Bash变量被插入cURL命令时会被截断

脚本的第一部分如下所示：

curl -k -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'username=username&password=password "https://get_token" >> token.txt
token=$(<'token.txt'$'\r')
echo "$token"

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw

curl -k -X POST -H Content-Type: application/json -H Authorization: AR-JWT eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz0 -H Cache-Control: no-cache -d { OiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}   https://randomurl.com

让我们看看当我尝试将令牌插入脚本的下一部分时会发生什么。

echo curl -k -X POST -H "Content-Type: application/json" -H "Authorization: AR-JWT "$token"" -H "Cache-Control: no-cache" -d '{ 
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}  ' "https://randomurl.com"

以下是输出：

curl -k -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'username=username&password=password "https://get_token" >> token.txt
token=$(<'token.txt'$'\r')
echo "$token"

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw

curl -k -X POST -H Content-Type: application/json -H Authorization: AR-JWT eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz0 -H Cache-Control: no-cache -d { OiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}   https://randomurl.com

传入令牌时会发生两种情况

• 令牌中的“9IiwibmJmIjoxNDgzOTg5NjgwLCJpc3Mi”被删除

• 令牌的后半部分（在删除的部分之后）被插入到主体中

我所尝试的：

curl -k -X POST -H "Content-Type: application/x-www-form-urlencoded" -H "Cache-Control: no-cache" -d 'username=username&password=password "https://get_token" >> token.txt
token=$(<'token.txt'$'\r')
echo "$token"

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw

curl -k -X POST -H Content-Type: application/json -H Authorization: AR-JWT eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz0 -H Cache-Control: no-cache -d { OiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}   https://randomurl.com

• 使用不同的令牌
• 使用令牌而不首先将其传递到文件中
• 将授权标头移动到URL之前

所有这些导致了相同的行为

我在Windows7上使用cygwin64 当第二个cURL命令在cygwin的正确空格中键入完整标记时，它就可以正常工作了

将set-x添加到脚本时的输出：

$ ./variable_testing.sh
+ ./variable_testing.sh
+ token=$'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw\r'
+ echo $'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw\r\r'
eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
+ echo curl -k -X POST -H '"Content-Type:' 'application/json"' -H '"Authorization:' AR-JWT 'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk"' -H '"Cache-Control:' 'no-cache"' -d '{ LCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}  ' $'https://randomurl.com\r'
curl -k -X POST -H "Content-Type: application/json" -H "Authorization: AR-JWT eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1" -H "Cache-Control: no-cache" -d { OiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}   https://randomurl.com

上面显示输出的完整简化脚本

#!/bin/bash
set -x logs
token="eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIyTVd0bGo4Y1VPYW8xNmdZTlV4QWlFS3RLcTc1b2JsSEN0c3hKWnlxeExCTkRKb1wvKzNSK1l5XC9YUFhoWExLaytJRVdKSE5CTE9MZmxPNksxemFjYXVlM0t1NnFIQjNRXC9QeUxzUTdVSmVOYk9pS3FDeHhcLzk1dz09IiwibmJmIjoxNDgzOTg5NjgwLCJpc3MiOiJwaHgtcmVtc3QtMDAzIiwiX2NhY2hlSWQiOjE0MzA0OCwiZXhwIjoxNDgzOTkzNDAwLCJpYXQiOjE0ODM5ODk4MDAsImp0aSI6IklER0FBNVYwR1pNU0pBTzk5QlVXTzhOMDY5VlRGTiJ9.H3vD-WfZBFXOII4k-cy7Ey2QM9YXytp31m9-Huj9vKw"
echo "$token"
echo curl -k -X POST -H \"Content-Type: application/json\" -H \"Authorization: AR-JWT $token\" -H \"Cache-Control: no-cache\" -d '{ 
  "values":{
      
    "First_Name": "John",
    "Last_Name": "Doe",
  }
}  ' "https://randomurl.com"

---

首先：您的令牌中当前有文字CRs——明显的破坏是由在

echo

输出中打印的CRs引起的，将光标移回行首，以便令牌的部分内容被稍后的内容覆盖。要消除这些错误，您可以将文件转换为UNIX文本格式（并确保生成该文件的任何命令中都没有CRs），也可以使用：

token=$(<token.txt)    # read token.txt into "token" variable
token=${token//$'\r'/} # strip CRs from token variable

---

最后，确保脚本本身是UNIX格式的——编辑器没有使用DOS换行符保存脚本

-H“Authorization:AR-JWT“$token”

。。。我的意思是，坦率地说，你的意思是什么？您希望内部引号是文字引号还是语法引号？顺便说一句，使用

printf“%q\n'$token”

，或

declare-ptoken

，而不是

echo“$token”

，以明确的形式显示您的值。一般来说，永远不要使用

echo

来调试shell的实际操作。您无法区分

echo-touch“hello-world.txt”和
echo-touch hello-world.txt
之间的区别，而且这两个命令完全不同。您能否更新您的问题以显示
set-x
日志，以便我们可以看到shell实际传递给
curl
的是什么？还有，
令牌是什么=$（我花了两个小时来找出我为什么会遇到这个问题。从令牌变量中剥离CRs就解决了。谢谢！！