将令牌从Angular2发送到java过滤器的问题

时间:2017-03-18 14:54:46

标签: java spring angular http-headers angular2-services

我尝试通过服务HTTP的GET方法发送令牌但是请求头没有auth-token的值(令牌存储在浏览器localStorage中用于身份验证控件)

以下是请求的标题:

Accept:*/* Accept-Encoding:gzip, deflate, sdch, br Accept-Language:pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4 Access-Control-Request-Headers:auth-token, content-type Access-Control-Request-Method:GET Connection:keep-alive Host:localhost:7005 Origin:http://localhost:4200 Referer:http://localhost:4200/ User-Agent:Mozilla/5.0 (Windows NT
6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

我需要使用Access-Control-Request-Headers参数进行身份验证,以获取对auth-token值的访问权限:

下面是我的代码(角度2)

代码:

    export class BaseProvider {
        protected static HOST: string = 'http://localhost:7005/'
        protected static BASE_API: string = 'context';

         protected headers = new Headers({
            'Content-Type': 'application/json',
            'auth-token': localStorage.getItem('user-token')
        });

     protected options = new RequestOptions({ headers: this.headers });

     protected static getBaseAPI(): string {
        return this.HOST + this.BASE_API;
    }
}

@Injectable()
export class MyService extends BaseProvider {

  constructor(private http: Http) {
    super();
  }

  public findByName(obj: MyModel): Observable<Array<MyModel>> {
    let params: URLSearchParams = new URLSearchParams();
    params.set('name', obj.name);
    this.options.search = params;

    return this.http.get(BaseProvider.getBaseAPI() + myUrl, this.options)
      .map((res: Response) => res.json()
      ).catch((error: any) => Observable.throw(error.json().error || 'Error!'));
  }
}

下面是我的代码(Java中的WebFilter)

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.filter.GenericFilterBean;

@WebFilter(urlPatterns = "/*" )
public class LoginFilter extends GenericFilterBean {
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        final HttpServletRequest httpRequest = (HttpServletRequest) request;
        final HttpServletResponse httpResponse = (HttpServletResponse) response;
        final String authHeaderVal = httpRequest.getHeader("auth-token");

        if (null == authHeaderVal) {
            throw new ServletException("Not authorized.");
        }

        // more code ...    

        }
    }
}

&#34; authHeaderVal&#34; Java代码的变量没有填充令牌,因为&#34; auth-token&#34;是空的。

如果没有LoginFilter类,请求会像这样到达:

Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4
auth-token:eyJhbGciOiJIUzUxMiJ9.eyJqdGkiOiJkOTkzOWE0NS05Mzg5LTQ1MGItODE2Yy0yMjE1OWJhODdjZDMiLCJzdWIiOiJnYWJyaWVsIiwicm9sZSI6IjEiLCJpYXQiOjE0ODk2OTk5MjUsImV4cCI6MTQ4OTc4NjMyNX0.NdqdinX7S2mzO9wGVBw-JoUKQ7G2TQxQyQ3QrFg6Ckwc9A9Z63iw6R1JOPQ5ZO1yWpVPVvy_NS-wBqNRK03IiA
Cache-Control:no-cache
Connection:keep-alive
Content-Type:application/json
Host:localhost:7005
Origin:http://localhost:4200
Pragma:no-cache
Referer:http://localhost:4200/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

我需要请求到达过滤器。

0 个答案:

没有答案