gitee
/
spring-oauth-server
mirror of https://gitee.com/shengzhao/spring-oauth-server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

API, 样式, 功能完善

2.0.0
monkeyk7 2018-04-20 23:57:58 +08:00
parent cf0aa16c57
commit 985fb40582
8 changed files with 2875 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/com/monkeyk/sos/config/WebSecurityConfigurer.java
View File

@ -47,7 +47,8 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// http.csrf().disable()
http.csrf().ignoringAntMatchers("/oauth/authorize", "/oauth/token");
http.authorizeRequests()
.antMatchers("/public/**").permitAll()
.antMatchers("/static/**").permitAll()
@ -66,10 +67,6 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
.usernameParameter("oidc_user")
.passwordParameter("oidcPwd")
.and()
.csrf()
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize"))
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token"))
.disable()
.logout()
.logoutUrl("/signout")
.deleteCookies("JSESSIONID")

2
src/main/webapp/WEB-INF/jsp/decorators/main.jsp
View File

@ -5,7 +5,7 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib tagdir="/WEB-INF/tags" prefix="custom" %>
<%@ taglib tagdir="/WEB-INF/tags" prefix="tags" %>
<!DOCTYPE HTML>
<html>
<head>

72
src/main/webapp/WEB-INF/jsp/index.jsp
View File

@ -5,6 +5,7 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib tagdir="/WEB-INF/tags" prefix="tags" %>
<!DOCTYPE HTML>
<html>
<head>
@ -13,14 +14,18 @@
</head>
<body>
<h2>Spring Security&OAuth2 is work!</h2>
<p>
<a href="${contextPath}/login">Login</a>
&nbsp;|&nbsp;
<a href="${contextPath}/signout">Logout</a>
</p>
<h2>Spring Security&OAuth2
<small class="badge" title="Version">${mainVersion}</small>
</h2>
<div>
Logged: <span class="text-success">${SPRING_SECURITY_CONTEXT.authentication.principal.username}</span>
<form action="${contextPath}/signout" method="post">
<tags:csrf/>
<button class="btn btn-link" type="submit">Logout</button>
</form>
</div>
<br/>
<div>
操作说明:
<ol>
@ -32,7 +37,17 @@
<li>
<p>
菜单 Unity 与 Mobile 需要OAuth 验证后才能访问(即受保护的resource); <br/>
Unity 需要 [ROLE_UNITY] 权限, Mobile 需要 [ROLE_MOBILE] 权限.
Unity 需要 [ROLE_UNITY] 权限(resourceId:
<mark>unity-resource</mark>
), Mobile 需要 [ROLE_MOBILE] 权限(resourceId:
<mark>mobile-resource</mark>
).
</p>
</li>
<li>
<p>
在使用之前, 建议先了解OAuth2支持的5类<code>grant_type</code>, 请访问 <a href="http://andaily.com/blog/?p=103"
target="_blank">http://andaily.com/blog/?p=103</a>
</p>
</li>
<li>
@ -54,14 +69,49 @@
菜单
<ul>
<li>
<a href="${contextPath}/user/overview">User</a>
<p>
<a href="${contextPath}/static/api/SOS_API-2.0.html" target="_blank">API</a> <span
class="text-muted">- 查看提供的API文档</span>
</p>
</li>
<li>
<a href="${contextPath}/unity/dashboard">Unity</a>
<p>
<a href="client_details">client_details</a> <span class="text-muted">- 管理ClientDetails</span>
</p>
</li>
<li>
<a href="${contextPath}/m/dashboard">Mobile</a>
<p>
<a href="${contextPath}/user/overview">User</a> <span class="text-muted">- 管理User</span>
</p>
</li>
<li>
<p>
<a href="${contextPath}/unity/dashboard">Unity</a> <span class="text-muted">- Unity 资源(resource), 需要具有 [ROLE_UNITY] 权限(resourceId:
<mark>unity-resource</mark>才能访问</span>
</p>
</li>
<li>
<p>
<a href="${contextPath}/m/dashboard">Mobile</a> <span class="text-muted">- Mobile资源(resource), 需要具有 [ROLE_MOBILE] 权限(resourceId:
<mark>mobile-resource</mark>才能访问</span>
</p>
</li>
</ul>
<br/>
<div class="well well-sm">
<p>
<strong>说明</strong>: Unity与Mobile菜单需要先获取到<code>access_token</code>后才能正常访问; 可以尝试在URL后面任意添加access_token参数值试试效果,
<br/>
如: <a href="${contextPath}/m/dashboard?access_token=i_am_testing_access_token">${contextPath}/m/dashboard?access_token=i_am_testing_access_token</a>
</p>
<p>
请求受保护的资源时传递
<mark>Access Token</mark>
有两种方式, 方式一在URL参数中添加<code>access_token</code>, 方式二在请求的Header中添加 <em>Authorization</em>, 其值为 <em>bearer
your_access_token</em>
</p>
</div>
</body>
</html>

