Laravel Passport oauth/authorize returns basic auth
I try to create oauth2 server on Laravel Passport and test it from third-party application. Oauth server use Laravel, and client use Yii framework. I am unable to modify the client front end and I created a route /api/oauth/login which forwards the request to oauth server:
public function actionOauthLogin()
{
$query = http_build_query([
'client_id' => '12',
'client_secret' => '',
'redirect_uri' => 'http://client.loc/api/oauth/callback',
'response_type' => 'code',
'scope' => '',
]);
return $this->redirect('http://oauth-server.loc/oauth/authorize?' . $query);
}
This method handling /api/oauth/callback route:
public function actionOauthCallback()
{
$http = new Client();
$response = $http->post('http://oauth-server.loc/oauth/token', [
'form_params' => [
'grant_type' => 'authorization_code',
'client_id' => '3',
'client_secret' => 'TJDyfygkuga45rtyfj8&65567Yhhgjjjj',
'redirect_uri' => 'http://client.loc/api/oauth/callback',
'code' => Yii::app()->request->getParamFromRequest('code'),
],
]);
return json_decode((string) $response->getBody(), true);
}
All realized like in documentation. But when I open /api/oauth/login, forwarding redirection to oauth-server.loc/oauth/authorize?{params} and I see a http basic auth window. Wtf? Nginx has no such settings. Somebody knows what I'm doing wrong? Help me please.
确保'redirect_uri' => 'http://client.loc/api/oauth/callback'
与保存在oauth_clients
表中的重定向url相匹配, client_id
I had the same problem, in my case the returned parameters told me my parsed scope was invalid; some OAuth2 APIs require scopes which may be where this problem lies.
The solution is to add the array of scopes allowed by your application into the AuthServiceProvider boot method.
// ../app/Providers/AuthServiceProvider.php
// ...
public function boot()
{
$this->registerPolicies();
Passport::tokensCan([
'manage-devices' => 'Manage devices',
'place-orders' => 'Place orders',
'check-status' => 'Check order status',
]);
//..
您需要为我们的客户端的“oauth_clients”表中的“personal_access_client”,“password_client”列设置0,并将redirect_uri设置为与请求中相同。
链接地址: http://www.djcxy.com/p/22346.html上一篇: Dotnet核心安全oauth和承载