问题
I'm trying to get my simple app working on Android 2.3.4 - gingerbread. The first request I make to the server is for authentication. For making requests I am using RetroFit.
However, I'm getting the error below when trying to make a request from a phone that has gingerbread on it.
05-09 16:21:44.724 4706-4734/com.myapp.mobile D/Retrofit﹕ <--- HTTP 400 https://myserver.com/myservice/user/signin (2318ms)
05-09 16:21:44.740 4706-4734/com.myapp.mobile D/Retrofit﹕ <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at localhost Port 443</address>
</body></html>
The request I'm making is this:
@GET("/user/signin")
@Headers({"Content-type: application/json"})
User signin(@Header("Authorization") String value);
I'm building the adapter like this:
private final RestAdapter REST_ADAPTER = new RestAdapter.Builder()
.setServer(API_URL)
.setLogLevel(RestAdapter.LogLevel.FULL)
.build();
private final MyTaskService MY_SERVICE = REST_ADAPTER.create(MyTaskService.class);
The same code base works perfectly fine on a newer API (I've tried API 15+).
Is there any reason why the Authorization
request would fail on gingerbread?
回答1:
I know, old thread, but I ran into the same problem and didn't find a solution here. So I investigated and found what the problem was for me. We use Volley, though.
The actual problem was when using code like:
String auth = "Basic " + Base64.encodeToString(creds.getBytes(), Base64.DEFAULT);
headers.put("Authorization", auth);
When we simply do
headers.put("Authorization", "Basic asd123ASD123asd");
it works.
Why?
Well, I don't know why Android 2.3 behaves differently than the newer Androids, of course, but that Base64.encodeToString()
introduced a new line character. I figured this our using Wireshark. This new line breaks the HTTP header into two, hence you get two responses from the server with the latter one being a 400 Bad Request, which is displayed in Logcat.
If someone is interested in how I figured this out, don't hestitate to ask! But since this question is quote old and without response, I guess there is not much interest and I save the time of explaining HTTP and taking screenshots.
来源:https://stackoverflow.com/questions/23573692/authorization-header-on-2-3-4-gets-400-bad-request