search

oauthinaction / oauth-in-action-code

Source code for OAuth 2 in Action
https://www.manning.com/books/oauth-2-in-action
Other
715 stars 536 forks source link

First character of token gets truncated when parsed by protected resource #51

Closed jamieosullivan closed 2 years ago

jamieosullivan commented 2 years ago

https://github.com/oauthinaction/oauth-in-action-code/blob/ea5a9003309bab3c9c9c31474ca1e559ea15c277/exercises/ch-3-ex-2/protectedResource.js#L29

In the exercise I was getting the token but getting a failure when accessing the protected resource. e.g. checking the token in the client.js I could see I got B7agg1tSi7TpDyZiz9SgXhE2cRheu5i3 but the log for protectedResource had

Incoming token: 7agg1tSi7TpDyZiz9SgXhE2cRheu5i3
No matching token was found.

I'm new to node and not sure of the details of this slice function but when i removed the space i.e. changed to 

inToken = auth.slice('bearer'.length);

it worked for me.

jricher commented 2 years ago

Sounds like you are not sending the header properly. There needs to be a single space between the "bearer" keyword and the token value. Are you sending it as:

Authorization: Bearer 7agg1tSi7TpDyZiz9SgXhE2cRheu5i3

(with space between "bearer" and token)

Or as:

Authorization: Bearer7agg1tSi7TpDyZiz9SgXhE2cRheu5i3

(with no space between "bearer" and token).

jamieosullivan commented 2 years ago

Ah that was it, my bad - thanks!