Authentication 应将哪些错误返回给第三方应用程序?
当用户(“资源所有者”)明确拒绝身份验证请求时,应该将其传递给请求客户端(类似于Authentication 应将哪些错误返回给第三方应用程序?,authentication,oauth,oauth-2.0,Authentication,Oauth,Oauth 2.0,当用户(“资源所有者”)明确拒绝身份验证请求时,应该将其传递给请求客户端(类似于https://oauth2client.com/cb#error=access_denied) 应该向第三方应用程序传递哪些其他错误?服务器(临时)错误如何?是否存在出于安全原因不应回调的事件 谢谢 你读过报纸了吗 见第4.1.2.1节。授权代码授予的错误响应。它概述了可以发回的错误代码服务器错误或暂时不可用可能就是您要查找的。OAUth2安全建议没有给出不将它们发送回的理由 If the request fail
https://oauth2client.com/cb#error=access_denied
)
应该向第三方应用程序传递哪些其他错误?服务器(临时)错误如何?是否存在出于安全原因不应回调的事件
谢谢 你读过报纸了吗
见第4.1.2.1节。授权代码授予的错误响应。它概述了可以发回的错误代码<代码>服务器错误或暂时不可用
可能就是您要查找的。OAUth2安全建议没有给出不将它们发送回的理由
If the request fails due to a missing, invalid, or mismatching
redirection URI, or if the client identifier is missing or invalid,
the authorization server SHOULD inform the resource owner of the
error and MUST NOT automatically redirect the user-agent to the
invalid redirection URI.
If the resource owner denies the access request or if the request
fails for reasons other than a missing or invalid redirection URI,
the authorization server informs the client by adding the following
parameters to the query component of the redirection URI using the
"application/x-www-form-urlencoded" format, per Appendix B:
error
REQUIRED. A single ASCII [USASCII] error code from the
following:
invalid_request
The request is missing a required parameter, includes an
invalid parameter value, includes a parameter more than
once, or is otherwise malformed.
unauthorized_client
The client is not authorized to request an authorization
code using this method.
access_denied
The resource owner or authorization server denied the
request.
unsupported_response_type
The authorization server does not support obtaining an
authorization code using this method.
invalid_scope
The requested scope is invalid, unknown, or malformed.
server_error
The authorization server encountered an unexpected
condition that prevented it from fulfilling the request.
(This error code is needed because a 500 Internal Server
Error HTTP status code cannot be returned to the client
via an HTTP redirect.)
temporarily_unavailable
The authorization server is currently unable to handle
the request due to a temporary overloading or maintenance
of the server. (This error code is needed because a 503
Service Unavailable HTTP status code cannot be returned
to the client via an HTTP redirect.)
Values for the "error" parameter MUST NOT include characters
outside the set %x20-21 / %x23-5B / %x5D-7E.