java移动应用程序在调用@OAuthSecurity资源时保持加载
你好
我有一个移动应用程序,打电话到mobileFirstPlatform,然后只转到我的后端服务
我不确定我的理解是否正确,为了用@OAuthSecurity调用我的适配器资源,我需要先用mfp验证成功,然后才能访问该资源
在我的mobileFirst控制台中,我将其配置为我的范围元素映射和强制应用程序范围:
以下是我在^{
ngOnInit() {
this.mfpAuthenticationService.initEventHandler();
this.initAuthHandle();
}
initAuthHandle() {
this.authSuccessEventSubscription = this.mfpAuthenticationService.authSuccessEvent.subscribe((loginResponse: any) => {
// do something after success login
});
this.authFailureEventSubscription = this.mfpAuthenticationService.authFailureEvent.subscribe((res: any) => {
console.log('authFailureEvent => ', res);
if (res.errorCode == WLErrorCodeConstant.ClientSideError.CHALLENGE_HANDLING_CANCELED && this.mfpAuthenticationService.isBiometricAuthenticated()) {
return;
} else {
this.handleLoginError(res);
this.loginForm.resetForm();
this.processLogin = false;
}
});
this.authChallengeEventSubscription = this.mfpAuthenticationService.authChallengeEvent.subscribe((res: any) => {
console.log('authChallengeEvent => ', res);
let redirectPath = this.sessionService.getSessionStorage(SessionName.REDIRECT_PATH);
if (redirectPath) {
console.log('biometric user login error => ', res);
this.login.password = null;
this.isLoginButtonClicked = false;
this.baseService.handleError(res, true);
} else {
this.handleLoginError(res);
}
this.loginForm.resetForm();
this.processLogin = false;
});
}
performLogin() {
this.mfpAuthenticationService.performLogin(this.login.username, this.loginRequest);
}
这是关于mfp.auth.service.ts的一些代码:
initEventHandler() {
console.log("come mfp.auth.service.ts initEventhandler");
this.currentEventHandler = '';
this.userLoginChallengeHandler = null;
this.userLoginChallengeHandler = WL.Client.createSecurityCheckChallengeHandler('UserAuthentication');
this.userLoginChallengeHandler.securityCheckName = '';
this.userLoginChallengeHandler.handleSuccess = (loginSuccess) => {
console.log("handleSuccess");
this.isChallenged = false;
if (this.currentEventHandler != this.eventHandler.success) {
this.currentLoginGrantType = this.processLoginGrantType;
//alert("initEventHandler|loginSuccess=\n" + JSON.stringify(loginSuccess));
console.log("loginSuccess is " + JSON.stringify(loginSuccess));
this.mfpAuthResponse = {
id: loginSuccess.id,
accessToken: loginSuccess.user.attributes.access_token,
tokenType: loginSuccess.user.attributes.token_type,
expiresIn: loginSuccess.user.attributes.expires_in,
scope: loginSuccess.user.attributes.scope,
clientId: loginSuccess.user.attributes.client_id
};
}
this.currentEventHandler = this.eventHandler.success;
console.log("handler success, challenged is " + this.isChallenged);
};
this.userLoginChallengeHandler.handleFailure = (loginError) => {
console.log("handleFailure");
this.isChallenged = false;
if (this.currentEventHandler != this.eventHandler.failure) {
this.authFailureEvent.emit(loginError);
}
this.currentEventHandler = this.eventHandler.failure;
console.log("handleFailure, challenged is " + this.isChallenged);
};
this.userLoginChallengeHandler.handleChallenge = (challenge) => {
console.log("handleChallenge " + challenge);
this.isChallenged = true;
this.challengeResponseModel = challenge;
this.authChallengeEvent.emit(challenge);
this.currentEventHandler = this.eventHandler.challenge;
console.log("handleChallenge, challenged is " + this.isChallenged);
};
}
performLogin(username: string, loginRequest: RequestModel<LoginRequestModel>) {
console.log("come mfp.auth.service.ts performLogin");
let performed = false;
let authRequest = {
requestHeader: {
deviceId: this.sessionService.getDeviceId(),
channelTime: new Date().toString()
},
requestBody: loginRequest.requestBody
}
this.processLoginGrantType = loginRequest.requestBody.grant_type;
let authObj = {
'authorization': environment.authorization,
'authRequest': JSON.stringify(authRequest),
'authCode': this.service.getHashMAC(authRequest, this.sessionService.getHashKey()),
'authUser': username
};
console.log("mfp-performLogin|isChallenged1=" + this.isChallenged + "\nauthObj=\n" + JSON.stringify(authObj) + "\n\n");
if (this.isChallenged) {
console.log("mfp-performLogin|submitChallengeAnswer=");
this.userLoginChallengeHandler.submitChallengeAnswer(authObj);
} else {
console.log("mfp-performLogin|WLAuthorizationManager.login=");
WLAuthorizationManager.login(this.securityCheckName, authObj).then(
() => {
console.log("mfp-performLogin|WLAuthorizationManager.login.performed=" + performed + "\nmfpAuthResponse=\n" + JSON.stringify(this.mfpAuthResponse) + "\n\n");
if (!performed) {
this.ngZone.run(() => {
console.log("come emit authSuccessEvent");
this.authSuccessEvent.emit(this.mfpAuthResponse);
});
}
performed = true;
},
(err) => {
console.log("mfp-performLogin|WLAuthorizationManager.login.err=\n\n" + JSON.stringify(err) + "\n");
console.log('wllogin err => ', err);
this.authFailureEvent.emit(err);
}
);
}
}
如您所见,从我的login.component.ts中,我将首先执行ngOnInit(),在我输入密码并按下登录按钮后,它将调用performLogin()方法,并继续调用mfp.auth.servicet.ts performLogin()
在mfp.auth.servicet.ts performLogin()中,将调用WLAuthorizationManager.login(this.securityCheckName, authObj),因为this.isChallenged值默认为false
登录实际上是成功的,因为我能够得到那些oauth响应,并且能够进入我的应用程序,我的oauth响应如下:
登录成功,但当我想点击访问具有@OAuthSecurity的资源时,我的应用程序将继续加载,并且日志中不会显示任何错误。mfp中有东西阻塞了
如果我删除了范围元素映射和强制应用程序范围,那么没有问题,请求就可以成功
因此,我怀疑我的配置有问题,或者代码逻辑有问题。非常感谢你的建议和帮助。我被困在这两个多星期了
据我所知,在这方面有两部分身份验证,一部分是使用mfp进行身份验证,另一部分是使用我的后端服务进行身份验证,即UserAuthentication.java,我相信我的UserAuthentication.java已经成功进行了身份验证,也许我使用mfp进行的身份验证部分有问题
我怎么知道我已经成功通过了mfp ya认证
基于本文,http://mobilefirstplatform.ibmcloud.com/tutorials/ru/foundation/8.0/authentication-and-security/credentials-validation/javascript/
我能知道handleChallenge()什么时候打电话吗?还有handleSuccess()
如果需要我提供更多信息,请告诉我
共 (0) 个答案