laravel - 具有授权码授予的 lucadegasperi oauth2-server 给出 invalid_client 错误

Question

我正在使用来自::的oauth2-server

 https://github.com/lucadegasperi/oauth2-server-laravel 

我已经使用Auth Code Grant实现了::

 github.com/lucadegasperi/oauth2-server-laravel/wiki/Implementing-an-Authorization-Server-with-the-Auth-Code-Grant 

现在，由于我是 oauth2 的新手，我尝试使用以下方式访问数据:

localhost.com/oauth/authorize?response_type=code&client_id=client1id&redirect_uri=https://www.mysite.com

但是我得到了回应

{"error":"invalid_client","error_description":"Client authentication failed."}

编辑:
路线.php

  <?php
 Route::get('/', function()
 {
   return View::make('hello');
 });

Route::group(['prefix' => 'api/v1'], function()
{
    Route::resource('API', 'APIController');
});

Route::get('oauth/authorize', ['before' => 'check-authorization-params|auth', function() {
  View::make('oauth/authorization-form', Authorizer::getAuthCodeRequestParams());
}]);

Route::post('oauth/authorize', ['before' => 'csrf|check-authorization-params|auth', function() {
  $params['user_id'] = Auth::user()->id;
  $redirectUri = '';
  if (Input::get('approve') !== null) {
      $redirectUri = Authorizer::issueAuthCode('user', $params['user_id'], $params);
  }

  if (Input::get('deny') !== null) {
      $redirectUri = Authorizer::authCodeRequestDeniedRedirectUri();
  }

  return Redirect::to($redirectUri);
}]);

Route::post('oauth/access_token', function() {
return Response::json(Authorizer::issueAccessToken());
});

Controller /OAuthController.php

<?php

use Illuminate\Routing\Controller;
use LucaDegasperi\OAuth2Server\Authorizer;

class OAuthController extends Controller
{
protected $authorizer;

public function __construct(Authorizer $authorizer)
{
    $this->authorizer = $authorizer;

    $this->beforeFilter('auth', ['only' => ['getAuthorize', 'postAuthorize']]);
    $this->beforeFilter('csrf', ['only' => 'postAuthorize']);
    $this->beforeFilter('check-authorization-params', ['only' => ['getAuthorize', 'postAuthorize']]);
}

public function postAccessToken()
{
     return Response::json($this->authorizer->issueAccessToken());
}

public function getAuthorize()
{
    return View::make('authorization-form', $this->authorizer->getAuthCodeRequestParams());
}

public function postAuthorize()
{
    // get the user id
    $params['user_id'] = Auth::user()->id;

    $redirectUri = '';

    if (Input::get('approve') !== null) {
        $redirectUri = $this->authorizer->issueAuthCode('user', $params['user_id'], $params);
    }

    if (Input::get('deny') !== null) {
        $redirectUri = $this->authorizer->authCodeRequestDeniedRedirectUri();
    }

    return Redirect::to($redirectUri);
  }
}

oauth2-server-laravel\oauth2.php

'database' => 'default',

'grant_types' => [
    'authorization_code' => [
        'class' => '\League\OAuth2\Server\Grant\AuthCodeGrant',
        'access_token_ttl' => 3600,
        'auth_code_ttl'   => 3600
    ]
],

'token_type' => 'League\OAuth2\Server\TokenType\Bearer',

'state_param' => false,

'scope_param' => false,

'scope_delimiter' => ',',

'default_scope' => 'oauth_scopes' ,

'access_token_ttl' => 3600,

'limit_clients_to_grants' => false,

'limit_clients_to_scopes' => false,

'limit_scopes_to_grants' => false,

'http_headers_only' => false,
];

Answer 1

在对服务器代码进行一些挖掘后，我发现 check-authorization-params 路由过滤器会检查 redirect_uri 是否存在于 oauth_client_endpoints 中code> 表(该表与 oauth_clients 表内部联接)。

因此，您需要在 oauth_client_endpoints 中提供 redirect_uri 以及所需的 client_id。