我正在使用 RAML 和 API Manager 处理 Mule 项目。按照此处给出的程序
AM 使用 API Manager 来处理与特征相关的服务,例如
- 简单的安全管理器,
- OAuth 2.0 提供者和
- OAuth 2.0 访问令牌强制执行。
我有一个单独的重定向流程,它执行以下操作
将“状态”设置为 302
将“位置”设置为下面的 URL
http://localhost:8081/org/oauth/token?grant_type=authorization_code&&client_id=53a406c3e4b0624da8246eed&client_secret=myclientsecret&code=#[message.inboundProperties.code]&redirect_uri=http://localhost:8081/raml-api-with-oauth/redirect
一切顺利,直到这里。
但是当我尝试点击访问令牌的 url 时,我看到一条消息
{"error":"unauthorized_client","error_description":""}
总结我的问题:
- 请帮助我完成“OAuth dance”程序
- 我如何设置与 API 的有效合同,以促进 OAuth 舞蹈所需的 clientId 和 clientSecret 的通信。
请帮助我哪里出错了。
RAML 代码:
#%RAML 0.8
title: raml-api-with-oauth
version: v1
baseUri: http://localhost:8081/raml-api-with-oauth
securedBy: [oauth_2_0]
securitySchemes:
- oauth_2_0:
description: |
This supports OAuth 2.0 for authenticating all API requests.
type: OAuth 2.0
describedBy:
headers:
Authorization:
description: |
Used to send a valid OAuth 2 access token. Do not use
with the "access_token" query string parameter.
type: string
queryParameters:
access_token:
description: |
Used to send a valid OAuth 2 access token. Do not use together with
the "Authorization" header
type: string
responses:
401:
description: |
Bad or expired token. This can happen if the user or Dropbox
revoked or expired an access token. To fix, you should re-
authenticate the user.
403:
description: |
Bad OAuth request (wrong consumer key, bad nonce, expired
timestamp...). Unfortunately, re-authenticating the user won't help here.
404:
description: Unauthorized
settings:
authorizationUri: org/oauth/authorize
accessTokenUri: org/oauth/token
authorizationGrants: [code,token]
scopes:
- "READ_RESOURCE"
- "POST_RESOURCE"
- basic
- comments
- relationships
- likes
mediaType: application/json
/employee:
get:
description:
This is a Get Call which throws some response in json.
responses:
200:
body:
application/json:
example: |
{
"empcode" : 1,
"ename": "Rafiq",
"company" : "org"
}