Django oauth 工具包不适用于 apache

Question

我使用django restframework & django-oauth-toolkit
我在localhost 上测试我的代码，api 运行良好

这是响应头：

Allow → GET, POST, HEAD, OPTIONS
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:41:50 GMT
Server → WSGIServer/0.1 Python/2.7.10
Vary → Accept, Authorization, Cookie
X-Frame-Options → SAMEORIGIN

但是我用 apache 把项目放在虚拟机上
oauth 不起作用。我使用了正确的令牌，但得到了401 UNAUTHORIZED

{
  "detail": "Authentication credentials were not provided."
}

这是响应头：

Allow → GET, POST, HEAD, OPTIONS
Connection → Keep-Alive
Content-Length → 58
Content-Type → application/json
Date → Wed, 11 Nov 2015 09:40:37 GMT
Keep-Alive → timeout=5, max=100
Server → Apache/2.4.6 (CentOS) mod_wsgi/3.4 Python/2.7.5
Vary → Accept,Authorization
WWW-Authenticate → Bearer realm="api"
X-Frame-Options → SAMEORIGIN

为什么会这样？？？ 请指导我

settings.py

OAUTH2_PROVIDER = {
    'SCOPES': {'read': 'Read scope', 'write': 'Write scope', 'groups': 'Access to your groups'},
}


AUTHENTICATION_BACKENDS = (
    'django.contrib.auth.backends.ModelBackend',
    'oauth2_provider.backends.OAuth2Backend',
)


REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'oauth2_provider.ext.rest_framework.OAuth2Authentication',
    )
}

Answer 1

如果您使用的是 mod_wsgi，您可能需要在某处添加：

WSGIPassAuthorization On

在 AWS elasticbeanstalk 中，修补 apache 配置的一种肮脏方式是将此命令添加到您的 .ebextensions/your-environemnt.conf：

commands:
  00_WSGIPassAuthorization:
    command: sed -i.bak '/WSGIScriptAlias/ aWSGIPassAuthorization On' config.py
    cwd: /opt/elasticbeanstalk/hooks

很脏，因为每次重新加载服务器时它都会添加一行。

相关Authorization Credentials Stripped --- django, elastic beanstalk, oauth