oauth-2.0 - oauth2orize 示例返回 AuthorizationError: not authorized

Question

我已经下载了oauth2orize 提供程序代码示例和文档中建议的示例 oauth 客户端，但出现以下错误：

500 AuthorizationError: 在 /Users/trevorallred 验证时未授权 (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/middleware/authorization.js:131:36) /projects/pics/node-soa/oauth2orize/examples/all-grants/oauth2.js:180:14 在 Object.exports.findByClientId (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all- grants/db/clients.js:24:10) 在exports.authorization.res.render.transactionID (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/oauth2.js:174: 16) 在 /Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/middleware/authorization.js:167:9 在通过 (/Users/trevorallred/projects/pics /node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/server.js:262：26) 通过 (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/server.js:280:9) 在通过 (/Users/trevorallred/projects/ pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/server.js:271:11) 在 Server._parse (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/ all-grants/node_modules/oauth2orize/lib/server.js:285:5) 在授权 (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/middleware/授权.js:118:12)_parse (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/server.js:285:5) 在授权 (/Users/trevorallred/projects/pics/node -soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/middleware/authorization.js:118:12)_parse (/Users/trevorallred/projects/pics/node-soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/server.js:285:5) 在授权 (/Users/trevorallred/projects/pics/node -soa/oauth2orize/examples/all-grants/node_modules/oauth2orize/lib/middleware/authorization.js:118:12)

我在这里运行客户端：http://localhost:3002/ 我单击“与 example-oauth2orize 连接”的链接

它将我重定向到提供者：http://localhost:3000/login

使用“bob”登录后，我被发送到此错误页面。

我所做的唯一修改是示例客户端中的 oauth-config.js。

'use strict';

module.exports = {
        provider: {
                protocol: "http",
                host: "localhost:3000",
                profileUrl: "/api/userinfo"
        },
        consumer: {
                protocol: "http",
                host: "localhost:3002"
        }
};

在看到这个错误报告后，我尝试修改 oauth-consumer-config.js，但它似乎没有改变任何行为。

module.exports = {
  name: 'Example Consumer App'
, icon: 'http://example.com/icon_64.png'
, clientId: 'trevorclient'
, clientSecret: 'kasdfasdfoq34t134tg109gqerg1gjc'
};

Answer 1

尝试将您的oauth-consumer-config.js文件更新为：

module.exports = {
  name: 'Example Consumer App'
, icon: 'http://localhost:3000/icon_64.png'
, clientId: 'abc123'
, clientSecret: 'ssh-secret'
};

问题是该all-grants示例实际上并未使用数据库，而是出于说明目的使用平面文件。如果您导航到项目中的db/clients.jsall-grants，您将看到那里列出的允许通过 OAuth 连接的客户端。