/oauth2/rest_token API
shengzhaoli.shengz
parent
0165e92efc
commit
a00edf2154
|
|
@ -34,6 +34,7 @@
|
|||
</li>
|
||||
<li class="list-group-item"><a href="#getTokenCred">获取access_token (grant_type=client_credentials)</a></li>
|
||||
<li class="list-group-item"><a href="#refreshToken">刷新access_token (grant_type=refresh_token)</a></li>
|
||||
<li class="list-group-item"><a href="#getTokenRest">获取access_token (Restful API)</a></li>
|
||||
<li class="list-group-item"><a href="#verifyToken">检查token (/oauth2/introspect)</a></li>
|
||||
<li class="list-group-item"><a href="#revokeToken">撤销token (/oauth2/revoke)</a></li>
|
||||
<li class="list-group-item"><a href="#deviceAuthor">[device_code]流程 - 发起认证(/oauth2/device_authorization)</a>
|
||||
|
|
@ -340,6 +341,132 @@
|
|||
</ul>
|
||||
</div>
|
||||
|
||||
<div class="well well-sm" id="getTokenRest">
|
||||
<h3>获取access_token (Restful API)
|
||||
<small class="badge">public</small>
|
||||
</h3>
|
||||
|
||||
<p class="text-muted">Restful API 获取access_token,
|
||||
适用于grant_type为authorization_code,refresh_token,client_credentials</p>
|
||||
|
||||
<ul class="list-group">
|
||||
<li class="list-group-item">
|
||||
<p>
|
||||
请求URI: <code>/oauth2/rest_token</code> <span
|
||||
class="label label-warning">POST</span> <span class="label label-success">REST</span>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
Content-Type:
|
||||
<mark>application/json</mark>
|
||||
</p>
|
||||
<div>
|
||||
请求Body参数说明:
|
||||
<table class="table table-bordered">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>参数名</th>
|
||||
<th>参数值</th>
|
||||
<th>必须?</th>
|
||||
<th>备注</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>grant_type</td>
|
||||
<td>{grant_type}</td>
|
||||
<td>是</td>
|
||||
<td>authorization_code,refresh_token,client_credentials</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>scope</td>
|
||||
<td>{scope}</td>
|
||||
<td>是</td>
|
||||
<td>如 openid</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>client_id</td>
|
||||
<td>{client_id}</td>
|
||||
<td>是</td>
|
||||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>client_secret</td>
|
||||
<td>{client_secret}</td>
|
||||
<td>是</td>
|
||||
<td></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>code</td>
|
||||
<td>{code}</td>
|
||||
<td>否</td>
|
||||
<td>grant_type=authorization_code时必须有</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>code_verifier</td>
|
||||
<td>{code_verifier}</td>
|
||||
<td>否</td>
|
||||
<td>grant_type=authorization_code + PKCE时必须有</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>refresh_token</td>
|
||||
<td>{refresh_token}</td>
|
||||
<td>否</td>
|
||||
<td>grant_type=refresh_token时必须有</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
请求Body示例:
|
||||
<pre>{
|
||||
"client_id": "cRG45sAr1hJ2SSKzmB5UsjPIgd7VVlM0",
|
||||
"client_secret": "cRG45sAr1hJ2SSKzmB5UsjPIgd7VVlM0",
|
||||
"grant_type": "authorization_code",
|
||||
"redirect_uri": "https://andaily.com/oauth2/callback",
|
||||
"scope": "openid profile",
