4
我與rest_framework使用Django並激活了JSONWebTokenAuthentication。當我爲Post用戶登錄一個用戶時,我得到一個令牌似乎一切正常。如果我在jwt.io中驗證該令牌,我會驗證簽名。但是,當我發送任何獲取或發佈到我的服務器中的端點,並在標題中,我把「授權:智威湯遜」我得到以下。錯誤解碼簽名JWT身份驗證Android
06-26 12:20:58.832 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Authorization: JWT {token:<token>}
06-26 12:20:58.842 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ ---> END HTTP (no body)
06-26 12:20:59.322 5293-7833/com.infortec.angel.montalbanwebser
D/RETROFIT﹕ : HTTP/1.0 403 FORBIDDEN
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Allow: GET, POST, HEAD, OPTIONS
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Content-Type: application/json
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Date: Fri, 26 Jun 2015 10:19:34 GMT
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Server: WSGIServer/0.1 Python/2.7.3
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ Vary: Accept, Cookie
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ X-Android-Received-Millis: 1435314059321
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ X-Android-Response-Source: NETWORK 403
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ X-Android-Selected-Transport: http/1.1
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ X-Android-Sent-Millis: 1435314059296
06-26 12:20:59.332 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ X-Frame-Options: SAMEORIGIN
06-26 12:20:59.342 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ {"detail":"Error decoding signature."}
06-26 12:20:59.342 5293-7833/com.infortec.angel.montalbanwebser D/RETROFIT﹕ <--- END HTTP (38-byte body)
{ 「細節」: 「解碼錯誤簽名」}
編輯:我使用的是RequestInterceptor加我的頭。
public class TokenRequestInterceptor implements RequestInterceptor{
@Override
public void intercept(RequestFacade request) {
request.addHeader("Content-Type", "application/json");
request.addHeader("Authorization", "JWT " + Utils.token);
}
}
Utils.token是一個靜態字段,我在驗證後從服務器檢索令牌時存儲令牌。