client的授权方式改为refresh_token后跑不通

NotFound403 / id-server

An OAuth2 Authorization Server,Based on Spring Authorization Server

Apache License 2.0

400 stars 112 forks source link

client的授权方式改为refresh_token后跑不通 #39

Closed hezhongfeng closed 2 years ago

hezhongfeng commented 2 years ago

将client配置了所有的授权方式，在client端将授权配置改为 authorization-grant-type: refresh_token有问题

{"oAuth2AuthorizedClient":null,"authentication":{"authorities":[{"authority":"ROLE_ANONYMOUS"}],"details":{"remoteAddress":"127.0.0.1","sessionId":"723ABDC991973F7DF20348D9B6D3849C"},"authenticated":true,"principal":"anonymousUser","keyHash":-1176455732,"credentials":"","name":"anonymousUser"}}

NotFound403 commented 2 years ago

refresh_token 不能直接使用

hezhongfeng commented 2 years ago

我明白了，首先需要使用authorization_code授权方式，换取AccessToken和Refreshtoken，等AccessToken过期之后，再使用authorization-grant-type: refresh_token配合Refreshtoken，换取新的有效的AccessToken