Oauth Tyk Ouath2流客户端\u凭据错误：无法&\x27；无法使用策略或密钥规则创建令牌，失败_Oauth_Oauth 2.0_Tyk

Oauth Tyk Ouath2流客户端\u凭据错误：无法&\x27；无法使用策略或密钥规则创建令牌，失败

oauth oauth-2.0

Oauth Tyk Ouath2流客户端\u凭据错误：无法&\x27；无法使用策略或密钥规则创建令牌，失败,oauth,oauth-2.0,tyk,Oauth,Oauth 2.0,Tyk,我正在使用Tyk 2.2.0作为api管理oauth2，basic，我需要将客户端\u凭据oauth2流添加为允许的\u访问类型。为了通过这个新的oauth2访问类型生成访问令牌，我做了以下更改：创建一个Tyk Api： { "name": "api_oauth_v2_oauth2", "api_id": "openApi", "org_id": "", "definition": { "location": "header", "key": "version" }, "u

我正在使用Tyk 2.2.0作为api管理oauth2，basic，我需要将

客户端\u凭据

oauth2流添加为

允许的\u访问类型

。为了通过这个新的oauth2访问类型生成访问令牌，我做了以下更改：

创建一个Tyk Api：

{
"name": "api_oauth_v2_oauth2",
"api_id": "openApi",
"org_id": "",
"definition": {
    "location": "header",
    "key": "version"
},
"use_oauth2": true,
"oauth_meta": {
    "allowed_access_types": [
        "authorization_code",
        "refresh_token",
        "client_credentials"
    ],
    "allowed_authorize_types": [
        "code",
        "token"
    ],
    "auth_login_redirect": "https://www.dev.docapost.io/dashboard/page/external/client/authorize"
},

"notifications": {
    "shared_secret": "",
    "oauth_on_keychange_url": "http://provisioning:8080/newton-provisioning-web/v1/external/notify"
},

"version_data": {
    "not_versioned": true,
    "versions": {
        "Default": {
            "name": "Default",
            "expires": "3000-01-02 15:04",
            "use_extended_paths": true,
            "extended_paths": {
                "ignored": [],
                "white_list": [
                            {"path":"/users/mobiles/{smartPhoneId}/{pushToken}","method_actions":{"PUT":{"action":"no_action"},"DELETE":{"action":"no_action"}}},                        
                            {"path":"/users","method_actions":{"GET":{"action":"no_action"}}},                        
                            {"path":"/objects/boxnumber/{boxNumber}/serialnumber/{serialNumber}","method_actions":{"PUT":{"action":"no_action"},"GET":{"action":"no_action"},"DELETE":{"action":"no_action"}}},                        
                            {"path":"/objects","method_actions":{"POST":{"action":"no_action"},"GET":{"action":"no_action"}}},                        
                            {"path":"/data/boxnumber/{boxNumber}/serialnumber/{serialNumber}/code/{code}","method_actions":{"GET":{"action":"no_action"},"POST":{"action":"no_action"}}},                        
                            {"path":"/data","method_actions":{"POST":{"action":"no_action"}}},                        
                            {"path":"/shares","method_actions":{"GET":{"action":"no_action"},"POST":{"action":"no_action"},"DELETE":{"action":"no_action"}}},                        
                            {"path":"/subscriptions/preconditions","method_actions":{"GET":{"action":"no_action"}}},                        
                            {"path":"/subscriptions/{id}/suspend","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/subscriptions/{id}/configure","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/subscriptions/{id}/resume","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/subscriptions/{id}/cancel","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/subscriptions","method_actions":{"POST":{"action":"no_action"},"GET":{"action":"no_action"}}},                        
                            {"path":"/objectmodels/{id}/partnerUri","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/objectmodels","method_actions":{"POST":{"action":"no_action"},"GET":{"action":"no_action"}}},                        
                            {"path":"/action","method_actions":{"POST":{"action":"no_action"}}},                        
                            {"path":"/organizations/repositories","method_actions":{"GET":{"action":"no_action"},"PUT":{"action":"no_action"},"DELETE":{"action":"no_action"}}},                        
                            {"path":"/repositories/{repositoryName}","method_actions":{"GET":{"action":"no_action"},"DELETE":{"action":"no_action"}}},                        
                            {"path":"/repositories","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/buckets/boxnumber/{boxNumber}/serialnumber/{serialNumber}/code/{code}","method_actions":{"GET":{"action":"no_action"}}},                        
                            {"path":"/offers","method_actions":{"GET":{"action":"no_action"}}},                        
                            {"path":"/pictures","method_actions":{"GET":{"action":"no_action"}}},                        
                            {"path":"/authentication/two-factor/code/{code}","method_actions":{"PUT":{"action":"no_action"}}},                        
                            {"path":"/authentication/two-factor/code","method_actions":{"POST":{"action":"no_action"}}},                        
                            {"path":"/scripts/{serviceName}/{functionName}","method_actions":{"POST":{"action":"no_action"}}}                        ],
                "black_list": []
            }
        }
    }
},
"proxy": {
    "listen_path": "/hub/v2/",
    "target_url": "http://mediation:8080/mediation-api/v2/",
    "strip_listen_path": true
},

