Closed Lewis-liuwei closed 1 year ago
We have found the problem. The key point is the UserID in the token. When the token is obtained through client_credentials, the UserID is set to be empty, resulting in the same token returned under concurrent conditions. At present, the md5 encryption of the scope has been assigned to UserID, problem solved
When obtaining the token through auth2 concurrently, only the scope value is different, but the returned token is the same
The params: data := url.Values{} data.Set("grant_type", "client_credentials") data.Set("scope", fmt.Sprintf("viewer:%s:%s:%s", req.FileId, req.ViewerType, req.AppKey)) data.Set("client_id", req.AppId) data.Set("client_secret", req.AppKey)
return: