLE BRACKET
(=) 61 03/13 75 3D EQUALS SIGN
(>) 62 03/14 76 3E GREATER-THAN SIGN, RIGHT ANGLE BRACKET
(?) 63 03/15 77 3F QUESTION MARK
(@) 64 04/00 100 40 COMMERCIAL AT SIGN
([) 91 05/11 133 5B LEFT SQUARE BRACKET
(\) 92 05/12 134 5C REVERSE SOLIDUS (BACKSLASH)
(]) 93 05/13 135 5D RIGHT SQUARE BRACKET
({) 123 07/11 173 7B LEFT CURLY BRACKET, LEFT BRACE
(}) 125 07/13 175 7D RIGHT CURLY BRACKET, RIGHT BRACE
列和格式取自here。
这里是Docs:
许多HTTP / 1.1标头字段值由用LWS [回车,换行,空格,水平制表符]或特殊字符分隔的单词组成。这些特殊字符必须在带引号的字符串中,才能在参数值(如section 3.6中定义)内使用。
token = 1*<any CHAR except CTLs or separators> separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <"> | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT