如何使用刷新令牌在 django-oauth-toolkit 上获取新的访问令牌?
[英]How to use refresh token to obtain new access token on django-oauth-toolkit?
问题描述
I am using django-oauth-toolkit 0.7 in my Django project for providing Oauth2 through my website.
我在我的 Django 项目中使用django-oauth-toolkit 0.7通过我的网站提供 Oauth2。
I have followed the steps here and successfully got the access token, but I am unable to get new access token (if the access token is expired) with the refresh token .我已按照此处的步骤成功获得访问令牌,但我无法使用refresh token获取新的access token (如果访问令牌已过期)。
I am able to get the access token with consumer client , but how can I get this with my url in my web site, because I am unable to see what parameters are going to my site when I try to get a new access token with refresh token .我可以通过消费者客户端获取access token ,但是如何通过我的 web 站点中的 url 获取此令牌,因为当我尝试通过refresh token获取新的access token时,我无法看到哪些参数将进入我的站点refresh token 。
My access and refresh tokens are like this:我的访问和刷新令牌是这样的:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
Any help would be much appreciated.任何帮助将非常感激。
3 个解决方案
解决方案1
39 2015-01-03 02:37:27
To get a new access_token , by using your existing refresh_token you need to send a POST request to the same url you used to get the token in the first place ( /o/token/ , assuming the default url).要获取新的access_token ,通过使用现有的refresh_token您需要将 POST 请求发送到您用来首先获取令牌的相同 url ( /o/token/ ,假设为默认 url)。 The grant_type would now be refresh_token , and you also need to authenticate with your client credentials, since you were issued some. grant_type现在将是refresh_token ,并且您还需要使用您的客户端凭据进行身份验证,因为您已获得了一些凭据。
To summarize: curl -X POST -d "grant_type=refresh_token&client_id=<your_client_id>&client_secret=<your_client_secret>&refresh_token=<your_refresh_token>" http://localhost:8000/o/token/总结一下: curl -X POST -d "grant_type=refresh_token&client_id=<your_client_id>&client_secret=<your_client_secret>&refresh_token=<your_refresh_token>" http://localhost:8000/o/token/
If you want more information, you can checkout this link to see the relevant section of the standard.如果您想了解更多信息,可以查看此链接以查看标准的相关部分。
解决方案2
2 2018-10-16 06:33:03
You can pass the post request in POSTMAN.您可以在 POSTMAN 中传递 post 请求。 Or Try this, it worked for me:或者试试这个,它对我有用:
curl -X POST -H 'Authorization: Basic your_application_id' -d 'refresh_token=your_refresh_token&grant_type=refresh_token' localhost:3000/o/token
{
"token_type":"bearer",
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiVlx1MDAxNcKbwoNUwoonbFPCu8KhwrYiLCJpYXQiOjE0NDQyNjI4NjYsImV4cCI6MTQ0NDI2Mjg4Nn0.Dww7TC-d0teDAgsmKHw7bhF2THNichsE6rVJq9xu_2s",
"expires_in":20,
"refresh_token":"7fd15938c823cf58e78019bea2af142f9449696a"
}
解决方案3
0 2021-10-05 06:32:14
To get a new access_token from refresh_token by URL you can use the below URL and pass data in params:要通过 URL 从refresh_token获取新的access_token ,您可以使用以下 URL 并在参数中传递数据:
http://127.0.0.1:8000/o/token/?grant_type=refresh_token&refresh_token=<refresh_token_here>&client_id=<your client id here>&client_secret=<your client secret here>
Once you generate a new access_token with the help of refresh_token then the old access_token will be expire.在refresh_token的帮助下生成新的access_token后,旧的access_token将过期。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.