我使用django restframework
& django-oauth-toolkit
我在localhost
上测试我的代码,api效果很好
这是响应标题:
Allow → GET, POST, HEAD, OPTIONS
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:41:50 GMT
Server → WSGIServer/0.1 Python/2.7.10
Vary → Accept, Authorization, Cookie
X-Frame-Options → SAMEORIGIN
但我把项目放在带有apache的虚拟机上
oauth不起作用。我使用了正确的令牌,但获得了401 UNAUTHORIZED
{
"detail": "Authentication credentials were not provided."
}
这是响应标题:
Allow → GET, POST, HEAD, OPTIONS
Connection → Keep-Alive
Content-Length → 58
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:40:37 GMT
Keep-Alive → timeout=5, max=100
Server → Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
Vary → Accept,Authorization
WWW-Authenticate → Bearer realm="api"
X-Frame-Options → SAMEORIGIN
为什么会发生这种情况? 请指导我
settings.py
OAUTH2_PROVIDER = {
'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'},
}
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'oauth2_provider.backends.OAuth2Backend',
)
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': (
'oauth2_provider.ext.rest_framework.OAuth2Authentication',
)
}
答案 0 :(得分:1)
如果您使用的是mod_wsgi,则可能需要在某处添加:
WSGIPassAuthorization On
在AWS elasticbeanstalk中修补apache配置的一种肮脏方式是将此命令添加到.ebextensions/your-environemnt.conf
:
commands:
00_WSGIPassAuthorization:
command: sed -i.bak '/WSGIScriptAlias/ aWSGIPassAuthorization On' config.py
cwd: /opt/elasticbeanstalk/hooks
脏,因为每次重新加载服务器时都会添加一行。
相关Authorization Credentials Stripped --- django, elastic beanstalk, oauth