Ruby on rails 如何在Rails4上的Door Keeper gem中配置访问令牌？门卫的规范，通过http头带有令牌_Ruby On Rails_Ruby On Rails 4_Oauth_Oauth 2.0_Doorkeeper

Ruby on rails 如何在Rails4上的Door Keeper gem中配置访问令牌？门卫的规范，通过http头带有令牌

ruby-on-rails ruby-on-rails-4 oauth oauth-2.0

Ruby on rails 如何在Rails4上的Door Keeper gem中配置访问令牌？门卫的规范，通过http头带有令牌,ruby-on-rails,ruby-on-rails-4,oauth,oauth-2.0,doorkeeper,Ruby On Rails,Ruby On Rails 4,Oauth,Oauth 2.0,Doorkeeper,我的目标是在iOS和Rails4之间创建安全的API。所以我已经试了一段时间了。但我现在正在浪费时间进行测试和配置。具体来说，问题是通过HTTP头传输方法和令牌的doorkeeper\u。如何使用http请求参数是成功的，但通过参数发送令牌并不好。所以我想用HTTP头发送令牌，但门卫看不到request.header[“My_token\u PLACE”]的位置环境现在，我有api\u controller.rb，communities\u controller.rb，communitie

我的目标是在iOS和Rails4之间创建安全的API。所以我已经试了一段时间了。但我现在正在浪费时间进行测试和配置。具体来说，问题是通过HTTP头传输方法和令牌的

doorkeeper\u。如何使用http请求参数是成功的，但通过参数发送令牌并不好。所以我想用HTTP头发送令牌，但门卫看不到request.header[“My_token\u PLACE”]

的位置

环境现在，我有

api\u controller.rb

，

communities\u controller.rb

，

communities\u controller\u spec.rb

，

doorkeeper.rb

api\u controller.rb

class ApiController < ApplicationController
  before_action :create_token
  doorkeeper_for :all, scopes: [:app]
  respond_to :json, handler: :jbuilder

  private

  def error_handle
    raise 'Failed.'
  end

  def create_token
    params[:access_token] = request.headers["HTTP_AUTHENTICATION"]
    # this does not read by doorkeeper
  end
end

class CommunitiesController < ApiController
  def show
    @community = Community.find params[:id]
  end

  def search
    Query.create q: @search_form.q if @search_form.q.present?
    community_search = Community.search title_or_description_cont: @search_form.q
    @communities = community_search.result(distinct: true).page params[:page]
  end
end

require 'spec_helper'

describe CommunitiesController do
  let!(:application) { Doorkeeper::Application.create!(name: "MyApp", redirect_uri: "http://app.com") }
  let(:user){ create :user }
  let!(:access_token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "app" }

  before(:each) do
    request.env["HTTP_ACCEPT"] = 'application/json'
  end

  describe "#show" do
    let(:community) { create :community }

    before do
      request.headers["HTTP_AUTHENTICATION"] = access_token.token
      get :show, id: community
    end

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end

  describe "#search" do
    before { get :search, access_token: access_token.token }

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end
end

Doorkeeper.configure do
  orm :active_record

  resource_owner_authenticator do
    User.find id: session[:user_id]

  default_scopes :app
end

和

communities\u controller\u spec.rb

class ApiController < ApplicationController
  before_action :create_token
  doorkeeper_for :all, scopes: [:app]
  respond_to :json, handler: :jbuilder

  private

  def error_handle
    raise 'Failed.'
  end

  def create_token
    params[:access_token] = request.headers["HTTP_AUTHENTICATION"]
    # this does not read by doorkeeper
  end
end

class CommunitiesController < ApiController
  def show
    @community = Community.find params[:id]
  end

  def search
    Query.create q: @search_form.q if @search_form.q.present?
    community_search = Community.search title_or_description_cont: @search_form.q
    @communities = community_search.result(distinct: true).page params[:page]
  end
end

require 'spec_helper'

describe CommunitiesController do
  let!(:application) { Doorkeeper::Application.create!(name: "MyApp", redirect_uri: "http://app.com") }
  let(:user){ create :user }
  let!(:access_token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "app" }

  before(:each) do
    request.env["HTTP_ACCEPT"] = 'application/json'
  end

  describe "#show" do
    let(:community) { create :community }

    before do
      request.headers["HTTP_AUTHENTICATION"] = access_token.token
      get :show, id: community
    end

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end

  describe "#search" do
    before { get :search, access_token: access_token.token }

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end
end

Doorkeeper.configure do
  orm :active_record

  resource_owner_authenticator do
    User.find id: session[:user_id]

  default_scopes :app
end

和

config/initializer/doorkeeper.rb

class ApiController < ApplicationController
  before_action :create_token
  doorkeeper_for :all, scopes: [:app]
  respond_to :json, handler: :jbuilder

  private

  def error_handle
    raise 'Failed.'
  end

  def create_token
    params[:access_token] = request.headers["HTTP_AUTHENTICATION"]
    # this does not read by doorkeeper
  end
end

class CommunitiesController < ApiController
  def show
    @community = Community.find params[:id]
  end

  def search
    Query.create q: @search_form.q if @search_form.q.present?
    community_search = Community.search title_or_description_cont: @search_form.q
    @communities = community_search.result(distinct: true).page params[:page]
  end
end

require 'spec_helper'

describe CommunitiesController do
  let!(:application) { Doorkeeper::Application.create!(name: "MyApp", redirect_uri: "http://app.com") }
  let(:user){ create :user }
  let!(:access_token) { Doorkeeper::AccessToken.create! application_id: application.id, resource_owner_id: user.id, scopes: "app" }

  before(:each) do
    request.env["HTTP_ACCEPT"] = 'application/json'
  end

  describe "#show" do
    let(:community) { create :community }

    before do
      request.headers["HTTP_AUTHENTICATION"] = access_token.token
      get :show, id: community
    end

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end

  describe "#search" do
    before { get :search, access_token: access_token.token }

    it { expect(response).to be_success }
    it { expect(response.status).to be 200 }
  end
end

Doorkeeper.configure do
  orm :active_record

  resource_owner_authenticator do
    User.find id: session[:user_id]

  default_scopes :app
end

这里是rspec communities\u controller.rb的结果

/Users/shogochiai/Documents/anyll% be rspec spec/controllers/communities_controller_spec.rb
FF..

Failures:

  1) CommunitiesController#show should be success
     Failure/Error: it { expect(response).to be_success }
       expected success? to return true, got false
     # ./spec/controllers/communities_controller_spec.rb:20:in `block (3 levels) in <top(required)>'

  2) CommunitiesController#show should equal 200
     Failure/Error: it { expect(response.status).to be 200 }

       expected #<Fixnum:401> => 200
            got #<Fixnum:803> => 401

       Compared using equal?, which compares object identity,
       but expected and actual are not the same object. Use
       `expect(actual).to eq(expected)` if you don't care about
       object identity in this example.
     # ./spec/controllers/communities_controller_spec.rb:21:in `block (3 levels) in <top(required)>'

Finished in 0.33439 seconds
4 examples, 2 failures

Failed examples:

rspec ./spec/controllers/communities_controller_spec.rb:20 # CommunitiesController#show should be success
rspec ./spec/controllers/communities_controller_spec.rb:21 # CommunitiesController#show should equal 200

Randomized with seed 18521

未经验证

及

在{get:search，access_-token:access_-token.token}之前

已通过身份验证

补充的我在控制器中进行了

pp

调试，

pp请求

和

pp响应

结果有一对键值，该键值是

“HTTP\u身份验证”：“xrfi24j53iji34…”（一些散列值）