将自定义授权令牌传递给后端 [英] Pass a Custom Authorization Token to the Backend

问题描述

我正在尝试通过 WSO2 向现有 API 发送自定义令牌.

正如，我有一个用于后端 API 的令牌，我希望它包含在 WSO2 发送到该 API 的标头中.

所有谷歌查询似乎都导致

遗憾的是，我仍然被禁止.鉴于我对这里发生的事情只有最模糊的想法，这可能并不奇怪.

现在我已经开始工作了.上面(和下面)的过程确实有效.一定要在xml中添加Bearer"...

</序列>

解决方案

有两种方法可以做到这一点.

1) 您可以在 APIM 本身中保存后端密码.请参阅以下文档.

为后端端点设置密码:

https://docs.wso2.com/display/AM210/Basic+Authhttps://docs.wso2.com/display/AM210/Digest+Auth

加密那个密码:

https://docs.wso2.com/display/AM210/加密+安全+端点+密码

2) 您可以在请求本身中发送后端令牌，并让 APIM 将其传递给后端.您可以创建这样的序列并附加到 API.

现在，在您的请求中，您需要发送这样的标头.

BackendToken: Bearer 

然后它会被转换成下面的，在序列内部并发送到后端.

Authorization: Bearer 

有关详细信息，请参阅以下链接.

https://docs.wso2.com/display/AM210/Adding+中介+扩展

I am trying to send a custom token to an existing API via WSO2.

As in, I have a token for the backend API and I want it included in the header WSO2 sends to that API.

All google queries appear to lead to this page. Unfortunately, those instructions assume WSO2 cloud, where I am using a local install.

Are there instructions on how to do this with a local install? Preferably without Eclipse? Even more preferably within the WSO2 GUI?

Thanks!

EDIT:

As per an answer below, I've made some progress. Going from here, I've added this bit of xml

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" value="<valid token>" scope="transport"/>
</sequence>

and then added it to the "Message Mediation Policies" section under "inflow"

Sadly, I'm still getting forbidden. Seeing as I only have the dimmest idea what is going on here, that's probably not surprising.

[EDIT 3]

Cleaning up now that I have it working. The process above (and below) does work. Be sure to add "Bearer" to the xml...

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" value="Bearer <valid token>" scope="transport"/>
</sequence>

解决方案

There are 2 ways you can do this.

1) You can save backend password, in APIM itself. Refer below docs.

Set a password for a backend endpoint:

https://docs.wso2.com/display/AM210/Basic+Auth https://docs.wso2.com/display/AM210/Digest+Auth

Encrypt that password:

https://docs.wso2.com/display/AM210/Encrypting+Secure+Endpoint+Passwords

2) You can send the backend token in the request itself and let APIM pass it to the backend. You can create a sequence like this and attach to APIs.

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="default-endpoint-seq">
     <property name="Authorization" expression="$trp:BackendToken" scope="transport"/>
</sequence>

Now, in your request, you need to send a header like this.

BackendToken: Bearer <Backend_Token>

Then it will be converted to below, inside the sequence and sent to the backend.

Authorization: Bearer <Backend_Token>

See below link for more details.

https://docs.wso2.com/display/AM210/Adding+Mediation+Extensions

这篇关于将自定义授权令牌传递给后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！