php - 您需要如何发送 refresh_token 以使用 League OAuth 2.0 php 客户端以编程方式访问 api 端点

Question

我正在使用 League\Oauth2 和 Guzzle 编写一个 laravel 应用程序，但我似乎遇到了一些应该很容易的事情。

我的授权按预期工作

$provider = new GenericProvider([
  'clientId'                => config('custom.client_id'),
  'clientSecret'            => config('custom.client_secret'),
  'redirectUri'             => config('custom.redirect_url'),
  'urlAuthorize'            => config('custom.authorize_url'),
  'urlAccessToken'          => config('custom.accesstoken_url'),
  'urlResourceOwnerDetails' => config('custom.resource_url')
]);

if(!isset($_GET['code'])) {

   ...

} else {

   $accessToken = $provider->getAccessToken('authorization_code', [
      'code' => $_GET['code']
    ]);

}

但是当我使用相同的刷新令牌时，我得到一个错误

$provider = new GenericProvider([
        'clientId'                => config('custom.client_id'),
        'clientSecret'            => config('custom.client_secret'),
        'redirectUri'             => config('custom.redirect_url'),
        'urlAuthorize'            => config('custom.authorize_url'),
        'urlAccessToken'          => config('custom.accesstoken_url'),
        'urlResourceOwnerDetails' => config('custom.resource_url')
    ]);

$refresh_token = 'xyz';

$newToken = $provider->getAccessToken('refresh_token', [
  'refresh_token' => $refresh_token
]);

错误：未通过必需选项：“access_token”

尽管该库的文档包含相同的技术（来自https://github.com/thephpleague/oauth2-client）

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
  'clientId'                => 'demoapp',    // The client ID assigned to you by the provider
  'clientSecret'            => 'demopass',   // The client password assigned to you by the provider
  'redirectUri'             => 'http://example.com/your-redirect-url/',
  'urlAuthorize'            => 'http://brentertainment.com/oauth2/lockdin/authorize',
  'urlAccessToken'          => 'http://brentertainment.com/oauth2/lockdin/token',
  'urlResourceOwnerDetails' => 'http://brentertainment.com/oauth2/lockdin/resource'
]);

$existingAccessToken = getAccessTokenFromYourDataStore();

if ($existingAccessToken->hasExpired()) {
  $newAccessToken = $provider->getAccessToken('refresh_token', [
    'refresh_token' => $existingAccessToken->getRefreshToken()
  ]);

    // Purge old access token and store new access token to your data store.
}

如果我用 cURL 构建同样的请求，一切正常

$refresh_token = "xyz";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.endpoint/oauth2/access_token');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, [
    'refresh_token' => $refresh_token,
    'client_id' => $clientId,
    'client_secret' => $clientSecret,
    'grant_type' => 'refresh_token',
]);

我在这里不知所措，我可能错过了一些愚蠢的东西，但无法理解它。

发送任何反馈！