我正在尝试使用NSURLConnection,OAuth2 Bearer令牌和HTTPS访问Django站点上的受保护资源。我收到一个令牌,然后我将其附加到GET参数,POST参数或标头。我可以访问那些响应GET参数的URL:s。但是当我尝试使用POST访问URL时,服务器返回403,其中包含一条自定义错误消息,指出没有包含令牌的header / post参数。我尝试了几种解决方案和HTTP库。 This方法使用AFNetworking,我试过了。我们甚至更改了授权以接受替代标题,因为警告苹果不喜欢修改"授权"头。我目前的代码如下所示:( scheme == @" https")
-(void) logOut {
NSString *pget = @"/api/logout/";
NSString *path = [pget stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSString *absolutePath = [NSString stringWithFormat:@"%@://%@%@", scheme, host, path];
NSURL *url = [NSURL URLWithString:absolutePath];
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:url cachePolicy:NSURLRequestReloadIgnoringLocalCacheData timeoutInterval:30.0];
NSString *authValue = [NSString stringWithFormat:@"Bearer %@", accessToken];
[urlRequest setValue:authValue forHTTPHeaderField:@"Authorization_Extra"];
[urlRequest setValue:@"application/x-www-form-urlencoded; charset=utf-8" forHTTPHeaderField:@"content-type"];
[urlRequest setHTTPMethod: @"POST"];
/*
NSString *post = [NSString stringWithFormat:@"access_token_extra=%@", accessToken];
NSData *postData = [post dataUsingEncoding:NSASCIIStringEncoding];
NSString *postLength = [NSString stringWithFormat:@"%lu", (unsigned long)[postData length]];
[urlRequest setValue:postLength forHTTPHeaderField:@"Content-Length"];
[urlRequest setHTTPBody:postData];
*/
NSDictionary* headers = [urlRequest allHTTPHeaderFields];
NSLog(@"headers: %@",headers);
_originalRequest = urlRequest;
NSURLConnection* connection = [[NSURLConnection alloc] initWithRequest:urlRequest delegate:self startImmediately:NO];
[connection start];
}
#pragma mark NSURLConnection Delegate Methods
- (NSURLRequest *)connection: (NSURLConnection *)connection
willSendRequest: (NSURLRequest *)request
redirectResponse: (NSURLResponse *)redirectResponse;
{
if (redirectResponse) {
// we don't use the new request built for us, except for the URL
NSURL *newURL = [request URL];
NSMutableURLRequest *newRequest = [_originalRequest mutableCopy];
[newRequest setURL: newURL];
NSLog(@"New Request headers: %@", [newRequest allHTTPHeaderFields]);
return newRequest;
} else {
return request;
}
}
- (void)connection:(NSURLConnection *)connection didReceiveResponse:(NSHTTPURLResponse *)response {
NSLog(@"Received response statuscode: %ld", (long)[response statusCode]);
responseData = [[NSMutableData alloc] init];
}
- (void)connection:(NSURLConnection *)connection didReceiveData:(NSData *)data {
[responseData appendData:data];
}
- (NSCachedURLResponse *)connection:(NSURLConnection *)connection
willCacheResponse:(NSCachedURLResponse*)cachedResponse {
return nil;
}
- (void)connectionDidFinishLoading:(NSURLConnection *)connection {
NSLog(@"connection finished:");
[_delegate handleData:responseData];
}
_Delegate handleData解析响应,自定义响应总是缺少Bearer令牌所需的header或post参数。 似乎即使我在每个重定向上用原始的可变副本替换请求,标题/参数仍然被NSURLConnection剥离。但是为什么以及如何,因为我每次都会发送原始请求的副本,并通过记录他们在那里进行验证?