主页 / 问题 / 774358
Accepted
Abmin
Asked:2020-01-23 10:15:43 +0000 UTC2020-01-23 10:15:43 +0000 UTC

Yandex oauth 给出 invalid_scope 错误

  • 772

我在 Laravel 5.5 上使用 Socialite,我在那里添加了 Yandex,但是当我进入授权页面时,Yandex 说:

无法确定请求的访问列表(invalid_scope)

生成的请求:

https://oauth.yandex.ru/authorize?client_id=3fde0c613c4941aa9b2143247d560fb5&redirect_uri=http%3A%2F%2Fgreenhoster.com%2Fauth%2Fyandex%2Fcallback&scope=openid+profile+email&response_type=code&state=6EILCMFrARHkCq5HFiV6aah8sRaAxU8GrcAisJrc

Yandex 提供商:

<?php

namespace Laravel\Socialite\Two;

use Exception;
use GuzzleHttp\ClientInterface;

class YandexProvider extends AbstractProvider implements ProviderInterface
{
    /**
     * The separating character for the requested scopes.
     *
     * @var string
     */
    protected $scopeSeparator = ' ';

    /**
     * The scopes being requested.
     *
     * @var array
     */
    protected $scopes = [
        'openid',
        'profile',
        'email',
    ];

    /**
     * {@inheritdoc}
     */
    protected function getAuthUrl($state)
    {
        return $this->buildAuthUrlFromBase(
            'https://oauth.yandex.ru/authorize', $state
        );
    }
    /**
     * {@inheritdoc}
     */
    protected function getTokenUrl()
    {
        return 'https://oauth.yandex.ru/token';
    }
    /**
     * {@inheritdoc}
     */
    protected function getUserByToken($token)
    {
        $response = $this->getHttpClient()->get(
            'https://login.yandex.ru/info?format=json', [
            'headers' => [
                'Authorization' => 'Bearer '.$token,
            ],
        ]);
        return json_decode($response->getBody()->getContents(), true);
    }
    /**
     * {@inheritdoc}
     */
    protected function mapUserToObject(array $user)
    {
        return (new User())->setRaw($user)->map([
            'id' => $user['id'],
            'nickname' => $user['login'],
            'name' => Arr::get($user, 'real_name'),
            'email' => Arr::get($user, 'default_email'),
            'avatar' => 'https://avatars.yandex.net/get-yapic/'.Arr::get($user, 'default_avatar_id').'/islands-200',
        ]);
    }
    /**
     * {@inheritdoc}
     */
    protected function getTokenFields($code)
    {
        return array_merge(parent::getTokenFields($code), [
            'grant_type' => 'authorization_code',
        ]);
    }
}
laravel

2 个回答

  1. Best Answer

    如果删除数组的内容

    protected $scopes = [
        'openid',
        'profile',
        'email',
    ];

    然后将请求在应用程序设置中设置的权限,然后一切正常!

    • 2

  2. 在 Hybridauth 3.0 上,要删除范围,您需要将其定义为:

    protected $scope = null;
    • 0

相关问题