去测试验证 connect2id 给出“invalid_client”错误
我正在尝试使用 Go 测试验证Connect2id设置,但出现以下错误。
"Client authentication failed: Missing client authentication","error":"invalid_client"
完整的场景输出如下所示。
Feature: Test Identity Provider
Scenario: # features/idp.feature:3
Given identity provider 'hf1-idp.json' # main_test.go:72 -> *Scaffold
When I request an access token as 'cc_test' # main_test.go:83 -> *Scaffold
oauth2: cannot fetch token: 401 Unauthorized
Response: {"error_description":"Client authentication failed: Missing client authentication","error":"invalid_client"}
Then the token should have a claim 'scope' # main_test.go:92 -> *Scaffold
And the token should have a claim 'sub' with value 'dips-mra' # main_test.go:106 -> *Scaffold
And the token should have a claim 'hso:userid' with value 'dips-mra' # main_test.go:106 -> *Scaffold
我的hf1-idp.json文件如下所示。
{
"kind": "PING",
"issuer": "https://my.issuer.com/c2id",
"insecure": true,
"clients": {
"cc_test": {
"flow": "clientcredentials",
"id": "clientId",
"secret": "",
"scopes": ["openid", "solr"],
"values": {
"resource": ["https://my.solrnode1.com/solr/", "https://my.solrnode2.com/solr/"]
}
},
Connect2id 在设置环境中工作正常。例如,当我使用正确的值运行以下 Curl 命令时,我得到了预期的结果
curl -k -s -H "Content-Type: application/json" -XPOST https://my.issuer.com/c2id/direct-authz/rest/v2 \
-H "Authorization: Bearer ztucBearerToken" \
-d '{
"sub_session" : { "sub" : "alice" },
"client_id" : "clientId",
"scope" : [ "openid", "solr" ],
}'
使用以下代码更新
main_test.go
func (sc *Scaffold) readIdentityProvider(filename string) error {
idp, err := idp.ReadIdentityProvider(context.Background(), "testdata/"+filename)
// More code goes here
}
眼眸繁星1回答
-
ibeautiful
您在请求中缺少 Bearer 令牌。(https://connect2id.com/products/server/docs/integration/direct-authz#error-401)当您卷曲时,您使用 -H 参数添加授权承载令牌 -H "Authorization: Bearer ztucBearerToken"你需要在你的 Go 应用程序中做同样的事情。func NewProvider(ctx context.Context, issuer string) (*Provider, error) { wellKnown := strings.TrimSuffix(issuer, "/") + "/direct-authz/rest/v2" req, err := http.NewRequest("POST", wellKnown, nil) bearer := "Bearer ztucBearerToken" req.Header.Add("Authorization", bearer) if err != nil { return nil, err } resp, err := doRequest(ctx, req) // Herer I get 401 Unauthorized if err != nil { return nil, err }// More code goes here}一些支持性事实类似的 SO 讨论在这里。为了摆脱400 Bad Request: {"error_description":"Bad request: Invalid JSON: Unexpected token at position 0.","error":"invalid_request"}您需要做的是传递必要的请求正文,如下所示。req, err := http.NewRequest("POST", wellKnown, bytes.NewBuffer(bytesRepresentation))有关更多信息,请访问与net/http相关的 Golang 文档
随时随地看视频慕课网APP
相关分类
Go