如何使用django_auth_toolkit从refresh_token获取新的access_token



我使用django-oauth-toolkit版本1.1.2来获取access_token,如下所示:-

Reauest:-
POST http://localhost:8597/login
{
"application_id": "cuOt3raxH9ClbCrbbgP68iU6ssfO2N78TplxwlMq",
"username": "test@gmail.com",
"password": "test",
"grant_type": "password"
}
Response:-
{
"type": "success",
"shortDescription": "User Logged in",
"longDescription": "User logged in successfully",
"success": "User Logged in",
"success_message": "User logged in successfully",
"data": {
"access_token": "RXMXGNl2HqYJMVkCBkrrMU5aYFS8uU",
"expires_in": 31536000,
"token_type": "Bearer",
"scope": "read write",
"refresh_token": "wsLetw7c2Q56k07XoisWkEa7SYxORb",
"user": {
"id": "c7d9f8ee-5e87-4a70-9c07-6a2e8c13a50a",
"created_at": "2019-11-21T16:55:45.817324+05:30",
"email": "test@gmail.com",
"first_name": "Test",
"last_name": "User",
"is_deleted": false,
"is_email_verified": true,
"last_login": "2020-02-19T11:17:24.656615+05:30",
"landline_country_code": "us",
"landline_number": "3242343434",
"mobile_country_code": "us",
"mobile_number": "34234234324",
"role": "USER",
"designation": "software engineer",
"is_active": true,
},
}

现在我想使用这个"refresh_token"来获得新的access_token,我提出了以下请求:-

Request:-
POST http://localhost:8597/o/token/
{
"grant_type": "refresh_token",
"client_id": "sHPPirW86SuOwDOfhxmag1fZ9oRCpHFS24wrZj00",
"refresh_token":"wsLetw7c2Q56k07XoisWkEa7SYxORb"
}
Response:-
{
"error": "invalid_grant"
}

这个请求有问题,你能指导我如何解决吗?谢谢

请求看起来不错。但请注意,当令牌无效时,我们也会得到相同的invalid_grant错误。由于工具箱默认使用刷新令牌轮换,这也包括刷新令牌已经使用的情况,导致同一请求第一次工作,然后在随后的所有尝试中都失败,并出现invalid_grant错误,我怀疑您的请求可能就是这种情况。

此外,您可能还想检查刷新令牌对象中请求中使用的特定令牌,看看它是否已经被吊销。

相关内容

  • 没有找到相关文章

最新更新