问题
(Using node.js, express, passport-http)
I have a POST route doing digest auth, trying to application-json content type.
I can hit the GET route with digest, without issues, and I can hit the POST route with basic auth without issues, but when I try to do the POST with digest auth, I'm getting 400 - Bad Request. It looks like curl puts the content-type on the initial digest request (with a content-length of 0, so it knows enough not to send the json body on the initial digest-auth request), and my side (express) fails with invalid json (empty body):
$ curl -v --digest -X POST --data @body.json --user org2user2:lameduck -H "content-type: application/json" http://127.0.0.1:3002/user
* About to connect() to 127.0.0.1 port 3002 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 3002 (#0)
* Server auth using Digest with user 'org2user2'
> POST /user HTTP/1.1
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: 127.0.0.1:3002
> Accept: */*
> content-type: application/json
> Content-Length: 0
>
< HTTP/1.1 400 Bad Request
< X-Powered-By: Express
< Content-Type: text/plain
< Date: Thu, 21 Mar 2013 15:33:10 GMT
< Connection: keep-alive
< Transfer-Encoding: chunked
I can't seem to figure out the curl magic to send the digest initial packet without this, only adding the content-type in the actual data request that follows.
For reference, although I don't think it helps, here is the BASIC transcript for the same call:
$ curl -v --basic -X POST --data @body.json --user org2user2:lameduck -H "content-type: application/json" http://127.0.0.1:3002/user
* About to connect() to 127.0.0.1 port 3002 (#0)
* Trying 127.0.0.1...
* connected
* Connected to 127.0.0.1 (127.0.0.1) port 3002 (#0)
* Server auth using Basic with user 'org2user2'
> POST /user HTTP/1.1
> Authorization: Basic b3JnMnVzZXIyOmxhbWVkdWNr
> User-Agent: curl/7.24.0 (x86_64-apple-darwin12.0) libcurl/7.24.0 OpenSSL/0.9.8r zlib/1.2.5
> Host: 127.0.0.1:3002
> Accept: */*
> content-type: application/json
> Content-Length: 48
>
* upload completely sent off: 48 out of 48 bytes
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Content-Type: application/json; charset=utf-8
< Content-Length: 51
< Date: Thu, 21 Mar 2013 15:43:48 GMT
< Connection: keep-alive
<
{
"this": "is working",
"that": "is annoying"
* Connection #0 to host 127.0.0.1 left intact
}* Closing connection #0
Any help would be awesome.
回答1:
I ran into this same issue. I can't answer your question about the command line magic to tell CURL not to send the content-type on the initial request (I don't think there is any magic).
However, I can tell you that the root cause of the issue is that Node+Express(connect) is sending the initial digest request through the bodyParser and since the application/json headers are there it tries to parse the body (which is empty). Personally I don't think express should freak out if the body is empty, instead just return an empty JSON structure (my work around below).
There may be a better (official) workaround in the future as this particular issue is in discussion right now on github here (1 day old) https://github.com/senchalabs/connect/issues/415
My workaround (connect/lib/middleware/json.js:70)
if (0 == buf.length) {
// return next(400, 'invalid json, empty body');
req.body = {};
return next();
}
来源:https://stackoverflow.com/questions/15552053/curl-command-for-digest-auth-using-a-json-post