Heimdall Swift验证每个请求失败

Question

我正在使用Heimdall https://github.com/rheinfabrik/Heimdall.swift来访问oauth2并对我自己的api进行身份验证，但我似乎无法验证我的第二个请求。有人看到我做错了。我几乎可以肯定第一个获取访问令牌的请求是正确的。因为我最终成功了。

我的代码：

@IBAction func loginTapped(sender : AnyObject) {
    let username = InputUsername.text
    let password = InputPassword.text

    let tokenURL = NSURL(string: "https://[my-domain]/oauth/v2/token")!

    var identifier = "my-id"
    var secret = "my-secret"

    let credentials = OAuthClientCredentials(id: identifier, secret: secret)

    let heimdall = Heimdall(tokenURL: tokenURL, credentials: credentials)

    heimdall.requestAccessToken(username: username, password: password) { result in
        switch result {
        case .Success:
            self.callUserInfo(heimdall)
        case .Failure(let error):
            println("failure: \(error.description)")
        }
    }

}

func callUserInfo(heimdall: Heimdall) {
    let urlPath = "https://my-domain/auth/info"
    let url: NSURL = NSURL(string: urlPath)!

    let session = NSURLSession.sharedSession()
    var request = NSMutableURLRequest(URL: url)

    heimdall.authenticateRequest(request, completion: { result in
        switch result {
        case .Success:
            let task = session.dataTaskWithRequest(request) { data, response, error in
                let json = JSON(data)
                println(response.description)
            }

            task.resume()
        case .Failure(let error):
            println("failure:")
        }
    })
}

但结果是：

<NSHTTPURLResponse: 0x7fd82a265ab0> { URL: https://[my-domain]/auth/info } { status code: 401, headers {
"Accept-Ranges" = bytes;
Age = 0;
"Cache-Control" = "no-store, private";
"Content-Length" = 78;
"Content-Type" = "application/json";
Date = "Sun, 16 Aug 2015 14:17:29 GMT";
Pragma = "no-cache";
Server = nginx;
Via = "1.1 varnish";
"Www-Authenticate" = "Bearer realm=\"Service\", error=\"access_denied\", error_description=\"OAuth2 authentication required\"";
"x-cache" = MISS;
"x-debug-token" = 6eea58;
"x-debug-token-link" = "/_profiler/6eea58";
"x-varnish" = 1051959467;
} }

Answer 1

似乎是我自己的API在承载身份验证方面采用不同方法的问题