如何在冒充客户端，特别是HTTP头中传递标头？

Question

我试着用Rest模板传递http头及其预期的工作方式，但也有一些不适用于假装客户端的方法。

Rest客户代码：-

import org.springframework.http.HttpHeaders;

RestTemplate restTemplate = new RestTemplate();
HttpHeaders httpHeader = new HttpHeaders();
httpHeader.set("appsecret-proof", header);
HttpEntity<?> request = new HttpEntity<>(httpHeader);
String url = "https://localhost/groups/{pathVariable}/members/";
Map<String, String> map = new HashMap<>();
map.put("pathVariable", pathVariable);
UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(url)
                                                   .queryParam("token", token);
String uriBuilder = builder.build().toString();

ResponseEntity<MemberObject> responseEntity = restTemplate.exchange(uriBuilder, HttpMethod.POST, request,MemberObject.class, map);

MemberObject memberObject = null;
if (responseEntity != null && responseEntity.getBody() != null) {
    memberObject = responseEntity.getBody();
}

Fegin客户代码：-

import org.springframework.web.bind.annotation.RequestHeader;

@PostMapping(value = "/groups/?token=xyz")
MemberObject getMemberGroup(@RequestHeader("appsecret-proof") String appsecretProof);

但是，fegin客户端给出的错误如下：

{"error":{"message":"Authentication credentials could not be found.","type":"Authentication Error","code":404,"sub_code":0}}.

在冒充客户端中硬编码令牌，仍然会产生相同的错误。这可能是错误的headers....any建议如何设置头在冒充客户端。

Answer 1

如果您使用的是假名，就应该这样构造调用：

import feign.Headers;
import feign.Param;
import feign.RequestLine;
...
@RequestLine("POST /groups/?token={appSecretProof}")
@Headers("Content-Type: application/json")
MemberObject getMemberGroup(@Param("appSecretProof") String appSecretProof);

在上面的片段中，appSecretProof的值在执行时作为令牌的对应值被替换到URL中。