51
src/main/webapp/WEB-INF/jsp/login.jsp
View File

@ -5,6 +5,7 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib tagdir="/WEB-INF/tags" prefix="tags" %>
<!DOCTYPE HTML>
<html>
<head>
@ -14,9 +15,13 @@
<h2 class="page-header">OAuth Login</h2>
<div class="row">
<div class="col-md-4">
<form action="${pageContext.request.contextPath}/signin" method="post" class="form-horizontal">
<div class="col-md-6">
<div class="panel panel-default">
<div class="panel-body">
<form action="${pageContext.request.contextPath}/signin" method="post" class="form-horizontal">
<tags:csrf/>
<div class="form-group">
<label for="username" class="col-sm-3 control-label">Username</label>
@ -34,15 +39,55 @@
required="required" class="form-control"/>
</div>
</div>
<div class="form-group">
<label for="password" class="col-sm-3 control-label"></label>
<div class="col-sm-9">
<input type="submit" value="Login" class="btn btn-primary"/>
&nbsp;
<%--Login error--%>
<c:if test="${param.error eq '2'}"><span
class="label label-danger">Access denied !!!</span></c:if>
<c:if test="${param.error eq '1'}"><span
class="label label-danger">Authentication Failure</span></c:if>
</div>
</div>
</form>
</div>
</div>
</div>
<div class="col-md-6">
<p>你可以使用以下几个初始的账号进行登录:</p>
<table class="table table-bordered">
<thead>
<tr>
<th>Username</th>
<th>Password</th>
<th>Privileges</th>
</tr>
</thead>
<tbody>
<tr>
<td>admin</td>
<td>admin</td>
<td>All privileges, allow visit [Mobile] and [Unity] resources</td>
</tr>
<tr>
<td>unity</td>
<td>unity</td>
<td>Only allow visit [Unity] resource, support grant_type:
<em>authorization_code,refresh_token,implicit</em></td>
</tr>
<tr>
<td>mobile</td>
<td>mobile</td>
<td>Only allow visit [Mobile] resource, support grant_type: <em>password,refresh_token</em></td>
</tr>
</tbody>
</table>
</div>
</div>

