donglingsai2880 2017-12-17 14:40
浏览 83

hydra-使用curl创建策略因范围无效而失败

I have successfully configured ory/hydra OAUTH server and it seems to be working well. However, I am trying to create a policy using "curl" instead of the provided CLI and am running into an error:

{"error":{"code":500,"message":"A validator returned an error: The requested scope is invalid, unknown, or malformed"}}

The error, unfortunately, is not detailed enough to allow me to determine a root cause.

Here is the request that I am issuing via curl:

curl -k -X POST -H Authorization: bearer aValidBearerToken \
    -d {"id":"policy-001", "description":"some description", "subjects":["aValidClient"], "actions":["read"], "effect":"allow", "resources":["aResource"] } \
    https://localhost:4444/policies

Also, I have verified that I have a valid bearer token.

Any ideas are appreciated!

  • 写回答

1条回答 默认 最新

  • douci1196 2017-12-17 15:52
    关注

    I found out the issue -- as the error message stated, I have an invalid scope, which could only be caused by the bearer token being generated with an invalid scope. Sure enough, I had created the bearer token with the scope 

    "hydra.clients"

    and it should have been:

    "hydra hydra.clients"

    The added "hydra" allowed the permission to create policies which was not available with the previously defined scope "hydra.clients" (which only allowed clients to be created)

    评论

报告相同问题?

悬赏问题

  • ¥15 BP神经网络控制倒立摆
  • ¥20 要这个数学建模编程的代码 并且能完整允许出来结果 完整的过程和数据的结果
  • ¥15 html5+css和javascript有人可以帮吗?图片要怎么插入代码里面啊
  • ¥30 Unity接入微信SDK 无法开启摄像头
  • ¥20 有偿 写代码 要用特定的软件anaconda 里的jvpyter 用python3写
  • ¥20 cad图纸,chx-3六轴码垛机器人
  • ¥15 移动摄像头专网需要解vlan
  • ¥20 access多表提取相同字段数据并合并
  • ¥20 基于MSP430f5529的MPU6050驱动,求出欧拉角
  • ¥20 Java-Oj-桌布的计算