如何解决无法验证 (okta) 从路由内向路由发出的 post 请求,得到 401 Unauthorized 响应 GET 请求有效
我有一个使用 express 的 nodejs 应用程序,使用 @okta/okta-sdk-nodejs 和 @okta/oidc-middleware 来处理身份验证。
我有许多工作正常并且按预期获得授权的路由。以下流程会生成 401 状态代码,我正在努力找出原因。
如果我点击路由 http://localhost:3000/b/f-e-info,我会收到来自外部 API 的响应,这是有效的,然后我想将其发送到另一个路由 /es/ingest/b/ts 以被摄取我通过函数 {{ 1}} 使用 callEs('/es/ingest/b/ts',t.symbols) 这基本上接受一个 URL 和响应数据作为参数和 axios 数据到 posts 路由 es。该路由使用 router.post('/ingest/b/ts',esParsersController.createtsdocs); 函数作为回调函数,它只负责将数据提取到数据库中。
nodejs 控制台中的错误:
createtsdocsapp.js
POST /es/ingest/b/t 401 0.520 ms - 12
Error: Request Failed with status code 401
at createError (login-portal/node_modules/axios/lib/core/createError.js:16:15)
at settle (login-portal/node_modules/axios/lib/core/settle.js:17:12)
at IncomingMessage.handleStreamEnd (login-portal/node_modules/axios/lib/adapters/http.js:260:11)
at IncomingMessage.emit (events.js:326:22)
at endReadableNT (_stream_readable.js:1252:12)
at processticksAndRejections (internal/process/task_queues.js:80:21) {
config: {
url: '/es/ingest/b/ts',method: 'post',data: '{"data":[{..},{...},{...}]}',headers: {
Accept: 'application/json,text/plain,*/*','Content-Type': 'application/json;charset=utf-8','User-Agent': 'axios/0.21.1','Content-Length': 113195
},baseURL: 'http://localhost:3000',transformRequest: [ [Function: transformRequest] ],transformResponse: [ [Function: transformResponse] ],timeout: 3000,adapter: [Function: httpAdapter],xsrfCookieName: 'XSRF-TOKEN',xsrfheaderName: 'X-XSRF-TOKEN',maxContentLength: -1,maxBodyLength: -1,validateStatus: [Function: validateStatus]
},request: <ref *1> ClientRequest {
_events: [Object: null prototype] {
socket: [Function (anonymous)],abort: [Function (anonymous)],aborted: [Function (anonymous)],connect: [Function (anonymous)],error: [Function (anonymous)],timeout: [Function (anonymous)],prefinish: [Function: requestOnPrefinish]
},_eventsCount: 7,_maxListeners: undefined,outputData: [],outputSize: 0,writable: true,destroyed: false,_last: true,chunkedEncoding: false,shouldKeepAlive: false,_defaultKeepAlive: true,useChunkedEncodingByDefault: true,sendDate: false,_removedConnection: false,_removedContLen: false,_removedTE: false,_contentLength: null,_hasBody: true,_trailer: '',finished: true,_headerSent: true,socket: Socket {
connecting: false,_hadError: false,_parent: null,_host: 'localhost',_readableState: [ReadableState],_events: [Object: null prototype],_writableState: [WritableState],allowHalfOpen: false,_sockname: null,_pendingData: null,_pendingEncoding: '',server: null,_server: null,parser: null,_httpMessage: [Circular *1],[Symbol(async_id_symbol)]: 744,[Symbol(kHandle)]: [TCP],[Symbol(kSetNoDelay)]: false,[Symbol(lastWriteQueueSize)]: 0,[Symbol(timeout)]: null,[Symbol(kBuffer)]: null,[Symbol(kBufferCb)]: null,[Symbol(kBufferGen)]: null,[Symbol(kCapture)]: false,[Symbol(kBytesRead)]: 0,[Symbol(kBytesWritten)]: 0,[Symbol(RequestTimeout)]: undefined
},_header: 'POST /es/ingest/b/ts HTTP/1.1\r\n' +
'Accept: application/json,*/*\r\n' +
