函数“ myFunction”在身份验证API上进行调用,该API返回令牌。我将令牌放入变量“令牌”中,并将其设置为我的下一个请求中的标头(在“部署”功能中),但我只获得了403未经授权。我试图在Postman中使用相同的令牌进行相同的呼叫,效果很好。我在这里对令牌做错了吗?
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>API TEST</title>
</head>
<body>
<button onclick="myFunction()">Authenticate</button>
<button onclick="deploy()">Deploy</button>
<div id="result"></div>
<script>
var token = "";
function myFunction() {
const xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
alert(this.status);
alert(this.readyState);
if (this.readyState == 4 && this.status == 200) {
document.getElementById("result").innerHTML = this.responseText;
var json = JSON.parse(this.responseText)
token = json["token"];
}
};
xhr.open("POST", "url");
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
xhr.send(JSON.stringify({"username": "mariero\\nabilo", "password": "test"}));
}
function deploy() {
alert(token);
const xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
alert(this.status);
alert(this.readyState);
if (this.readyState == 4 && this.status == 200) {
document.getElementById("result").innerHTML = this.responseText;
}
};
xhr.open("POST", "url");
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
xhr.setRequestHeader("X-Authorization", token);
xhr.send(JSON.stringify({
"taskRelativePath":"My Tasks\\Siebel_RBT-1_Prod_IE.atmx",
"botRunners":
[{
"client":"D00460.lyse.no",
"user":"mariero\\RBT-LYD-1"
}]
}));
}
</script>
</body>
</html>