0

WSO2 Identity Server 5.7.0 撤销方法不起作用,导致错误代码:401 -> UnAuthorize。

此链接说明如何使用 revoke 方法,我想将其用于 c# 代码:

    WebRequest request2 = WebRequest.Create("https://localhost:9443/oauth2/revoke?token=" + accessToken + "&token_type_hint=access_token");
    request2.Method = "POST";
    request2.PreAuthenticate = true;
    request2.Credentials = CredentialCache.DefaultCredentials;
    ServicePointManager.ServerCertificateValidationCallback += (sender, certificate, chain, sslPolicyErrors) => true;
    request2.ContentType = "application/x-www-form-urlencoded;charset=UTF-8";
    request2.Headers.Add("Authorization", "Basic " + "YFnfIeUVkpW64sSysLgoqajioOIa" + ":" + "L7rtcwWDqAQ6NdsvY2ZqUTAi5wMa");
    var response2 = request2.GetResponseAsync();
    response2.Wait();
    var t = response2.Result;
4

1 回答 1

1

您必须对授权标头中的 <client id>:<client secret> 值进行基本 64 编码。标题应该看起来像,

Authorization: Basic WUZuZkllVVZrcFc2NHNTeXNMZ29xYWppb09JYTogTDdydGN3V0RxQVE2TmRzdlkyWnFVVEFpNXdNYQ==

如果您在文档中尝试 curl 命令,--basic -u "<client id>:<client secret>"部分将执行相同的操作,如果您-v在命令中添加选项,您可以看到 curl 请求发送的实际标头值。

于 2021-04-24T13:57:43.197 回答