【发布时间】:2017-02-17 00:27:31
【问题描述】:
我已在 https://auth0.com/docs/quickstart/backend/hapi 下载了 Node/Hapi 快速入门,其中包含我预先填写的数据。
我能够运行节点服务器并访问/public 端点。当我尝试访问 /private 端点(通过 POSTMAN)时,出现以下错误:
{
"statusCode": 401,
"error": "Unauthorized",
"message": "Missing authentication"
}
为了获取访问令牌,我使用以下负载向https://<My Account>.auth0.com/oauth/ro 发出请求:
{
"client_id": "<My Client ID>",
"username": "<My Username>",
"password": "<My Password>",
"connection": "Username-Password-Authentication",
"grant_type": "password",
"scope": "openid name email"
}
返回包含我的访问令牌的响应:
{
"id_token": <Id Token>,
"access_token": <Access Token>,
"token_type": "bearer"
}
我现在尝试使用我的访问令牌在 Authorization 标头中传递 /private 端点,如下所示:
GET /private HTTP/1.1
Host: <My Machine Name>:8000
Authorization: Bearer <Access Token>
Content-Type: application/json
Cache-Control: no-cache
Postman-Token: 87dd4307-2a1c-b36e-0377-129cf60b676d
返回以下错误:
{
"statusCode": 400,
"error": "Bad Request",
"message": "Bad HTTP authentication header format"
}
我尝试了很多东西,但无法超越这一点。任何帮助将不胜感激。
环境规格:
- 节点 v6.5.0
- Npm v3.10.6
- hapi: ^15.1.1
- hapi-auth-jwt: ^4.0.0
谢谢, 哲那罗
【问题讨论】: