我的目标是从Chrome扩展程序中读取由SuccessFactors(SF)提供的odata api中的数据。
很遗憾,我无法使用chrome.identity.launchWebAuthFlow,因为SF正在使用SAML。
我在SF管理门户中注册了Oauth客户端,并生成了证书。我正在将私人证书与saml请求一起发送。
通过遵循本教程https://help.sap.com/viewer/d599f15995d348a1b45ba5603e2aba9b/1911/en-US/4e27e8f6ae2748ab9f23228dd6a31b06.html,我可以接收断言,但是每次尝试获取令牌本身时,我都会收到带有文本的401响应
Unable to verify the signature of the SAML assertion
您知道什么可能导致此问题吗?
编辑:代码示例
const apiKey = "<apikey>";
const privateKey ="<privatekey>";
const baseUrl = "https://api2.successfactors.eu";
const tokenPath = "/oauth/token";
const assertPath = "/oauth/idp";
const odataRoot = "/odata/v2"
let params = new URLSearchParams();
params.append("client_id", apiKey);
params.append("user_id", "<user>");
params.append("token_url", `${baseUrl}${tokenPath}`);
params.append("private_key", privateKey);
const headers = {
"Content-Type": "application/x-www-form-urlencoded"
};
let response = await fetch(`${baseUrl}${assertPath}`, {
method: "POST",
headers: headers,
body: params
});
const assertion = await response.text();
params = new URLSearchParams();
params.append("client_id", apiKey)
params.append("company_id", "<company>");
params.append("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer");
params.append("assertion", assertion);
response = await fetch(`${baseUrl}${tokenPath}`, {
method: "POST",
headers: headers,
body: params
});
const tokenData = await response.json();