'Content-Type: application/json;charset=utf-8\r\n' +
'User-Agent: axios/0.21.1\r\n' +
'Content-Length: 113195\r\n' +
'Host: localhost:3000\r\n' +
'Connection: close\r\n' +
'\r\n',_keepAliveTimeout: 0,_onPendingData: [Function: noopPendingOutput],agent: Agent {
_events: [Object: null prototype],_eventsCount: 2,defaultPort: 80,protocol: 'http:',options: [Object],requests: {},sockets: [Object],freeSockets: {},keepAliveMsecs: 1000,keepAlive: false,maxSockets: Infinity,maxFreeSockets: 256,scheduling: 'fifo',maxTotalSockets: Infinity,totalSocketCount: 1,[Symbol(kCapture)]: false
},socketPath: undefined,method: 'POST',maxHeaderSize: undefined,insecureHTTPParser: undefined,path: '/es/ingest/b/ts',_ended: true,res: IncomingMessage {
_readableState: [ReadableState],_eventsCount: 3,socket: [Socket],httpVersionMajor: 1,httpVersionMinor: 1,httpVersion: '1.1',complete: true,headers: [Object],rawHeaders: [Array],trailers: {},rawTrailers: [],aborted: false,upgrade: false,url: '',method: null,statusCode: 401,statusMessage: 'Unauthorized',client: [Socket],_consuming: true,_dumped: false,req: [Circular *1],responseUrl: 'http://localhost:3000/es/ingest/b/ts',redirects: [],timeoutCb: null,upgradeOrConnect: false,maxHeadersCount: null,reusedSocket: false,host: 'localhost',_redirectable: Writable {
_writableState: [WritableState],_options: [Object],_ending: true,_redirectCount: 0,_redirects: [],_requestBodyLength: 113195,_requestBodyBuffers: [],_onNativeResponse: [Function (anonymous)],_currentRequest: [Circular *1],_currentUrl: 'http://localhost:3000/es/ingest/b/ts',_timeout: Timeout {
_idleTimeout: -1,_idlePrev: null,_idleNext: null,_idleStart: 2235827,_onTimeout: null,_timerArgs: undefined,_repeat: null,_destroyed: true,[Symbol(refed)]: true,[Symbol(kHasPrimitive)]: false,[Symbol(asyncId)]: 750,[Symbol(triggerId)]: 746
},[Symbol(kNeedDrain)]: false,[Symbol(corked)]: 0,[Symbol(kOutHeaders)]: [Object: null prototype] {
accept: [Array],'content-type': [Array],'user-agent': [Array],'content-length': [Array],host: [Array]
}
},response: {
status: 401,statusText: 'Unauthorized',headers: {
'x-powered-by': 'Express','content-type': 'text/plain; charset=utf-8','content-length': '12',etag: 'W/"c-dAuDFQrdjS3hezqxDTNgW7AOlYk"','set-cookie': [Array],date: 'Wed,17 Mar 2021 09:32:20 GMT',connection: 'close'
},config: {
url: '/es/ingest/b/t',data: '{"data":[{...},transformRequest: [Array],transformResponse: [Array],validateStatus: [Function: validateStatus]
},request: <ref *1> ClientRequest {
_events: [Object: null prototype],_header: 'POST /es/ingest/b/ts HTTP/1.1\r\n' +
'Accept: application/json,*/*\r\n' +
'Content-Type: application/json;charset=utf-8\r\n' +
'User-Agent: axios/0.21.1\r\n' +
'Content-Length: 113195\r\n' +
'Host: localhost:3000\r\n' +
'Connection: close\r\n' +
'\r\n',agent: [Agent],res: [IncomingMessage],_redirectable: [Writable],[Symbol(kOutHeaders)]: [Object: null prototype]
},data: 'Unauthorized'
},isAxiosError: true,toJSON: [Function: toJSON]
}
If I just hit a GET Route in the es file It is authenticated as expected.
