OAuth 2身份验证中grant_type参数的用途是什么 [英] What is the purpose of grant_type parameter in OAuth 2 Authentication

问题描述

我正在Lumen微框架中使用OAuth 2身份验证.现在我正在使用grant_type值是password.如果我使用不同的东西，它会抛出unsupported_grant_type.我想知道使用grant_type的目的是password

I am using OAuth 2 Authentication in Lumen microframework. Right now i am using the grant_type value is password. It throws unsupported_grant_type, If i am using something different. I want to know the purpose of using grant_type is password

推荐答案

grant_typeURL参数="noreferrer"> OAuth2 RFC 用于/token端点，该端点将授予权交换为真实令牌.因此，OAuth2服务器知道您要发送给它的内容.您正在使用资源所有者密码凭据授予，因此必须使用值password.

The grant_type URL parameter is required by OAuth2 RFC for the /token endpoint, which exchanges a grant for real tokens. So the OAuth2 server knows what you are sending to it. You are using the Resource Owner Password Credentials Grant, so you must specify it with the value password.

从OAuth2 RFC:

From the OAuth2 RFC:

授权授予是代表资源的凭证 所有者使用的所有者授权(访问其受保护的资源) 客户端以获取访问令牌.

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token.

grant_type=password表示您正在向/token端点发送用户名和密码.如果您使用了授权代码授予流，则可以使用值authorization_code .但随后，您将不发送用户名和密码对，而是发送经过用户身份验证后从OAuth2服务器接收到的代码.该代码是任意字符串-难以读取.很好地显示在RFC的工作流图中.

The grant_type=password means that you are sending a username and a password to the /token endpoint. If you used the Authorization Code Grant flow, you could use the value authorization_code. But then you don't send the username+password pair, but a code received from the OAuth2 server after user authentication. The code is an arbitrary string - not human readable. It's nicely shown in the workflow diagrams in the RFC.

这篇关于OAuth 2身份验证中grant_type参数的用途是什么的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！