【发布时间】:2019-09-28 21:31:04
【问题描述】:
在提供授权的 Rails (5.2.3) 应用程序上将 doorkeeper 从 5.1.0 升级到 5.2.1 后,请求授权的应用程序的登录不再起作用。授权应用程序上的页面声明 Missing required parameter: scope. 虽然我们不使用范围。
迁移说明中有一些关于范围的内容,但它们并没有告诉我。 https://github.com/doorkeeper-gem/doorkeeper/wiki/Migration-from-old-versions#database-changes
我知道我必须创建一个像这样的迁移,但问题仍然存在:
# frozen_string_literal: true
class ChangeScopesOnOAuthAccessGrants < ActiveRecord::Migration[5.2]
def up
change_column_default :oauth_access_grants, :scopes, from: nil, to: ''
change_column_null :oauth_access_grants, :scopes, false
end
def down
change_column_default :oauth_access_grants, :scopes, from: '', to: nil
change_column_null :oauth_access_grants, :scopes, true
end
end
在授权应用上配置doorkeeper.rb很简单:
Doorkeeper.configure do
orm :active_record
resource_owner_authenticator do
current_admin_user || redirect_to(new_admin_user_session_path(params.permit(:client_id, :redirect_uri, :response_type, :state)))
end
admin_authenticator do
current_admin_user || redirect_to(new_admin_user_session_path)
end
access_token_expires_in 24.hours
end
我对运行迁移前后的响应进行了更深入的了解。在 Doorkeeper 模块的AuthorizationsController#new 中使用binding.pry(继承自Doorkeeper::ApplicationController),我可以确认Doorkeeper::OAuth::PreAuthorization 的实例为nil 属性scope 返回nil,但不是scopes。
调用pre_auth.authorizable? 后,我得到了这些对象和这些值:
#<Doorkeeper::OAuth::PreAuthorization:0x00007fad33f25390
@client=
#<Doorkeeper::OAuth::Client:0x00007fad364b22e8
@application=
#<Doorkeeper::Application:0x00007fad364b26d0
id: 2,
name: "...",
uid: "...",
secret: "..",
redirect_uri:
"http://localhost:3001/users/auth/doorkeeper/callback",
scopes: "",
created_at: Tue, 24 Oct 2017 11:56:13 CEST +02:00,
updated_at: Thu, 03 Oct 2019 18:53:35 CEST +02:00,
confidential: true>>,
@client_id="...",
@code_challenge=nil,
@code_challenge_method=nil,
@error=:invalid_request,
@missing_param=:scope,
@redirect_uri="http://localhost:3001/users/auth/doorkeeper/callback",
@response_type="code",
@scope=nil,
@server=
#<Doorkeeper::Config:0x00007fad33b72180
@access_token_expires_in=24 hours,
@api_only=false,
@application_secret_strategy=Doorkeeper::SecretStoring::???,
@authenticate_admin=#<Proc:0x00007fad33b71d20@/Users/.../config/initializers/doorkeeper.rb:11>,
@authenticate_resource_owner=#<Proc:0x00007fad33b71eb0@/Users/.../config/initializers/doorkeeper.rb:6>,
@default_scopes=#<Doorkeeper::OAuth::Scopes:0x00007fad364cb7c0 @scopes=[]>,
@orm=:active_record,
@token_secret_strategy=Doorkeeper::SecretStoring::???>,
@state="...">
我目前没有任何解决问题的线索。感谢您的提示!
【问题讨论】: