问题描述

我正在尝试通过 WSO2 向现有 API 发送自定义令牌.

正如，我有一个用于后端 API 的令牌，我希望它包含在 WSO2 发送到该 API 的标头中.

所有谷歌查询似乎都导致

遗憾的是，我仍然被禁止.鉴于我对这里发生的事情只有最模糊的想法，这可能并不奇怪.

现在我已经开始工作了.上面(和下面)的过程确实有效.一定要在

有两种方法可以做到这一点.

1) 您可以在 APIM 本身中保存后端密码.请参阅以下文档.

为后端端点设置密码:

https://docs.wso2.com/display/AM210/Basic+Authhttps://docs.wso2.com/display/AM210/Digest+Auth

加密那个密码:

https://docs.wso2.com/display/AM210/加密+安全+端点+密码

2) 您可以在请求本身中发送后端令牌，并让 APIM 将其传递给后端.您可以创建这样的序列并附加到 API.

现在，在您的请求中，您需要发送这样的标头.
BackendToken: Bearer 
然后它会被转换成下面的，在序列内部并发送到后端.
Authorization: Bearer 
有关详细信息，请参阅以下链接.
https://docs.wso2.com/display/AM210/Adding+中介+扩展
I am trying to send a custom token to an existing API via WSO2. 
As in, I have a token for the backend API and I want it included in the header WSO2 sends to that API. 
All google queries appear to lead to this page. Unfortunately, those instructions assume WSO2 cloud, where I am using a local install.
Are there instructions on how to do this with a local install? Preferably without Eclipse? Even more preferably within the WSO2 GUI? 
Thanks!
EDIT:
As per an answer below, I've made some progress. Going from here, I've added this bit of 
<?
and then added it to the "Message Mediation Policies" section under "inflow"
Sadly, I'm still getting forbidden. Seeing as I only have the dimmest idea what is going on here, that's probably not surprising. 
[EDIT 3]
Cleaning up now that I have it working. The process above (and below) does work. Be sure to add "Bearer" to the 
<?
 解决方案 
There are 2 ways you can do this. 
1) You can save backend password, in APIM itself. Refer below docs.
Set a password for a backend endpoint: 
https://docs.wso2.com/display/AM210/Basic+Authhttps://docs.wso2.com/display/AM210/Digest+Auth
Encrypt that password: 
https://docs.wso2.com/display/AM210/Encrypting+Secure+Endpoint+Passwords
2) You can send the backend token in the request itself and let APIM pass it to the backend. You can create a sequence like this and attach to APIs. 
<?
Now, in your request, you need to send a header like this.
BackendToken: Bearer <Backend_Token>
Then it will be converted to below, inside the sequence and sent to the backend.
Authorization: Bearer <Backend_Token>
See below link for more details.
https://docs.wso2.com/display/AM210/Adding+Mediation+Extensions
                        
这篇关于将自定义授权令牌传递给后端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！