获取到client_id和client_secret 后 无法访问获取token 和访问真正的api接口。

[zhaowenjun333]

example 启动后创建了一个 Client 并拿到里面的 id 和 secret ，无法访问token .我的代码如下：

def localgettokenByrequests():
    r = requests.post(auth=HTTPBasicAuth('2SLED10pAVovtLhyXkTxaYDk', 'gUPxTr8L0mtqSAWzSefFjGtwgTBeDdJqTCxwVuNlMamoVLC6'),
                      url='http://127.0.0.1:5000/oauth/token?grant_type=client_credentials')
    print( r )
    tokenjson = r.json()
    print(tokenjson)
    print(tokenjson.get('access_token'))
    authorrization = "Bearer {}".format(tokenjson.get('access_token'))

if __name__ =="__main__":
    r = localgettokenByrequests()

我目前想用oauth2 加密我的api接口，我会发放id和secret给另外一个java 服务使用，java通过调用token 接口，得到token，然后再调用真的数据api。请问我是哪里用错了么。

[lepture]

grant_type=client_credentials should be in POST payload, not URI.

[zhaowenjun333]

I want to secure api with Oauth2，usage like below.

environment:

win10,py3.6,
Flask=1.1.1
Flask-SQLAlchemy=2.4.1
oauthlib=2.1.0

create a client：

get client_id and client_secret:

{"client_name": "parchmentSendser", "client_uri": "", "contacts": [], "grant_types": ["client_credentials"], "jwks": null, "jwks_uri": null, "logo_uri": null, "policy_uri": null, "redirect_uris": [], "response_types": ["code"], "scope": "profile", "token_endpoint_auth_method": "client_secret_basic", "tos_uri": null}

step by step to get data

• get token

 r = requests.post(auth=HTTPBasicAuth('qGbJKewh2oWY5C4sa4yGYIiS','DG86lovQfVm58350H7IOS4BHYCSIrXWB7wYFVCDrXLkoPaWC') ,url='http://127.0.0.1:5000/oauth/token',
    data = {"grant_type":"client_credentials","scope":"profile"})
#r=<Response [500]>

• expected result

{'token_type': 'bearer', 'access_token': 'EI1G6lGOdfTxoUUpWSrkD0K1zW1Mdskx', 'expires_in': 7200}

• uage token

params = {   }
print(authorrization)
r2 = requests.get(url= 'http://127.0.0.1:5000/api/me',headers={ 'Authorization':authorrization,"Content-Type":"application/json"},params=params)

now，I can't move forward, help me how to config ，thx。

[lepture]

Not sure if you are asking in the right repo. You are using oauthlib==2.1.0, which is clearly not used in this repo.

We accept community helps on StackOverflow and bug reports on GitHub issues. We do not offer help for your own project. However, if you are working on your company’s project, it is suggested that you asking your company to purchase a commercial support. Check https://authlib.org/support

[zhaowenjun333]

yeah，i am just practice，I have realized it isn`t suitable for my needs. appreciate your help。thank you again。