Open FeeFelipe opened 7 years ago
I solved the problem, when the application receives the empty scope (scope: '') throw an error
Solution:
if (!req.body.scope) delete req.body.scope;
Error:
{ server_error: Invalid parameter: `scope`
at TokenHandler.<anonymous> (/node/node_modules/oauth2-server/lib/handlers/token-handler.js:100:13)
at TokenHandler.tryCatcher (/node/node_modules/bluebird/js/main/util.js:26:23)
at Promise._settlePromiseFromHandler (/node/node_modules/bluebird/js/main/promise.js:507:31)
at Promise._settlePromiseAt (/node/node_modules/bluebird/js/main/promise.js:581:18)
at Promise._settlePromises (/node/node_modules/bluebird/js/main/promise.js:697:14)
at Async._drainQueue (/node/node_modules/bluebird/js/main/async.js:123:16)
at Async._drainQueues (/node/node_modules/bluebird/js/main/async.js:133:10)
at Immediate.Async.drainQueues (/node/node_modules/bluebird/js/main/async.js:15:14)
at runCallback (timers.js:672:20)
at tryOnImmediate (timers.js:645:5)
at processImmediate [as _immediateCallback] (timers.js:617:5)
message: 'Invalid parameter: `scope`',
code: 503,
name: 'server_error',
inner:
{ invalid_argument: Invalid parameter: `scope`
at ClientCredentialsGrantType.AbstractGrantType.getScope (/node/node_modules/oauth2-server/lib/grant-types/abstract-grant-type.js:94:11)
at ClientCredentialsGrantType.handle (/node/node_modules/oauth2-server/lib/grant-types/client-credentials-grant-type.js:57:20)
at TokenHandler.handleGrantType (/node/node_modules/oauth2-server/lib/handlers/token-handler.js:220:6)
at TokenHandler.<anonymous> (/node/node_modules/oauth2-server/lib/handlers/token-handler.js:91:19)
at TokenHandler.tryCatcher (/node/node_modules/bluebird/js/main/util.js:26:23)
at Promise._settlePromiseFromHandler (/node/node_modules/bluebird/js/main/promise.js:507:31)
at Promise._settlePromiseAt (/node/node_modules/bluebird/js/main/promise.js:581:18)
at Async._drainQueue (/node/node_modules/bluebird/js/main/async.js:128:12)
at Async._drainQueues (/node/node_modules/bluebird/js/main/async.js:133:10)
at Immediate.Async.drainQueues (/node/node_modules/bluebird/js/main/async.js:15:14)
at runCallback (timers.js:672:20)
at tryOnImmediate (timers.js:645:5)
at processImmediate [as _immediateCallback] (timers.js:617:5)
message: 'Invalid parameter: `scope`',
code: 500,
name: 'invalid_argument' } }
Can you please share the your thoughts about #393
Join https://oauthjs.slack.com
Please close the issue. as it solved.
@manjeshpv This issue is not resolved. While I appreciate your effort, please don't link to your issue everywhere.
@FeeFelipe The error is expected, an empty scope is not valid. You have to either omit it completely or set it to something valid. See Section 3.3 of RFC 6749:
scope = scope-token *( SP scope-token )
scope-token = 1*( %x21 / %x23-5B / %x5D-7E )
That AbstractGrantType#getScope
is throwing an InvalidArgumentError
is wrong though. IMO this should be an InvalidScopeError
. Also, just looking at the code I think it doesn't handle the case where no scope is supplied (?). I'll have to look into that.
@mjsalinger Any objections to changing the type of error that is thrown as outlined above? The scope is sent by the client, so InvalidArgumentError
is wrong if I'm not mistaken.
Hi,
I'm not able to implement this application in postman, someone can help me?