/api/user 失效 #643
Comments
|
你截个用于「检查是否经过认证」的中间件的代码说条毛线呢? 你给的信息太少,不足以判断问题所在。从你给的复现步骤里我感觉你像是在用浏览器请求 API,但我也不是很懂你拿 Safari 请求给第三方应用使用的 API 是什么操作。 请给出完整的复现步骤,包括你怎么获取 Access Token 和请求 API 的代码。 还有,我不想骂人,但你真的应该好好读一遍《提问的智慧》。 |
|
抱歉看错代码了,主要我也不是很会php。对不起。 #!/bin/zsh
jsonq() {
local json=$(cat)
awk -v json="$json" -v json_orgi="$json" -v key="$1" '
function strlastchar(s) {
return substr(s, length(s), 1)
}
function startwith(s, c) {
start = substr(s, 1, 1)
return start == c
}
function endwith(s, c) {
return strlastchar(s) == c
}
function innerstr(s) { # 取出括号/引号内的内容
return substr(s, 2, length(s)-2)
}
function strindex(s, n) { # 字符串通过下标取值,索引是从1开始的
return substr(s, n, 1)
}
function trim(s) {
sub("^[ \n]*", "", s);
sub("[ \n]*$", "", s);
return s
}
function findValueByKey(s, k) {
if ("\""k"\"" != substr(s, 1, length(k)+2)) {exit 0}
s = trim(s)
start = 0; stop = 0; layer = 0
for (i = 2 + length(k) + 1; i <= length(s); ++i) {
lastChar = substr(s, i - 1, 1)
currChar = substr(s, i, 1)
if (start <= 0) {
if (lastChar == ":") {
start = currChar == " " ? i + 1: i
if (currChar == "{" || currChar == "[") {
layer = 1
}
}
} else {
if (currChar == "{" || currChar == "[") {
++layer
}
if (currChar == "}" || currChar == "]") {
--layer
}
if ((currChar == "," || currChar == "}" || currChar == "]") && layer <= 0) {
stop = currChar == "," ? i : i + 1 + layer
break
}
}
}
if (start <= 0 || stop <= 0 || start > length(s) || stop > length(s) || start >= stop) {
exit 0
} else {
return trim(substr(s, start, stop - start))
}
}
function unquote(s) {
if (startwith(s, "\"")) {
s = substr(s, 2, length(s)-1)
}
if (endwith(s, "\"")) {
s = substr(s, 1, length(s)-1)
}
return s
}
BEGIN{
if (match(key, /^\./) == 0) {exit 0;}
sub(/\][ ]*\[/,"].[", key)
split(key, ks, ".")
if (length(ks) == 1) {print json; exit 0}
for (j = 2; j <= length(ks); j++) {
k = ks[j]
if (startwith(k, "[") && endwith(k, "]") == 1) { # [n]
idx = innerstr(k)
currentIdx = -1
# 找匹配对
pairs = ""
json = trim(json)
if (startwith(json, "[") == 0) {
exit 0
}
start = 2
cursor = 2
for (; cursor <= length(json); cursor++) {
current = strindex(json, cursor)
if (current == " " || current == "\n") {continue} # 忽略空白
if (current == "[" || current == "{") {
if (length(pairs) == 0) {start = cursor}
pairs = pairs""current
}
if (current == "]" || current == "}") {
if ((strlastchar(pairs) == "[" && current == "]") || (strlastchar(pairs) == "{" && current == "}")) {
pairs = substr(pairs, 1, length(pairs)-1) # 删掉最后一个字符
if (pairs == "") { # 匹配到了所有的左括号
currentIdx++
if (currentIdx == idx) {
json = substr(json, start, cursor-start+1)
break
}
}
} else {
pairs = pairs""current
}
}
}
} else {
# 到这里,就只能是{"key": "value"}或{"key":{}}或{"key":[{}]}
pairs = ""
json = trim(json)
if (startwith(json, "[")) {exit 0}
#if (!startwith(json, "\"") || !startwith(json, "{")) {json="\""json}
# 找匹配的键
start = 2
cursor = 2
noMatch = 0
for (; cursor <= length(json); cursor++) {
current = strindex(json, cursor)
if (current == " " || current == "\n" || current == ",") {continue} # 忽略空白和逗号
if (substr(json, cursor, length(k)+2) == "\""k"\"") {
json = findValueByKey(substr(json, cursor, length(json)-cursor+1), k)
break
} else {
noMatch = 1
}
if (noMatch) {
pos = match(substr(json, cursor+1, length(json)-cursor), /[^(\\")]"/)