"enable_batch_request_support": false

}

将tyk策略添加到此新api openApi：
{ “默认值”：{ “访问权限”：{ “openApi”：{ “允许的URL”：[]， “api_id”：“openApi”， “api_名称”：“moussiApi”， “版本”：[ “默认值” ] } }, “主动”：正确， “名称”：“默认值”， “费率”：100， “per”：1， “配额上限”：10000， “配额更新率”：3600， “标记”：[“启动用户”] } }

通过添加以下行修改tyk.conf以附加策略

{"policies": {
"policy_source": "file”,
"policy_record_name": "./policies/policies.json"
}

}

重新加载Tyk配置
curl-xget\ -H'x-tyk-授权：352d20ee67be67f6341b4c0605b044b8'
使用新Api创建新的Oauth客户端
curl-X柱\ -H'内容类型：应用程序/json' -H'x-tyk-授权：352d20ee67be67f6341b4c0605b044b8' -d'{ “api_id”：“openApi”， “重定向uri”：” }"
生成访问令牌：
curl-X POST-H“授权：基本MGFMYJBMyWuzymzkndLzdq0yzhjytlknwfiywiwn2e6t0dkau5qvxhzak10wxpobu9dmdbzvfkwtfrzme1huxrabvzot1drmu1qttbnalk0'-H”内容类型：application/X-www-form-urlencoded'-d'客户id=0afb0fae3bfd43ed44c8ca9d5abab07a和客户机密=Ogjinjuxyjmtyznmo00YT0LTY0MGqtzmVHOWQ1MJM0MJY4和授权类型=客户凭证'

不幸的是，我在使用

client\u凭据生成访问令牌时遇到了此错误

grant type:

日志

有什么想法吗。

谢谢

我刚刚用这个Oauth2访问流完成了完全身份验证

请注意，您可能需要重新启动tyk服务，这是一个简单的重新加载不会将新策略加载到内存中

我在几天前发布的一篇文章中对此进行了说明

{"error":"server_error","error_description":"The authorization server encountered an unexpected condition that prevented it from fulfilling the request."}


time="Jan  8 13:29:53" level=info msg="Getting client ID:0afb0fae3bfd43ed44c8ca9d5abab07a" 
time="Jan  8 13:29:54" level=info msg="[OAuth] Generating new token" 
time="Jan  8 13:29:54" level=error msg="ERROR: Couldn't use policy or key rules to create token, failing"

time="Jan 10 08:45:54" level=info msg="Initiating reload" 
time="Jan 10 08:45:54" level=info msg="Reload URL Structure - Scheduled" 
time="Jan 10 08:46:04" level=info msg="Loading API Specification from /USR/newtprod/tyk/apps/app_api_oauth_v2_oauth2.json" 
time="Jan 10 08:46:04" level=info msg="Detected 1 APIs" 
time="Jan 10 08:46:04" level=info msg="Loading API configurations." 
time="Jan 10 08:46:04" level=info msg="--> Loading API: api_oauth_v2_oauth2" 
time="Jan 10 08:46:04" level=info msg="----> Tracking: (no host)" 
time="Jan 10 08:46:04" level=info msg="----> Checking security policy: OAuth" 
time="Jan 10 08:46:04" level=info msg="----> Setting Listen Path: /hub/v2/" 
time="Jan 10 08:46:04" level=info msg="Loading uptime tests..." 
time="Jan 10 08:46:04" level=info msg="Initialised API Definitions" 
time="Jan 10 08:46:04" level=info msg="API reload complete" 
time="Jan 10 08:59:24" level=info msg="Getting client ID:14b2ac609a35405169ee3804db1ab406" 
time="Jan 10 08:59:24" level=info msg="[OAuth] Generating new token" 
time="Jan 10 08:59:24" level=error msg="ERROR: Couldn't use policy or key rules to create token, failing"