Laravel 5.1 oAuth 2 服务器 'invalid scope' 错误
Laravel 5.1 oAuth 2 server 'invalid scope' error
我正在为我的 API 使用 oauth2-server-laravel。我想为使用我的 API(Android、Windows、IOS 和网络)的客户应用程序提供范围。因此我实现了以下方式。
我的table数据如下
oauth_clients Table
+-----------+---------+---------+---------------------+---------------------+
| id| secret | name | created_at | updated_at |
+-----------+---------+---------+---------------------+---------------------+
| 123456789 | secret1 | web | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| 234567890 | secret2 | win_app | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+-----------+---------+---------+---------------------+---------------------+
oauth_scopes Table
+--------+--------------------+---------------------+---------------------+
| id | description | created_at | updated_at |
+--------+--------------------+---------------------+---------------------+
| scope1 | guest level access | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| scope2 | admin level access | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+--------+--------------------+---------------------+---------------------+
oauth_client_scopes Table
+----+-----------+----------+---------------------+---------------------+
| id | client_id | scope_id | created_at | updated_at |
+----+-----------+----------+---------------------+---------------------+
| 1 | 234567890 | scope2 | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| 2 | 123456789 | scope1 | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+----+-----------+----------+---------------------+---------------------+
我的routes.php,
Route::group(['middleware' => 'oauth:scope2','prefix' => 'api/v1'], function () {
Route::GET('categoriesWithOffers', 'api\v1\CategoriesController@categoriesWithOffers');
});
和我的oauth2.php设置如下
'grant_types' => [
'client_credentials' => [
'class' => '\League\OAuth2\Server\Grant\ClientCredentialsGrant',
'access_token_ttl' => 3600
],
],
'token_type' => 'League\OAuth2\Server\TokenType\Bearer',
'state_param' => false,
'scope_param' => false,
'scope_delimiter' => ',',
'default_scope' => null,
'limit_clients_to_grants' => false,
'limit_clients_to_scopes' => false,
'limit_scopes_to_grants' => false,
'http_headers_only' => false,
我请求了以下方式
http://domain.com/api/v1/categoriesWithOffers?access token=Jo7lAqE2uD3KbyLQWlrmukzyHJOQBHZ1QFsuBKUt&scope=scope1
它给了我这个错误
{
"error": "invalid_scope",
"error_description": "The requested scope is invalid, unknown, or malformed. Check the \"scope2\" scope."
}
当我将当前请求令牌和范围添加到
oauth_access_token_scopes table 它有效 fine.But 我需要定义这个问题的 bigining 中提到的范围。
如有任何帮助,我们将不胜感激!
请求获取访问令牌时使用范围
/token?grant_type=client_credentials&client_id=234567890&client_secret=123456789&scope=scope1
有了这个 url,您将获得访问令牌,然后您可以在 url 上使用它。
我正在为我的 API 使用 oauth2-server-laravel。我想为使用我的 API(Android、Windows、IOS 和网络)的客户应用程序提供范围。因此我实现了以下方式。
我的table数据如下
oauth_clients Table
+-----------+---------+---------+---------------------+---------------------+
| id| secret | name | created_at | updated_at |
+-----------+---------+---------+---------------------+---------------------+
| 123456789 | secret1 | web | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| 234567890 | secret2 | win_app | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+-----------+---------+---------+---------------------+---------------------+
oauth_scopes Table
+--------+--------------------+---------------------+---------------------+
| id | description | created_at | updated_at |
+--------+--------------------+---------------------+---------------------+
| scope1 | guest level access | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| scope2 | admin level access | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+--------+--------------------+---------------------+---------------------+
oauth_client_scopes Table
+----+-----------+----------+---------------------+---------------------+
| id | client_id | scope_id | created_at | updated_at |
+----+-----------+----------+---------------------+---------------------+
| 1 | 234567890 | scope2 | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
| 2 | 123456789 | scope1 | 2015-08-10 00:00:00 | 2015-08-10 00:00:00 |
+----+-----------+----------+---------------------+---------------------+
我的routes.php,
Route::group(['middleware' => 'oauth:scope2','prefix' => 'api/v1'], function () {
Route::GET('categoriesWithOffers', 'api\v1\CategoriesController@categoriesWithOffers');
});
和我的oauth2.php设置如下
'grant_types' => [
'client_credentials' => [
'class' => '\League\OAuth2\Server\Grant\ClientCredentialsGrant',
'access_token_ttl' => 3600
],
],
'token_type' => 'League\OAuth2\Server\TokenType\Bearer',
'state_param' => false,
'scope_param' => false,
'scope_delimiter' => ',',
'default_scope' => null,
'limit_clients_to_grants' => false,
'limit_clients_to_scopes' => false,
'limit_scopes_to_grants' => false,
'http_headers_only' => false,
我请求了以下方式
http://domain.com/api/v1/categoriesWithOffers?access token=Jo7lAqE2uD3KbyLQWlrmukzyHJOQBHZ1QFsuBKUt&scope=scope1
它给了我这个错误
{ "error": "invalid_scope", "error_description": "The requested scope is invalid, unknown, or malformed. Check the \"scope2\" scope." }
当我将当前请求令牌和范围添加到 oauth_access_token_scopes table 它有效 fine.But 我需要定义这个问题的 bigining 中提到的范围。
如有任何帮助,我们将不胜感激!
请求获取访问令牌时使用范围
/token?grant_type=client_credentials&client_id=234567890&client_secret=123456789&scope=scope1
有了这个 url,您将获得访问令牌,然后您可以在 url 上使用它。