我想将cosmos-auth与Idm - GE进行积分。node.js应用的配置如下:
{
"host": "192.168.4.180",
"port": 13000,
"private_key_file": "key.pem",
"certificate_file": "cert.pem",
"idm": {
"host": "192.168.4.33",
"port": "443",
"path": "/oauth2/token"
},
"cosmos_app": {
"client_id": "0434fdf60897479588c3c31cfc957b6d",
"client_secret": "a7c3540aa5de4de3a0b1c52a606b82df"
},
"log": {
"file_name": "/var/log/cosmos/cosmos-auth/cosmos-auth.log",
"date_pattern": ".dd-MM-yyyy"
}
}
当我直接向IDM GE发送HTTP POST请求到url
https://192.168.4.33:443/oauth2/token
与所需的参数,我得到ok的结果:
{
access_token: "LyZT5DRGSn0F8IKqYU8EmRFTLo1iPJ"
token_type: "Bearer"
expires_in: 3600
refresh_token: "XiyfKCHrIVyludabjaCyGqVsTkx8Sf"
}
但是当我旋转cosmos-auth node.js应用程序
curl -X POST "https://192.168.4.180:13000/cosmos-auth/v1/token" -H
"Content-Type: application/x-www-form-urlencoded" -d
"grant_type=password&username=idm&password=idm" -k
我得到下一个结果:
{"statusCode":500,"error":"Internal Server Error","message":"An internal server error occurred"}
有人遇到类似的事情吗?有什么问题吗?
我犯的错误是使用未签名的证书。我真笨手笨脚。因此,要么签署证书,要么在选项对象(rejectUnauthorized: false)
中插入额外的元素。var options = {
host : host,
port : port,
path : path,
method : method,
headers: headers,
rejectUnauthorized: false
};
或在文件开头插入:
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
当然,这只是临时解决方案,直到我们使用完全签名的证书。无论如何,cosmos-auth node.js应用程序中的错误处理和日志应该显示更多。