Scala Gatling使用回调URL生成OAuth2.0令牌无效
这是我的设想Scala Gatling使用回调URL生成OAuth2.0令牌无效,scala,oauth,oauth-2.0,gatling,Scala,Oauth,Oauth 2.0,Gatling,这是我的设想 val header = Map( "Accept" -> """application/json""", "Content-Type" -> """application/x-www-form-urlencoded, charset=UTF-8""") val auth_token = scenario("POST Authentication") .exec( http("POST OAuth Req")
val header = Map(
"Accept" -> """application/json""",
"Content-Type" -> """application/x-www-form-urlencoded, charset=UTF-8""")
val auth_token = scenario("POST Authentication")
.exec(
http("POST OAuth Req")
.post("/validate/activationURL")
.formParam("oauth.token.client.secret", "*******")
.formParam("oauth.token.url", "https://myweb.com/as/token.oauth2")
.formParam("oauth.token.client.id", "my-test-user")
.formParam("oauth.token.grant.type", "client_credentials")
.formParam("oauth.token.scope", "my:test:activation")
.headers(header)
)
但我也犯了同样的错误
=========================
HTTP request:
POST https://my-validation.net/validate/activationURL
headers=
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Content-Length: 305
Host: https://my-validation.net/
params=
oauth.token.client.secret: *******
oauth.token.url: https://myweb.com/as/token.oauth2
oauth.token.client.id: my-test-user
oauth.token.grant.type: client_credentials
oauth.token.scope: my:test:activation
=========================
HTTP response:
status=
401 Unauthorized
headers=
Cache-Control: no-store
Content-Type: application/json;charset=UTF-8
Date: Fri, 03 Feb 2017 03:30:40 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Www-Authenticate: Bearer realm="oauth2-resource", error="unauthorized", error_description="Full authentication is required to access this resource"
X-Cf-Requestid: 4681a3da-a747-40f7-4801-b6b972b07cf6
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block
Content-Length: 102
body=
{"error":"unauthorized","error_description":"Full authentication is required to access this resource"}
<<<<<<<<<<<<<<<<<<<<<<<<<
20:30:40.972 [DEBUG] i.g.h.a.ResponseProcessor -
>>>>>>>>>>>>>>>>>>>>>>>>>>
=========================
HTTP请求:
邮递https://my-validation.net/validate/activationURL
标题=
接受:application/json
内容类型:application/x-www-form-urlencoded
内容长度:305
主持人:https://my-validation.net/
params=
oauth.token.client.secret:*******
oauth.token.url:https://myweb.com/as/token.oauth2
oauth.token.client.id:我的测试用户
oauth.token.grant.type:客户端\u凭据
oauth.token.scope:my:test:activation
=========================
HTTP响应:
地位=
401未经授权
标题=
缓存控制:没有存储
内容类型:application/json;字符集=UTF-8
日期:2017年2月3日星期五03:30:40 GMT
Pragma:没有缓存
严格的交通安全:最大年龄为31536000岁;包含子域
Www Authenticate:Bearer realm=“oauth2资源”,error=“未经授权”,error\u description=“访问此资源需要完全身份验证”
X-Cf-Requestid:4681a3da-a747-40f7-4801-b6b972b07cf6
X-Content-Type-Options:nosniff
X帧选项:拒绝
X-Xss-Protection:1;模式=块
内容长度:102
身体=
{“error”:“unauthorized”,“error_description”:“访问此资源需要完全身份验证”}
>>
最后,我明白了,这个Answare在这里帮助了我
我改变了什么
标题
是的,标题非常重要
val header = Map(
"Content-Type" -> """application/x-www-form-urlencoded""")
这个变量名是OAuth 2.0标准client\u secret、client\u id、grant\u type、scope
,我在尝试OAuth.token.client.secret
val auth_token = scenario("POST Authentication")
.exec(
http("POST OAuth Req")
.post("https://myweb.com/as/token.oauth2")
.formParam("client_secret", "*******")
.formParam("client_id", "my-test-user")
.formParam("grant_type", "client_credentials")
.formParam("scope", "my:test:activation")
.headers(header)
.check(status.is(200)).check(jsonPath("$.access_token").exists.saveAs("access_token")
最后,我想起来了,这个Answare帮了我 我改变了什么 标题 是的,标题非常重要
val header = Map(
"Content-Type" -> """application/x-www-form-urlencoded""")
这个变量名是OAuth 2.0标准client\u secret、client\u id、grant\u type、scope
,我在尝试OAuth.token.client.secret
val auth_token = scenario("POST Authentication")
.exec(
http("POST OAuth Req")
.post("https://myweb.com/as/token.oauth2")
.formParam("client_secret", "*******")
.formParam("client_id", "my-test-user")
.formParam("grant_type", "client_credentials")
.formParam("scope", "my:test:activation")
.headers(header)
.check(status.is(200)).check(jsonPath("$.access_token").exists.saveAs("access_token")
那么您正在尝试获取访问令牌?那么您正在尝试获取访问令牌?