use*_*175 7 authentication oauth options
WEbAPI为身份验证请求提供端点:http:\ ...\token
应使用方法"POST"和Body like发送身份验证请求
"grant_type=password&username=name&password=mypassword"
这个WebAPI由Front-End使用,它是使用AngularJS编写的.有时在发送带有有效Body的"POST"请求之前,会发送一个没有Body的"OPTIONS"请求.结果,WebAPI返回以下错误:
Status: 400
{"error":"unsupported_grant_type"}
有没有可以在服务器端实现的解决方案?(在WebAPI中)
HTTP请求方法:选项
Request Header:
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,de;q=0.6,ru;q=0.4,uk;q=0.2
Access-Control-Request-Headers:accept, authorization, content-type
Access-Control-Request-Method:POST
Cache-Control:no-cache
Host:...
Origin:...
Pragma:no-cache
Proxy-Connection:keep-alive
Referer:...
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36
Response Header:
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 34
Content-Type: application/json;charset=UTF-8
Expires: -1
Server: Microsoft-IIS/7.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Date: Thu, 11 Sep 2014 18:05:09 GMT
Woj*_*ski 17
我刚遇到同样的问题......我正在使用ember和ember-simple-auth.对/ token端点的任何预检请求OPTIONS都会导致400 HTTP响应,并且正文已知众所周知:{error:"unsuported_grant_type"}.
解:
我继承自:OAuthAuthorizationServerProvider并覆盖MatchEndpoint函数:
public override Task MatchEndpoint(OAuthMatchEndpointContext context)
{
if (context.OwinContext.Request.Method == "OPTIONS" && context.IsTokenEndpoint)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] {"POST"});
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "accept", "authorization", "content-type" });
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
context.OwinContext.Response.StatusCode = 200;
context.RequestCompleted();
return Task.FromResult<object>(null);
}
return base.MatchEndpoint(context); }
这似乎照顾它.希望能帮助到你.