650
src/main/webapp/static/api/SOS_API-0.5.html Normal file
View File

@ -0,0 +1,650 @@
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="shortcut icon" href="../favicon.ico" type="image/x-icon"/>
<link href="../bootstrap.min.css" rel="stylesheet"/>
<title>spring-oauth-server API</title>
<style>
body {
font-family: "Microsoft YaHei", Arial;
}
</style>
</head>
<body class="container">
<h2 class="page-header">spring-oauth-server
<small>V-0.5</small>
</h2>
<div class="alert alert-info">
<strong>说明</strong>: 本文档用于描述spring-oauth-server对外开发的接口(API)使用, 所有标记
<small class="badge">public</small>
的API都是公开的, 其他的API则需要获取
<mark>access_token</mark>
后可调用
</div>
<div class="row">
<div class="col-md-3">
<ul class="list-group">
<li class="list-group-item"><a href="#getAccessTokenPassword">获取access_token (grant_type=password)</a></li>
<li class="list-group-item"><a href="#getTokenAuthCode">获取access_token (grant_type=authorization_code)</a>
</li>
<li class="list-group-item"><a href="#getTokenCred">获取access_token (grant_type=client_credentials)</a></li>
<li class="list-group-item"><a href="#getTokenRest">获取access_token (Restful API)</a></li>
<li class="list-group-item"><a href="#refreshToken">刷新access_token (grant_type=refresh_token)</a></li>
<li class="list-group-item"><a href="#userInfoUnity">获取当前用户信息 (ROLE_UNITY)</a></li>
<li class="list-group-item"><a href="#userInfoMobile">获取当前用户信息 (ROLE_MOBILE)</a></li>
</ul>
</div>
<div class="col-md-9">
<div class="well well-sm" id="getAccessTokenPassword">
<h3>获取access_token (grant_type=password)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=password方式来获取access_token</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>password</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>用户名</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>用户密码</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=6361b08fdea6400f93b2eccda8936b32&client_secret=i4KXewMI0u6i8CFEZo10mB2rGzQRXrIv&grant_type=password&scope=read&username=mobile&password=mobile</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"1f60abaf-6c3f-45a8-a574-bbbe6f76083f","token_type":"bearer","expires_in":41769,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenAuthCode">
<h3>获取access_token (grant_type=authorization_code)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=authorization_code 方式来获取access_token, 需要先获取code</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>authorization_code</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>code</td>
<td>{code}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>redirect_uri</td>
<td>{redirect_uri}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=[code]&redirect_uri=[redirect_uri]</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"2c612eb7-a22b-45f0-8b2e-cd6f9e366772","token_type":"bearer","refresh_token":"6c984bdc-01c7-486f-93bf-5637990d8a37","expires_in":43199,"scope":"read
write"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid authorization code: vzmIh1"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenCred">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取access_token (grant_type=client_credentials)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=client_credentials 方式来获取access_token, 不需要username, password</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>client_credentials</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=client_credentials&scope=read</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e5ea7620-5459-4d53-a7a0-6888bbb76f62","token_type":"bearer","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenRest">
<h3>获取access_token (Restful API)
<small class="badge">public</small>
</h3>
<p class="text-muted">Restful API 获取access_token,
适用于grant_type为authorization_code,password,refresh_token,client_credentials</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/rest_token</code> <span
class="label label-warning">POST</span> <span class="label label-success">REST</span>
</p>
<p>
Content-Type:
<mark>application/json</mark>
</p>
<div>
请求Body参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>grant_type</td>
<td>{grant_type}</td>
<td></td>
<td>authorization_code,password,refresh_token,client_credentials</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
</tbody>
</table>
请求Body示例:
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read","username":"mobile","password":"mobile"}</code>
</p>
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read"}</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e2996930-8398-44fd-8de5-7d1b1624ced7","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43008,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Bad credentials"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="refreshToken">
<p class="pull-right"><a href="">返回</a></p>
<h3>刷新access_token (grant_type=refresh_token)
<small class="badge">public</small>
</h3>
<p class="text-muted">用于在access_token要过期时换取新的access_token (grant_type需要有refresh_token)</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>refresh_token</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>refresh_token</td>
<td>{refresh_token}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=refresh_token&refresh_token=1156ebfe-e303-4572-9fb5-4459a5d46610</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"b12cace6-7ce4-4fa8-b127-cf537d15b213","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid refresh token:
1156ebfe-e303-4572-9fb5-4459a5d46610"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoUnity">
<h3>获取当前用户信息 (ROLE_UNITY)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_UNITY 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/unity/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/unity/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"55b713df1c6f423e842ad68668523c49","archived":false,"username":"unity","phone":"","email":"unity@wdcy.cc","privileges":["UNITY"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoMobile">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取当前用户信息 (ROLE_MOBILE)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_MOBILE 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/m/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/m/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"612025cb3f964a64a48bbdf77e53c2c1","archived":false,"username":"mobile","phone":"","email":"mobile@wdcy.cc","privileges":["MOBILE"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<hr/>
<p class="text-center text-muted">
&copy; 2013 - 2016
<a href="mailto:sz@monkeyk.com">sz@monkeyk.com</a> from <a
href="https://gitee.com/shengzhao/spring-oauth-server" target="_blank">spring-oauth-server</a>
</p>
</div>
</div>
</body>
</html>

