我正在使用来自::的oauth2-server
https://github.com/lucadegasperi/oauth2-server-laravel
我已经使用Auth Code Grant实现了::
github.com/lucadegasperi/oauth2-server-laravel/wiki/Implementing-an-Authorization-Server-with-the-Auth-Code-Grant
现在,由于我是 oauth2 的新手,我尝试使用以下方式访问数据:
localhost.com/oauth/authorize?response_type=code&client_id=client1id&redirect_uri=https://www.mysite.com
但是我得到了回应
{"error":"invalid_client","error_description":"Client authentication failed."}
编辑:
路线.php
<?php
Route::get('/', function()
{
return View::make('hello');
});
Route::group(['prefix' => 'api/v1'], function()
{
Route::resource('API', 'APIController');
});
Route::get('oauth/authorize', ['before' => 'check-authorization-params|auth', function() {
View::make('oauth/authorization-form', Authorizer::getAuthCodeRequestParams());
}]);
Route::post('oauth/authorize', ['before' => 'csrf|check-authorization-params|auth', function() {
$params['user_id'] = Auth::user()->id;
$redirectUri = '';
if (Input::get('approve') !== null) {
$redirectUri = Authorizer::issueAuthCode('user', $params['user_id'], $params);
}
if (Input::get('deny') !== null) {
$redirectUri = Authorizer::authCodeRequestDeniedRedirectUri();
}
return Redirect::to($redirectUri);
}]);
Route::post('oauth/access_token', function() {
return Response::json(Authorizer::issueAccessToken());
});
Controller /OAuthController.php
<?php
use Illuminate\Routing\Controller;
use LucaDegasperi\OAuth2Server\Authorizer;
class OAuthController extends Controller
{
protected $authorizer;
public function __construct(Authorizer $authorizer)
{
$this->authorizer = $authorizer;
$this->beforeFilter('auth', ['only' => ['getAuthorize', 'postAuthorize']]);
$this->beforeFilter('csrf', ['only' => 'postAuthorize']);
$this->beforeFilter('check-authorization-params', ['only' => ['getAuthorize', 'postAuthorize']]);
}
public function postAccessToken()
{
return Response::json($this->authorizer->issueAccessToken());
}
public function getAuthorize()
{
return View::make('authorization-form', $this->authorizer->getAuthCodeRequestParams());
}
public function postAuthorize()
{
// get the user id
$params['user_id'] = Auth::user()->id;
$redirectUri = '';
if (Input::get('approve') !== null) {
$redirectUri = $this->authorizer->issueAuthCode('user', $params['user_id'], $params);
}
if (Input::get('deny') !== null) {
$redirectUri = $this->authorizer->authCodeRequestDeniedRedirectUri();
}
return Redirect::to($redirectUri);
}
}
oauth2-server-laravel\oauth2.php
'database' => 'default',
'grant_types' => [
'authorization_code' => [
'class' => '\League\OAuth2\Server\Grant\AuthCodeGrant',
'access_token_ttl' => 3600,
'auth_code_ttl' => 3600
]
],
'token_type' => 'League\OAuth2\Server\TokenType\Bearer',
'state_param' => false,
'scope_param' => false,
'scope_delimiter' => ',',
'default_scope' => 'oauth_scopes' ,
'access_token_ttl' => 3600,
'limit_clients_to_grants' => false,
'limit_clients_to_scopes' => false,
'limit_scopes_to_grants' => false,
'http_headers_only' => false,
];
最佳答案
在对服务器代码进行一些挖掘后,我发现 check-authorization-params
路由过滤器会检查 redirect_uri
是否存在于 oauth_client_endpoints
中code> 表(该表与 oauth_clients
表内部联接)。
因此,您需要在 oauth_client_endpoints
中提供 redirect_uri
以及所需的 client_id
。
关于laravel - 具有授权码授予的 lucadegasperi oauth2-server 给出 invalid_client 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/26504105/