我是开发Web服务的初学者,我有一个带有节点js和模块解析的服务器,我想使用模块OAuth2-restify添加身份验证。但是当我努力准备获取令牌的请求时。我使用节点restify客户端来发出请求。请有人给我一些例子。文件说
如果Authorization标头中提供了有效的令牌,则req.username是真实的 令牌端点,完全由Restify-OAuth2管理。它为给定的客户端ID /客户端密钥/用户名/密码组合生成令牌。 但我怎么得到一个令牌?这是documentacion https://github.com/domenic/restify-oauth2 当我测试服务宽度一个restify-client我得到这个错误 {“error”:“invalid_request”,“error_description”:“必须提供正文。”}
here is my code:
--------------------------------------Server--------------------------------
var SERVER_PORT = 8800;
var restify = require('restify');
var server = restify.createServer({
name: "Example Restify-OAuth2 Client Credentials Server",
//version: require("../../package.json").version,
formatters: {
"application/hal+json": function (req, res, body) {
return res.formatters["application/json"](req, res, body);
}
}
});
server.use(restify.authorizationParser());
server.use(restify.queryParser());
server.use(restify.bodyParser({ mapParams: false }));
var restifyOAuth2 = require("restify-oauth2");
var hooks = require("./hooks");
restifyOAuth2.cc(server, { tokenEndpoint:"/token", hooks: hooks });
//server.use(restify.acceptParser(server.acceptable));
var handlers = require('./handlers');
handlers.setHandlers(server);
server.listen(SERVER_PORT);
--------------------------------------handlers--------------------------------
module.exports = {
setHandlers: function(server)
{
var restify = require('restify');
var token=function(req,res,next) {
owner=req.body.owner;
password=req.password.owner;
if(req.username)
res.send({result:"sucess"});
}
server.get("/token",token);
}
}
-----------------------------client restify for test services--------------------------------
var restify = require('restify');
var client = restify.createJsonClient({
url: 'http://localhost:8800',
version: '*'
});
client.post('/token', { client_id: 'officialApiClient',client_secret: officialApiClient'}, function(err, req, res, obj) {
//assert.ifError(err);
//console.log('%d -> %j', res.statusCode, res.headers);
console.log('%j', obj);
});
答案 0 :(得分:0)
尝试使用以下参数为您的请求添加POST正文:
grant_type = client_credentials
答案 1 :(得分:0)
您已使用基本身份验证向“令牌”端点发送POST请求,并且正如Jordy所说添加grant_type参数:
POST /oauth/token
Authorization: Basic Y2xpZW50SWQ6c2VjcmV0
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
grant_type=client_credentials