FitNesse RestFixture测试无法获取访问令牌

rest oauth fitnesse spring-security-oauth2

902 观看

1回复

802 作者的声誉

我有Spring OAuth2授权的REST应用程序。我用FitNesse RestFixture测试测试它(我从curl响应添加了令牌,最后一次GET操作成功):

| Table:smartrics.rest.fitnesse.fixture.RestFixture | http://10.76.243.103:8080 |
| GET | /<root>/version | | | 2.2.1 |
| setBody |grant_type=password&username=test&password=test123&scope=data+compute|
| setHeader |Authorization : Basic dGVzdDo4YmE5MjRjZS0wNThhLTQ3Y2YtOGQ4Mi02ZWY1N2Y4NzdiNmQ=|
| setHeader |Content-Type : application/x-www-form-urlencoded|
| POST | /<oauth-provider>/oauth/token | | | |
| setHeader |Authorization : Bearer fd947659-cf17-4ded-b2e8-698395c201df|
| GET | /<root>/schemas | | | | 

我在POST操作时无法获得访问令牌的问题{"error":"unauthorized","error_description":"Full authentication is required to access this resource"}

| POST | /<oauth-provider>/oauth/token | 401 | <responce> | {"error":"unauthorized","error_description":"Full authentication is required to access this resource"} |

在哪里responce

Server : Apache-Coyote/1.1
X-Content-Type-Options : nosniff
X-XSS-Protection : 1; mode=block
Cache-Control : no-cache, no-store, max-age=0, must-revalidate
Pragma : no-cache
Expires : 0
X-Frame-Options : DENY
Cache-Control : no-store
Pragma : no-cache
WWW-Authenticate : Bearer realm="oauth", error="unauthorized", error_description="Full authentication is required to access this resource"
Content-Type : application/json;charset=UTF-8
Transfer-Encoding : chunked
Date : Thu, 27 Nov 2014 11:17:56 GMT

如果我使用curl实用程序执行相同的操作,我access_token成功:

curl -X POST -v -u test:8ba924ce-058a-47cf-8d82-6ef57f877b6d --data 'username =test&password=test123&grant_type=password&scope=data+compute' 'http://10.76.24 3.103:8080/parseq/oauth/token' -k

* About to connect() to 10.76.243.103 port 8080 (#0) 
* Trying 10.76.243.103...
* Adding handle: conn: 0x4c3388
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x4c3388) send_pipe: 1, recv_pipe: 0
* Connected to 10.76.243.103 (10.76.243.103) port 8080 (#0)
* Server auth using Basic with user 'test'

> POST /parseq/oauth/token HTTP/1.1 
> Authorization: Basic dGVzdDo4YmE5MjRjZS0wNThhLTQ3Y2YtOGQ4Mi02ZWY1N2Y4NzdiNmQ= 
> User-Agent: curl/7.30.0 
> Host: 10.76.243.103:8080 
> Accept: */* 
> Content-Length: 69 
> Content-Type: application/x-www-form-urlencoded 
>
* upload completely sent off: 69 out of 69 bytes
< HTTP/1.1 200 OK
* Server Apache-Coyote/1.1 is not blacklisted
< Server: Apache-Coyote/1.1 
< X-Content-Type-Options: nosniff 
< X-XSS-Protection: 1; mode=block 
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate 
< Pragma: no-cache < Expires: 0 
< X-Frame-Options: DENY 
< Cache-Control: no-store 
< Pragma: no-cache 
< Content-Type: application/json;charset=UTF-8 
< Transfer-Encoding: chunked 
< Date: Thu, 27 Nov 2014 09:20:39 GMT 
< {"access_token":"fd947659-cf17-4ded-b2e8-698395c201df","token_type":"bearer","re fresh_token":"564aa6ca-0afa-4519-a907-e7027053bb35","expires_in":40317,"scope":" compute data"}
* Connection #0 to host 10.76.243.103 left intact

任何人都可以建议我如何调试或修复它?

提前致谢!

作者: zubactik 的来源 发布者: 2014 年 11 月 27 日

回应 (1)


0

802 作者的声誉

决定

我启动tcpdump了检查我从curl请求中发送的确切内容(如使用TCPDUMP监视HTTP流量所述):

sudo tcpdump -A -s 0 'tcp port 8080 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'

我在服务器机器上启动它。

我发现curl自动添加Content-Type标题:

08:55:30.504594 IP <my client DNS name>.53655 > cherry.http-alt: Flags [P.], seq      1801770313:1801770631, ack 3280862118, win 67, length 318
E..fE.@.q..q
B r
L.g....kd.I....P..C....POST /<oauth provider>/oauth/token HTTP/1.1
Authorization: Basic dGVzdDo4YmE5MjRjZS0wNThhLTQ3Y2YtOGQ4Mi02ZWY1N2Y4NzdiNmQ=
User-Agent: curl/7.30.0
Host: 10.76.243.103:8080
Accept: */*
Content-Length: 69
Content-Type: application/x-www-form-urlencoded

username=test&password=test123&grant_type=password&scope=data+compute
08:55:30.508697 IP cherry.http-alt > <my client DNS name>.53655: Flags [P.], seq 1:563, ack 318,   win 237, length 562
E..ZPB@.@...
L.g
B r........kd..P...*...HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Cache-Control: no-store
Pragma: no-cache
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 27 Nov 2014 13:55:30 GMT

ae
{"access_token":"fd947659-cf17-4ded-b2e8-698395c201df","token_type":"bearer","refresh_token":"564aa6ca-0afa-4519-a907-e7027053bb35","expires_in":23826,"scope":"compute data"}

08:55:30.508937 IP cherry.http-alt > <my client DNS name>.53655: Flags [P.], seq 563:568, ack 318, win 237, length 5

我还检查了我从FitNesse测试中发送的内容:

08:33:36.598429 IP 10.76.243.55.39600 > cherry.http-alt: Flags [P.], seq 102:347, ack 335, win   237, options [nop,nop,TS val 859086469 ecr 41658573], length 245
E..)..@.@...
L.7
L.g........r..............
34...{..POST /<oauth provider>/oauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Jakarta Commons-HttpClient/3.1
Host: 10.76.243.103:8080
Content-Length: 69

grant_type=password&username=test&password=test123&scope=data+compute
08:33:36.599047 IP cherry.http-alt > 10.76.243.55.39600: Flags [P.], seq 335:974, ack 347, win 235, options [nop,nop,TS val 41658578 ecr 859086469], length 639

我发现Authorization在FitNesse的请求中错过了标题。看起来顺序使用setHeader()方法会导致覆盖标头。因此,我更改了FitNesse测试以使用setHeaders()方法在一个表行中设置一些标题(如在RestFixtureConfig rest fixture.default.headers如何设置具有动态值的标题中所述):

| setBody |grant_type=password&username=test&password=test123&scope=data+compute|
| setHeaders |!-Authorization: Basic dGVzdDo4YmE5MjRjZS0wNThhLTQ3Y2YtOGQ4Mi02ZWY1N2Y4NzdiNmQ=
Content-Type: application/x-www-form-urlencoded-!|
| POST | /parseq/oauth/token | 200 | | | 

现在它工作正常。

作者: zubactik 发布者: 27.11.2014 02:35
32x32