2

Aqueduct 文档说服务器应该返回一个刷新令牌。它应该如下所示:

{
  "access_token" : "Abca09zzzza2o2kelmzlli3ijlka",
  "token_type" : "bearer",
  "refresh_token" : "lkmLIAmooa898nm20jannnnnxaww",
  "expire_in" : 3600
}

但这是服务器实际给出的:

{
    "access_token": "uArVqRgpGKv98aNJpziSmTQiFaX2Ebrz",
    "token_type": "bearer",
    "expires_in": 86399
}

没有refresh_token

这是我的控制器的样子:

class DemoChannel extends ApplicationChannel {
  ManagedContext context;
  AuthServer authServer;

  @override
  Future prepare() async {
    logger.onRecord.listen((rec) => print("$rec ${rec.error ?? ""} ${rec.stackTrace ?? ""}"));

    final config = WordConfig(options.configurationFilePath);
    final dataModel = ManagedDataModel.fromCurrentMirrorSystem();
    final persistentStore = PostgreSQLPersistentStore.fromConnectionInfo(
        config.database.username,
        config.database.password,
        config.database.host,
        config.database.port,
        config.database.databaseName);

    context = ManagedContext(dataModel, persistentStore);

    final authStorage = ManagedAuthDelegate<User>(context);
    authServer = AuthServer(authStorage);
  }

  @override
  Controller get entryPoint {
    final router = Router();

    router
        .route('/register')
        .link(() => RegisterController(context, authServer));

    router
        .route('/auth/token')
        .link(() => AuthController(authServer));

    router
        .route('/words/[:id]')
        .link(() => Authorizer.bearer(authServer))
        .link(() => WordsController(context));

    return router;
  }
}

AuthController的只是 Aqueduct 附带的标准。我什至没有在源代码中看到任何要调整的参数。

如何让服务器发回刷新令牌?

4

1 回答 1

3

听起来您正在对公共 OAuth 2 客户端进行身份验证。根据规则,公共客户端不能拥有刷新令牌。您必须使用机密客户端。当客户有秘密时,它就是保密的。创建客户端时使用 --secret 选项。

于 2019-05-19T15:29:57.967 回答