650
src/main/webapp/static/api/SOS_API-0.6.html Normal file
View File

@ -0,0 +1,650 @@
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="shortcut icon" href="../favicon.ico" type="image/x-icon"/>
<link href="../bootstrap.min.css" rel="stylesheet"/>
<title>spring-oauth-server API</title>
<style>
body {
font-family: "Microsoft YaHei", Arial;
}
</style>
</head>
<body class="container">
<h2 class="page-header">spring-oauth-server
<small>V-0.6</small>
</h2>
<div class="alert alert-info">
<strong>说明</strong>: 本文档用于描述spring-oauth-server对外开发的接口(API)使用, 所有标记
<small class="badge">public</small>
的API都是公开的, 其他的API则需要获取
<mark>access_token</mark>
后可调用
</div>
<div class="row">
<div class="col-md-3">
<ul class="list-group">
<li class="list-group-item"><a href="#getAccessTokenPassword">获取access_token (grant_type=password)</a></li>
<li class="list-group-item"><a href="#getTokenAuthCode">获取access_token (grant_type=authorization_code)</a>
</li>
<li class="list-group-item"><a href="#getTokenCred">获取access_token (grant_type=client_credentials)</a></li>
<li class="list-group-item"><a href="#getTokenRest">获取access_token (Restful API)</a></li>
<li class="list-group-item"><a href="#refreshToken">刷新access_token (grant_type=refresh_token)</a></li>
<li class="list-group-item"><a href="#userInfoUnity">获取当前用户信息 (ROLE_UNITY)</a></li>
<li class="list-group-item"><a href="#userInfoMobile">获取当前用户信息 (ROLE_MOBILE)</a></li>
</ul>
</div>
<div class="col-md-9">
<div class="well well-sm" id="getAccessTokenPassword">
<h3>获取access_token (grant_type=password)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=password方式来获取access_token</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>password</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>用户名</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>用户密码</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=6361b08fdea6400f93b2eccda8936b32&client_secret=i4KXewMI0u6i8CFEZo10mB2rGzQRXrIv&grant_type=password&scope=read&username=mobile&password=mobile</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"1f60abaf-6c3f-45a8-a574-bbbe6f76083f","token_type":"bearer","expires_in":41769,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenAuthCode">
<h3>获取access_token (grant_type=authorization_code)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=authorization_code 方式来获取access_token, 需要先获取code</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>authorization_code</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>code</td>
<td>{code}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>redirect_uri</td>
<td>{redirect_uri}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=[code]&redirect_uri=[redirect_uri]</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"2c612eb7-a22b-45f0-8b2e-cd6f9e366772","token_type":"bearer","refresh_token":"6c984bdc-01c7-486f-93bf-5637990d8a37","expires_in":43199,"scope":"read
write"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid authorization code: vzmIh1"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenCred">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取access_token (grant_type=client_credentials)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=client_credentials 方式来获取access_token, 不需要username, password</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>client_credentials</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=client_credentials&scope=read</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e5ea7620-5459-4d53-a7a0-6888bbb76f62","token_type":"bearer","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenRest">
<h3>获取access_token (Restful API)
<small class="badge">public</small>
</h3>
<p class="text-muted">Restful API 获取access_token,
适用于grant_type为authorization_code,password,refresh_token,client_credentials</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/rest_token</code> <span
class="label label-warning">POST</span> <span class="label label-success">REST</span>
</p>
<p>
Content-Type:
<mark>application/json</mark>
</p>
<div>
请求Body参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>grant_type</td>
<td>{grant_type}</td>
<td></td>
<td>authorization_code,password,refresh_token,client_credentials</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
</tbody>
</table>
请求Body示例:
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read","username":"mobile","password":"mobile"}</code>
</p>
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read"}</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e2996930-8398-44fd-8de5-7d1b1624ced7","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43008,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Bad credentials"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="refreshToken">
<p class="pull-right"><a href="">返回</a></p>
<h3>刷新access_token (grant_type=refresh_token)
<small class="badge">public</small>
</h3>
<p class="text-muted">用于在access_token要过期时换取新的access_token (grant_type需要有refresh_token)</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>refresh_token</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>refresh_token</td>
<td>{refresh_token}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=refresh_token&refresh_token=1156ebfe-e303-4572-9fb5-4459a5d46610</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"b12cace6-7ce4-4fa8-b127-cf537d15b213","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid refresh token:
1156ebfe-e303-4572-9fb5-4459a5d46610"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoUnity">
<h3>获取当前用户信息 (ROLE_UNITY)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_UNITY 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/unity/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/unity/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"55b713df1c6f423e842ad68668523c49","archived":false,"username":"unity","phone":"","email":"unity@wdcy.cc","privileges":["UNITY"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoMobile">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取当前用户信息 (ROLE_MOBILE)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_MOBILE 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/m/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/m/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"612025cb3f964a64a48bbdf77e53c2c1","archived":false,"username":"mobile","phone":"","email":"mobile@wdcy.cc","privileges":["MOBILE"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<hr/>
<p class="text-center text-muted">
&copy; 2013 - 2016
<a href="mailto:sz@monkeyk.com">sz@monkeyk.com</a> from <a
href="https://gitee.com/shengzhao/spring-oauth-server" target="_blank">spring-oauth-server</a>
</p>
</div>
</div>
</body>
</html>

