I have two example of oauth2 clients in php, one works and the other not, it return an error instead:
([error] => unauthorized [error_description] => An Authentication object was not found in the SecurityContext).
My question is, when it should a oauth2 server returns an access token response with client_id and when should it return a response with refresh_token?
My working request is:
string(130) "{"access_token":"b91f15ed-436f-470d-8d9e-bf245c5373ae","token_type":"bearer","expires_in":25209,"scope":"read","client_id":"tonr"}"
My not working request is:
string(126) "{"access_token": "eaa3c66ae1", "token_type": "bearer", "expires_in": 31536000, "refresh_token": "69f9c2cb29", "scope": "user"}"
Since it just changes client_id
and refresh_token
, when should it come one and when should it come another?
The refresh tokens are managed by the third party app you are using to get the access_token
. That been said you can't directly request a refresh token.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.