首页 文章

CORS不在WSO2 API Manager中的oAuth2 UserInfo endpoints 上工作

提问于
浏览
1

我无法在oAuth2的UserInfo endpoints 上使CORS工作 . 我想通过调用oAuth2 UserInfo资源来检索声明(UserInfo) .

正如我从stackoverflow post“WSO2 API Manager CORS”中所理解的那样...为oAuth2资源启用CORS应该在Synapse配置中通过添加CORSRequest处理程序来完成,如上面的stackoverflow链接所述 . 我为Token en Revoke资源添加了这个CORSRequest处理程序( _TokenAPI_.xml en _RevokeAPI_xml ),如上面的链接所述 . 而且,它工作!在那些添加之后,我在我的应用程序中发现了CORS问题,所以我通过将CORSRequestHandler添加到 _UserInfoAPI_.xml (包括在服务器wso2server.bat上重启)来做同样的过程),但是我仍然得到相同的CORS错误:

XMLHttpRequest cannot load https://localhost:9443/oauth2/userinfo?schema=openid. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.

我不明白CORS正在处理我的令牌资源而不是处理我的userinfo资源?

顺便说一下,我没有使用WSO2 Identity Server,只使用带有oAuth2功能的API Manager . 我检查过,我可以看到没有Allow- * Headers 被我的浏览器(javascript)发送回客户端(在OPTIONS预检期间) .

如果我在UserInfAPI.xml中添加此处理程序,为什么CORSRequestHandler不起作用?

wso2 cors wso2carbon wso2-am

1 回答

  • 2

    您确定使用了正确的URL,即 https://localhost:8243/userinfo 进行OPTION调用吗?

    我刚试过,这就是我得到的 .

    bhathiya@bhathiya-x1:/$ curl -v -k -X OPTIONS https://localhost:8243/userinfo
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 8243 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 697 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification SKIPPED
*    server certificate status verification SKIPPED
*    common name: localhost (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: C=US,ST=CA,L=Mountain View,O=WSO2,CN=localhost
*    start date: Fri, 19 Feb 2010 07:02:26 GMT
*    expire date: Tue, 13 Feb 2035 07:02:26 GMT
*    issuer: C=US,ST=CA,L=Mountain View,O=WSO2,CN=localhost
*    compression: NULL
* ALPN, server did not agree to a protocol
> OPTIONS /userinfo HTTP/1.1
> Host: localhost:8243
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Accept: */*
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET
< Host: localhost:8243
< Access-Control-Allow-Headers: authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction
< Date: Sun, 23 Oct 2016 14:43:27 GMT
< Transfer-Encoding: chunked
<

    如果您使用相同的网址,请发布完整的卷曲请求和回复 .

    回复于

相关问题