722
src/main/webapp/static/api/SOS_API-1.0.html Normal file
View File

@ -0,0 +1,722 @@
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="shortcut icon" href="../favicon.ico" type="image/x-icon"/>
<link href="../bootstrap.min.css" rel="stylesheet"/>
<title>spring-oauth-server API</title>
<style>
body {
font-family: "Microsoft YaHei", Arial;
}
</style>
</head>
<body class="container-fluid">
<h2 class="page-header">spring-oauth-server
<small>V-1.0</small>
</h2>
<div class="alert alert-info">
<strong>说明</strong>: 本文档用于描述spring-oauth-server对外开发的接口(API)使用, 所有标记
<small class="badge">public</small>
的API都是公开的, 其他的API则需要获取
<mark>access_token</mark>
后可调用
</div>
<div class="row">
<div class="col-md-2">
<ul class="list-group">
<li class="list-group-item"><a href="#getAccessTokenPassword">获取access_token (grant_type=password)</a></li>
<li class="list-group-item"><a href="#getTokenAuthCode">获取access_token (grant_type=authorization_code)</a>
</li>
<li class="list-group-item"><a href="#getTokenCred">获取access_token (grant_type=client_credentials)</a></li>
<li class="list-group-item"><a href="#getTokenRest">获取access_token (Restful API)</a></li>
<li class="list-group-item"><a href="#verifyToken">校验access_token</a></li>
<li class="list-group-item"><a href="#refreshToken">刷新access_token (grant_type=refresh_token)</a></li>
<li class="list-group-item"><a href="#userInfoUnity">获取当前用户信息 (ROLE_UNITY)</a></li>
<li class="list-group-item"><a href="#userInfoMobile">获取当前用户信息 (ROLE_MOBILE)</a></li>
</ul>
</div>
<div class="col-md-10">
<div class="well well-sm" id="getAccessTokenPassword">
<h3>获取access_token (grant_type=password)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=password方式来获取access_token</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>password</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>用户名</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>用户密码</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=6361b08fdea6400f93b2eccda8936b32&client_secret=i4KXewMI0u6i8CFEZo10mB2rGzQRXrIv&grant_type=password&scope=read&username=mobile&password=mobile</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"1f60abaf-6c3f-45a8-a574-bbbe6f76083f","token_type":"bearer","expires_in":41769,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenAuthCode">
<h3>获取access_token (grant_type=authorization_code)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=authorization_code 方式来获取access_token, 需要先获取code</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>authorization_code</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>code</td>
<td>{code}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>redirect_uri</td>
<td>{redirect_uri}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=[code]&redirect_uri=[redirect_uri]</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"2c612eb7-a22b-45f0-8b2e-cd6f9e366772","token_type":"bearer","refresh_token":"6c984bdc-01c7-486f-93bf-5637990d8a37","expires_in":43199,"scope":"read
write"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid authorization code: vzmIh1"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenCred">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取access_token (grant_type=client_credentials)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=client_credentials 方式来获取access_token, 不需要username, password</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>client_credentials</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=client_credentials&scope=read</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e5ea7620-5459-4d53-a7a0-6888bbb76f62","token_type":"bearer","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenRest">
<h3>获取access_token (Restful API)
<small class="badge">public</small>
</h3>
