我正在尝试配置 spirng oauth2 以返回刷新 token ,但下面是我的配置:
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
ClientDetailsServiceBuilder.ClientBuilder cb = clients.inMemory()
.withClient(CRAZY_FRONT_CLIENT_ID)
.secret("yuyuyu")
.authorizedGrantTypes("refresh_token", "client_credentials", "password")
.scopes("read", "write", "trust")
.refreshTokenValiditySeconds(500)
}
@Bean
@Primary
public DefaultTokenServices tokenServices() {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setRefreshTokenValiditySeconds(TEN_DAYS);
defaultTokenServices.setReuseRefreshToken(true);
defaultTokenServices.setTokenEnhancer(accessTokenConverter());
defaultTokenServices.setAccessTokenValiditySeconds(TEN_DAYS);
return defaultTokenServices;
}
我得到的回应是:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJyZWFkIiwid3JpdGUiLCJ0cnVzdCJdLCJleHAiMDU5MTIsImp0aSI6IjY4MDMwOTMyLTgxNzMtNGExMi05OTE0LWExMTYIsImNsaWVudF9pZCI6ImNyYXp5LWZyb250In0.xHjBl_IFENbqGOtjZouJAI_HjHuQyNS3SOOsnJh5LzU",
"token_type": "bearer",
"expires_in": 863999,
"scope": "read write trust",
"jti": "68030932-8173-4a12-9914-a116541e6ea8"
}
请求带有 grant_type=client_credentials
最佳答案
这很可能是因为 Spring OAuth 2.0 遵循第 4.3.3 节中所述的 OAuth 2.0 规范:https://www.rfc-editor.org/rfc/rfc6749#section-4.4.3对于客户端凭证授予类型:
... A refresh token SHOULD NOT be included. ...
关于spring - 响应中不存在刷新 token ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47205924/