From 1c248fc41371e3ca44cd5cc90a1086b78febdd70 Mon Sep 17 00:00:00 2001 From: "shengzhaoli.shengz" Date: Fri, 20 Oct 2023 16:54:05 +0800 Subject: [PATCH] update SOS_API-3.0.0.html --- .../resources/static/api/SOS_API-3.0.0.html | 281 +++++++++++------- 1 file changed, 173 insertions(+), 108 deletions(-) diff --git a/src/main/resources/static/api/SOS_API-3.0.0.html b/src/main/resources/static/api/SOS_API-3.0.0.html index 66df1c7..a6c9281 100644 --- a/src/main/resources/static/api/SOS_API-3.0.0.html +++ b/src/main/resources/static/api/SOS_API-3.0.0.html @@ -34,7 +34,6 @@
  • 获取access_token (grant_type=client_credentials)
  • 刷新access_token (grant_type=refresh_token)
    • -
  • 获取access_token (Restful API)
  • 检查token (/oauth2/introspect)
  • 撤销token (/oauth2/revoke)
  • [device_code]流程 - 发起认证(/oauth2/device_authorization) @@ -341,111 +340,6 @@ -
    -

    获取access_token (Restful API) - public -

    - -

    Restful API 获取access_token, - 适用于grant_type为authorization_code,refresh_token,client_credentials

    - -
      -
    • -

      - 请求URI: /oauth2/rest_token POST REST -

      - -

      - Content-Type: - application/json -

      -
      - 请求Body参数说明: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
      参数名参数值必须?备注
      grant_type{grant_type}authorization_code,refresh_token,client_credentials
      scope{scope}如: openid
      client_id{client_id}
      client_secret{client_secret}
      device_code{device_code}grant_type=urn:ietf:params:oauth:grant-type:device_code 时必须有
      code_verifier{code_verifier}PKCE时必须
      - 请求Body示例: -

      - {"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read","username":"mobile","password":"mobile"} -

      - 或 -

      - {"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read"} -

      - -
      -
      - - 响应 - -
        -
      • -

        - 正常 [200]
        - - {"access_token":"e2996930-8398-44fd-8de5-7d1b1624ced7","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43008,"scope":"read"} - -

        -
        • -
      • -

        - 异常 [401]
        - - {"error":"invalid_grant","error_description":"Bad credentials"} - -

        -
        • -
      -
      • -
    -
    -

    检查token (/oauth2/introspect) public @@ -618,7 +512,7 @@

    -

    [device_code]流程 - 发起认证(/oauth2/device_authorization)

    +

    [device_code]流程 - 发起认证(/oauth2/device_authorization)public

    发起认证, 获取user_code, device_code等信息

    @@ -700,7 +594,7 @@
    -

    [device_code]流程 - 获取token(/oauth2/token)

    +

    [device_code]流程 - 获取token(/oauth2/token)public

    设备上轮循调用, 获取token

    @@ -790,6 +684,177 @@
    +
    +

    OIDC /userinfo

    + +

    客户端带上access_token获取用户信息

    + +
      +
    • +

      + 请求URI: /userinfo GET +

      + +
      + 请求参数说明: + + + + + + + + + + + + + + +
      参数名参数值必须?备注
      + 请求示例: + 
      curl --location 'http://localhost:8080/userinfo' \
+--header 'Content-Type: application/json' \
+--header 'Authorization: Bearer eyJraWQiOiJzb3MtcnNhLWtpZDIiLCJhbGciOiJSUzI1NiJ9.eyJzdWI...'
      + +
      +
      + + 响应 + +
        +
      • +
        + 正常 [200]
        + 
        {
+    "sub": "unity",
+    "updated_at": 0,
+    "nickname": ""
+}
        +
        +
        • +
      • +
        + 异常 [401]
        + 
        
+                            
        
+                        
        • 
+                    
      
+                
      • 
+            
    
+        
    
+
+        
    
+            
    OIDC /openid-configurationpublic
    
+
+            
    OIDC well-known API
    
+
+            
      
+                
    • 
+                    
      
+                        请求URI: /.well-known/openid-configuration GET
+                    
      
+
+                    
      
+                        请求参数说明:
+                        
+                            
+                            
+                                
+                                
+                                
+                                
+                            
+                            
+                            
+                            
+                                
+                            
+                            
+                        
      参数名参数值必须?备注
      
+                        请求示例:
+                        
      curl --location 'http://localhost:8080/.well-known/openid-configuration' \
+--header 'Content-Type: application/json' \
+--header 'Authorization: Bearer eyJraWQiOiJzb3MtcnNhLWtpZDIiLCJhbGciOiJSUzI1NiJ9.eyJzdWIi...'
      
+
+                    
      
+                    
      
+
+                    响应
+
+                    
        
+                        
      • 
+                            
        
+                                正常 [200]
        
+                                
        {
+    "issuer": "http://127.0.0.1:8080",
+    "authorization_endpoint": "http://127.0.0.1:8080/oauth2/authorize",
+    "device_authorization_endpoint": "http://127.0.0.1:8080/oauth2/device_authorization",
+    "token_endpoint": "http://127.0.0.1:8080/oauth2/token",
+    "token_endpoint_auth_methods_supported": [
+        "client_secret_basic",
+        "client_secret_post",
+        "client_secret_jwt",
+        "private_key_jwt"
+    ],
+    "jwks_uri": "http://127.0.0.1:8080/oauth2/jwks",
+    "userinfo_endpoint": "http://127.0.0.1:8080/userinfo",
+    "end_session_endpoint": "http://127.0.0.1:8080/connect/logout",
+    "response_types_supported": [
+        "code"
+    ],
+    "grant_types_supported": [
+        "authorization_code",
+        "client_credentials",
+        "refresh_token",
+        "urn:ietf:params:oauth:grant-type:device_code",
+        "password",
+        "urn:ietf:params:oauth:grant-type:jwt-bearer"
+    ],
+    "revocation_endpoint": "http://127.0.0.1:8080/oauth2/revoke",
+    "revocation_endpoint_auth_methods_supported": [
+        "client_secret_basic",
+        "client_secret_post",
+        "client_secret_jwt",
+        "private_key_jwt"
+    ],
+    "introspection_endpoint": "http://127.0.0.1:8080/oauth2/introspect",
+    "introspection_endpoint_auth_methods_supported": [
+        "client_secret_basic",
+        "client_secret_post",
+        "client_secret_jwt",
+        "private_key_jwt"
+    ],
+    "subject_types_supported": [
+        "public"
+    ],
+    "id_token_signing_alg_values_supported": [
+        "RS256",
+        "ES256"
+    ],
+    "scopes_supported": [
+        "openid",
+        "profile",
+        "email",
+        "address",
+        "phone"
+    ]
+}
        
+                            
        
+                        
        • 
+                        
      • 
+                            
        
+                                异常 [400]
        
+                                
        
+                            
        
+                        
        • 
+                    
      
+                
      • 
+            
    
+        
    
+