<p class="text-muted">Restful API 获取access_token,
适用于grant_type为authorization_code,password,refresh_token,client_credentials</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/rest_token</code> <span
class="label label-warning">POST</span> <span class="label label-success">REST</span>
</p>
<p>
Content-Type:
<mark>application/json</mark>
</p>
<div>
请求Body参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>grant_type</td>
<td>{grant_type}</td>
<td></td>
<td>authorization_code,password,refresh_token,client_credentials</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
</tbody>
</table>
请求Body示例:
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read","username":"mobile","password":"mobile"}</code>
</p>
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read"}</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e2996930-8398-44fd-8de5-7d1b1624ced7","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43008,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Bad credentials"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="verifyToken">
<h3>校验access_token
<small class="badge">public</small>
</h3>
<p class="text-muted">校验, 检查access_token的有效性</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/check_token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>token</td>
<td>{access_token}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/check_token?token=e2996930-8398-44fd-8de5-7d1b1624ced7&client_id=mobile-client</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"aud":["mobile-resource"],"exp":1505878459,"user_name":"mobile","authorities":["ROLE_MOBILE","ROLE_USER"],"client_id":"mobile-client","scope":["read","write"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_token","error_description":"Token was not recognised"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="refreshToken">
<p class="pull-right"><a href="">返回</a></p>
<h3>刷新access_token (grant_type=refresh_token)
<small class="badge">public</small>
</h3>
<p class="text-muted">用于在access_token要过期时换取新的access_token (grant_type需要有refresh_token)</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>refresh_token</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>refresh_token</td>
<td>{refresh_token}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=refresh_token&refresh_token=1156ebfe-e303-4572-9fb5-4459a5d46610</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"b12cace6-7ce4-4fa8-b127-cf537d15b213","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid refresh token:
1156ebfe-e303-4572-9fb5-4459a5d46610"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoUnity">
<h3>获取当前用户信息 (ROLE_UNITY)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_UNITY 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/unity/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/unity/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"55b713df1c6f423e842ad68668523c49","archived":false,"username":"unity","phone":"","email":"unity@wdcy.cc","privileges":["UNITY"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoMobile">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取当前用户信息 (ROLE_MOBILE)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_MOBILE 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/m/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/m/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"612025cb3f964a64a48bbdf77e53c2c1","archived":false,"username":"mobile","phone":"","email":"mobile@wdcy.cc","privileges":["MOBILE"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<hr/>
<p class="text-center text-muted">
&copy; 2013 - 2017
<a href="mailto:sz@monkeyk.com">sz@monkeyk.com</a> from <a
href="https://gitee.com/shengzhao/spring-oauth-server" target="_blank">spring-oauth-server</a>
</p>
</div>
</div>
</body>
</html>

