(详细解读)AFNetworking设置Bearer Token
2020-11-06 本文已影响0人
汗青fullstack
最近调试的项目,授权的方式使用的JWT
1.AFNetworking设置Bearer Token,通过网关验证
用户授权登录后获取到accessToken,需要HTTP请求的头信息Authorization字段里面,格式如下:
Authorization: Bearer <token>
代码:
AFHTTPSessionManager *httpSessionManager = [AFHTTPSessionManager manager];
httpSessionManager.requestSerializer = [AFHTTPRequestSerializer serializer];
[httpSessionManager.requestSerializer setValue:[NSString stringWithFormat:@"Bearer %@",access_token] forHTTPHeaderField:@"Authorization"];
2.Token过期后的监听
首先是如果token过期后的错误日志:
Error Domain=com.alamofire.error.serialization.response Code=-1011 "Request failed: forbidden (403)" UserInfo={NSLocalizedDescription=Request failed: forbidden (403), NSErrorFailingURLKey=http://f4c04af1073d4543a4d7cd567695308f-cn-hangzhou.alicloudapi.com/mobile/employeeInfo/getEmployeeBasicInfo, com.alamofire.serialization.response.error.data={length = 0, bytes = 0x}, com.alamofire.serialization.response.error.response=<NSHTTPURLResponse: 0x600003b0c660> { URL: http://f4c04af1073d4543a4d7cd567695308f-cn-hangzhou.alicloudapi.com/mobile/employeeInfo/getEmployeeBasicInfo } { Status Code: 403, Headers {
Connection = (
"keep-alive"
);
"Content-Disposition" = (
"attachment; filename=ApiResponseForInnerDomain"
);
"Content-Length" = (
0
);
"Content-Type" = (
"application/oct-stream"
);
Date = (
"Sat, 07 Nov 2020 04:34:34 GMT"
);
"Keep-Alive" = (
"timeout=25"
);
Server = (
我们读取掉了http状态码403,错误码是-1101,但是两个状态都是包含多种错误情况的,那我们在继续找发现网关会返回另外一个字段X-Ca-Error-Code,用于一些后端业务的校验。以下是官方的说明:当客户端收到的应答中X-Ca-Error-Code头不为空,表示应答码由API网关产生,错误码由一个6位长度的字符描述,请参考下表,而X-Ca-Error-Message表示错误的应答信息,用于描述改场景下更详细的一些错误信息。 如果X-Ca-Error-Code头为空,则表示这个Http应答码由后端服务产生,API网关透传了来自后端的错误信息。。
我们读了 网关错误代码表 发现
A403JE
所以当
X-Ca-Error-Code为A403JE时就是咱们要处理的客户端token过期的情况。哪里获取到呢,是在http头信息里面的
(lldb) po response.allHeaderFields
{
Connection = "keep-alive";
"Content-Disposition" = "attachment; filename=ApiResponseForInnerDomain";
"Content-Length" = 0;
"Content-Type" = "application/oct-stream";
Date = "Sat, 07 Nov 2020 04:34:34 GMT";
"Keep-Alive" = "timeout=25";
Server = "Kaede/3.5.3.488 (hz001bneq)";
"X-Ca-Error-Code" = A403JE;
"X-Ca-Error-Message" = "JWT is expired at `2020-11-06T13:16:21Z`";
"X-Ca-Request-Id" = "4F502EFC-43DD-47E8-9745-EE8023A36ABB";
}
show me code 方式一
failure:^(NSURLSessionDataTask * _Nullable task, NSError * _Nonnull error) {
// task.response
NSLog(@"请求 Error: %@", [error description]);
NSHTTPURLResponse *response = (NSHTTPURLResponse*)task.response;
//http协议状态码 一般403,401,400
NSInteger statusCode = response.statusCode;
//从头信息中去获取错误状态(http状态403,"X-Ca-Error-Code"错误码为“A403JE”,此时"X-Ca-Error-Message" = "JWT is expired at `2020-11-06T13:16:21Z`",需要重新登录)
NSString *errCode = response.allHeaderFields[@"X-Ca-Error-Code"];
if (errCode && [errCode isEqual:@"A403JE"])
{
//处理token过期的情况,需要用户重新登录
}
}
方式一是通过 task.response获取的,也可以从error中获取(方式二):
//服务器返回的业务逻辑报文信息,这里的errorResponse等同于task.response
NSHTTPURLResponse *errorResponse = error.userInfo[AFNetworkingOperationFailingURLResponseErrorKey];
