带有jQuery Ajax错误的JWT令牌

时间:2018-03-20 15:29:16

标签: jquery ajax cors jwt

我正在尝试使用Ajax调用具有JWT的API(localhost),但我收到并且出错 我试过以下

$.ajax({

    url:'http://localhost:50298/api/Validate', 
        Method :'GET',
        dataType: 'json',
          beforeSend : function(xhr) {
            xhr.setRequestHeader("Accept", "application/json");
            xhr.setRequestHeader("Content-Type", "application/json");
            xhr.setRequestHeader("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1Njg0NDgsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAyOTgvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDI5OC8ifQ._HLLwRXoZksBSICPHQlLd-0r_uJJN_kmw2p78XOBfmw");
        },
        success: function (result) 
        { 
            console.log(result)
        },

        error: function Failed(result)
        { 
            console.log(result) 
        },

回复是404 Not Found

和请求标题是

OPTIONS /api/Validate HTTP/1.1
Host: localhost:50298
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36
Access-Control-Request-Headers: authorization,content-type
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8

我也尝试了以下内容

var settings = {
  "async": true,
  "crossDomain": true,
  "url": "http://localhost:50298/api/Validate",
  "method": "GET",
  "headers": {
    "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1NjMyMTcsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAyOTgvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDI5OC8ifQ.acp7NbeLt4LbaBevqeNa3z-BJQ-Xrej6-covNWLZcQQ",
    "Cache-Control": "no-cache",

  }
}

$.ajax(settings).done(function (response) {
  console.log(response);
});

但仍然出现相同的错误404找不到

如果我删除

xhr.setRequestHeader("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1Njg0NDgsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAyOTgvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDI5OC8ifQ._HLLwRXoZksBSICPHQlLd-0r_uJJN_kmw2p78XOBfmw");


 "headers": {
"Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1NjMyMTcsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAyOTgvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDI5OC8ifQ.acp7NbeLt4LbaBevqeNa3z-BJQ-Xrej6-covNWLZcQQ",
"Cache-Control": "no-cache",

}

我确实收到了401 Unauthorized错误,这是错误的。

API是.NET Core 2,它已经使用Post Man进行了测试,API没有问题。

P.S。我正在使用CORS chrome扩展来运行我的JS

欢迎任何帮助解决此问题

2 个答案:

答案 0 :(得分:1)

请你这样试试吗?检查它是否有效?

$.ajax({
    url: 'http://localhost:50298/api/Validate',
    headers: {
        'Accept':'application/json',
        'Content-Type':'application/json',
        'Authorization':'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MjE1Njg0NDgsImlzcyI6Imh0dHA6Ly9sb2NhbGhvc3Q6NTAyOTgvIiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo1MDI5OC8ifQ._HLLwRXoZksBSICPHQlLd-0r_uJJN_kmw2p78XOBfmw'
    },
    method: 'GET',
    dataType: 'json',
    success: function(data){
      console.log('succes: '+data);
    }
  });

每次都适合我。希望它适合你。

答案 1 :(得分:0)

在我的情况下,我从客户端调用Web API时采用了 404未找到,这是一种具有身份验证属性的方法。在我只用JWT实现了没有身份验证的服务器后,这个错误消失了,但是这次给了我 401错误,所以我注意到了, 如果您使用过诸如issuser听众之类的有效负载知识,则必须将此内容添加到存在的请求标头中,否则它就无法理解谁在调用api,并且不会做出使用。最后,我的客户消费者功能转换如下:

    request.post('https://localhost:44557/api/controller1/method1')
        .set('Authorization', 'Bearer '+ pgtoken.toString())
        .set('Accept', 'application/json')
        .set('Content-Type', 'application/json')
        .set('issuer', 'west-world.xxxxx.com')
        .set('Audience', 'yyyyy.xxxxxx.com')
        .send({ key: value, 
                key2: value2//etc...
        })
        .end(function(err, res){
            localStorage.setItem("result: ", res.text); 
        }
    );
相关问题
最新问题