授权凭证已剥离 --- django、elastic beanstalk、oauth [英] Authorization Credentials Stripped --- django, elastic beanstalk, oauth
问题描述
我在 django 中使用 django-rest-framework 实现了一个 REST api,并使用 oauth2 进行身份验证.
I implemented a REST api in django with django-rest-framework and used oauth2 for authentication.
我测试过:
curl -X POST -d "client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=password&username=YOUR_USERNAME&password=YOUR_PASSWORD" http://localhost:8000/oauth2/access_token/
和
curl -H "Authorization: Bearer <your-access-token>" http://localhost:8000/api/
在本地主机上,成功的结果与文档一致.
on localhost with successful results consistent with the documentation.
将其推送到现有的 AWS 弹性 beanstalk 实例时,我收到了:
When pushing this up to an existing AWS elastic beanstalk instance, I received:
{ "detail" : "Authentication credentials were not provided." }
推荐答案
我现在使用稍微不同的方法.只要 env 变量没有像 Tom dickin 指出的那样改变,sahutchi 的解决方案就会起作用.我在 EB 内部挖得更深一些,找到了 wsgi.conf 模板所在的位置,并在那里添加了WSGIPassAuthorization On"选项.
I use a slightly different approach now. sahutchi's solution worked as long as env variables were not changed as Tom dickin pointed out. I dug a bit deeper inside EB and found out where the wsgi.conf template is located and added the "WSGIPassAuthorization On" option there.
commands:
WSGIPassAuthorization:
command: sed -i.bak '/WSGIScriptAlias/ a WSGIPassAuthorization On' config.py
cwd: /opt/elasticbeanstalk/hooks
这将始终有效,即使在更改环境变量时也是如此.我希望你觉得它有用.
That will always work, even when changing environment variables. I hope you find it useful.
似乎很多人仍在点击此回复.我有一段时间没有使用 ElasticBeanstalk,但我会考虑使用下面的 Manel Clos 解决方案.我没有亲自尝试过,但似乎是一个更干净的解决方案.这实际上是对 EB 脚本的一次黑客攻击,如果 EB 更新它们,特别是当它们将它们移动到不同位置时,将来可能会中断.
Seems like lots of people are still hitting this response. I haven't used ElasticBeanstalk in a while, but I would look into using Manel Clos' solution below. I haven't tried it personally, but seems a much cleaner solution. This one is literally a hack on EBs scripts and could potentially break in the future if EB updates them, specially if they move them to a different location.
这篇关于授权凭证已剥离 --- django、elastic beanstalk、oauth的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!