使用JWT缺少授权标头 [英] Missing Authorization header using JWT
问题描述
我正在尝试设置JSON Web令牌,以通过移动应用程序与我的php后端进行通信.我可以要求一个令牌.当我需要验证它(或向另一个端点发出请求)时,我可以使用以下格式设置Authorization标头:
I'm trying to setup JSON Web Tokens to communicate with my php backend from a mobile app. I can request a token just fine. When i need to validate it(or make a request to another endpoint), i setup the Authorization header with the following format:
Bearer <token here>
但是由于某种原因,我的后端未设置$_SERVER['HTTP_AUTHORIZATION']
.
But for some reason on my backend, $_SERVER['HTTP_AUTHORIZATION']
is not set.
我在使用PHP 7的Mamp Pro的本地主机上.这是我的$_SERVER
数组的转储:
I'm on localhost using Mamp Pro with PHP7. This is a dump for my $_SERVER
array:
Array
(
[SERVER_SOFTWARE] => Apache
[REQUEST_URI] => /wp-json/jwt-auth/v1/token/validate/
[REDIRECT_STATUS] => 200
[HTTP_HOST] => localhost.dev
[CONTENT_TYPE] => application/x-www-form-urlencoded
[CONTENT_LENGTH] => 54
[HTTP_CONNECTION] => keep-alive
[HTTP_ACCEPT] => */*
[HTTP_USER_AGENT] => CocoaRestClient/15 CFNetwork/760.2.6 Darwin/15.3.0 (x86_64)
[HTTP_ACCEPT_LANGUAGE] => en-us
[HTTP_ACCEPT_ENCODING] => gzip, deflate
[PATH] => /usr/bin:/bin:/usr/sbin:/sbin
[SERVER_SIGNATURE] =>
[SERVER_NAME] => cloud.iblue.eu
[SERVER_ADDR] => ::1
[SERVER_PORT] => 80
[REMOTE_ADDR] => ::1
[DOCUMENT_ROOT] => /Applications/MAMP/htdocs/dev
[SERVER_ADMIN] => you@example.com
[SCRIPT_FILENAME] => /Applications/MAMP/htdocs/dev/index.php
[REMOTE_PORT] => 51804
[REDIRECT_URL] => /wp-json/jwt-auth/v1/token/validate/
[GATEWAY_INTERFACE] => CGI/1.1
[SERVER_PROTOCOL] => HTTP/1.1
[REQUEST_METHOD] => POST
[QUERY_STRING] =>
[SCRIPT_NAME] => /index.php
[PHP_SELF] => /index.php
[REQUEST_TIME_FLOAT] => 1459177711.33
[REQUEST_TIME] => 1459177711
[argv] => Array
(
)
[argc] => 0
)
当我尝试使用带有Basic dGVzdEB0ZXN0LmNvbToxMjM0NQ==
作为授权标头的HTTP Basic身份验证时,它工作正常:
When i'm trying to use HTTP Basic authentication with Basic dGVzdEB0ZXN0LmNvbToxMjM0NQ==
as the authorization header, it works fine:
[PHP_AUTH_USER] => test@test.com
[PHP_AUTH_PW] => 12345
有什么想法吗?
推荐答案
好吧,我刚刚在这里找到了答案: https://devhacksandgoodies.wordpress.com/2014/06/27/apache-pass-authorization-header-to-phps-_serverhttp_authorization/
Ok, i just found the answer here: https://devhacksandgoodies.wordpress.com/2014/06/27/apache-pass-authorization-header-to-phps-_serverhttp_authorization/
所以我在htaccess文件中添加了以下行,并修复了我的问题:
So i added the following line to my htaccess file and it fixed my issue:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
这篇关于使用JWT缺少授权标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!