401 使用有效的熊令牌,会出现什么问题? [英] 401 with a valid bear token, what could go wrong?
问题描述
我应该如何查找/追踪这样的问题:
What should I look into to find out / track down a issue like this:
我们有一个调用 .Net Core Web API 的 Angular 应用程序,启用了 CORS,它通过 Azure AD 进行身份验证,获取不记名令牌.使用 Bearer 令牌时,API 调用失败并显示 401 Unauthorized,其他时间为 200.但我将相同的 Bearer 令牌放入任何 REST 客户端,API 调用始终有效.
We have an Angular App calling a .Net Core Web API, with CORS enabled, and it authenticate through Azure AD, getting a Bearer token. With the Bearer token, the API calls fail with 401 Unauthorized from time to time, other times, 200. Yet I put the same Bearer Token into any REST client and API calls always work.
非常感谢您的任何意见.
Greatly appreciate any input.
更多背景/分析:
- API 与其他应用程序配合良好.所以如果问题出在在服务器端,它不是代码中经常执行的部分.这问题可能出在客户端 Angular 代码中.
这个 Angular 应用是唯一的应用程序使用 CORS.这显然是我正在研究的东西.
- API works fine with other applications. So if the issue is on the server side, it is not an often executed part of the code. The issue could be in the client side Angular code.
This Angular app is the only app use CORS. This obviously is something I'm looking into.
此 Angular 应用程序的本地开发服务器(Webpack 开发服务器)和部署服务器(IIS)不同,但生成相同的结果,所以它可能不是服务器配置问题.
Local Development Server(Webpack dev server) and deployment server(IIS) for this Angular app are different, yet produce the same result, so it might not be a server config issue.
推荐答案
我想通了.比赛条件.当它尝试检索它时,不记名令牌在那里尚不可用.当我在 REST 客户端中手动执行 API 调用时,令牌可用.只有当我有一些后续的 API 调用而不管第一个调用时,我才能更快地识别这个问题.
I figured it out. Race condition. Bearer token is not available there yet when it try to retrieve it. By the time I manually do API call in REST client, the token is available. Only if I have some subsequent API calls regardless of the first one, I would have identify this issue faster.
一个简单的超时将证明它有效.
A simple timeout would demonstration that it works.
我们将优化 Bearer 令牌存储和一些缓存管理,以获得永久解决方案.
We will optimize the Bearer token storage and some cache management for a permanent solution.
这篇关于401 使用有效的熊令牌,会出现什么问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
