我正在开发使用WSO2AM数据的项目。 我正在按照https://docs.wso2.com/display/AM210/apidocs/publisher/#guide中的步骤操作,一切正常。
我想更改登录用户的令牌过期时间(不是应用程序订阅令牌)。 我知道实现这一目标的唯一想法是改变WSO2应用程序本身的配置 。
消费者端有没有其他方式的数据? 也许将过期时间作为查询字符串?
这是获取令牌的curl命令:
curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view" -H "Authorization: Basic SGZFbDFqSlBkZzV0YnRyeGhBd3liTjA1UUdvYTpsNmMwYW9MY1dSM2Z3ZXpIaGM3WG9HT2h0NUFh" https://localhost:8243/token这是回应:
{ "scope":"apim:api_view", "token_type":"Bearer", "expires_in":3600, "refresh_token":"33c3be152ebf0030b3fb76f2c1f80bf8", "access_token":"292ff0fd256814536baca0926f483c8d" }基本上我希望响应中expires_in的值持续更长时间。
I'm working on the project that consume data from WSO2AM. I'm following steps from https://docs.wso2.com/display/AM210/apidocs/publisher/#guide and everything is OK.
I want to change the token expired duration for the logged in user (not application subscription token). The only think I know to achieve this is by changing the configuration on the WSO2 application itself.
Is there any other way to dat from the consumer end? maybe by putting the expiration duration as query string?
This is the curl command to get the token:
curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:api_view" -H "Authorization: Basic SGZFbDFqSlBkZzV0YnRyeGhBd3liTjA1UUdvYTpsNmMwYW9MY1dSM2Z3ZXpIaGM3WG9HT2h0NUFh" https://localhost:8243/tokenThis is the response:
{ "scope":"apim:api_view", "token_type":"Bearer", "expires_in":3600, "refresh_token":"33c3be152ebf0030b3fb76f2c1f80bf8", "access_token":"292ff0fd256814536baca0926f483c8d" }Basically I want the value of expires_in from the response to be last longer.
最满意答案
根据OAuth2规范 ,不允许用户请求令牌到期时间。 因此,它是服务器端配置。
但是,WSO2为客户端凭据授予类型提供此功能,以便开发人员使用不同的令牌到期时间来测试其应用程序。
As per the OAuth2 spec, users aren't allowed to request for token expiry time. Therefore, it's a server-side configuration.
However, WSO2 provides this capability for client credentials grant type for the ease of developers to test their apps with different token expiry times.
更多推荐
发布评论