[英]Redirect URI from this request does not match one from the authorize request even though they're the same
So I am using ORY/Hydra to host an OAuth 2.0 Server and am in the process of building a sample client to demonstrate the flow. 因此,我正在使用ORY / Hydra托管OAuth 2.0服务器,并且正在构建示例客户端以演示流程。 I call the /oauth2/auth
endpoint with the redirect_uri
in the query params, and I use simple-oauth2
to later call /oauth2/token
to fetch the access tokens. 我在查询参数中使用redirect_uri
调用/oauth2/auth
端点,然后使用simple-oauth2
稍后调用/oauth2/token
来获取访问令牌。
I can create a client through my API into the Hydra server and the response is a valid JSON with the one of the callback URL's being ` http://localhost:3000/callback ' 我可以通过我的API将客户创建到Hydra服务器中,并且响应是有效的JSON,其中回调URL之一为` http:// localhost:3000 / callback '
{
"id": "cbf09258-7f8e-4147-93c1-aa7e2e7b99b3",
"name": "Test App 1",
"clientId": "515e7876-881e-4f3a-b489-20ed7300c745",
"clientSecret": "deleted",
"clientSecretExpiresAt": 0,
"token":
"$2a$08$bWZMUf5wgEpOcoUjsJ5l/uS5LaTmqrC40FTnfegzelE69H8JAFrMW",
"callbackUrl": [
"127.0.0.1:3000",
"localhost:3000/callback",
"http://localhost:3000/callback"
],
"url": "",
"imageBanner": "",
"imageIcon": "",
"createdAt": "2019-02-04T19:14:22.193152Z",
"updatedAt": "2019-02-04T19:14:22.193152Z"
}
The flow starts at localhost:3000/callback
as well and my jade file renders a link to call /oauth2/auth
as follows 该流程也从localhost:3000/callback
开始,并且我的jade文件呈现了如下链接以调用/oauth2/auth
block content
h1 Whew
a(href="http://localhost:4444/oauth2/auth?client_id=" + clientid + "&scope=openid offline&response_type=code&redirect_uri=http://localhost:3000/callback&state=haardik123") Authorize
Finally, the handler includes code to call /oauth2/token
if a code
param is present in the query as follows: ( callback.js
) 最后,如果查询中存在code
参数,则处理程序包括用于调用/oauth2/token
的code
,如下所示:( callback.js
)
const oauth2 = simpleOauthModule.create({
client: {
id: process.env.CLIENT_ID,
secret: process.env.CLIENT_SECRET,
},
auth: {
tokenHost: 'http://localhost:4444',
tokenPath: '/oauth2/token',
authorizePath: '/oauth2/auth',
},
});
// Authorization uri definition
const authorizationUri = oauth2.authorizationCode.authorizeURL({
redirect_uri: 'http://localhost:3000/callback',
scope: 'openid offline',
state: 'haardik123',
});
router.get('/', async function (req, res, next) {
var query = url.parse(req.url, true).query;
var clientid = process.env.CLIENT_ID;
var code = query.code;
const options = {
code,
};
if (code) {
try {
const result = await oauth2.authorizationCode.getToken(options);
console.log('The resulting token: ', result);
const token = oauth2.accessToken.create(result);
return res.status(200).json(token)
} catch(error) {
console.error('Access Token Error', error.message);
return res.status(500).json('Authentication failed');
}
}
res.render('callback', {
clientid: clientid
});
});
The flow goes normally until I get redirected back to localhost:3000/callback
with a code
in the query params but then it says Status 400: Bad request - Authentication Failed
流程正常进行,直到我使用查询参数中的code
将我重定向到localhost:3000/callback
,然后显示Status 400: Bad request - Authentication Failed
Hydra logs show that 九头蛇日志显示
time="2019-02-04T19:16:05Z" level=info msg="started handling request" method=POST remote="172.29.0.1:35130" request=/oauth2/token
time="2019-02-04T19:16:05Z" level=error msg="An error occurred" description="The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed" error=invalid_request hint="The \"redirect_uri\" from this request does not match the one from the authorize request."
time="2019-02-04T19:16:05Z" level=info msg="completed handling request" measure#http://localhost:4444.latency=60183900 method=POST remote="172.29.0.1:35130" request=/oauth2/token status=400 text_status="Bad Request" took=60.1839ms
I'm not sure why the redirect_uri won't match as it seems like I did everything fine -- would love any insight on this, thanks! 我不确定为什么redirect_uri会不匹配,因为我似乎做得很好-希望对此有任何见解,谢谢!
This was solved by adding a redirect_uri
to the options
object being passed to oauth2.authorizationCode.getToken(options)
通过将redirect_uri
添加到传递给oauth2.authorizationCode.getToken(options)
的options
对象中,可以解决此问题。
Changing the object to 将对象更改为
const options = {
code,
redirect_uri: "http://localhost:3000/callback",
};
worked! 成功了!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.