升级后的Dart HttpClient具有基本身份验证问题 [英] Dart HttpClient with Basic Authentication issues after flutter upgrade
问题描述
大量浏览和阅读文档后,我遇到了这个 answer ,
After a lot of browsing and reading docs, I came across this answer, which worked until I upgraded flutter.
我当前的问题是凭据无法到达我的服务器。
IntelliJ错误:
My current issue is that the credentials do not reach my server. IntelliJ error:
I/FlutterActivityDelegate( 6944): onResume setting current activity to this
D/EGL_emulation( 6944): eglMakeCurrent: 0xa7f852a0: ver 2 0 (tinfo 0xa7f83250)
I/flutter ( 6944): doing login with credentials:: W and T
I/flutter ( 6944): my_response is:: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
I/flutter ( 6944): <title>429 Too Many Requests</title>
I/flutter ( 6944): <h1>Too Many Requests</h1>
I/flutter ( 6944): <p>1 per 1 minute</p>
E/flutter ( 6944): [ERROR:topaz/lib/tonic/logging/dart_error.cc(16)] Unhandled exception:
E/flutter ( 6944): type '(Exception) => void' is not a subtype of type '(Object) => FutureOr<dynamic>'
该请求的服务器输出为:
My server output for the request is:
credentials:: -
192.168.1.175 - - [12/May/2018 10:56:23] "GET /users/login HTTP/1.1" 401 -
192.168.1.175 - - [12/May/2018 10:56:23] "GET /users/login HTTP/1.1" 429 -
LE:凭据::-是在服务器身份验证级别完成的打印。
LLE:卷曲请求正常工作
LE: the "credentials:: - " is a print done in the authentication level of the server. LLE: a curl request is working just fine
curl -u 123456:password http://localhost:5000/users/login
{
"is_logged_in": true,
"last_login": 1525980360
}
响应为:
credentials:: 123456 - password
127.0.0.1 - - [12/May/2018 13:00:50] "GET /users/login HTTP/1.1" 200 -
我使用的代码与上面提供的链接完全相同。
I am using the exact same code as in the link provided above.
推荐答案
以下是总结性回答,将评论中的讨论总结了出来。
Here's a summary answer wrapping up the discussion in the comments.
看来,太多请求错误可能是由HTTP客户端与需要授权的服务器通信的典型行为触发的。
It seems like the Too Many Requests error may have been triggered by the typical behaviour of HTTP client talking to server that requires authorization.
GET ->
<- 401 Unauthorized + scheme + realm (and nonce if applicable)
GET with Authorization header ->
<- 200 OK (if credentials are valid)
似乎服务器可能
但是,curl的请求成功了,可能是因为curl抢先向Authorization标头发送了第一个GET,而不是等待401询问。只要授权方案为 Basic ,就可以执行此操作,因为它不需要来自服务器的任何信息。 (它不能与摘要一起使用,因为在没有随401发送随机数的情况下,它无法计算授权标头。)
However, a request from curl was successful, probably because curl preemptively sent the Authorization header with the first GET, instead of waiting to be asked with a 401. It can do this as long as the authorization scheme is Basic because it doesn't need any information from the server. (It wouldn't work with Digest because it cannot calculate the Authorization header without the nonce sent with the 401.)
所以问题出现了,有没有办法通过 package:http 抢先发送Basic auth?
So the question arises, is there a way to preemptively send Basic auth in package:http?
// create an IOClient with authentication
HttpClient inner = new HttpClient();
inner.authenticate = (uri, scheme, realm) {
inner.addCredentials(
uri, realm, new HttpClientBasicCredentials(username, password));
};
http.IOClient client = new http.IOClient(inner);
// and use it like this
http.Response response = await client.get('https://api.somewhere.io');
// todo - handle the response
抢先方式-仅适用于基本身份验证
Preemptive way - only works with Basic authentication
// use the normal http.get method, but add the header manually, with every request
http.Response response = await http.get(
'https://api.somewhere.io',
headers: {'authorization': basicAuthenticationHeader(username, password)},
);
// todo - handle the response
$ b
with the utility method
String basicAuthenticationHeader(String username, String password) {
return 'Basic ' + base64Encode(utf8.encode('$username:$password'));
}
这篇关于升级后的Dart HttpClient具有基本身份验证问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