720
src/main/webapp/static/api/SOS_API-2.0.html Normal file
View File

@ -0,0 +1,720 @@
<!DOCTYPE html>
<html>
<head lang="en">
<meta charset="UTF-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1"/>
<link rel="shortcut icon" href="../favicon.ico" type="image/x-icon"/>
<link href="../bootstrap.min.css" rel="stylesheet"/>
<title>spring-oauth-server API</title>
<style>
body {
font-family: "Microsoft YaHei", Arial;
}
</style>
</head>
<body class="container-fluid">
<h2 class="page-header">spring-oauth-server
<small>2.0.0</small>
</h2>
<div class="alert alert-info">
<strong>说明</strong>: 本文档用于描述spring-oauth-server对外开发的接口(API)使用, 所有标记
<small class="badge">public</small>
的API都是公开的, 其他的API则需要获取
<mark>access_token</mark>
后可调用
</div>
<div class="row">
<div class="col-md-2">
<ul class="list-group">
<li class="list-group-item"><a href="#getAccessTokenPassword">获取access_token (grant_type=password)</a></li>
<li class="list-group-item"><a href="#getTokenAuthCode">获取access_token (grant_type=authorization_code)</a>
</li>
<li class="list-group-item"><a href="#getTokenCred">获取access_token (grant_type=client_credentials)</a></li>
<li class="list-group-item"><a href="#getTokenRest">获取access_token (Restful API)</a></li>
<li class="list-group-item"><a href="#verifyToken">校验access_token</a></li>
<li class="list-group-item"><a href="#refreshToken">刷新access_token (grant_type=refresh_token)</a></li>
<li class="list-group-item"><a href="#userInfoUnity">获取当前用户信息 (ROLE_UNITY)</a></li>
<li class="list-group-item"><a href="#userInfoMobile">获取当前用户信息 (ROLE_MOBILE)</a></li>
</ul>
</div>
<div class="col-md-10">
<div class="well well-sm" id="getAccessTokenPassword">
<h3>获取access_token (grant_type=password)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=password方式来获取access_token</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>password</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>用户名</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>用户密码</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=6361b08fdea6400f93b2eccda8936b32&client_secret=i4KXewMI0u6i8CFEZo10mB2rGzQRXrIv&grant_type=password&scope=read&username=mobile&password=mobile</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"1f60abaf-6c3f-45a8-a574-bbbe6f76083f","token_type":"bearer","expires_in":41769,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenAuthCode">
<h3>获取access_token (grant_type=authorization_code)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=authorization_code 方式来获取access_token, 需要先获取code</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>authorization_code</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>code</td>
<td>{code}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>redirect_uri</td>
<td>{redirect_uri}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=[code]&redirect_uri=[redirect_uri]</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"2c612eb7-a22b-45f0-8b2e-cd6f9e366772","token_type":"bearer","refresh_token":"6c984bdc-01c7-486f-93bf-5637990d8a37","expires_in":43199,"scope":"read
write"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid authorization code: vzmIh1"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenCred">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取access_token (grant_type=client_credentials)
<small class="badge">public</small>
</h3>
<p class="text-muted">使用grant_type=client_credentials 方式来获取access_token, 不需要username, password</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>client_credentials</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=client_credentials&scope=read</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e5ea7620-5459-4d53-a7a0-6888bbb76f62","token_type":"bearer","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Bad client credentials&lt;/error_description&gt;&lt;error&gt;invalid_client&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="getTokenRest">
<h3>获取access_token (Restful API)
<small class="badge">public</small>
</h3>
<p class="text-muted">Restful API 获取access_token,
适用于grant_type为authorization_code,password,refresh_token,client_credentials</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/rest_token</code> <span
class="label label-warning">POST</span> <span class="label label-success">REST</span>
</p>
<p>
Content-Type:
<mark>application/json</mark>
</p>
<div>
请求Body参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>grant_type</td>
<td>{grant_type}</td>
<td></td>
<td>authorization_code,password,refresh_token,client_credentials</td>
</tr>
<tr>
<td>scope</td>
<td>{scope}</td>
<td></td>
<td>read or write</td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>username</td>
