当我使用(请求目标)发出API请求时,它不起作用。好吧,API文档要求我这样做。有谁知道如何将(请求目标)集成到此API请求中?
标头中的'request-target'有效,但'(request-target)'不起作用(如果API文档正确,应该如何处理)。
var key = fs.readFileSync(path.resolve('./backend/ssl/ING/example_client_tls.key'));
var cert = fs.readFileSync(path.resolve('./backend/ssl/ING/example_client_tls.cer'));
var key2 = fs.readFileSync(path.resolve('./backend/ssl/ING/example_client_signing.pem'));
var cert2 = fs.readFileSync(path.resolve('./backend/ssl/ING/example_client_signing.cer'));
var options = {
url: 'https://api.ing.com/oauth2/token',
method: 'POST',
agentOptions: {
host: 'api.ing.com',
cert: cert,
key: key
},
headers: {
'content-type': 'application/x-www-form-urlencoded',
'(request-target)': 'post /oauth2/token',
'date': Date.now(),
'digest': 'SHA-256=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='
}
};
var req = request(options, function(req, res, next) {
//console.log(res);
console.log(res.statusCode);
});
httpSignature.sign(req, {
key: key,
keyId: 'SN=8296291D8E4661EF,CA=CN=example_client_signing,OU=IT Department,O=Sample Org',
algorithm: 'rsa-sha256',
headers: (['(request-target)', 'date', 'digest']),
signature: key2
});
req.end();
RFC在链接中对其进行了如下描述: https://tools.ietf.org/html/draft-cavage-http-signatures-10#section-2.3