What is the purpose of grant_type parameter in OAuth 2 Authentication

人盡茶涼 提交于 2020-01-31 15:12:44

问题


I am using OAuth 2 Authentication in Lumen microframework. Right now i am using the grant_type value is password. It throws unsupported_grant_type, If i am using something different. I want to know the purpose of using grant_type is password


回答1:


The grant_type URL parameter is required by OAuth2 RFC for the /token endpoint, which exchanges a grant for real tokens. So the OAuth2 server knows what you are sending to it. You are using the Resource Owner Password Credentials Grant, so you must specify it with the value password.

From the OAuth2 RFC:

An authorization grant is a credential representing the resource owner's authorization (to access its protected resources) used by the client to obtain an access token.

The grant_type=password means that you are sending a username and a password to the /token endpoint. If you used the Authorization Code Grant flow, you could use the value authorization_code. But then you don't send the username+password pair, but a code received from the OAuth2 server after user authentication. The code is an arbitrary string - not human readable. It's nicely shown in the workflow diagrams in the RFC.



来源:https://stackoverflow.com/questions/45055277/what-is-the-purpose-of-grant-type-parameter-in-oauth-2-authentication

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!