b.js 路由
var createError = require('http-errors');
var express = require('express');
var path = require('path');
var session = require('express-session');
var okta = require("@okta/okta-sdk-nodejs");
const { ExpressOIDC } = require('@okta/oidc-middleware');
const keys = require('./config/keys');
var bodyParser = require('body-parser')
var app = express();
app.use( bodyParser.json({limit: "15360mb",type:'application/json'}) );
app.use(bodyParser.urlencoded({limit: '100mb',extended: true}));
// Enabled the routes
const dashboardRouter = require("./routes/dashboard");
const usersRouter = require("./routes/users");
const brouter = require("./routes/b");
const esRouter = require("./routes/es");
var oktaClient = new okta.Client({
orgUrl: keys.okta_orgUrl,token: keys.okta_token
});
const oidc = new ExpressOIDC({
issuer: keys.okta_issuer,client_id: keys.okta_client_id,client_secret: keys.okta_client_secret,appBaseUrl: keys.okta_appBaseUrl,scope: keys.okta_scope,routes: {
login: {
path: keys.okta_routes_login_path
},loginCallback: {
path: keys.okta_routes_loginCallback_path,afterCallback: keys.okta_routes_loginCallback_afterCallback
}
}
});
// view engine setup
app.set('views',path.join(__dirname,'views'));
app.set('view engine','pug');
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(express.static(path.join(__dirname,'public')));
app.use(session({
secret:keys.app_session_secret,resave: true,saveUnititialized: false
}));
app.use(oidc.router);
app.use((req,res,next) => {
if (!req.userContext) {
return next();
}
oktaClient.getUser(req.userContext.userinfo.sub)
.then(user => {
req.user = user;
res.locals.user = user;
next();
}).catch(err => {
next(err);
});
});
// redirect our users to the correct route
app.use('/',publicRouter);
app.use('/dashboard',oidc.ensureAuthenticated(),dashboardRouter);
app.use('/users',usersRouter);
app.use('/b',brouter)
app.use('/es',esRouter)
// error handler
app.use(function(err,req,next) {
// set locals,only providing error in development
res.locals.message = err.message;
res.locals.error = req.app.get('env') === 'development' ? err : {};
// render the error page
res.status(err.status || 500);
res.render('error');
});
oidc.on('ready',() => {
app.listen(keys.app_web_server_port,() => console.log('app started'));
});
oidc.on('error',err => {
// An error occurred while setting up OIDC,during token revocation,or during post-logout handling
});
module.exports = app;
es 路线
const axios = require('axios');
const express = require("express");
const b = require('../models/b');
const keys = require('../config/keys');
const router = express.Router();
const esapi = axios.create({
baseURL: keys.app_web_server_addr+':'+keys.app_web_server_port,});
// function to call es
let callEs = (url,data) => {
esapi.post(
url,{data})
.catch( err => console.log(err))
}
router.get("/f-e-info",(req,res) => {
fapi.get(b.bfapi+'eInfo')
.then((response) => {
// handle success
//console.log(response.data.symbols);
res.render("t",{response});
return response.data;
// send the data to es
}).then((t) => {
console.log("sending to es")
callEs('/es/ingest/b/ts',t.symbols)
}).catch( (error) => console.log(error));
});
module.exports = router;
/controllers/esParsers
const esParsersController = require('../controllers/esParsers');
const express = require("express");
const router = express.Router();
// This works fine!!!
router.get("/",res) => {
res.render("es-test");
});
// This fails with a 401 unauthorised.
router.post('/ingest/b/ts',esParsersController.createtsdocs);
module.exports = router;
对不起,nodejs 新手并试图学习,有人可以帮助我理解为什么 es 路由 const keys = require('../config/keys');
const crypto = require("crypto");
const { createReadStream } = require('fs')
const split = require('split2')
const { Client } = require('@elastic/elasticsearch');
const { disconnect } = require('process');
require('array.prototype.flatmap').shim();
const createtsdocs = (req,res) => {
var datasource = []
req.body.data.forEach(function(value){
var doc = {}
doc.symbol = value.symbol;
// ... do stuff with data
datasource.push(doc)
});
ingestDocIntoEs(`${keys.esIndexName_prefix}ts`,datasource);
res.send("data entered")
}
module.exports = {
createTickerDocs
}
的帖子给了我 401 但对 es 路由 /ingest/b/ts 的 GET 请求被认证为预期?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
