我使用 AWS Cognito 作为我的 NestJS 应用程序的身份验证服务。但是,当我在没有 JWT(未经身份验证)的情况下访问端点时,服务器总是崩溃并抛出此错误:TypeError: applicationRef.isHeadersSent is not a function,但当包含有效的 JWT 时,它运行良好,即由受保护的 API 端点返回正确的数据。授权守卫。以下是我构建身份验证配置和身份验证防护的方法。有人可以看一下吗?提前致谢!
src/authz/authz.module.ts
import { Injectable } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { ExtractJwt, Strategy } from 'passport-jwt';
import { passportJwtSecret } from 'jwks-rsa';
@Injectable()
export class JwtStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
secretOrKeyProvider: passportJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://cognito-idp.us-east-1.amazonaws.com/xxxxx/.well-known/jwks.json`,
}),
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
issuer: 'https://cognito-idp.us-east-1.amazonaws.com/xxxxx',
algorithms: ['RS256'],
});
}
validate(payload: unknown): unknown {
return payload;
} …