ElyBy-Mirror/oauth2-server
1
0
Fork 0
mirror of https://github.com/elyby/oauth2-server.git synced 2025-01-31 07:49:30 +05:30
Code Issues Packages Projects Releases Wiki Activity

Update auth-server-which-grant.md

Browse Source
This commit is contained in:
Leevi Graham 2014-11-06 17:18:02 +11:00
parent 51d11f6740
commit ca2e4c71e6
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
auth-server-which-grant.md
View File

@ -90,7 +90,7 @@ This grant is suitable for trusted clients such as a services own mobile clie
~~~ php
$clientCredentials = new League\OAuth2\Server\Grant\ClientCredentialsGrant();
server->addGrantType($clientCredentials);
$server->addGrantType($clientCredentials);
~~~
This grant is similar to the resource owner credentials grant except only the clients credentials are used to authenticate a request for an access token. Again this grant should only be allowed to be used by trusted clients.
@ -112,4 +112,4 @@ The OAuth 2.0 specification also details a fifth grant which can be used to “r
Authorisation servers which support this grant will also issue a “refresh token” when it returns an access token to a client. When the access token expires instead of sending the user back through the authorisation code grant the client can use to the refresh token to retrieve a new access token with the same permissions as the old one.
A problem with the grant is that it means the client has to maintain state of each token and then either on a cron job keep access tokens up to date or when it tries to make a request and it fails then go and update the access token and repeat the request.
A problem with the grant is that it means the client has to maintain state of each token and then either on a cron job keep access tokens up to date or when it tries to make a request and it fails then go and update the access token and repeat the request.