node.js - @hapi/hawk 的 Hawk 身份验证错误
问题描述
我正在尝试使用Hawk方案和Hapi验证请求的基本示例,但 hawk 插件失败,因为它试图访问payload
不存在的属性:
错误:
Server started listening on http://localhost:3000
Debug: internal, implementation, error
TypeError: Cannot read property 'payload' of undefined
at Object.authenticate (D:\TEST\node\sample3\node_modules\@hapi\hawk\lib\plugin.js:45:45)
at <anonymous>
at process._tickCallback (internal/process/next_tick.js:189:7)
产生错误的相关Hawk插件代码:
...
if (request.route.settings.auth.payload) {
request.events.once('peek', (chunk) => {
...
服务器代码:
const Hapi = require('@hapi/hapi');
const Hawk = require('@hapi/hawk');
const credentials = {
John: {
key: 'secret',
algorithm: 'sha256'
}
};
const getCredentialsFunc = function (id) {
return credentials[id];
};
const start = async () => {
const server = Hapi.server({ port: 3000, host: 'localhost' });
await server.register(Hawk);
server.auth.strategy('default', 'hawk', { getCredentialsFunc });
server.auth.default('default');
server.route({
method: 'GET',
path: '/',
handler: function (request, h) {
return 'Welcome';
}
});
await server.start();
console.log('Server started listening on %s', server.info.uri);
};
start();
客户端代码:
const Request = require('request');
const Hawk = require('@hapi/hawk');
const credentials = {
id: 'John',
key: 'secret',
algorithm: 'sha256'
};
const requestOptions = {
uri: 'http://localhost:3000/',
method: 'GET',
headers: {}
};
const { header } = Hawk.client.header(requestOptions.uri, requestOptions.method, { credentials: credentials, ext: 'some-app-data' });
requestOptions.headers.Authorization = header;
Request(requestOptions, function (error, response, body) {
const isValid = Hawk.client.authenticate(response, credentials, header.artifacts, { payload: body });
console.log(`${response.statusCode}: ${body}` + (isValid ? ' (valid)' : ' (invalid)'));
});
解决方案
我为这个确切的问题创建了一个 PR :) https://github.com/hapijs/hawk/pull/259
推荐阅读
- ios - 当应用程序被沙盒化时,为什么 Apple 建议在 iOS 钥匙串中存储密码、机密和密钥?
- node.js - 在 Ubuntu 上使用 fs.writeFileSync 得到错误:EACCES:权限被拒绝
- php - 如何将输入字段值从一个表单传递到 Woocommerce 不同页面中的另一个表单
- javascript - 如何将html表格下载为csv以及图像src
- vue.js - 返回对象承诺而不是数据
- python - TypeError:应用自定义函数时插入列的索引与框架索引不兼容
- css - 带有滚动条的数据表
- javascript - 获取内容长度而不在本地存储数据
- swiftui - SwiftUI:动画在 Zstack 中覆盖文本
- python - 时间戳条件 Groupby Pandas