我正在尝试使用 Go 测试验证Connect2id设置,但出现以下错误。"Client authentication failed: Missing client authentication","error":"invalid_client"完整的场景输出如下所示。Feature: Test Identity Provider Scenario: # features/idp.feature:3 Given identity provider 'hf1-idp.json' # main_test.go:72 -> *Scaffold When I request an access token as 'cc_test' # main_test.go:83 -> *Scaffold oauth2: cannot fetch token: 401 UnauthorizedResponse: {"error_description":"Client authentication failed: Missing client authentication","error":"invalid_client"} Then the token should have a claim 'scope' # main_test.go:92 -> *Scaffold And the token should have a claim 'sub' with value 'dips-mra' # main_test.go:106 -> *Scaffold And the token should have a claim 'hso:userid' with value 'dips-mra' # main_test.go:106 -> *Scaffold我的hf1-idp.json文件如下所示。{ "kind": "PING", "issuer": "https://my.issuer.com/c2id", "insecure": true, "clients": { "cc_test": { "flow": "clientcredentials", "id": "clientId", "secret": "", "scopes": ["openid", "solr"], "values": { "resource": ["https://my.solrnode1.com/solr/", "https://my.solrnode2.com/solr/"] } },Connect2id 在设置环境中工作正常。例如,当我使用正确的值运行以下 Curl 命令时,我得到了预期的结果curl -k -s -H "Content-Type: application/json" -XPOST https://my.issuer.com/c2id/direct-authz/rest/v2 \ -H "Authorization: Bearer ztucBearerToken" \ -d '{ "sub_session" : { "sub" : "alice" }, "client_id" : "clientId", "scope" : [ "openid", "solr" ],}'使用以下代码更新main_test.gofunc (sc *Scaffold) readIdentityProvider(filename string) error { idp, err := idp.ReadIdentityProvider(context.Background(), "testdata/"+filename)// More code goes here}
1 回答
ibeautiful
TA贡献1993条经验 获得超6个赞
您在请求中缺少 Bearer 令牌。(https://connect2id.com/products/server/docs/integration/direct-authz#error-401)当您卷曲时,您使用 -H 参数添加授权承载令牌 -H "Authorization: Bearer ztucBearerToken"
你需要在你的 Go 应用程序中做同样的事情。
func NewProvider(ctx context.Context, issuer string) (*Provider, error) {
wellKnown := strings.TrimSuffix(issuer, "/") + "/direct-authz/rest/v2"
req, err := http.NewRequest("POST", wellKnown, nil)
bearer := "Bearer ztucBearerToken"
req.Header.Add("Authorization", bearer)
if err != nil {
return nil, err
}
resp, err := doRequest(ctx, req) // Herer I get 401 Unauthorized
if err != nil {
return nil, err
}
// More code goes here
}
一些支持性事实
类似的 SO 讨论在这里。
为了摆脱
400 Bad Request: {"error_description":"Bad request: Invalid JSON: Unexpected token at position 0.","error":"invalid_request"}
您需要做的是传递必要的请求正文,如下所示。
req, err := http.NewRequest("POST", wellKnown, bytes.NewBuffer(bytesRepresentation))
有关更多信息,请访问与net/http相关的 Golang 文档
- 1 回答
- 0 关注
- 332 浏览
添加回答
举报
0/150
提交
取消