我正在使用Hmac在Apigility中实施授权。基本上我是使用这个家伙和服务器(https://github.com/reinaldoborges/rb-sphinx-hmac-zf2-client)的classe。
现在,在向我的Api发送GET之前,我已经有了这段代码。
$hmac = new HMAC(
new HMACv0(),
new PHPHash('sha256'),
new StaticKey('[PRE-SHARED KEY]'),
new DummyNonce()
);
$hmac->setKeyId('certkey');
$hmac->setNonceValue('certNonce');
$uri = "http://apicert.local/certificados";
$cliente = new HMACHttpClient($uri);
$cliente->setMethod('GET');
$cliente->setHmac($hmac);
try {
$cliente->send();
/**
* Resposta
*/
echo "Request HMAC Header:", PHP_EOL; **I'm asking for a Reply using HMAC-Authorization type of header **
echo ' ', HMACHttpClient::HEADER_NAME, ' = ', $cliente->getHeader(HMACHttpClient::HEADER_NAME), PHP_EOL, PHP_EOL;
} catch (Exception $e) {
/**
* ERRO
*/
echo "##### ERRO #####", PHP_EOL;
echo $e->getCode(), ' : ', $e->getMessage(), PHP_EOL;
echo "##### ERRO #####", PHP_EOL, PHP_EOL;
}
$response = $cliente->getResponse();
echo "Response Status Code: ", $response->getStatusCode(), PHP_EOL, PHP_EOL;
echo "Response Headers: ";
print_r($response->getHeaders()->toArray());
echo PHP_EOL;
echo "Response Cookies:", PHP_EOL;
$cookies = $response->getCookie();
foreach ($cookies as $cookie) {
echo ' ', $cookie->toString(), PHP_EOL;
}
echo PHP_EOL;
echo "Response Body:", PHP_EOL;
echo $response->getBody();
echo PHP_EOL, PHP_EOL;
我收到406状态代码,提到这种标头是不可接受的。我试图添加内容协商白名单,但没有这个选项。我怎样才能从服务器接收授权?
请求HMAC标头:HMAC-Authentication = 1:certkey:certNonce:f9c9edcda43df5c466e54449f31900a6f9387afa32168327a0873a69b023abef响应状态码:406响应标头:数组([日期] =>周四,2016年8月11日23:55:33 GMT [服务器] =&gt ; Apache / 2.4.7(Ubuntu)[Access-Control-Max-Age] => 1000 [Access-Control-Allow-Headers] => X-Requested-With,Content-Type,Origin,Authorization,Accept, Client-Security-Token,Accept-Encoding [Access-Control-Allow-Methods] => POST,GET,OPTIONS,DELETE,PUT [Access-Control-Allow-Origin] => * [Content-Length] => ; 149 [连接] =>关闭[Content-Type] =>应用程序/问题+ json)响应Cookie:响应正文:{" type":" http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html&# 34;," title":" Not Acceptable"," status":406," detail":"不能接受Accept类型指定"}
答案 0 :(得分:0)
您必须创建新的授权类型。 在APigility ui中,顶部有一个名为Authorization的按钮。 在这里,您可以添加所需的任何授权适配器。如果你愿意,甚至是hmac适配器。
我个人用它来创建一个jwt适配器。
现在,此适配器应扩展ZF\MvcAuth\Authentication\AdapterInterface
。
我还将此适配器添加到我的服务管理器。