go - 如何发出 axios 请求(协商/SPNEGO 令牌)?
问题描述
从应用程序 (Vue.js) 我向与Kerberosfrontend一起使用的应用程序 (Golang) 的 URL 发出 axios (ajax) 请求。当前端应用程序向后端应用程序的路由发出 GET 请求时,我需要返回有关员工的信息。backend
在前端应用程序中,我提出了这样的 axios 请求:
axios.get(url, {withCredentials: true})
在后端应用程序中,我设置了这样的 CORS 选项:
headers := handlers.AllowedHeaders([]string{"X-Requested-With", "Content-Type", "Authorization"})
methods := handlers.AllowedMethods([]string{"GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS"})
origins := handlers.AllowedOrigins([]string{"*"})
credentials := handlers.AllowCredentials() // true
现在HTTP 401 Unauthorized,当我发出 axios 请求时,客户端应用程序会引发错误。仅当我从浏览器发出请求时,Everythink 才能正常工作。
在后端应用程序的日志中,当我从浏览器发出请求时,我会看到这样的标头信息:
map[Upgrade-Insecure-Requests:[1] User-Agent:[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36] Accept:[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3] Accept-Encoding:[gzip, deflate] Accept-Language:[ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7] Connection:[keep-alive] Cache-Control:[max-age=0]]
map[Connection:[keep-alive] Upgrade-Insecure-Requests:[1] User-Agent:[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36] Accept-Language:[ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7] Cache-Control:[max-age=0] Authorization:[Negotiate YIIHVQYGKwYBBQUCoIIHSTCCB0WgMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCBw8EggcLYIIHBwYJKoZIhvcSAQICAQBuggb2MIIG8qADAgEFoQMCAQ6iBwMFACAAAACjggV4YYIFdDCCBXCgAwIBBaEPGw1LQVItVEVMLkxPQ0FMoi0wK6ADAgECoSQwIhsESFRUUBsaa3otZG1waWdudDA1Lmthci10ZWwubG9jYWyjggUnMIIFI6ADAgEXoQMCAQOiggUVBIIFETMAZStUfDPJR4GItJfk8JST2HU7YxuFq4HPQ/PWoK/gW5HzZj+dc9CC1stR/D/LhOJFKcAdzkDRmjHNanWWaolcJDhHttrGcF01jHH0xHVUPir8B/7j65QOXmedHIRDexlQsUzjztWuxtPQjERcZFPAo4RtTkpLB2wIHJaeNTevkBOofxVmBunxIqBk+h9Rk2qswOfQlj/Eevrm2R3t6AG3kgliUBg3KbrZ7KxRWUdx2dvaZ6lZ8sKLRY8NYorozVTDS4hlLiGAldZlXICO5PbyiXcy/qHyiUge98r1vqQzyVNYixG9ZEj7fy6hSNF3KDSgjjT70zLaRb8Bj44VKR8BKqRTh6zby+ku6VGjrUdn/7r9iG3G0nnjc+1/WQyY55afcI5SKs7oBJlfqsX5OPF+VEtWbDG2UVK9KiTIbtFpnl6rkimam0pFaT9Rthgcy/1ehR1OvPAajC46s1gFz9St0qZO2syqukfStb3bdWIdxNVQZMjKlHjMm2URtBNOK34kXzdEmLh9kYtufGBK9M1VMRJ53VijG1ZUEodYeUi0JVwfSAvpq2NVdJ1kOgY93REYjHVjSR7Ur3uUzxFszVj7ur35bjlUK+K7Dwu+AZNsNiQ6Xq9FIzZZzkcuA4s+L6FYx1ttCPqDw7cPIO+LlpsOyhxK+SP1N9E8veeR5sS3MPt6xsSPf70lw9m7ztVudIksDK5Myth6VY9QdpEGlbQ2XKaw+ZVjPyMhvn90eJznQXf4IpbhpE6r4owf4CuFMcJ4hZrnP9tmT9CrCdDzVunV6JCORwu5mErGitzjM8o1pesKw9lvrv/RxZQS9lI8MziRxTCp/ZiMZYk9ZlsyMAJMrquweaFHDFLRn3B20xJouH8GtR2TIefPuwkhJn1m7rbsnRZa7QAki+yBP/meLLffstU+fGGBiVQfsc1Tj6acZDRyFeMCbLnqZZGiFwhxsJtI1h/hs/F5awpEZ7P1eyjhK6p7v+itvhT9O4FYTQkJ/Fce9TMiUSxcPiTH5UbKAsOt7jaqJjGwJSFf3DtKpgulPLv42DlyX4+mnsDNMp1yniloh5j6goxc/riL8iqO9LEyxId0n3QyNNqs6Iq6ZjVk48bQ+mocNkLDJ85k8bZOVjnFrRlUHLzTqLPuNn1cbVn4yoFOj3DROfRQf9HEukE5wgjUg/nlKECsn+eJwfLFpNCiyJZnojOs5chW8E6IZgP/qGy/poqNAazuGFx9Bf8wqJ4UcQGWuu7IdGM2SdKttxigMnvR8wMkw8mvl2Z07vY8Czrl+h/NfMJZTdPJYk/VLiu5qXRMdAPiSI5HuvWZuuDpuh6FijvR3bRwtjOgoU5V96zSC6CfiLXZy5TWCTtWtg2OZYPXUrO+sTeSLCI8toJQzJ3QzQD7yiPmdsDr1VA/pbWn6o0M29L0R+uwkw17sf4XlEffWzPj+JDIFYOaMtPra/FNEOdyg2GGG5I13UvIJq6anNiSb54FQxOaX2ed7vQl3PTx4SB0+AxVTfic5osUZo9/GY8U+qIsMQRnECxGiNWBMkPRPupFjwLV3HAM27XE2KV7dk2HeMAuD4+reASoNrctPoBox16ACliE2XLL/hnmcASSi32XeJOCDTcvcaIeib4K8GceMK5P+himWI/RjuGy7yUfjQIx3kYQERoVZBXycQFnE9XNBlzknP0Tbfy6DKLrjx1s4x0s5ngKgy/xOYg4tq40V/D0Xa8ICpqkggFfMIIBW6ADAgEXooIBUgSCAU7K5/v8GkuLM9ygpogXpOHDnydt9A3f/2N/d49zmcFkQzNRR6enJpvm++OxEuho4Zl/PMhK5eHZT+Zl11EXrWfmzyBw5AE61vp/bTy4m1S/YYRexOyKuwV1eJIamp31iFuxgTJ6bHgij7B+H7crnb1cmzafooewazuKpycmtroqN7FMnFvohSWoB8IOudxEHF/oVSYrRhSFt63YqiJ5c2nLLKxhkFobkDS2IGuWsxQt9w7epEcgu73aVr3AwHT0IeeDUpIZIjfEtBZO77MipC+oGyUEZt1ZMMcP+I+3c9qht2Qj7nk+daOZSQge/3OCWzj6wpImsaBjCYNYz57+KEBIJDhMLZjR16ibnp8b+oGLgkQwm9TRuLZ9CHIy+lOgQv+aeGrNS3TvcjX3nIxlC3O9pImpExmhtLsapHLFOgMcdDyBMY0wsxvLNa/gKLqq] Accept:[text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3] Accept-Encoding:[gzip, deflate]]
如您所见,浏览器以某种方式生成 SPNEGO(协商)令牌并将其自动设置为标题。我不明白如何通过 axios 请求获得相同的结果。我将不胜感激任何帮助。
解决方案
推荐阅读
- typescript - 创建一个包含类的所有静态属性的映射类型
- python-3.x - Pandas Dataframe 用 0.0 初始化并完成每个组
- java - 如果 autoStartup 设置为 false,如何手动启动 Spring Cloud Stream Binders
- python - 非数字字符的fail2ban模式与数字输入匹配
- python - Django Auth 用户和自定义用户
- c# - 无需打开即可将 XFA 文件打印为 PDF
- node.js - NodeJS 502.3 CGI 超时
- node.js - AXIOS NodeJs 中的 POST 文件
- windows - 基于 Chromium Edge 的 WebView2(对象未设置为对象的实例)
- git - 如果我可以很好地 ping github,为什么 git fetch 需要很长时间?