[英]How to use refresh token to obtain new access token on django-oauth-toolkit?
I am using django-oauth-toolkit 0.7 in my Django project for providing Oauth2 through my website.我在我的 Django 项目中使用django-oauth-toolkit 0.7通过我的网站提供 Oauth2。
I have followed the steps here and successfully got the access token, but I am unable to get new access token
(if the access token is expired) with the refresh token
.我已按照此处的步骤成功获得访问令牌,但我无法使用
refresh token
获取新的access token
(如果访问令牌已过期)。
I am able to get the access token
with consumer client , but how can I get this with my url in my web site, because I am unable to see what parameters are going to my site when I try to get a new access token
with refresh token
.我可以通过消费者客户端获取
access token
,但是如何通过我的 web 站点中的 url 获取此令牌,因为当我尝试通过refresh token
获取新的access token
时,我无法看到哪些参数将进入我的站点refresh token
。
My access and refresh tokens are like this:我的访问和刷新令牌是这样的:
{
"access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in":3920,
"token_type":"Bearer",
"refresh_token":"1/xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}
Any help would be much appreciated.任何帮助将非常感激。
To get a new access_token
, by using your existing refresh_token
you need to send a POST request to the same url you used to get the token in the first place ( /o/token/
, assuming the default url).要获取新的
access_token
,通过使用现有的refresh_token
您需要将 POST 请求发送到您用来首先获取令牌的相同 url ( /o/token/
,假设为默认 url)。 The grant_type
would now be refresh_token
, and you also need to authenticate with your client credentials, since you were issued some. grant_type
现在将是refresh_token
,并且您还需要使用您的客户端凭据进行身份验证,因为您已获得了一些凭据。
To summarize: curl -X POST -d "grant_type=refresh_token&client_id=<your_client_id>&client_secret=<your_client_secret>&refresh_token=<your_refresh_token>" http://localhost:8000/o/token/
总结一下:
curl -X POST -d "grant_type=refresh_token&client_id=<your_client_id>&client_secret=<your_client_secret>&refresh_token=<your_refresh_token>" http://localhost:8000/o/token/
If you want more information, you can checkout this link to see the relevant section of the standard.如果您想了解更多信息,可以查看此链接以查看标准的相关部分。
You can pass the post request in POSTMAN.您可以在 POSTMAN 中传递 post 请求。 Or Try this, it worked for me:
或者试试这个,它对我有用:
curl -X POST -H 'Authorization: Basic your_application_id' -d 'refresh_token=your_refresh_token&grant_type=refresh_token' localhost:3000/o/token
{
"token_type":"bearer",
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiVlx1MDAxNcKbwoNUwoonbFPCu8KhwrYiLCJpYXQiOjE0NDQyNjI4NjYsImV4cCI6MTQ0NDI2Mjg4Nn0.Dww7TC-d0teDAgsmKHw7bhF2THNichsE6rVJq9xu_2s",
"expires_in":20,
"refresh_token":"7fd15938c823cf58e78019bea2af142f9449696a"
}
To get a new access_token
from refresh_token
by URL you can use the below URL and pass data in params:要通过 URL 从
refresh_token
获取新的access_token
,您可以使用以下 URL 并在参数中传递数据:
http://127.0.0.1:8000/o/token/?grant_type=refresh_token&refresh_token=<refresh_token_here>&client_id=<your client id here>&client_secret=<your client secret here>
Once you generate a new access_token
with the help of refresh_token
then the old access_token
will be expire.在
refresh_token
的帮助下生成新的access_token
后,旧的access_token
将过期。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.