0
我想对HP Alm进行身份验证,但是在浏览器中运行代码时,会弹出一个弹出窗口,提示我手动登录。该操作非常有效,可以随后发送请求好。HP ALM 12:53 - 避免登录表单进行身份验证
但是,我该如何避免这种情况?我希望它在没有浏览器登录表单的情况下进行验证。有任何想法吗?谢谢!
最好的问候, 丹尼尔
import utf8 from 'utf8';
import base64 from 'base-64';
class AlmApi {
static getAllDefectsFromAlm() {
performSignIn();
headers.append('Accept', 'application/json');
return fetch(request, {
method: 'GET',
mode: 'no-cors',
credentials: 'include',
headers: headers
})
.then(response => response.json())
.catch(error => console.log('Getting data failed: ' + error.message));
}
}
let alm_host = '<URL><PORT>/qcbin';
let sign_in = alm_host + '/api/authentication/sign-in';
let sign_out = alm_host + '/api/authentication/sign-out';
let request = alm_host + '/rest/domains/<DOMAIN>/projects/<PROJECT>?<QUERY>';
let username = 'USERNAME';
let password = 'PASSWORD';
let login_credentials = username + ':' + password;
let bytes = utf8.encode(login_credentials);
let headers = new Headers();
function performSignIn() {
headers.append('Content-Type', 'application/json');
headers.append('Accept', 'application/json');
headers.append('Authorization', 'Basic' + base64.encode(bytes));
fetch(sign_in, {
credentials: 'include',
method: 'POST',
headers: headers,
mode: 'no-cors'
})
.then(response => response.json())
.catch(error => console.log('Authorization failed : ' + error.message));
}
function performSignOut() {
headers.append('Accept', 'application/json');
fetch(sign_in, {
method: 'POST',
headers: headers
})
.catch(error => console.log('Logout failed: ' + error.message));
}
export default AlmApi;
在'getAllDefectsFromAlm'中使用'mode:'no-cors''和'GET'请求会导致浏览器阻止您的代码访问响应。所以你的'.then(response => response.json())'不会工作。在'performSignIn'中你的'POST'请求也一样; '.then(response => response.json())'也会在那里失败 - 'POST'请求本身会成功,但是你的浏览器不会让你的代码访问响应。 – sideshowbarker
实际上,在'performSignIn'' POST'请求中设置'mode:'no-cors''的另一个作用是,您的浏览器不会让您向该请求添加任何非CORS安全列表请求标头的请求标头https://fetch.spec.whatwg.org/#cors-safelisted-request-header。因此POST请求在没有您要添加的'Authorization'请求标头的情况下发送,并且也没有您想要添加的'Content-Type:application/json'。所以我想'POST'请求会失败授权,即使它不需要授权也不会以正确的内容类型发送。 – sideshowbarker
好吧,注释掉非Cors导致501 - 但我不会弹出来了... ... –