如何使用WSO2 API Manager发送授权令牌

huangapple go评论53阅读模式
英文:

How to Send Authorization Token Using WSO2 API Manager

问题

我最近开始使用WSO2 API管理器。我成功导入了一个现有的API,该API要求将Bearer令牌包含在标头中以进行身份验证。但我似乎找不到在API管理器中包含Bearer令牌的方法,因此导致401未授权错误。您能帮助我解决这个问题吗?提前谢谢。

我仍在尝试使用以下方式发送Bearer令牌。

请参见这里

关于我向Lakshitha提出的问题

关于我向Lakshitha提出的问题

添加自定义身份验证标头时显示的错误

英文:

I recently got started with wso2 api manager. I managed to import an existing api which requires a bearer token to be included in the header as a way of authentication. I can not seem to find a way to include the bearer token in the API Manager therefore getting an 401 unauthorized error as a result. Can you help me resolve this Please. Thank you in advance.

I am still trying to send the bearer token using this.

See Here

Regrding the Question I ASked From Lakshitha

Regrding the Question I ASked From Lakshitha

Error Shown when adding the custom auth header

答案1

得分: 0

如果您想了解如何使用API,可以查看文档。

如果您想将Bearer令牌传递给后端,请将以下配置添加到<API-M_HOME>/repository/conf/deployment.toml

[apim.oauth_config]
enable_outbound_auth_header = true

如果您想发送自定义令牌,请查看

英文:

If you are asking how to consume an API, take a look at this and this documents.

curl -H &quot;Authorization: Bearer &lt;access-token&gt;&quot; -H &quot;accept: application/json&quot; &quot;https://&lt;server-IP&gt;:&lt;port&gt;/pizzashack/1.0.0/menu&quot; -k -v

If you want to pass the Bearer token to the backend, add the following config to &lt;API-M_HOME&gt;/repository/conf/deployment.toml.

[apim.oauth_config]
enable_outbound_auth_header = true

If you want to send a custom token, take a look at this.

答案2

得分: 0

如果您需要此承载令牌用于验证后端API,您有三个选项。

  1. 使用OAuth2安全的端点。在这里,API管理器使用提供的配置生成后端请求的授权标头,如令牌URL、客户端ID、密钥和授权类型。
  2. 将后端授权标头与原始请求一起发送。在这种方法中,如果API从API管理器公开,您将不得不在API管理器层中对请求进行身份验证(如果需要,您可以禁用安全性并省略此操作),第一个授权标头用于身份验证API管理器中的请求,第二个授权标头用于后端。在这种情况下,由于您不能使用相同的标头名称Authorization来使用两个标头,您需要将API管理器验证标头名称更改为不同的值(例如:apim-auth-header)。这样,您的原始请求将具有两个标头。apim-auth-header:Bearer &lt;Token&gt;Authorization:Bearer &lt;Token&gt;
  3. 使用自定义调解序列生成后端令牌并与后端请求一起发送。您可以找到多个示例实现,例如此博客

编辑:

通过在试用控制台中添加新标头,可以通过编辑API的API定义来实现。您可以从发布者控制台中的API配置下编辑定义。您需要将新的标头参数添加到您选择的路径,这将在devportal的试用控制台中添加一个新字段,如下所示。在调用时,您可以从UI中添加令牌并调用。

如何使用WSO2 API Manager发送授权令牌如何使用WSO2 API Manager发送授权令牌

英文:

If you need this bearer token to authenticate the backend API, you have three options.

  1. Use OAuth2 secured endpoints. Here API manager generate the backend request authorization header using the provided configurations such as token URL, client ID,secret and the grant type.
  2. Send the backend authorization header with the original request. In this approach, you will have to authorization headers if the API exposed from API Manager. First authorization header will be used to authenticate the request in the API Manager layer (If needed you can disable security and omit this) and the second auth header is for the back end. In this scenario, since you cannot have two headers with same header name Authorization, you need to change the API Manager validating header name to a different value (Eg: apim-auth-header). This way, your original request will have two headers. apim-auth-header : Bearer &lt;Token&gt; and Authorization : Bearer &lt;Token&gt;.
  3. Using custom mediation sequence to generate the backend token and send with the backend request. You can find multiple sample implementations such as this blog.

Edit:

Adding a new header via the tryout console can be achieved by editing the API definition of the API. You can edit the definition from the publisher console under the API configurations. You need to add a new header parameter to the path of your choice and this will add a new field in the tryout console of the devportal as below. When invoking, you can add the token from the UI and invoke.

如何使用WSO2 API Manager发送授权令牌如何使用WSO2 API Manager发送授权令牌

huangapple
  • 本文由 发表于 2023年3月7日 19:34:58
  • 转载请务必保留本文链接:https://go.coder-hub.com/75661458.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定