我在我的机器上安装了eJabberd 16.2。我试图通过Postman访问api。当我使用Basic Auth时,一切正常。
我设法通过页面获取令牌: http://localhost:5280/oauth/authorization_token?response_type=token&client_id=Client1&scope=get_roster+sasl_auth
但每次我尝试通过向请求标头添加和授权字段来访问带有令牌的api时,值为:“bearer s7rjU649vlnVZUzaGXDtNdLQ1I4r7V2R”,我收到错误代码32:“AccessRules:与令牌关联的帐户不有权进行操作。“
这是 eJabberd.yml 文件中的配置:
-
port: 5280
module: ejabberd_http
request_handlers:
"/http-bind": mod_http_bind
"/websocket": ejabberd_http_ws
#"/log": mod_log_http
# ##OAuth support:
"/oauth": ejabberd_oauth
# ##ReST API:
"/api": mod_http_api
## "/pub/archive": mod_http_fileserver
web_admin: true
http_bind: true
http_poll: true
register: true
captcha: false
commands_admin_access:
- allow:
- user: "admin@HASOON"
commands:
- add_commands: [user, admin, open]
oauth_expire: 3600
oauth_access: all
api_permissions:
- "Admin access":
- who:
- admin
- what:
- "*"
- "!stop"
我知道为什么我没有使用OAuth令牌。
答案 0 :(得分:0)
配置应该是:
-
port: 5280
module: ejabberd_http
request_handlers:
"/websocket": ejabberd_http_ws
"/oauth": ejabberd_oauth
"/api": ejabberd_http_api
web_admin: true
http_bind: true
## register: true
captcha: false
tls: true
certfile: "/opt/ejabberd-16.12/conf/server.pem"
commands_admin_access: configure
commands:
- add_commands:
- user
oauth_expire: 31536000
oauth_access: all
api_permissions:
- "Admin access":
- who:
- admin
- what:
- "*"
- "!stop"