WSO2 API 管理器客户端凭据更新令牌
WSO2 API Manager Client Credentials renew token
我正在尝试更新通过 API 管理器生成的令牌。
生成令牌的curl语句是:
curl -k -d "grant_type=client_credentials" -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YT
o2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh , Content-Type: application/x-www-form-urlencoded" https://10.108.106.214:8250/token
响应是
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
根据文档,它应该生成一个未生成的重新标记。我错过了什么?
当我将 grant_type 作为 refresh_token 传递时也是如此。我收到无效授权错误。
curl -X POST -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YTo2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh" -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=refresh_token&refresh_token=6d1d0f8afbd147d24bcd42bbc5361a1' 'https://10.108.106.214:8250/token'
我指的是 URL 中的文档
https://docs.wso2.com/display/AM191/Token+API#TokenAPI-RenewingaccesstokensRenewing
那我错过了什么?
根据 OAuth 2.0 Authorization Protocol 规范,grant_type client_credentials 不应发布刷新令牌。
If the access token request is valid and authorized, the authorization
server issues an access token as described in Section 5.1. A refresh
token SHOULD NOT be included.
你必须使用Password Grant Type
要求:
curl -k -d "grant_type=password&username=admin&password=admin" -H "Authorization: Basic bkxidjNPTnYxQ25iTXBRY2E3V3hPajdaMUVZYTpuTUQzX0tKQkhGRmxFUUlXdllmSjdTUFlleThh, Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
回复:
{"scope":"default","token_type":"bearer","expires_in":3247,"refresh_token":"91729a78a96b58d80d869f3ec2ce8b8","access_token":"ec54b39dd9503c9f65df84b67ea586"}
使用refresh_token到Renewing access tokens
如果我没记错的话,在你收到的回复中。
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
这是新的访问令牌。
access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
记下当前标记,然后再次 运行 curl 命令。响应应该是不同的标记。
我正在尝试更新通过 API 管理器生成的令牌。
生成令牌的curl语句是:
curl -k -d "grant_type=client_credentials" -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YT
o2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh , Content-Type: application/x-www-form-urlencoded" https://10.108.106.214:8250/token
响应是
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
根据文档,它应该生成一个未生成的重新标记。我错过了什么?
当我将 grant_type 作为 refresh_token 传递时也是如此。我收到无效授权错误。
curl -X POST -H "Authorization: Basic TDQ0SktDZm5DcVVDSVBjdGYwVDIyRWwwUGY4YTo2d19NQm9xYnBFXzRLNHR0Wkc0NXhxd0NMTDRh" -H "Content-Type: application/x-www-form-urlencoded" -d 'grant_type=refresh_token&refresh_token=6d1d0f8afbd147d24bcd42bbc5361a1' 'https://10.108.106.214:8250/token'
我指的是 URL 中的文档 https://docs.wso2.com/display/AM191/Token+API#TokenAPI-RenewingaccesstokensRenewing
那我错过了什么?
根据 OAuth 2.0 Authorization Protocol 规范,grant_type client_credentials 不应发布刷新令牌。
If the access token request is valid and authorized, the authorization server issues an access token as described in Section 5.1. A refresh token SHOULD NOT be included.
你必须使用Password Grant Type
要求:
curl -k -d "grant_type=password&username=admin&password=admin" -H "Authorization: Basic bkxidjNPTnYxQ25iTXBRY2E3V3hPajdaMUVZYTpuTUQzX0tKQkhGRmxFUUlXdllmSjdTUFlleThh, Content-Type: application/x-www-form-urlencoded" https://localhost:8243/token
回复:
{"scope":"default","token_type":"bearer","expires_in":3247,"refresh_token":"91729a78a96b58d80d869f3ec2ce8b8","access_token":"ec54b39dd9503c9f65df84b67ea586"}
使用refresh_token到Renewing access tokens
如果我没记错的话,在你收到的回复中。
"scope":"am_application_scope default","token_type":"bearer","expires_in":1094,"access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
这是新的访问令牌。
access_token":"6d1d0f8afbd147d24bcd42bbc5361a1"
记下当前标记,然后再次 运行 curl 命令。响应应该是不同的标记。