Doorkeeper将资源服务器与授权服务器分开 [英] Doorkeeper separate resource server from the authorization server
问题描述
我正在使用 Doorkeeper 在Rails上构建一个ouath 2.0系统. 我的资源服务器受到doorkeeper_for方法的保护,并且与授权服务器分开,并且我正在使用隐式授予流. 因此,我从auth服务器获取访问令牌,然后以这种方式向资源服务器发出请求:localhsot:3000/pages?access_token = XXXX,但是当资源服务器读取访问令牌时,它将尝试在其资源中查找令牌.自己的数据库,而不是在身份验证服务器数据库中,所以我收到401 Unautorized错误.我该如何解决?
您应该将数据库连接添加到授权服务器,并在MyApp::Application.config.to_prepare
块中指示相关的doorkeeper
模型通过这些凭据进行连接.>
请参见 https://github.com/applicake/doorkeeper/issues/266 #issuecomment-26800252 .
I am building an ouath 2.0 system in ruby on rails using Doorkeeper. My resource server is protected with doorkeeper_for method and is separate from the authorization server, and i am using the implicit grant flow. So i get the access token from the auth server and then make a request to the resource server in this way: localhsot:3000/pages?access_token=XXXX but when the resource server read the access token it try to looks for the token in its own database and not in the authentication server database so i get a 401 Unautorized error. How can i solve this?
You should add a database connection to the authorization server, and in a MyApp::Application.config.to_prepare
block instruct the relevant doorkeeper
models to connect via those credentials.
See https://github.com/applicake/doorkeeper/issues/266#issuecomment-26800252.
这篇关于Doorkeeper将资源服务器与授权服务器分开的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!