ck = substr(substr(json, cursor+1, length(json)-cursor), 1, pos)
t = findValueByKey(substr(json, cursor, length(json)-cursor+1), ck)
tLen = length(t)
sub(/\\/, "\\\\", t)
pos = match(substr(json, cursor+1, length(json)-cursor), t)
if (pos != 0) {
cursor = cursor + pos + tLen
}
noMatch = 0
continue
}
}
}
}
if (json_orgi == json) { print;exit 0 }
print unquote(json)
}'
}
CODE=${QUERY_STRING:5}
JSON=$(curl "http://localhost:50000/oauth/token" -F code=$CODE -F client_id=7 -F "grant_type=authorization_code" -F "client_secret=U8YvCBMjRHt500vci1ZtMOZ5Yq7nqxjUkk7950Ou" -F "redirect_uri=http://localhost:50000/chat/oauth")
ATOKEN=$(echo $JSON | jsonq ".access_token")
echo Content-type:text
echo
echo --------------------------------------------------------------------------------
echo $(curl -X 'GET' "http://localhost:50000/api/players" -H "Authorization:Bearer $ATOKEN") 回复: |
|
另外想问一下怎么看日志啊 |
|
本地开发环境未能复现。 我建议你把 Access Token 打出来,看看是不是一个正常的 JWT,如果是,拿着 storage/oauth-public.key 里的公钥,去 jwt.io 验证一下 JWT 签名,再看看 JWT 有没有过期。 |
|
jwt.io 告诉我有效 {"token_type":"Bearer","expires_in":31536000,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI3IiwianRpIjoiYjViYjYxYjIwN2ViNzg1Njk4ZmVjNjA5NTE4YzFiZTMyOGE4NDgwNWVkYjRlZmVlMDE4MDg4NjY3NjNmNWY4ZmYxNDZiMzQxNTQyZDY4OWQiLCJpYXQiOjE3MjcwMTA1MzcuNzQ5OTA4LCJuYmYiOjE3MjcwMTA1MzcuNzQ5OTEsImV4cCI6MTc1ODU0NjUzNy43NDExODMsInN1YiI6IjIiLCJzY29wZXMiOlsiVXNlci5SZWFkIl19.os2ifF7Dol4WXVxH466VlWvfU7-KXZEdIdghpGNNAYfQrwvEpB6DqtNgKG2Wo0-Vv5aSORlLNlXSNTvkzXd85Inpk2sM5136xhZerOLODOA-Sd1m28GU4leU1IOHvTu2070lewgwy7FmPp-wqjRhkOwt-q9Q5bvPDaI_omZ7UT1zB1vSVZft3MsN-P0dV8XYyQx49i3nUbK8vHel5VPSep0zx8Xnrr97aI9ytiZWZYfsdGGNt_g1IesgNvJE8c6IV3js2bgMbHkOgGRUhQjvrUz8XaazUYpLbvOpTfAxI51N2hEt5an2zyfQyyPdudN7ZtJFP7uHJ5rho8FMi6y6XWuStKlItctB8BZd14o_ufchtLx5s9FnN5LZEd3bHgLSxXl1zQGbNpg9fcPx--tzujJwiTJF37_TognewK8OSNrykvE40WW1u9Wqh9ek1hPLPlkUAXx8QTiYPIMSLlBrd4ZXIBZh2j5APgjxf73U8s3GN088t2AsBIXRP72pnpV5vUWCWv4aWhLenmdjFwb87dIHyuwe1f3ycUc4Rb6QgaN4iUoZqWAQk2uYM5RPex7aQo6iNXzlqNRdcfy2rEy3GVVFxr5hjAaZDElSiMwXQGitSCzqwdhwhjkn61Lvf5_fCPnHOoF9jLwVVmIxJs_74n6yq6W9qEnCrPBELtBODVk","refresh_token":"def5020042639308cb93606c23effe3397193c5cefd52095980f48cb9b251c6c71b316b11c355046912899d42d8c98316e21ed02acefca8ee65013097cf1115714cc8cdd1a927e028452113ffda3f2fabcaf2b310223dfa6db82f1f7db274fda5da4cc8a5486cdac7df9fe3d7f882420ea89c0a0808d1135d81f0fde84881ca2536ec1d4e20080fac956724dfea9f86aba99674f94046e19d5c17ea2b329b48de30906d1b2f30b03cf7b98ebb82aef58fe0e5eb21eb9a36798c31acc50e85cb5e77140ac959ab47ca4f30965428b4333d17920c7256ebb48b2cfe3d31d8909a5eee526eb79428b9d46659abe9532897215cff0b674ab74360f0dcb7359899a42c1116bdcbba4f6e89a0eba6fd4548b35b32a4d71706fdba224dc07ab0c87b77d91c742902fd2913e32bed8ef256cc2e277d8e2ce50dcc300e41e29effba2110d246f990da74d1ca7f3798e0f537b002a28b47ada33666d5fe089cdc22f15b1e5f11fc41849166fc188b77023"}然后本地全新安装测试失败 |
|
怀疑是PHP环境的问题。现在用的是Homebrew 安装的PHP,不知道是不是不行. |
|
有人吗? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Blessing Skin 版本
6.0.2
PHP 版本
8.1
出现问题时所使用的浏览器
Safari
您正在使用的 Web Server
Apache
您正在使用宝塔吗?
出现了什么问题?
GET /api/user/*, 没有返回表格,而是一个HTML,用于跳转到登录页
同时 GET /api/[其他] 能正常返回服务器信息
错误日志
No response
重现步骤
登录,然后打开/api/user
The text was updated successfully, but these errors were encountered: