我正在尝试通过Spring-Boot应用程序中的成员身份对用户进行身份验证。对于Memberful documentation,过程如下:
https://YOURSITE.memberful.com/oauth?client_id=APPLICATION_IDENTIFIER&response_type=code)RestTemplate.postForObject(...)向所有要求的参数的https://YOURSITE.memberful.com/oauth/token发送发布请求(请参见下面的代码段)。 在这一点上,期望访问 token 有效负载,但是返回403错误。
这是完整的方法:
import org.springframework.http.*;
import org.springframework.util.MultiValueMap;
...
private JSONObject getMemberfulAccessToken(String strCode){
String strTargetURL = "https://" + memberfulSubDomain + ".memberful.com/oauth/token";
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
parameters.add("client_id", memberfulApplicationIdentifier);
parameters.add("client_secret", memberfulClientSecret);
parameters.add("grant_type", "authorization_code");
parameters.add("code", strCode);
HttpEntity<MultiValueMap<String, String>> entity = new HttpEntity<>(parameters, headers);
String strAccessToken = restTemplate.postForObject(strTargetURL, entity, String.class);
return new JSONObject(strAccessToken);
}
这是响应:
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->
<!--[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->
<!--[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en-US"> <!--<![endif]-->
<head>
<title>Access denied | [My Site].memberful.com used Cloudflare to restrict access</title>
<meta charset="UTF-8" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
<meta name="robots" content="noindex, nofollow" />
<meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1" />
<link rel="stylesheet" id="cf_styles-css" href="/cdn-cgi/styles/cf.errors.css" type="text/css" media="screen,projection" />
<!--[if lt IE 9]><link rel="stylesheet" id='cf_styles-ie-css' href="/cdn-cgi/styles/cf.errors.ie.css" type="text/css" media="screen,projection" /><![endif]-->
<style type="text/css">body{margin:0;padding:0}</style>
<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/zepto.min.js"></script><!--<![endif]-->
<!--[if gte IE 10]><!--><script type="text/javascript" src="/cdn-cgi/scripts/cf.common.js"></script><!--<![endif]-->
</head>
<body>
<div id="cf-wrapper">
<div class="cf-alert cf-alert-error cf-cookie-error" id="cookie-alert" data-translate="enable_cookies">Please enable cookies.</div>
<div id="cf-error-details" class="cf-error-details-wrapper">
<div class="cf-wrapper cf-header cf-error-overview">
<h1>
<span class="cf-error-type" data-translate="error">Error</span>
<span class="cf-error-code">1010</span>
<small class="heading-ray-id">Ray ID: 515be6c26b80c514 • 2019-09-13 17:39:35 UTC</small>
</h1>
<h2 class="cf-subheadline">Access denied</h2>
</div><!-- /.header -->
<section></section><!-- spacer -->
<div class="cf-section cf-wrapper">
<div class="cf-columns two">
<div class="cf-column">
<h2 data-translate="what_happened">What happened?</h2>
<p>The owner of this website ([My Site].memberful.com) has banned your access based on your browser's signature (515be6c26b80c514-ua21).</p>
</div>
</div>
</div><!-- /.section -->
<div class="cf-error-footer cf-wrapper">
<p>
<span class="cf-footer-item">Cloudflare Ray ID: <strong>515be6c26b80c514</strong></span>
<span class="cf-footer-separator">•</span>
<span class="cf-footer-item"><span>Your IP</span>: 207.200.220.146</span>
<span class="cf-footer-separator">•</span>
<span class="cf-footer-item"><span>Performance & security by</span> <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=error_footer" id="brand_link" target="_blank">Cloudflare</a></span>
</p>
</div><!-- /.error-footer -->
</div><!-- /#cf-error-details -->
</div><!-- /#cf-wrapper -->
<script type="text/javascript">
window._cf_translation = {};
</script>
</body>
</html>
最佳答案
修复:添加JVM选项-Dhttp.agent="[Anything you want as the user agent prefix]"
问题: Cloudflare的Web应用程序防火墙阻止成员身份接收带有User-Agent标头Java/1.8.0_172的请求。
Cloudflare的documentation表示,如果您得到的不是Cloudflare品牌的403响应,则是客户端(在我的情况下为Memberful)的服务器返回响应。话虽这么说,我不确定我收到的对POST请求的响应是否可以被视为“Cloudflare品牌”,但是在我写这篇文章时,该Membership告诉我他们尚未对他们的环境。
当然,还有其他方法可以设置User-Agent标头值,但这就是我所做的。