我正在尝试与URL(python客户端)建立websocket连接,该URL需要传入jwt令牌,服务器(在GO中实现)侦听此请求,并且应该通过解析令牌进行身份验证。
我尝试使用这部分代码来发出请求 -
def test_auth_token(token)
conn = create_connection("ws://<IP>:port"+ '/'+ container.uuid + '?token='+token)
result = conn.recv()
assert result is not None
此请求命中运行此代码的服务器以验证此请求
func ParseFromRequest(req * http.Request,keyFunc Keyfunc)(token * Token,err error){
// Look for an Authorization header
if ah := req.Header.Get("Authorization"); ah != "" {
// Should be a bearer token
if len(ah) > 6 && strings.ToUpper(ah[0:6]) == "BEARER" {
return Parse(ah[7:], keyFunc)
}
}
// Look for "access_token" parameter
req.ParseMultipartForm(10e6)
if tokStr := req.Form.Get("access_token"); tokStr != "" {
return Parse(tokStr, keyFunc)
}
return nil, ErrNoTokenInRequest
}
每次,我都会得到&#34; ErrNoTokenInRequest&#34;输出尽管我将令牌作为查询参数传递。服务器端令牌验证由此外部库完成,该库包含上述GO例程 - https://github.com/dgrijalva/jwt-go/blob/master/jwt.go
我不确定,服务器找不到我客户端发送的令牌的可能原因是什么?它应该作为有效载荷或标题或其他东西发送?有人可以指出让这个模块工作吗?
使用&#34; access_token&#34;作为查询参数我得到这个例外 -
self = <websocket._core.WebSocket object at 0x10a15a6d0>
host = 'x.x.x.x.', port = 9345
resource = '/v1/stats/fff51e85-f2bb-4ace-8dcc-fde590932cca?access_token=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MjIxMzEyMzUsInN1YiI6ImNh...vxvBmtZRrUTY5AcvrjbojXqLxFHL_CMsmTZfTXhOiy-7W2V95bqts2Wy4R8oQvsfDylYJWCBTzZNKHvPVFpcl0jQKLm1ms-LOJg1w-k23VfojZucPGtY5A'
options = {}
headers = ['GET /v1/stats/fff51e85-f2bb-4ace-8dcc-fde590932cca?access_token=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MjIxMzEyMzUsInN1YiI... 'Host: x.x.x.x.:9345', 'Origin: http://x.x.x.x.:9345', 'Sec-WebSocket-Key: BN1n2BcCT/CUGh9MHeyL5g==', ...]
key = 'BN1n2BcCT/CUGh9MHeyL5g=='
header_str = 'GET /v1/stats/fff51e85-f2bb-4ace-8dcc-fde590932cca?access_token=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE0MjIxMzEyMzUsInN1YiI6...3:9345
Origin: http://192.168.59.103:9345
Sec-WebSocket-Key: BN1n2BcCT/CUGh9MHeyL5g==
Sec-WebSocket-Version: 13
答案 0 :(得分:1)
很简单,服务器不期望令牌作为查询参数被移交,而是期望它被包含在请求的头部中。
使用https://github.com/liris/websocket-client
中的websocket库的示例def test_auth_token(token)
header="Authorization: BEARER " + str(token)
conn = create_connection("ws://<IP>:port"+ '/'+ container.uuid", header)
result = conn.recv()
assert result is not None