Google Batch API,多个授权标头

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Google Batch API,多个授权标头相关的知识,希望对你有一定的参考价值。

寻找Google Batch API的一些帮助,在同一个域/组织下为两个不同的帐户获得了两个有效的访问令牌,并希望批量调用两个调用,每个调用都有自己的授权标头。

如果我正确地阅读它,应该可以根据the API docs

外部批处理请求的HTTP标头(内容类型等内容标题除外)适用于批处理中的每个请求。如果在外部请求和单个调用中都指定了给定的HTTP标头,则单个调用标头的值将覆盖外部批处理请求标头的值。单个呼叫的标头仅适用于该呼叫。

例如,如果您为特定呼叫提供授权标头,则该标头仅适用于该呼叫。如果为外部请求提供Authorization标头,则该标头将应用于所有单个调用,除非它们使用自己的Authorization标头覆盖它。

当请求没有身份验证标头但内部请求具有有效的身份验证标头时,使用Postman(POST https://www.googleapis.com/batch)对其进行测试:

--batch_foobarbaz 
Authorization:Bearer <accesstoken1>
Content-Type: application/http Content-ID: one

GET /gmail/v1/users/me/profile

--batch_foobarbaz 
Authorization:Bearer <accesstoken2>
Content-Type: application/http 
Content-ID: two

GET /gmail/v1/users/me/profile

--batch_foobarbaz--

我得到两个请求的“需要登录”响应:

--batch_x-oYQ5TohrI_AAd7PA4mQcg
Content-Type: application/http
Content-ID: response-one

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer realm="https://accounts.google.com/"
Content-Type: application/json; charset=UTF-8
Date: Sun, 12 Nov 2017 12:28:55 GMT
Expires: Sun, 12 Nov 2017 12:28:55 GMT
Cache-Control: private, max-age=0
Content-Length: 238

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Login Required",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Login Required"
 }
}

--batch_x-oYQ5TohrI_AAd7PA4mQcg
Content-Type: application/http
Content-ID: response-two

HTTP/1.1 401 Unauthorized
WWW-Authenticate: Bearer realm="https://accounts.google.com/"
Content-Type: application/json; charset=UTF-8
Date: Sun, 12 Nov 2017 12:28:55 GMT
Expires: Sun, 12 Nov 2017 12:28:55 GMT
Cache-Control: private, max-age=0
Content-Length: 238

{
 "error": {
  "errors": [
   {
    "domain": "global",
    "reason": "required",
    "message": "Login Required",
    "locationType": "header",
    "location": "Authorization"
   }
  ],
  "code": 401,
  "message": "Login Required"
 }
}

--batch_x-oYQ5TohrI_AAd7PA4mQcg--

当Google命令我时,在第二次尝试时,我在请求中使用“accesstoken1”放置了一个身份验证标头,希望内部请求标头覆盖它:

--batch_foobarbaz
Content-Type: application/http
Content-ID: one
Authorization: Bearer <accesstoken1>

GET /gmail/v1/users/me/profile

--batch_foobarbaz
Content-Type: application/http
Content-ID: two
Authorization: Bearer <accesstoken2>

GET /gmail/v1/users/me/profile

--batch_foobarbaz--

但是,内部Authorization标头被忽略,我对两个内部请求都得到相同的响应:

--batch_acwJ2jJl7Vk_AAwDDvF7GqQ
Content-Type: application/http
Content-ID: response-one

HTTP/1.1 200 OK
ETag: "Sa8s0oAMlJSbjHHTmOHVq5KXvZM/ij85zVL5i9x1u7LOtgNBEd-PGZY"
Content-Type: application/json; charset=UTF-8
Date: Sun, 12 Nov 2017 12:52:16 GMT
Expires: Sun, 12 Nov 2017 12:52:16 GMT
Cache-Control: private, max-age=0
Content-Length: 108

{
 "emailAddress": "user1@whatever.com",
 "messagesTotal": 16,
 "threadsTotal": 13,
 "historyId": "7294"
}

--batch_acwJ2jJl7Vk_AAwDDvF7GqQ
Content-Type: application/http
Content-ID: response-two

HTTP/1.1 200 OK
ETag: "Sa8s0oAMlJSbjHHTmOHVq5KXvZM/ij85zVL5i9x1u7LOtgNBEd-PGZY"
Content-Type: application/json; charset=UTF-8
Date: Sun, 12 Nov 2017 12:52:16 GMT
Expires: Sun, 12 Nov 2017 12:52:16 GMT
Cache-Control: private, max-age=0
Content-Length: 108

{
 "emailAddress": "user1@whatever.com",
 "messagesTotal": 16,
 "threadsTotal": 13,
 "historyId": "7294"
}

--batch_acwJ2jJl7Vk_AAwDDvF7GqQ--

如果有人能理解这一点,我将永远感激

谢谢!

答案

我猜你的内部身份验证标头会在GET / POST请求之后出现。

例如

GET https://www.googleapis.com/calendar/v3/calendars/primary/events

授权:承载XXXXXXXXXXXXXXXXXXXX

代替

授权:持票人XXXXXXXXXXXXXXXXXXXX获取https://www.googleapis.com/calendar/v3/calendars/primary/events

在你的例子中,它会

--batch_foobarbaz

内容类型:application / http

Content-ID:一个

GET / gmail / v1 / users / me / profile

授权:持票人

这对我有用。如果这对您有用,请告诉我。

以上是关于Google Batch API,多个授权标头的主要内容,如果未能解决你的问题,请参考以下文章

.net web api - 授权标头始终为空

IE 11 未在 API 调用中传递授权标头

将标头与 Google 社区连接器一起使用

如何在飞镖的 API POST 调用中传递授权标头?

Google Classroom API中的内部错误500

授权标头不适用于 cors [关闭]