使用this oauth2 library for PHP,我通过client_credentials验证用户是这样的:的oauth2服务器的PHP不返回刷新标记
server.php
$server = new OAuth2\Server($storage, [
'access_lifetime' => 3600, // 1 hour
'refresh_token_lifetime' => 50400, // 14 days
]);
$server->addGrantType(new OAuth2\GrantType\ClientCredentials($server->getStorage('client_credentials'), ['always_issue_new_refresh_token' => true])));
在我的终点
然后(token.php):
require_once __DIR__.'/server.php';
$request = OAuth2\Request::createFromGlobals();
$server->handleTokenRequest($request)->send(); //returns the token object
虽然返回一个新的access_token,没有返回refresh_token:
{"access_token":"501a3d087db7532d4e4350402f9a5da332d71dfc","expires_in":3600,"token_type":"Bearer","scope":null}
如何获得refresh_token?
完美。 [这个其他答案](http://stackoverflow.com/questions/29233772/why-is-a-refresh-token-not-provided-by-oauth2-servers-responding-to-a-client-cr)也是这个问题很好的资源。 – lilbiscuit