<td>{username}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
<tr>
<td>password</td>
<td>{password}</td>
<td></td>
<td>grant_type=password时必须有</td>
</tr>
</tbody>
</table>
请求Body示例:
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read","username":"mobile","password":"mobile"}</code>
</p>
<p>
<code>{"client_id":"test1234","client_secret":"test1234","grant_type":"password","scope":"read"}</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"e2996930-8398-44fd-8de5-7d1b1624ced7","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43008,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Bad credentials"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="verifyToken">
<h3>校验access_token
<small class="badge">public</small>
</h3>
<p class="text-muted">校验, 检查access_token的有效性</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/check_token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>token</td>
<td>{access_token}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/check_token?token=e2996930-8398-44fd-8de5-7d1b1624ced7&client_id=mobile-client</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"aud":["mobile-resource"],"exp":1505878459,"user_name":"mobile","authorities":["ROLE_MOBILE","ROLE_USER"],"client_id":"mobile-client","scope":["read","write"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_token","error_description":"Token was not recognised"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="refreshToken">
<p class="pull-right"><a href="">返回</a></p>
<h3>刷新access_token (grant_type=refresh_token)
<small class="badge">public</small>
</h3>
<p class="text-muted">用于在access_token要过期时换取新的access_token (grant_type需要有refresh_token)</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/oauth/token</code> <span
class="label label-warning">POST</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td>client_id</td>
<td>{client_id}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>client_secret</td>
<td>{client_secret}</td>
<td></td>
<td></td>
</tr>
<tr>
<td>grant_type</td>
<td>refresh_token</td>
<td></td>
<td>固定值</td>
</tr>
<tr>
<td>refresh_token</td>
<td>{refresh_token}</td>
<td></td>
<td></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/oauth/token?client_id=test1234&client_secret=test1234&grant_type=refresh_token&refresh_token=1156ebfe-e303-4572-9fb5-4459a5d46610</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"access_token":"b12cace6-7ce4-4fa8-b127-cf537d15b213","token_type":"bearer","refresh_token":"2b2de701-53e7-4b57-8301-e4a06ee49698","expires_in":43199,"scope":"read"}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
{"error":"invalid_grant","error_description":"Invalid refresh token:
1156ebfe-e303-4572-9fb5-4459a5d46610"}
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoUnity">
<h3>获取当前用户信息 (ROLE_UNITY)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_UNITY 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/unity/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/unity/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"55b713df1c6f423e842ad68668523c49","archived":false,"username":"unity","phone":"","email":"unity@wdcy.cc","privileges":["UNITY"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
<div class="well well-sm" id="userInfoMobile">
<p class="pull-right"><a href="">返回</a></p>
<h3>获取当前用户信息 (ROLE_MOBILE)</h3>
<p class="text-muted">使用access_token获取用户信息, 需要有 ROLE_MOBILE 权限</p>
<ul class="list-group">
<li class="list-group-item">
<p>
请求URI: <code>/m/user_info</code> <span
class="label label-info">GET</span>
</p>
<div>
请求参数说明:
<table class="table table-bordered">
<thead>
<tr>
<th>参数名</th>
<th>参数值</th>
<th>必须?</th>
<th>备注</th>
</tr>
</thead>
<tbody>
<tr>
<td colspan="4"></td>
</tr>
</tbody>
</table>
请求示例:
<p>
<code>http://localhost:8080/spring-oauth-server/m/user_info?access_token=b12cace6-7ce4-4fa8-b127-cf537d15b213</code>
</p>
</div>
<br/>
<strong>响应</strong>
<ul class="list-group">
<li class="list-group-item">
<p>
正常 [200]<br/>
<mark>
{"guid":"612025cb3f964a64a48bbdf77e53c2c1","archived":false,"username":"mobile","phone":"","email":"mobile@wdcy.cc","privileges":["MOBILE"]}
</mark>
</p>
</li>
<li class="list-group-item">
<p>
异常 [401]<br/>
<mark>
&lt;oauth&gt;&lt;error_description&gt;Invalid access token:
2c612eb7-a22b-45f0-8b2e-cd6f9e3667722&lt;/error_description&gt;&lt;error&gt;invalid_token&lt;/error&gt;&lt;/oauth&gt;
</mark>
</p>
</li>
</ul>
</li>
</ul>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<hr/>
<p class="text-center text-muted">
&copy; 2013 - 2018 <a href="https://gitee.com/shengzhao/spring-oauth-server" target="_blank">spring-oauth-server</a>
</p>
</div>
</div>
</body>
</html>