OAuth2 response with client

2018-06-16 23:39:11

I have two example of oauth2 clients in php, one works and the other not, it return an error instead ([error] => unauthorized [error_description] => An Authentication object was not found in the SecurityContext). My question is, when it should a oauth2 server returns an access token response with client_id and when should it return a response with refresh_token?

My working request is: string(130) "{"access_token":"b91f15ed-436f-470d-8d9e-bf245c5373ae","token_type":"bearer","expires_in":25209,"scope":"read","client_id":"tonr"}"

My not working request is: string(126) "{"access_token": "eaa3c66ae1", "token_type": "bearer", "expires_in": 31536000, "refresh_token": "69f9c2cb29", "scope": "user"}"

Since it just changes client_id and refresh_token, when should it come one and when should it come another?

链接地址: http://www.djcxy.com/p/48032.html

上一篇: OAuth访问令牌是否包含JWT令牌等角色

下一篇: 客户端的OAuth2响应