我目前正在使用 SPA客户端设置身份服务器,并使用一些REST服务来使用来自的数据。
一切似乎都有效但我目前很难理解,为什么每个带有效/authorize
的API调用都会触发对身份服务器的HttpClient
端点的请求。
此按钮只是通过@angular/common/http
/login
实例调用我的REST API
这些按钮位于我的/login/callback
页面上。
身份服务器的回调设置为/authorize
。
/authorize
端点每次点击该按钮都会向302
端点发送请求,因此会将http /login/callback
重定向到access_token
页面。
请求仍然存在并且一切正常但是总会发生这种重定向。
我原本预计如果有效AccessTokenInterceptor
,这个请求是否有必要?
在OidcService
内,我打电话给UserManager
,getUser()
可以访问oidc-client库中的UserManager
。
由于某些原因,/authorize
上涉及access_token
的每个请求都会触发此@Injectable()
export class AccessTokenInterceptor implements HttpInterceptor {
constructor(private oidcService: OidcService) { }
intercept(request: HttpRequest<any>, next: HttpHandler):
Observable<HttpEvent<any>> {
return this.oidcService.getUser()
.mergeMap((user: User) => {
if (user) {
request = request.clone({
setHeaders: {
Authorization: `Bearer ${user.access_token}`
}
});
}
return next.handle(request);
});
}
}
请求,即使OPTIONS
仍然有效。我在这里错过了什么?
/authorize
我感谢您提供任何帮助,如果您需要更多代码示例,请与我们联系。
我打电话给#34;致电Api&#34;按钮,发出以下三个请求。
302
请求我的REST API。GET
请求(最终返回http {
"authority": "https://localhost:44327",
"client_id": "webClient",
"response_type": "id_token token",
"scope": "openid testclientapi testclientapi.read testclientapi.write",
"redirect_uri": "http://localhost:4200/login/callback",
"post_logout_redirect_uri": "http://localhost:4200/logout/callback",
"silent_redirect_uri": "http://localhost:4200/login/silentLogin",
"automaticSilentRenew": true,
"monitorSession": true,
"revokeAccessTokenOnSignout": true,
"loadUserInfo": true
}
并执行我想避免的重定向) new Client {
ClientId = "webClient",
ClientName = "myclient",
AllowedGrantTypes = GrantTypes.Implicit,
AccessTokenType = AccessTokenType.Reference,
AccessTokenLifetime = 60 * 60,
IdentityTokenLifetime = 30,
RequireConsent = false,
AllowOfflineAccess = true,
AllowAccessTokensViaBrowser = true,
ClientSecrets =
{
new Secret("XYZ)
},
AllowedCorsOrigins = new string[]
{
"http://localhost:4200",
},
RedirectUris =
{
"http://localhost:4200/login/callback",
"http://localhost:4200/login/silentLogin",
"http://localhost:4200/logout/callback",
},
PostLogoutRedirectUris =
{
"http://localhost:4200/logout/callback",
},
AllowedScopes =
{
IdentityServerConstants.StandardScopes.OpenId,
"testclientapi",
"testclientapi.read",
"testclientapi.write"
}
}
};
请求我打算做什么。Web应用程序 - UserManagerSettings
getUser() : Observable<User> {
return Observable.fromPromise(this.userManager.getUser())
}
Identity Server - 客户端配置
import sys
import os
from select import select
# -------------------------------------------------------------------------
# Set the pipe (fake stdin) to simulate a final key stroke
# which will unblock the select statement
readEnd, writeEnd = os.pipe()
readFile = os.fdopen(readEnd)
writeFile = os.fdopen(writeEnd, "w")
# -------------------------------------------------------------------------
def getKey():
# Wait for stdin or pipe (fake stdin) to be ready
dr,dw,de = select([sys.__stdin__, readFile], [], [])
# If stdin is the one ready then read it and return value
if sys.__stdin__ in dr:
return sys.__stdin__.read(1) # For Windows use ----> getch() from module msvcrt
# Must finish
else:
return None
# -------------------------------------------------------------------------
def breakStdinRead():
writeFile.write(' ')
writeFile.flush()
# -------------------------------------------------------------------------
# MAIN CODE
# Get key stroke
key = getKey()
# Keyboard input
if key:
# ... do your stuff with the key value
# Faked keystroke
else:
# ... use of stdin finished
# -------------------------------------------------------------------------
# OTHER THREAD CODE
breakStdinRead()
{{1}}