问题
I am building an ouath 2.0 system in ruby on rails using Doorkeeper. My resource server is protected with doorkeeper_for method and is separate from the authorization server, and i am using the implicit grant flow. So i get the access token from the auth server and then make a request to the resource server in this way: localhsot:3000/pages?access_token=XXXX but when the resource server read the access token it try to looks for the token in its own database and not in the authentication server database so i get a 401 Unautorized error. How can i solve this?
回答1:
You should add a database connection to the authorization server, and in a MyApp::Application.config.to_prepare block instruct the relevant doorkeeper models to connect via those credentials.
See https://github.com/applicake/doorkeeper/issues/266#issuecomment-26800252.
来源:https://stackoverflow.com/questions/18383715/doorkeeper-separate-resource-server-from-the-authorization-server