代码之家  ›  专栏  ›  技术社区  ›  Alan Gaytan

Angular 5-HttpClient未按请求发送邮件头

netflix-zuul angular
  •  1
  • Alan Gaytan  · 技术社区  · 6 年前

    我的角度应用程序正在向zuul服务发送http请求,我的问题是,当我尝试发送授权头时,zuul服务没有接收到该头,这是角度代码: 

    obtenerAvisos() {
    const token = localStorage.getItem('token');
    const headers = new HttpHeaders(
      {
        'Content-Type':  'application/json',
        'Authorization': token
      }
    );

    return this.http.get(
      environment.url + environment.msavisos,
      {
        headers: headers
      }
    );
  }

    在zuul上,我创建了一个预过滤器,在那里我试图捕捉标题: 

    package com.filtro;

import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.client.HttpStatusCodeException;
import com.netflix.zuul.context.RequestContext;
import com.utilidades.JwtUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import com.netflix.zuul.ZuulFilter;

public class PreFilter extends ZuulFilter {

    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 1;
    }

    @Override
    public boolean shouldFilter() {
        return true;
    }

    @Autowired
    private JwtUtil jwtUtil;

    @Override
    public Object run() {

        RequestContext ctx = RequestContext.getCurrentContext();
        HttpServletRequest request = ctx.getRequest();

        String ip = request.getLocalAddr();
        String authorization = request.getHeader("Authorization");
        String content = request.getHeader("Content-Type");
        System.out.println(content);
        try {
            if ( request.getRequestURL().toString().contains("/usuarios/sesion")) {

            } else if ( authorization != null ) {

                Claims claims = null;

                try {
                     claims = jwtUtil.parseToken(authorization);
                 } catch (ExpiredJwtException e) {
                     // Sesion expirada
                     ctx.unset();
                     ctx.setResponseStatusCode(HttpStatus.FORBIDDEN.value());
                 }

                if (claims != null) {
                    if (!JwtUtil.esIpCorrecta(claims, ip)) {
                        // Ip sin acceso
                        ctx.unset();
                        ctx.setResponseStatusCode(HttpStatus.FORBIDDEN.value());
                    } else {
                        // Acceso concedido
                        ctx.addZuulRequestHeader("authorization", jwtUtil.generateToken(claims, ip));
                    }
                } else {
                    // Token Invalido
                    ctx.unset();
                    ctx.setResponseStatusCode(HttpStatus.FORBIDDEN.value());
                }

            } else {
                ctx.unset();
                ctx.setResponseStatusCode(HttpStatus.FORBIDDEN.value());
            }

        }  catch (HttpStatusCodeException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

}

    我使用postman发出请求并发送头,每次都正常工作,我已经看到 this this 但找不到答案,有人能帮我解决这个问题吗?,提前谢谢。

    3 回复  |  直到 6 年前
        1
  •  0
  •   andrew ferguson    6 年前

    尝试将“WithCredentials”头添加为true: 

    get(url) {
    return this.http.get(url, this.getHttpOptions());
}

getHttpOptions() {
    const token = localStorage.getItem('token');
    const headers = {
        'Content-Type':  'application/json',
        'Authorization': token
      }
    return { withCredentials: true, headers: headers };
}
        2
  •  0
  •   isy    6 年前

    你能试试吗: 

    return this.http.get(
  environment.url + environment.msavisos,
  {
    headers: new HttpHeaders().set('Authorization', localStorage.getItem('token'))
                              .set('Content-Type', 'application/json')
  }
);
        3
  •  0
  •   Alan Gaytan    6 年前

    最后的问题是zuul,我需要在主应用程序中添加cors配置: 

    import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import org.springframework.context.annotation.Bean;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import com.filtro.PostFilter;
import com.filtro.PreFilter;
import com.utilidades.JwtUtil;

@SpringBootApplication
@EnableZuulProxy
public class MsZuulApplication {

    public static void main(String[] args) {
        SpringApplication.run(MsZuulApplication.class, args);
    }

    @Bean
    public CorsFilter corsFilter() {
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        final CorsConfiguration config = new CorsConfiguration();
        config.setAllowCredentials(true);
        config.addAllowedOrigin("*");
        config.addAllowedHeader("*");
        config.addAllowedMethod("OPTIONS");
        config.addAllowedMethod("HEAD");
        config.addAllowedMethod("GET");
        config.addAllowedMethod("PUT");
        config.addAllowedMethod("POST");
        config.addAllowedMethod("DELETE");
        config.addAllowedMethod("PATCH");
        source.registerCorsConfiguration("/**", config);
        return new CorsFilter(source);
    }

}

    希望这能帮助别人:)

    推荐文章
    zeagord  ·  春云门户和Zuul有何不同?
    7 年前
    Ole  ·  用Spring Boot、OAuth和JWT保护SPA?
    7 年前
    Debopam  ·  ZUUL向下游应用程序发送基本身份验证
    7 年前
    hungrytolearn  ·  Zuul路由不起作用,给出404:Spring Boot+Cloud+Zuul
    7 年前
    H.abidi  ·  Spring boot/netflix zuul应用程序未启动
    7 年前
    maxxx  ·  zuul缓慢获取新服务客户端
    7 年前
    Krish  ·  访问Spring boot Zuul服务路由的身份验证
    7 年前
    Dariusz Mydlarz  ·  如何在Zuul后过滤器中获得响应主体?
    8 年前
    关于   移动版
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号