|
||||
"code": "AL-Q-OUhhgDrG-x-nFCKILadiBA2gTgvnDYh4AaPuviiQYqPTzLl-BVDXH2VNILS4X3qnDhC7rGaiWY9Qdm9SUTAvttaSXox_g_V8Qn27PeI21xv3RFkGE21BJJWdaUB",
|
||||
"code_verifier": "UUdEMjhQMG1OZkF0NEFNcW12TmdOanVnaHpWeHREMGI="
|
||||
}</pre>
|
||||
或
|
||||
<pre>{
|
||||
"client_id": "cRG45sAr1hJ2SSKzmB5UsjPIgd7VVlM0",
|
||||
"client_secret": "cRG45sAr1hJ2SSKzmB5UsjPIgd7VVlM0",
|
||||
"grant_type": "refresh_token",
|
||||
"refresh_token": "-ETmWRoPkWvH2bC4ufB2fZwyeXXaqwmUq17zS_vEGGHb9dHnXd1W8HRZnUCEP03kJEn0IQ5w8E6jyAYb_oDC3iTgbT0OwRmIbnKWbcqbp5uxjB4RpNKBtyUMxax-EU1_"
|
||||
}</pre>
|
||||
|
||||
</div>
|
||||
<br/>
|
||||
|
||||
<strong>响应</strong>
|
||||
|
||||
<ul class="list-group">
|
||||
<li class="list-group-item">
|
||||
<div>
|
||||
正常 [200]<br/>
|
||||
<pre>{
|
||||
"access_token": "eyJraWQiOiJzb3MtcnNhLWtpZDIiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImF1ZCI6ImNSRzQ1c0FyMWhKMlNTS3ptQjVVc2pQSWdkN1ZWbE0wIiwibmJmIjoxNjk4NzUyNTQzLCJzY29wZSI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiXSwiaXNzIjoiaHR0cDovLzEyNy4wLjAuMTo4MDgwIiwiZXhwIjoxNjk4NzU2MTQzLCJpYXQiOjE2OTg3NTI1NDMsImp0aSI6IjU3MDA1MDQ1Nzc1MzMwMTI1OTYyMjIzNzUxNjE2MjE1In0.PlrUmTd5DUq10Sj-p2MZYoQuciVLixnsUT-RMah1eHLBvVlP4YsoCOgvzlFQQLVT8TRv-XM8JIJQCo0o151ZHhGmDzaWHEsDdPGlJvWL959LbZjw8f3BR8MvMGaBgjjMV6uWgY_nZBTef10KwWsZZwrVtR25n_qHk9SZkyFDzI6Bk7S6BvlOMFNYp80Ik8khRTwYphFykBtQQE9D8wzR59YuLP6aQVfbU8gkM6aNYmV7vYELtoQqI_Co9pOCC1Fwb7Ae-qgQzknr_FsARoui9cIgSBk7r0i5v-1fKXFC8I1idtuw-CA9GGXqNPoohDpV-e1AkygT1rbhuYavuNnv-g",
|
||||
"refresh_token": "L_3boxXBZFbA2odSvrrMD9tku58L_MkIAcnP8ahP2OhpuZIYDHFPqGNr0rHuhuM_1zeXu8cLKCIMsoS8leL9ZvIBJ2h84ZXs5PgcNX2jZPCedpMwTN6pKZe236Sz1Y0j",
|
||||
"scope": "openid profile email",
|
||||
"id_token": "eyJraWQiOiJzb3MtZWNjLWtpZDEiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImlzcyI6Imh0dHA6Ly8xMjcuMC4wLjE6ODA4MCIsInNpZCI6IjN3a3JXR3NucHg5SW9aQXd2d09sbkQyZ0RhTVNBSWZaazBkY2VLeHZlaVkiLCJhdWQiOiJjUkc0NXNBcjFoSjJTU0t6bUI1VXNqUElnZDdWVmxNMCIsInVwZGF0ZWRfYXQiOjAsImF6cCI6ImNSRzQ1c0FyMWhKMlNTS3ptQjVVc2pQSWdkN1ZWbE0wIiwiYXV0aF90aW1lIjoxNjk4NzUyMzQ3LCJuaWNrbmFtZSI6IiIsImV4cCI6MTY5ODc1NDM0MywiaWF0IjoxNjk4NzUyNTQzLCJqdGkiOiIyNDc3NTYyNjQxMDEwMTQxNTEyNzMwMjQ0MDQ4OTMzMyIsImVtYWlsIjoiYWRtaW5AYW5kYWlseS5jb20ifQ.k8zdBJE9aq-Tp_rz_ssUrTBxV4e8ZpKOn10s71j6xjGp7kZq1RiATrU8t00wx1RNRC4E1V62nTeYpJuTy4mdlA",
|
||||
"token_type": "Bearer",
|
||||
"expires_in": 3599
|
||||
}</pre>
|
||||
<p class="help-block">根据不同的grant_type, 返回的结果不同</p>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div>
|
||||
异常 [400]或[401]<br/>
|
||||
<pre>{
|
||||
"error": "invalid_grant"
|
||||
}</pre>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<div class="well well-sm" id="verifyToken">
|
||||
<h3>检查token (/oauth2/introspect)
|
||||
<small class="badge">public</small>
|
||||
|
|
@ -837,6 +964,7 @@
|
|||
"updated_at": 0,
|
||||
"nickname": ""
|
||||
}</pre>
|
||||
<p class="help-block">具体有哪些属性值由<code>scope</code>范围来决定</p>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
|
|
|
|||
Loading…
Reference in New Issue