发表新帖
发表新帖

NSURLConnection Authorization Header not Working

后端 未结
关注
4 1764
别那么骄傲
别那么骄傲 2021-02-01 06:16

I am trying to send an OAuth access token in an HTTP header via NSURLConnection but it doesn\'t seem to be sending the header because the API keeps giving me an error saying tha

相关标签:
4条回答
  • 逝去的感伤
    2021-02-01 06:38

    Change this line:

    NSURL *aUrl = [NSURL URLWithString: @"http://generericfakeapi.com/user/profile"];

    To:

    NSURL *aUrl = [NSURL URLWithString: @"http://generericfakeapi.com/user/profile/"];

    Apparently iOS drops the Authorization header if there isn't a slash at the end of a URL. This problem literally cost me my sleep for two days.

    0 讨论(0)
  • 死守一世寂寞
    2021-02-01 06:45

    @isair's answer is truly a lifesaver.

    Just to add on the root cause if you're interested:

    NSURLRequest defines a set of reserved HTTP headers. And surprisingly, Authrorization is part of it.

    The URL Loading System handles various aspects of the HTTP protocol for you (HTTP 1.1 persistent connections, proxies, authentication, and so on). As part of this support, the URL Loading System takes responsibility for certain HTTP headers:

    • Content-Length

    • Authorization

    • Connection

    • Host

    • Proxy-Authenticate

    • Proxy-Authorization

    • WWW-Authenticate

    If you set a value for one of these reserved headers, the system may ignore the value you set, or overwrite it with its own value, or simply not send it. Moreover, the exact behavior may change over time. To avoid confusing problems like this, do not set these headers directly.

    In @isair's case, it's highly likely that URLs without a trailing slash had triggered such "filtering" behaviour. This maybe an inconsistency in the implementation but we don't have access to the source code to verify that.

    In my case, I was writing a React webapp that uses Authorization header to authenticate with the backend Django server. The app behaved perfectly on desktop Chrome but always failed to access login-required APIs on the iPhone (both Safari and Chrome), due to the missing Authorization header.

    The ideal solution is to avoid using Authorization at all. But if you're communicating with a backend framework that specifically requires it (e.g. Django Rest Framework's token authentication). @isair's answer can be a good workaround.

    0 讨论(0)
  • 一生所求
    2021-02-01 06:46

    I had same problem. In my case I changed "http" to "https" and everything works fine

    0 讨论(0)
  • 无人共我
    2021-02-01 06:54

    For me it look fine. Are you sure you gave a valid token? Try catch the error like this

    if (error) {
    NSLog(@"error : %@", error.description);
}

    My code work well :

    NSURL *jsonURL = [NSURL URLWithString:[NSString stringWithFormat:@"http://....ID=%i", cellID]];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:jsonURL cachePolicy:NSURLRequestUseProtocolCachePolicy timeoutInterval:120.0];
[request setValue:@"Basic ...." forHTTPHeaderField:@"Authorization"];
NSURLResponse *response;
NSError * error  = nil;
NSData *POSTReply = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];

    hope it helps

    0 讨论(0)
 看不清?
提交回复
热议问题